Esempio n. 1
0
 public static void Pbkdf2_PasswordString_NullPassword()
 {
     AssertExtensions.Throws <ArgumentNullException>("password", () =>
                                                     Rfc2898DeriveBytes.Pbkdf2(
                                                         password: (string)null, s_salt, iterations: 1, HashAlgorithmName.SHA256, s_extractLength)
                                                     );
 }
Esempio n. 2
0
 public static void Pbkdf2_PasswordBytes_BogusHash()
 {
     Assert.Throws <CryptographicException>(() =>
                                            Rfc2898DeriveBytes.Pbkdf2(
                                                s_passwordBytes, s_salt, iterations: 1, new HashAlgorithmName("BLAH"), s_extractLength)
                                            );
 }
Esempio n. 3
0
 public static void Pbkdf2_PasswordBytes_EmptyHashName()
 {
     AssertExtensions.Throws <ArgumentException>("hashAlgorithm", () =>
                                                 Rfc2898DeriveBytes.Pbkdf2(
                                                     s_passwordBytes, s_salt, iterations: 1, new HashAlgorithmName(""), s_extractLength)
                                                 );
 }
Esempio n. 4
0
 public static void Pbkdf2_PasswordBytes_SaltBytes_SaltEmpty()
 {
     byte[] expectedKey = "1E437A1C79D75BE61E91141DAE20".HexToByteArray();
     byte[] key         = Rfc2898DeriveBytes.Pbkdf2(
         new byte[0], salt: new byte[0], iterations: 1, HashAlgorithmName.SHA1, s_extractLength);
     Assert.Equal(expectedKey, key);
 }
Esempio n. 5
0
 public static void Pbkdf2_PasswordBytes_SaltBytes_OutputLengthNegative()
 {
     AssertExtensions.Throws <ArgumentOutOfRangeException>("outputLength", () =>
                                                           Rfc2898DeriveBytes.Pbkdf2(
                                                               s_passwordBytes, s_salt, iterations: 1, HashAlgorithmName.SHA256, -1)
                                                           );
 }
Esempio n. 6
0
 public static void Pbkdf2_PasswordString_NullHashName()
 {
     AssertExtensions.Throws <ArgumentException>("hashAlgorithm", () =>
                                                 Rfc2898DeriveBytes.Pbkdf2(
                                                     Password, s_salt, iterations: 1, default(HashAlgorithmName), s_extractLength)
                                                 );
 }
Esempio n. 7
0
 public static void Pbkdf2_PasswordBytes_NullSalt()
 {
     AssertExtensions.Throws <ArgumentNullException>("salt", () =>
                                                     Rfc2898DeriveBytes.Pbkdf2(
                                                         s_passwordBytes, salt: (byte[])null, iterations: 1, HashAlgorithmName.SHA256, s_extractLength)
                                                     );
 }
Esempio n. 8
0
 public static void Pbkdf2_PasswordString_SaltBytes_IterationsNegative()
 {
     AssertExtensions.Throws <ArgumentOutOfRangeException>("iterations", () =>
                                                           Rfc2898DeriveBytes.Pbkdf2(
                                                               Password, s_salt, iterations: -1, HashAlgorithmName.SHA256, s_extractLength)
                                                           );
 }
Esempio n. 9
0
        public byte[] DeriveKey(string password, byte[] salt, KeyDerivationPrf prf, int iterationCount, int numBytesRequested)
        {
            Debug.Assert(password != null);
            Debug.Assert(salt != null);
            Debug.Assert(iterationCount > 0);
            Debug.Assert(numBytesRequested > 0);

