Code cleanup in KeyDerivation
- Rename PRF members to be HMAC functions (which is technically correct) - Use NotNullAttribute where possible
This commit is contained in:
Levi B
Родитель
271ec1bd4b
Коммит
ca840d3711
|
|
@ -3,6 +3,7 @@
|
|||
|
||||
using System;
|
||||
using Microsoft.AspNet.Cryptography.KeyDerivation.PBKDF2;
|
||||
using Microsoft.Framework.Internal;
|
||||
|
||||
namespace Microsoft.AspNet.Cryptography.KeyDerivation
|
||||
{
|
||||
|
|
@ -24,18 +25,10 @@ namespace Microsoft.AspNet.Cryptography.KeyDerivation
|
|||
/// <remarks>
|
||||
/// The PBKDF2 algorithm is specified in RFC 2898.
|
||||
/// </remarks>
|
||||
public static byte[] Pbkdf2(string password, byte[] salt, KeyDerivationPrf prf, int iterationCount, int numBytesRequested)
|
||||
public static byte[] Pbkdf2([NotNull] string password, [NotNull] byte[] salt, KeyDerivationPrf prf, int iterationCount, int numBytesRequested)
|
||||
{
|
||||
// parameter checking
|
||||
if (password == null)
|
||||
{
|
||||
throw new ArgumentNullException(nameof(password));
|
||||
}
|
||||
if (salt == null)
|
||||
{
|
||||
throw new ArgumentNullException(nameof(salt));
|
||||
}
|
||||
if (prf < KeyDerivationPrf.Sha1 || prf > KeyDerivationPrf.Sha512)
|
||||
if (prf < KeyDerivationPrf.HMACSHA1 || prf > KeyDerivationPrf.HMACSHA512)
|
||||
{
|
||||
throw new ArgumentOutOfRangeException(nameof(prf));
|
||||
}
|
||||
|
|
|
|||
|
|
@ -11,18 +11,18 @@ namespace Microsoft.AspNet.Cryptography.KeyDerivation
|
|||
public enum KeyDerivationPrf
|
||||
{
|
||||
/// <summary>
|
||||
/// SHA-1 (FIPS PUB 180-4)
|
||||
/// The HMAC algorithm (RFC 2104) using the SHA-1 hash function (FIPS 180-4).
|
||||
/// </summary>
|
||||
Sha1,
|
||||
HMACSHA1,
|
||||
|
||||
/// <summary>
|
||||
/// SHA-256 (FIPS PUB 180-4)
|
||||
/// The HMAC algorithm (RFC 2104) using the SHA-256 hash function (FIPS 180-4).
|
||||
/// </summary>
|
||||
Sha256,
|
||||
HMACSHA256,
|
||||
|
||||
/// <summary>
|
||||
/// SHA-512 (FIPS PUB 180-4)
|
||||
/// The HMAC algorithm (RFC 2104) using the SHA-512 hash function (FIPS 180-4).
