/// <summary>
/// Implements IDisposable
/// </summary>
/// <param name="disposing">
/// <c>true</c> to release both managed and unmanaged resources; <c>false</c> to release only
/// unmanaged resources.
/// </param>
protected virtual void Dispose(bool disposing)
{
if (disposing)
{
_hasher.Dispose();
}
}
/// <summary>
/// Close stream and hasher
/// </summary>
public void Dispose()
{
if (hashStream != null && !hashStream.HasFlushedFinalBlock)
{
hashStream.FlushFinalBlock();
}
hashStream = null;
hasher?.Dispose();
}
/// <summary>
/// Returns code base on counter and digits parameters
/// </summary>
/// <param name="counter"></param>
/// <param name="digits"></param>
/// <returns></returns>
private int GetCode(long counter, int digits)
{
byte[] hash;
var userId = this.GetUserId();
try
{
var counterBytes = BitConverter.GetBytes(counter);
if (BitConverter.IsLittleEndian)
{
Array.Reverse(counterBytes, 0, 8);
}
HMAC hmac = null;
try
{
switch (this.Algorithm)
{
case OneTimePasswordAlgorithm.Sha1:
hmac = new HMACSHA1(userId);
break;
case OneTimePasswordAlgorithm.Sha256:
hmac = new HMACSHA256(userId);
break;
case OneTimePasswordAlgorithm.Sha512:
hmac = new HMACSHA512(userId);
break;
}
hash = hmac.ComputeHash(counterBytes);
}
finally
{
if (hmac != null)
{
hmac.Dispose();
}
}
}
finally
{
Array.Clear(userId, 0, userId.Length);
}
int offset = hash[hash.Length - 1] & 0x0F;
var truncatedHash = new byte[] { (byte)(hash[offset + 0] & 0x7F), hash[offset + 1], hash[offset + 2], hash[offset + 3] };
if (BitConverter.IsLittleEndian)
{
Array.Reverse(truncatedHash, 0, 4);
}
var number = BitConverter.ToInt32(truncatedHash, 0);
return(number % new int[] { 0, 0, 0, 0, 10000, 100000, 1000000, 10000000, 100000000, 1000000000 }[digits]);
}
private int GetCode(int digits, long counter)
{
if ((this.cachedCounter == counter) && (this.cachedDigits == digits))
{
return(this.cachedCode);
} //to avoid recalculation if all is the same
byte[] hash;
var secret = this.GetSecret();
try {
var counterBytes = BitConverter.GetBytes(counter);
if (BitConverter.IsLittleEndian)
{
Array.Reverse(counterBytes, 0, 8);
}
HMAC hmac = null;
try {
switch (this.Algorithm)
{
case OneTimePasswordAlgorithm.Sha1: hmac = new HMACSHA1(secret); break;
case OneTimePasswordAlgorithm.Sha256: hmac = new HMACSHA256(secret); break;
case OneTimePasswordAlgorithm.Sha512: hmac = new HMACSHA512(secret); break;
}
hash = hmac.ComputeHash(counterBytes);
} finally {
if (hmac != null)
{
hmac.Dispose();
}
}
} finally {
Array.Clear(secret, 0, secret.Length);
}
int offset = hash[hash.Length - 1] & 0x0F;
var truncatedHash = new byte[] { (byte)(hash[offset + 0] & 0x7F), hash[offset + 1], hash[offset + 2], hash[offset + 3] };
if (BitConverter.IsLittleEndian)
{
Array.Reverse(truncatedHash, 0, 4);
}
var number = BitConverter.ToInt32(truncatedHash, 0);
var code = number % DigitsDivisor[digits];
this.cachedCounter = counter;
this.cachedDigits = digits;
this.cachedCode = code;
return(code);
}
protected virtual void Dispose(bool disposing)
{
if (!_isDisposed)
{
if (disposing)
{
hmac.Dispose();
}
_isDisposed = true;
}
}
public void Generate_New_Hash_And_Salt()
{
var stringToBeHashed = new Fixture().Create <string>();
byte[] hash = hashHelpers.GetNewHash(out var salt, stringToBeHashed);
var hmac = new HMACSHA512(salt);
var expectedHash = hmac.ComputeHash(Encoding.UTF8.GetBytes(stringToBeHashed));
hmac.Dispose();
hash.Should().BeEquivalentTo(expectedHash);
}
public void Should_Fail_Validation_Given_String_And_Hash_With_Given_Salt()
{
var givenString = new Fixture().Create <string>();
var hmac = new HMACSHA512();
var salt = hmac.Key;
var hash = hmac.ComputeHash(Encoding.UTF8.GetBytes(givenString));
hmac.Dispose();
bool isValidHash = hashHelpers.CompareHash(string.Concat(givenString, char.MinValue), salt, hash);
isValidHash.Should().BeFalse();
}
public void Validate_Given_String_And_Hash_With_Given_Salt()
{
var givenString = new Fixture().Create <string>();
var hmac = new HMACSHA512();
var salt = hmac.Key;
var hash = hmac.ComputeHash(Encoding.UTF8.GetBytes(givenString));
hmac.Dispose();
bool isValidHash = hashHelpers.CompareHash(givenString, salt, hash);
isValidHash.Should().BeTrue();
}
/// <summary>
/// Clean up
/// </summary>
/// <param name="disposing"></param>
protected virtual void Dispose(bool disposing)
{
// make thread safe
lock (disposeLock)
{
// conform to reference example: http://msdn.microsoft.com/en-us/library/fs2xkftw.aspx
if (!disposed)
{
if (disposing)
{
// null check
if (hashMaker != null)
{
// invoke disposing
hashMaker.Dispose();
hashMaker = null; // null just to br safe
}
disposed = true;
}
}
}
}
/// <summary>
/// Creates an HMAC-SHA algorithm with the specified name and key.
