static byte[] MFcrypt(byte[] P, byte[] S, int cost, int blockSize, int parallel, int?maxThreads) { int MFLen = blockSize * 128; if (maxThreads == null) { maxThreads = int.MaxValue; } if (!BitMath.IsPositivePowerOf2(cost)) { throw Exceptions.ArgumentOutOfRange("cost", "Cost must be a positive power of 2."); } Check.Range("blockSize", blockSize, 1, int.MaxValue / 128); Check.Range("parallel", parallel, 1, int.MaxValue / MFLen); Check.Range("maxThreads", (int)maxThreads, 1, int.MaxValue); byte[] B = Pbkdf2.ComputeDerivedKey(new HMACSHA256(P), S, 1, parallel * MFLen); uint[] B0 = new uint[B.Length / 4]; for (int i = 0; i < B0.Length; i++) { B0[i] = BitPacking.UInt32FromLEBytes(B, i * 4); } // code is easier with uint[] ThreadSMixCalls(B0, MFLen, cost, blockSize, parallel, (int)maxThreads); for (int i = 0; i < B0.Length; i++) { BitPacking.LEBytesFromUInt32(B0[i], B, i * 4); } Security.Clear(B0); return(B); }
internal static Pbkdf2 GetStream(byte[] key, byte[] salt, int cost, int blockSize, int parallel, int?maxThreads) { byte[] B = GetEffectivePbkdf2Salt(key, salt, cost, blockSize, parallel, maxThreads); Pbkdf2 kdf = new Pbkdf2(new HMACSHA256(key), B, 1); Security.Clear(B); return(kdf); }
public static byte[] ComputeDerivedKey(KeyedHashAlgorithm hmacAlgorithm, byte[] salt, int iterations, int derivedKeyLength) { NBitcoin.Crypto.Internal.Check.Range("derivedKeyLength", derivedKeyLength, 0, int.MaxValue); using (Pbkdf2 kdf = new Pbkdf2(hmacAlgorithm, salt, iterations)) { return(kdf.Read(derivedKeyLength)); } }
/// <summary> /// Computes a derived key. /// </summary> /// <param name="hmacAlgorithm"> /// </param> /// <param name="salt"> /// The salt. /// A unique salt means a unique derived key, even if the original key is identical. /// </param> /// <param name="iterations">The number of iterations to apply.</param> /// <param name="derivedKeyLength">The desired length of the derived key.</param> /// <returns>The derived key.</returns> #if NETCORE public static byte[] ComputeDerivedKey(IMac hmacAlgorithm, byte[] salt, int iterations, int derivedKeyLength) { Internal.Check.Range("derivedKeyLength", derivedKeyLength, 0, int.MaxValue); using (var kdf = new Pbkdf2(hmacAlgorithm, salt, iterations)) { return(kdf.Read(derivedKeyLength)); } }
public static byte[] ComputeDerivedKey(byte[] key, byte[] salt, int cost, int blockSize, int parallel, int?maxThreads, int derivedKeyLength) { Check.Range("derivedKeyLength", derivedKeyLength, 0, int.MaxValue); using (Pbkdf2 kdf = GetStream(key, salt, cost, blockSize, parallel, maxThreads)) { return(kdf.Read(derivedKeyLength)); } }
internal static Pbkdf2 GetStream(byte[] key, byte[] salt, int cost, int blockSize, int parallel, int?maxThreads) { byte[] B = GetEffectivePbkdf2Salt(key, salt, cost, blockSize, parallel, maxThreads); var mac = new NBitcoin.BouncyCastle.Crypto.Macs.HMac(new NBitcoin.BouncyCastle.Crypto.Digests.Sha256Digest()); mac.Init(new KeyParameter(key)); Pbkdf2 kdf = new Pbkdf2(mac, B, 1); Security.Clear(B); return(kdf); }
public static Pbkdf2 GetStream(byte[] key, byte[] salt, int cost, int blockSize, int parallel, int?maxThreads) { byte[] B = GetEffectivePbkdf2Salt(key, salt, cost, blockSize, parallel, maxThreads); var mac = MacUtilities.GetMac("HMAC-SHA_256"); mac.Init(new KeyParameter(key)); Pbkdf2 kdf = new Pbkdf2(mac, B, 1); Security.Clear(B); return(kdf); }