|
||||
/// </summary>
|
||||
Sha512,
|
||||
HMACSHA512,
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -73,11 +73,11 @@ namespace Microsoft.AspNet.Cryptography.KeyDerivation.PBKDF2
|
|||
{
|
||||
switch (prf)
|
||||
{
|
||||
case KeyDerivationPrf.Sha1:
|
||||
case KeyDerivationPrf.HMACSHA1:
|
||||
return new HMACSHA1(passwordBytes);
|
||||
case KeyDerivationPrf.Sha256:
|
||||
case KeyDerivationPrf.HMACSHA256:
|
||||
return new HMACSHA256(passwordBytes);
|
||||
case KeyDerivationPrf.Sha512:
|
||||
case KeyDerivationPrf.HMACSHA512:
|
||||
return new HMACSHA512(passwordBytes);
|
||||
default:
|
||||
throw CryptoUtil.Fail("Unrecognized PRF.");
|
||||
|
|
|
|||
|
|
@ -86,11 +86,11 @@ namespace Microsoft.AspNet.Cryptography.KeyDerivation.PBKDF2
|
|||
{
|
||||
switch (prf)
|
||||
{
|
||||
case KeyDerivationPrf.Sha1:
|
||||
case KeyDerivationPrf.HMACSHA1:
|
||||
return CachedAlgorithmHandles.HMAC_SHA1;
|
||||
case KeyDerivationPrf.Sha256:
|
||||
case KeyDerivationPrf.HMACSHA256:
|
||||
return CachedAlgorithmHandles.HMAC_SHA256;
|
||||
case KeyDerivationPrf.Sha512:
|
||||
case KeyDerivationPrf.HMACSHA512:
|
||||
return CachedAlgorithmHandles.HMAC_SHA512;
|
||||
default:
|
||||
throw CryptoUtil.Fail("Unrecognized PRF.");
|
||||
|
|
|
|||
|
|
@ -112,13 +112,13 @@ namespace Microsoft.AspNet.Cryptography.KeyDerivation.PBKDF2
|
|||
BCryptAlgorithmHandle prfAlgorithmHandle; // cached; don't dispose
|
||||
switch (prf)
|
||||
{
|
||||
case KeyDerivationPrf.Sha1:
|
||||
case KeyDerivationPrf.HMACSHA1:
|
||||
prfAlgorithmHandle = CachedAlgorithmHandles.SHA1;
|
||||
break;
|
||||
case KeyDerivationPrf.Sha256:
|
||||
case KeyDerivationPrf.HMACSHA256:
|
||||
prfAlgorithmHandle = CachedAlgorithmHandles.SHA256;
|
||||
break;
|
||||
case KeyDerivationPrf.Sha512:
|
||||
case KeyDerivationPrf.HMACSHA512:
|
||||
prfAlgorithmHandle = CachedAlgorithmHandles.SHA512;
|
||||
break;
|
||||
default:
|
||||
|
|
@ -197,11 +197,11 @@ namespace Microsoft.AspNet.Cryptography.KeyDerivation.PBKDF2
|
|||
{
|
||||
switch (prf)
|
||||
{
|
||||
case KeyDerivationPrf.Sha1:
|
||||
case KeyDerivationPrf.HMACSHA1:
|
||||
return Constants.BCRYPT_SHA1_ALGORITHM;
|
||||
case KeyDerivationPrf.Sha256:
|
||||
case KeyDerivationPrf.HMACSHA256:
|
||||
return Constants.BCRYPT_SHA256_ALGORITHM;
|
||||
case KeyDerivationPrf.Sha512:
|
||||
case KeyDerivationPrf.HMACSHA512:
|
||||
return Constants.BCRYPT_SHA512_ALGORITHM;
|
||||
default:
|
||||
throw CryptoUtil.Fail("Unrecognized PRF.");
|
||||
|
|
|
|||
|
|
@ -2,7 +2,8 @@
|
|||
"version": "1.0.0-*",
|
||||
"description": "ASP.NET 5 utilities for key derivation.",
|
||||
"dependencies": {
|
||||
"Microsoft.AspNet.Cryptography.Internal": "1.0.0-*"
|
||||
"Microsoft.AspNet.Cryptography.Internal": "1.0.0-*",
|
||||
"Microsoft.Framework.NotNullAttribute.Internal": { "type": "build", "version": "1.0.0-*" }
|
||||
},
|
||||
"frameworks": {
|
||||
"net451": { },
|
||||
|
|
|
|||
|
|
@ -16,15 +16,15 @@ namespace Microsoft.AspNet.Cryptography.KeyDerivation
|
|||
// this value straddles the digest length of the PRF. We only use 5 iterations so
|
||||
// that our unit tests are fast.
