public ValueBuffer GeneratePublicKey(ValueBuffer privateKey)
{
Span <byte> resultBuffer = stackalloc byte[ScalarSize];
Span <byte> privateKeyBuffer = stackalloc byte[privateKey.Length];
privateKey.CopyTo(privateKeyBuffer);
GeneratePublicKey(privateKeyBuffer, 0, resultBuffer, 0);
return(resultBuffer);
}
public ValueBuffer GenerateSharedSecret(ValueBuffer privateKey, ValueBuffer publicKey)
{
Span <byte> resultBuffer = stackalloc byte[ScalarSize];
Span <byte> privateKeyBuffer = stackalloc byte[privateKey.Length];
Span <byte> publicKeyBuffer = stackalloc byte[publicKey.Length];
privateKey.CopyTo(privateKeyBuffer);
publicKey.CopyTo(publicKeyBuffer);
ScalarMult(privateKeyBuffer, 0, publicKeyBuffer, 0, resultBuffer, 0);
return(resultBuffer);
}
public ValueBuffer CreateVerifyData(ValueBuffer secret, ValueBuffer finishedHash)
{
Span <byte> resultBuffer = stackalloc byte[HashLength];
Span <byte> secretBuffer = stackalloc byte[secret.Length];
Span <byte> hashBuffer = stackalloc byte[finishedHash.Length];
secret.CopyTo(secretBuffer);
finishedHash.CopyTo(hashBuffer);
HkdfExpandLabel(secretBuffer, FinishedLabel, ReadOnlySpan <byte> .Empty, resultBuffer);
HkdfExtract(resultBuffer, hashBuffer, resultBuffer);
return(resultBuffer);
}
public bool VerifyHash(ValueBuffer hash, ReadOnlySpan <byte> signature)
{
var publicKey = certificate.GetRSAPublicKey();
if (publicKey == null)
{
throw new EncryptionException();
}
Span <byte> hashBuffer = stackalloc byte[hash.Length];
hash.CopyTo(hashBuffer);
return(publicKey.VerifyHash(hashBuffer, signature, hashAlgorithm, signaturePadding));
}
public (ValueBuffer Key, ValueBuffer Iv, ValueBuffer Hp, ValueBuffer Ku) CreatePacketSecrets(ValueBuffer secret)
{
Span <byte> keyBuffer = stackalloc byte[keySize];
Span <byte> hpBuffer = stackalloc byte[keySize];
Span <byte> kuBuffer = stackalloc byte[keySize];
Span <byte> ivBuffer = stackalloc byte[ivSize];
Span <byte> secretBuffer = stackalloc byte[secret.Length];
secret.CopyTo(secretBuffer);
HkdfExpandLabel(secretBuffer, QuicKeyLabel, ReadOnlySpan <byte> .Empty, keyBuffer); // key
HkdfExpandLabel(secretBuffer, QuicIvLabel, ReadOnlySpan <byte> .Empty, ivBuffer); // iv
HkdfExpandLabel(secretBuffer, QuicHeaderProtectionLabel, ReadOnlySpan <byte> .Empty, hpBuffer); // hp
HkdfExpandLabel(secretBuffer, QuicKeyUpdateLabel, ReadOnlySpan <byte> .Empty, kuBuffer); // ku
return(new ValueBuffer(keyBuffer), new ValueBuffer(ivBuffer), new ValueBuffer(hpBuffer), new ValueBuffer(kuBuffer));
}
public void SignHash(ValueBuffer hash, MemoryCursor cursor)
{
var privateKey = certificate.GetRSAPrivateKey();
if (privateKey == null)
{
throw new EncryptionException();
}
Span <byte> hashBuffer = stackalloc byte[hash.Length];
hash.CopyTo(hashBuffer);
var destination = cursor.PeekEnd();
if (!privateKey.TrySignHash(hashBuffer, destination.Span, hashAlgorithm, signaturePadding, out var written))
