/// <summary> /// Converts a base-58 string to a byte array, checking the checksum, and /// returning null if it wasn't valid. Appending "?" to the end of the string skips /// the checksum calculation, but still strips the four checksum bytes from the /// result. /// </summary> public static byte[] Base58CheckToByteArray(string base58) { bool IgnoreChecksum = false; if (base58.EndsWith("?")) { IgnoreChecksum = true; base58 = base58.Substring(0, base58.Length - 1); } byte[] bb = Base58.ToByteArray(base58); if (bb == null || bb.Length < 4) return null; if (IgnoreChecksum == false) { Sha256Digest bcsha256a = new Sha256Digest(); bcsha256a.BlockUpdate(bb, 0, bb.Length - 4); byte[] checksum = new byte[32]; //sha256.ComputeHash(bb, 0, bb.Length - 4); bcsha256a.DoFinal(checksum, 0); bcsha256a.BlockUpdate(checksum, 0, 32); bcsha256a.DoFinal(checksum, 0); for (int i = 0; i < 4; i++) { if (checksum[i] != bb[bb.Length - 4 + i]) return null; } } byte[] rv = new byte[bb.Length - 4]; Array.Copy(bb, 0, rv, 0, bb.Length - 4); return rv; }
/// <summary> /// Default constructor. Creates a new matched pair of escrow invitation codes. /// </summary> public EscrowCodeSet() { SecureRandom sr = new SecureRandom(); byte[] x = new byte[32]; byte[] y = new byte[32]; sr.NextBytes(x); sr.NextBytes(y); // Force x to be even // Force y to be odd x[31] &= 0xFE; y[31] |= 0x01; KeyPair kx = new KeyPair(x, true); KeyPair ky = new KeyPair(y, true); BigInteger xi = new BigInteger(1, x); BigInteger yi = new BigInteger(1, y); ECPoint Gx = kx.GetECPoint(); byte[] bytesGx = Gx.GetEncoded(); ECPoint Gy = ky.GetECPoint(); byte[] bytesGy = Gy.GetEncoded(); ECPoint Gxy = Gx.Multiply(yi); byte[] bytesGxy = Gxy.GetEncoded(); Sha256Digest sha256 = new Sha256Digest(); byte[] hashGxy = new byte[32]; sha256.BlockUpdate(bytesGxy, 0, bytesGxy.Length); sha256.DoFinal(hashGxy, 0); sha256.BlockUpdate(hashGxy, 0, 32); sha256.DoFinal(hashGxy, 0); int identifier30 = ((hashGxy[0] & 0x3f) << 24) + (hashGxy[1] << 16) + (hashGxy[2] << 8) + hashGxy[3]; byte[] invitationA = new byte[74]; byte[] invitationB = new byte[74]; long headA = headbaseA + (long)identifier30; long headB = headbaseB + (long)identifier30; // turn headA and headB into bytes for (int i = 7; i >= 0; i--) { invitationA[i] = (byte)(headA & 0xFF); invitationB[i] = (byte)(headB & 0xFF); headA >>= 8; headB >>= 8; } Array.Copy(x, 0, invitationA, 8 + 1, 32); Array.Copy(y, 0, invitationB, 8 + 1, 32); Array.Copy(bytesGy, 0, invitationA, 8 + 1 + 32, 33); Array.Copy(bytesGx, 0, invitationB, 8 + 1 + 32, 33); EscrowInvitationCodeA = Util.ByteArrayToBase58Check(invitationA); EscrowInvitationCodeB = Util.ByteArrayToBase58Check(invitationB); }
public static byte[] SHA256_SHA256(byte[] ba) { Sha256Digest bcsha256a = new Sha256Digest(); bcsha256a.BlockUpdate(ba, 0, ba.Length); byte[] thehash = new byte[32]; bcsha256a.DoFinal(thehash, 0); bcsha256a.BlockUpdate(thehash, 0, 32); bcsha256a.DoFinal(thehash, 0); return thehash; }
private static string GetHashDigest(Org.BouncyCastle.Crypto.Digests.Sha256Digest hash) { var digest = new byte[hash.GetDigestSize()]; hash.DoFinal(digest, 0); return(BitConverter.ToString(digest).Replace("-", string.Empty).ToLower()); }
/** * Hashes the given data. * * @param data The data to hash * @return byte-array containing the hashed data */ public static byte[] Hash(byte[] data) { Sha256Digest sha256 = new Sha256Digest(); sha256.BlockUpdate(data, 0, data.Length); byte[] hash = new byte[sha256.GetDigestSize()]; sha256.DoFinal(hash, 0); return hash; }
public static byte[] SHA256Hash(byte[] data) { var shaHash = new Sha256Digest (); shaHash.BlockUpdate (data, 0, data.Length); byte[] hashedValue = new byte[shaHash.GetDigestSize ()]; shaHash.DoFinal(hashedValue, 0); return hashedValue; }
public static byte[] Array(byte[] value) { var digest = new Sha256Digest(); digest.BlockUpdate(value, 0, value.Length); var ret = new byte[digest.GetDigestSize()]; digest.DoFinal(ret, 0); return ret; }
public static string Sha256(string input) { var data = System.Text.Encoding.UTF8.GetBytes(input); Sha256Digest hash = new Sha256Digest(); hash.BlockUpdate(data, 0, data.Length); byte[] result = new byte[hash.GetDigestSize()]; hash.DoFinal(result, 0); return Hex.ToHexString(result); }
public byte[] ComputeHash(byte[] pbData) { Sha256Digest sha256 = new Sha256Digest(); sha256.BlockUpdate(pbData, 0, pbData.Length); byte[] pbHash = new byte[32]; sha256.DoFinal(pbHash, 0); return pbHash; }