            HashAlgorithmName algorithmName;

            switch (prf)
            {
            case KeyDerivationPrf.HMACSHA1:
                algorithmName = HashAlgorithmName.SHA1;
                break;

            case KeyDerivationPrf.HMACSHA256:
                algorithmName = HashAlgorithmName.SHA256;
                break;

            case KeyDerivationPrf.HMACSHA512:
                algorithmName = HashAlgorithmName.SHA512;
                break;

            default:
                throw new ArgumentOutOfRangeException(nameof(prf));
            }

            return(Rfc2898DeriveBytes.Pbkdf2(password, salt, iterationCount, algorithmName, numBytesRequested));
        }
Esempio n. 10
0
        public static void Pbkdf2_Password_Salt_Overlapping_Completely()
        {
            Span <byte> buffer = new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 };

            byte[] expected = { 0xBE, 0xA4, 0xEE, 0x0E, 0xC3, 0x98, 0xBF, 0x32 };
            Rfc2898DeriveBytes.Pbkdf2(buffer, buffer, buffer, iterations: 1, HashAlgorithmName.SHA256);
            Assert.Equal(expected, buffer.ToArray());
        }
Esempio n. 11
0
 /// <inheritdoc />
 public PasswordHash CreatePasswordHash(ReadOnlySpan <char> password)
 {
     byte[] salt = GenerateSalt();
     return(new PasswordHash(
                DefaultHashMethod,
                Rfc2898DeriveBytes.Pbkdf2(
                    password,
                    salt,
                    DefaultIterations,
                    HashAlgorithmName.SHA512,
                    DefaultOutputLength),
                salt,
                new Dictionary <string, string>
     {
         { "iterations", DefaultIterations.ToString(CultureInfo.InvariantCulture) }
     }));
 }
Esempio n. 12
0
        /// <summary>
        ///
        /// </summary>
        /// <param name="decryptedBytes"></param>
        /// <param name="password"></param>
        /// <param name="keySize"></param>
        /// <param name="iterations"></param>
        /// <returns></returns>
        public static byte[] Encrypt(byte[] decryptedBytes, string password, int keySize, int iterations)
        {
            ReadOnlySpan <byte> salt = RandomNumberGenerator.GetBytes(keySize / 8);   // Generate salt based
            ReadOnlySpan <byte> iv   = RandomNumberGenerator.GetBytes(blockSize / 8); // Generate iv, has to be the same as the block size

            byte[] key = Rfc2898DeriveBytes.Pbkdf2(password, salt, iterations, HashAlgorithmName.SHA512, keySize / 8);

            using Aes aes = Aes.Create();
            aes.Key       = key;

            int encryptedSize = aes.GetCiphertextLengthCbc(decryptedBytes.Length);

            byte[] cipher = new byte[salt.Length + iv.Length + encryptedSize];

            Span <byte> cipherSpan = cipher;

            salt.CopyTo(cipherSpan);
            iv.CopyTo(cipherSpan[salt.Length..]);
Esempio n. 13
0
    public static void OldMain(string[] args)
    {
        //var dbPasswd = "95$cHY76d#D8";
        //var dbServer = "db.agsjyohfeddzbznajrgz.supabase.co";
        //var connstr = $"User Id=postgres;Password={dbPasswd};Server={dbServer};Port=5432;Database=postgres";

        //var sbClient = await Supabase.Client.InitializeAsync(
        //    "https://agsjyohfeddzbznajrgz.supabase.co",
        //    "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJzdXBhYmFzZSIsInJlZiI6ImFnc2p5b2hmZWRkemJ6bmFqcmd6Iiwicm9sZSI6ImFub24iLCJpYXQiOjE2NDUxODg4MjMsImV4cCI6MTk2MDc2NDgyM30.mEjK4OBjUwN8y7W2lV5JM6iRXdD1iKYc4Yaa2kSApUM");

        //var instance = Supabase.Client.Instance;
        //if (instance == null)
        //{
        //    throw new Exception("failed to get Supabase client instance");
        //}

        //var accounts = await instance.From<Account>().Get();

        //Console.WriteLine("Accounts:");
        //foreach (var a in accounts.Models)
        //{
        //    Console.WriteLine($"Account: {a.Email}");
        //}

