public PrivateKey Unprotect(string passphrase)
{
ImmutableArray <byte> derivedKey = Kdf.Derive(passphrase);
var mac = CalculateMac(derivedKey, Ciphertext);
if (!Mac.SequenceEqual(mac))
{
throw new IncorrectPassphraseException(
"The input passphrase is incorrect.",
nameof(passphrase),
Mac,
mac
);
}
ImmutableArray <byte> encKey = MakeEncryptionKey(derivedKey);
ImmutableArray <byte> plaintext = Cipher.Decrypt(encKey, Ciphertext);
var key = new PrivateKey(plaintext.ToArray());
Address actualAddress = key.PublicKey.ToAddress();
if (!Address.Equals(actualAddress))
{
throw new MismatchedAddressException(
"The actual address of the unprotected private key does not match to " +
"the expected address of the protected private key.",
Address,
actualAddress
);
}
return(key);
}
public User ToUser()
{
var user = new User
{
Name = Name,
Email = Email,
MasterPasswordHint = MasterPasswordHint,
Kdf = Kdf.GetValueOrDefault(KdfType.PBKDF2_SHA256),
KdfIterations = KdfIterations.GetValueOrDefault(5000),
};
if (ReferenceData != null)
{
user.ReferenceData = JsonConvert.SerializeObject(ReferenceData);
}
if (Key != null)
{
user.Key = Key;
}
if (Keys != null)
{
Keys.ToUser(user);
}
return(user);
}
public void Test_Kdf()
{
Kdf kdf = new Kdf(System.Security.Cryptography.SHA256.Create());
var value = kdf.GetBytes(new byte[4], 128);
Assert.IsTrue(value.Length >= 128, "Kdf #1");
}
/// <summary>
/// Derives encryption and authentication keys from a key or password.
/// If the password is not null, it will be used to create the keys.
/// </summary>
private byte[][] Keys(byte[] salt, string password = null)
{
byte[] dkey;
if (password != null)
{
dkey = Kdf.Pbkdf2Sha512(password, salt, keyLen + macKeyLen, keyIterations);
}
else if (this.masterkey != null)
{
dkey = Kdf.HkdfSha256(this.masterkey, salt, keyLen + macKeyLen);
}
else
{
throw new ArgumentException("No password or key specified!");
}
byte[][] keys = new byte[2][] { new byte[keyLen], new byte[macKeyLen] };
Array.Copy(dkey, 0, keys[0], 0, keyLen);
Array.Copy(dkey, keyLen, keys[1], 0, macKeyLen);
return(keys);
}
public User ToUser()
{
var user = new User
{
Name = Name,
Email = Email,
MasterPasswordHint = MasterPasswordHint,
Kdf = Kdf.GetValueOrDefault(KdfType.PBKDF2_SHA256),
KdfIterations = KdfIterations.GetValueOrDefault(5000)
};
if (Key != null)
{
user.Key = Key;
}
if (Keys != null)
{
Keys.ToUser(user);
}
return(user);
}
public override byte[] ProcessBlock(
byte[] @in,
int inOff,
int inLen)
{
if (ForEncryption)
{
if (KeyPairGenerator != null)
{
EphemeralKeyPair ephKeyPair = KeyPairGenerator.Generate();
PrivParam = ephKeyPair.GetKeyPair().Private;
V = ephKeyPair.GetEncodedPublicKey();
}
}
else
{
if (KeyParser != null)
{
MemoryStream bIn = new MemoryStream(@in, inOff, inLen)
{
Position = SecureHeadSize
};
try
{
PubParam = KeyParser.ReadKey(bIn);
}
catch (IOException e)
{
throw new InvalidCipherTextException("unable to recover ephemeral public key: " + e.Message, e);
}
catch (ArgumentException e)
{
throw new InvalidCipherTextException("unable to recover ephemeral public key: " + e.Message, e);
}
int encLength = (inLen - (int)(bIn.Length - bIn.Position));
V = Arrays.CopyOfRange(@in, inOff + SecureHeadSize, inOff + encLength);
}
}
// Compute the common value and convert to byte array.
Agree.Init(PrivParam);
BigInteger z = Agree.CalculateAgreement(PubParam);
byte[] bigZ = BigIntegers.AsUnsignedByteArray(Agree.GetFieldSize(), z);
try
{
// Initialise the KDF.
KdfParameters kdfParam = new KdfParameters(bigZ, null);
Kdf.Init(kdfParam);
if (ForEncryption)
{
return(EncryptBlock(@in, inOff, inLen));
}
else
{
byte[] temp = new byte[inLen - SecureHeadSize];
Array.Copy(@in, inOff + SecureHeadSize, temp, 0, temp.Length);
return(DecryptBlock(temp, inOff, temp.Length));
}
}
finally
{
Arrays.Fill(bigZ, 0);
}
}
