mcs/class/corlib/System.Security.Cryptography/Rfc2898DeriveBytes.cs

   1 //
   2 // Rfc2898DeriveBytes.cs: RFC2898 (PKCS#5 v2) Key derivation for Password Based Encryption
   3 //
   4 // Author:
   5 //      Sebastien Pouliot (spouliot@motus.com)
   6 //
   7 // (C) 2003 Motus Technologies Inc. (http://www.motus.com)
   8 //
   9
  10 //
  11 // Copyright (C) 2004 Novell, Inc (http://www.novell.com)
  12 //
  13 // Permission is hereby granted, free of charge, to any person obtaining
  14 // a copy of this software and associated documentation files (the
  15 // "Software"), to deal in the Software without restriction, including
  16 // without limitation the rights to use, copy, modify, merge, publish,
  17 // distribute, sublicense, and/or sell copies of the Software, and to
  18 // permit persons to whom the Software is furnished to do so, subject to
  19 // the following conditions:
  20 //
  21 // The above copyright notice and this permission notice shall be
  22 // included in all copies or substantial portions of the Software.
  23 //
  24 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
  25 // EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
  26 // MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
  27 // NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
  28 // LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
  29 // OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
  30 // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
  31 //
  32
  33 #if NET_2_0
  34
  35 using System;
  36 using System.Text;
  37
  38 using Mono.Security.Cryptography;
  39
  40 namespace System.Security.Cryptography {
  41
  42         public class Rfc2898DeriveBytes : DeriveBytes {
  43
  44                 private const int defaultIterations = 1000;
  45
  46                 private int _iteration;
  47                 private byte[] _salt;
  48                 private HMACSHA1 _hmac;
  49                 private byte[] _buffer;
  50                 private int _pos;
  51                 private int _f;
  52
  53                 // constructors
  54
  55                 public Rfc2898DeriveBytes (string password, byte[] salt)
  56                         : this (password, salt, defaultIterations) {}
  57
  58                 public Rfc2898DeriveBytes (string password, byte[] salt, int iterations)
  59                 {
  60                         if (password == null)
  61                                 throw new ArgumentNullException ("password");
  62
  63                         Salt = salt;
  64                         IterationCount = iterations;
  65                         _hmac = new HMACSHA1 (Encoding.UTF8.GetBytes (password));
  66                 }
  67
  68                 public Rfc2898DeriveBytes (string password, int saltSize)
  69                         : this (password, saltSize, defaultIterations) {}
  70
  71                 public Rfc2898DeriveBytes (string password, int saltSize, int iterations)
  72                 {
  73                         if (password == null)
  74                                 throw new ArgumentNullException ("password");
  75                         if (saltSize < 0)
  76                                 throw new ArgumentOutOfRangeException ("invalid salt length");
  77
  78                         Salt = KeyBuilder.Key (saltSize);
  79                         IterationCount = iterations;
  80                         _hmac = new HMACSHA1 (Encoding.UTF8.GetBytes (password));
  81                 }
  82
  83                 // properties
  84
  85                 public int IterationCount {
  86                         get { return _iteration; }
  87                         set {
  88                                 if (value < 1)
  89                                         throw new ArgumentOutOfRangeException ("IterationCount < 1");
  90
  91                                 _iteration = value;
  92                         }
  93                 }
  94
  95                 public byte[] Salt {
  96                         get { return (byte[]) _salt.Clone (); }
  97                         set {
  98                                 if (value == null)
  99                                         throw new ArgumentNullException ("Salt");
 100                                 if (value.Length < 8)
 101                                         throw new ArgumentException ("Salt < 8 bytes");
 102
 103                                 _salt = (byte[])value.Clone ();
 104                         }
 105                 }
 106
 107                 // methods
 108
 109                 private byte[] F (byte[] s, int c, int i)
 110                 {
 111                         byte[] data = new byte [s.Length + 4];
 112                         Buffer.BlockCopy (s, 0, data, 0, s.Length);
 113                         byte[] int4 = BitConverter.GetBytes (i);
 114                         Array.Reverse (int4, 0, 4);
 115                         Buffer.BlockCopy (int4, 0, data, s.Length, 4);
 116
 117                         // this is like j=0
 118                         byte[] u1 = _hmac.ComputeHash (data);
 119                         data = u1;
 120                         // so we start at j=1
 121                         for (int j=1; j < c; j++) {
 122                                 byte[] un = _hmac.ComputeHash (data);
 123                                 // xor
 124                                 for (int k=0; k < 20; k++)
 125                                         u1 [k] = (byte)(u1 [k] ^ un [k]);
 126                                 data = un;
 127                         }
 128                         return u1;
 129                 }
 130
 131                 public override byte[] GetBytes (int cb)
 132                 {
 133                         if (cb < 1)
 134                                 throw new ArgumentOutOfRangeException ("cb");
 135
 136                         int l = cb / 20;        // HMACSHA1 == 160 bits == 20 bytes
 137                         int r = cb % 20;        // remainder
 138                         if (r != 0)
 139                                 l++;            // rounding up
 140
 141                         byte[] result = new byte [cb];
 142                         int rpos = 0;
 143                         if (_pos > 0) {
 144                                 int count = Math.Min (20 - _pos, cb);
 145                                 Buffer.BlockCopy (_buffer, _pos, result, 0, count);
 146                                 if (count >= cb)
 147                                         return result;
 148                                 _pos = 0;
 149                                 rpos = 20 - cb;
 150                                 r = cb - rpos;
 151                         }
 152
 153                         for (int i=1; i <= l; i++) {
 154                                 _buffer = F (_salt, _iteration, ++_f);
 155                                 int count = ((i == l) ? r : 20);
 156                                 Buffer.BlockCopy (_buffer, _pos, result, rpos, count);
 157                                 rpos += _pos + count;
 158                                 _pos = ((count == 20) ? 0 : count);
 159                         }
 160
 161                         return result;
 162                 }
 163
 164                 public override void Reset ()
 165                 {
 166                         _buffer = null;
 167                         _pos = 0;
 168                         _f = 0;
 169                 }
 170         }
 171 }
 172
 173 #endif