How to use class AesCmac with arbitrary key password length

[arnulfrupp]

I'm trying to implement PBKDF2 with AES_CMAC_PRF_128 hash using this project.
The below code works with HMACSHA256. When replacing new HMACSHA256(..) with new AesCmac(..) I get:

System.Security.Cryptography.CryptographicException: 'Specified key is not a valid size for this algorithm.'

How to I need to prepare the key correctly?

public static byte[] PBKDF2_AES_CMAC(string password, byte[] salt, int iterations, int keyLength)
{

// Used to be: 
// using (var hmac = new HMACSHA256(Encoding.UTF8.GetBytes(password)))

using (var cmac = new AesCmac(Encoding.UTF8.GetBytes(password)))
{
    byte[] derivedKey = new byte[keyLength];
    byte[] block = new byte[cmac.HashSize / 8];
    byte[] temp = new byte[cmac.HashSize / 8];
    int blockCount = (int)Math.Ceiling((double)keyLength / block.Length);

    for (int i = 1; i <= blockCount; i++)
    {
        byte[] intBlock = BitConverter.GetBytes(i);
        if (BitConverter.IsLittleEndian)
        {
            Array.Reverse(intBlock);
        }

        cmac.TransformBlock(salt, 0, salt.Length, salt, 0);
        cmac.TransformFinalBlock(intBlock, 0, intBlock.Length);
        Buffer.BlockCopy(cmac.Hash, 0, temp, 0, temp.Length);

        Buffer.BlockCopy(temp, 0, block, 0, temp.Length);

        for (int j = 1; j < iterations; j++)
        {
            cmac.Initialize();
            temp = cmac.ComputeHash(temp);
            for (int k = 0; k < block.Length; k++)
            {
                block[k] ^= temp[k];
            }
        }

        Buffer.BlockCopy(block, 0, derivedKey, (i - 1) * block.Length, Math.Min(block.Length, derivedKey.Length - (i - 1) * block.Length));
    }

    return derivedKey;
}

}

[arnulfrupp]

I'm answering my own question. After reviewing RFC 4615 I found the following solution:

public static byte[] PBKDF2_AES_CMAC_PRF_128(string password, byte[] salt, int iterations, int keyLength)
{
byte[] zero_key = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 };
byte[] padded_key;

using (var cmac = new AesCmac(zero_key))
{
    padded_key = cmac.ComputeHash(Encoding.UTF8.GetBytes(password));
}

using (var cmac = new AesCmac(padded_key))
{
    byte[] derivedKey = new byte[keyLength];
    byte[] block = new byte[cmac.HashSize / 8];
    byte[] temp = new byte[cmac.HashSize / 8];
    int blockCount = (int)Math.Ceiling((double)keyLength / block.Length);

    for (int i = 1; i <= blockCount; i++)
    {
        byte[] intBlock = BitConverter.GetBytes(i);
        if (BitConverter.IsLittleEndian)
        {
            Array.Reverse(intBlock);
        }

        cmac.TransformBlock(salt, 0, salt.Length, salt, 0);
        cmac.TransformFinalBlock(intBlock, 0, intBlock.Length);
        Buffer.BlockCopy(cmac.Hash, 0, temp, 0, temp.Length);

        Buffer.BlockCopy(temp, 0, block, 0, temp.Length);

        for (int j = 1; j < iterations; j++)
        {
            cmac.Initialize();
            temp = cmac.ComputeHash(temp);
            for (int k = 0; k < block.Length; k++)
            {
                block[k] ^= temp[k];
            }
        }

        Buffer.BlockCopy(block, 0, derivedKey, (i - 1) * block.Length, Math.Min(block.Length, derivedKey.Length - (i - 1) * block.Length));
    }

    return derivedKey;
}

}

[dorssel]

Interesting. I think this would actually be a good addition for this very project. Do you want to contribute?