geos_one/CASA
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Security Audit 4.1. Enhanced Persistence encryption salt generation

Browse Source 
to be more random based on the password or master password used.
This commit is contained in:
Jim Norman 2006-05-02 21:44:13 +00:00
parent 7e3c1a6dcb
commit 6d5251fe02
6 changed files with 1570 additions and 1041 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1825
CASA.changes
View File

File diff suppressed because it is too large Load Diff

1
c_micasad/Makefile.am
View File

@ -82,6 +82,7 @@ CSFILES=$(srcdir)/AssemblyInfo.cs \
$(srcdir)/cache/KeyValue.cs \
$(srcdir)/cache/IKeychain.cs \
$(srcdir)/cache/ISecret.cs \
$(srcdir)/lss/FastRandom.cs \
$(srcdir)/lss/LocalStorage.cs \
$(srcdir)/lss/CASACrypto.cs \
$(srcdir)/lss/Rfc2898DeriveBytes.cs \

159
c_micasad/cache/SecretStore.cs vendored
View File

@ -209,8 +209,9 @@ namespace sscs.cache
}
}
baPasscode = CASACrypto.GetMasterPasscodeUsingDesktopPasswd(desktopPasswd, GetPasscodeByDesktopFilePath());
if(baPasscode != null)
baPasscode = CASACrypto.GetMasterPasscodeUsingDesktopPasswd(desktopPasswd, GetPasscodeByDesktopFilePath(), false);
//if(baPasscode != null)
if (true)
{
if(CASACrypto.ValidatePasscode(baPasscode,GetValidationFilePath()))
{
@ -219,9 +220,22 @@ namespace sscs.cache
return true;
}
else
{
lss = null;
bIsStorePersistent = false; //till masterPasswd is verified
{
// try old encryption method
baPasscode = CASACrypto.GetMasterPasscodeUsingDesktopPasswd(desktopPasswd, GetPasscodeByDesktopFilePath(), true);
if (CASACrypto.ValidatePasscode(baPasscode, GetValidationFilePath()))
{
// rewrite file using new encryption
CASACrypto.EncryptAndStoreMasterPasscodeUsingString(baPasscode, desktopPasswd, GetPasscodeByDesktopFilePath());
lss = new LocalStorage(this, baPasscode);
bIsStorePersistent = true;
return true;
}
else
{
lss = null;
bIsStorePersistent = false; //till masterPasswd is verified
}
}
return true;
}
@ -283,7 +297,7 @@ namespace sscs.cache
*/
if(desktopPasswd != null)
{
baPasscode = CASACrypto.GetMasterPasscodeUsingDesktopPasswd(desktopPasswd, GetPasscodeByDesktopFilePath());
baPasscode = CASACrypto.GetMasterPasscodeUsingDesktopPasswd(desktopPasswd, GetPasscodeByDesktopFilePath(), false);
if(CASACrypto.ValidatePasscode(baPasscode,GetValidationFilePath()))
{
CASACrypto.EncryptAndStoreMasterPasscodeUsingString(
@ -293,31 +307,48 @@ namespace sscs.cache
return true;
}
else
{
//Probably desktop passwd has changed.
//But as even master passwd is being set only now,
//the persistent store is lost.
baPasscode = CASACrypto.GenerateMasterPasscodeUsingString(mPasswd,GetPasscodeByMasterPasswdFilePath(),GetValidationFilePath(), user.UserIdentifier);
if(baPasscode != null)
{
CASACrypto.EncryptAndStoreMasterPasscodeUsingString(baPasscode,mPasswd,GetPasscodeByMasterPasswdFilePath());
CASACrypto.EncryptAndStoreMasterPasscodeUsingString(baPasscode,desktopPasswd,GetPasscodeByDesktopFilePath());
if(File.Exists(GetPersistenceFilePath()))
{
File.Delete(GetPersistenceFilePath());
CSSSLogger.DbgLog("Removing the persistent storeas its meaningless now.");
}
if( bIsStorePersistent == false )
{
lss = new LocalStorage(this,baPasscode);
bIsStorePersistent = true;
}
return true;
}
else
{
return false;
{
// try old method
baPasscode = CASACrypto.GetMasterPasscodeUsingDesktopPasswd(desktopPasswd, GetPasscodeByDesktopFilePath(), true);
if (CASACrypto.ValidatePasscode(baPasscode, GetValidationFilePath()))
{
// rewrite file using new method
CASACrypto.EncryptAndStoreMasterPasscodeUsingString(baPasscode, desktopPasswd, GetPasscodeByDesktopFilePath());
CASACrypto.EncryptAndStoreMasterPasscodeUsingString(
baPasscode,
mPasswd,
GetPasscodeByMasterPasswdFilePath());
return true;
}
else
{
//Probably desktop passwd has changed.