        //var sdtResponse = await instance.Rpc("GetSystemDateTime", null);
        //var sdt = JsonSerializer.Deserialize<DateTime>(sdtResponse.Content);
        //Console.WriteLine(sdt);

        string email = "*****@*****.**";
        string mpass = "******";

        var mkeyIters  = 10000;
        var mkeyAlgor  = HashAlgorithmName.SHA256;
        var mkeyLength = 32;

        var emailHash = SHA256.HashData(Encoding.UTF8.GetBytes(email));
        var masterKey = Rfc2898DeriveBytes.Pbkdf2(Encoding.UTF8.GetBytes(mpass), emailHash, mkeyIters, mkeyAlgor, mkeyLength);



        //Console.WriteLine(masterKey.Length);
        //Console.WriteLine(Convert.ToBase64String(masterKey));
    }
Esempio n. 14
0
        /// <inheritdoc />
        public bool Verify(PasswordHash hash, ReadOnlySpan <char> password)
        {
            if (string.Equals(hash.Id, "PBKDF2", StringComparison.Ordinal))
            {
                return(hash.Hash.SequenceEqual(
                           Rfc2898DeriveBytes.Pbkdf2(
                               password,
                               hash.Salt,
                               int.Parse(hash.Parameters["iterations"], CultureInfo.InvariantCulture),
                               HashAlgorithmName.SHA1,
                               32)));
            }

            if (string.Equals(hash.Id, "PBKDF2-SHA512", StringComparison.Ordinal))
            {
                return(hash.Hash.SequenceEqual(
                           Rfc2898DeriveBytes.Pbkdf2(
                               password,
                               hash.Salt,
                               int.Parse(hash.Parameters["iterations"], CultureInfo.InvariantCulture),
                               HashAlgorithmName.SHA512,
                               DefaultOutputLength)));
            }

            if (!_supportedHashMethods.Contains(hash.Id))
            {
                throw new CryptographicException($"Requested hash method is not supported: {hash.Id}");
            }

            using var h = HashAlgorithm.Create(hash.Id) ?? throw new ResourceNotFoundException($"Unknown hash method: {hash.Id}.");
            var bytes = Encoding.UTF8.GetBytes(password.ToArray());

            if (hash.Salt.Length == 0)
            {
                return(hash.Hash.SequenceEqual(h.ComputeHash(bytes)));
            }

            byte[] salted = new byte[bytes.Length + hash.Salt.Length];
            Array.Copy(bytes, salted, bytes.Length);
            hash.Salt.CopyTo(salted.AsSpan(bytes.Length));
            return(hash.Hash.SequenceEqual(h.ComputeHash(salted)));
        }
Esempio n. 15
0
        private static byte[] DeriveKeyImpl(string password, byte[] salt, KeyDerivationPrf prf, int iterationCount, int numBytesRequested)
        {
            HashAlgorithmName algorithmName;

            switch (prf)
            {
            case KeyDerivationPrf.HMACSHA1:
                algorithmName = HashAlgorithmName.SHA1;
                break;

            case KeyDerivationPrf.HMACSHA256:
                algorithmName = HashAlgorithmName.SHA256;
                break;

            case KeyDerivationPrf.HMACSHA512:
                algorithmName = HashAlgorithmName.SHA512;
                break;

            default:
                throw new ArgumentOutOfRangeException();
            }

            return(Rfc2898DeriveBytes.Pbkdf2(Encoding.UTF8.GetBytes(password), salt, iterationCount, algorithmName, numBytesRequested));
        }
Esempio n. 16
0
 public static void Pbkdf2_PasswordString_InvalidUtf8()
 {
     Assert.Throws <EncoderFallbackException>(() =>
                                              Rfc2898DeriveBytes.Pbkdf2(
                                                  "\uD800", s_salt, iterations: 1, HashAlgorithmName.SHA256, s_extractLength));
 }