|
||||
[Theory]
|
||||
[InlineData("my-password", KeyDerivationPrf.Sha1, 5, 160 / 8 - 1, "efmxNcKD/U1urTEDGvsThlPnHA==")]
|
||||
[InlineData("my-password", KeyDerivationPrf.Sha1, 5, 160 / 8 + 0, "efmxNcKD/U1urTEDGvsThlPnHDI=")]
|
||||
[InlineData("my-password", KeyDerivationPrf.Sha1, 5, 160 / 8 + 1, "efmxNcKD/U1urTEDGvsThlPnHDLk")]
|
||||
[InlineData("my-password", KeyDerivationPrf.Sha256, 5, 256 / 8 - 1, "JRNz8bPKS02EG1vf7eWjA64IeeI+TI8gBEwb1oVvRA==")]
|
||||
[InlineData("my-password", KeyDerivationPrf.Sha256, 5, 256 / 8 + 0, "JRNz8bPKS02EG1vf7eWjA64IeeI+TI8gBEwb1oVvRLo=")]
|
||||
[InlineData("my-password", KeyDerivationPrf.Sha256, 5, 256 / 8 + 1, "JRNz8bPKS02EG1vf7eWjA64IeeI+TI8gBEwb1oVvRLpk")]
|
||||
[InlineData("my-password", KeyDerivationPrf.Sha512, 5, 512 / 8 - 1, "ZTallQJrFn0279xIzaiA1XqatVTGei+ZjKngA7bIMtKMDUw6YJeGUQpFG8iGTgN+ri3LNDktNbzwfcSyZmm9")]
|
||||
[InlineData("my-password", KeyDerivationPrf.Sha512, 5, 512 / 8 + 0, "ZTallQJrFn0279xIzaiA1XqatVTGei+ZjKngA7bIMtKMDUw6YJeGUQpFG8iGTgN+ri3LNDktNbzwfcSyZmm90Q==")]
|
||||
[InlineData("my-password", KeyDerivationPrf.Sha512, 5, 512 / 8 + 1, "ZTallQJrFn0279xIzaiA1XqatVTGei+ZjKngA7bIMtKMDUw6YJeGUQpFG8iGTgN+ri3LNDktNbzwfcSyZmm90Wk=")]
|
||||
[InlineData("my-password", KeyDerivationPrf.HMACSHA1, 5, 160 / 8 - 1, "efmxNcKD/U1urTEDGvsThlPnHA==")]
|
||||
[InlineData("my-password", KeyDerivationPrf.HMACSHA1, 5, 160 / 8 + 0, "efmxNcKD/U1urTEDGvsThlPnHDI=")]
|
||||
[InlineData("my-password", KeyDerivationPrf.HMACSHA1, 5, 160 / 8 + 1, "efmxNcKD/U1urTEDGvsThlPnHDLk")]
|
||||
[InlineData("my-password", KeyDerivationPrf.HMACSHA256, 5, 256 / 8 - 1, "JRNz8bPKS02EG1vf7eWjA64IeeI+TI8gBEwb1oVvRA==")]
|
||||
[InlineData("my-password", KeyDerivationPrf.HMACSHA256, 5, 256 / 8 + 0, "JRNz8bPKS02EG1vf7eWjA64IeeI+TI8gBEwb1oVvRLo=")]
|
||||
[InlineData("my-password", KeyDerivationPrf.HMACSHA256, 5, 256 / 8 + 1, "JRNz8bPKS02EG1vf7eWjA64IeeI+TI8gBEwb1oVvRLpk")]
|
||||
[InlineData("my-password", KeyDerivationPrf.HMACSHA512, 5, 512 / 8 - 1, "ZTallQJrFn0279xIzaiA1XqatVTGei+ZjKngA7bIMtKMDUw6YJeGUQpFG8iGTgN+ri3LNDktNbzwfcSyZmm9")]
|
||||
[InlineData("my-password", KeyDerivationPrf.HMACSHA512, 5, 512 / 8 + 0, "ZTallQJrFn0279xIzaiA1XqatVTGei+ZjKngA7bIMtKMDUw6YJeGUQpFG8iGTgN+ri3LNDktNbzwfcSyZmm90Q==")]
|
||||
[InlineData("my-password", KeyDerivationPrf.HMACSHA512, 5, 512 / 8 + 1, "ZTallQJrFn0279xIzaiA1XqatVTGei+ZjKngA7bIMtKMDUw6YJeGUQpFG8iGTgN+ri3LNDktNbzwfcSyZmm90Wk=")]
|
||||
public void RunTest_Normal_Managed(string password, KeyDerivationPrf prf, int iterationCount, int numBytesRequested, string expectedValueAsBase64)
|
||||
{
|
||||
// Arrange
|
||||
|
|
@ -43,15 +43,15 @@ namespace Microsoft.AspNet.Cryptography.KeyDerivation
|
|||
// that our unit tests are fast.