//But as even master passwd is being set only now,
//the persistent store is lost.
baPasscode = CASACrypto.GenerateMasterPasscodeUsingString(mPasswd, GetPasscodeByMasterPasswdFilePath(), GetValidationFilePath(), user.UserIdentifier);
if (baPasscode != null)
{
CASACrypto.EncryptAndStoreMasterPasscodeUsingString(baPasscode, mPasswd, GetPasscodeByMasterPasswdFilePath());
CASACrypto.EncryptAndStoreMasterPasscodeUsingString(baPasscode, desktopPasswd, GetPasscodeByDesktopFilePath());
if (File.Exists(GetPersistenceFilePath()))
{
File.Delete(GetPersistenceFilePath());
CSSSLogger.DbgLog("Removing the persistent storeas its meaningless now.");
}
if (bIsStorePersistent == false)
{
lss = new LocalStorage(this, baPasscode);
bIsStorePersistent = true;
}
return true;
}
else
{
return false;
}
}
}
//return true;
@ -338,7 +369,6 @@ namespace sscs.cache
CSSSLogger.DbgLog("Removing the persistent storeas its meaningless now. - Desktop passwd is not there and Master password is being set");
}
baPasscode = CASACrypto.GenerateMasterPasscodeUsingString(mPasswd,GetPasscodeByMasterPasswdFilePath(),GetValidationFilePath(), user.UserIdentifier);
if(baPasscode != null)
{
@ -368,9 +398,9 @@ namespace sscs.cache
//If validation succeeds,start persistence.
if(desktopPasswd == null)
{
baPasscode = CASACrypto.DecryptMasterPasscodeUsingString(mPasswd, GetPasscodeByMasterPasswdFilePath());
baPasscode = CASACrypto.DecryptMasterPasscodeUsingString(mPasswd, GetPasscodeByMasterPasswdFilePath(), false);
if(CASACrypto.ValidatePasscode(baPasscode,GetValidationFilePath()))
{
{
if(bIsStorePersistent == false)
{
lss = new LocalStorage(this,baPasscode);
@ -379,14 +409,30 @@ namespace sscs.cache
return true;
}
else
{
return false;
{
// try validation, if it fails, try decryption using the old method
baPasscode = CASACrypto.DecryptMasterPasscodeUsingString(mPasswd, GetPasscodeByMasterPasswdFilePath(), true);
if (CASACrypto.ValidatePasscode(baPasscode, GetValidationFilePath()))
{
// rewrite file
CASACrypto.EncryptAndStoreMasterPasscodeUsingString(baPasscode, mPasswd, GetPasscodeByMasterPasswdFilePath());
if (bIsStorePersistent == false)
{
lss = new LocalStorage(this, baPasscode);
bIsStorePersistent = true;
}
return true;
}
else
{
return false;
}
}
}
else
{ //There are 2 cases - either desktop passwd has changed
//or it hasnt.
baPasscode = CASACrypto.GetMasterPasscodeUsingMasterPasswd(mPasswd, GetPasscodeByMasterPasswdFilePath());
baPasscode = CASACrypto.GetMasterPasscodeUsingMasterPasswd(mPasswd, GetPasscodeByMasterPasswdFilePath(), false);
if(CASACrypto.ValidatePasscode(baPasscode,GetValidationFilePath()))
{
RewriteDesktopPasswdFile(baPasscode,desktopPasswd);
@ -398,7 +444,19 @@ namespace sscs.cache
return true;
}
else
{
{
baPasscode = CASACrypto.GetMasterPasscodeUsingMasterPasswd(mPasswd, GetPasscodeByMasterPasswdFilePath(), true);
if (CASACrypto.ValidatePasscode(baPasscode, GetValidationFilePath()))
{
RewriteDesktopPasswdFile(baPasscode, desktopPasswd);
if (bIsStorePersistent == false)
{
lss = new LocalStorage(this, baPasscode);
bIsStorePersistent = true;
}
return true;
}
return false;
}
}
@ -429,11 +487,24 @@ namespace sscs.cache
{
try
{
byte[] baPasscode = CASACrypto.GetMasterPasscodeUsingDesktopPasswd(oldDesktopPasswd, GetPasscodeByDesktopFilePath());
