Correct implementation of SHA512 with WinRT in KeepassLib

2025-10-03 23:50:18 -04:00 · 2017-10-23 10:29:07 +02:00
parent e95e62f184
commit a11d209280
15 changed files with 101 additions and 120 deletions
--- a/ModernKeePassLib/Cryptography/Cipher/StandardAesEngine.cs
+++ b/ModernKeePassLib/Cryptography/Cipher/StandardAesEngine.cs
@@ -39,6 +39,11 @@ namespace ModernKeePassLib.Cryptography.Cipher
 	/// </summary>
 	public sealed class StandardAesEngine : ICipherEngine
 	{
+#if !ModernKeePassLib && !KeePassUAP
+		private const CipherMode m_rCipherMode = CipherMode.CBC;
+		private const PaddingMode m_rCipherPadding = PaddingMode.PKCS7;
+#endif
+
 		private static PwUuid g_uuidAes = null;

 		/// <summary>
@@ -115,18 +120,43 @@ namespace ModernKeePassLib.Cryptography.Cipher

 			byte[] pbLocalKey = new byte[32];
 			Array.Copy(pbKey, pbLocalKey, 32);
-			AesEngine aes = new AesEngine();
-			CbcBlockCipher cbc = new CbcBlockCipher(aes);
-			PaddedBufferedBlockCipher bc = new PaddedBufferedBlockCipher(cbc,
-				new Pkcs7Padding());
-			KeyParameter kp = new KeyParameter(pbLocalKey);
-			ParametersWithIV prmIV = new ParametersWithIV(kp, pbLocalIV);
-			bc.Init(bEncrypt, prmIV);

-			IBufferedCipher cpRead = (bEncrypt ? null : bc);
-			IBufferedCipher cpWrite = (bEncrypt ? bc : null);
-			return new CipherStream(s, cpRead, cpWrite);
-        }
+#if ModernKeePassLib
+		    AesEngine aes = new AesEngine();
+		    CbcBlockCipher cbc = new CbcBlockCipher(aes);
+		    PaddedBufferedBlockCipher bc = new PaddedBufferedBlockCipher(cbc,
+		        new Pkcs7Padding());
+		    KeyParameter kp = new KeyParameter(pbLocalKey);
+		    ParametersWithIV prmIV = new ParametersWithIV(kp, pbLocalIV);
+		    bc.Init(bEncrypt, prmIV);
+
+		    IBufferedCipher cpRead = (bEncrypt ? null : bc);
+		    IBufferedCipher cpWrite = (bEncrypt ? bc : null);
+		    return new CipherStream(s, cpRead, cpWrite);
+#elif KeePassUAP
+			return StandardAesEngineExt.CreateStream(s, bEncrypt, pbLocalKey, pbLocalIV);
+#else
+			SymmetricAlgorithm a = CryptoUtil.CreateAes();
+			if(a.BlockSize != 128) // AES block size
+			{
+				Debug.Assert(false);
+				a.BlockSize = 128;
+			}
+
+			a.IV = pbLocalIV;
+			a.KeySize = 256;
+			a.Key = pbLocalKey;
+			a.Mode = m_rCipherMode;
+			a.Padding = m_rCipherPadding;
+
+			ICryptoTransform iTransform = (bEncrypt ? a.CreateEncryptor() : a.CreateDecryptor());
+			Debug.Assert(iTransform != null);
+			if(iTransform == null) throw new SecurityException("Unable to create AES transform!");
+
+			return new CryptoStream(s, iTransform, bEncrypt ? CryptoStreamMode.Write :
+				CryptoStreamMode.Read);
+#endif
+		}

 		public Stream EncryptStream(Stream sPlainText, byte[] pbKey, byte[] pbIV)
 		{
--- a/ModernKeePassLib/Cryptography/CryptoRandom.cs
+++ b/ModernKeePassLib/Cryptography/CryptoRandom.cs
@@ -120,9 +120,9 @@ namespace ModernKeePassLib.Cryptography
 			{
 #if ModernKeePassLib

