3 // Copyright (c) Microsoft Corporation. All rights reserved.
8 using System.Runtime.Serialization;
10 namespace System.Security.Cryptography {
12 /// Abstract base class for implementations of elliptic curve Diffie-Hellman to derive from
14 [System.Security.Permissions.HostProtection(MayLeakOnAbort = true)]
15 public abstract class ECDiffieHellman : AsymmetricAlgorithm {
16 public override string KeyExchangeAlgorithm {
17 get { return "ECDiffieHellman"; }
20 public override string SignatureAlgorithm {
25 // Creation factory methods
28 public static new ECDiffieHellman Create() {
30 throw new NotImplementedException ();
32 return Create(typeof(ECDiffieHellmanCng).FullName);
36 public static new ECDiffieHellman Create(string algorithm) {
37 if (algorithm == null) {
38 throw new ArgumentNullException("algorithm");
41 return CryptoConfig.CreateFromName(algorithm) as ECDiffieHellman;
48 public abstract ECDiffieHellmanPublicKey PublicKey { get; }
50 // This method must be implemented by derived classes. In order to conform to the contract, it cannot be abstract.
51 public virtual byte[] DeriveKeyMaterial(ECDiffieHellmanPublicKey otherPartyPublicKey)
53 throw DerivedClassMustOverride();
57 /// Derive key material using the formula HASH(x) where x is the computed result of the EC Diffie-Hellman algorithm.
59 /// <param name="otherPartyPublicKey">The public key of the party with which to derive a mutual secret.</param>
60 /// <param name="hashAlgorithm">The identifier for the hash algorithm to use.</param>
61 /// <returns>A hashed output suitable for key material</returns>
62 /// <exception cref="ArgumentException"><paramref name="otherPartyPublicKey"/> is over a different curve than this key</exception>
63 public byte[] DeriveKeyFromHash(ECDiffieHellmanPublicKey otherPartyPublicKey, HashAlgorithmName hashAlgorithm)
65 return DeriveKeyFromHash(otherPartyPublicKey, hashAlgorithm, null, null);
69 /// Derive key material using the formula HASH(secretPrepend || x || secretAppend) where x is the computed
70 /// result of the EC Diffie-Hellman algorithm.
72 /// <param name="otherPartyPublicKey">The public key of the party with which to derive a mutual secret.</param>
73 /// <param name="hashAlgorithm">The identifier for the hash algorithm to use.</param>
74 /// <param name="secretPrepend">A value to prepend to the derived secret before hashing. A <c>null</c> value is treated as an empty array.</param>
75 /// <param name="secretAppend">A value to append to the derived secret before hashing. A <c>null</c> value is treated as an empty array.</param>
76 /// <returns>A hashed output suitable for key material</returns>
77 /// <exception cref="ArgumentException"><paramref name="otherPartyPublicKey"/> is over a different curve than this key</exception>
78 public virtual byte[] DeriveKeyFromHash(
79 ECDiffieHellmanPublicKey otherPartyPublicKey,
80 HashAlgorithmName hashAlgorithm,
84 throw DerivedClassMustOverride();
88 /// Derive key material using the formula HMAC(hmacKey, x) where x is the computed
89 /// result of the EC Diffie-Hellman algorithm.
91 /// <param name="otherPartyPublicKey">The public key of the party with which to derive a mutual secret.</param>
92 /// <param name="hashAlgorithm">The identifier for the hash algorithm to use.</param>
93 /// <param name="hmacKey">The key to use in the HMAC. A <c>null</c> value indicates that the result of the EC Diffie-Hellman algorithm should be used as the HMAC key.</param>
94 /// <returns>A hashed output suitable for key material</returns>
95 /// <exception cref="ArgumentException"><paramref name="otherPartyPublicKey"/> is over a different curve than this key</exception>
96 public byte[] DeriveKeyFromHmac(
97 ECDiffieHellmanPublicKey otherPartyPublicKey,
98 HashAlgorithmName hashAlgorithm,
101 return DeriveKeyFromHmac(otherPartyPublicKey, hashAlgorithm, hmacKey, null, null);
105 /// Derive key material using the formula HMAC(hmacKey, secretPrepend || x || secretAppend) where x is the computed
106 /// result of the EC Diffie-Hellman algorithm.
108 /// <param name="otherPartyPublicKey">The public key of the party with which to derive a mutual secret.</param>
109 /// <param name="hashAlgorithm">The identifier for the hash algorithm to use.</param>
110 /// <param name="hmacKey">The key to use in the HMAC. A <c>null</c> value indicates that the result of the EC Diffie-Hellman algorithm should be used as the HMAC key.</param>
111 /// <param name="secretPrepend">A value to prepend to the derived secret before hashing. A <c>null</c> value is treated as an empty array.</param>
112 /// <param name="secretAppend">A value to append to the derived secret before hashing. A <c>null</c> value is treated as an empty array.</param>
113 /// <returns>A hashed output suitable for key material</returns>
114 /// <exception cref="ArgumentException"><paramref name="otherPartyPublicKey"/> is over a different curve than this key</exception>
115 public virtual byte[] DeriveKeyFromHmac(
116 ECDiffieHellmanPublicKey otherPartyPublicKey,
117 HashAlgorithmName hashAlgorithm,
119 byte[] secretPrepend,
122 throw DerivedClassMustOverride();
126 /// Derive key material using the TLS pseudo-random function (PRF) derivation algorithm.
128 /// <param name="otherPartyPublicKey">The public key of the party with which to derive a mutual secret.</param>
129 /// <param name="prfLabel">The ASCII encoded PRF label.</param>
130 /// <param name="prfSeed">The 64-byte PRF seed.</param>
131 /// <returns>A 48-byte output of the TLS pseudo-random function.</returns>
132 /// <exception cref="ArgumentException"><paramref name="otherPartyPublicKey"/> is over a different curve than this key</exception>
133 /// <exception cref="ArgumentNullException"><paramref name="prfLabel"/> is null</exception>
134 /// <exception cref="ArgumentNullException"><paramref name="prfSeed"/> is null</exception>
135 /// <exception cref="CryptographicException"><paramref name="prfSeed"/> is not exactly 64 bytes in length</exception>
136 public virtual byte[] DeriveKeyTls(ECDiffieHellmanPublicKey otherPartyPublicKey, byte[] prfLabel, byte[] prfSeed)
138 throw DerivedClassMustOverride();
141 private static Exception DerivedClassMustOverride()
143 return new NotImplementedException(SR.GetString(SR.NotSupported_SubclassOverride));