diff --git a/src/Microsoft.AspNet.Cryptography.KeyDerivation/KeyDerivation.cs b/src/Microsoft.AspNet.Cryptography.KeyDerivation/KeyDerivation.cs
index 3bb818b433..34e8f71128 100644
--- a/src/Microsoft.AspNet.Cryptography.KeyDerivation/KeyDerivation.cs
+++ b/src/Microsoft.AspNet.Cryptography.KeyDerivation/KeyDerivation.cs
@@ -3,6 +3,7 @@
using System;
using Microsoft.AspNet.Cryptography.KeyDerivation.PBKDF2;
+using Microsoft.Framework.Internal;
namespace Microsoft.AspNet.Cryptography.KeyDerivation
{
@@ -24,18 +25,10 @@ namespace Microsoft.AspNet.Cryptography.KeyDerivation
///
/// The PBKDF2 algorithm is specified in RFC 2898.
///
- public static byte[] Pbkdf2(string password, byte[] salt, KeyDerivationPrf prf, int iterationCount, int numBytesRequested)
+ public static byte[] Pbkdf2([NotNull] string password, [NotNull] byte[] salt, KeyDerivationPrf prf, int iterationCount, int numBytesRequested)
{
// parameter checking
- if (password == null)
- {
- throw new ArgumentNullException(nameof(password));
- }
- if (salt == null)
- {
- throw new ArgumentNullException(nameof(salt));
- }
- if (prf < KeyDerivationPrf.Sha1 || prf > KeyDerivationPrf.Sha512)
+ if (prf < KeyDerivationPrf.HMACSHA1 || prf > KeyDerivationPrf.HMACSHA512)
{
throw new ArgumentOutOfRangeException(nameof(prf));
}
diff --git a/src/Microsoft.AspNet.Cryptography.KeyDerivation/KeyDerivationPrf.cs b/src/Microsoft.AspNet.Cryptography.KeyDerivation/KeyDerivationPrf.cs
index 0f8556eb10..14e666d104 100644
--- a/src/Microsoft.AspNet.Cryptography.KeyDerivation/KeyDerivationPrf.cs
+++ b/src/Microsoft.AspNet.Cryptography.KeyDerivation/KeyDerivationPrf.cs
@@ -11,18 +11,18 @@ namespace Microsoft.AspNet.Cryptography.KeyDerivation
public enum KeyDerivationPrf
{
///
- /// SHA-1 (FIPS PUB 180-4)
+ /// The HMAC algorithm (RFC 2104) using the SHA-1 hash function (FIPS 180-4).
///
- Sha1,
+ HMACSHA1,
///
- /// SHA-256 (FIPS PUB 180-4)
+ /// The HMAC algorithm (RFC 2104) using the SHA-256 hash function (FIPS 180-4).
///
- Sha256,
+ HMACSHA256,
///
- /// SHA-512 (FIPS PUB 180-4)
+ /// The HMAC algorithm (RFC 2104) using the SHA-512 hash function (FIPS 180-4).
