public byte[] HMACSignBinary(byte[] data, byte[] key, SigningAlgorithm algorithmName)
{
KeyedHashAlgorithm algorithm = CreateKeyedHashAlgorithm(algorithmName);
if (key == null || key.Length == 0)
{
throw new ArgumentNullException("key", "Please specify a Secret Signing Key.");
}
if (data == null || data.Length == 0)
{
throw new ArgumentNullException("data", "Please specify data to sign.");
}
if (null == algorithm)
{
throw new ArgumentNullException("algorithm", "Please specify a KeyedHashAlgorithm to use.");
}
try
{
algorithm.Key = key;
byte[] bytes = algorithm.ComputeHash(data);
return(bytes);
}
finally
{
algorithm.Clear();
}
}
/// <summary>バイト配列のハッシュ値を計算して返す。</summary>
/// <param name="asb">バイト配列</param>
/// <param name="ekha">ハッシュ(キー付き)アルゴリズム列挙型</param>
/// <param name="password">使用するパスワード</param>
/// <param name="salt">ソルト</param>
/// <param name="stretchCount">ストレッチ回数</param>
/// <returns>ハッシュ値(バイト配列)</returns>
public static byte[] GetKeyedHashBytes(byte[] asb, EnumKeyedHashAlgorithm ekha, string password, byte[] salt, int stretchCount)
{
// キーを生成する。
Rfc2898DeriveBytes passwordKey = new Rfc2898DeriveBytes(password, salt, stretchCount);
// HMACMD5 :どのサイズのキーでも受け入れる ◯
// HMACRIPEMD160:どのサイズのキーでも受け入れる ◯
// HMACSHA1 :どのサイズのキーでも受け入れる ◯
// HMACSHA256 :どのサイズのキーでも受け入れる ◯
// HMACSHA384 :どのサイズのキーでも受け入れる ◯
// HMACSHA512 :どのサイズのキーでも受け入れる ◯
// MACTripleDES :長さが 16 または 24 バイトのキーを受け入れる
// ハッシュ(キー付き)サービスプロバイダを生成
KeyedHashAlgorithm kha = GetKeyedHash.CreateKeyedHashAlgorithmServiceProvider(
ekha,
passwordKey.GetBytes(24) // 上記より、24 決め打ちとする。
);
// ハッシュ(キー付き)を生成して返す。
byte[] temp = kha.ComputeHash(asb);
kha.Clear(); // devps(1725)
return(temp);
}
/// <summary>
/// Computes RFC 2104-compliant HMAC signature
/// </summary>
/// <param name="data">The data to be signed</param>
/// <param name="key">The secret signing key</param>
/// <param name="algorithm">The algorithm to sign the data with</param>
/// <exception cref="T:System.ArgumentNullException"/>
/// <returns>A string representing the HMAC signature</returns>
public static string HMACSign(byte[] data, string key, KeyedHashAlgorithm algorithm)
{
if (String.IsNullOrEmpty(key))
{
throw new ArgumentNullException("key", "Please specify a Secret Signing Key.");
}
if (data == null || data.Length == 0)
{
throw new ArgumentNullException("data", "Please specify data to sign.");
}
if (null == algorithm)
{
throw new ArgumentNullException("algorithm", "Please specify a KeyedHashAlgorithm to use.");
}
try
{
algorithm.Key = Encoding.UTF8.GetBytes(key);
byte[] bytes = algorithm.ComputeHash(data);
return(Convert.ToBase64String(bytes));
}
finally
{
algorithm.Clear();
}
}
public string HMACSign(byte[] data, string key, SigningAlgorithm algorithmName)
{
if (string.IsNullOrEmpty(key))
{
throw new ArgumentNullException("key", "Please specify a Secret Signing Key.");
}
if (data == null || data.Length == 0)
{
throw new ArgumentNullException("data", "Please specify data to sign.");
}
KeyedHashAlgorithm keyedHashAlgorithm = ThreadSafeCreateKeyedHashedAlgorithm(algorithmName);
if (keyedHashAlgorithm != null)
{
try
{
keyedHashAlgorithm.Key = Encoding.UTF8.GetBytes(key);
return(Convert.ToBase64String(keyedHashAlgorithm.ComputeHash(data)));
}
finally
{
keyedHashAlgorithm.Clear();
}
}
throw new InvalidOperationException("Please specify a KeyedHashAlgorithm to use.");
}
/// <summary>
/// Clear memory and dispose of the HMAC algorithm.
