public override void PerformTest()
{
IDigest d = new Sha1Digest();
ShortenedDigest sd = new ShortenedDigest(new Sha1Digest(), 10);
if (sd.GetDigestSize() != 10)
{
Fail("size check wrong for SHA-1");
}
if (sd.GetByteLength() != d.GetByteLength())
{
Fail("byte length check wrong for SHA-1");
}
//
// check output fits
//
sd.DoFinal(new byte[10], 0);
d = new Sha512Digest();
sd = new ShortenedDigest(new Sha512Digest(), 20);
if (sd.GetDigestSize() != 20)
{
Fail("size check wrong for SHA-512");
}
if (sd.GetByteLength() != d.GetByteLength())
{
Fail("byte length check wrong for SHA-512");
}
//
// check output fits
//
sd.DoFinal(new byte[20], 0);
try
{
new ShortenedDigest(null, 20);
Fail("null parameter not caught");
}
catch (ArgumentException)
{
// expected
}
try
{
new ShortenedDigest(new Sha1Digest(), 50);
Fail("short digest not caught");
}
catch (ArgumentException)
{
// expected
}
}
public static byte[] ComputeSha512(byte[] ofwhat)
{
Sha512Digest sha512 = new Sha512Digest();
sha512.BlockUpdate(ofwhat, 0, ofwhat.Length);
byte[] rv = new byte[64];
sha512.DoFinal(rv, 0);
return rv;
}
private void HashPassword()
{
if (string.IsNullOrEmpty(Password))
Password = NoPassword;
var pswBytes = Encoding.UTF8.GetBytes(Password);
var sha512 = new Sha512Digest();
var hashedPassword = new byte[sha512.GetDigestSize()];
sha512.BlockUpdate(pswBytes, 0, pswBytes.Length);
sha512.DoFinal(hashedPassword, 0);
Hash = BitConverter.ToString(hashedPassword).Replace("-", "").ToLower();
Password = string.Empty;
}
/// <summary>
/// Attempts to authenticate the provided stream.
/// </summary>
/// <param name="stream">the stream to authenticate</param>
/// <returns>True if successful, false otherwise</returns>
public bool TryAuthenticate(Stream stream, byte[] additionalChallenge)
{
// Header
// C => S
// byte Mode = (1: New, 2: Resume)
byte mode = stream.ReadNextByte();
Sha512Digest hash = new Sha512Digest();
switch (mode)
{
case 1:
return StandardAuthentication(hash, stream, additionalChallenge);
case 2: //resume ticket
return ResumeTicket(hash, stream, additionalChallenge);
default:
return false;
}
}
/// <summary>
/// Computes the hash of all of the supplied parameters.
/// </summary>
/// <param name="words"></param>
/// <returns></returns>
private static byte[] ComputeHash(params byte[][] words)
{
Sha512Digest hash = new Sha512Digest();
hash.Reset();
foreach (var w in words)
{
hash.BlockUpdate(w, 0, w.Length);
}
byte[] rv = new byte[hash.GetDigestSize()];
hash.DoFinal(rv, 0);
return rv;
}
public override void Reset(IMemoable other)
{
Sha512Digest t = (Sha512Digest)other;
base.CopyIn(t);
}
/**
* Copy constructor. This will copy the state of the provided
* message digest.
