static byte[] MFcrypt(byte[] P, byte[] S,
int cost, int blockSize, int parallel, int?maxThreads)
{
int MFLen = blockSize * 128;
if (maxThreads == null)
{
maxThreads = int.MaxValue;
}
if (!BitMath.IsPositivePowerOf2(cost))
{
throw Exceptions.ArgumentOutOfRange("cost", "Cost must be a positive power of 2.");
}
Check.Range("blockSize", blockSize, 1, int.MaxValue / 128);
Check.Range("parallel", parallel, 1, int.MaxValue / MFLen);
Check.Range("maxThreads", (int)maxThreads, 1, int.MaxValue);
byte[] B = Pbkdf2.ComputeDerivedKey(new HMACSHA256(P), S, 1, parallel * MFLen);
uint[] B0 = new uint[B.Length / 4];
for (int i = 0; i < B0.Length; i++)
{
B0[i] = BitPacking.UInt32FromLEBytes(B, i * 4);
} // code is easier with uint[]
ThreadSMixCalls(B0, MFLen, cost, blockSize, parallel, (int)maxThreads);
for (int i = 0; i < B0.Length; i++)
{
BitPacking.LEBytesFromUInt32(B0[i], B, i * 4);
}
Security.Clear(B0);
return(B);
}
static byte[] MFcrypt(byte[] P, byte[] S,
int cost, int blockSize, int parallel, int?maxThreads)
{
int MFLen = blockSize * 128;
if (maxThreads == null)
{
maxThreads = int.MaxValue;
}
if (!BitMath.IsPositivePowerOf2(cost))
{
throw Exceptions.ArgumentOutOfRange("cost", "Cost must be a positive power of 2.");
}
Check.Range("blockSize", blockSize, 1, int.MaxValue / 128);
Check.Range("parallel", parallel, 1, int.MaxValue / MFLen);
Check.Range("maxThreads", (int)maxThreads, 1, int.MaxValue);
#if NO_NATIVE_HMACSHA512
var mac = new NBitcoin.BouncyCastle.Crypto.Macs.HMac(new NBitcoin.BouncyCastle.Crypto.Digests.Sha256Digest());
mac.Init(new KeyParameter(P));
byte[] B = Pbkdf2.ComputeDerivedKey(mac, S, 1, parallel * MFLen);
#elif NO_NATIVE_RFC2898_HMACSHA512
byte[] B = Pbkdf2.ComputeDerivedKey(new HMACSHA256(P), S, 1, parallel * MFLen);
#else
byte[] B = null;
if (S.Length >= 8)
{
// While we should be able to use Rfc2898DeriveBytes if salt is less than 8 bytes, it sadly does not accept salt less than 8 bytes needed for BIP38
using System.Security.Cryptography.Rfc2898DeriveBytes derive = new System.Security.Cryptography.Rfc2898DeriveBytes(P, S, 1, System.Security.Cryptography.HashAlgorithmName.SHA256);
B = derive.GetBytes(parallel * MFLen);
}
else
{
B = Pbkdf2.ComputeDerivedKey(new HMACSHA256(P), S, 1, parallel * MFLen);
}
#endif
uint[] B0 = new uint[B.Length / 4];
for (int i = 0; i < B0.Length; i++)
{
B0[i] = BitPacking.UInt32FromLEBytes(B, i * 4);
} // code is easier with uint[]
ThreadSMixCalls(B0, MFLen, cost, blockSize, parallel, (int)maxThreads);
for (int i = 0; i < B0.Length; i++)
{
BitPacking.LEBytesFromUInt32(B0[i], B, i * 4);
}
Security.Clear(B0);
return(B);
}
static byte[] MFcrypt(byte[] P, byte[] S,
int cost, int blockSize, int parallel, int?maxThreads)
{
int MFLen = blockSize * 128;
if (maxThreads == null)
{
maxThreads = int.MaxValue;
}
if (!BitMath.IsPositivePowerOf2(cost))
{
throw Exceptions.ArgumentOutOfRange("cost", "Cost must be a positive power of 2.");
}
Check.Range("blockSize", blockSize, 1, int.MaxValue / 128);
Check.Range("parallel", parallel, 1, int.MaxValue / MFLen);
Check.Range("maxThreads", (int)maxThreads, 1, int.MaxValue);
#if !(USEBC || NETSTANDARD1X)
byte[] B = Pbkdf2.ComputeDerivedKey(new HMACSHA256(P), S, 1, parallel * MFLen);
#else
var mac = new NBitcoin.BouncyCastle.Crypto.Macs.HMac(new NBitcoin.BouncyCastle.Crypto.Digests.Sha256Digest());
mac.Init(new KeyParameter(P));
byte[] B = Pbkdf2.ComputeDerivedKey(mac, S, 1, parallel * MFLen);
#endif
uint[] B0 = new uint[B.Length / 4];
for (int i = 0; i < B0.Length; i++)
{
B0[i] = BitPacking.UInt32FromLEBytes(B, i * 4);
} // code is easier with uint[]
ThreadSMixCalls(B0, MFLen, cost, blockSize, parallel, (int)maxThreads);
for (int i = 0; i < B0.Length; i++)
{
BitPacking.LEBytesFromUInt32(B0[i], B, i * 4);
}
Security.Clear(B0);
return(B);
}