using Org.BouncyCastle.Crypto.Parameters; using Org.BouncyCastle.Crypto.Utilities; using System; namespace Org.BouncyCastle.Crypto.Agreement.Kdf { public sealed class ConcatenationKdfGenerator : IDerivationFunction { private readonly IDigest m_digest; private readonly int m_hLen; private byte[] m_buffer; public IDigest Digest => m_digest; public ConcatenationKdfGenerator(IDigest digest) { m_digest = digest; m_hLen = digest.GetDigestSize(); } public void Init(IDerivationParameters param) { KdfParameters obj = param as KdfParameters; if (obj == null) throw new ArgumentException("KDF parameters required for ConcatenationKdfGenerator"); byte[] sharedSecret = obj.GetSharedSecret(); byte[] iV = obj.GetIV(); m_buffer = new byte[4 + sharedSecret.Length + ((iV != null) ? iV.Length : 0) + m_hLen]; sharedSecret.CopyTo(m_buffer, 4); iV?.CopyTo(m_buffer, 4 + sharedSecret.Length); } public int GenerateBytes(byte[] output, int outOff, int length) { Check.OutputLength(output, outOff, length, "output buffer too short"); int num = m_buffer.Length - m_hLen; uint num2 = 1; m_digest.Reset(); int num3 = outOff + length; int num4 = num3 - m_hLen; while (outOff <= num4) { Pack.UInt32_To_BE(num2++, m_buffer, 0); m_digest.BlockUpdate(m_buffer, 0, num); m_digest.DoFinal(output, outOff); outOff += m_hLen; } if (outOff < num3) { Pack.UInt32_To_BE(num2, m_buffer, 0); m_digest.BlockUpdate(m_buffer, 0, num); m_digest.DoFinal(m_buffer, num); Array.Copy(m_buffer, num, output, outOff, num3 - outOff); } return length; } } }