*/
public Sha512Digest(
Sha512Digest t)
: base(t)
{
}
public virtual ITestResult Perform()
{
IDigest digest = new Sha512Digest();
byte[] resBuf = new byte[digest.GetDigestSize()];
string resStr;
//
// test 1
//
digest.DoFinal(resBuf, 0);
resStr = Hex.ToHexString(resBuf);
if (!resVec1.Equals(resStr))
{
return new SimpleTestResult(false, "SHA-512 failing standard vector test 1" + SimpleTest.NewLine + " expected: " + resVec1 + SimpleTest.NewLine + " got : " + resStr);
}
//
// test 2
//
byte[] bytes = Hex.Decode(testVec2);
digest.BlockUpdate(bytes, 0, bytes.Length);
digest.DoFinal(resBuf, 0);
resStr = Hex.ToHexString(resBuf);
if (!resVec2.Equals(resStr))
{
return new SimpleTestResult(false, "SHA-512 failing standard vector test 2" + SimpleTest.NewLine + " expected: " + resVec2 + SimpleTest.NewLine + " got : " + resStr);
}
//
// test 3
//
bytes = Hex.Decode(testVec3);
digest.BlockUpdate(bytes, 0, bytes.Length);
digest.DoFinal(resBuf, 0);
resStr = Hex.ToHexString(resBuf);
if (!resVec3.Equals(resStr))
{
return new SimpleTestResult(false, "SHA-512 failing standard vector test 3" + SimpleTest.NewLine + " expected: " + resVec3 + SimpleTest.NewLine + " got : " + resStr);
}
//
// test 4
//
bytes = Hex.Decode(testVec4);
digest.BlockUpdate(bytes, 0, bytes.Length);
digest.DoFinal(resBuf, 0);
resStr = Hex.ToHexString(resBuf);
if (!resVec4.Equals(resStr))
{
return new SimpleTestResult(false, "SHA-512 failing standard vector test 4" + SimpleTest.NewLine + " expected: " + resVec4 + SimpleTest.NewLine + " got : " + resStr);
}
//
// test 5
//
bytes = Hex.Decode(testVec4);
digest.BlockUpdate(bytes, 0, bytes.Length / 2);
// clone the IDigest
IDigest d = new Sha512Digest((Sha512Digest)digest);
digest.BlockUpdate(bytes, bytes.Length / 2, bytes.Length - bytes.Length / 2);
digest.DoFinal(resBuf, 0);
resStr = Hex.ToHexString(resBuf);
if (!resVec4.Equals(resStr))
{
return new SimpleTestResult(false, "SHA-512 failing standard vector test 5" + SimpleTest.NewLine + " expected: " + resVec4 + SimpleTest.NewLine + " got : " + resStr);
}
d.BlockUpdate(bytes, bytes.Length / 2, bytes.Length - bytes.Length / 2);
d.DoFinal(resBuf, 0);
resStr = Hex.ToHexString(resBuf);
if (!resVec4.Equals(resStr))
{
return new SimpleTestResult(false, "SHA-512 failing standard vector test 5" + SimpleTest.NewLine + " expected: " + resVec4 + SimpleTest.NewLine + " got : " + resStr);
}
// test 6
bytes = Hex.Decode(testVec5);
for (int i = 0; i < 100000; i++)
{
digest.BlockUpdate(bytes, 0, bytes.Length);
}
digest.DoFinal(resBuf, 0);
resStr = Hex.ToHexString(resBuf);
if (!resVec5.Equals(resStr))
{
return new SimpleTestResult(false, "SHA-512 failing standard vector test 6" + SimpleTest.NewLine + " expected: " + resVec5 + SimpleTest.NewLine + " got : " + resStr);
}
return new SimpleTestResult(true, Name + ": Okay");
}
/// <summary>
/// Note: Clears pool contents before returning
/// </summary>
private void CreateNewPRNG(byte[] pool)
{
if (pool == null)
{
throw new CryptographicException("Refusing to reseed with null pool");
}
try
{
if (pool.Length != PoolSize)
{
throw new CryptographicException("Refusing to reseed with invalid pool");
}
// Now, pool has been seeded, file operations are all completed, it's time to create my internal PRNG
IDigest digest;
switch (this.myRNGAlgorithm)
{
case PrngAlgorithm.MD5_128bit:
digest = new MD5Digest();
break;
case PrngAlgorithm.RIPEMD128_128bit:
digest = new RipeMD128Digest();
break;
case PrngAlgorithm.RIPEMD160_160bit:
digest = new RipeMD160Digest();
break;
case PrngAlgorithm.RIPEMD256_256bit:
digest = new RipeMD256Digest();
break;
case PrngAlgorithm.RIPEMD320_320bit:
digest = new RipeMD320Digest();
break;
case PrngAlgorithm.SHA1_160bit:
digest = new Sha1Digest();
break;
case PrngAlgorithm.SHA256_256bit:
digest = new Sha256Digest();
break;
case PrngAlgorithm.SHA512_512bit:
digest = new Sha512Digest();
break;
case PrngAlgorithm.Tiger_192bit:
digest = new TigerDigest();
break;
case PrngAlgorithm.Whirlpool_512bit:
digest = new WhirlpoolDigest();
break;
default:
throw new CryptographicException("Unknown prngAlgorithm specified: " + this.myRNGAlgorithm.ToString());
}
var drng = new DigestRandomGenerator(digest);
drng.AddSeedMaterial(pool);
this.myRNG = drng;
}
finally
{
Array.Clear(pool, 0, pool.Length);
}
}
public TinHatURandom(TinHatRandom myTinHatRandom)
{
this.myTinHatRandom = myTinHatRandom;
this.myTinHatRandom_IsMineExclusively = false;
IDigest digest = new Sha512Digest();
this.myPrng = new DigestRandomGenerator(digest);
this.digestSize = digest.GetDigestSize();
this.SeedSize = this.digestSize;
Reseed();
}
/**
* Copy constructor. This will copy the state of the provided
* message digest.
