Exemplo n.º 1
0
        /// <summary>
        /// Obtains <see cref="IniProperties"/> with default settings and simple encryption.
        /// (This is not a security feature, use file system acl to protect from other users.)
        /// </summary>
        /// <param name="password">Password to use.</param>
        /// <param name="salt">Salt to use.</param>
        /// <param name="iterations">Number of iterations.</param>
        /// <returns>Returns a new <see cref="IniProperties"/> instance.</returns>
        public static IniProperties Encrypted(string password, byte[] salt, int iterations = 20000)
        {
            var pbkdf2 = new PBKDF2(password, salt, iterations);
            var result = Default;

            result.Encryption = new RijndaelManaged
            {
                BlockSize = 256,
            };
            result.Encryption.Key = pbkdf2.GetBytes(result.Encryption.KeySize / 8);
            result.Encryption.IV  = pbkdf2.GetBytes(result.Encryption.BlockSize / 8);
            (pbkdf2 as IDisposable)?.Dispose();
            return(result);
        }
Exemplo n.º 2
0
 internal static byte[] GenerateSaltedPassword(byte[] passwordBytes, byte[] salt, int iterations)
 {
     using (var pass = new PBKDF2(HMACMethod.SHA512, passwordBytes, salt, iterations))
     {
         return(pass.GetBytes(PasswordSize));
     }
 }
Exemplo n.º 3
0
        public void TestRfc2898DeriveBytes()
        {
            byte[] password = new byte[20];
            byte[] salt     = new byte[20];
            int    bytes    = 64;

            for (int iterations = 1000; iterations <= 10000; iterations += 1000)
            {
                Tester.RandomGenerator.NextBytes(password);
                Tester.RandomGenerator.NextBytes(salt);

                using (PBKDF2 <HMACSHA1> pbkdf2 = new PBKDF2 <HMACSHA1>(password, salt, iterations))
                    using (Rfc2898DeriveBytes rfc2898 = new Rfc2898DeriveBytes(password, salt, iterations))
                    {
                        byte[] pbkdf2Bytes  = pbkdf2.GetBytes(bytes);
                        byte[] rfc2898Bytes = rfc2898.GetBytes(bytes);

                        Assert.AreEqual(bytes, rfc2898Bytes.Length);
                        Assert.AreEqual(bytes, pbkdf2Bytes.Length);

                        for (int i = 0; i < bytes; i++)
                        {
                            Assert.AreEqual(rfc2898Bytes[i], pbkdf2Bytes[i]);
                        }
                    }
            }
        }
Exemplo n.º 4
0
        internal bool UnlockWithPassword(string password)
        {
            PBKDF2 password1 = new PBKDF2(password, Attrs["DPSL"], Attrs["DPIC"], "HMACSHA256");

            byte[] byteArray1  = password1.GetBytes(32);
            PBKDF2 passCodeKey = new PBKDF2(byteArray1, Attrs["SALT"], Attrs["ITER"], "HMACSHA1");

            byte[] byteArray2 = passCodeKey.GetBytes(32);
            foreach (Dictionary <string, dynamic> item in ClassKeys.Values)
            {
                if (!item.ContainsKey("WPKY"))
                {
                    continue;
                }
                dynamic k = item["WPKY"];
                if ((item["WRAP"] & ConstData.WRAP_PASSCODE) != 0)
                {
                    k = AESUnwrap(item["WPKY"], byteArray2);
                    if (k == null)
                    {
                        Unlocked = false;
                        return(false);
                    }
                    item["KEY"] = k;
                }
            }
            Unlocked = true;
            return(Unlocked);
        }
Exemplo n.º 5
0
        public static void TestPBKDF2()
        {
            PBKDF2 kg;

            byte[] DK;

            byte[] tv1 = new byte[] { 0x0c, 0x60, 0xc8, 0x0f, 0x96, 0x1f, 0x0e, 0x71, 0xf3, 0xa9, 0xb5, 0x24, 0xaf, 0x60, 0x12, 0x06, 0x2f, 0xe0, 0x37, 0xa6 };
            kg = new PBKDF2(Encoding.Default.GetBytes("password"), Encoding.Default.GetBytes("salt"), 1);
            DK = kg.GetBytes(20);
            Assert.AreEqual(DK, tv1);

