public static long HashSHA1AsLong(ReadOnlySpan <byte> src) { byte[] hash = Secure.HashSHA1(src); long ret = hash._GetSInt64(); if (ret == 0) { ret = 1; } return(ret); }
public static int HashSHA1AsSInt31(ReadOnlySpan <byte> src) { byte[] hash = Secure.HashSHA1(src); int ret = (int)(hash._GetSInt64() & 0x7fffffffL); if (ret == 0) { ret = 1; } return(ret); }
public static string SaltPassword(string password, byte[]?salt = null) { if (salt == null) { salt = Secure.Rand(PasswordSaltSize); } byte[] pw = password._NonNull()._GetBytes_UTF8(); byte[] src = pw; for (int i = 0; i < PasswordIterations; i++) { src = Secure.HashSHA256(src._CombineByte(salt)); } return(src._CombineByte(salt)._GetHexString()); }
public CertificateOptions(PkiAlgorithm algorithm, string?cn = null, string?o = null, string?ou = null, string?c = null, string?st = null, string?l = null, string?e = null, Memory <byte> serial = default, DateTimeOffset?expires = null, string[]?subjectAltNames = null, PkiShaSize shaSize = PkiShaSize.SHA256, int keyUsages = 0, KeyPurposeID[]?extendedKeyUsages = null) { this.Algorithm = algorithm; this.CN = cn._NonNullTrim(); this.O = o._NonNullTrim(); this.OU = ou._NonNullTrim(); this.C = c._NonNullTrim(); this.ST = st._NonNullTrim(); this.L = l._NonNullTrim(); this.E = e._NonNullTrim(); this.Serial = serial._CloneMemory(); this.ShaSize = shaSize; if (this.Serial.IsEmpty) { this.Serial = Secure.Rand(16); this.Serial.Span[0] = (byte)(this.Serial.Span[0] & 0x7f); } this.Expires = expires ?? Util.MaxDateTimeOffsetValue; this.SubjectAlternativeNames.Add(this.CN); if (keyUsages == 0) { keyUsages = KeyUsage.DigitalSignature | KeyUsage.NonRepudiation | KeyUsage.KeyEncipherment | KeyUsage.DataEncipherment | KeyUsage.KeyCertSign | KeyUsage.CrlSign; } this.KeyUsages = keyUsages; if (extendedKeyUsages == null) { extendedKeyUsages = new KeyPurposeID[] { KeyPurposeID.IdKPServerAuth, KeyPurposeID.IdKPClientAuth, KeyPurposeID.IdKPCodeSigning, KeyPurposeID.IdKPEmailProtection, KeyPurposeID.IdKPIpsecEndSystem, KeyPurposeID.IdKPIpsecTunnel, KeyPurposeID.IdKPIpsecUser, KeyPurposeID.IdKPTimeStamping, KeyPurposeID.IdKPOcspSigning }; } this.ExtendedKeyUsages = extendedKeyUsages; if (subjectAltNames != null) { subjectAltNames.Where(x => x._IsEmpty() == false)._DoForEach(x => this.SubjectAlternativeNames.Add(x.Trim())); } }
public static string JavaScriptEasyStrEncrypt(string?srcString, string?password) { srcString = srcString._NonNull(); password = password._NonNull(); using var aes = Aes.Create(); aes.Mode = CipherMode.CBC; aes.KeySize = 256; aes.BlockSize = 128; aes.Padding = PaddingMode.PKCS7; aes.IV = Secure.HashSHA256(("1" + password)._GetBytes_UTF8()).AsSpan(0, 128 / 8).ToArray(); aes.Key = Secure.HashSHA256(("2" + password)._GetBytes_UTF8()).AsSpan(0, 256 / 8).ToArray(); using var mem = new MemoryStream(); using var enc = aes.CreateEncryptor(); using var stream = new CryptoStream(mem, enc, CryptoStreamMode.Write); stream.Write(srcString._GetBytes_UTF8()); stream.FlushFinalBlock(); return(mem.ToArray()._GetHexString()._JavaScriptSafeStrEncode()); }