*/
public Sha512Digest(
Sha512Digest t)
: base(t)
{
}
/// <summary>
/// Computes a hash from a string and an optional salt
/// </summary>
/// <param name="plainText"></param>
/// <param name="saltBytes"></param>
/// <returns></returns>
public static string Hash(string plainText, byte[] saltBytes = null)
{
// Create digest instance to compute our hash
var hash = new Sha512Digest();
// Create a buffer large enough to store the computed hash
var resultBytes = new byte[hash.GetDigestSize()];
// Convert plain text string to bytes
byte[] plainBytes;
if (saltBytes != null)
{
// Add salt to our plain text
plainBytes = saltBytes.Concat(Encoding.UTF8.GetBytes(plainText)).ToArray();
}
else
{
// Not using salt
plainBytes = Encoding.UTF8.GetBytes(plainText);
}
// Process the bytes
hash.BlockUpdate(plainBytes, 0, plainBytes.Length);
// Process final output
hash.DoFinal(resultBytes, 0);
// Convert to string
return Convert.ToBase64String(resultBytes);
}
private IDigest GetDigest(THashAlgorithm hashAlgorithm)
{
IDigest result = null;
switch (hashAlgorithm)
{
case THashAlgorithm.None:
result = new NullDigest();
break;
case THashAlgorithm.MD5:
result = new MD5Digest();
break;
case THashAlgorithm.SHA1:
result = new Sha1Digest();
break;
case THashAlgorithm.SHA224:
result = new Sha224Digest();
break;
case THashAlgorithm.SHA256:
result = new Sha256Digest();
break;
case THashAlgorithm.SHA384:
result = new Sha384Digest();
break;
case THashAlgorithm.SHA512:
result = new Sha512Digest();
break;
default:
break;
}
return result;
}
internal static byte[] GetCertificateAssocicationData(TlsaSelector selector, TlsaMatchingType matchingType, X509Certificate certificate)
{
byte[] selectedBytes;
switch (selector)
{
case TlsaSelector.FullCertificate:
selectedBytes = certificate.GetRawCertData();
break;
case TlsaSelector.SubjectPublicKeyInfo:
selectedBytes = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(DotNetUtilities.FromX509Certificate(certificate).GetPublicKey()).GetDerEncoded();
break;
default:
throw new NotSupportedException();
}
byte[] matchingBytes;
switch (matchingType)
{
case TlsaMatchingType.Full:
matchingBytes = selectedBytes;
break;
case TlsaMatchingType.Sha256Hash:
Sha256Digest sha256Digest = new Sha256Digest();
sha256Digest.BlockUpdate(selectedBytes, 0, selectedBytes.Length);
matchingBytes = new byte[sha256Digest.GetDigestSize()];
sha256Digest.DoFinal(matchingBytes, 0);
break;
case TlsaMatchingType.Sha512Hash:
Sha512Digest sha512Digest = new Sha512Digest();
sha512Digest.BlockUpdate(selectedBytes, 0, selectedBytes.Length);
matchingBytes = new byte[sha512Digest.GetDigestSize()];
sha512Digest.DoFinal(matchingBytes, 0);
break;
default:
throw new NotSupportedException();
}
return matchingBytes;
}
/// <summary>
/// Creates a user credential from the provided data.