-                var sha256 = HashAlgorithmProvider.OpenAlgorithm(HashAlgorithmNames.Sha256);
-                var buffer = sha256.HashData(CryptographicBuffer.CreateFromByteArray(pbEntropy));
-                CryptographicBuffer.CopyToByteArray(buffer, out pbNewData);
+			    var h = HashAlgorithmProvider.OpenAlgorithm(HashAlgorithmNames.Sha256)
+			        .HashData(CryptographicBuffer.CreateFromByteArray(pbEntropy));
+                CryptographicBuffer.CopyToByteArray(h, out pbNewData);
 #else
 #if KeePassLibSD
 				using(SHA256Managed shaNew = new SHA256Managed())
@@ -147,9 +147,9 @@ namespace ModernKeePassLib.Cryptography
 				MemUtil.ZeroByteArray(m_pbEntropyPool);

 #if ModernKeePassLib
-                var sha256 = HashAlgorithmProvider.OpenAlgorithm(HashAlgorithmNames.Sha256);
-                var buffer = sha256.HashData(CryptographicBuffer.CreateFromByteArray(pbCmp));
-                CryptographicBuffer.CopyToByteArray(buffer, out m_pbEntropyPool);
+                var h = HashAlgorithmProvider.OpenAlgorithm(HashAlgorithmNames.Sha256)
+                    .HashData(CryptographicBuffer.CreateFromByteArray(pbCmp));
+                CryptographicBuffer.CopyToByteArray(h, out m_pbEntropyPool);
 #else
 #if KeePassLibSD
 				using(SHA256Managed shaPool = new SHA256Managed())
--- a/ModernKeePassLib/Cryptography/CryptoRandomStream.cs
+++ b/ModernKeePassLib/Cryptography/CryptoRandomStream.cs
@@ -98,10 +98,10 @@ namespace ModernKeePassLib.Cryptography
 				byte[] pbKey32 = new byte[32];
 				byte[] pbIV12 = new byte[12];
 #if ModernKeePassLib
-                var sha256 = HashAlgorithmProvider.OpenAlgorithm(HashAlgorithmNames.Sha256);
-			    var buffer = sha256.HashData(CryptographicBuffer.CreateFromByteArray(pbKey));
+                var h = HashAlgorithmProvider.OpenAlgorithm(HashAlgorithmNames.Sha512)
+                    .HashData(CryptographicBuffer.CreateFromByteArray(pbKey));
 			    byte[] pbHash;
-			    CryptographicBuffer.CopyToByteArray(buffer, out pbHash);
+			    CryptographicBuffer.CopyToByteArray(h, out pbHash);
                
 				Array.Copy(pbHash, pbKey32, 32);
 				Array.Copy(pbHash, 32, pbIV12, 0, 12);
--- a/ModernKeePassLib/Cryptography/CryptoUtil.cs
+++ b/ModernKeePassLib/Cryptography/CryptoUtil.cs
@@ -52,15 +52,16 @@ namespace ModernKeePassLib.Cryptography

 			byte[] pbHash;

-/*#if ModernKeePassLib
-            var h = HashAlgorithmProvider.OpenAlgorithm(HashAlgorithmNames.Sha256).CreateHash();
-            CryptographicBuffer.CopyToByteArray(h.GetValueAndReset(), out pbHash);
-#else*/
+#if ModernKeePassLib
+		    var h = HashAlgorithmProvider.OpenAlgorithm(HashAlgorithmNames.Sha256)
+		        .HashData(CryptographicBuffer.CreateFromByteArray(pbData));
+            CryptographicBuffer.CopyToByteArray(h, out pbHash);
+#else
 			using(SHA256Managed h = new SHA256Managed())
 			{
 				pbHash = h.ComputeHash(pbData, iOffset, cbCount);
 			}
-//#endif
+#endif

 #if DEBUG
 			// Ensure the data has not been modified
@@ -90,15 +91,16 @@ namespace ModernKeePassLib.Cryptography
 			if(cbOut <= 32) pbHash = HashSha256(pbIn, iInOffset, cbIn);
 			else
 			{
-/*#if ModernKeePassLib
-                var h = HashAlgorithmProvider.OpenAlgorithm(HashAlgorithmNames.Sha512).CreateHash();
-			    CryptographicBuffer.CopyToByteArray(h.GetValueAndReset(), out pbHash);
-#else*/
+#if ModernKeePassLib
+			    var h = HashAlgorithmProvider.OpenAlgorithm(HashAlgorithmNames.Sha512)
+			        .HashData(CryptographicBuffer.CreateFromByteArray(pbIn));
+			    CryptographicBuffer.CopyToByteArray(h, out pbHash);
+#else
 				using(SHA512Managed h = new SHA512Managed())
 				{
 					pbHash = h.ComputeHash(pbIn, iInOffset, cbIn);
 				}
-//#endif
+#endif
 			}

 			if(cbOut == pbHash.Length) return pbHash;
--- a/ModernKeePassLib/Cryptography/Hash/Blake2b.cs
+++ b/ModernKeePassLib/Cryptography/Hash/Blake2b.cs
@@ -270,11 +270,15 @@ namespace ModernKeePassLib.Cryptography.Hash
 	        Reset();
 	    }