if(CASACrypto.ValidatePasscode(baPasscode,GetValidationFilePath()))
{
return baPasscode;
byte[] baPasscode = CASACrypto.GetMasterPasscodeUsingDesktopPasswd(oldDesktopPasswd, GetPasscodeByDesktopFilePath(), false);
if (CASACrypto.ValidatePasscode(baPasscode, GetValidationFilePath()))
{
return baPasscode;
}
else
{
// try old method
baPasscode = CASACrypto.GetMasterPasscodeUsingDesktopPasswd(oldDesktopPasswd, GetPasscodeByDesktopFilePath(), true);
if (CASACrypto.ValidatePasscode(baPasscode, GetValidationFilePath()))
{
// rewrite file now
CASACrypto.EncryptAndStoreMasterPasscodeUsingString(baPasscode, oldDesktopPasswd, GetPasscodeByDesktopFilePath());
return baPasscode;
}
}
}
catch(Exception e)
{
@ -527,7 +598,7 @@ namespace sscs.cache
throw e;
}
CSSSLogger.DbgLog(CSSSLogger.GetExecutionPath(this) + " - Succefully added Keychain = "+ keychain.GetKey() + " length = "+ (keychain.GetKey()).Length);
CSSSLogger.DbgLog(CSSSLogger.GetExecutionPath(this) + " - Successfully added Keychain = "+ keychain.GetKey() + " length = "+ (keychain.GetKey()).Length);
return true;
}
@ -637,7 +708,7 @@ namespace sscs.cache
internal bool ChangeMasterPassword(string sCurrentPWD, string sNewPWD)
{
string sMasterFilePath = GetPasscodeByMasterPasswdFilePath();
byte[] baPasscode = CASACrypto.GetMasterPasscodeUsingMasterPasswd(sCurrentPWD, sMasterFilePath);
byte[] baPasscode = CASACrypto.GetMasterPasscodeUsingMasterPasswd(sCurrentPWD, sMasterFilePath, false);
if (baPasscode != null)
{
CASACrypto.EncryptAndStoreMasterPasscodeUsingString(baPasscode, sNewPWD, sMasterFilePath);

226
c_micasad/lss/CASACrypto.cs
View File

@ -39,19 +39,19 @@ namespace sscs.crypto
private const int ITERATION_COUNT = 1000;
private const int HASH_SIZE = 32;
internal static byte[] Generate16ByteKeyFromString(string sTheString)
internal static byte[] Generate16ByteKeyFromString(string sTheString, string sFilepath, bool bUseOldMethod)
{
byte[] baKey = new byte[16]; //return value
try
{
Rfc2898DeriveBytes pkcs5 = new Rfc2898DeriveBytes(sTheString, SALTSIZE, ITERATION_COUNT);
Rfc2898DeriveBytes pkcs5 = new Rfc2898DeriveBytes(sTheString, SALTSIZE, ITERATION_COUNT, bUseOldMethod);
baKey = pkcs5.GetBytes(16);
}
catch(Exception e)
{
{
CSSSLogger.ExpLog(e.ToString());
CSSSLogger.DbgLog("Key generation failed");
baKey = null;
baKey = null;
}
return baKey;
}
@ -68,7 +68,7 @@ namespace sscs.crypto
//Get an encryptor.
RijndaelManaged myRijndael = new RijndaelManaged();
ICryptoTransform encryptor;
encryptor = myRijndael.CreateEncryptor(baMasterPasscode, baMasterPasscode);
encryptor = myRijndael.CreateEncryptor(baMasterPasscode, GenerateAndSaveIV(fileName, myRijndael));
//Encrypt the data to a file
fsEncrypt = new FileStream(fileName, FileMode.Create);
@ -126,7 +126,7 @@ namespace sscs.crypto
*/
RijndaelManaged myRijndael = new RijndaelManaged();
ICryptoTransform decryptor = myRijndael.CreateDecryptor(baMasterPasscode, baMasterPasscode);
ICryptoTransform decryptor = myRijndael.CreateDecryptor(baMasterPasscode, RetrieveIV(fileName, baMasterPasscode));
//Now decrypt
fsDecrypt = new FileStream(fileName, FileMode.Open);
@ -176,14 +176,10 @@ namespace sscs.crypto
FileStream fsEncrypt = null;
CryptoStream csEncrypt = null;
try
{
byte[] IV = new byte[16];
for(int z = 0 ; z < 16; z++ )
IV[z] = key[z];
{
//Get an encryptor.