public static String SHA256(string tosha256) { Sha256Digest digest = new Sha256Digest(); byte[] scratch = new byte[digest.GetDigestSize()]; digest.BlockUpdate(UTF8Encoding.UTF8.GetBytes(tosha256), 0, UTF8Encoding.UTF8.GetByteCount(tosha256)); digest.DoFinal(scratch, 0); string hex = BitConverter.ToString(scratch).ToLower(); return hex.Replace("-", ""); }
public static byte[] Sha256(string text) { var bytes = new byte[text.Length * sizeof(char)]; Buffer.BlockCopy(text.ToCharArray(), 0, bytes, 0, bytes.Length); var sha256 = new Sha256Digest(); var hash = new byte[sha256.GetDigestSize()]; sha256.BlockUpdate(bytes, 0, bytes.Length); sha256.DoFinal(hash, 0); return hash; }
private static string GetFileName(string imageUri) { var sha = new Sha256Digest(); var stream = new DigestStream(new MemoryStream(), null, sha); using (var writer = new StreamWriter(stream)) { writer.Write(imageUri); } byte[] buffer = new byte[sha.GetDigestSize()]; sha.DoFinal(buffer, 0); string hex = BitConverter.ToString(buffer); string fileName = hex.Replace("-", ""); return fileName; }
public string GetSign(byte[] msg) { //Org.BouncyCastle.Math.BigInteger d = new Org.BouncyCastle.Math.BigInteger(Convert.FromBase64String(privKey)); byte[] prvB = StringToByteArray(prv); byte[] pubB = StringToByteArray(pub); //byte[] prvB = StringToByteArray(prvTmp); //byte[] pubB = StringToByteArray(pubTmp); Org.BouncyCastle.Math.BigInteger sk = new Org.BouncyCastle.Math.BigInteger(+1, prvB); Org.BouncyCastle.Math.EC.ECPoint q = domain.G.Multiply(sk); byte[] pubKeyX = q.Normalize().AffineXCoord.GetEncoded(); byte[] pubKeyY = q.Normalize().AffineYCoord.GetEncoded(); BigInteger k = GenerateRandom(); //BigInteger k = new BigInteger(+1,StringToByteArray("015B931D9C7BF3A7A70E57868BF29712377E74355FC59032CD7547C80E179010")); //Debug.Log("kv:" + BitConverter.ToString(kv.ToByteArray()).Replace("-", "")); Debug.Log("K:" + BitConverter.ToString(k.ToByteArray()).Replace("-", "")); ECPoint Q = domain.G.Multiply(k); Org.BouncyCastle.Crypto.Digests.Sha256Digest digester = new Org.BouncyCastle.Crypto.Digests.Sha256Digest(); byte[] h = new byte[digester.GetDigestSize()]; digester.BlockUpdate(Q.GetEncoded(true), 0, Q.GetEncoded(true).Length); digester.BlockUpdate(pubB, 0, pubB.Length); digester.BlockUpdate(msg, 0, msg.Length); digester.DoFinal(h, 0); Org.BouncyCastle.Math.BigInteger r = new Org.BouncyCastle.Math.BigInteger(+1, h); BigInteger s = r.Multiply(sk); s = k.Subtract(s); s = s.Mod(domain.n); string rt = BitConverter.ToString(r.ToByteArray()).Replace("-", ""); if (rt.Length > 32) { rt = rt.Remove(0, 2); } string st = BitConverter.ToString(s.ToByteArray()).Replace("-", ""); return(rt + st); }
/// <summary> /// From a single given key create a hashname with the intermediate hashes of other keys /// </summary> /// <returns>The key.</returns> /// <param name="csid">The identifier for the cipher set as a string.</param> /// <param name="keyData">The key data for the given csid.</param> /// <param name="intermediates">Intermediates.</param> public static string FromKey(string csid, byte[] keyData, IDictionary<string, string> intermediates) { Sha256Digest digest = new Sha256Digest (); List<string> keys = new List<string>(intermediates.Keys); keys.Add (csid); keys.Sort (); int digestSize = digest.GetDigestSize (); byte[] outhash = null; foreach (var key in keys) { if (outhash != null) { digest.BlockUpdate (outhash, 0, digestSize); } else { outhash = new byte[digestSize]; } byte inByte; try { inByte = Convert.ToByte (key, 16); } catch(FormatException) { return null; } catch(OverflowException) { return null; } catch (ArgumentException) { return null; } digest.Update (inByte); digest.DoFinal (outhash, 0); digest.Reset (); digest.BlockUpdate (outhash, 0, digestSize); if (key == csid) { Sha256Digest keyDigest = new Sha256Digest (); keyDigest.BlockUpdate (keyData, 0, keyData.Length); keyDigest.DoFinal (outhash, 0); digest.BlockUpdate (outhash, 0, outhash.Length); } else { byte[] keyIntermediate = Base32Encoder.Decode (intermediates [key]); digest.BlockUpdate (keyIntermediate, 0, keyIntermediate.Length); } digest.DoFinal (outhash, 0); } return Base32Encoder.Encode (outhash).TrimEnd(trimChars).ToLower(); }
public static string HashSomething(string password, string something) { var dig = new Sha256Digest(); byte[] bpassword = Encoding.UTF8.GetBytes(password); dig.BlockUpdate(bpassword, 0, bpassword.Length); var key = new byte[dig.GetDigestSize()]; dig.DoFinal(key, 0); var hmac = new HMac(new Sha256Digest()); hmac.Init(new KeyParameter(key)); byte[] input = Encoding.UTF8.GetBytes(something); hmac.BlockUpdate(input, 0, input.Length); var output = new byte[hmac.GetMacSize()]; hmac.DoFinal(output, 0); var sb = new StringBuilder(output.Length*2); foreach (byte b in output) { sb.AppendFormat("{0:x2}", b); } return sb.ToString(); }
