/// <summary> /// Here we generate the key from random data, then we will use the TLS 1.3 Expand function to ensure that /// if there is a weakness in our randoms it is harder to reverse /// </summary> private ISymmetricalCipher GenerateKey(OwnedMemory <byte> buffer) { //We use the crypto random function to fill the key buffer initially _cryptoProvider.FillWithRandom(buffer.Span); //We use the Hkdf expand method to make it harder to exploit any weakness in the random number generator _cryptoProvider.HashProvider.HkdfExpandLabel(HashType.SHA512, buffer.Span, _ticketLabel, new ReadOnlySpan <byte>(), buffer.Span); return(_cryptoProvider.BulkCipherProvider.GetCipherKey(_cipherType, buffer)); }
/// <summary> /// Here we generate the key from random data, then we will use the TLS 1.3 Expand function to ensure that /// if there is a weakness in our randoms it is harder to reverse /// </summary> private void GenerateKeys(SecretSchedulePool pool, int numberOfKeys) { var buffer = pool.GetKeyBuffer(); //We use the crypto random function to fill the key buffer initially _cryptoProvider.FillWithRandom(buffer.Span); //We use the Hkdf expand method to make it harder to exploit any weakness in the random number generator _cryptoProvider.HashProvider.HkdfExpandLabel(HashType.SHA512, buffer.Span, _ticketLabel, new ReadOnlySpan <byte>(), buffer.Span); _keys.Add(_cryptoProvider.BulkCipherProvider.GetCipherKey(_cipherType, buffer)); for (var i = 0; i < (numberOfKeys - 1); i++) { var newBuffer = pool.GetKeyBuffer(); buffer.Memory.Span.CopyTo(newBuffer.Memory.Span); _keys.Add(_cryptoProvider.BulkCipherProvider.GetCipherKey(_cipherType, newBuffer)); } }
public void GenerateClientRandom() { var span = _clientRandom.Span; _cryptoProvider.FillWithRandom(span); }