///
- Sha512,
+ HMACSHA512,
}
}
diff --git a/src/Microsoft.AspNet.Cryptography.KeyDerivation/PBKDF2/ManagedPbkdf2Provider.cs b/src/Microsoft.AspNet.Cryptography.KeyDerivation/PBKDF2/ManagedPbkdf2Provider.cs
index cc6f7d17ec..03df786627 100644
--- a/src/Microsoft.AspNet.Cryptography.KeyDerivation/PBKDF2/ManagedPbkdf2Provider.cs
+++ b/src/Microsoft.AspNet.Cryptography.KeyDerivation/PBKDF2/ManagedPbkdf2Provider.cs
@@ -73,11 +73,11 @@ namespace Microsoft.AspNet.Cryptography.KeyDerivation.PBKDF2
{
switch (prf)
{
- case KeyDerivationPrf.Sha1:
+ case KeyDerivationPrf.HMACSHA1:
return new HMACSHA1(passwordBytes);
- case KeyDerivationPrf.Sha256:
+ case KeyDerivationPrf.HMACSHA256:
return new HMACSHA256(passwordBytes);
- case KeyDerivationPrf.Sha512:
+ case KeyDerivationPrf.HMACSHA512:
return new HMACSHA512(passwordBytes);
default:
throw CryptoUtil.Fail("Unrecognized PRF.");
diff --git a/src/Microsoft.AspNet.Cryptography.KeyDerivation/PBKDF2/Win7Pbkdf2Provider.cs b/src/Microsoft.AspNet.Cryptography.KeyDerivation/PBKDF2/Win7Pbkdf2Provider.cs
index 629f568fcb..343800aa91 100644
--- a/src/Microsoft.AspNet.Cryptography.KeyDerivation/PBKDF2/Win7Pbkdf2Provider.cs
+++ b/src/Microsoft.AspNet.Cryptography.KeyDerivation/PBKDF2/Win7Pbkdf2Provider.cs
@@ -86,11 +86,11 @@ namespace Microsoft.AspNet.Cryptography.KeyDerivation.PBKDF2
{
switch (prf)
{
- case KeyDerivationPrf.Sha1:
+ case KeyDerivationPrf.HMACSHA1:
return CachedAlgorithmHandles.HMAC_SHA1;
- case KeyDerivationPrf.Sha256:
+ case KeyDerivationPrf.HMACSHA256:
return CachedAlgorithmHandles.HMAC_SHA256;
- case KeyDerivationPrf.Sha512:
+ case KeyDerivationPrf.HMACSHA512:
return CachedAlgorithmHandles.HMAC_SHA512;
default:
throw CryptoUtil.Fail("Unrecognized PRF.");
diff --git a/src/Microsoft.AspNet.Cryptography.KeyDerivation/PBKDF2/Win8Pbkdf2Provider.cs b/src/Microsoft.AspNet.Cryptography.KeyDerivation/PBKDF2/Win8Pbkdf2Provider.cs
index d2ff0ce174..abc0dcec6c 100644
--- a/src/Microsoft.AspNet.Cryptography.KeyDerivation/PBKDF2/Win8Pbkdf2Provider.cs
+++ b/src/Microsoft.AspNet.Cryptography.KeyDerivation/PBKDF2/Win8Pbkdf2Provider.cs
@@ -112,13 +112,13 @@ namespace Microsoft.AspNet.Cryptography.KeyDerivation.PBKDF2
BCryptAlgorithmHandle prfAlgorithmHandle; // cached; don't dispose
switch (prf)
{
- case KeyDerivationPrf.Sha1:
+ case KeyDerivationPrf.HMACSHA1:
prfAlgorithmHandle = CachedAlgorithmHandles.SHA1;
break;
- case KeyDerivationPrf.Sha256:
+ case KeyDerivationPrf.HMACSHA256:
prfAlgorithmHandle = CachedAlgorithmHandles.SHA256;
break;
- case KeyDerivationPrf.Sha512:
