public void Rfc5869DeriveKeySpanOkmPotentiallyOverflowingValue() { byte[] ikm = new byte[20]; byte[] okm = new byte[8421505]; AssertExtensions.Throws <ArgumentException>( "output", () => HKDF.DeriveKey(HashAlgorithmName.SHA1, ikm, okm, Array.Empty <byte>(), Array.Empty <byte>())); }
public void Rfc5869OkmMaxSizePotentiallyOverflowingValue() { byte[] prk = new byte[20]; byte[] okm = new byte[8421505]; AssertExtensions.Throws <ArgumentException>( "output", () => HKDF.Expand(HashAlgorithmName.SHA1, prk, okm, Array.Empty <byte>())); }
public void Rfc5869OkmMaxSizePlusOne() { byte[] prk = new byte[20]; byte[] okm = new byte[20 * 255 + 1]; AssertExtensions.Throws <ArgumentException>( "output", () => HKDF.Expand(HashAlgorithmName.SHA1, prk, okm, Array.Empty <byte>())); }
public void Rfc5869DeriveKeySpanOkmMaxSizePlusOne() { byte[] ikm = new byte[20]; byte[] okm = new byte[20 * 255 + 1]; AssertExtensions.Throws <ArgumentException>( "output", () => HKDF.DeriveKey(HashAlgorithmName.SHA1, ikm, okm, Array.Empty <byte>(), Array.Empty <byte>())); }
public void testChainKeyDerivationV3() { byte[] seed = { 0x8a, 0xb7, 0x2d, 0x6f, 0x4c, 0xc5, 0xac, 0x0d, 0x38, 0x7e, 0xaf, 0x46, 0x33, 0x78, 0xdd, 0xb2, 0x8e, 0xdd, 0x07, 0x38, 0x5b, 0x1c, 0xb0, 0x12, 0x50, 0xc7, 0x15, 0x98, 0x2e, 0x7a, 0xd4, 0x8f }; byte[] messageKey = { /* 0x02*/ 0xbf, 0x51, 0xe9, 0xd7, 0x5e, 0x0e, 0x31, 0x03, 0x10, 0x51, 0xf8, 0x2a, 0x24, 0x91, 0xff, 0xc0, 0x84, 0xfa, 0x29, 0x8b, 0x77, 0x93, 0xbd, 0x9d, 0xb6, 0x20, 0x05, 0x6f, 0xeb, 0xf4, 0x52, 0x17 }; byte[] macKey = { 0xc6, 0xc7, 0x7d, 0x6a, 0x73, 0xa3, 0x54, 0x33, 0x7a, 0x56, 0x43, 0x5e, 0x34, 0x60, 0x7d, 0xfe, 0x48, 0xe3, 0xac, 0xe1, 0x4e, 0x77, 0x31, 0x4d, 0xc6, 0xab, 0xc1, 0x72, 0xe7, 0xa7, 0x03, 0x0b }; byte[] nextChainKey = { 0x28, 0xe8, 0xf8, 0xfe, 0xe5, 0x4b, 0x80, 0x1e, 0xef, 0x7c, 0x5c, 0xfb, 0x2f, 0x17, 0xf3, 0x2c, 0x7b, 0x33, 0x44, 0x85, 0xbb, 0xb7, 0x0f, 0xac, 0x6e, 0xc1, 0x03, 0x42, 0xa2, 0x46, 0xd1, 0x5d }; ChainKey chainKey = new ChainKey(HKDF.createFor(3), seed, 0); CollectionAssert.AreEqual(seed, chainKey.getKey()); CollectionAssert.AreEqual(messageKey, chainKey.getMessageKeys().getCipherKey()); CollectionAssert.AreEqual(macKey, chainKey.getMessageKeys().getMacKey()); CollectionAssert.AreEqual(nextChainKey, chainKey.getNextChainKey().getKey()); Assert.AreEqual <uint>(0, chainKey.getIndex()); Assert.AreEqual <uint>(0, chainKey.getMessageKeys().getCounter()); Assert.AreEqual <uint>(1, chainKey.getNextChainKey().getIndex()); Assert.AreEqual <uint>(1, chainKey.getNextChainKey().getMessageKeys().getCounter()); }