static byte[] MFcrypt(byte[] P, byte[] S, int cost, int blockSize, int parallel, int?maxThreads) { int MFLen = blockSize * 128; if (maxThreads == null) { maxThreads = int.MaxValue; } if (!BitMath.IsPositivePowerOf2(cost)) { throw Exceptions.ArgumentOutOfRange("cost", "Cost must be a positive power of 2."); } Check.Range("blockSize", blockSize, 1, int.MaxValue / 128); Check.Range("parallel", parallel, 1, int.MaxValue / MFLen); Check.Range("maxThreads", (int)maxThreads, 1, int.MaxValue); #if NO_NATIVE_HMACSHA512 var mac = new NBitcoin.BouncyCastle.Crypto.Macs.HMac(new NBitcoin.BouncyCastle.Crypto.Digests.Sha256Digest()); mac.Init(new KeyParameter(P)); byte[] B = Pbkdf2.ComputeDerivedKey(mac, S, 1, parallel * MFLen); #elif NO_NATIVE_RFC2898_HMACSHA512 byte[] B = Pbkdf2.ComputeDerivedKey(new HMACSHA256(P), S, 1, parallel * MFLen); #else byte[] B = null; if (S.Length >= 8) { // While we should be able to use Rfc2898DeriveBytes if salt is less than 8 bytes, it sadly does not accept salt less than 8 bytes needed for BIP38 using System.Security.Cryptography.Rfc2898DeriveBytes derive = new System.Security.Cryptography.Rfc2898DeriveBytes(P, S, 1, System.Security.Cryptography.HashAlgorithmName.SHA256); B = derive.GetBytes(parallel * MFLen); } else { B = Pbkdf2.ComputeDerivedKey(new HMACSHA256(P), S, 1, parallel * MFLen); } #endif uint[] B0 = new uint[B.Length / 4]; for (int i = 0; i < B0.Length; i++) { B0[i] = BitPacking.UInt32FromLEBytes(B, i * 4); } // code is easier with uint[] ThreadSMixCalls(B0, MFLen, cost, blockSize, parallel, (int)maxThreads); for (int i = 0; i < B0.Length; i++) { BitPacking.LEBytesFromUInt32(B0[i], B, i * 4); } Security.Clear(B0); return(B); }
/// <summary> /// Computes a derived key. /// </summary> /// <param name="key">The key to derive from.</param> /// <param name="salt"> /// The salt. /// A unique salt means a unique SCrypt stream, even if the original key is identical. /// </param> /// <param name="cost"> /// The cost parameter, typically a fairly large number such as 262144. /// Memory usage and CPU time scale approximately linearly with this parameter. /// </param> /// <param name="blockSize"> /// The mixing block size, typically 8. /// Memory usage and CPU time scale approximately linearly with this parameter. /// </param> /// <param name="parallel"> /// The level of parallelism, typically 1. /// CPU time scales approximately linearly with this parameter. /// </param> /// <param name="maxThreads"> /// The maximum number of threads to spawn to derive the key. /// This is limited by the <paramref name="parallel"/> value. /// <c>null</c> will use as many threads as possible. /// </param> /// <param name="derivedKeyLength">The desired length of the derived key.</param> /// <returns>The derived key.</returns> public static byte[] ComputeDerivedKey(byte[] key, byte[] salt, int cost, int blockSize, int parallel, int?maxThreads, int derivedKeyLength) { Check.Range("derivedKeyLength", derivedKeyLength, 0, int.MaxValue); #if NO_NATIVE_RFC2898_HMACSHA512 || NO_NATIVE_HMACSHA512 using (Pbkdf2 kdf = GetStream(key, salt, cost, blockSize, parallel, maxThreads)) { return(kdf.Read(derivedKeyLength)); } #else byte[] B = GetEffectivePbkdf2Salt(key, salt, cost, blockSize, parallel, maxThreads); using System.Security.Cryptography.Rfc2898DeriveBytes derive = new System.Security.Cryptography.Rfc2898DeriveBytes(key, B, 1, System.Security.Cryptography.HashAlgorithmName.SHA256); Security.Clear(B); return(derive.GetBytes(derivedKeyLength)); #endif }