{
throw new EncryptionException();
}
cursor.Move(written);
}
private (ValueBuffer HandshakeSecret, ValueBuffer TrafficSecret, ValueBuffer Key, ValueBuffer Iv) CreateHandshakeSecrets(
ValueBuffer sharedSecret,
ValueBuffer helloHash,
ReadOnlySpan <byte> trafficLabel)
{
Span <byte> handshakeSecretBuffer = stackalloc byte[HashLength];
Span <byte> sharedSecretBuffer = stackalloc byte[sharedSecret.Length];
Span <byte> trafficSecretBuffer = stackalloc byte[HashLength];
Span <byte> helloHashBuffer = stackalloc byte[helloHash.Length];
Span <byte> keyBuffer = stackalloc byte[keySize];
Span <byte> ivBuffer = stackalloc byte[ivSize];
sharedSecret.CopyTo(sharedSecretBuffer);
helloHash.CopyTo(helloHashBuffer);
HkdfExpandLabel(earlySecret, DerivedLabel, emptyHash, handshakeSecretBuffer); // handshake secret
HkdfExtract(handshakeSecretBuffer, sharedSecretBuffer, handshakeSecretBuffer); // handshake secret
HkdfExpandLabel(handshakeSecretBuffer, trafficLabel, helloHashBuffer, trafficSecretBuffer); // traffic secret
HkdfExpandLabel(trafficSecretBuffer, KeyLabel, ReadOnlySpan <byte> .Empty, keyBuffer); // key
HkdfExpandLabel(trafficSecretBuffer, IvLabel, ReadOnlySpan <byte> .Empty, ivBuffer); // iv
return(new ValueBuffer(handshakeSecretBuffer), new ValueBuffer(trafficSecretBuffer), new ValueBuffer(keyBuffer), new ValueBuffer(ivBuffer));
}
private (ValueBuffer MasterSecret, ValueBuffer TrafficSecret, ValueBuffer Key, ValueBuffer Iv) CreateApplicationSecrets(
ValueBuffer handshakeSecret,
ValueBuffer handshakeHash,
ReadOnlySpan <byte> trafficLabel)
{
Span <byte> masterSecretBuffer = stackalloc byte[HashLength];
Span <byte> handshakeSecretBuffer = stackalloc byte[handshakeSecret.Length];
Span <byte> trafficSecretBuffer = stackalloc byte[HashLength];
Span <byte> handshakeHashBuffer = stackalloc byte[handshakeHash.Length];
Span <byte> keyBuffer = stackalloc byte[keySize];
Span <byte> ivBuffer = stackalloc byte[ivSize];
handshakeSecret.CopyTo(handshakeSecretBuffer);
handshakeHash.CopyTo(handshakeHashBuffer);
HkdfExpandLabel(handshakeSecretBuffer, DerivedLabel, emptyHash, masterSecretBuffer); // master secret
HkdfExtract(masterSecretBuffer, zeroBuffer, masterSecretBuffer); // master secret
HkdfExpandLabel(masterSecretBuffer, trafficLabel, handshakeHashBuffer, trafficSecretBuffer); // traffic secret
HkdfExpandLabel(trafficSecretBuffer, KeyLabel, ReadOnlySpan <byte> .Empty, keyBuffer); // key
HkdfExpandLabel(trafficSecretBuffer, IvLabel, ReadOnlySpan <byte> .Empty, ivBuffer); // iv
return(new ValueBuffer(masterSecretBuffer), new ValueBuffer(trafficSecretBuffer), new ValueBuffer(keyBuffer), new ValueBuffer(ivBuffer));
}
public void WriteBytes(MemoryCursor cursor)
{
var bytes = cursor.Move(32);
buffer.CopyTo(bytes.Span);
}
public void WriteBytes(MemoryCursor cursor)
{
using var context = ByteVector.StartVectorWriting(cursor, 0..32);
buffer.CopyTo(cursor);
}