RijndaelManaged myRijndael = new RijndaelManaged();
ICryptoTransform encryptor = myRijndael.CreateEncryptor(key, IV);
ICryptoTransform encryptor = myRijndael.CreateEncryptor(key, GenerateAndSaveIV(fileName, myRijndael));
//Encrypt the data to a file
fsEncrypt = new FileStream(fileName, FileMode.Create);
@ -196,13 +192,24 @@ namespace sscs.crypto
byte[] hash = sha.ComputeHash(xmlData);
fsEncrypt.Write(hash,0,hash.Length);
fsEncrypt.Flush();
fsEncrypt.Flush();
#if CLEAR
byte[] dup = (byte[])xmlData.Clone();
// write clear file
FileStream fsClear = new FileStream(fileName + ".xml", FileMode.Create);
fsClear.Write(dup, 0, dup.Length);
fsClear.Flush();
fsClear.Close();
#endif
csEncrypt = new CryptoStream(fsEncrypt, encryptor, CryptoStreamMode.Write);
//Write all data to the crypto stream and flush it.
csEncrypt.Write(xmlData, 0, xmlData.Length);
csEncrypt.FlushFinalBlock();
}
catch(Exception e)
{
@ -228,7 +235,7 @@ namespace sscs.crypto
//Get a decryptor that uses the same key and IV as the encryptor.
RijndaelManaged myRijndael = new RijndaelManaged();
ICryptoTransform decryptor = myRijndael.CreateDecryptor(key, IV);
ICryptoTransform decryptor = myRijndael.CreateDecryptor(key, RetrieveIV(fileName, key));
#if LINUX
UnixFileInfo fsTest = new UnixFileInfo (fileName);
if((fsTest == null) || !(fsTest.Exists) || fsTest.IsSymbolicLink)
@ -248,8 +255,8 @@ namespace sscs.crypto
if(fsDecrypt.Length < HASH_SIZE )
{
csDecrypt.Close();
fsDecrypt.Close();
return null;
fsDecrypt.Close();
return null;
}
ulong fileLen = (ulong)(fsDecrypt.Length - HASH_SIZE);
@ -273,15 +280,25 @@ namespace sscs.crypto
fsDecrypt.Close();
return null;
}
}
}
try
{
csDecrypt.Close();
}
catch { }
try
{
fsDecrypt.Close();
}
catch { }
csDecrypt.Close();
fsDecrypt.Close();
return tmpEncrypt;
}
catch(Exception e)
{
Console.WriteLine(e.ToString());
{
CSSSLogger.DbgLog(e.ToString());
}
if (csDecrypt != null)
{
@ -301,6 +318,7 @@ namespace sscs.crypto
/* Encrypts the data with the key and returns the encrypted buffer.
*/
/*
internal static byte[] EncryptData(byte[] data, byte[] key)
{
@ -329,10 +347,11 @@ namespace sscs.crypto
return null;
}
*/
/* Decrypts the buffer(encrypted) with the key and returns the
* decrypted data.
*/
/*
internal static byte[] DecryptData(byte[] buffer, byte[] key)
{
try
@ -356,7 +375,7 @@ namespace sscs.crypto
}
return null;
}
*/
/* This method checks if we can get the master passcode by
* decrypting the passwds file ( where we store all possible
* passwds cross-encrypted.
@ -373,7 +392,7 @@ namespace sscs.crypto
internal static byte[] GetMasterPasscode(string desktopPasswd, string fileName)
{
byte[] mp = DecryptMasterPasscodeUsingString(desktopPasswd, fileName);
byte[] mp = DecryptMasterPasscodeUsingString(desktopPasswd, fileName, false);
return mp;
}
@ -394,7 +413,7 @@ namespace sscs.crypto
{
if(File.Exists(fileName))
File.Delete(fileName);
byte[] baKey = Generate16ByteKeyFromString(passwd);
byte[] baKey = Generate16ByteKeyFromString(passwd, null, false);
//Get an encryptor.
@ -434,61 +453,68 @@ namespace sscs.crypto
}
public static byte[] DecryptMasterPasscodeUsingString(string passwd,
string fileName)
string fileName, bool bTryOldMethod)
{
FileStream fsDecrypt = null;
CryptoStream csDecrypt = null;
byte[] baSavedMasterPasscode = null;
try
{
byte[] baKey = Generate16ByteKeyFromString(passwd);
/* Get a decryptor that uses the same key and
* IV as the encryptor.
*/
RijndaelManaged myRijndael = new RijndaelManaged();
ICryptoTransform decryptor = myRijndael.CreateDecryptor(baKey,
baKey);
//Now decrypt
byte[] baSavedMasterPasscode = null;
try
{
byte[] baKey = Generate16ByteKeyFromString(passwd, fileName, bTryOldMethod);
/* Get a decryptor that uses the same key and
* IV as the encryptor.