-        internal byte[] ComputeHash(byte[] pbOutBuffer)
+        internal byte[] ComputeHash(byte[] value)
        {
-            byte[] result = new byte[pbOutBuffer.Length];
-            DoFinal(result, 0);
-            return result;
+            if (value == null) throw new ArgumentNullException(nameof(value));
+
+            byte[] resBuf = new byte[m_cbHashLength];
+            BlockUpdate(value, 0, value.Length);
+            DoFinal(resBuf, 0);
+
+            return resBuf;
        }
    }
 }
--- a/ModernKeePassLib/Cryptography/Hash/DigestManaged.cs
+++ b/ModernKeePassLib/Cryptography/Hash/DigestManaged.cs
@@ -1,26 +0,0 @@
-using System;
-using Org.BouncyCastle.Crypto;
-
-namespace ModernKeePassLib.Cryptography.Hash
-{
-    public abstract class DigestManaged : IDisposable
-    {
-        protected IDigest _hash;
-
-        public byte[] ComputeHash(byte[] value, int offset, int length)
-        {
-            if (value == null) throw new ArgumentNullException(nameof(value));
-
-            byte[] resBuf = new byte[_hash.GetDigestSize()];
-            _hash.BlockUpdate(value, offset, length);
-            _hash.DoFinal(resBuf, 0);
-
-            return resBuf;
-        }
-
-        public void Dispose()
-        {
-            _hash.Reset();
-        }
-    }
-}
--- a/ModernKeePassLib/Cryptography/Hash/SHA256Managed.cs
+++ b/ModernKeePassLib/Cryptography/Hash/SHA256Managed.cs
@@ -1,13 +0,0 @@
-using System;
-using Org.BouncyCastle.Crypto.Digests;
-
-namespace ModernKeePassLib.Cryptography.Hash
-{
-    public class SHA256Managed : DigestManaged
-    {
-        public SHA256Managed()
-        {
-            _hash = new Sha256Digest();
-        }
-    }
-}
--- a/ModernKeePassLib/Cryptography/Hash/SHA512Managed.cs
+++ b/ModernKeePassLib/Cryptography/Hash/SHA512Managed.cs
@@ -1,13 +0,0 @@
-using System;
-using Org.BouncyCastle.Crypto.Digests;
-
-namespace ModernKeePassLib.Cryptography.Hash
-{
-    public class SHA512Managed : DigestManaged
-    {
-        public SHA512Managed()
-        {
-            _hash = new Sha512Digest();
-        }
-    }
-}
--- a/ModernKeePassLib/Cryptography/PasswordGenerator/PwGenerator.cs
+++ b/ModernKeePassLib/Cryptography/PasswordGenerator/PwGenerator.cs
@@ -83,10 +83,10 @@ namespace ModernKeePassLib.Cryptography.PasswordGenerator
 			if((pbAdditionalEntropy != null) && (pbAdditionalEntropy.Length > 0))
 			{
 #if ModernKeePassLib
-                var sha256 = HashAlgorithmProvider.OpenAlgorithm(HashAlgorithmNames.Sha256);
-			    var buffer = sha256.HashData(CryptographicBuffer.CreateFromByteArray(pbAdditionalEntropy));
+                var h = HashAlgorithmProvider.OpenAlgorithm(HashAlgorithmNames.Sha512)
+                    .HashData(CryptographicBuffer.CreateFromByteArray(pbAdditionalEntropy));
 			    byte[] pbHash;
-                CryptographicBuffer.CopyToByteArray(buffer, out pbHash);
+                CryptographicBuffer.CopyToByteArray(h, out pbHash);
 			    MemUtil.XorArray(pbHash, 0, pbKey, 0, pbHash.Length);

 #else