static byte[] MFcrypt(byte[] P, byte[] S, int cost, int blockSize, int parallel, int?maxThreads) { int MFLen = blockSize * 128; if (maxThreads == null) { maxThreads = int.MaxValue; } if (!BitMath.IsPositivePowerOf2(cost)) { throw Exceptions.ArgumentOutOfRange("cost", "Cost must be a positive power of 2."); } Check.Range("blockSize", blockSize, 1, int.MaxValue / 128); Check.Range("parallel", parallel, 1, int.MaxValue / MFLen); Check.Range("maxThreads", (int)maxThreads, 1, int.MaxValue); #if !(USEBC || NETSTANDARD1X) byte[] B = Pbkdf2.ComputeDerivedKey(new HMACSHA256(P), S, 1, parallel * MFLen); #else var mac = new NBitcoin.BouncyCastle.Crypto.Macs.HMac(new NBitcoin.BouncyCastle.Crypto.Digests.Sha256Digest()); mac.Init(new KeyParameter(P)); byte[] B = Pbkdf2.ComputeDerivedKey(mac, S, 1, parallel * MFLen); #endif uint[] B0 = new uint[B.Length / 4]; for (int i = 0; i < B0.Length; i++) { B0[i] = BitPacking.UInt32FromLEBytes(B, i * 4); } // code is easier with uint[] ThreadSMixCalls(B0, MFLen, cost, blockSize, parallel, (int)maxThreads); for (int i = 0; i < B0.Length; i++) { BitPacking.LEBytesFromUInt32(B0[i], B, i * 4); } Security.Clear(B0); return(B); }
public static Pbkdf2 GetStream(byte[] key, byte[] salt, int cost, int blockSize, int parallel, int? maxThreads) { byte[] B = GetEffectivePbkdf2Salt(key, salt, cost, blockSize, parallel, maxThreads); var mac = MacUtilities.GetMac("HMAC-SHA_256"); mac.Init(new KeyParameter(key)); Pbkdf2 kdf = new Pbkdf2(mac, B, 1); Security.Clear(B); return kdf; }
/// <summary> /// Creates a derived key stream from which a derived key can be read. /// </summary> /// <param name="key">The key to derive from.</param> /// <param name="salt"> /// The salt. /// A unique salt means a unique scrypt stream, even if the original key is identical. /// </param> /// <param name="cost"> /// The cost parameter, typically a fairly large number such as 262144. /// Memory usage and CPU time scale approximately linearly with this parameter. /// </param> /// <param name="blockSize"> /// The mixing block size, typically 8. /// Memory usage and CPU time scale approximately linearly with this parameter. /// </param> /// <param name="parallel"> /// The level of parallelism, typically 1. /// CPU time scales approximately linearly with this parameter. /// </param> /// <param name="maxThreads"> /// The maximum number of threads to spawn to derive the key. /// This is limited by the <paramref name="parallel"/> value. /// <c>null</c> will use as many threads as possible. /// </param> /// <returns>The derived key stream.</returns> #if !USEBC public static Pbkdf2 GetStream(byte[] key, byte[] salt, int cost, int blockSize, int parallel, int? maxThreads) { byte[] B = GetEffectivePbkdf2Salt(key, salt, cost, blockSize, parallel, maxThreads); Pbkdf2 kdf = new Pbkdf2(new HMACSHA256(key), B, 1); Security.Clear(B); return kdf; }
/// <summary> /// Computes a derived key. /// </summary> /// <param name="hmacAlgorithm"> /// The HMAC algorithm to use, for example <see cref="HMACSHA256"/>. /// Make sure to set <see cref="KeyedHashAlgorithm.Key"/>. /// </param> /// <param name="salt"> /// The salt. /// A unique salt means a unique derived key, even if the original key is identical. /// </param> /// <param name="iterations">The number of iterations to apply.</param> /// <param name="derivedKeyLength">The desired length of the derived key.</param> /// <returns>The derived key.</returns> public static byte[] ComputeDerivedKey(KeyedHashAlgorithm hmacAlgorithm, byte[] salt, int iterations, int derivedKeyLength) { Check.Range("derivedKeyLength", derivedKeyLength, 0, int.MaxValue); using (Pbkdf2 kdf = new Pbkdf2(hmacAlgorithm, salt, iterations)) { return kdf.Read(derivedKeyLength); } }
public static Pbkdf2 GetStream(byte[] key, byte[] salt, int cost, int blockSize, int parallel, int? maxThreads) { byte[] B = GetEffectivePbkdf2Salt(key, salt, cost, blockSize, parallel, maxThreads); var mac = new NBitcoin.BouncyCastle.Crypto.Macs.HMac(new NBitcoin.BouncyCastle.Crypto.Digests.Sha256Digest()); mac.Init(new KeyParameter(key)); Pbkdf2 kdf = new Pbkdf2(mac, B, 1); Security.Clear(B); return kdf; }