|
||||
[ConditionalTheory]
|
||||
[ConditionalRunTestOnlyOnWindows]
|
||||
[InlineData("my-password", KeyDerivationPrf.Sha1, 5, 160 / 8 - 1, "efmxNcKD/U1urTEDGvsThlPnHA==")]
|
||||
[InlineData("my-password", KeyDerivationPrf.Sha1, 5, 160 / 8 + 0, "efmxNcKD/U1urTEDGvsThlPnHDI=")]
|
||||
[InlineData("my-password", KeyDerivationPrf.Sha1, 5, 160 / 8 + 1, "efmxNcKD/U1urTEDGvsThlPnHDLk")]
|
||||
[InlineData("my-password", KeyDerivationPrf.Sha256, 5, 256 / 8 - 1, "JRNz8bPKS02EG1vf7eWjA64IeeI+TI8gBEwb1oVvRA==")]
|
||||
[InlineData("my-password", KeyDerivationPrf.Sha256, 5, 256 / 8 + 0, "JRNz8bPKS02EG1vf7eWjA64IeeI+TI8gBEwb1oVvRLo=")]
|
||||
[InlineData("my-password", KeyDerivationPrf.Sha256, 5, 256 / 8 + 1, "JRNz8bPKS02EG1vf7eWjA64IeeI+TI8gBEwb1oVvRLpk")]
|
||||
[InlineData("my-password", KeyDerivationPrf.Sha512, 5, 512 / 8 - 1, "ZTallQJrFn0279xIzaiA1XqatVTGei+ZjKngA7bIMtKMDUw6YJeGUQpFG8iGTgN+ri3LNDktNbzwfcSyZmm9")]
|
||||
[InlineData("my-password", KeyDerivationPrf.Sha512, 5, 512 / 8 + 0, "ZTallQJrFn0279xIzaiA1XqatVTGei+ZjKngA7bIMtKMDUw6YJeGUQpFG8iGTgN+ri3LNDktNbzwfcSyZmm90Q==")]
|
||||
[InlineData("my-password", KeyDerivationPrf.Sha512, 5, 512 / 8 + 1, "ZTallQJrFn0279xIzaiA1XqatVTGei+ZjKngA7bIMtKMDUw6YJeGUQpFG8iGTgN+ri3LNDktNbzwfcSyZmm90Wk=")]
|
||||
[InlineData("my-password", KeyDerivationPrf.HMACSHA1, 5, 160 / 8 - 1, "efmxNcKD/U1urTEDGvsThlPnHA==")]
|
||||
[InlineData("my-password", KeyDerivationPrf.HMACSHA1, 5, 160 / 8 + 0, "efmxNcKD/U1urTEDGvsThlPnHDI=")]
|
||||
[InlineData("my-password", KeyDerivationPrf.HMACSHA1, 5, 160 / 8 + 1, "efmxNcKD/U1urTEDGvsThlPnHDLk")]
|
||||
[InlineData("my-password", KeyDerivationPrf.HMACSHA256, 5, 256 / 8 - 1, "JRNz8bPKS02EG1vf7eWjA64IeeI+TI8gBEwb1oVvRA==")]
|
||||
[InlineData("my-password", KeyDerivationPrf.HMACSHA256, 5, 256 / 8 + 0, "JRNz8bPKS02EG1vf7eWjA64IeeI+TI8gBEwb1oVvRLo=")]
|
||||
[InlineData("my-password", KeyDerivationPrf.HMACSHA256, 5, 256 / 8 + 1, "JRNz8bPKS02EG1vf7eWjA64IeeI+TI8gBEwb1oVvRLpk")]
|
||||
