public static void Pbkdf2_PasswordString_NullPassword() { AssertExtensions.Throws <ArgumentNullException>("password", () => Rfc2898DeriveBytes.Pbkdf2( password: (string)null, s_salt, iterations: 1, HashAlgorithmName.SHA256, s_extractLength) ); }
public static void Pbkdf2_PasswordBytes_BogusHash() { Assert.Throws <CryptographicException>(() => Rfc2898DeriveBytes.Pbkdf2( s_passwordBytes, s_salt, iterations: 1, new HashAlgorithmName("BLAH"), s_extractLength) ); }
public static void Pbkdf2_PasswordBytes_EmptyHashName() { AssertExtensions.Throws <ArgumentException>("hashAlgorithm", () => Rfc2898DeriveBytes.Pbkdf2( s_passwordBytes, s_salt, iterations: 1, new HashAlgorithmName(""), s_extractLength) ); }
public static void Pbkdf2_PasswordBytes_SaltBytes_SaltEmpty() { byte[] expectedKey = "1E437A1C79D75BE61E91141DAE20".HexToByteArray(); byte[] key = Rfc2898DeriveBytes.Pbkdf2( new byte[0], salt: new byte[0], iterations: 1, HashAlgorithmName.SHA1, s_extractLength); Assert.Equal(expectedKey, key); }
public static void Pbkdf2_PasswordBytes_SaltBytes_OutputLengthNegative() { AssertExtensions.Throws <ArgumentOutOfRangeException>("outputLength", () => Rfc2898DeriveBytes.Pbkdf2( s_passwordBytes, s_salt, iterations: 1, HashAlgorithmName.SHA256, -1) ); }
public static void Pbkdf2_PasswordString_NullHashName() { AssertExtensions.Throws <ArgumentException>("hashAlgorithm", () => Rfc2898DeriveBytes.Pbkdf2( Password, s_salt, iterations: 1, default(HashAlgorithmName), s_extractLength) ); }
public static void Pbkdf2_PasswordBytes_NullSalt() { AssertExtensions.Throws <ArgumentNullException>("salt", () => Rfc2898DeriveBytes.Pbkdf2( s_passwordBytes, salt: (byte[])null, iterations: 1, HashAlgorithmName.SHA256, s_extractLength) ); }
public static void Pbkdf2_PasswordString_SaltBytes_IterationsNegative() { AssertExtensions.Throws <ArgumentOutOfRangeException>("iterations", () => Rfc2898DeriveBytes.Pbkdf2( Password, s_salt, iterations: -1, HashAlgorithmName.SHA256, s_extractLength) ); }
public byte[] DeriveKey(string password, byte[] salt, KeyDerivationPrf prf, int iterationCount, int numBytesRequested) { Debug.Assert(password != null); Debug.Assert(salt != null); Debug.Assert(iterationCount > 0); Debug.Assert(numBytesRequested > 0); HashAlgorithmName algorithmName; switch (prf) { case KeyDerivationPrf.HMACSHA1: algorithmName = HashAlgorithmName.SHA1; break; case KeyDerivationPrf.HMACSHA256: algorithmName = HashAlgorithmName.SHA256; break; case KeyDerivationPrf.HMACSHA512: algorithmName = HashAlgorithmName.SHA512; break; default: throw new ArgumentOutOfRangeException(nameof(prf)); } return(Rfc2898DeriveBytes.Pbkdf2(password, salt, iterationCount, algorithmName, numBytesRequested)); }
public static void Pbkdf2_Password_Salt_Overlapping_Completely() { Span <byte> buffer = new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 }; byte[] expected = { 0xBE, 0xA4, 0xEE, 0x0E, 0xC3, 0x98, 0xBF, 0x32 }; Rfc2898DeriveBytes.Pbkdf2(buffer, buffer, buffer, iterations: 1, HashAlgorithmName.SHA256); Assert.Equal(expected, buffer.ToArray()); }
/// <inheritdoc /> public PasswordHash CreatePasswordHash(ReadOnlySpan <char> password) { byte[] salt = GenerateSalt(); return(new PasswordHash( DefaultHashMethod, Rfc2898DeriveBytes.Pbkdf2( password, salt, DefaultIterations, HashAlgorithmName.SHA512, DefaultOutputLength), salt, new Dictionary <string, string> { { "iterations", DefaultIterations.ToString(CultureInfo.InvariantCulture) } })); }
/// <summary> /// /// </summary> /// <param name="decryptedBytes"></param> /// <param name="password"></param> /// <param name="keySize"></param> /// <param name="iterations"></param> /// <returns></returns> public static byte[] Encrypt(byte[] decryptedBytes, string password, int keySize, int iterations) { ReadOnlySpan <byte> salt = RandomNumberGenerator.GetBytes(keySize / 8); // Generate salt based ReadOnlySpan <byte> iv = RandomNumberGenerator.GetBytes(blockSize / 8); // Generate iv, has to be the same as the block size byte[] key = Rfc2898DeriveBytes.Pbkdf2(password, salt, iterations, HashAlgorithmName.SHA512, keySize / 8); using Aes aes = Aes.Create(); aes.Key = key; int encryptedSize = aes.GetCiphertextLengthCbc(decryptedBytes.Length); byte[] cipher = new byte[salt.Length + iv.Length + encryptedSize]; Span <byte> cipherSpan = cipher; salt.CopyTo(cipherSpan); iv.CopyTo(cipherSpan[salt.Length..]);
