예제 #1
0
        /// <summary>
        /// Creates a derived key stream from which a derived key can be read.
        /// </summary>
        /// <param name="key">The key to derive from.</param>
        /// <param name="salt">
        ///     The salt.
        ///     A unique salt means a unique scrypt stream, even if the original key is identical.
        /// </param>
        /// <param name="cost">
        ///     The cost parameter, typically a fairly large number such as 262144.
        ///     Memory usage and CPU time scale approximately linearly with this parameter.
        /// </param>
        /// <param name="blockSize">
        ///     The mixing block size, typically 8.
        ///     Memory usage and CPU time scale approximately linearly with this parameter.
        /// </param>
        /// <param name="parallel">
        ///     The level of parallelism, typically 1.
        ///     CPU time scales approximately linearly with this parameter.
        /// </param>
        /// <param name="maxThreads">
        ///     The maximum number of threads to spawn to derive the key.
        ///     This is limited by the <paramref name="parallel"/> value.
        ///     <c>null</c> will use as many threads as possible.
        /// </param>
        /// <returns>The derived key stream.</returns>
#if !(USEBC || NETCORE)
        internal static Pbkdf2 GetStream(byte[] key, byte[] salt,
                                         int cost, int blockSize, int parallel, int?maxThreads)
        {
            byte[] B   = GetEffectivePbkdf2Salt(key, salt, cost, blockSize, parallel, maxThreads);
            Pbkdf2 kdf = new Pbkdf2(new HMACSHA256(key), B, 1);

            Security.Clear(B);
            return(kdf);
        }
예제 #2
0
        public static byte[] ComputeDerivedKey(KeyedHashAlgorithm hmacAlgorithm, byte[] salt, int iterations,
                                               int derivedKeyLength)
        {
            NBitcoinBTG.Crypto.Internal.Check.Range("derivedKeyLength", derivedKeyLength, 0, int.MaxValue);

            using (Pbkdf2 kdf = new Pbkdf2(hmacAlgorithm, salt, iterations))
            {
                return(kdf.Read(derivedKeyLength));
            }
        }
예제 #3
0
        /// <summary>
        /// Computes a derived key.
        /// </summary>
        /// <param name="key">The key to derive from.</param>
        /// <param name="salt">
        ///     The salt.
        ///     A unique salt means a unique SCrypt stream, even if the original key is identical.
        /// </param>
        /// <param name="cost">
        ///     The cost parameter, typically a fairly large number such as 262144.
        ///     Memory usage and CPU time scale approximately linearly with this parameter.
        /// </param>
        /// <param name="blockSize">
        ///     The mixing block size, typically 8.
        ///     Memory usage and CPU time scale approximately linearly with this parameter.
        /// </param>
        /// <param name="parallel">
        ///     The level of parallelism, typically 1.
        ///     CPU time scales approximately linearly with this parameter.
        /// </param>
        /// <param name="maxThreads">
        ///     The maximum number of threads to spawn to derive the key.
        ///     This is limited by the <paramref name="parallel"/> value.
        ///     <c>null</c> will use as many threads as possible.
        /// </param>
        /// <param name="derivedKeyLength">The desired length of the derived key.</param>
        /// <returns>The derived key.</returns>
        public static byte[] ComputeDerivedKey(byte[] key, byte[] salt,
                                               int cost, int blockSize, int parallel, int?maxThreads,
                                               int derivedKeyLength)
        {
            Check.Range("derivedKeyLength", derivedKeyLength, 0, int.MaxValue);

            using (Pbkdf2 kdf = GetStream(key, salt, cost, blockSize, parallel, maxThreads))
            {
                return(kdf.Read(derivedKeyLength));
            }
        }
예제 #4
0
        internal static Pbkdf2 GetStream(byte[] key, byte[] salt,
                                         int cost, int blockSize, int parallel, int?maxThreads)
        {
            byte[] B   = GetEffectivePbkdf2Salt(key, salt, cost, blockSize, parallel, maxThreads);
            var    mac = new NBitcoinBTG.BouncyCastle.Crypto.Macs.HMac(new NBitcoinBTG.BouncyCastle.Crypto.Digests.Sha256Digest());

            mac.Init(new KeyParameter(key));
            Pbkdf2 kdf = new Pbkdf2(mac, B, 1);

            Security.Clear(B);
            return(kdf);
        }
예제 #5
0
        static byte[] MFcrypt(byte[] P, byte[] S,
                              int cost, int blockSize, int parallel, int?maxThreads)
        {
            int MFLen = blockSize * 128;

            if (maxThreads == null)
            {
                maxThreads = int.MaxValue;
            }

            if (!BitMath.IsPositivePowerOf2(cost))
            {
                throw Exceptions.ArgumentOutOfRange("cost", "Cost must be a positive power of 2.");
            }
            Check.Range("blockSize", blockSize, 1, int.MaxValue / 128);
            Check.Range("parallel", parallel, 1, int.MaxValue / MFLen);
            Check.Range("maxThreads", (int)maxThreads, 1, int.MaxValue);

#if !(USEBC || NETCORE)
            byte[] B = Pbkdf2.ComputeDerivedKey(new HMACSHA256(P), S, 1, parallel * MFLen);
#else
            var mac = new NBitcoinBTG.BouncyCastle.Crypto.Macs.HMac(new NBitcoinBTG.BouncyCastle.Crypto.Digests.Sha256Digest());
            mac.Init(new KeyParameter(P));
            byte[] B = Pbkdf2.ComputeDerivedKey(mac, S, 1, parallel * MFLen);
#endif
            uint[] B0 = new uint[B.Length / 4];
            for (int i = 0; i < B0.Length; i++)
            {
                B0[i] = BitPacking.UInt32FromLEBytes(B, i * 4);
            }             // code is easier with uint[]
            ThreadSMixCalls(B0, MFLen, cost, blockSize, parallel, (int)maxThreads);
            for (int i = 0; i < B0.Length; i++)
            {
                BitPacking.LEBytesFromUInt32(B0[i], B, i * 4);
            }
            Security.Clear(B0);

            return(B);
        }