public static byte[] ToRawArgon2(byte[] data, byte[] salt, uint iterations, uint memorySizeKiB, uint parallelism, Argon2Variant variant = Argon2Variant.Argon2id, uint derivedKeyLength = Argon2DerivedKeyLength) { switch (variant) { case Argon2Variant.Argon2d: Argon2d argon2d = new Argon2d(data); argon2d.Salt = salt; argon2d.Iterations = (int)iterations; argon2d.MemorySize = (int)memorySizeKiB; argon2d.DegreeOfParallelism = (int)parallelism; return(argon2d.GetBytes((int)derivedKeyLength)); case Argon2Variant.Argon2i: Argon2i argon2i = new Argon2i(data); argon2i.Salt = salt; argon2i.Iterations = (int)iterations; argon2i.MemorySize = (int)memorySizeKiB; argon2i.DegreeOfParallelism = (int)parallelism; return(argon2i.GetBytes((int)derivedKeyLength)); case Argon2Variant.Argon2id: Argon2id argon2id = new Argon2id(data); argon2id.Salt = salt; argon2id.Iterations = (int)iterations; argon2id.MemorySize = (int)memorySizeKiB; argon2id.DegreeOfParallelism = (int)parallelism; return(argon2id.GetBytes((int)derivedKeyLength)); default: throw new Exception("Invalid Argon2 variant"); } }
public static byte[] HashPasswordArgon2(byte[] password, byte[] salt, byte[] associatedData = null, byte[] knownSecret = null, Argon2Algorithm algorithm = Argon2Algorithm.i, int degreeOfParallelism = 2, int memorySize = 5120, int iterations = 10, int resultLength = 256) { Argon2 argon2; switch (algorithm) { case Argon2Algorithm.i: argon2 = new Argon2i(password); break; case Argon2Algorithm.d: argon2 = new Argon2d(password); break; case Argon2Algorithm.id: default: throw new NotSupportedException(); } argon2.DegreeOfParallelism = degreeOfParallelism; argon2.MemorySize = memorySize; argon2.Iterations = iterations; argon2.Salt = salt; argon2.AssociatedData = associatedData; argon2.KnownSecret = knownSecret; var hash = argon2.GetBytes(resultLength); argon2.Dispose(); return(hash); }
private void CreatePasswordHash(string password, out string hash, out string metadata) { byte[] salt = new byte[32]; using (var rng = RandomNumberGenerator.Create()) { rng.GetBytes(salt); } var metadataObject = new { HashType = "Argon2d", DegreeOfParallelism = 2, MemorySize = 65536, Iterations = 10, Salt = salt }; metadata = JsonConvert.SerializeObject(metadataObject); var passwordBytes = Encoding.UTF8.GetBytes(password); var argon = new Argon2d(passwordBytes) { DegreeOfParallelism = metadataObject.DegreeOfParallelism, MemorySize = metadataObject.MemorySize, Iterations = metadataObject.Iterations, Salt = metadataObject.Salt }; var hashBytes = argon.GetBytes(64); hash = Convert.ToBase64String(hashBytes); }
private bool VerifyPasswordHash(string password, string storedHash, string metadata) { try { var obj = JsonConvert.DeserializeObject(metadata); if (obj == null) { return(false); } dynamic metadataObject = obj; if (metadataObject.HashType != "Argon2d") { return(false); } var passwordBytes = Encoding.UTF8.GetBytes(password); var argon = new Argon2d(passwordBytes) { DegreeOfParallelism = metadataObject.DegreeOfParallelism, MemorySize = metadataObject.MemorySize, Iterations = metadataObject.Iterations, Salt = metadataObject.Salt }; var hashBytes = argon.GetBytes(64); var storedHashBytes = Convert.FromBase64String(storedHash); return(CompareSlowly(hashBytes, storedHashBytes)); } catch (Exception) { return(false); } }
/// <summary> /// Method for Argon2 algorythm /// </summary> /// <param name="pw"></param> /// <param name="salt"></param> /// <returns> returns enrypted bytes</returns> private byte[] HashPasswordWithSalt(byte[] pw, byte[] salt) { var argon2 = new Argon2d(pw); argon2.DegreeOfParallelism = 16; argon2.MemorySize = 8192; argon2.Iterations = 4; argon2.Salt = salt; return(argon2.GetBytes(128)); }
public string GetEncryptedPasswordAsString() { var argon2 = new Argon2d(Encoding.UTF8.GetBytes(plainPassword)) { Salt = Encoding.UTF8.GetBytes(salt.ToString()), KnownSecret = Encoding.UTF8.GetBytes(Resource.String.pepper.ToString()), DegreeOfParallelism = 16, Iterations = 40, MemorySize = 8 * 1024 }; return(Encoding.UTF8.GetString(argon2.GetBytes(16))); }
public byte[] Derive(byte[] password, byte[] salt) { // TODO: Move this to Crypto? var argon2d = new Argon2d(password) { Salt = salt, MemorySize = MemoryCost, Iterations = TimeCost, DegreeOfParallelism = Parallelism, }; return(argon2d.GetBytes(32)); }
private static string GenerateHash(string password, Guid id) { var argon2 = new Argon2d(Encoding.UTF8.GetBytes(password)) { DegreeOfParallelism = 1, MemorySize = 256, Iterations = 2, Salt = Encoding.UTF8.GetBytes(id.ToString()) }; var hash = argon2.GetBytes(128); var hashedString = Convert.ToBase64String(hash); return(hashedString); }
private static string CreateHashedPassword(string password, string salt) { byte[] passwordBytesTable = Encoding.ASCII.GetBytes(password); byte[] saltBytesTable = Encoding.ASCII.GetBytes(salt); Argon2 hashedPassword = new Argon2d(passwordBytesTable) { Salt = saltBytesTable, Iterations = 6, MemorySize = 258, DegreeOfParallelism = 8 }; byte[] bytesHashedPassword = hashedPassword.GetBytes(128); return(Encoding.UTF8.GetString(bytesHashedPassword)); }
internal static byte[] DeriveMasterKeyArgon2(byte[] compositeMasterKey, Dictionary <string, object> parameters) { InternalErrorException MakeError(string name) => new InternalErrorException($"Argon2 KDF parameter '{name}' not found or it is of incorrect type"); if (!(parameters.GetOrDefault("S", null) is byte[] salt)) { throw MakeError("S"); } if (!(parameters.GetOrDefault("I", null) is ulong iterations)) { throw MakeError("I"); } if (!(parameters.GetOrDefault("M", null) is ulong memoryCost)) { throw MakeError("M"); } if (!(parameters.GetOrDefault("P", null) is uint parallelism)) { throw MakeError("P"); } // TODO: Do we need to support "K" and "A"? using var argon2d = new Argon2d(compositeMasterKey) { Salt = salt, MemorySize = (int)(memoryCost / 1024), Iterations = (int)iterations, DegreeOfParallelism = (int)parallelism, }; return(argon2d.GetBytes(32)); }