/// </summary>
public void Cleanup()
{
Security.Clear(_saltBuffer);
Security.Clear(_digest);
Security.Clear(_digestT1);
_hmacAlgorithm.Clear();
}
public static string HMACSign(string data, SecureString key, KeyedHashAlgorithm algorithm)
{
string str;
if (key == null)
{
throw new ArgumentNullException("key", "Please specify a Secret Signing Key.");
}
if (string.IsNullOrEmpty(data))
{
throw new ArgumentNullException("data", "Please specify data to sign.");
}
if (algorithm == null)
{
throw new ArgumentNullException("algorithm", "Please specify a KeyedHashAlgorithm to use.");
}
IntPtr zero = IntPtr.Zero;
char[] destination = new char[key.Length];
try
{
zero = Marshal.SecureStringToBSTR(key);
Marshal.Copy(zero, destination, 0, destination.Length);
algorithm.Key = Encoding.UTF8.GetBytes(destination);
str = Convert.ToBase64String(algorithm.ComputeHash(Encoding.UTF8.GetBytes(data.ToCharArray())));
}
finally
{
Marshal.ZeroFreeBSTR(zero);
algorithm.Clear();
Array.Clear(destination, 0, destination.Length);
}
return(str);
}
public static string getPassword(string sk)
{
TimeSpan ts = DateTime.UtcNow - EPOCH_START;
long timestamp = Convert.ToInt64(ts.TotalMilliseconds);
KeyedHashAlgorithm algorithm = KeyedHashAlgorithm.Create("HMACSHA1");
if (null == algorithm)
{
throw new InvalidOperationException("HMACSHA1 not exist!");
}
try
{
algorithm.Key = Encoding.UTF8.GetBytes(timestamp.ToString());
byte[] bytes = algorithm.ComputeHash(Encoding.UTF8.GetBytes(sk));
string signature = byteArrayToUpperString(bytes);
// Console.WriteLine(signature);
StringBuilder data = new StringBuilder(64);
data.Append(signature).Append(COLON).Append(timestamp);
return(Convert.ToBase64String(Encoding.UTF8.GetBytes(data.ToString())));
}
finally
{
algorithm.Clear();
}
}
public byte[] HMACSignBinary(byte[] data, byte[] key, SigningAlgorithm algorithmName)
{
if (key == null || key.Length == 0)
{
throw new ArgumentNullException("key", "Please specify a Secret Signing Key.");
}
if (data == null || data.Length == 0)
{
throw new ArgumentNullException("data", "Please specify data to sign.");
}
KeyedHashAlgorithm keyedHashAlgorithm = ThreadSafeCreateKeyedHashedAlgorithm(algorithmName);
if (keyedHashAlgorithm != null)
{
try
{
keyedHashAlgorithm.Key = key;
return(keyedHashAlgorithm.ComputeHash(data));
}
finally
{
keyedHashAlgorithm.Clear();
}
}
throw new InvalidOperationException("Please specify a KeyedHashAlgorithm to use.");
}
/// <summary>
/// Computes a hash-based message authentication code
/// </summary>
/// <param name="data">Input to compute the hash code for</param>
/// <param name="key">Signing key</param>
/// <param name="algorithmName">Hashing algorithm to use</param>
/// <returns>Computed hash code in base-64</returns>
public string HMACSign(byte[] data, string key, SigningAlgorithm algorithmName)
{
if (String.IsNullOrEmpty(key))
{
throw new ArgumentNullException("key", "Please specify a Secret Signing Key.");
}
if (data == null || data.Length == 0)
{
throw new ArgumentNullException("data", "Please specify data to sign.");
}
KeyedHashAlgorithm algorithm = KeyedHashAlgorithm.Create(algorithmName.ToString().ToUpper(CultureInfo.InvariantCulture));
if (null == algorithm)
{
throw new InvalidOperationException("Please specify a KeyedHashAlgorithm to use.");
}
try
{
algorithm.Key = Encoding.UTF8.GetBytes(key);
byte[] bytes = algorithm.ComputeHash(data);
return(Convert.ToBase64String(bytes));
}
finally
{
algorithm.Clear();
}
}
/// <summary>
/// Computes a hash-based message authentication code
/// </summary>
/// <param name="data">Input to compute the hash code for</param>
/// <param name="key">Signing key</param>