[InlineData("my-password", KeyDerivationPrf.HMACSHA512, 5, 512 / 8 - 1, "ZTallQJrFn0279xIzaiA1XqatVTGei+ZjKngA7bIMtKMDUw6YJeGUQpFG8iGTgN+ri3LNDktNbzwfcSyZmm9")]
|
||||
[InlineData("my-password", KeyDerivationPrf.HMACSHA512, 5, 512 / 8 + 0, "ZTallQJrFn0279xIzaiA1XqatVTGei+ZjKngA7bIMtKMDUw6YJeGUQpFG8iGTgN+ri3LNDktNbzwfcSyZmm90Q==")]
|
||||
[InlineData("my-password", KeyDerivationPrf.HMACSHA512, 5, 512 / 8 + 1, "ZTallQJrFn0279xIzaiA1XqatVTGei+ZjKngA7bIMtKMDUw6YJeGUQpFG8iGTgN+ri3LNDktNbzwfcSyZmm90Wk=")]
|
||||
public void RunTest_Normal_Win7(string password, KeyDerivationPrf prf, int iterationCount, int numBytesRequested, string expectedValueAsBase64)
|
||||
{
|
||||
// Arrange
|
||||
|
|
@ -70,15 +70,15 @@ namespace Microsoft.AspNet.Cryptography.KeyDerivation
|
|||
// that our unit tests are fast.
|
||||
[ConditionalTheory]
|
||||
[ConditionalRunTestOnlyOnWindows8OrLater]
|
||||
[InlineData("my-password", KeyDerivationPrf.Sha1, 5, 160 / 8 - 1, "efmxNcKD/U1urTEDGvsThlPnHA==")]
|
||||
[InlineData("my-password", KeyDerivationPrf.Sha1, 5, 160 / 8 + 0, "efmxNcKD/U1urTEDGvsThlPnHDI=")]
|
||||
[InlineData("my-password", KeyDerivationPrf.Sha1, 5, 160 / 8 + 1, "efmxNcKD/U1urTEDGvsThlPnHDLk")]
|
||||
[InlineData("my-password", KeyDerivationPrf.Sha256, 5, 256 / 8 - 1, "JRNz8bPKS02EG1vf7eWjA64IeeI+TI8gBEwb1oVvRA==")]
|
||||
[InlineData("my-password", KeyDerivationPrf.Sha256, 5, 256 / 8 + 0, "JRNz8bPKS02EG1vf7eWjA64IeeI+TI8gBEwb1oVvRLo=")]
|
||||
[InlineData("my-password", KeyDerivationPrf.Sha256, 5, 256 / 8 + 1, "JRNz8bPKS02EG1vf7eWjA64IeeI+TI8gBEwb1oVvRLpk")]
|
||||
[InlineData("my-password", KeyDerivationPrf.Sha512, 5, 512 / 8 - 1, "ZTallQJrFn0279xIzaiA1XqatVTGei+ZjKngA7bIMtKMDUw6YJeGUQpFG8iGTgN+ri3LNDktNbzwfcSyZmm9")]
|
||||
[InlineData("my-password", KeyDerivationPrf.Sha512, 5, 512 / 8 + 0, "ZTallQJrFn0279xIzaiA1XqatVTGei+ZjKngA7bIMtKMDUw6YJeGUQpFG8iGTgN+ri3LNDktNbzwfcSyZmm90Q==")]
|
||||
[InlineData("my-password", KeyDerivationPrf.Sha512, 5, 512 / 8 + 1, "ZTallQJrFn0279xIzaiA1XqatVTGei+ZjKngA7bIMtKMDUw6YJeGUQpFG8iGTgN+ri3LNDktNbzwfcSyZmm90Wk=")]
|
||||