public ITestResult Perform() { IDigest digest = new Sha256Digest(); byte[] resBuf = new byte[digest.GetDigestSize()]; string resStr; // // test 1 // digest.DoFinal(resBuf, 0); resStr = Hex.ToHexString(resBuf); if (!resVec1.Equals(resStr)) { return new SimpleTestResult(false, "SHA-256 failing standard vector test 1" + SimpleTest.NewLine + " expected: " + resVec1 + SimpleTest.NewLine + " got : " + resStr); } // // test 2 // byte[] bytes = Hex.Decode(testVec2); digest.BlockUpdate(bytes, 0, bytes.Length); digest.DoFinal(resBuf, 0); resStr = Hex.ToHexString(resBuf); if (!resVec2.Equals(resStr)) { return new SimpleTestResult(false, "SHA-256 failing standard vector test 2" + SimpleTest.NewLine + " expected: " + resVec2 + SimpleTest.NewLine + " got : " + resStr); } // // test 3 // bytes = Hex.Decode(testVec3); digest.BlockUpdate(bytes, 0, bytes.Length); digest.DoFinal(resBuf, 0); resStr = Hex.ToHexString(resBuf); if (!resVec3.Equals(resStr)) { return new SimpleTestResult(false, "SHA-256 failing standard vector test 3" + SimpleTest.NewLine + " expected: " + resVec3 + SimpleTest.NewLine + " got : " + resStr); } // // test 4 // bytes = Hex.Decode(testVec4); digest.BlockUpdate(bytes, 0, bytes.Length); digest.DoFinal(resBuf, 0); resStr = Hex.ToHexString(resBuf); if (!resVec4.Equals(resStr)) { return new SimpleTestResult(false, "SHA-256 failing standard vector test 4" + SimpleTest.NewLine + " expected: " + resVec4 + SimpleTest.NewLine + " got : " + resStr); } // // test 5 // bytes = Hex.Decode(testVec4); digest.BlockUpdate(bytes, 0, bytes.Length/2); // clone the IDigest IDigest d = new Sha256Digest((Sha256Digest)digest); digest.BlockUpdate(bytes, bytes.Length/2, bytes.Length - bytes.Length/2); digest.DoFinal(resBuf, 0); resStr = Hex.ToHexString(resBuf); if (!resVec4.Equals(resStr)) { return new SimpleTestResult(false, "SHA-256 failing standard vector test 5" + SimpleTest.NewLine + " expected: " + resVec4 + SimpleTest.NewLine + " got : " + resStr); } d.BlockUpdate(bytes, bytes.Length/2, bytes.Length - bytes.Length/2); d.DoFinal(resBuf, 0); resStr = Hex.ToHexString(resBuf); if (!resVec4.Equals(resStr)) { return new SimpleTestResult(false, "SHA-256 failing standard vector test 5" + SimpleTest.NewLine + " expected: " + resVec4 + SimpleTest.NewLine + " got : " + resStr); } // test 6 bytes = Hex.Decode(testVec5); for ( int i = 0; i < 100000; i++ ) { digest.BlockUpdate(bytes, 0, bytes.Length); } digest.DoFinal(resBuf, 0); resStr = Hex.ToHexString(resBuf); if (!resVec5.Equals(resStr)) { return new SimpleTestResult(false, "SHA-256 failing standard vector test 6" + SimpleTest.NewLine + " expected: " + resVec5 + SimpleTest.NewLine + " got : " + resStr); } return new SimpleTestResult(true, Name + ": Okay"); }
public static string ByteArrayToBase58Check(byte[] ba) { byte[] bb = new byte[ba.Length + 4]; Array.Copy(ba, bb, ba.Length); Sha256Digest bcsha256a = new Sha256Digest(); bcsha256a.BlockUpdate(ba, 0, ba.Length); byte[] thehash = new byte[32]; bcsha256a.DoFinal(thehash, 0); bcsha256a.BlockUpdate(thehash, 0, 32); bcsha256a.DoFinal(thehash, 0); for (int i = 0; i < 4; i++) bb[ba.Length + i] = thehash[i]; return Base58.FromByteArray(bb); }
private static byte[] ComputeHash(object document) { var sha = new Sha256Digest(); var stream = new DigestStream(new MemoryStream(), null, sha); using (var writer = new StreamWriter(stream)) { string mementoToString = JsonConvert.SerializeObject(document); writer.Write(mementoToString); } byte[] buffer = new byte[sha.GetDigestSize()]; sha.DoFinal(buffer, 0); return buffer; }
private static Boolean SignatureMatches(string encodedSignature, string encodedAgreement, string signTextTransformation, OpensignSignature opensignSignature) { if (!encodedAgreement.Equals(encodedSignature)) { return false; } var stylesheetDigest = opensignSignature.StylesheetDigest; if (stylesheetDigest != null) { if (signTextTransformation == null) { throw new ArgumentException("signTextTransformation is required for XML signing"); } var digest = new Sha256Digest(); var encode = new ASCIIEncoding(); byte[] stylesheetBytes = encode.GetBytes(signTextTransformation); digest.BlockUpdate(stylesheetBytes, 0, stylesheetBytes.Length); var digestBytes = new byte[digest.GetDigestSize()]; digest.DoFinal(digestBytes, 0); var calculatedDigest = Encoding.UTF8.GetString(digestBytes, 0, digestBytes.Length); return stylesheetDigest.Equals(calculatedDigest); } return true; }