*/
RijndaelManaged myRijndael = new RijndaelManaged();
ICryptoTransform decryptor = myRijndael.CreateDecryptor(baKey, RetrieveIV(fileName, baKey));
//Now decrypt
#if LINUX
UnixFileInfo fsTest = new UnixFileInfo (fileName);
if((fsTest == null) || !(fsTest.Exists) || fsTest.IsSymbolicLink)
#else
if(!File.Exists(fileName))
#endif
{
return null;
}
fsDecrypt = new FileStream(fileName, FileMode.Open);
csDecrypt = new CryptoStream(fsDecrypt, decryptor,
CryptoStreamMode.Read);
baSavedMasterPasscode = new byte[16];
//Read the data out of the crypto stream.
csDecrypt.Read(baSavedMasterPasscode, 0, 16);
}
catch(Exception e)
{
CSSSLogger.ExpLog(e.ToString());
CSSSLogger.DbgLog("Unable to decrypt master passode");
baSavedMasterPasscode = null;
}
#else
if (!File.Exists(fileName))
#endif
{
return null;
}
fsDecrypt = new FileStream(fileName, FileMode.Open);
csDecrypt = new CryptoStream(fsDecrypt, decryptor,
CryptoStreamMode.Read);
baSavedMasterPasscode = new byte[16];
//Read the data out of the crypto stream.
csDecrypt.Read(baSavedMasterPasscode, 0, 16);
}
catch (Exception e)
{
CSSSLogger.ExpLog(e.ToString());
CSSSLogger.DbgLog("Unable to decrypt master passode");
baSavedMasterPasscode = null;
}
try
{
if (csDecrypt != null)
csDecrypt.Close();
}
catch { }
if (fsDecrypt != null)
fsDecrypt.Close();
if (csDecrypt != null)
csDecrypt.Close();
if ( fsDecrypt != null )
fsDecrypt.Close();
return baSavedMasterPasscode;
}
internal static byte[] GetMasterPasscodeUsingMasterPasswd(
string mPasswd,
string fileName)
string fileName,
bool bUseOldMethod)
{
byte[] baMasterPasscode;
try
@ -498,8 +524,7 @@ namespace sscs.crypto
/* Decrypt the passcode from the file using master passwd.
* and return the decrypted passcode.
*/
baMasterPasscode = DecryptMasterPasscodeUsingString(mPasswd,
fileName);
baMasterPasscode = DecryptMasterPasscodeUsingString(mPasswd, fileName, bUseOldMethod);
return baMasterPasscode;
}
else
@ -515,7 +540,8 @@ namespace sscs.crypto
internal static byte[] GetMasterPasscodeUsingDesktopPasswd(
string desktopPasswd,
string fileName)
string fileName,
bool bUseOldMethod)
{
byte[] passcode;
try
@ -526,7 +552,7 @@ namespace sscs.crypto
* and return the decrypted passcode.
*/
passcode = DecryptMasterPasscodeUsingString(desktopPasswd,
fileName);
fileName, bUseOldMethod);
return passcode;
}
@ -581,7 +607,9 @@ namespace sscs.crypto
/* Here we decrpyt a well known string, throw exception
* if not successful
* A well-known string is encrpyted by the Passcode and saved
*/
*/
CSSSLogger.DbgLog("Validate called");
if ((baPasscode == null) || baPasscode.Length < 1 )
return false;
@ -593,11 +621,13 @@ namespace sscs.crypto
char[] trimChars = {'\0'};
sString = sString.TrimEnd(trimChars);
if( ConstStrings.MICASA_VALIDATION_STRING.Equals(sString))
{
{
CSSSLogger.DbgLog("Passed");
return true;
}
else
{
{
CSSSLogger.DbgLog("Failed");
return false;
}
}
@ -607,7 +637,49 @@ namespace sscs.crypto
CSSSLogger.DbgLog("Validation of passcode failed.");
}
return false;
}
}
private static byte[] GenerateAndSaveIV(string sFileName, RijndaelManaged theRiManaged)
{
theRiManaged.GenerateIV();
byte[] baIV = theRiManaged.IV;
try
{
// now save this
FileStream fs = new FileStream(sFileName + ".IV", FileMode.Create);
fs.Write(baIV, 0, 16);
fs.Flush();
fs.Close();
File.SetAttributes(sFileName + ".IV", FileAttributes.Hidden);
}
catch (Exception e)
{
CSSSLogger.DbgLog(e.ToString());
}
return baIV;
}
private static byte[] RetrieveIV(string sFileName, byte[] baOrigValue)
{
byte[] IV = new byte[16];
// check for file existence
try
{
FileStream fs = new FileStream(sFileName + ".IV", FileMode.Open);
fs.Read(IV, 0, 16);
fs.Close();
return IV;
}
catch (Exception e)
{
CSSSLogger.DbgLog(e.ToString());
}
return (byte[])baOrigValue.Clone();
}
}
}

329
c_micasad/lss/FastRandom.cs Normal file
View File

@ -0,0 +1,329 @@
/***********************************************************************
*
* Copyright (C) 2005-2006 Novell, Inc. All Rights Reserved.