+ case KeyDerivationPrf.HMACSHA512:
prfAlgorithmHandle = CachedAlgorithmHandles.SHA512;
break;
default:
@@ -197,11 +197,11 @@ namespace Microsoft.AspNet.Cryptography.KeyDerivation.PBKDF2
{
switch (prf)
{
- case KeyDerivationPrf.Sha1:
+ case KeyDerivationPrf.HMACSHA1:
return Constants.BCRYPT_SHA1_ALGORITHM;
- case KeyDerivationPrf.Sha256:
+ case KeyDerivationPrf.HMACSHA256:
return Constants.BCRYPT_SHA256_ALGORITHM;
- case KeyDerivationPrf.Sha512:
+ case KeyDerivationPrf.HMACSHA512:
return Constants.BCRYPT_SHA512_ALGORITHM;
default:
throw CryptoUtil.Fail("Unrecognized PRF.");
diff --git a/src/Microsoft.AspNet.Cryptography.KeyDerivation/project.json b/src/Microsoft.AspNet.Cryptography.KeyDerivation/project.json
index 14dfb3d55a..438713f062 100644
--- a/src/Microsoft.AspNet.Cryptography.KeyDerivation/project.json
+++ b/src/Microsoft.AspNet.Cryptography.KeyDerivation/project.json
@@ -2,7 +2,8 @@
"version": "1.0.0-*",
"description": "ASP.NET 5 utilities for key derivation.",
"dependencies": {
- "Microsoft.AspNet.Cryptography.Internal": "1.0.0-*"
+ "Microsoft.AspNet.Cryptography.Internal": "1.0.0-*",
+ "Microsoft.Framework.NotNullAttribute.Internal": { "type": "build", "version": "1.0.0-*" }
},
"frameworks": {
"net451": { },
diff --git a/test/Microsoft.AspNet.Cryptography.KeyDerivation.Test/Pbkdf2Tests.cs b/test/Microsoft.AspNet.Cryptography.KeyDerivation.Test/Pbkdf2Tests.cs
index 81b0908ce0..3274b8032a 100644
--- a/test/Microsoft.AspNet.Cryptography.KeyDerivation.Test/Pbkdf2Tests.cs
+++ b/test/Microsoft.AspNet.Cryptography.KeyDerivation.Test/Pbkdf2Tests.cs
@@ -16,15 +16,15 @@ namespace Microsoft.AspNet.Cryptography.KeyDerivation
// this value straddles the digest length of the PRF. We only use 5 iterations so
// that our unit tests are fast.
[Theory]
- [InlineData("my-password", KeyDerivationPrf.Sha1, 5, 160 / 8 - 1, "efmxNcKD/U1urTEDGvsThlPnHA==")]
- [InlineData("my-password", KeyDerivationPrf.Sha1, 5, 160 / 8 + 0, "efmxNcKD/U1urTEDGvsThlPnHDI=")]
- [InlineData("my-password", KeyDerivationPrf.Sha1, 5, 160 / 8 + 1, "efmxNcKD/U1urTEDGvsThlPnHDLk")]
- [InlineData("my-password", KeyDerivationPrf.Sha256, 5, 256 / 8 - 1, "JRNz8bPKS02EG1vf7eWjA64IeeI+TI8gBEwb1oVvRA==")]
- [InlineData("my-password", KeyDerivationPrf.Sha256, 5, 256 / 8 + 0, "JRNz8bPKS02EG1vf7eWjA64IeeI+TI8gBEwb1oVvRLo=")]
- [InlineData("my-password", KeyDerivationPrf.Sha256, 5, 256 / 8 + 1, "JRNz8bPKS02EG1vf7eWjA64IeeI+TI8gBEwb1oVvRLpk")]
- [InlineData("my-password", KeyDerivationPrf.Sha512, 5, 512 / 8 - 1, "ZTallQJrFn0279xIzaiA1XqatVTGei+ZjKngA7bIMtKMDUw6YJeGUQpFG8iGTgN+ri3LNDktNbzwfcSyZmm9")]