private byte[] Hash(byte[] data) { var hash = new byte[32]; var sha256 = new Sha256Digest(); sha256.BlockUpdate(data, 0, data.Length); sha256.DoFinal(hash, 0); return hash; }
internal static byte[] GetCertificateAssocicationData(TlsaSelector selector, TlsaMatchingType matchingType, X509Certificate certificate) { byte[] selectedBytes; switch (selector) { case TlsaSelector.FullCertificate: selectedBytes = certificate.GetRawCertData(); break; case TlsaSelector.SubjectPublicKeyInfo: selectedBytes = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(DotNetUtilities.FromX509Certificate(certificate).GetPublicKey()).GetDerEncoded(); break; default: throw new NotSupportedException(); } byte[] matchingBytes; switch (matchingType) { case TlsaMatchingType.Full: matchingBytes = selectedBytes; break; case TlsaMatchingType.Sha256Hash: Sha256Digest sha256Digest = new Sha256Digest(); sha256Digest.BlockUpdate(selectedBytes, 0, selectedBytes.Length); matchingBytes = new byte[sha256Digest.GetDigestSize()]; sha256Digest.DoFinal(matchingBytes, 0); break; case TlsaMatchingType.Sha512Hash: Sha512Digest sha512Digest = new Sha512Digest(); sha512Digest.BlockUpdate(selectedBytes, 0, selectedBytes.Length); matchingBytes = new byte[sha512Digest.GetDigestSize()]; sha512Digest.DoFinal(matchingBytes, 0); break; default: throw new NotSupportedException(); } return matchingBytes; }
private bool verifyAddressHash(string addressBase58, byte[] hex) { // check address hash UTF8Encoding utf8 = new UTF8Encoding(false); Sha256Digest sha256 = new Sha256Digest(); byte[] addrhash = new byte[32]; byte[] addrtext = utf8.GetBytes(addressBase58); sha256.BlockUpdate(addrtext, 0, addrtext.Length); sha256.DoFinal(addrhash, 0); sha256.BlockUpdate(addrhash, 0, 32); sha256.DoFinal(addrhash, 0); if (addrhash[0] != hex[3] || addrhash[1] != hex[4] || addrhash[2] != hex[5] || addrhash[3] != hex[6]) { return false; } return true; }
private void btnVccVerifyConfirmationCode_Click(object sender, EventArgs e) { lblResult.Visible = false; // check for null entry if (tbxVccPassphrase.Text == "") { MessageBox.Show("Passphrase is required.", "Passphrase required", MessageBoxButtons.OK, MessageBoxIcon.Exclamation); return; } if (tbxVccConfirmationCode.Text == "") { MessageBox.Show("Confirmation code is required.", "Confirmation code required", MessageBoxButtons.OK, MessageBoxIcon.Exclamation); return; } // Parse confirmation code. byte[] confbytes = Util.Base58CheckToByteArray(tbxVccConfirmationCode.Text.Trim()); if (confbytes == null) { // is it even close? if (tbxVccConfirmationCode.Text.StartsWith("cfrm38")) { MessageBox.Show("This is not a valid confirmation code. It has the right prefix, but " + "doesn't contain valid confirmation data. Possible typo or incomplete?", "Invalid confirmation code", MessageBoxButtons.OK, MessageBoxIcon.Exclamation); return; } MessageBox.Show("This is not a valid confirmation code.", "Invalid confirmation code", MessageBoxButtons.OK, MessageBoxIcon.Exclamation); return; } if (confbytes.Length != 51 || confbytes[0] != 0x64 || confbytes[1] != 0x3B || confbytes[2] != 0xF6 || confbytes[3] != 0xA8 || confbytes[4] != 0x9A || confbytes[18] < 0x02 || confbytes[18] > 0x03) { // Unrecognized Base58 object. Do we know what this is? Tell the user. object result = StringInterpreter.Interpret(tbxVccConfirmationCode.Text.Trim()); if (result != null) { // did we actually get an encrypted private key? if so, just try to decrypt it. if (result is PassphraseKeyPair) { PassphraseKeyPair ppkp = result as PassphraseKeyPair; if (ppkp.DecryptWithPassphrase(tbxVccPassphrase.Text)) { confirmIsValid(ppkp.GetAddress().AddressBase58); MessageBox.Show("What you provided contains a private key, not just a confirmation. " + "Confirmation is successful, and with this correct passphrase, " + "you are also able to spend the funds from the address.", "This is actually a private key", MessageBoxButtons.OK, MessageBoxIcon.Information); return; } else { MessageBox.Show("This is not a valid confirmation code. It looks like an " + "encrypted private key. Decryption was attempted but the passphrase couldn't decrypt it", "Invalid confirmation code", MessageBoxButtons.OK, MessageBoxIcon.Exclamation); return; } } string objectKind = result.GetType().Name; if (objectKind == "AddressBase") { objectKind = "an Address"; } else { objectKind = "a " + objectKind; } MessageBox.Show("This is not a valid confirmation code. Instead, it looks like " + objectKind + ". Perhaps you entered the wrong thing? Confirmation codes " + "start with \"cfrm\".", "Invalid confirmation code", MessageBoxButtons.OK, MessageBoxIcon.Exclamation); return; } MessageBox.Show("This is not a valid confirmation code.", "Invalid confirmation code", MessageBoxButtons.OK, MessageBoxIcon.Exclamation); return; } // extract ownersalt and get an intermediate byte[] ownersalt = new byte[8]; Array.Copy(confbytes, 10, ownersalt, 0, 8); bool includeHashStep = (confbytes[5] & 0x04) == 0x04; Bip38Intermediate intermediate = new Bip38Intermediate(tbxVccPassphrase.Text, ownersalt, includeHashStep); // derive the 64 bytes we need // get ECPoint from passpoint PublicKey pk = new PublicKey(intermediate.passpoint); byte[] addresshashplusownersalt = new byte[12]; Array.Copy(confbytes, 6, addresshashplusownersalt, 0, 4); Array.Copy(intermediate.ownerentropy, 0, addresshashplusownersalt, 4, 8); // derive encryption key material byte[] derived = new byte[64]; SCrypt.ComputeKey(intermediate.passpoint, addresshashplusownersalt, 1024, 1, 1, 1, derived); byte[] derivedhalf2 = new byte[32]; Array.Copy(derived, 32, derivedhalf2, 0, 32); byte[] unencryptedpubkey = new byte[33]; // recover the 0x02 or 0x03 prefix unencryptedpubkey[0] = (byte)(confbytes[18] ^ (derived[63] & 0x01)); // decrypt var aes = Aes.Create(); aes.KeySize = 256; aes.Mode = CipherMode.ECB; aes.Key = derivedhalf2; ICryptoTransform decryptor = aes.CreateDecryptor(); decryptor.TransformBlock(confbytes, 19, 16, unencryptedpubkey, 1); decryptor.TransformBlock(confbytes, 19, 16, unencryptedpubkey, 1); decryptor.TransformBlock(confbytes, 19 + 16, 16, unencryptedpubkey, 17); decryptor.TransformBlock(confbytes, 19 + 16, 16, unencryptedpubkey, 17); // xor out the padding for (int i = 0; i < 32; i++) unencryptedpubkey[i + 1] ^= derived[i]; // reconstitute the ECPoint var ps = Org.BouncyCastle.Asn1.Sec.SecNamedCurves.GetByName("secp256k1"); ECPoint point; try { point = ps.Curve.DecodePoint(unencryptedpubkey); // multiply passfactor. Result is going to be compressed. ECPoint pubpoint = point.Multiply(new BigInteger(1, intermediate.passfactor)); // Do we want it uncompressed? then we will have to uncompress it. byte flagbyte = confbytes[5]; if ((flagbyte & 0x20) == 0x00) { pubpoint = ps.Curve.CreatePoint(pubpoint.X.ToBigInteger(), pubpoint.Y.ToBigInteger(), false); } // Convert to bitcoin address and check address hash. PublicKey generatedaddress = new PublicKey(pubpoint); // get addresshash UTF8Encoding utf8 = new UTF8Encoding(false); Sha256Digest sha256 = new Sha256Digest(); byte[] generatedaddressbytes = utf8.GetBytes(generatedaddress.AddressBase58); sha256.BlockUpdate(generatedaddressbytes, 0, generatedaddressbytes.Length); byte[] addresshashfull = new byte[32]; sha256.DoFinal(addresshashfull, 0); sha256.BlockUpdate(addresshashfull, 0, 32); sha256.DoFinal(addresshashfull, 0); for (int i = 0; i < 4; i++) { if (addresshashfull[i] != confbytes[i + 6]) { MessageBox.Show("This passphrase is wrong or does not belong to this confirmation code.", "Invalid passphrase", MessageBoxButtons.OK, MessageBoxIcon.Exclamation); return; } } confirmIsValid(generatedaddress.AddressBase58); } catch { // Might throw an exception - not every 256-bit integer is a valid X coordinate MessageBox.Show("This passphrase is wrong or does not belong to this confirmation code.", "Invalid passphrase", MessageBoxButtons.OK, MessageBoxIcon.Exclamation); return; } }
public override bool DecryptWithPassphrase(string passphrase) { if (passphrase == null) { return false; } byte[] hex = Util.Base58CheckToByteArray(_encryptedKey); KeyPair tempkey = null; if (hex.Length == 39 && hex[0] == 1 && hex[1] == 0x42) { UTF8Encoding utf8 = new UTF8Encoding(false); byte[] addresshash = new byte[] { hex[3], hex[4], hex[5], hex[6] }; byte[] derivedBytes = new byte[64]; SCrypt.ComputeKey(utf8.GetBytes(passphrase), addresshash, 16384, 8, 8, 8, derivedBytes); var aes = Aes.Create(); aes.KeySize = 256; aes.Mode = CipherMode.ECB; byte[] aeskey = new byte[32]; Array.Copy(derivedBytes, 32, aeskey, 0, 32); aes.Key = aeskey; ICryptoTransform decryptor = aes.CreateDecryptor(); byte[] decrypted = new byte[32]; decryptor.TransformBlock(hex, 7, 16, decrypted, 0); decryptor.TransformBlock(hex, 7, 16, decrypted, 0); decryptor.TransformBlock(hex, 