public static FullRouteIPInfoCache LoadFromBuf(Buf b) { b.Seek(b.Size - 20, SeekOrigin.Begin); byte[] hash = b.Read(20); b.SeekToBegin(); byte[] hash2 = Secure.HashSHA1(Util.CopyByte(b.ByteData, 0, (int)b.Size - 20)); if (Util.MemEquals(hash, hash2) == false) { throw new ApplicationException("Invalid Hash"); } FullRouteIPInfoCache ret = new FullRouteIPInfoCache(); ret.TimeStamp = new DateTime((long)b.ReadInt64()); int num = (int)b.ReadInt(); int i; for (i = 0; i < num; i++) { FullRouteIPInfoEntry e = new FullRouteIPInfoEntry(); e.From = b.ReadInt(); e.To = b.ReadInt(); e.Registry = b.ReadStr(); e.Assigned = b.ReadInt(); e.Country2 = b.ReadStr(); e.Country3 = b.ReadStr(); e.CountryFull = DeleteSemi(b.ReadStr()); ret.EntryList.Add(e); } ret.EntryList.Sort(); ret.build_country_code_to_name_db(); return(ret); }
// PKCS パディング public static byte[] PkcsPadding(byte[] srcData, int destSize) { int srcSize = srcData.Length; if ((srcSize + 11) > destSize) { throw new OverflowException(); } int randSize = destSize - srcSize - 3; byte[] rand = Secure.Rand(randSize); Buf b = new Buf(); b.WriteByte(0x00); b.WriteByte(0x02); b.Write(rand); b.WriteByte(0x00); b.Write(srcData); return(b.ByteData); }
public Buf SaveToBuf() { Buf b = new Buf(); b.WriteInt64((ulong)this.TimeStamp.Ticks); b.WriteInt((uint)this.EntryList.Count); foreach (FullRouteIPInfoEntry e in this.EntryList) { b.WriteInt(e.From); b.WriteInt(e.To); b.WriteStr(e.Registry); b.WriteInt(e.Assigned); b.WriteStr(e.Country2); b.WriteStr(e.Country3); b.WriteStr(e.CountryFull); } b.Write(Secure.HashSHA1(b.ByteData)); b.SeekToBegin(); return(b); }
public PalX509Certificate(ReadOnlySpan <byte> pkcs12Data, string?password = null) { NativeCertificate = Secure.LoadPkcs12(pkcs12Data.ToArray(), password); InitFields(); }
// リアルタイムバッファ監視タスク async Task EasyRealtimeBufferMainteTaskAsync(CancellationToken cancel) { // delay time int delay = this.Options.EasyRealtimeRecvBufCallbackDelayTickMsecs; delay = Math.Max(delay, 10); int interval = Math.Max(delay / 10, 1); long lastHash = Secure.RandSInt64_Caution(); long lastStableTick = 0; while (cancel.IsCancellationRequested == false && Proc.HasExited == false) { long currentHash; long currentTick; ReadOnlyMemory <byte> currentMemOutput; ReadOnlyMemory <byte> currentMemErr; lock (this.EasyRealtimeBufLock) { MemoryBuffer <byte> tmp = new MemoryBuffer <byte>(); tmp.Write(this.EasyErrRealtimeBuf.Span); tmp.WriteStr("----test----"); tmp.Write(this.EasyOutputRealtimeBuf.Span); currentHash = Secure.HashSHA1AsLong(tmp.Span); currentTick = this.EasyRealtimeBufLastWriteTick; currentMemOutput = this.EasyOutputRealtimeBuf.Clone(); currentMemErr = this.EasyErrRealtimeBuf.Clone(); } bool exit = false; if (lastHash != currentHash) { //Dbg.Where(); lastHash = currentHash; lastStableTick = currentTick; } else { //Dbg.Where($"lastStableTick = {lastStableTick}, currentTick = {Time.Tick64}, lastHash = {lastHash}"); if ((lastStableTick + delay) <= Time.Tick64) { //Dbg.Where("**********"); try { bool ret = await this.Options.EasyRealtimeRecvBufCallbackAsync !(currentMemOutput, currentMemErr); exit = ret; } catch (Exception ex) { ex._Debug(); exit = true; } } } if (exit) { //Dbg.Where(); TaskUtil.StartAsyncTaskAsync(async() => { await Task.Yield(); KillProcessInternal(); await Task.CompletedTask; })._LaissezFaire(true); return; } await cancel._WaitUntilCanceledAsync(interval); } }