public void testChainKeyDerivationV3() { byte[] seed = { (byte)0x8a, (byte)0xb7, (byte)0x2d, (byte)0x6f, (byte)0x4c, (byte)0xc5, (byte)0xac, (byte)0x0d, (byte)0x38, (byte)0x7e, (byte)0xaf, (byte)0x46, (byte)0x33, (byte)0x78, (byte)0xdd, (byte)0xb2, (byte)0x8e, (byte)0xdd, (byte)0x07, (byte)0x38, (byte)0x5b, (byte)0x1c, (byte)0xb0, (byte)0x12, (byte)0x50, (byte)0xc7, (byte)0x15, (byte)0x98, (byte)0x2e, (byte)0x7a, (byte)0xd4, (byte)0x8f }; byte[] messageKey = { /* (byte) 0x02*/ (byte)0xbf, (byte)0x51, (byte)0xe9, (byte)0xd7, (byte)0x5e, (byte)0x0e, (byte)0x31, (byte)0x03,(byte)0x10, (byte)0x51, (byte)0xf8, (byte)0x2a, (byte)0x24,(byte)0x91, (byte)0xff, (byte)0xc0, (byte)0x84, (byte)0xfa,(byte)0x29, (byte)0x8b, (byte)0x77, (byte)0x93, (byte)0xbd,(byte)0x9d, (byte)0xb6, (byte)0x20, (byte)0x05, (byte)0x6f,(byte)0xeb, (byte)0xf4, (byte)0x52, (byte)0x17 }; byte[] macKey = { (byte)0xc6, (byte)0xc7, (byte)0x7d, (byte)0x6a, (byte)0x73, (byte)0xa3, (byte)0x54, (byte)0x33, (byte)0x7a, (byte)0x56, (byte)0x43, (byte)0x5e, (byte)0x34, (byte)0x60, (byte)0x7d, (byte)0xfe, (byte)0x48, (byte)0xe3, (byte)0xac, (byte)0xe1, (byte)0x4e, (byte)0x77, (byte)0x31, (byte)0x4d, (byte)0xc6, (byte)0xab, (byte)0xc1, (byte)0x72, (byte)0xe7, (byte)0xa7, (byte)0x03, (byte)0x0b }; byte[] nextChainKey = { (byte)0x28, (byte)0xe8, (byte)0xf8, (byte)0xfe, (byte)0xe5, (byte)0x4b, (byte)0x80, (byte)0x1e, (byte)0xef, (byte)0x7c, (byte)0x5c, (byte)0xfb, (byte)0x2f, (byte)0x17, (byte)0xf3, (byte)0x2c, (byte)0x7b, (byte)0x33, (byte)0x44, (byte)0x85, (byte)0xbb, (byte)0xb7, (byte)0x0f, (byte)0xac, (byte)0x6e, (byte)0xc1, (byte)0x03, (byte)0x42, (byte)0xa2, (byte)0x46, (byte)0xd1, (byte)0x5d }; ChainKey chainKey = new ChainKey(HKDF.createFor(3), seed, 0); Assert.IsTrue(StructuralComparisons.StructuralEqualityComparer.Equals(chainKey.getKey(), seed)); Assert.IsTrue(StructuralComparisons.StructuralEqualityComparer.Equals(chainKey.getMessageKeys().getCipherKey(), messageKey)); Assert.IsTrue(StructuralComparisons.StructuralEqualityComparer.Equals(chainKey.getMessageKeys().getMacKey(), macKey)); Assert.IsTrue(StructuralComparisons.StructuralEqualityComparer.Equals(chainKey.getNextChainKey().getKey(), nextChainKey)); Assert.IsTrue(chainKey.getIndex() == 0); Assert.IsTrue(chainKey.getMessageKeys().getCounter() == 0); Assert.IsTrue(chainKey.getNextChainKey().getIndex() == 1); Assert.IsTrue(chainKey.getNextChainKey().getMessageKeys().getCounter() == 1); }
public static byte[] KeyExpansion(int expandToLength, byte[] keyToExpand, string additionalData = "") { HashAlgorithmName algorithm = HashAlgorithmName.SHA256; using (var hkdf = new HKDF(HMACFactories.HMACSHA256, keyToExpand, additionalData.ToBytes())) { return(hkdf.GetBytes(expandToLength)); } }
public static byte[] KeyDerivation(int keyLengthInBytes, byte[] keyToExpand, int numberOfKeysToDerive) { HashAlgorithmName algorithm = HashAlgorithmName.SHA256; using (var hkdf = new HKDF(HMACFactories.HMACSHA256, keyToExpand)) { return(hkdf.GetBytes(keyLengthInBytes * numberOfKeysToDerive)); } }