23, 16, decrypted, 16); decryptor.TransformBlock(hex, 23, 16, decrypted, 16); for (int x = 0; x < 32; x++) decrypted[x] ^= derivedBytes[x]; tempkey = new KeyPair(decrypted, compressed: IsCompressedPoint); Sha256Digest sha256 = new Sha256Digest(); byte[] addrhash = new byte[32]; byte[] addrtext = utf8.GetBytes(tempkey.AddressBase58); sha256.BlockUpdate(addrtext, 0, addrtext.Length); sha256.DoFinal(addrhash, 0); sha256.BlockUpdate(addrhash, 0, 32); sha256.DoFinal(addrhash, 0); if (addrhash[0] != hex[3] || addrhash[1] != hex[4] || addrhash[2] != hex[5] || addrhash[3] != hex[6]) { return false; } _privKey = tempkey.PrivateKeyBytes; _pubKey = tempkey.PublicKeyBytes; _hash160 = tempkey.Hash160; return true; } else if (hex.Length == 39 && hex[0] == 1 && hex[1] == 0x43) { // produce the intermediate from the passphrase // get ownersalt and encryptedpart2 since they are in the record byte[] ownersalt = new byte[8]; Array.Copy(hex, 7, ownersalt, 0, 8); bool includeHashStep = (hex[2] & 4) == 4; Bip38Intermediate intermediate = new Bip38Intermediate(passphrase, ownersalt, includeHashStep); this.LotNumber = intermediate.LotNumber; this.SequenceNumber = intermediate.SequenceNumber; tempkey = decryptUsingIntermediate(intermediate, hex); if (verifyAddressHash(tempkey.AddressBase58, hex) == false) return false; } _privKey = tempkey.PrivateKeyBytes; _pubKey = tempkey.PublicKeyBytes; _hash160 = tempkey.Hash160; return true; }
private KeyPair decryptUsingIntermediate(Bip38Intermediate intermediate, byte[] hex) { if (intermediate.passfactor == null) { throw new ArgumentException("This is an encryption-only intermediate code because it was not created from a passphrase. An intermediate must have been created from passphrase to be used for decryption"); } byte[] encryptedpart2 = new byte[16]; Array.Copy(hex, 23, encryptedpart2, 0, 16); // get the first part of encryptedpart1 (the rest is encrypted within encryptedpart2) byte[] encryptedpart1 = new byte[16]; Array.Copy(hex, 15, encryptedpart1, 0, 8); // derive decryption key byte[] addresshashplusownerentropy = new byte[12]; Array.Copy(hex, 3, addresshashplusownerentropy, 0, 4); Array.Copy(intermediate.ownerentropy, 0, addresshashplusownerentropy, 4, 8); byte[] derived = new byte[64]; SCrypt.ComputeKey(intermediate.passpoint, addresshashplusownerentropy, 1024, 1, 1, 1, derived); byte[] derivedhalf2 = new byte[32]; Array.Copy(derived, 32, derivedhalf2, 0, 32); // decrypt encrypted payload var aes = Aes.Create(); aes.KeySize = 256; aes.Mode = CipherMode.ECB; aes.Key = derivedhalf2; ICryptoTransform decryptor = aes.CreateDecryptor(); byte[] unencryptedpart2 = new byte[16]; decryptor.TransformBlock(encryptedpart2, 0, 16, unencryptedpart2, 0); decryptor.TransformBlock(encryptedpart2, 0, 16, unencryptedpart2, 0); for (int i = 0; i < 16; i++) { unencryptedpart2[i] ^= derived[i + 16]; } // take the decrypted part and recover encrypted part 1 Array.Copy(unencryptedpart2, 0, encryptedpart1, 8, 8); // decrypt part 1 byte[] unencryptedpart1 = new byte[16]; decryptor.TransformBlock(encryptedpart1, 0, 16, unencryptedpart1, 0); decryptor.TransformBlock(encryptedpart1, 0, 16, unencryptedpart1, 0); for (int i = 0; i < 16; i++) { unencryptedpart1[i] ^= derived[i]; } // recover seedb byte[] seedb = new byte[24]; Array.Copy(unencryptedpart1, 0, seedb, 0, 16); Array.Copy(unencryptedpart2, 8, seedb, 16, 8); // turn seedb into factorb Sha256Digest sha256 = new Sha256Digest(); sha256.BlockUpdate(seedb, 0, 24); byte[] factorb = new byte[32]; sha256.DoFinal(factorb, 0); sha256.BlockUpdate(factorb, 0, 32); sha256.DoFinal(factorb, 0); // get private key var ps = Org.BouncyCastle.Asn1.Sec.SecNamedCurves.GetByName("secp256k1"); BigInteger privatekey = new BigInteger(1, intermediate.passfactor).Multiply(new BigInteger(1, factorb)).Mod(ps.N); // use private key return new KeyPair(privatekey, this.IsCompressedPoint, this._addressType); }