/// <param name="algorithmName">Hashing algorithm to use</param>
/// <returns>Computed hash code in bytes</returns>
public byte[] HMACSignBinary(byte[] data, byte[] key, SigningAlgorithm algorithmName)
{
if (key == null || key.Length == 0)
{
throw new ArgumentNullException("key", "Please specify a Secret Signing Key.");
}
if (data == null || data.Length == 0)
{
throw new ArgumentNullException("data", "Please specify data to sign.");
}
KeyedHashAlgorithm algorithm = KeyedHashAlgorithm.Create(algorithmName.ToString().ToUpper(CultureInfo.InvariantCulture));
if (null == algorithm)
{
throw new InvalidOperationException("Please specify a KeyedHashAlgorithm to use.");
}
try
{
algorithm.Key = key;
byte[] bytes = algorithm.ComputeHash(data);
return(bytes);
}
finally
{
algorithm.Clear();
}
}
private byte[] SignData(byte[] cipherText, byte[] masterKey, SymmetricAlgorithm symmetricAlgorithm, KeyedHashAlgorithm hashAlgorithm, int keyDerivationIterationCount)
{
hashAlgorithm.Key = DerivedSigningKey(masterKey, symmetricAlgorithm, keyDerivationIterationCount);
byte[] signature = hashAlgorithm.ComputeHash(cipherText);
hashAlgorithm.Clear();
return(signature);
}
/// <summary>
/// Closes the stream, clearing memory and disposing of the HMAC algorithm.
/// </summary>
public override void Close()
{
Security.Clear(_saltBuffer);
Security.Clear(_digest);
Security.Clear(_digestT1);
_hmacAlgorithm.Clear();
}
public static string HMACSign(string data, string key, KeyedHashAlgorithm algorithm)
{
string str;
if (string.IsNullOrEmpty(key))
{
throw new ArgumentNullException("key", "Please specify a Secret Signing Key.");
}
if (string.IsNullOrEmpty(data))
{
throw new ArgumentNullException("data", "Please specify data to sign.");
}
if (algorithm == null)
{
throw new ArgumentNullException("algorithm", "Please specify a KeyedHashAlgorithm to use.");
}
try
{
algorithm.Key = Encoding.UTF8.GetBytes(key);
str = Convert.ToBase64String(algorithm.ComputeHash(Encoding.UTF8.GetBytes(data)));
}
finally
{
algorithm.Clear();
}
return(str);
}
/// <summary>
/// Closes the stream, clearing memory and disposing of the HMAC algorithm.
/// </summary>
public override void Close()
{
NBitcoin.Crypto.Internal.Security.Clear(_saltBuffer);
NBitcoin.Crypto.Internal.Security.Clear(_digest);
NBitcoin.Crypto.Internal.Security.Clear(_digestT1);
_hmacAlgorithm.Clear();
}
/// <summary>バイト配列のハッシュ値を計算して返す。</summary>
/// <param name="data">データ(バイト配列)</param>
/// <param name="ekha">ハッシュ(キー付き)アルゴリズム列挙型</param>
/// <param name="key">キー(バイト配列)</param>
/// <returns>ハッシュ値(バイト配列)</returns>
public static byte[] GetKeyedHashBytes(byte[] data, EnumKeyedHashAlgorithm ekha, byte[] key)
{
// HMACMD5 :どのサイズのキーでも受け入れる ◯
// HMACRIPEMD160:どのサイズのキーでも受け入れる ◯
// HMACSHA1 :どのサイズのキーでも受け入れる ◯
// HMACSHA256 :どのサイズのキーでも受け入れる ◯
// HMACSHA384 :どのサイズのキーでも受け入れる ◯
// HMACSHA512 :どのサイズのキーでも受け入れる ◯
// MACTripleDES :長さが 16 または 24 バイトのキーを受け入れる
if (ekha == EnumKeyedHashAlgorithm.MACTripleDES)
{
if (24 <= key.Length)
{
key = ArrayOperator.ShortenByteArray(key, 24);
}
else if (16 <= key.Length)
{
key = ArrayOperator.ShortenByteArray(key, 16);
}
else
{
throw new ArgumentException(
PublicExceptionMessage.ARGUMENT_INCORRECT, "byte[] key");
}
}
#if NETSTD
// NETSTDの場合の実装
if (ekha == EnumKeyedHashAlgorithm.HMACRIPEMD160)
{
return(GetKeyedHash.GetMacBytesByBC(
data, key, new HMac(new RipeMD160Digest())));
}
else if (ekha == EnumKeyedHashAlgorithm.MACTripleDES)
{
return(GetKeyedHash.GetMacBytesByBC(
data, key, new CbcBlockCipherMac(new DesEdeEngine(), 64)));
}
#endif
// ハッシュ(キー付き)サービスプロバイダを生成
KeyedHashAlgorithm kha = HashAlgorithmCmnFunc.
