public byte[][] WrapNewKey(int cekSizeBits, object key, IDictionary <string, object> header) { byte[] numArray; string str = Ensure.Type <string>(key, "Pbse2HmacShaKeyManagementWithAesKeyWrap management algorithm expectes key to be string.", new object[0]); byte[] bytes = Encoding.UTF8.GetBytes(str); byte[] bytes1 = Encoding.UTF8.GetBytes((string)header["alg"]); int num = 8192; byte[] numArray1 = Arrays.Random(96); header["p2c"] = num; header["p2s"] = Base64Url.Encode(numArray1); byte[] numArray2 = Arrays.Concat(new byte[][] { bytes1, Arrays.Zero, numArray1 }); using (HMAC pRF = this.PRF) { numArray = PBKDF2.DeriveKey(bytes, numArray2, num, this.keyLengthBits, pRF); } return(this.aesKW.WrapNewKey(cekSizeBits, numArray, header)); }
public byte[] Unwrap(byte[] encryptedCek, object key, int cekSizeBits, IDictionary <string, object> header) { byte[] numArray; string str = Ensure.Type <string>(key, "Pbse2HmacShaKeyManagementWithAesKeyWrap management algorithm expectes key to be string.", new object[0]); byte[] bytes = Encoding.UTF8.GetBytes(str); Ensure.Contains(header, new string[] { "p2c" }, "Pbse2HmacShaKeyManagementWithAesKeyWrap algorithm expects 'p2c' param in JWT header, but was not found", new object[0]); Ensure.Contains(header, new string[] { "p2s" }, "Pbse2HmacShaKeyManagementWithAesKeyWrap algorithm expects 'p2s' param in JWT header, but was not found", new object[0]); byte[] bytes1 = Encoding.UTF8.GetBytes((string)header["alg"]); int num = Convert.ToInt32(header["p2c"]); byte[] numArray1 = Base64Url.Decode((string)header["p2s"]); byte[] numArray2 = Arrays.Concat(new byte[][] { bytes1, Arrays.Zero, numArray1 }); using (HMAC pRF = this.PRF) { numArray = PBKDF2.DeriveKey(bytes, numArray2, num, this.keyLengthBits, pRF); } return(this.aesKW.Unwrap(encryptedCek, numArray, cekSizeBits, header)); }
public static byte[] DeriveKey(byte[] password, byte[] salt, int iterationCount, int keyBitLength, HMAC prf) { prf.Key = password; ulong num = unchecked ((ulong)-1); object[] objArray = new object[] { keyBitLength }; Ensure.MaxValue(keyBitLength, (long)num, "PBKDF2 expect derived key size to be not more that (2^32-1) bits, but was requested {0} bits.", objArray); int hashSize = prf.HashSize / 8; int num1 = keyBitLength / 8; int num2 = (int)Math.Ceiling((double)num1 / (double)hashSize); int num3 = num1 - (num2 - 1) * hashSize; byte[][] numArray = new byte[num2][]; for (int i = 0; i < num2; i++) { numArray[i] = PBKDF2.F(salt, iterationCount, i + 1, prf); } numArray[num2 - 1] = Arrays.LeftmostBits(numArray[num2 - 1], num3 * 8); return(Arrays.Concat(numArray)); }