void DeriveSubKey(byte[] materKey, byte[] salt, byte[] info, byte[] subkeyBuffer, int subKeyLength) { //Throw.IfNull(() => materKey); //Throw.IfNull(() => salt); //Throw.IfNull(() => info); var k = HKDF.DeriveKey(HashAlgorithmName.SHA1, materKey, subKeyLength, salt, info); Buffer.BlockCopy(k, 0, subkeyBuffer, 0, k.Length); }
public void NET() { Span <byte> output = stackalloc byte[82]; for (var i = 0; i < Max; ++i) { HKDF.DeriveKey(HashAlgorithmName.SHA256, _ikm, output, _salt, _info); } }
public void Rfc5869ExpandOutputLengthZero() { byte[] prk = new byte[20]; byte[] okm = new byte[0]; AssertExtensions.Throws <ArgumentException>( "output", () => HKDF.Expand(HashAlgorithmName.SHA1, prk, okm, Array.Empty <byte>())); }
public void testChainKeyDerivationV2() { byte[] seed = { 0x8a, 0xb7, 0x2d, 0x6f, 0x4c, 0xc5, 0xac, 0x0d, 0x38, 0x7e, 0xaf, 0x46, 0x33, 0x78, 0xdd, 0xb2, 0x8e, 0xdd, 0x07, 0x38, 0x5b, 0x1c, 0xb0, 0x12, 0x50, 0xc7, 0x15, 0x98, 0x2e, 0x7a, 0xd4, 0x8f }; byte[] messageKey = { 0x02, 0xa9, 0xaa, 0x6c, 0x7d, 0xbd, 0x64, 0xf9, 0xd3, 0xaa, 0x92, 0xf9, 0x2a, 0x27, 0x7b, 0xf5, 0x46, 0x09, 0xda, 0xdf, 0x0b, 0x00, 0x82, 0x8a, 0xcf, 0xc6, 0x1e, 0x3c, 0x72, 0x4b, 0x84, 0xa7 }; byte[] macKey = { 0xbf, 0xbe, 0x5e, 0xfb, 0x60, 0x30, 0x30, 0x52, 0x67, 0x42, 0xe3, 0xee, 0x89, 0xc7, 0x02, 0x4e, 0x88, 0x4e, 0x44, 0x0f, 0x1f, 0xf3, 0x76, 0xbb, 0x23, 0x17, 0xb2, 0xd6, 0x4d, 0xeb, 0x7c, 0x83 }; byte[] nextChainKey = { 0x28, 0xe8, 0xf8, 0xfe, 0xe5, 0x4b, 0x80, 0x1e, 0xef, 0x7c, 0x5c, 0xfb, 0x2f, 0x17, 0xf3, 0x2c, 0x7b, 0x33, 0x44, 0x85, 0xbb, 0xb7, 0x0f, 0xac, 0x6e, 0xc1, 0x03, 0x42, 0xa2, 0x46, 0xd1, 0x5d }; ChainKey chainKey = new ChainKey(HKDF.createFor(2), seed, 0); Assert.AreEqual(seed, chainKey.getKey()); CollectionAssert.AreEqual(messageKey, chainKey.getMessageKeys().getCipherKey()); CollectionAssert.AreEqual(macKey, chainKey.getMessageKeys().getMacKey()); CollectionAssert.AreEqual(nextChainKey, chainKey.getNextChainKey().getKey()); Assert.AreEqual <uint>(0, chainKey.getIndex()); Assert.AreEqual <uint>(0, chainKey.getMessageKeys().getCounter()); Assert.AreEqual <uint>(1, chainKey.getNextChainKey().getIndex()); Assert.AreEqual <uint>(1, chainKey.getNextChainKey().getMessageKeys().getCounter()); }
public void Rfc5869DeriveKeyOutputLengthZero() { byte[] ikm = new byte[20]; byte[] okm = new byte[0]; AssertExtensions.Throws <ArgumentException>( "output", () => HKDF.DeriveKey(HashAlgorithmName.SHA1, ikm, okm, Array.Empty <byte>(), Array.Empty <byte>())); }
private static DerivedKeys calculateDerivedKeys(uint sessionVersion, byte[] masterSecret) { HKDF kdf = HKDF.createFor(sessionVersion); byte[] derivedSecretBytes = kdf.deriveSecrets(masterSecret, Encoding.UTF8.GetBytes("WhisperText"), 64); byte[][] derivedSecrets = ByteUtil.split(derivedSecretBytes, 32, 32); return(new DerivedKeys(new RootKey(kdf, derivedSecrets[0]), new ChainKey(kdf, derivedSecrets[1], 0))); }
