WIP - Implementing HMAC with BouncyCastle

2025-10-03 23:50:18 -04:00 · 2017-10-22 06:18:57 -04:00
parent c82d6d001d
commit 84e7afc819
9 changed files with 56 additions and 37 deletions
--- a/ModernKeePassLib/Cryptography/CryptoUtil.cs
+++ b/ModernKeePassLib/Cryptography/CryptoUtil.cs
@@ -25,8 +25,10 @@ using System.Text;

 using Windows.Security.Cryptography;
 using Windows.Security.Cryptography.Core;
+using ModernKeePassLib.Cryptography.Hash;
 using ModernKeePassLib.Native;
 using ModernKeePassLib.Utility;
+using Org.BouncyCastle.Asn1.Pkcs;

 namespace ModernKeePassLib.Cryptography
 {
@@ -54,15 +56,15 @@ namespace ModernKeePassLib.Cryptography
            var h = HashAlgorithmProvider.OpenAlgorithm(HashAlgorithmNames.Sha256).CreateHash();
            CryptographicBuffer.CopyToByteArray(h.GetValueAndReset(), out pbHash);
 #else
-            using(SHA256Managed h = new SHA256Managed())
+			using(SHA256Managed h = new SHA256Managed())
 			{
 				pbHash = h.ComputeHash(pbData, iOffset, cbCount);
 			}
 #endif

 #if DEBUG
-            // Ensure the data has not been modified
-            Debug.Assert(MemUtil.ArraysEqual(pbData, pbCopy));
+			// Ensure the data has not been modified
+			Debug.Assert(MemUtil.ArraysEqual(pbData, pbCopy));

 			Debug.Assert((pbHash != null) && (pbHash.Length == 32));
 			byte[] pbZero = new byte[32];
@@ -92,12 +94,12 @@ namespace ModernKeePassLib.Cryptography
                var h = HashAlgorithmProvider.OpenAlgorithm(HashAlgorithmNames.Sha512).CreateHash();
 			    CryptographicBuffer.CopyToByteArray(h.GetValueAndReset(), out pbHash);
 #else
-                using(SHA512Managed h = new SHA512Managed())
+				using(SHA512Managed h = new SHA512Managed())
 				{
 					pbHash = h.ComputeHash(pbIn, iInOffset, cbIn);
 				}
 #endif
-            }
+			}

 			if(cbOut == pbHash.Length) return pbHash;

@@ -111,20 +113,7 @@ namespace ModernKeePassLib.Cryptography
 				while(iPos < cbOut)
 				{
 					Debug.Assert(pbHash.Length == 64);
-				    byte[] pbR = MemUtil.UInt64ToBytes(r);
-#if ModernKeePassLib
-                    var h = MacAlgorithmProvider.OpenAlgorithm(MacAlgorithmNames.HmacSha256).CreateHash(CryptographicBuffer.CreateFromByteArray(pbR));
-                    byte[] pbPart;
-                    CryptographicBuffer.CopyToByteArray(h.GetValueAndReset(), out pbPart);
-				    int cbCopy = Math.Min(cbOut - iPos, pbPart.Length);
-				    Debug.Assert(cbCopy > 0);
-                    Array.Copy(pbPart, 0, pbRet, iPos, cbCopy);
-				    iPos += cbCopy;
-				    ++r;
-
-				    MemUtil.ZeroByteArray(pbPart);
-#else
-                    using (HMACSHA256 h = new HMACSHA256(pbHash))
+					using(HMACSHA256 h = new HMACSHA256(pbHash))
 					{
 						byte[] pbR = MemUtil.UInt64ToBytes(r);
 						byte[] pbPart = h.ComputeHash(pbR);
@@ -138,7 +127,6 @@ namespace ModernKeePassLib.Cryptography

 						MemUtil.ZeroByteArray(pbPart);
 					}
-#endif
 				}
 				Debug.Assert(iPos == cbOut);
 			}
@@ -152,7 +140,7 @@ namespace ModernKeePassLib.Cryptography
 		}

 #if !ModernKeePassLib
-        private static bool? g_obAesCsp = null;
+		private static bool? g_obAesCsp = null;
 		internal static SymmetricAlgorithm CreateAes()
 		{
 			if(g_obAesCsp.HasValue)
@@ -187,5 +175,5 @@ namespace ModernKeePassLib.Cryptography
 			return null;
 		}
 #endif
-    }
+	}
 }
--- a/ModernKeePassLib/Cryptography/Hash/HMACSHA256.cs
+++ b/ModernKeePassLib/Cryptography/Hash/HMACSHA256.cs
@@ -0,0 +1,35 @@
+using System;
+using Org.BouncyCastle.Crypto.Digests;
+using Org.BouncyCastle.Crypto.Macs;
+using Org.BouncyCastle.Crypto.Parameters;
+
+namespace ModernKeePassLib.Cryptography.Hash
+{
+    public class HMACSHA256: IDisposable
+
+    {
+    private readonly HMac _hmac;
+
+    public HMACSHA256(byte[] key)
+    {
+        _hmac = new HMac(new Sha256Digest());
+        _hmac.Init(new KeyParameter(key));
+    }
+
+    public byte[] ComputeHash(byte[] value)
+    {
+        if (value == null) throw new ArgumentNullException("value");
+
+        byte[] resBuf = new byte[_hmac.GetMacSize()];
+        _hmac.BlockUpdate(value, 0, value.Length);
+        _hmac.DoFinal(resBuf, 0);
+
+        return resBuf;
+    }
+
+        public void Dispose()
+        {
+            _hmac.Reset();
+        }
+    }
+}
--- a/ModernKeePassLib/Cryptography/SelfTest.cs
+++ b/ModernKeePassLib/Cryptography/SelfTest.cs
@@ -687,8 +687,8 @@ namespace ModernKeePassLib.Cryptography
 		private static void HmacEval(byte[] pbKey, byte[] pbMsg,
 			byte[] pbExpc, string strID)
 		{
-            // WinRT
 #if ModernKeePassLib
+            // WinRT
            var h = MacAlgorithmProvider.OpenAlgorithm(MacAlgorithmNames.HmacSha256).CreateHash(CryptographicBuffer.CreateFromByteArray(pbKey));
            h.Append(CryptographicBuffer.CreateFromByteArray(pbMsg));
 		    var pbHash = h.GetValueAndReset().ToArray();