            byte[] tv2 = new byte[] { 0xea, 0x6c, 0x01, 0x4d, 0xc7, 0x2d, 0x6f, 0x8c, 0xcd, 0x1e, 0xd9, 0x2a, 0xce, 0x1d, 0x41, 0xf0, 0xd8, 0xde, 0x89, 0x57 };
            kg = new PBKDF2(Encoding.Default.GetBytes("password"), Encoding.Default.GetBytes("salt"), 2);
            DK = kg.GetBytes(20);
            Assert.AreEqual(DK, tv2);

            byte[] tv3 = new byte[] { 0x4b, 0x00, 0x79, 0x01, 0xb7, 0x65, 0x48, 0x9a, 0xbe, 0xad, 0x49, 0xd9, 0x26, 0xf7, 0x21, 0xd0, 0x65, 0xa4, 0x29, 0xc1 };
            kg = new PBKDF2(Encoding.Default.GetBytes("password"), Encoding.Default.GetBytes("salt"), 4096);
            DK = kg.GetBytes(20);
            Assert.AreEqual(DK, tv3);

            byte[] tv4 = new byte[] { 0x2f, 0x25, 0x5b, 0x3a, 0x95, 0x46, 0x3c, 0x76, 0x62, 0x1f, 0x06, 0x80, 0xa2, 0xb3, 0x35, 0xad, 0x90, 0x3b, 0x85, 0xde };
            kg = new PBKDF2(Encoding.Default.GetBytes("VXFr[24c=6(D8He"), Encoding.Default.GetBytes("salt"), 1000);
            DK = kg.GetBytes(20);
            Assert.AreEqual(DK, tv4);
        }
Exemplo n.º 6
0
        private void SetBip32(string passPhrase)
        {
            byte[] salt = Encoding.UTF8.GetBytes($"BetterMnemonic{passPhrase?.Normalize(NormalizationForm.FormKD)}");

            using PBKDF2 kdf = new PBKDF2(2048, new HmacSha512());
            byte[] bytes = kdf.GetBytes(entropy, salt, 64);

            // Initialize BIP32 here:
            SetEntropy(bytes);
        }
        public string hash256(USUARIO user, string password)
        {
            String[] pass = user.PASSWORD.Split('$');
            int      iter = int.Parse(pass[1]);
            string   salt = pass[2];

            PBKDF2 hash = new PBKDF2(password, Encoding.ASCII.GetBytes(salt), iter);


            return(Convert.ToBase64String(hash.GetBytes(32)));
        }
        private void Initialize()
        {
            var utf8   = new UTF8Encoding(false);
            var paramz = new PBKDF2(utf8.GetBytes(password), salt, RFC2898_ITERATIONS);

            KeyBytes             = paramz.GetBytes(KeySizeInBytes);
            IvBytes              = paramz.GetBytes(KeySizeInBytes);
            generatedVerifyValue = paramz.GetBytes(2);


            short verify = BitConverter.ToInt16(passwordVerifyValue, 0);

            if (password != null)
            {
                short generated = BitConverter.ToInt16(generatedVerifyValue, 0);
                if (verify != generated)
                {
                    throw new InvalidFormatException("bad password");
                }
            }
        }
        public static string GeneratePasswordHashUsingSalt_Optimized(string password, byte[] salt)
        {
            PBKDF2 pbkdf2 = new PBKDF2(password, salt, iterate);

            byte[] hash      = pbkdf2.GetBytes(20);
            byte[] hashBytes = new byte[36];
            Array.Copy(salt, 0, hashBytes, 0, 16);
            Array.Copy(hash, 0, hashBytes, 16, 20);
            var passwordHash = Convert.ToBase64String(hashBytes);

            return(passwordHash);
        }
Exemplo n.º 10
0
        public void GetBytes_ExceptionTest()
        {
            PBKDF2 kdf = new PBKDF2(1000, new HmacSha256());

            byte[] pass = new byte[1];
            byte[] salt = new byte[1];

            Exception ex = Assert.Throws <ArgumentNullException>(() => kdf.GetBytes(null, salt, 32));