public virtual void InitCipher(byte[] salt, bool isEncrypt) { this.salt = new byte[saltLen]; Array.Copy(salt, this.salt, saltLen); HKDF.DeriveKey(HashAlgorithmName.SHA1, masterKey, sessionKey, salt, InfoBytes); this.Log().Debug($"salt {instanceId}", salt, saltLen); this.Log().Debug($"sessionkey {instanceId}", sessionKey, keyLen); }
private (byte[], byte[]) DeriveKeyAndNonce(byte[] salt, byte[] authSecret, ECPublicKeyParameters senderPublicKey, ECPublicKeyParameters receiverPublicKey, ECPrivateKeyParameters receiverPrivateKey) { var(secret, context) = ExtractSecretAndContext(senderPublicKey, receiverPublicKey, receiverPrivateKey); secret = HKDF.GetBytes(authSecret, secret, authInfoParameter, SHA_256_LENGTH); byte[] keyInfo = ByteArray.Concat(keyInfoParameter, context); byte[] nonceInfo = ByteArray.Concat(nonceInfoParameter, context); byte[] prk = HKDF.Extract(salt, secret); return(HKDF.Expand(prk, keyInfo, KEY_LENGTH), HKDF.Expand(prk, nonceInfo, NONCE_LENGTH)); }
//deriveHawkCredentials public static byte[] DeriveHawkCredentials(string tokenHex, string context) { byte[] token = BinaryHelper.FromHexString(tokenHex); byte[] info = BinaryHelper.Kw(context); using (var hmac = new HMACSHA256()) { HKDF hkdf = new HKDF(hmac, token); byte[] result = hkdf.Expand(info, 3 * 32); return(result.Skip(64).ToArray()); } }
public static SyncKeys DeriveKeys(byte[] kB) { byte[] info = BinaryHelper.Kw("oldsync"); HMAC hmac = new HMAC("HMACSHA256"); HKDF hkdf = new HKDF(hmac, kB); byte[] result = hkdf.Expand(info, 2 * 32); return(new SyncKeys() { EncKey = result.Take(32).ToArray(), HmacKey = result.Skip(32).ToArray() }); }
private static BundleKeys DeriveBundleKeys(byte[] key, string keyInfo) { byte[] info = BinaryHelper.Kw(keyInfo); using (var hmac = new HMACSHA256()) { HKDF hkdf = new HKDF(hmac, key); byte[] result = hkdf.Expand(info, 3 * 32); byte[] hmacKey = result.Take(32).ToArray(); byte[] xorKey = result.Skip(32).ToArray(); return(new BundleKeys(hmacKey, xorKey)); } }
public ChainKey getReceiverChainKey(ECPublicKey senderEphemeral) { Pair <Chain, uint> receiverChainAndIndex = getReceiverChain(senderEphemeral); Chain receiverChain = receiverChainAndIndex.first(); if (receiverChain == null) { return(null); } else { return(new ChainKey(HKDF.createFor(getSessionVersion()), receiverChain.ChainKey.Key.ToByteArray(), receiverChain.ChainKey.Index)); } }
[InlineData(10, 20)] // Both offset, output +10 over salt public void Rfc5869ExtractOverlapsPrkOverSalt(int saltOffset, int outputOffset) { ReadOnlySpan <byte> ikm = "0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b".HexToByteArray(); ReadOnlySpan <byte> salt = "000102030405060708090a0b0c".HexToByteArray(); byte[] expectedPrk = "077709362c2e32df0ddc3f0dc47bba6390b6c73bb50f9c3122ec844ad7c2b3e5".HexToByteArray(); int length = Math.Max(ikm.Length, expectedPrk.Length) + Math.Max(saltOffset, outputOffset); Span <byte> buffer = new byte[length]; Span <byte> saltBuffer = buffer.Slice(saltOffset, salt.Length); Span <byte> outputBuffer = buffer.Slice(outputOffset, expectedPrk.Length); salt.CopyTo(saltBuffer); HKDF.Extract(HashAlgorithmName.SHA256, ikm, saltBuffer, outputBuffer); Assert.Equal(expectedPrk, outputBuffer.ToArray()); }
