/// <summary> /// Static method to create a protected key from a plaintext key. It will wipe the reference that was passed in once the protected key instance is initialized /// </summary> /// <param name="plaintextKey">The key</param> /// <returns>A protected key instance from the provided key</returns> public static InMemoryKey CreateProtectedKeyAndDestroyPlaintextKey(byte[] plaintextKey) { var key = new InMemoryKey(plaintextKey); // the protected key creates a copy of the key and pads it as needed for in memory protection. // Thus the reference that was passed in isn't needed. Overwrite it with random garbage. KeyUtilities.Destroy(plaintextKey); return(key); }
/// <summary> /// Uses the key to get an HMAC using the specified algorithm and data /// </summary> /// <param name="mode">The HMAC algorithm to use</param> /// <param name="data">The data used to compute the HMAC</param> /// <returns>HMAC of the key and data</returns> public byte[] ComputeHmac(OtpHashMode mode, byte[] data) { byte[] hashedValue = null; using (HMAC hmac = CreateHmacHash(mode)) { byte[] key = this.GetCopyOfKey(); try { hmac.Key = key; hashedValue = hmac.ComputeHash(data); } finally { KeyUtilities.Destroy(key); } } return(hashedValue); }