CreateKeyedHashAlgorithmSP(ekha, key);
// ハッシュ(キー付き)を生成して返す。
byte[] temp = kha.ComputeHash(data);
kha.Clear(); // devps(1725)
return(temp);
}
/// <summary>
/// Signs data
/// </summary>
private static byte[] SignData(string password, byte[] data, byte[] salt, SymmetricAlgorithm encryptator, KeyedHashAlgorithm signer)
{
// Get key
signer.Key = KeyDerivation.Pbkdf2(password, salt, KeyDerivationPrf.HMACSHA512, KeyDerivationIterationCount, encryptator.KeySize / 8);
// Compute hash
byte[] signature = signer.ComputeHash(data);
// Clear the algorithm
signer.Clear();
// Return data
return(signature);
}
public static byte[] HashDataWithKey(KeyedHashAlgorithms keyedHashAlgorithm, byte[] inputBytes, byte[] keyBytes)
{
byte[] result;
using (KeyedHashAlgorithm algorithm = GetKeyedHashAlgorithm(keyedHashAlgorithm))
{
algorithm.Key = keyBytes;
result = algorithm.ComputeHash(inputBytes);
algorithm.Clear();
}
return(result);
}
protected virtual void Dispose(bool disposing)
{
if (!_isDisposed)
{
if (disposing)
{
// Dispose managed resources.
if (_algorithm != null)
{
_algorithm.Clear();
}
}
// Dispose unmanaged resources.
}
_isDisposed = true;
}
/// <summary>バイト配列のハッシュ値を計算して返す。</summary>
/// <param name="asb">バイト配列</param>
/// <param name="ekha">ハッシュ(キー付き)アルゴリズム列挙型</param>
/// <param name="password">使用するパスワード</param>
/// <param name="salt">ソルト</param>
/// <param name="stretchCount">ストレッチ回数</param>
/// <returns>ハッシュ値(バイト配列)</returns>
private static byte[] GetKeyedHashBytes(byte[] asb, EnumKeyedHashAlgorithm ekha, string password, byte[] salt, int stretchCount)
{
// キーを生成する。
Rfc2898DeriveBytes passwordKey = new Rfc2898DeriveBytes(password, salt, stretchCount);
// HMACMD5 :どのサイズのキーでも受け入れる ◯
// HMACRIPEMD160:どのサイズのキーでも受け入れる ◯
// HMACSHA1 :どのサイズのキーでも受け入れる ◯
// HMACSHA256 :どのサイズのキーでも受け入れる ◯
// HMACSHA384 :どのサイズのキーでも受け入れる ◯
// HMACSHA512 :どのサイズのキーでも受け入れる ◯
// MACTripleDES :長さが 16 または 24 バイトのキーを受け入れる
// ハッシュ(キー付き)サービスプロバイダを生成
#if NETSTD
// NETSTDの場合の実装
if (ekha == EnumKeyedHashAlgorithm.HMACRIPEMD160)
{
return(GetKeyedHash.GetMacBytesByBC(
asb, passwordKey.GetBytes(24), new HMac(new RipeMD160Digest())));
}
else if (ekha == EnumKeyedHashAlgorithm.MACTripleDES)
{
return(GetKeyedHash.GetMacBytesByBC(
asb, passwordKey.GetBytes(24), new CbcBlockCipherMac(new DesEdeEngine(), 64)));
}
#endif
KeyedHashAlgorithm kha = HashAlgorithmCmnFunc.CreateKeyedHashAlgorithmSP(
ekha,
passwordKey.GetBytes(24) // 上記より、24 決め打ちとする。
);
// ハッシュ(キー付き)を生成して返す。
byte[] temp = kha.ComputeHash(asb);
kha.Clear(); // devps(1725)
return(temp);
}
private static byte[] GetPayloadSignature(
byte[] encryptedPayload,
byte[] iv,
byte[] masterKey,
int symmetricAlgorithmKeySize,
KeyedHashAlgorithm hashAlgorithm,
int keyDerivationIterationCount)
{
var payloadAndIvBuffer = new byte[encryptedPayload.Length + iv.Length];
Buffer.BlockCopy(encryptedPayload, 0, payloadAndIvBuffer, 0, encryptedPayload.Length);
Buffer.BlockCopy(iv, 0, payloadAndIvBuffer, encryptedPayload.Length, iv.Length);
hashAlgorithm.Key = GenerateSigningKey(masterKey, symmetricAlgorithmKeySize, keyDerivationIterationCount);
