Correct implementation of SHA512 with WinRT in KeepassLib

ModernKeePassLib/Cryptography/Cipher/StandardAesEngine.cs

@@ -39,6 +39,11 @@ namespace ModernKeePassLib.Cryptography.Cipher
 	/// </summary>
 	public sealed class StandardAesEngine : ICipherEngine
 	{
+#if !ModernKeePassLib && !KeePassUAP
+		private const CipherMode m_rCipherMode = CipherMode.CBC;
+		private const PaddingMode m_rCipherPadding = PaddingMode.PKCS7;
+#endif
+
 		private static PwUuid g_uuidAes = null;
 
 		/// <summary>
@@ -115,18 +120,43 @@ namespace ModernKeePassLib.Cryptography.Cipher
 
 			byte[] pbLocalKey = new byte[32];
 			Array.Copy(pbKey, pbLocalKey, 32);
-			AesEngine aes = new AesEngine();
-			CbcBlockCipher cbc = new CbcBlockCipher(aes);
-			PaddedBufferedBlockCipher bc = new PaddedBufferedBlockCipher(cbc,
-				new Pkcs7Padding());
-			KeyParameter kp = new KeyParameter(pbLocalKey);
-			ParametersWithIV prmIV = new ParametersWithIV(kp, pbLocalIV);
-			bc.Init(bEncrypt, prmIV);
 
-			IBufferedCipher cpRead = (bEncrypt ? null : bc);
-			IBufferedCipher cpWrite = (bEncrypt ? bc : null);
-			return new CipherStream(s, cpRead, cpWrite);
-        }
+#if ModernKeePassLib
+		    AesEngine aes = new AesEngine();
+		    CbcBlockCipher cbc = new CbcBlockCipher(aes);
+		    PaddedBufferedBlockCipher bc = new PaddedBufferedBlockCipher(cbc,
+		        new Pkcs7Padding());
+		    KeyParameter kp = new KeyParameter(pbLocalKey);
+		    ParametersWithIV prmIV = new ParametersWithIV(kp, pbLocalIV);
+		    bc.Init(bEncrypt, prmIV);
+
+		    IBufferedCipher cpRead = (bEncrypt ? null : bc);
+		    IBufferedCipher cpWrite = (bEncrypt ? bc : null);
+		    return new CipherStream(s, cpRead, cpWrite);
+#elif KeePassUAP
+			return StandardAesEngineExt.CreateStream(s, bEncrypt, pbLocalKey, pbLocalIV);
+#else
+			SymmetricAlgorithm a = CryptoUtil.CreateAes();
+			if(a.BlockSize != 128) // AES block size
+			{
+				Debug.Assert(false);
+				a.BlockSize = 128;
+			}
+
+			a.IV = pbLocalIV;
+			a.KeySize = 256;
+			a.Key = pbLocalKey;
+			a.Mode = m_rCipherMode;
+			a.Padding = m_rCipherPadding;
+
+			ICryptoTransform iTransform = (bEncrypt ? a.CreateEncryptor() : a.CreateDecryptor());
+			Debug.Assert(iTransform != null);
+			if(iTransform == null) throw new SecurityException("Unable to create AES transform!");
+
+			return new CryptoStream(s, iTransform, bEncrypt ? CryptoStreamMode.Write :
+				CryptoStreamMode.Read);
+#endif
+		}
 
 		public Stream EncryptStream(Stream sPlainText, byte[] pbKey, byte[] pbIV)
 		{

ModernKeePassLib/Cryptography/CryptoRandom.cs

@@ -120,9 +120,9 @@ namespace ModernKeePassLib.Cryptography
 			{
 #if ModernKeePassLib
 
-                var sha256 = HashAlgorithmProvider.OpenAlgorithm(HashAlgorithmNames.Sha256);
-                var buffer = sha256.HashData(CryptographicBuffer.CreateFromByteArray(pbEntropy));
-                CryptographicBuffer.CopyToByteArray(buffer, out pbNewData);
+			    var h = HashAlgorithmProvider.OpenAlgorithm(HashAlgorithmNames.Sha256)
+			        .HashData(CryptographicBuffer.CreateFromByteArray(pbEntropy));
+                CryptographicBuffer.CopyToByteArray(h, out pbNewData);
 #else
 #if KeePassLibSD
 				using(SHA256Managed shaNew = new SHA256Managed())
@@ -147,9 +147,9 @@ namespace ModernKeePassLib.Cryptography
 				MemUtil.ZeroByteArray(m_pbEntropyPool);
 
 #if ModernKeePassLib
-                var sha256 = HashAlgorithmProvider.OpenAlgorithm(HashAlgorithmNames.Sha256);
-                var buffer = sha256.HashData(CryptographicBuffer.CreateFromByteArray(pbCmp));
-                CryptographicBuffer.CopyToByteArray(buffer, out m_pbEntropyPool);
+                var h = HashAlgorithmProvider.OpenAlgorithm(HashAlgorithmNames.Sha256)
+                    .HashData(CryptographicBuffer.CreateFromByteArray(pbCmp));
+                CryptographicBuffer.CopyToByteArray(h, out m_pbEntropyPool);
 #else
 #if KeePassLibSD
 				using(SHA256Managed shaPool = new SHA256Managed())