public void testVectorV2() { byte[] ikm = { 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b }; byte[] salt = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c }; byte[] info = { 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, 0xf8, 0xf9 }; byte[] okm = { 0x6e, 0xc2, 0x55, 0x6d, 0x5d, 0x7b, 0x1d, 0x81, 0xde, 0xe4, 0x22, 0x2a, 0xd7, 0x48, 0x36, 0x95, 0xdd, 0xc9, 0x8f, 0x4f, 0x5f, 0xab, 0xc0, 0xe0, 0x20, 0x5d, 0xc2, 0xef, 0x87, 0x52, 0xd4, 0x1e, 0x04, 0xe2, 0xe2, 0x11, 0x01, 0xc6, 0x8f, 0xf0, 0x93, 0x94, 0xb8, 0xad, 0x0b, 0xdc, 0xb9, 0x60, 0x9c, 0xd4, 0xee, 0x82, 0xac, 0x13, 0x19, 0x9b, 0x4a, 0xa9, 0xfd, 0xa8, 0x99, 0xda, 0xeb, 0xec }; byte[] actualOutput = HKDF.createFor(2).deriveSecrets(ikm, salt, info, 64); CollectionAssert.AreEqual(okm, actualOutput); }
private uint[] SecureExpand(byte[] Key) { // expanded key size int keySize = 4 * (m_rndCount + 1); // hkdf return array int keyBytes = keySize * 4; byte[] rawKey = new byte[keyBytes]; HKDF gen = new HKDF(m_kdfExtractor); // change 1.2: use extract only on an oversized key if (Key.Length > m_kdfExtractor.BlockSize) { // seperate salt and key m_kdfKeySize = m_kdfExtractor.BlockSize; byte[] kdfKey = new byte[m_kdfKeySize]; Buffer.BlockCopy(Key, 0, kdfKey, 0, m_kdfKeySize); int saltSize = Key.Length - m_kdfKeySize; byte[] kdfSalt = new byte[saltSize]; Buffer.BlockCopy(Key, m_kdfKeySize, kdfSalt, 0, saltSize); // info can be null gen.Initialize(kdfKey, kdfSalt, m_kdfInfo); } else { if (m_kdfInfo.Length != 0) { gen.Info = m_kdfInfo; } gen.Initialize(Key); } gen.Generate(rawKey); gen.Dispose(); // initialize working key uint[] expKey = new uint[keySize]; // copy bytes to working key Buffer.BlockCopy(rawKey, 0, expKey, 0, keyBytes); return(expKey); }
public void Test_Case_6() { using (var hmac = new HMACSHA1()) { byte[] ikm = Generate("0x0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b"); byte[] salt = Generate(string.Empty); byte[] info = Generate(string.Empty); int L = 42; byte[] OKM = Generate(@"0x0ac1af7002b3d761d1e55298da9d0506 b9ae52057220a306e07b6b87e8df21d0 ea00033de03984d34918"); var hkdf = new HKDF(hmac, ikm, salt); var okm = hkdf.Expand(info, L); Assert.AreEqual(L, okm.Length); Assert.AreEqual(Convert.ToBase64String(OKM), Convert.ToBase64String(okm)); } }
public void Rfc5869ExtractPrkTooLong() { byte[] prk = new byte[24]; for (int i = 0; i < 4; i++) { prk[20 + i] = (byte)(i + 5); } byte[] ikm = new byte[20]; byte[] salt = new byte[20]; Assert.Equal(20, HKDF.Extract(HashAlgorithmName.SHA1, ikm, salt, prk)); Assert.Equal("A3CBF4A40F51A53E046F07397E52DF9286AE93A2", prk.AsSpan(0, 20).ByteArrayToHex()); for (int i = 0; i < 4; i++) { // ensure we didn't modify anything further Assert.Equal((byte)(i + 5), prk[20 + i]); } }