byte[] signature = hashAlgorithm.ComputeHash(payloadAndIvBuffer);
hashAlgorithm.Clear();
return(signature);
}
/// <summary>
/// Computes RFC 2104-compliant HMAC signature
/// </summary>
/// <param name="data">The data to be signed</param>
/// <param name="key">The secret signing key</param>
/// <param name="algorithm">The algorithm to sign the data with</param>
/// <exception cref="T:System.ArgumentNullException"/>
/// <returns>A string representing the HMAC signature</returns>
public static string HMACSign(string data, System.Security.SecureString key, KeyedHashAlgorithm algorithm)
{
if (null == key)
{
throw new ArgumentNullException("key", "The AWS Secret Access Key specified is NULL!");
}
if (String.IsNullOrEmpty(data))
{
throw new ArgumentNullException("data", "Please specify data to sign.");
}
if (null == algorithm)
{
throw new ArgumentNullException("algorithm", "Please specify a KeyedHashAlgorithm to use.");
}
// pointer to hold unmanaged reference to SecureString instance
IntPtr bstr = IntPtr.Zero;
char[] charArray = new char[key.Length];
try
{
// Marshal SecureString into byte array
bstr = Marshal.SecureStringToBSTR(key);
Marshal.Copy(bstr, charArray, 0, charArray.Length);
algorithm.Key = Encoding.UTF8.GetBytes(charArray);
return(Convert.ToBase64String(algorithm.ComputeHash(
Encoding.UTF8.GetBytes(data.ToCharArray()))
));
}
finally
{
// Make sure that the clear text data is zeroed out
Marshal.ZeroFreeBSTR(bstr);
algorithm.Clear();
Array.Clear(charArray, 0, charArray.Length);
}
}
public static byte[] ComputeCombinedKey(
byte[] requestorEntropy,
byte[] issuerEntropy,
int keySizeInBits)
{
if (requestorEntropy == null)
{
throw new ArgumentNullException(nameof(requestorEntropy));
}
if (issuerEntropy == null)
{
throw new ArgumentNullException(nameof(issuerEntropy));
}
int length = ValidateKeySizeInBytes(keySizeInBits);
byte[] numArray1 = new byte[length];
using (KeyedHashAlgorithm keyedHashAlgorithm = NewHmacSha1KeyedHashAlgorithm())
{
keyedHashAlgorithm.Key = requestorEntropy;
byte[] buffer1 = issuerEntropy;
byte[] buffer2 = new byte[keyedHashAlgorithm.HashSize / 8 + buffer1.Length];
byte[] numArray2 = (byte[])null;
try
{
int num = 0;
label_10:
while (num < length)
{
keyedHashAlgorithm.Initialize();
buffer1 = keyedHashAlgorithm.ComputeHash(buffer1);
buffer1.CopyTo((Array)buffer2, 0);
issuerEntropy.CopyTo((Array)buffer2, buffer1.Length);
keyedHashAlgorithm.Initialize();
numArray2 = keyedHashAlgorithm.ComputeHash(buffer2);
int index = 0;
while (true)
{
if (index < numArray2.Length && num < length)
{
numArray1[num++] = numArray2[index];
++index;
}
else
{
goto label_10;
}
}
}
}
catch
{
Array.Clear((Array)numArray1, 0, numArray1.Length);
throw;
}
finally
{
if (numArray2 != null)
{
Array.Clear((Array)numArray2, 0, numArray2.Length);
}
Array.Clear((Array)buffer2, 0, buffer2.Length);
keyedHashAlgorithm.Clear();
}
}
return(numArray1);
}
private void DisposeHmac()
{
_hmacAlgorithm.Clear();
}
public void Dispose()
{
Hash.Clear();
}