ModernKeePassLib/Cryptography/CryptoRandomStream.cs

@@ -98,10 +98,10 @@ namespace ModernKeePassLib.Cryptography
 				byte[] pbKey32 = new byte[32];
 				byte[] pbIV12 = new byte[12];
 #if ModernKeePassLib
-                var sha256 = HashAlgorithmProvider.OpenAlgorithm(HashAlgorithmNames.Sha256);
-			    var buffer = sha256.HashData(CryptographicBuffer.CreateFromByteArray(pbKey));
+                var h = HashAlgorithmProvider.OpenAlgorithm(HashAlgorithmNames.Sha512)
+                    .HashData(CryptographicBuffer.CreateFromByteArray(pbKey));
 			    byte[] pbHash;
-			    CryptographicBuffer.CopyToByteArray(buffer, out pbHash);
+			    CryptographicBuffer.CopyToByteArray(h, out pbHash);
                 
 				Array.Copy(pbHash, pbKey32, 32);
 				Array.Copy(pbHash, 32, pbIV12, 0, 12);

ModernKeePassLib/Cryptography/CryptoUtil.cs

@@ -52,15 +52,16 @@ namespace ModernKeePassLib.Cryptography
 
 			byte[] pbHash;
 
-/*#if ModernKeePassLib
-            var h = HashAlgorithmProvider.OpenAlgorithm(HashAlgorithmNames.Sha256).CreateHash();
-            CryptographicBuffer.CopyToByteArray(h.GetValueAndReset(), out pbHash);
-#else*/
+#if ModernKeePassLib
+		    var h = HashAlgorithmProvider.OpenAlgorithm(HashAlgorithmNames.Sha256)
+		        .HashData(CryptographicBuffer.CreateFromByteArray(pbData));
+            CryptographicBuffer.CopyToByteArray(h, out pbHash);
+#else
 			using(SHA256Managed h = new SHA256Managed())
 			{
 				pbHash = h.ComputeHash(pbData, iOffset, cbCount);
 			}
-//#endif
+#endif
 
 #if DEBUG
 			// Ensure the data has not been modified
@@ -90,15 +91,16 @@ namespace ModernKeePassLib.Cryptography
 			if(cbOut <= 32) pbHash = HashSha256(pbIn, iInOffset, cbIn);
 			else
 			{
-/*#if ModernKeePassLib
-                var h = HashAlgorithmProvider.OpenAlgorithm(HashAlgorithmNames.Sha512).CreateHash();
-			    CryptographicBuffer.CopyToByteArray(h.GetValueAndReset(), out pbHash);
-#else*/
+#if ModernKeePassLib
+			    var h = HashAlgorithmProvider.OpenAlgorithm(HashAlgorithmNames.Sha512)
+			        .HashData(CryptographicBuffer.CreateFromByteArray(pbIn));
+			    CryptographicBuffer.CopyToByteArray(h, out pbHash);
+#else
 				using(SHA512Managed h = new SHA512Managed())
 				{
 					pbHash = h.ComputeHash(pbIn, iInOffset, cbIn);
 				}
-//#endif
+#endif
 			}
 
 			if(cbOut == pbHash.Length) return pbHash;

ModernKeePassLib/Cryptography/Hash/Blake2b.cs

@@ -270,11 +270,15 @@ namespace ModernKeePassLib.Cryptography.Hash
 	        Reset();
 	    }
 
-        internal byte[] ComputeHash(byte[] pbOutBuffer)
+        internal byte[] ComputeHash(byte[] value)
         {
-            byte[] result = new byte[pbOutBuffer.Length];
-            DoFinal(result, 0);
-            return result;
+            if (value == null) throw new ArgumentNullException(nameof(value));
+
+            byte[] resBuf = new byte[m_cbHashLength];
+            BlockUpdate(value, 0, value.Length);
+            DoFinal(resBuf, 0);
+
+            return resBuf;
         }
     }
 }

ModernKeePassLib/Cryptography/Hash/DigestManaged.cs

@@ -1,26 +0,0 @@
-using System;
-using Org.BouncyCastle.Crypto;
-
-namespace ModernKeePassLib.Cryptography.Hash
-{
-    public abstract class DigestManaged : IDisposable
-    {
-        protected IDigest _hash;
-
-        public byte[] ComputeHash(byte[] value, int offset, int length)
-        {
-            if (value == null) throw new ArgumentNullException(nameof(value));
-
-            byte[] resBuf = new byte[_hash.GetDigestSize()];
-            _hash.BlockUpdate(value, offset, length);
-            _hash.DoFinal(resBuf, 0);
-
-            return resBuf;
-        }
-
-        public void Dispose()
-        {
-            _hash.Reset();
-        }
-    }
-}

ModernKeePassLib/Cryptography/Hash/SHA256Managed.cs

@@ -1,13 +0,0 @@
-using System;
-using Org.BouncyCastle.Crypto.Digests;
-
-namespace ModernKeePassLib.Cryptography.Hash
-{
-    public class SHA256Managed : DigestManaged
-    {
-        public SHA256Managed()
-        {
-            _hash = new Sha256Digest();
-        }
-    }
-}