/// </summary>
/// <param name="algorithmName">A name from the available choices in the static const members of this class.</param>
/// <param name="key">The secret key used as the HMAC.</param>
/// <returns>The HMAC algorithm instance.</returns>
internal static HMAC Create(string algorithmName, byte[] key)
{
Requires.NotNullOrEmpty(algorithmName, "algorithmName");
Requires.NotNull(key, "key");
HMAC hmac;
switch (algorithmName)
{
case HmacSha1:
hmac = new HMACSHA1();
break;
case HmacSha256:
hmac = new HMACSHA256();
break;
case HmacSha384:
hmac = new HMACSHA384();
break;
case HmacSha512:
hmac = new HMACSHA512();
break;
default:
throw new ArgumentException(string.Format(MessagingStrings.UnsupportedHashAlgorithm, algorithmName));
}
try {
hmac.Key = key;
return(hmac);
} catch {
hmac.Dispose();
throw;
}
}
public new void Dispose()
{
_hmacsha512Obj.Dispose();
}
public void Dispose()
{
_256?.Dispose();
_384?.Dispose();
_512?.Dispose();
}
public void Dispose()
{
_hmac.Dispose();
}
public virtual void Dispose()
{
encryptor?.Dispose();
}
static void Main(string[] args)
{
con("MachineKey Generator v0.1 for ASP.NET / xsiteman WebForms Application");
con("");
string _decKeyMode = "AES";
string _hashMode = "HMACSHA512";
if (args.Length != 0)
{
if ((args.Length != 2) || (args[0] == "-h") || (args[0] == "--help"))
{
error(-1);
}
if ((args[0] != "AES") && (args[0] != "DES") && (args[0] != "3DES"))
{
error(1);
}
if ((args[1] != "MD5") && (args[1] != "SHA1") && (args[1] != "HMACSHA256") && (args[1] != "HMACSHA384") && (args[1] != "HMACSHA512"))
{
error(2);
}
_decKeyMode = args[0];
_hashMode = args[1];
con("FOUND OPTIONS: " + args[0] + ", " + args[1]);
}
else
{
con("USING DEFAULTS: AES + HMACSHA512");
}
con("");
string _decKey;
string _hashKey;
switch (_decKeyMode)
{
case "3DES":
TripleDESCryptoServiceProvider _3DES = new TripleDESCryptoServiceProvider();
_3DES.GenerateKey();
_decKey = BinToHexStr(_3DES.Key);
_3DES.Dispose();
break;
case "DES":
DESCryptoServiceProvider _DES = new DESCryptoServiceProvider();
_DES.GenerateKey();
_decKey = BinToHexStr(_DES.Key);
_DES.Dispose();
break;
default:
AesCryptoServiceProvider _AES = new AesCryptoServiceProvider();
_AES.GenerateKey();
_decKey = BinToHexStr(_AES.Key);
_AES.Dispose();
break;
}
switch (_hashMode)
{
case "MD5":
HMACMD5 _MD5 = new HMACMD5();
_hashKey = BinToHexStr(_MD5.Key);
_MD5.Dispose();
break;
case "SHA1":
HMACSHA1 _SHA1 = new HMACSHA1();
_hashKey = BinToHexStr(_SHA1.Key);
_SHA1.Dispose();
break;
case "SHA256":
HMACSHA256 _SHA256 = new HMACSHA256();
_hashKey = BinToHexStr(_SHA256.Key);
_SHA256.Dispose();
break;
case "SHA384":
HMACSHA384 _SHA384 = new HMACSHA384();
_hashKey = BinToHexStr(_SHA384.Key);
_SHA384.Dispose();
break;
default:
HMACSHA512 _SHA512 = new HMACSHA512();
_hashKey = BinToHexStr(_SHA512.Key);
_SHA512.Dispose();
break;
}
string _mkstring = string.Concat("<machineKey decryption=\"", _decKeyMode, "\" decryptionKey=\"", _decKey, "\" validation=\"", _hashMode, "\" validationKey=\"", _hashKey, "\" />");
con(_mkstring);
}