[InlineData("my-password", KeyDerivationPrf.HMACSHA1, 5, 160 / 8 - 1, "efmxNcKD/U1urTEDGvsThlPnHA==")]
|
||||
[InlineData("my-password", KeyDerivationPrf.HMACSHA1, 5, 160 / 8 + 0, "efmxNcKD/U1urTEDGvsThlPnHDI=")]
|
||||
[InlineData("my-password", KeyDerivationPrf.HMACSHA1, 5, 160 / 8 + 1, "efmxNcKD/U1urTEDGvsThlPnHDLk")]
|
||||
[InlineData("my-password", KeyDerivationPrf.HMACSHA256, 5, 256 / 8 - 1, "JRNz8bPKS02EG1vf7eWjA64IeeI+TI8gBEwb1oVvRA==")]
|
||||
[InlineData("my-password", KeyDerivationPrf.HMACSHA256, 5, 256 / 8 + 0, "JRNz8bPKS02EG1vf7eWjA64IeeI+TI8gBEwb1oVvRLo=")]
|
||||
[InlineData("my-password", KeyDerivationPrf.HMACSHA256, 5, 256 / 8 + 1, "JRNz8bPKS02EG1vf7eWjA64IeeI+TI8gBEwb1oVvRLpk")]
|
||||
[InlineData("my-password", KeyDerivationPrf.HMACSHA512, 5, 512 / 8 - 1, "ZTallQJrFn0279xIzaiA1XqatVTGei+ZjKngA7bIMtKMDUw6YJeGUQpFG8iGTgN+ri3LNDktNbzwfcSyZmm9")]
|
||||
[InlineData("my-password", KeyDerivationPrf.HMACSHA512, 5, 512 / 8 + 0, "ZTallQJrFn0279xIzaiA1XqatVTGei+ZjKngA7bIMtKMDUw6YJeGUQpFG8iGTgN+ri3LNDktNbzwfcSyZmm90Q==")]
|
||||
[InlineData("my-password", KeyDerivationPrf.HMACSHA512, 5, 512 / 8 + 1, "ZTallQJrFn0279xIzaiA1XqatVTGei+ZjKngA7bIMtKMDUw6YJeGUQpFG8iGTgN+ri3LNDktNbzwfcSyZmm90Wk=")]
|
||||
public void RunTest_Normal_Win8(string password, KeyDerivationPrf prf, int iterationCount, int numBytesRequested, string expectedValueAsBase64)
|
||||
{
|
||||
// Arrange
|
||||
|
|
@ -119,7 +119,7 @@ namespace Microsoft.AspNet.Cryptography.KeyDerivation
|
|||
string password = new String('x', 50000); // 50,000 char password
|
||||
byte[] salt = Encoding.UTF8.GetBytes("salt");
|
||||
const string expectedDerivedKeyBase64 = "Sc+V/c3fiZq5Z5qH3iavAiojTsW97FAp2eBNmCQAwCNzA8hfhFFYyQLIMK65qPnBFHOHXQPwAxNQNhaEAH9hzfiaNBSRJpF9V4rpl02d5ZpI6cZbsQFF7TJW7XJzQVpYoPDgJlg0xVmYLhn1E9qMtUVUuXsBjOOdd7K1M+ZI00c=";
|
||||
const KeyDerivationPrf prf = KeyDerivationPrf.Sha256;
|
||||
const KeyDerivationPrf prf = KeyDerivationPrf.HMACSHA256;
|
||||
const int iterationCount = 5;
|
||||
const int numBytesRequested = 128;
|
||||
|
||||
|
|
|
|||
Загрузка…
Ссылка в новой задаче