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; version 2.1
* of the License.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Library Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library; if not, Novell, Inc.
*
* To contact Novell about this file by physical or electronic mail,
* you may find current contact information at www.novell.com.
*
***********************************************************************/
using System;
using System.Collections.Generic;
using System.Text;
namespace sscs.lss
{
/*
* Yes, if you want to go ahead and attach an LGPL header to the source
* file then that's fine. I hereby grant Novell Inc. permission to use the
* FastRandom.cs random number generator source code under the Lesser GNU
* Public Licesne (LGPL).
*
* Apr 19, 2006: received by jnorman@novell.com from Colin Green
*
* License also signed and sent to Novell on May 2, 2006.
*/
/// <summary>
/// A fast random number generator for .NET
/// Colin Green, January 2005
///
/// September 4th 2005
/// Added NextBytesUnsafe() - commented out by default.
/// Fixed bug in Reinitialise() - y,z and w variables were not being reset.
///
/// Key points:
/// 1) Based on a simple and fast xor-shift pseudo random number generator (RNG) specified in:
/// Marsaglia, George. (2003). Xorshift RNGs.
/// http://www.jstatsoft.org/v08/i14/xorshift.pdf
///
/// This particular implementation of xorshift has a period of 2^128-1. See the above paper to see
/// how this can be easily extened if you need a longer period. At the time of writing I could find no
/// information on the period of System.Random for comparison.
///
/// 2) Faster than System.Random. Up to 15x faster, depending on which methods are called.
///
/// 3) Direct replacement for System.Random. This class implements all of the methods that System.Random
/// does plus some additional methods. The like named methods are functionally equivalent.
///
/// 4) Allows fast re-initialisation with a seed, unlike System.Random which accepts a seed at construction
/// time which then executes a relatively expensive initialisation routine. This provides a vast speed improvement
/// if you need to reset the pseudo-random number sequence many times, e.g. if you want to re-generate the same
/// sequence many times. An alternative might be to cache random numbers in an array, but that approach is limited
/// by memory capacity and the fact that you may also want a large number of different sequences cached. Each sequence
/// can each be represented by a single seed value (int) when using FastRandom.
///
/// Notes.
/// A further performance improvement can be obtained by declaring local variables as static, thus avoiding
/// re-allocation of variables on each call. However care should be taken if multiple instances of
/// FastRandom are in use or if being used in a multi-threaded environment.
///
/// </summary>
public class FastRandom
{
// The +1 ensures NextDouble doesn't generate 1.0
const double REAL_UNIT_INT = 1.0 / ((double)int.MaxValue + 1.0);
const double REAL_UNIT_UINT = 1.0 / ((double)uint.MaxValue + 1.0);
const uint Y = 842502087, Z = 3579807591, W = 273326509;
uint x, y, z, w;
#region Constructors
/// <summary>
/// Initialises a new instance using time dependent seed.
/// </summary>
public FastRandom()
{
// Initialise using the system tick count.
Reinitialise((int)Environment.TickCount);
}
/// <summary>
/// Initialises a new instance using an int value as seed.
/// This constructor signature is provided to maintain compatibility with
/// System.Random
/// </summary>
public FastRandom(int seed)
{
Reinitialise(seed);
}
#endregion
#region Public Methods [Reinitialisation]
/// <summary>
/// Reinitialises using an int value as a seed.
/// </summary>
/// <param name="seed"></param>
public void Reinitialise(int seed)
{
// The only stipulation stated for the xorshift RNG is that at least one of
// the seeds x,y,z,w is non-zero. We fulfill that requirement by only allowing
// resetting of the x seed
x = (uint)seed;
y = Y;
z = Z;
w = W;
}
#endregion
#region Public Methods [Next* methods]
/// <summary>
/// Generates a uint. Values returned are over the full range of a uint,
/// uint.MinValue to uint.MaxValue, including the min and max values.
/// </summary>
/// <returns></returns>
public uint NextUInt()
{
uint t = (x ^ (x << 11));
x = y; y = z; z = w;
return (w = (w ^ (w >> 19)) ^ (t ^ (t >> 8)));
}
/// <summary>
/// Generates a random int. Values returned are over the range 0 to int.MaxValue-1.
/// MaxValue is not generated to remain functionally equivalent to System.Random.Next().
/// If you require an int from the full range, including negative values then call
/// NextUint() and cast the value to an int.
