internal static byte[] DerivePassSha(string password, int count)
{
if (password == null)
{
throw new ArgumentNullException(nameof(password));
}
if (count <= 0)
{
throw new ArgumentOutOfRangeException(nameof(count), "must be positive");
}
var sha3Hasher = new KeccakDigest(256);
var priv = new byte[32];
sha3Hasher.BlockUpdate(Encoding.UTF8.GetBytes(password), 0, password.Length);
sha3Hasher.DoFinal(priv, 0);
for (var i = 0; i < count - 1; ++i)
{
sha3Hasher.Reset();
sha3Hasher.BlockUpdate(priv, 0, priv.Length);
sha3Hasher.DoFinal(priv, 0);
}
return(priv);
}
/// <summary>
/// Derive a private key from a password using count iterations of SHA3-256
/// </summary>
/// <param name="password">The password.</param>
/// <param name="count">The count.</param>
/// <returns>System.String.</returns>
/// <exception cref="ArgumentNullException">password</exception>
/// <exception cref="ArgumentOutOfRangeException">count - must be positive</exception>
internal static string DerivePassSha(byte[] password, int count)
{
if (password == null)
{
throw new ArgumentNullException(nameof(password));
}
if (count <= 0)
{
throw new ArgumentOutOfRangeException(nameof(count), "must be positive");
}
var sha3Hasher = new KeccakDigest(256);
var hash = new byte[32];
sha3Hasher.BlockUpdate(password, 0, password.Length);
sha3Hasher.DoFinal(hash, 0);
for (var i = 0; i < count - 1; ++i)
{
sha3Hasher.Reset();
sha3Hasher.BlockUpdate(hash, 0, hash.Length);
sha3Hasher.DoFinal(hash, 0);
}
return(hash.ToHexUpper());
}
internal static void crypto_sign2(
byte[] sig,
byte[] m,
byte[] sk,
int keylen)
{
byte[] privHash = new byte[64];
byte[] seededHash = new byte[64];
byte[] result = new byte[64];
GroupElementP3 R = new GroupElementP3();
var hasher = new KeccakDigest(512);
{
var reversedPrivateKey = new byte[keylen];
Array.Copy(sk, 0, reversedPrivateKey, 0, keylen);
Array.Reverse(reversedPrivateKey);
hasher.BlockUpdate(reversedPrivateKey, 0, keylen);
hasher.DoFinal(privHash, 0);
ScalarOperations.sc_clamp(privHash, 0);
hasher.Reset();
hasher.BlockUpdate(privHash, 32, 32);
hasher.BlockUpdate(m, 0, m.Length);
hasher.DoFinal(seededHash, 0);
ScalarOperations.sc_reduce(seededHash);
GroupOperations.ge_scalarmult_base(out R, seededHash, 0);
GroupOperations.ge_p3_tobytes(sig, 0, ref R);
hasher.Reset();
hasher.BlockUpdate(sig, 0, 32);
hasher.BlockUpdate(sk, keylen, 32);
hasher.BlockUpdate(m, 0, m.Length);
hasher.DoFinal(result, 0);
ScalarOperations.sc_reduce(result);
var s = new byte[32]; //todo: remove allocation
Array.Copy(sig, 32, s, 0, 32);
ScalarOperations.sc_muladd(s, result, privHash, seededHash);
Array.Copy(s, 0, sig, 32, 32);
CryptoBytes.Wipe(s);
}
}
public static byte[] Keccak256Helper(byte[] _input)
{
KeccakDigest Kec256 = new KeccakDigest(256);
Kec256.Reset();
byte[] resultHashedKec256 = new byte[32];
Kec256.BlockUpdate(_input, 0, _input.Length);
Kec256.DoFinal(resultHashedKec256, 0);
return(resultHashedKec256);
}
/*public static void crypto_sign(
* byte[] sm, out int smlen,
* byte[] m, int mlen,
* byte[] sk
* )
* {
* byte[] az = new byte[64];
* byte[] r = new byte[64];
* byte[] hram = new byte[64];
* GroupElementP3 R;
* int i;
*
* Helpers.crypto_hash_sha512(az, sk, 0, 32);
* az[0] &= 248;
* az[31] &= 63;
* az[31] |= 64;
*
* smlen = mlen + 64;
* for (i = 0; i < mlen; ++i) sm[64 + i] = m[i];
* for (i = 0; i < 32; ++i) sm[32 + i] = az[32 + i];
* Helpers.crypto_hash_sha512(r, sm, 32, mlen + 32);
* for (i = 0; i < 32; ++i) sm[32 + i] = sk[32 + i];
*
* ScalarOperations.sc_reduce(r);
* GroupOperations.ge_scalarmult_base(out R, r, 0);
* GroupOperations.ge_p3_tobytes(sm, 0, ref R);
*
* Helpers.crypto_hash_sha512(hram, sm, 0, mlen + 64);
* ScalarOperations.sc_reduce(hram);
* var sm32 = new byte[32];
* Array.Copy(sm, 32, sm32, 0, 32);
* ScalarOperations.sc_muladd(sm32, hram, az, r);
* Array.Copy(sm32, 0, sm, 32, 32);
* }*/
public static void crypto_sign2(
byte[] sig, int sigoffset,
byte[] m, int moffset, int mlen,
byte[] sk, int skoffset)
{
byte[] az = new byte[64];
byte[] r = new byte[64];
byte[] hram = new byte[64];
GroupElementP3 R;
var DigestSha3 = new KeccakDigest(512);
{
DigestSha3.BlockUpdate(sk, skoffset, 32);
DigestSha3.DoFinal(az, 0);
ScalarOperations.sc_clamp(az, 0);
DigestSha3.Reset();
DigestSha3.BlockUpdate(az, 32, 32);
DigestSha3.BlockUpdate(m, moffset, mlen);
DigestSha3.DoFinal(r, 0);
ScalarOperations.sc_reduce(r);
GroupOperations.ge_scalarmult_base(out R, r, 0);
GroupOperations.ge_p3_tobytes(sig, sigoffset, ref R);
DigestSha3.Reset();
DigestSha3.BlockUpdate(sig, sigoffset, 32);
DigestSha3.BlockUpdate(sk, skoffset + 32, 32);
DigestSha3.BlockUpdate(m, moffset, mlen);
DigestSha3.DoFinal(hram, 0);
ScalarOperations.sc_reduce(hram);
var s = new byte[32]; //todo: remove allocation
Array.Copy(sig, sigoffset + 32, s, 0, 32);
ScalarOperations.sc_muladd(s, hram, az, r);
Array.Copy(s, 0, sig, sigoffset + 32, 32);
CryptoBytes.Wipe(s);
}
}
private void DoFinalNoReset(KeccakDigest mac, KeccakDigest macCopy, byte[] output, int offset)
{
macCopy.Reset(mac);
macCopy.DoFinal(output, offset);
}
/// <summary>
///
/// </summary>
/// <returns></returns>
public override ICurl Reset()
{
_keccak.Reset();
return(this);
}
public void Reset()
{
sha3Digest.Reset();
}
/// <inheritdoc />
/// <summary>
/// </summary>
/// <returns></returns>
public override void Reset()
{
_keccak.Reset();
}
public ICurl Reset()
{
sha3Digest.Reset();
return(this);
}
