/// <summary> /// Creates a derived key stream from which a derived key can be read. /// </summary> /// <param name="key">The key to derive from.</param> /// <param name="salt"> /// The salt. /// A unique salt means a unique scrypt stream, even if the original key is identical. /// </param> /// <param name="cost"> /// The cost parameter, typically a fairly large number such as 262144. /// Memory usage and CPU time scale approximately linearly with this parameter. /// </param> /// <param name="blockSize"> /// The mixing block size, typically 8. /// Memory usage and CPU time scale approximately linearly with this parameter. /// </param> /// <param name="parallel"> /// The level of parallelism, typically 1. /// CPU time scales approximately linearly with this parameter. /// </param> /// <param name="maxThreads"> /// The maximum number of threads to spawn to derive the key. /// This is limited by the <paramref name="parallel"/> value. /// <c>null</c> will use as many threads as possible. /// </param> /// <returns>The derived key stream.</returns> #if !(USEBC || NETCORE) internal static Pbkdf2 GetStream(byte[] key, byte[] salt, int cost, int blockSize, int parallel, int?maxThreads) { byte[] B = GetEffectivePbkdf2Salt(key, salt, cost, blockSize, parallel, maxThreads); Pbkdf2 kdf = new Pbkdf2(new HMACSHA256(key), B, 1); Security.Clear(B); return(kdf); }
public static byte[] ComputeDerivedKey(KeyedHashAlgorithm hmacAlgorithm, byte[] salt, int iterations, int derivedKeyLength) { NBitcoinBTG.Crypto.Internal.Check.Range("derivedKeyLength", derivedKeyLength, 0, int.MaxValue); using (Pbkdf2 kdf = new Pbkdf2(hmacAlgorithm, salt, iterations)) { return(kdf.Read(derivedKeyLength)); } }
/// <summary> /// Computes a derived key. /// </summary> /// <param name="key">The key to derive from.</param> /// <param name="salt"> /// The salt. /// A unique salt means a unique SCrypt stream, even if the original key is identical. /// </param> /// <param name="cost"> /// The cost parameter, typically a fairly large number such as 262144. /// Memory usage and CPU time scale approximately linearly with this parameter. /// </param> /// <param name="blockSize"> /// The mixing block size, typically 8. /// Memory usage and CPU time scale approximately linearly with this parameter. /// </param> /// <param name="parallel"> /// The level of parallelism, typically 1. /// CPU time scales approximately linearly with this parameter. /// </param> /// <param name="maxThreads"> /// The maximum number of threads to spawn to derive the key. /// This is limited by the <paramref name="parallel"/> value. /// <c>null</c> will use as many threads as possible. /// </param> /// <param name="derivedKeyLength">The desired length of the derived key.</param> /// <returns>The derived key.</returns> public static byte[] ComputeDerivedKey(byte[] key, byte[] salt, int cost, int blockSize, int parallel, int?maxThreads, int derivedKeyLength) { Check.Range("derivedKeyLength", derivedKeyLength, 0, int.MaxValue); using (Pbkdf2 kdf = GetStream(key, salt, cost, blockSize, parallel, maxThreads)) { return(kdf.Read(derivedKeyLength)); } }
internal static Pbkdf2 GetStream(byte[] key, byte[] salt, int cost, int blockSize, int parallel, int?maxThreads) { byte[] B = GetEffectivePbkdf2Salt(key, salt, cost, blockSize, parallel, maxThreads); var mac = new NBitcoinBTG.BouncyCastle.Crypto.Macs.HMac(new NBitcoinBTG.BouncyCastle.Crypto.Digests.Sha256Digest()); mac.Init(new KeyParameter(key)); Pbkdf2 kdf = new Pbkdf2(mac, B, 1); Security.Clear(B); return(kdf); }
static byte[] MFcrypt(byte[] P, byte[] S, int cost, int blockSize, int parallel, int?maxThreads) { int MFLen = blockSize * 128; if (maxThreads == null) { maxThreads = int.MaxValue; } if (!BitMath.IsPositivePowerOf2(cost)) { throw Exceptions.ArgumentOutOfRange("cost", "Cost must be a positive power of 2."); } Check.Range("blockSize", blockSize, 1, int.MaxValue / 128); Check.Range("parallel", parallel, 1, int.MaxValue / MFLen); Check.Range("maxThreads", (int)maxThreads, 1, int.MaxValue); #if !(USEBC || NETCORE) byte[] B = Pbkdf2.ComputeDerivedKey(new HMACSHA256(P), S, 1, parallel * MFLen); #else var mac = new NBitcoinBTG.BouncyCastle.Crypto.Macs.HMac(new NBitcoinBTG.BouncyCastle.Crypto.Digests.Sha256Digest()); mac.Init(new KeyParameter(P)); byte[] B = Pbkdf2.ComputeDerivedKey(mac, S, 1, parallel * MFLen); #endif uint[] B0 = new uint[B.Length / 4]; for (int i = 0; i < B0.Length; i++) { B0[i] = BitPacking.UInt32FromLEBytes(B, i * 4); } // code is easier with uint[] ThreadSMixCalls(B0, MFLen, cost, blockSize, parallel, (int)maxThreads); for (int i = 0; i < B0.Length; i++) { BitPacking.LEBytesFromUInt32(B0[i], B, i * 4); } Security.Clear(B0); return(B); }