/// <summary> /// Encryption constructor to create a new random key from an intermediate /// </summary> public Bip38KeyPair(Bip38Intermediate intermediate, bool retainPrivateKeyWhenPossible=false) { // generate seedb byte[] seedb = new byte[24]; SecureRandom sr = new SecureRandom(); sr.NextBytes(seedb); // get factorb as sha256(sha256(seedb)) Sha256Digest sha256 = new Sha256Digest(); sha256.BlockUpdate(seedb, 0, 24); factorb = new byte[32]; sha256.DoFinal(factorb, 0); sha256.BlockUpdate(factorb, 0, 32); sha256.DoFinal(factorb, 0); // get ECPoint from passpoint PublicKey pk = new PublicKey(intermediate.passpoint); ECPoint generatedpoint = pk.GetECPoint().Multiply(new BigInteger(1, factorb)); byte[] generatedpointbytes = generatedpoint.GetEncoded(); PublicKey generatedaddress = new PublicKey(generatedpointbytes); // get addresshash UTF8Encoding utf8 = new UTF8Encoding(false); byte[] generatedaddressbytes = utf8.GetBytes(generatedaddress.AddressBase58); sha256.BlockUpdate(generatedaddressbytes, 0, generatedaddressbytes.Length); byte[] addresshashfull = new byte[32]; sha256.DoFinal(addresshashfull, 0); sha256.BlockUpdate(addresshashfull, 0, 32); sha256.DoFinal(addresshashfull, 0); byte[] addresshashplusownerentropy = new byte[12]; Array.Copy(addresshashfull, 0, addresshashplusownerentropy, 0, 4); Array.Copy(intermediate.ownerentropy, 0, addresshashplusownerentropy, 4, 8); // derive encryption key material derived = new byte[64]; SCrypt.ComputeKey(intermediate.passpoint, addresshashplusownerentropy, 1024, 1, 1, 1, derived); byte[] derivedhalf2 = new byte[32]; Array.Copy(derived, 32, derivedhalf2, 0, 32); byte[] unencryptedpart1 = new byte[16]; for (int i = 0; i < 16; i++) { unencryptedpart1[i] = (byte)(seedb[i] ^ derived[i]); } byte[] encryptedpart1 = new byte[16]; // encrypt it var aes = Aes.Create(); aes.KeySize = 256; aes.Mode = CipherMode.ECB; aes.Key = derivedhalf2; ICryptoTransform encryptor = aes.CreateEncryptor(); encryptor.TransformBlock(unencryptedpart1, 0, 16, encryptedpart1, 0); encryptor.TransformBlock(unencryptedpart1, 0, 16, encryptedpart1, 0); byte[] unencryptedpart2 = new byte[16]; for (int i = 0; i < 8; i++) { unencryptedpart2[i] = (byte)(encryptedpart1[i + 8] ^ derived[i + 16]); } for (int i = 0; i < 8; i++) { unencryptedpart2[i + 8] = (byte)(seedb[i + 16] ^ derived[i + 24]); } byte[] encryptedpart2 = new byte[16]; encryptor.TransformBlock(unencryptedpart2, 0, 16, encryptedpart2, 0); encryptor.TransformBlock(unencryptedpart2, 0, 16, encryptedpart2, 0); byte[] result = new byte[39]; result[0] = 0x01; result[1] = 0x43; result[2] = generatedaddress.IsCompressedPoint ? (byte)0x20 : (byte)0x00; if (intermediate.LotSequencePresent) result[2] |= 0x04; Array.Copy(addresshashfull, 0, result, 3, 4); Array.Copy(intermediate.ownerentropy, 0, result, 7, 8); Array.Copy(encryptedpart1, 0, result, 15, 8); Array.Copy(encryptedpart2, 0, result, 23, 16); _encryptedKey = Util.ByteArrayToBase58Check(result); _pubKey = generatedaddress.PublicKeyBytes; _hash160 = generatedaddress.Hash160; var ps = Org.BouncyCastle.Asn1.Sec.SecNamedCurves.GetByName("secp256k1"); if (retainPrivateKeyWhenPossible && intermediate.passfactor != null) { BigInteger privatekey = new BigInteger(1, intermediate.passfactor).Multiply(new BigInteger(1, factorb)).Mod(ps.N); _privKey = new KeyPair(privatekey).PrivateKeyBytes; } // create the confirmation code confirmationCodeInfo = new byte[51]; // constant provides for prefix "cfrm38" confirmationCodeInfo[0] = 0x64; confirmationCodeInfo[1] = 0x3B; confirmationCodeInfo[2] = 0xF6; confirmationCodeInfo[3] = 0xA8; confirmationCodeInfo[4] = 0x9A; // fields for flagbyte, addresshash, and ownerentropy all copy verbatim Array.Copy(result, 2, confirmationCodeInfo, 5, 1 + 4 + 8); }
private static string GetHashDigest(Sha256Digest hash) { var digest = new byte[hash.GetDigestSize()]; hash.DoFinal(digest, 0); return BitConverter.ToString(digest).Replace("-", string.Empty).ToLower(); }
public static byte[] SHA256(byte[] data, int count) { Sha256Digest sha256 = new Sha256Digest(); sha256.BlockUpdate(data, 0, count); byte[] rv = new byte[32]; sha256.DoFinal(rv, 0); return rv; }
public Exception DecryptWithPassphrase(string passphrase) { // check for null entry if (passphrase == null || passphrase == "") { return new ArgumentException("Passphrase is required"); } Bip38Intermediate intermediate = new Bip38Intermediate(passphrase, _ownerentropy, LotSequencePresent); // derive the 64 bytes we need // get ECPoint from passpoint PublicKey pk = new PublicKey(intermediate.passpoint); byte[] addresshashplusownerentropy = Util.ConcatenateByteArrays(_addressHash, intermediate.ownerentropy); // derive encryption key material byte[] derived = new byte[64]; SCrypt.ComputeKey(intermediate.passpoint, addresshashplusownerentropy, 1024, 1, 1, 1, derived); byte[] derivedhalf2 = new byte[32]; Array.Copy(derived, 32, derivedhalf2, 0, 32); byte[] unencryptedpubkey = new byte[33]; // recover the 0x02 or 0x03 prefix unencryptedpubkey[0] = (byte)(_encryptedpointb[0] ^ (derived[63] & 0x01)); // decrypt var aes = Aes.Create(); aes.KeySize = 256; aes.Mode = CipherMode.ECB; aes.Key = derivedhalf2; ICryptoTransform decryptor = aes.CreateDecryptor(); decryptor.TransformBlock(_encryptedpointb, 1, 16, unencryptedpubkey, 1); decryptor.TransformBlock(_encryptedpointb, 1, 16, unencryptedpubkey, 1); decryptor.TransformBlock(_encryptedpointb, 1 + 16, 16, unencryptedpubkey, 17); decryptor.TransformBlock(_encryptedpointb, 1 + 16, 16, unencryptedpubkey, 17); // xor out the padding for (int i = 0; i < 32; i++) unencryptedpubkey[i + 1] ^= derived[i]; // reconstitute the ECPoint var ps = Org.BouncyCastle.Asn1.Sec.SecNamedCurves.GetByName("secp256k1"); ECPoint point; try { point = ps.Curve.DecodePoint(unencryptedpubkey); // multiply passfactor. Result is going to be compressed. ECPoint pubpoint = point.Multiply(new BigInteger(1, intermediate.passfactor)); // Do we want it uncompressed? then we will have to uncompress it. if (IsCompressedPoint==false) { pubpoint = ps.Curve.CreatePoint(pubpoint.X.ToBigInteger(), pubpoint.Y.ToBigInteger(), false); } // Convert to bitcoin address and check address hash. PublicKey generatedaddress = new PublicKey(pubpoint); // get addresshash UTF8Encoding utf8 = new UTF8Encoding(false); Sha256Digest sha256 = new Sha256Digest(); byte[] generatedaddressbytes = utf8.GetBytes(generatedaddress.AddressBase58); sha256.BlockUpdate(generatedaddressbytes, 0, generatedaddressbytes.Length); byte[] addresshashfull = new byte[32]; sha256.DoFinal(addresshashfull, 0); sha256.BlockUpdate(addresshashfull, 0, 32); sha256.DoFinal(addresshashfull, 0); for (int i = 0; i < 4; i++) { if (addresshashfull[i] != _addressHash[i]) { return new ArgumentException("This passphrase is wrong or does not belong to this confirmation code."); } } this.PublicKey = generatedaddress; } catch { return new ArgumentException("This passphrase is wrong or does not belong to this confirmation code."); } return null; }
public static byte[] ComputeSha256(byte[] ofwhat) { Sha256Digest sha256 = new Sha256Digest(); sha256.BlockUpdate(ofwhat, 0, ofwhat.Length); byte[] rv = new byte[32]; sha256.DoFinal(rv, 0); return rv; }
public static byte[] Digest(byte[] data, String algo) { if (algo == null) { throw new ArgumentNullException("El algoritmo de huella digital no puede ser nulo"); } if (data == null) { throw new ArgumentNullException("Los datos no pueden ser nulos"); } switch (algo) { /** * ALGORITMOS DE HASING */ case AOSignConstants.SIGN_ALGORITHM_SHA1: { Sha1Digest dig = new Sha1Digest(); dig.BlockUpdate(data, 0, data.Length); byte[] result = new byte[dig.GetDigestSize()]; dig.DoFinal(result, 0); return result; } case AOSignConstants.SIGN_ALGORITHM_SHA256: { Sha256Digest dig = new Sha256Digest(); dig.BlockUpdate(data, 0, data.Length); byte[] result = new byte[dig.GetDigestSize()]; dig.DoFinal(result, 0); return result; } case AOSignConstants.SIGN_ALGORITHM_SHA384: { Sha384Digest dig = new Sha384Digest(); dig.BlockUpdate(data, 0, data.Length); byte[] result = new byte[dig.GetDigestSize()]; dig.DoFinal(result, 0); return result; } case AOSignConstants.SIGN_ALGORITHM_SHA512: { Sha512Digest dig = new Sha512Digest(); dig.BlockUpdate(data, 0, data.Length); byte[] result = new byte[dig.GetDigestSize()]; dig.DoFinal(result, 0); return result; } case AOSignConstants.SIGN_ALGORITHM_RIPEMD160: { RipeMD160Digest dig = new RipeMD160Digest(); dig.BlockUpdate(data, 0, data.Length); byte[] result = new byte[dig.GetDigestSize()]; dig.DoFinal(result, 0); return result; } case AOSignConstants.SIGN_ALGORITHM_MD5: { MD5Digest dig = new MD5Digest(); dig.BlockUpdate(data, 0, data.Length); byte[] result = new byte[dig.GetDigestSize()]; dig.DoFinal(result, 0); return result; } case AOSignConstants.SIGN_ALGORITHM_MD2: { MD2Digest dig = new MD2Digest(); dig.BlockUpdate(data, 0, data.Length); byte[] result = new byte[dig.GetDigestSize()]; dig.DoFinal(result, 0); return result; } default: // You can use the default case. throw new ArgumentNullException("El algoritmo no es reconocido"); } throw new ArgumentNullException("Algoritmo de hash no soportado: " + algo); }
/// <summary> /// Creates a new key pair using the SHA256 hash of a given string as the private key. /// </summary> public static KeyPair CreateFromString(string tohash) { UTF8Encoding utf8 = new UTF8Encoding(false); byte[] forsha = utf8.GetBytes(tohash); Sha256Digest sha256 = new Sha256Digest(); sha256.BlockUpdate(forsha, 0, forsha.Length); byte[] thehash = new byte[32]; sha256.DoFinal(thehash, 0); return new KeyPair(thehash); }