public void Test_Case_7() { using (var hmac = new HMACSHA1()) { byte[] ikm = Generate("0x0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c"); byte[] salt = null; byte[] info = Generate(string.Empty); int L = 42; byte[] OKM = Generate(@"0x2c91117204d745f3500d636a62f64f0a b3bae548aa53d423b0d1f27ebba6f5e5 673a081d70cce7acfc48"); var hkdf = new HKDF(hmac, ikm, salt); var okm = hkdf.Expand(info, L); Assert.AreEqual(L, okm.Length); Assert.AreEqual(Convert.ToBase64String(OKM), Convert.ToBase64String(okm)); } }
public void Test_Case_4() { using (var hmac = new HMACSHA1()) { byte[] ikm = Generate("0x0b0b0b0b0b0b0b0b0b0b0b"); byte[] salt = Generate("0x000102030405060708090a0b0c"); byte[] info = Generate("0xf0f1f2f3f4f5f6f7f8f9"); int L = 42; byte[] OKM = Generate(@"0x085a01ea1b10f36933068b56efa5ad81 a4f14b822f5b091568a9cdd4f155fda2 c22e422478d305f3f896"); var hkdf = new HKDF(hmac, ikm, salt); var okm = hkdf.Expand(info, L); Assert.AreEqual(L, okm.Length); Assert.AreEqual(Convert.ToBase64String(OKM), Convert.ToBase64String(okm)); } }
public void Test_Case_1() { using (var hmac = new HMACSHA256()) { byte[] ikm = Generate("0x0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b"); byte[] salt = Generate("0x000102030405060708090a0b0c"); byte[] info = Generate("0xf0f1f2f3f4f5f6f7f8f9"); int L = 42; byte[] OKM = Generate(@"0x3cb25f25faacd57a90434f64d0362f2a 2d2d0a90cf1a5a4c5db02d56ecc4c5bf 34007208d5b887185865"); var hkdf = new HKDF(hmac, ikm, salt); var okm = hkdf.Expand(info, L); Assert.AreEqual(L, okm.Length); Assert.AreEqual(Convert.ToBase64String(OKM), Convert.ToBase64String(okm)); } }
public Credentials(string email, string password) { Email = email; using (var hmac = new HMACSHA256()) { Pbkdf2 pbkdf2 = new Pbkdf2(hmac, Encoding.UTF8.GetBytes(password), BinaryHelper.Kwe("quickStretch", email), 1000); QuickStretchedPW = pbkdf2.GetBytes(32); HKDF hkdf = new HKDF(hmac, QuickStretchedPW); AuthPW = hkdf.Expand(BinaryHelper.Kw("authPW"), 32); UnwrapBKey = hkdf.Expand(BinaryHelper.Kw("unwrapBkey"), 32); } using (SHA256 sha256 = new SHA256()) { byte[] hash = sha256.ComputeHash(UnwrapBKey); SyncClientState = BinaryHelper.ToHexString(hash.Take(16).ToArray()); } }
public void Test_Case_3() { using (var hmac = new HMACSHA256()) { byte[] ikm = Generate("0x0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b"); byte[] salt = Generate(string.Empty); byte[] info = Generate(string.Empty); int L = 42; byte[] OKM = Generate(@"0x8da4e775a563c18f715f802a063c5a31 b8a11f5c5ee1879ec3454e5f3c738d2d 9d201395faa4b61a96c8"); var hkdf = new HKDF(hmac, ikm, salt); var okm = hkdf.Expand(info, L); Assert.AreEqual(L, okm.Length); Assert.AreEqual(Convert.ToBase64String(OKM), Convert.ToBase64String(okm)); } }