public async Task StartWebSocketClientAsync(string uri, CancellationToken cancel = default) { if (Started.IsFirstCall() == false) { throw new ApplicationException("Already started."); } LowerStream.ReadTimeout = Options.TimeoutOpen; LowerStream.WriteTimeout = Options.TimeoutOpen; Uri u = new Uri(uri); HttpRequestMessage req = new HttpRequestMessage(HttpMethod.Get, uri); byte[] nonce = Secure.Rand(16); string requestKey = Convert.ToBase64String(nonce); req.Headers.Add("Host", u.Host); req.Headers.Add("User-Agent", Options.UserAgent); req.Headers.Add("Accept", Consts.MimeTypes.Html); req.Headers.Add("Sec-WebSocket-Version", "13"); req.Headers.Add("Origin", "null"); req.Headers.Add("Sec-WebSocket-Key", requestKey); req.Headers.Add("Connection", "keep-alive, Upgrade"); req.Headers.Add("Pragma", "no-cache"); req.Headers.Add("Cache-Control", "no-cache"); req.Headers.Add("Upgrade", "websocket"); StringWriter tmpWriter = new StringWriter(); tmpWriter.WriteLine($"{req.Method} {req.RequestUri.PathAndQuery} HTTP/1.1"); tmpWriter.WriteLine(req.Headers.ToString()); await LowerStream.WriteAsync(tmpWriter.ToString()._GetBytes_UTF8(), cancel); Dictionary <string, string> headers = new Dictionary <string, string>(StrComparer.IgnoreCaseComparer); int num = 0; int responseCode = 0; StreamReader tmpReader = new StreamReader(LowerStream); while (true) { string line = await TaskUtil.DoAsyncWithTimeout((procCancel) => tmpReader.ReadLineAsync(), timeout : Options.TimeoutOpen, cancel : cancel); if (line == "") { break; } if (num == 0) { string[] tokens = line.Split(' '); if (tokens[0] != "HTTP/1.1") { throw new ApplicationException($"Cannot establish the WebSocket Protocol. Response: \"{tokens}\""); } responseCode = int.Parse(tokens[1]); } else { string[] tokens = line.Split(':'); string name = tokens[0].Trim(); string value = tokens[1].Trim(); headers[name] = value; } num++; } if (responseCode != 101) { throw new ApplicationException($"Cannot establish the WebSocket Protocol. Perhaps the destination host does not support WebSocket. Wrong response code: \"{responseCode}\""); } if (headers["Upgrade"].Equals("websocket", StringComparison.InvariantCultureIgnoreCase) == false) { throw new ApplicationException($"Wrong Upgrade header: \"{headers["Upgrade"]}\""); } string acceptKey = headers["Sec-WebSocket-Accept"]; string keyCalcStr = requestKey + "258EAFA5-E914-47DA-95CA-C5AB0DC85B11"; SHA1 sha1 = new SHA1Managed(); string acceptKey2 = Convert.ToBase64String(sha1.ComputeHash(keyCalcStr._GetBytes_Ascii())); if (acceptKey != acceptKey2) { throw new ApplicationException($"Wrong accept_key: \'{acceptKey}\'"); } this.SendTask = SendLoopAsync(); this.RecvTask = RecvLoopAsync(); }