ModernKeePassLib/Cryptography/Hash/SHA512Managed.cs

@@ -1,13 +0,0 @@
-using System;
-using Org.BouncyCastle.Crypto.Digests;
-
-namespace ModernKeePassLib.Cryptography.Hash
-{
-    public class SHA512Managed : DigestManaged
-    {
-        public SHA512Managed()
-        {
-            _hash = new Sha512Digest();
-        }
-    }
-}

ModernKeePassLib/Cryptography/PasswordGenerator/PwGenerator.cs

@@ -83,10 +83,10 @@ namespace ModernKeePassLib.Cryptography.PasswordGenerator
 			if((pbAdditionalEntropy != null) && (pbAdditionalEntropy.Length > 0))
 			{
 #if ModernKeePassLib
-                var sha256 = HashAlgorithmProvider.OpenAlgorithm(HashAlgorithmNames.Sha256);
-			    var buffer = sha256.HashData(CryptographicBuffer.CreateFromByteArray(pbAdditionalEntropy));
+                var h = HashAlgorithmProvider.OpenAlgorithm(HashAlgorithmNames.Sha512)
+                    .HashData(CryptographicBuffer.CreateFromByteArray(pbAdditionalEntropy));
 			    byte[] pbHash;
-                CryptographicBuffer.CopyToByteArray(buffer, out pbHash);
+                CryptographicBuffer.CopyToByteArray(h, out pbHash);
 			    MemUtil.XorArray(pbHash, 0, pbKey, 0, pbHash.Length);
 
 #else

ModernKeePassLib/ModernKeePassLib.csproj

@@ -61,10 +61,7 @@
     <Compile Include="Cryptography\Cipher\ICipherEngine.cs" />
     <Compile Include="Cryptography\CryptoUtil.cs" />
     <Compile Include="Cryptography\Hash\Blake2b.cs" />
-    <Compile Include="Cryptography\Hash\DigestManaged.cs" />
     <Compile Include="Cryptography\Hash\HMACSHA256.cs" />
-    <Compile Include="Cryptography\Hash\SHA256Managed.cs" />
-    <Compile Include="Cryptography\Hash\SHA512Managed.cs" />
     <Compile Include="Cryptography\HmacOtp.cs" />
     <Compile Include="Cryptography\KeyDerivation\AesKdf.cs" />
     <Compile Include="Cryptography\KeyDerivation\AesKdf.GCrypt.cs" />

ModernKeePassLib/ModernKeePassLib.nuspec

@@ -2,7 +2,7 @@
 <package >
   <metadata>
     <id>ModernKeePassLib</id>
-    <version>2.37.1000</version>
+    <version>2.37.2000</version>
     <title>ModernKeePassLib</title>
     <authors>Geoffroy Bonneville</authors>
     <owners>Geoffroy Bonneville</owners>

ModernKeePassLib/Properties/AssemblyInfo.cs

@@ -40,5 +40,5 @@ using System.Runtime.InteropServices;
 #endif
 
 // Assembly version information
-[assembly: AssemblyVersion("2.37.0.1000")]
-[assembly: AssemblyFileVersion("2.37.0.1000")]
+[assembly: AssemblyVersion("2.37.0.2000")]
+[assembly: AssemblyFileVersion("2.37.0.2000")]

ModernKeePassLib/Serialization/HashedBlockStream.cs

@@ -18,20 +18,18 @@
 */
 
 using System;
-using System.IO;
-#if ModernKeePassLib
-using System.Linq;
-using Windows.Security.Cryptography;
-#else
-using System.Security.Cryptography;
-#endif
 using System.Diagnostics;
+using System.IO;
 using System.Text;
-
+#if ModernKeePassLib
 using ModernKeePassLib.Native;
 using ModernKeePassLib.Utility;
-using Windows.Security.Cryptography.Core;
 using ModernKeePassLib.Cryptography;
+#else
+using KeePassLib.Cryptography;
+using KeePassLib.Native;
+using KeePassLib.Utility;
+#endif
 
 #if KeePassLibSD
 using KeePassLibSD;

ModernKeePassLib/Serialization/KdbxFile.cs

@@ -399,9 +399,9 @@ namespace ModernKeePassLib.Serialization
 
 				pbCmp[64] = 1;
 #if ModernKeePassLib
-			    var sha256 = HashAlgorithmProvider.OpenAlgorithm(HashAlgorithmNames.Sha256);
-			    var buffer = sha256.HashData(CryptographicBuffer.CreateFromByteArray(pbCmp));
-			    CryptographicBuffer.CopyToByteArray(buffer, out pbHmacKey64);
+			    var h = HashAlgorithmProvider.OpenAlgorithm(HashAlgorithmNames.Sha512)
+                    .HashData(CryptographicBuffer.CreateFromByteArray(pbCmp));
+			    CryptographicBuffer.CopyToByteArray(h, out pbHmacKey64);
 #else
                 using(SHA512Managed h = new SHA512Managed())
 				{