public static void OldMain(string[] args) { //var dbPasswd = "95$cHY76d#D8"; //var dbServer = "db.agsjyohfeddzbznajrgz.supabase.co"; //var connstr = $"User Id=postgres;Password={dbPasswd};Server={dbServer};Port=5432;Database=postgres"; //var sbClient = await Supabase.Client.InitializeAsync( // "https://agsjyohfeddzbznajrgz.supabase.co", // "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJzdXBhYmFzZSIsInJlZiI6ImFnc2p5b2hmZWRkemJ6bmFqcmd6Iiwicm9sZSI6ImFub24iLCJpYXQiOjE2NDUxODg4MjMsImV4cCI6MTk2MDc2NDgyM30.mEjK4OBjUwN8y7W2lV5JM6iRXdD1iKYc4Yaa2kSApUM"); //var instance = Supabase.Client.Instance; //if (instance == null) //{ // throw new Exception("failed to get Supabase client instance"); //} //var accounts = await instance.From<Account>().Get(); //Console.WriteLine("Accounts:"); //foreach (var a in accounts.Models) //{ // Console.WriteLine($"Account: {a.Email}"); //} //var sdtResponse = await instance.Rpc("GetSystemDateTime", null); //var sdt = JsonSerializer.Deserialize<DateTime>(sdtResponse.Content); //Console.WriteLine(sdt); string email = "*****@*****.**"; string mpass = "******"; var mkeyIters = 10000; var mkeyAlgor = HashAlgorithmName.SHA256; var mkeyLength = 32; var emailHash = SHA256.HashData(Encoding.UTF8.GetBytes(email)); var masterKey = Rfc2898DeriveBytes.Pbkdf2(Encoding.UTF8.GetBytes(mpass), emailHash, mkeyIters, mkeyAlgor, mkeyLength); //Console.WriteLine(masterKey.Length); //Console.WriteLine(Convert.ToBase64String(masterKey)); }
/// <inheritdoc /> public bool Verify(PasswordHash hash, ReadOnlySpan <char> password) { if (string.Equals(hash.Id, "PBKDF2", StringComparison.Ordinal)) { return(hash.Hash.SequenceEqual( Rfc2898DeriveBytes.Pbkdf2( password, hash.Salt, int.Parse(hash.Parameters["iterations"], CultureInfo.InvariantCulture), HashAlgorithmName.SHA1, 32))); } if (string.Equals(hash.Id, "PBKDF2-SHA512", StringComparison.Ordinal)) { return(hash.Hash.SequenceEqual( Rfc2898DeriveBytes.Pbkdf2( password, hash.Salt, int.Parse(hash.Parameters["iterations"], CultureInfo.InvariantCulture), HashAlgorithmName.SHA512, DefaultOutputLength))); } if (!_supportedHashMethods.Contains(hash.Id)) { throw new CryptographicException($"Requested hash method is not supported: {hash.Id}"); } using var h = HashAlgorithm.Create(hash.Id) ?? throw new ResourceNotFoundException($"Unknown hash method: {hash.Id}."); var bytes = Encoding.UTF8.GetBytes(password.ToArray()); if (hash.Salt.Length == 0) { return(hash.Hash.SequenceEqual(h.ComputeHash(bytes))); } byte[] salted = new byte[bytes.Length + hash.Salt.Length]; Array.Copy(bytes, salted, bytes.Length); hash.Salt.CopyTo(salted.AsSpan(bytes.Length)); return(hash.Hash.SequenceEqual(h.ComputeHash(salted))); }
private static byte[] DeriveKeyImpl(string password, byte[] salt, KeyDerivationPrf prf, int iterationCount, int numBytesRequested) { HashAlgorithmName algorithmName; switch (prf) { case KeyDerivationPrf.HMACSHA1: algorithmName = HashAlgorithmName.SHA1; break; case KeyDerivationPrf.HMACSHA256: algorithmName = HashAlgorithmName.SHA256; break; case KeyDerivationPrf.HMACSHA512: algorithmName = HashAlgorithmName.SHA512; break; default: throw new ArgumentOutOfRangeException(); } return(Rfc2898DeriveBytes.Pbkdf2(Encoding.UTF8.GetBytes(password), salt, iterationCount, algorithmName, numBytesRequested)); }
public static void Pbkdf2_PasswordString_InvalidUtf8() { Assert.Throws <EncoderFallbackException>(() => Rfc2898DeriveBytes.Pbkdf2( "\uD800", s_salt, iterations: 1, HashAlgorithmName.SHA256, s_extractLength)); }