public void HDKF_Testcase6() { using (var hkdf = new HKDF(HMACFactories.HMACSHA1, ikm: Enumerable.Repeat<byte>(0x0b, 22).ToArray(), salt: new byte[] { }, context: new byte[] { })) { var result = hkdf.GetBytes(countBytes: 42); var expected = "0ac1af7002b3d761d1e55298da9d0506b9ae52057220a306e07b6b87e8df21d0ea00033de03984d34918".FromBase16(); Assert.IsTrue(Enumerable.SequenceEqual(result, expected)); // "expected" is OKM in the document } }//6
public void HDKF_Testcase7() { using (var hkdf = new HKDF(HMACFactories.HMACSHA1, ikm: Enumerable.Repeat<byte>(0x0c, 22).ToArray(), salt: null, context: new byte[] { })) { var result = hkdf.GetBytes(countBytes: 42); var expected = "2c91117204d745f3500d636a62f64f0ab3bae548aa53d423b0d1f27ebba6f5e5673a081d70cce7acfc48".FromBase16(); Assert.IsTrue(Enumerable.SequenceEqual(result, expected)); // "expected" is OKM in the document } }//7
public void HDKF_Testcase4() { using (var hkdf = new HKDF(HMACFactories.HMACSHA1, ikm: Enumerable.Repeat<byte>(0x0b, 11).ToArray(), salt: Enumerable.Range(0x00, 13).Select(i => (byte)i).ToArray(), context: Enumerable.Range(0xf0, 10).Select(i => (byte)i).ToArray())) { var result = hkdf.GetBytes(countBytes: 42); var expected = "085a01ea1b10f36933068b56efa5ad81a4f14b822f5b091568a9cdd4f155fda2c22e422478d305f3f896".FromBase16(); Assert.IsTrue(Enumerable.SequenceEqual(result, expected)); // "expected" is OKM in the document } }//4
public void HDKF_Testcase5() { using (var hkdf = new HKDF(HMACFactories.HMACSHA1, ikm: Enumerable.Range(0x00, 80).Select(i => (byte)i).ToArray(), salt: Enumerable.Range(0x60, 80).Select(i => (byte)i).ToArray(), context: Enumerable.Range(0xb0, 80).Select(i => (byte)i).ToArray())) { var result = hkdf.GetBytes(countBytes: 82); var expected = "0bd770a74d1160f7c9f12cd5912a06ebff6adcae899d92191fe4305673ba2ffe8fa3f1a4e5ad79f3f334b3b202b2173c486ea37ce3d397ed034c7f9dfeb15c5e927336d0441f4c4300e2cff0d0900b52d3b4".FromBase16(); Assert.IsTrue(Enumerable.SequenceEqual(result, expected)); // "expected" is OKM in the document } }//5
public void HDKF_Testcase2() { using (var hkdf = new HKDF(HMACFactories.HMACSHA256, ikm: Enumerable.Range(0x00, 80).Select(i => (byte)i).ToArray(), salt: Enumerable.Range(0x60, 80).Select(i => (byte)i).ToArray(), context: Enumerable.Range(0xb0, 80).Select(i => (byte)i).ToArray())) { var result = hkdf.GetBytes(countBytes: 82); var expected = "b11e398dc80327a1c8e7f78c596a49344f012eda2d4efad8a050cc4c19afa97c59045a99cac7827271cb41c65e590e09da3275600c2f09b8367793a9aca3db71cc30c58179ec3e87c14c01d5c1f3434f1d87".FromBase16(); Assert.IsTrue(Enumerable.SequenceEqual(result, expected)); // "expected" is OKM in the document } }//2