/// </summary>
/// <param name="username"></param>
/// <param name="password"></param>
/// <param name="strength"></param>
/// <param name="saltSize"></param>
/// <param name="iterations"></param>
/// <returns></returns>
public SrpUserCredential(string username, string password, SrpStrength strength = SrpStrength.Bits1024, int saltSize = 32, int iterations = 4000)
{
username = username.Normalize(NormalizationForm.FormKC);
password = password.Normalize(NormalizationForm.FormKC);
UsernameBytes = Encoding.UTF8.GetBytes(username);
var constants = SrpConstants.Lookup(strength);
BigInteger N = constants.N;
BigInteger g = constants.g;
byte[] s = SaltGenerator.Create(saltSize);
byte[] hashPassword = PBKDF2.ComputeSaltedPassword(HMACMethod.SHA512, Encoding.UTF8.GetBytes(password), s, iterations, 64);
Sha512Digest hash = new Sha512Digest();
byte[] output = new byte[hash.GetDigestSize()];
hash.BlockUpdate(UsernameBytes, 0, UsernameBytes.Length);
hash.Update((byte)':');
hash.BlockUpdate(hashPassword, 0, hashPassword.Length);
hash.DoFinal(output, 0);
hash.BlockUpdate(s, 0, s.Length);
hash.BlockUpdate(output, 0, output.Length);
hash.DoFinal(output, 0);
BigInteger x = new BigInteger(1, output).Mod(N);
BigInteger v = g.ModPow(x, N);
UserName = username;
Salt = s;
Verification = v.ToByteArray();
Iterations = iterations;
SrpStrength = strength;
VerificationInteger = new BigInteger(1, Verification);
}
/// <summary>
/// Returns implementation of specified hash algorithm
/// </summary>
/// <param name="hashAlgorithm">Hash algorithm</param>
/// <returns>Implementation of specified hash algorithm</returns>
private static IDigest GetHashGenerator(HashAlgorithm hashAlgorithm)
{
IDigest digest = null;
switch (hashAlgorithm)
{
case HashAlgorithm.SHA1:
digest = new Sha1Digest();
break;
case HashAlgorithm.SHA256:
digest = new Sha256Digest();
break;
case HashAlgorithm.SHA384:
digest = new Sha384Digest();
break;
case HashAlgorithm.SHA512:
digest = new Sha512Digest();
break;
default:
throw new NotSupportedException("Unsupported hash algorithm");
}
return digest;
}
public Sha512()
{
_digest = new Sha512Digest();
}
public override void Reset(IMemoable other)
{
Sha512Digest d = (Sha512Digest)other;
CopyIn(d);
}
/// <summary>
/// Return the sha512 hash of the byte array.
/// </summary>
/// <param name="data">Data to be hashed.</param>
public static string Sha512(byte[] data)
{
Sha512Digest digest = new Sha512Digest();
return Encode(data, digest);
}
public static byte[] Digest(byte[] data, String algo)
{
if (algo == null)
{
throw new ArgumentNullException("El algoritmo de huella digital no puede ser nulo");
}
if (data == null)
{
throw new ArgumentNullException("Los datos no pueden ser nulos");
}
switch (algo)
{
/**
* ALGORITMOS DE HASING
*/
case AOSignConstants.SIGN_ALGORITHM_SHA1:
{
Sha1Digest dig = new Sha1Digest();
dig.BlockUpdate(data, 0, data.Length);
byte[] result = new byte[dig.GetDigestSize()];
dig.DoFinal(result, 0);
return result;
}
case AOSignConstants.SIGN_ALGORITHM_SHA256:
{
Sha256Digest dig = new Sha256Digest();
dig.BlockUpdate(data, 0, data.Length);
byte[] result = new byte[dig.GetDigestSize()];
dig.DoFinal(result, 0);
return result;
}
case AOSignConstants.SIGN_ALGORITHM_SHA384:
{
Sha384Digest dig = new Sha384Digest();
dig.BlockUpdate(data, 0, data.Length);
byte[] result = new byte[dig.GetDigestSize()];
dig.DoFinal(result, 0);
return result;
}
case AOSignConstants.SIGN_ALGORITHM_SHA512:
{
Sha512Digest dig = new Sha512Digest();
dig.BlockUpdate(data, 0, data.Length);
byte[] result = new byte[dig.GetDigestSize()];
dig.DoFinal(result, 0);
return result;
}
case AOSignConstants.SIGN_ALGORITHM_RIPEMD160:
{
RipeMD160Digest dig = new RipeMD160Digest();
dig.BlockUpdate(data, 0, data.Length);
byte[] result = new byte[dig.GetDigestSize()];
dig.DoFinal(result, 0);
return result;
}
case AOSignConstants.SIGN_ALGORITHM_MD5:
{
MD5Digest dig = new MD5Digest();
dig.BlockUpdate(data, 0, data.Length);
byte[] result = new byte[dig.GetDigestSize()];
dig.DoFinal(result, 0);
return result;
}
case AOSignConstants.SIGN_ALGORITHM_MD2:
{
MD2Digest dig = new MD2Digest();
dig.BlockUpdate(data, 0, data.Length);
byte[] result = new byte[dig.GetDigestSize()];
dig.DoFinal(result, 0);
return result;
}
default:
// You can use the default case.
throw new ArgumentNullException("El algoritmo no es reconocido");
}
throw new ArgumentNullException("Algoritmo de hash no soportado: " + algo);
}
/// <summary>
/// Return the sha512 hash of the stream.
/// </summary>
/// <param name="instream">Data to be hashed.</param>
public static string Sha512(Stream instream)
{
Sha512Digest digest = new Sha512Digest();
return Encode(instream, digest);
}
