public void Rfc5869ExtractNullIkm()
 {
     byte[] salt = new byte[20];
     AssertExtensions.Throws <ArgumentNullException>(
         "ikm",
         () => HKDF.Extract(HashAlgorithmName.SHA1, null, salt));
 }
        private (byte[], byte[]) DeriveKeyAndNonce(byte[] salt, byte[] authSecret, ECPublicKeyParameters senderPublicKey, ECPublicKeyParameters receiverPublicKey, ECPrivateKeyParameters receiverPrivateKey)
        {
            var(secret, context) = ExtractSecretAndContext(senderPublicKey, receiverPublicKey, receiverPrivateKey);
            secret = HKDF.GetBytes(authSecret, secret, authInfoParameter, SHA_256_LENGTH);

            byte[] keyInfo   = ByteArray.Concat(keyInfoParameter, context);
            byte[] nonceInfo = ByteArray.Concat(nonceInfoParameter, context);

            byte[] prk = HKDF.Extract(salt, secret);

            return(HKDF.Expand(prk, keyInfo, KEY_LENGTH), HKDF.Expand(prk, nonceInfo, NONCE_LENGTH));
        }
示例#3
0
            [InlineData(10, 20)] // Both offset, output +10 over salt
            public void Rfc5869ExtractOverlapsPrkOverSalt(int saltOffset, int outputOffset)
            {
                ReadOnlySpan <byte> ikm  = "0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b".HexToByteArray();
                ReadOnlySpan <byte> salt = "000102030405060708090a0b0c".HexToByteArray();

                byte[] expectedPrk = "077709362c2e32df0ddc3f0dc47bba6390b6c73bb50f9c3122ec844ad7c2b3e5".HexToByteArray();

                int         length       = Math.Max(ikm.Length, expectedPrk.Length) + Math.Max(saltOffset, outputOffset);
                Span <byte> buffer       = new byte[length];
                Span <byte> saltBuffer   = buffer.Slice(saltOffset, salt.Length);
                Span <byte> outputBuffer = buffer.Slice(outputOffset, expectedPrk.Length);

                salt.CopyTo(saltBuffer);

                HKDF.Extract(HashAlgorithmName.SHA256, ikm, saltBuffer, outputBuffer);
                Assert.Equal(expectedPrk, outputBuffer.ToArray());
            }
            public void Rfc5869ExtractPrkTooLong()
            {
                byte[] prk = new byte[24];

                for (int i = 0; i < 4; i++)
                {
                    prk[20 + i] = (byte)(i + 5);
                }

                byte[] ikm  = new byte[20];
                byte[] salt = new byte[20];
                Assert.Equal(20, HKDF.Extract(HashAlgorithmName.SHA1, ikm, salt, prk));
                Assert.Equal("A3CBF4A40F51A53E046F07397E52DF9286AE93A2", prk.AsSpan(0, 20).ByteArrayToHex());

                for (int i = 0; i < 4; i++)
                {
                    // ensure we didn't modify anything further
                    Assert.Equal((byte)(i + 5), prk[20 + i]);
                }
            }
 protected override byte[] Extract(HashAlgorithmName hash, int prkLength, byte[] ikm, byte[] salt)
 {
     byte[] prk = new byte[prkLength];
     Assert.Equal(prkLength, HKDF.Extract(hash, ikm, salt, prk));
     return(prk);
 }
 protected override byte[] Extract(HashAlgorithmName hash, int prkLength, byte[] ikm, byte[] salt)
 {
     return(HKDF.Extract(hash, ikm, salt));
 }