/// </summary>
/// <returns></returns>
public int Next()
{
uint t = (x ^ (x << 11));
x = y; y = z; z = w;
return (int)(0x7FFFFFFF & (w = (w ^ (w >> 19)) ^ (t ^ (t >> 8))));
}
/// <summary>
/// Generates a random int over the range 0 to upperBound-1, and not including upperBound.
/// </summary>
/// <param name="upperBound"></param>
/// <returns></returns>
public int Next(int upperBound)
{
if (upperBound < 0)
throw new ArgumentOutOfRangeException("upperBound", upperBound, "upperBound must be >=0");
uint t = (x ^ (x << 11));
x = y; y = z; z = w;
// The explicit int cast before the first multiplication gives better performance.
// See comments in NextDouble.
return (int)((REAL_UNIT_INT * (int)(0x7FFFFFFF & (w = (w ^ (w >> 19)) ^ (t ^ (t >> 8))))) * upperBound);
}
/// <summary>
/// Generates a random int over the range lowerBound to upperBound-1, and not including upperBound.
/// upperBound must be >= lowerBound. lowerBound may be negative.
/// </summary>
/// <param name="lowerBound"></param>
/// <param name="upperBound"></param>
/// <returns></returns>
public int Next(int lowerBound, int upperBound)
{
if (lowerBound > upperBound)
throw new ArgumentOutOfRangeException("upperBound", upperBound, "upperBound must be >=lowerBound");
uint t = (x ^ (x << 11));
x = y; y = z; z = w;
// The explicit int cast before the first multiplication gives better performance.
// See comments in NextDouble.
int range = upperBound - lowerBound;
if (range < 0)
{ // If range is <0 then an overflow has occured and must resort to using long integer arithmetic instead (slower).
// We also must use all 32 bits of precision, instead of the normal 31, which again is slower.
return lowerBound + (int)((REAL_UNIT_UINT * (double)(w = (w ^ (w >> 19)) ^ (t ^ (t >> 8)))) * (double)((long)upperBound - (long)lowerBound));
}
// 31 bits of precision will suffice if range<=int.MaxValue. This allows us to cast to an int anf gain
// a little more performance.
return lowerBound + (int)((REAL_UNIT_INT * (double)(int)(0x7FFFFFFF & (w = (w ^ (w >> 19)) ^ (t ^ (t >> 8))))) * (double)range);
}
/// <summary>
/// Generates a random double. Values returned are from 0.0 up to but not including 1.0.
/// </summary>
/// <returns></returns>
public double NextDouble()
{
uint t = (x ^ (x << 11));
x = y; y = z; z = w;
// Here we can gain a 2x speed improvement by generating a value that can be cast to
// an int instead of the more easily available uint. If we then explicitly cast to an
// int the compiler will then cast the int to a double to perform the multiplication,
// this final cast is a lot faster than casting from a uint to a double. The extra cast
// to an int is very fast (the allocated bits remain the same) and so the overall effect
// of the extra cast is a significant performance improvement.
return (REAL_UNIT_INT * (int)(0x7FFFFFFF & (w = (w ^ (w >> 19)) ^ (t ^ (t >> 8)))));
}
/// <summary>
/// Fills the provided byte array with random bytes.
/// Increased performance is achieved by dividing and packaging bits directly from the
/// random number generator and storing them in 4 byte 'chunks'.
/// </summary>
/// <param name="buffer"></param>
public void NextBytes(byte[] buffer)
{
// Fill up the bulk of the buffer in chunks of 4 bytes at a time.
uint x = this.x, y = this.y, z = this.z, w = this.w;
int i = 0;
uint t;
for (; i < buffer.Length - 3; )
{
// Generate 4 bytes.
t = (x ^ (x << 11));
x = y; y = z; z = w;
w = (w ^ (w >> 19)) ^ (t ^ (t >> 8));
buffer[i++] = (byte)(w & 0x000000FF);
buffer[i++] = (byte)((w & 0x0000FF00) >> 8);
buffer[i++] = (byte)((w & 0x00FF0000) >> 16);
buffer[i++] = (byte)((w & 0xFF000000) >> 24);
}
// Fill up any remaining bytes in the buffer.
if (i < buffer.Length)
{
// Generate 4 bytes.
t = (x ^ (x << 11));
x = y; y = z; z = w;
w = (w ^ (w >> 19)) ^ (t ^ (t >> 8));
buffer[i++] = (byte)(w & 0x000000FF);
if (i < buffer.Length)
{
buffer[i++] = (byte)((w & 0x0000FF00) >> 8);
if (i < buffer.Length)
{
buffer[i++] = (byte)((w & 0x00FF0000) >> 16);
if (i < buffer.Length)
{
buffer[i] = (byte)((w & 0xFF000000) >> 24);
}
}
}
}
this.x = x; this.y = y; this.z = z; this.w = w;
}
// /// <summary>
// /// A version of NextBytes that uses a pointer to set 4 bytes of the byte buffer in one operation
// /// thus providing a nice speedup. Note that this requires the unsafe compilation flag to be specified
// /// and so is commented out by default.
