/// <summary>
/// Verifies a password.
/// </summary>
/// <param name="password"> The password to verify. </param>
/// <returns> The current instance of WalletPasswordVerification. </returns>
public WalletPasswordVerification VerifyPassword(byte[] password)
{
var saltedHash = hopeWalletInfoManager.GetWalletInfo((int)dynamicDataCache.GetData("walletnum")).EncryptedWalletData.PasswordHash;
var pbkdf2 = new PBKDF2PasswordHashing(new Blake2b_512_Engine());
VerifyingPassword = true;
onPasswordCorrect = null;
onPasswordIncorrect = null;
Observable.WhenAll(Observable.Start(() => password == null || password.Length == 0 ? false : pbkdf2.VerifyPassword(password, saltedHash)))
.ObserveOnMainThread()
.Subscribe(correctPass =>
{
VerifyingPassword = false;
if (!correctPass[0])
{
PasswordIncorrect();
}
else
{
PasswordCorrect(password);
}
});
return(this);
}
/// <summary>
/// Encrypts the wallet data asynchronously.
/// </summary>
/// <param name="seed"> The <see langword="byte"/>[] seed to encrypt. </param>
/// <param name="password"> The base password to use for encryption, retrieved from the user input. </param>
/// <param name="onWalletEncrypted"> Action called once the wallet has been encrypted. </param>
private void AsyncEncryptWallet(
byte[] seed,
byte[] password,
Action <string[], string, string> onWalletEncrypted)
{
string[] encryptedHashes = null;
string saltedPasswordHash = null;
string encryptedSeed = null;
byte[] derivedPassword = playerPrefPassword.Derive(password);
using (var dataEncryptor = new DataEncryptor(new AdvancedSecureRandom(new Blake2bDigest(512), derivedPassword)))
{
byte[] hash1 = RandomBytes.Secure.Blake2.GetBytes(512);
byte[] hash2 = RandomBytes.Secure.Blake2.GetBytes(1024);
saltedPasswordHash = new PBKDF2PasswordHashing(new Blake2b_512_Engine()).GetSaltedPasswordHash(password).GetBase64String();
encryptedSeed = dataEncryptor.Encrypt(dataEncryptor.Encrypt(seed.GetHexString(), hash1), hash2);
encryptedHashes = new string[]
{
dataEncryptor.Encrypt(hash1).GetBase64String(),
dataEncryptor.Encrypt(hash2).GetBase64String()
};
hash1.ClearBytes();
hash2.ClearBytes();
}
dynamicDataCache.SetData("pass", new ProtectedString(password, this));
dynamicDataCache.SetData("mnemonic", null);
MainThreadExecutor.QueueAction(() => onWalletEncrypted?.Invoke(encryptedHashes, saltedPasswordHash, encryptedSeed));
}
public void TestSHA3IncorrectHash()
{
PBKDF2PasswordHashing sha3 = new PBKDF2PasswordHashing(new SHA3_256_Engine());
string passwordHash = sha3.GetSaltedPasswordHash("epic password yo");
Assert.IsFalse(sha3.VerifyPassword("epic password", passwordHash));
}
public void TestBlake2CorrectHash()
{
PBKDF2PasswordHashing blake2 = new PBKDF2PasswordHashing(new Blake2b_512_Engine());
string passwordHash = blake2.GetSaltedPasswordHash("this is my awesome password");
Assert.IsTrue(blake2.VerifyPassword("this is my awesome password", passwordHash));
}
public void TestDefaultEngine()
{
PBKDF2PasswordHashing defaultPBKDF2 = new PBKDF2PasswordHashing();
string passwordHash = defaultPBKDF2.GetSaltedPasswordHash("my password");
Assert.IsTrue(defaultPBKDF2.VerifyPassword("my password", passwordHash));
}
public void TestCustomHashingParams()
{
PBKDF2PasswordHashing defaultPBKDF2 = new PBKDF2PasswordHashing();
string passwordHash = defaultPBKDF2.GetSaltedPasswordHash("my password", 2500, 256, 512);
Assert.IsTrue(defaultPBKDF2.VerifyPassword("my password", passwordHash, 2500, 256, 512));
}
public void TestDifferentPBKDF2Engines()
{
PBKDF2PasswordHashing blake2 = new PBKDF2PasswordHashing(new Blake2b_256_Engine());
PBKDF2PasswordHashing sha1 = new PBKDF2PasswordHashing(new SHA1_Engine());
string passwordHash = blake2.GetSaltedPasswordHash("password123");
Assert.IsFalse(sha1.VerifyPassword("password123", passwordHash));
}