- [InlineData("my-password", KeyDerivationPrf.Sha512, 5, 512 / 8 + 0, "ZTallQJrFn0279xIzaiA1XqatVTGei+ZjKngA7bIMtKMDUw6YJeGUQpFG8iGTgN+ri3LNDktNbzwfcSyZmm90Q==")]
- [InlineData("my-password", KeyDerivationPrf.Sha512, 5, 512 / 8 + 1, "ZTallQJrFn0279xIzaiA1XqatVTGei+ZjKngA7bIMtKMDUw6YJeGUQpFG8iGTgN+ri3LNDktNbzwfcSyZmm90Wk=")]
+ [InlineData("my-password", KeyDerivationPrf.HMACSHA1, 5, 160 / 8 - 1, "efmxNcKD/U1urTEDGvsThlPnHA==")]
+ [InlineData("my-password", KeyDerivationPrf.HMACSHA1, 5, 160 / 8 + 0, "efmxNcKD/U1urTEDGvsThlPnHDI=")]
+ [InlineData("my-password", KeyDerivationPrf.HMACSHA1, 5, 160 / 8 + 1, "efmxNcKD/U1urTEDGvsThlPnHDLk")]
+ [InlineData("my-password", KeyDerivationPrf.HMACSHA256, 5, 256 / 8 - 1, "JRNz8bPKS02EG1vf7eWjA64IeeI+TI8gBEwb1oVvRA==")]
+ [InlineData("my-password", KeyDerivationPrf.HMACSHA256, 5, 256 / 8 + 0, "JRNz8bPKS02EG1vf7eWjA64IeeI+TI8gBEwb1oVvRLo=")]
+ [InlineData("my-password", KeyDerivationPrf.HMACSHA256, 5, 256 / 8 + 1, "JRNz8bPKS02EG1vf7eWjA64IeeI+TI8gBEwb1oVvRLpk")]
+ [InlineData("my-password", KeyDerivationPrf.HMACSHA512, 5, 512 / 8 - 1, "ZTallQJrFn0279xIzaiA1XqatVTGei+ZjKngA7bIMtKMDUw6YJeGUQpFG8iGTgN+ri3LNDktNbzwfcSyZmm9")]
+ [InlineData("my-password", KeyDerivationPrf.HMACSHA512, 5, 512 / 8 + 0, "ZTallQJrFn0279xIzaiA1XqatVTGei+ZjKngA7bIMtKMDUw6YJeGUQpFG8iGTgN+ri3LNDktNbzwfcSyZmm90Q==")]
+ [InlineData("my-password", KeyDerivationPrf.HMACSHA512, 5, 512 / 8 + 1, "ZTallQJrFn0279xIzaiA1XqatVTGei+ZjKngA7bIMtKMDUw6YJeGUQpFG8iGTgN+ri3LNDktNbzwfcSyZmm90Wk=")]
public void RunTest_Normal_Managed(string password, KeyDerivationPrf prf, int iterationCount, int numBytesRequested, string expectedValueAsBase64)
{
// Arrange
@@ -43,15 +43,15 @@ namespace Microsoft.AspNet.Cryptography.KeyDerivation
// that our unit tests are fast.
[ConditionalTheory]
[ConditionalRunTestOnlyOnWindows]
- [InlineData("my-password", KeyDerivationPrf.Sha1, 5, 160 / 8 - 1, "efmxNcKD/U1urTEDGvsThlPnHA==")]
- [InlineData("my-password", KeyDerivationPrf.Sha1, 5, 160 / 8 + 0, "efmxNcKD/U1urTEDGvsThlPnHDI=")]
- [InlineData("my-password", KeyDerivationPrf.Sha1, 5, 160 / 8 + 1, "efmxNcKD/U1urTEDGvsThlPnHDLk")]
- [InlineData("my-password", KeyDerivationPrf.Sha256, 5, 256 / 8 - 1, "JRNz8bPKS02EG1vf7eWjA64IeeI+TI8gBEwb1oVvRA==")]
- [InlineData("my-password", KeyDerivationPrf.Sha256, 5, 256 / 8 + 0, "JRNz8bPKS02EG1vf7eWjA64IeeI+TI8gBEwb1oVvRLo=")]
- [InlineData("my-password", KeyDerivationPrf.Sha256, 5, 256 / 8 + 1, "JRNz8bPKS02EG1vf7eWjA64IeeI+TI8gBEwb1oVvRLpk")]