// /// </summary>
// /// <param name="buffer"></param>
// public unsafe void NextBytesUnsafe(byte[] buffer)
// {
// if(buffer.Length % 4 != 0)
// throw new ArgumentException("Buffer length must be divisible by 4", "buffer");
//
// uint x=this.x, y=this.y, z=this.z, w=this.w;
// uint t;
//
// fixed(byte* pByte0 = buffer)
// {
// uint* pDWord = (uint*)pByte0;
// for(int i = 0, len = buffer.Length>>2; i < len; i++)
// {
// t=(x^(x<<11));
// x=y; y=z; z=w;
// *pDWord++ = w = (w^(w>>19))^(t^(t>>8));
// }
// }
//
// this.x=x; this.y=y; this.z=z; this.w=w;
// }
// Buffer 32 bits in bitBuffer, return 1 at a time, keep track of how many have been returned
// with bitBufferIdx.
uint bitBuffer;
int bitBufferIdx = 32;
/// <summary>
/// Generates random bool.
/// Increased performance is achieved by buffering 32 random bits for
/// future calls. Thus the random number generator is only invoked once
/// in every 32 calls.
/// </summary>
/// <returns></returns>
public bool NextBool()
{
if (bitBufferIdx == 32)
{
// Generate 32 more bits.
uint t = (x ^ (x << 11));
x = y; y = z; z = w;
bitBuffer = w = (w ^ (w >> 19)) ^ (t ^ (t >> 8));
// Reset the idx that tells us which bit to read next.
bitBufferIdx = 1;
return (bitBuffer & 0x1) == 1;
}
bitBufferIdx++;
return ((bitBuffer >>= 1) & 0x1) == 1;
}
#endregion
}
}

71
c_micasad/lss/Rfc2898DeriveBytes.cs
View File

@ -56,7 +56,7 @@ using System;
using System.Text;
using System.Security.Cryptography;
//using Mono.Security.Cryptography;
using sscs.lss;
namespace sscs.crypto {
@ -103,26 +103,77 @@ namespace sscs.crypto {
: this (password, saltSize, defaultIterations)
{
}
public Rfc2898DeriveBytes (string password, int saltSize, int iterations)
public Rfc2898DeriveBytes(string password, int saltSize, int iterations)
: this (password, saltSize, iterations, false)
{
}
public Rfc2898DeriveBytes (string password, int saltSize, int iterations, bool bUseOldMethod)
{
if (password == null)
throw new ArgumentNullException ("password");
if (saltSize < 0)
throw new ArgumentOutOfRangeException ("invalid salt length");
//Salt = KeyBuilder.Key (saltSize);
byte[] buffer = new byte[saltSize];
Random rand = new Random(password.GetHashCode());
rand.NextBytes(buffer);
Salt = buffer;
if (bUseOldMethod)
{
Salt = GenerateOldSalt(password, saltSize);
}
else
{
Salt = GenerateNewSalt(password, saltSize);
}
IterationCount = iterations;
_hmac = new HMACSHA1 (Encoding.UTF8.GetBytes (password));
}
// properties
public int IterationCount {
private static byte[] GenerateOldSalt(string password, int saltSize)
{
byte[] buffer = new byte[saltSize];
Random rand = new Random(password.GetHashCode());
rand.NextBytes(buffer);
return buffer;
}
private static byte[] GenerateNewSalt(string password, int saltSize)
{
int j = 0;
byte[] buffer = new byte[saltSize];
// iterate thru each character, creating a new Random,
// getting 2 bytes from each, until our salt buffer is full.
for (int i = 0; i < password.Length; i++)
{
FastRandom ranNum = new FastRandom((password[i].ToString().GetHashCode()) * (j+1));
byte[] temp = new byte[2];
ranNum.NextBytes(temp);
for (int k = 0; k < temp.Length; k++)
{
buffer[j++] = temp[k];
// get out if buffer is full
if (j >= saltSize)
{
return buffer;
}
}
// reset i if at end of password
if ((i + 1) == password.Length)
{
i = 0;
}
}
return buffer;
}
// properties
public int IterationCount
{
get { return _iteration; }
set {
if (value < 1)