public void HDKF_Testcase3() { using (var hkdf = new HKDF(HMACFactories.HMACSHA256, ikm: Enumerable.Repeat<byte>(0x0b, 22).ToArray(), salt: new byte[] { }, context: new byte[] { })) { var result = hkdf.GetBytes(countBytes: 42); var expected = "8da4e775a563c18f715f802a063c5a31b8a11f5c5ee1879ec3454e5f3c738d2d9d201395faa4b61a96c8".FromBase16(); Assert.IsTrue(Enumerable.SequenceEqual(result, expected)); // "expected" is OKM in the document } }//3
public void HDKF_Testcase1() { using (var hkdf = new HKDF(HMACFactories.HMACSHA256, ikm: Enumerable.Repeat<byte>(0x0b, 22).ToArray(), salt: Enumerable.Range(0, 13).Select(i => (byte)i).ToArray(), context: Enumerable.Range(0xf0, 10).Select(i => (byte)i).ToArray())) { var result = hkdf.GetBytes(countBytes: 42); var expected = "3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865".FromBase16(); Assert.IsTrue(Enumerable.SequenceEqual(result, expected)); // "expected" is OKM in the document } }//1
public void Test_Case_2() { using (var hmac = new HMACSHA256()) { byte[] ikm = Generate(@"0x000102030405060708090a0b0c0d0e0f 101112131415161718191a1b1c1d1e1f 202122232425262728292a2b2c2d2e2f 303132333435363738393a3b3c3d3e3f 404142434445464748494a4b4c4d4e4f"); byte[] salt = Generate(@"0x606162636465666768696a6b6c6d6e6f 707172737475767778797a7b7c7d7e7f 808182838485868788898a8b8c8d8e8f 909192939495969798999a9b9c9d9e9f a0a1a2a3a4a5a6a7a8a9aaabacadaeaf"); byte[] info = Generate(@"0xb0b1b2b3b4b5b6b7b8b9babbbcbdbebf c0c1c2c3c4c5c6c7c8c9cacbcccdcecf d0d1d2d3d4d5d6d7d8d9dadbdcdddedf e0e1e2e3e4e5e6e7e8e9eaebecedeeef f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff"); int L = 82; byte[] OKM = Generate(@"0xb11e398dc80327a1c8e7f78c596a4934 4f012eda2d4efad8a050cc4c19afa97c 59045a99cac7827271cb41c65e590e09 da3275600c2f09b8367793a9aca3db71 cc30c58179ec3e87c14c01d5c1f3434f 1d87"); var hkdf = new HKDF(hmac, ikm, salt); var okm = hkdf.Expand(info, L); Assert.AreEqual(L, okm.Length); Assert.AreEqual(Convert.ToBase64String(OKM), Convert.ToBase64String(okm)); } }
public void Test_Case_5() { using (var hmac = new HMACSHA1()) { byte[] ikm = Generate(@"0x000102030405060708090a0b0c0d0e0f 101112131415161718191a1b1c1d1e1f 202122232425262728292a2b2c2d2e2f 303132333435363738393a3b3c3d3e3f 404142434445464748494a4b4c4d4e4f"); byte[] salt = Generate(@"0x606162636465666768696a6b6c6d6e6f 707172737475767778797a7b7c7d7e7f 808182838485868788898a8b8c8d8e8f 909192939495969798999a9b9c9d9e9f a0a1a2a3a4a5a6a7a8a9aaabacadaeaf"); byte[] info = Generate(@"0xb0b1b2b3b4b5b6b7b8b9babbbcbdbebf c0c1c2c3c4c5c6c7c8c9cacbcccdcecf d0d1d2d3d4d5d6d7d8d9dadbdcdddedf e0e1e2e3e4e5e6e7e8e9eaebecedeeef f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff"); int L = 82; byte[] OKM = Generate(@"0x0bd770a74d1160f7c9f12cd5912a06eb ff6adcae899d92191fe4305673ba2ffe 8fa3f1a4e5ad79f3f334b3b202b2173c 486ea37ce3d397ed034c7f9dfeb15c5e 927336d0441f4c4300e2cff0d0900b52 d3b4"); var hkdf = new HKDF(hmac, ikm, salt); var okm = hkdf.Expand(info, L); Assert.AreEqual(L, okm.Length); Assert.AreEqual(Convert.ToBase64String(OKM), Convert.ToBase64String(okm)); } }