- [InlineData("my-password", KeyDerivationPrf.Sha512, 5, 512 / 8 - 1, "ZTallQJrFn0279xIzaiA1XqatVTGei+ZjKngA7bIMtKMDUw6YJeGUQpFG8iGTgN+ri3LNDktNbzwfcSyZmm9")]
- [InlineData("my-password", KeyDerivationPrf.Sha512, 5, 512 / 8 + 0, "ZTallQJrFn0279xIzaiA1XqatVTGei+ZjKngA7bIMtKMDUw6YJeGUQpFG8iGTgN+ri3LNDktNbzwfcSyZmm90Q==")]
- [InlineData("my-password", KeyDerivationPrf.Sha512, 5, 512 / 8 + 1, "ZTallQJrFn0279xIzaiA1XqatVTGei+ZjKngA7bIMtKMDUw6YJeGUQpFG8iGTgN+ri3LNDktNbzwfcSyZmm90Wk=")]
+ [InlineData("my-password", KeyDerivationPrf.HMACSHA1, 5, 160 / 8 - 1, "efmxNcKD/U1urTEDGvsThlPnHA==")]
+ [InlineData("my-password", KeyDerivationPrf.HMACSHA1, 5, 160 / 8 + 0, "efmxNcKD/U1urTEDGvsThlPnHDI=")]
+ [InlineData("my-password", KeyDerivationPrf.HMACSHA1, 5, 160 / 8 + 1, "efmxNcKD/U1urTEDGvsThlPnHDLk")]
+ [InlineData("my-password", KeyDerivationPrf.HMACSHA256, 5, 256 / 8 - 1, "JRNz8bPKS02EG1vf7eWjA64IeeI+TI8gBEwb1oVvRA==")]
+ [InlineData("my-password", KeyDerivationPrf.HMACSHA256, 5, 256 / 8 + 0, "JRNz8bPKS02EG1vf7eWjA64IeeI+TI8gBEwb1oVvRLo=")]
+ [InlineData("my-password", KeyDerivationPrf.HMACSHA256, 5, 256 / 8 + 1, "JRNz8bPKS02EG1vf7eWjA64IeeI+TI8gBEwb1oVvRLpk")]
+ [InlineData("my-password", KeyDerivationPrf.HMACSHA512, 5, 512 / 8 - 1, "ZTallQJrFn0279xIzaiA1XqatVTGei+ZjKngA7bIMtKMDUw6YJeGUQpFG8iGTgN+ri3LNDktNbzwfcSyZmm9")]
+ [InlineData("my-password", KeyDerivationPrf.HMACSHA512, 5, 512 / 8 + 0, "ZTallQJrFn0279xIzaiA1XqatVTGei+ZjKngA7bIMtKMDUw6YJeGUQpFG8iGTgN+ri3LNDktNbzwfcSyZmm90Q==")]
+ [InlineData("my-password", KeyDerivationPrf.HMACSHA512, 5, 512 / 8 + 1, "ZTallQJrFn0279xIzaiA1XqatVTGei+ZjKngA7bIMtKMDUw6YJeGUQpFG8iGTgN+ri3LNDktNbzwfcSyZmm90Wk=")]
public void RunTest_Normal_Win7(string password, KeyDerivationPrf prf, int iterationCount, int numBytesRequested, string expectedValueAsBase64)
{
// Arrange
@@ -70,15 +70,15 @@ namespace Microsoft.AspNet.Cryptography.KeyDerivation
// that our unit tests are fast.
[ConditionalTheory]
[ConditionalRunTestOnlyOnWindows8OrLater]
- [InlineData("my-password", KeyDerivationPrf.Sha1, 5, 160 / 8 - 1, "efmxNcKD/U1urTEDGvsThlPnHA==")]
- [InlineData("my-password", KeyDerivationPrf.Sha1, 5, 160 / 8 + 0, "efmxNcKD/U1urTEDGvsThlPnHDI=")]
- [InlineData("my-password", KeyDerivationPrf.Sha1, 5, 160 / 8 + 1, "efmxNcKD/U1urTEDGvsThlPnHDLk")]
- [InlineData("my-password", KeyDerivationPrf.Sha256, 5, 256 / 8 - 1, "JRNz8bPKS02EG1vf7eWjA64IeeI+TI8gBEwb1oVvRA==")]
- [InlineData("my-password", KeyDerivationPrf.Sha256, 5, 256 / 8 + 0, "JRNz8bPKS02EG1vf7eWjA64IeeI+TI8gBEwb1oVvRLo=")]