            Assert.Contains("Password can not be null.", ex.Message);

            ex = Assert.Throws <ArgumentNullException>(() => kdf.GetBytes(pass, null, 32));
            Assert.Contains("Salt can not be null.", ex.Message);

            ex = Assert.Throws <ArgumentOutOfRangeException>(() => kdf.GetBytes(pass, salt, -1));
            Assert.Contains("Derived key length must be bigger than zero.", ex.Message);

            kdf.Dispose();
            ex = Assert.Throws <ObjectDisposedException>(() => kdf.GetBytes(pass, salt, 10));
            Assert.Contains("Instance was disposed.", ex.Message);
        }
Exemplo n.º 11
0
        private void SetBip32(string passPhrase)
        {
            byte[] password = Encoding.UTF8.GetBytes(Normalize(ToMnemonic()));
            string pass     = passPhrase == null ? "" : Normalize(passPhrase);

            byte[] salt = Encoding.UTF8.GetBytes($"electrum{pass}");

            using PBKDF2 kdf = new PBKDF2(2048, new HmacSha512());
            byte[] bytes = kdf.GetBytes(password, salt, 64);

            // Initialize BIP32 here:
            SetEntropy(bytes);
        }
Exemplo n.º 12
0
 internal static byte[] GenerateSaltedPassword(byte[] passwordBytes, byte[] salt, int iterations)
 {
     using (var pass = new PBKDF2(HMACMethod.SHA512, passwordBytes, salt, iterations))
     {
         return pass.GetBytes(PasswordSize);
     }
 }
Exemplo n.º 13
0
 /// <summary>
 /// Return a Base64 encoded PBKDF2 password string.
 /// </summary>
 /// <param name="password">The plaintext password string.</param>
 /// <param name="salt">The salt string.</param>
 /// <returns></returns>
 public static string GeneratePassword(string password, string salt) {
     var input = password.Trim();
     var pbk = new PBKDF2(input, salt);
     var raw = pbk.GetBytes(256);
     var txt = System.Text.Encoding.Default.GetString(raw);
     var pwd = Convert.ToBase64String(raw);
     return pwd;
 }
        void TestSHA512(string P, string S, int c, int dkLen, string dk)
        {
            byte[] dkExpected = StringToByteArray(dk);

            using (var pdf = new PBKDF2(HMACMethod.SHA512, Encoding.ASCII.GetBytes(P), Encoding.ASCII.GetBytes(S), c))
            {
                byte[] dkBytes = pdf.GetBytes(dkLen);
                if (!dkBytes.SequenceEqual(dkExpected))
                {
                    throw new Exception();
                }

            }
        }
Exemplo n.º 15
0
 public void GetBytesTest(IHmacFunction hmac, int iter, byte[] pass, byte[] salt, int len, byte[] expected)
 {
     using PBKDF2 kdf = new PBKDF2(iter, hmac);
     byte[] actual = kdf.GetBytes(pass, salt, len);
     Assert.Equal(expected, actual);
 }
Exemplo n.º 16
0
 /// <summary>
 /// Implements a <see cref="PBKDF2"/> algorthim with a user definded MAC method.
 /// </summary>
 /// <param name="method">the HMAC method to use.</param>
 /// <param name="password">the password to use</param>
 /// <param name="salt">the salt. Must be at least 64-bit</param>
 /// <param name="iterations">the number of iterations. Must be at least 1000</param>
 /// <param name="length">the number of bytes to return</param>
 /// <returns>
 /// A salted password based on the specified length.
 /// </returns>
 public static byte[] ComputeSaltedPassword(HMACMethod method, byte[] password, byte[] salt, int iterations, int length)
 {
     using (var kdf = new PBKDF2(method, password, salt, iterations))
     {
         return kdf.GetBytes(length);
     }
 }
Exemplo n.º 17
0
        public string generarContraseña(string pass)
        {
            string algor       = "pbkdf2_sha256";
            int    iteraciones = 180000;

            string salt = this.RandomString(12);


            PBKDF2 hash = new PBKDF2(pass, Encoding.ASCII.GetBytes(salt), iteraciones);

            return(algor + "$" + iteraciones + "$" + salt + "$" + Convert.ToBase64String(hash.GetBytes(32)));
        }