void InitFields() { byte[] publicKeyBytes = this.CertData.CertificateStructure.SubjectPublicKeyInfo.GetDerEncoded(); this.PublicKey = new PubKey(publicKeyBytes); HashSet <string> dnsNames = new HashSet <string>(); ICollection altNamesList = this.CertData.GetSubjectAlternativeNames(); if (altNamesList != null) { try { foreach (List <object>?altName in altNamesList) { if (altName != null) { try { int type = (int)altName[0]; if (type == GeneralName.DnsName) { string value = (string)altName[1]; dnsNames.Add(value.ToLower()); } } catch { } } } } catch { } } IList subjectKeyList = this.CertData.SubjectDN.GetOidList(); IList subjectValuesList = this.CertData.SubjectDN.GetValueList(); if (subjectKeyList != null && subjectValuesList != null) { for (int i = 0; i < subjectKeyList.Count; i++) { try { DerObjectIdentifier?key = (DerObjectIdentifier?)subjectKeyList[i]; string?value = (string?)subjectValuesList[i]; if (key != null && value != null) { if (key.Equals(X509Name.CN)) { dnsNames.Add(value.ToLower()); } } } catch { } } } this.HostNameListInternal = new List <CertificateHostName>(); foreach (string fqdn in dnsNames) { HostNameListInternal.Add(new CertificateHostName(fqdn)); } byte[] der = this.CertData.GetEncoded(); this.DigestSHA1Data = Secure.HashSHA1(der); this.DigestSHA1Str = this.DigestSHA1Data._GetHexString(); this.DigestSHA256Data = Secure.HashSHA256(der); this.DigestSHA256Str = this.DigestSHA256Data._GetHexString(); this.DigestSHA512Data = Secure.HashSHA512(der); this.DigestSHA512Str = this.DigestSHA512Data._GetHexString(); }
public SeedBasedRandomGenerator(ReadOnlySpan <byte> seed) { seedPlusSeqNo = new MemoryBuffer <byte>(); seedPlusSeqNo.WriteSInt64(0); seedPlusSeqNo.Write(Secure.HashSHA256(seed)); }
public byte[] CalcThumbprint() { string str = this._ObjectToJson(includeNull: false, compact: true); return(Secure.HashSHA256(str._GetBytes_UTF8())); }
protected override async Task InitMetadataImplAsync(CancellationToken cancel = default) { Memory <byte> firstSectorData = new byte[XtsAesMetaDataSize]; // ヘッダの読み込みを試行する int readSize = await this.PhysicalReadAsync(0, firstSectorData, cancel); if (readSize == XtsAesMetaDataSize) { var metaDataParseResult = TryParseMetaData(firstSectorData); metaDataParseResult.ThrowIfException(); var metaData = metaDataParseResult.Value !; // パスワード検査 if (Secure.VeritySaltedPassword(metaData.SaltedPassword, this.CurrentPassword) == false) { throw new CoresException("XtsAesRandomAccess: Incorrect password."); } // 秘密鍵解読 var decrypted = ChaChaPoly.EasyDecryptWithPassword(metaData.MasterKeyEncryptedByPassword._GetHexBytes(), this.CurrentPassword); decrypted.ThrowIfException(); // 秘密鍵サイズ検査 if (decrypted.Value.Length != XtsAesKeySize) { throw new CoresException("XtsAesRandomAccess: decrypted.Value.Length != XtsAesKeySize"); } this.CurrentMasterKey = decrypted.Value; this.CurrentMetaData = metaData; } else if (readSize == 0) { // ファイルの内容が存在しない // マスターキーを新規作成する this.CurrentMasterKey = Secure.Rand(XtsAesKeySize); // メタデータを新規作成する var metaData = new XtsAesRandomAccessMetaData { Version = 1, VirtualSize = 0, SaltedPassword = Secure.SaltPassword(this.CurrentPassword), MasterKeyEncryptedByPassword = ChaChaPoly.EasyEncryptWithPassword(this.CurrentMasterKey, this.CurrentPassword)._GetHexString(), }; this.CurrentMetaData = metaData; // メタデータを書き込みする await WriteMetaDataAsync(cancel); } else { // 不正 ここには来ないはず throw new CoresException($"XtsAesRandomAccess: Invalid readSize: {readSize}"); } // XTS を作成 this.CurrentXts = XtsAes256.Create(this.CurrentMasterKey.ToArray()); this.CurrentEncrypter = this.CurrentXts.CreateEncryptor(); this.CurrentDescrypter = this.CurrentXts.CreateDecryptor(); }