- [InlineData("my-password", KeyDerivationPrf.Sha256, 5, 256 / 8 + 1, "JRNz8bPKS02EG1vf7eWjA64IeeI+TI8gBEwb1oVvRLpk")]
- [InlineData("my-password", KeyDerivationPrf.Sha512, 5, 512 / 8 - 1, "ZTallQJrFn0279xIzaiA1XqatVTGei+ZjKngA7bIMtKMDUw6YJeGUQpFG8iGTgN+ri3LNDktNbzwfcSyZmm9")]
- [InlineData("my-password", KeyDerivationPrf.Sha512, 5, 512 / 8 + 0, "ZTallQJrFn0279xIzaiA1XqatVTGei+ZjKngA7bIMtKMDUw6YJeGUQpFG8iGTgN+ri3LNDktNbzwfcSyZmm90Q==")]
- [InlineData("my-password", KeyDerivationPrf.Sha512, 5, 512 / 8 + 1, "ZTallQJrFn0279xIzaiA1XqatVTGei+ZjKngA7bIMtKMDUw6YJeGUQpFG8iGTgN+ri3LNDktNbzwfcSyZmm90Wk=")]
+ [InlineData("my-password", KeyDerivationPrf.HMACSHA1, 5, 160 / 8 - 1, "efmxNcKD/U1urTEDGvsThlPnHA==")]
+ [InlineData("my-password", KeyDerivationPrf.HMACSHA1, 5, 160 / 8 + 0, "efmxNcKD/U1urTEDGvsThlPnHDI=")]
+ [InlineData("my-password", KeyDerivationPrf.HMACSHA1, 5, 160 / 8 + 1, "efmxNcKD/U1urTEDGvsThlPnHDLk")]
+ [InlineData("my-password", KeyDerivationPrf.HMACSHA256, 5, 256 / 8 - 1, "JRNz8bPKS02EG1vf7eWjA64IeeI+TI8gBEwb1oVvRA==")]
+ [InlineData("my-password", KeyDerivationPrf.HMACSHA256, 5, 256 / 8 + 0, "JRNz8bPKS02EG1vf7eWjA64IeeI+TI8gBEwb1oVvRLo=")]
+ [InlineData("my-password", KeyDerivationPrf.HMACSHA256, 5, 256 / 8 + 1, "JRNz8bPKS02EG1vf7eWjA64IeeI+TI8gBEwb1oVvRLpk")]
+ [InlineData("my-password", KeyDerivationPrf.HMACSHA512, 5, 512 / 8 - 1, "ZTallQJrFn0279xIzaiA1XqatVTGei+ZjKngA7bIMtKMDUw6YJeGUQpFG8iGTgN+ri3LNDktNbzwfcSyZmm9")]
+ [InlineData("my-password", KeyDerivationPrf.HMACSHA512, 5, 512 / 8 + 0, "ZTallQJrFn0279xIzaiA1XqatVTGei+ZjKngA7bIMtKMDUw6YJeGUQpFG8iGTgN+ri3LNDktNbzwfcSyZmm90Q==")]
+ [InlineData("my-password", KeyDerivationPrf.HMACSHA512, 5, 512 / 8 + 1, "ZTallQJrFn0279xIzaiA1XqatVTGei+ZjKngA7bIMtKMDUw6YJeGUQpFG8iGTgN+ri3LNDktNbzwfcSyZmm90Wk=")]
public void RunTest_Normal_Win8(string password, KeyDerivationPrf prf, int iterationCount, int numBytesRequested, string expectedValueAsBase64)
{
// Arrange
@@ -119,7 +119,7 @@ namespace Microsoft.AspNet.Cryptography.KeyDerivation
string password = new String('x', 50000); // 50,000 char password
byte[] salt = Encoding.UTF8.GetBytes("salt");
const string expectedDerivedKeyBase64 = "Sc+V/c3fiZq5Z5qH3iavAiojTsW97FAp2eBNmCQAwCNzA8hfhFFYyQLIMK65qPnBFHOHXQPwAxNQNhaEAH9hzfiaNBSRJpF9V4rpl02d5ZpI6cZbsQFF7TJW7XJzQVpYoPDgJlg0xVmYLhn1E9qMtUVUuXsBjOOdd7K1M+ZI00c=";
- const KeyDerivationPrf prf = KeyDerivationPrf.Sha256;
+ const KeyDerivationPrf prf = KeyDerivationPrf.HMACSHA256;
const int iterationCount = 5;
const int numBytesRequested = 128;