From e6926b9fff565f34d499e81be112a0cc1b413838 Mon Sep 17 00:00:00 2001
From: Gabriel Tofvesson <gabriel.tofvesson@hotmail.com>
Date: Wed, 21 Feb 2018 03:04:22 +0100
Subject: [PATCH] Implemented SHA1 properly Implemented HMAC (untested)
 Implemented PBKDF2 (untested) Added various support methods for convenience

---
 Client/Program.cs                    |  3 +
 RedpilledOuttaCucktown/Common.csproj |  2 +
 RedpilledOuttaCucktown/KDF.cs        | 60 +++++++++++++++++++
 RedpilledOuttaCucktown/SHA.cs        | 90 ++++++++++++++++++++++++++++
 RedpilledOuttaCucktown/Support.cs    | 47 +++++++++++++++
 5 files changed, 202 insertions(+)
 create mode 100644 RedpilledOuttaCucktown/KDF.cs
 create mode 100644 RedpilledOuttaCucktown/SHA.cs

diff --git a/Client/Program.cs b/Client/Program.cs
index b01a823..6513878 100644
--- a/Client/Program.cs
+++ b/Client/Program.cs
@@ -1,5 +1,6 @@
 using System;
 using System.Net;
+using System.Text;
 using Tofvesson.Crypto;
 
 namespace Client
@@ -8,6 +9,8 @@ namespace Client
     {
         static void Main(string[] args)
         {
+            byte[] test = SHA.SHA1(Encoding.UTF8.GetBytes("Hello there!"));
+            Console.WriteLine(Support.ToHexString(test));
             Galois2 gal = Galois2.FromValue(33);
             Console.WriteLine(gal.ToString());
             Console.WriteLine(gal.InvMul().Multiply(gal).ToString());
diff --git a/RedpilledOuttaCucktown/Common.csproj b/RedpilledOuttaCucktown/Common.csproj
index 70b3f25..0c05c30 100644
--- a/RedpilledOuttaCucktown/Common.csproj
+++ b/RedpilledOuttaCucktown/Common.csproj
@@ -47,9 +47,11 @@
   </ItemGroup>
   <ItemGroup>
     <Compile Include="AES.cs" />
+    <Compile Include="KDF.cs" />
     <Compile Include="RSA.cs" />
     <Compile Include="Net.cs" />
     <Compile Include="Padding.cs" />
+    <Compile Include="SHA.cs" />
     <Compile Include="Support.cs" />
     <Compile Include="Maths.cs" />
     <Compile Include="Properties\AssemblyInfo.cs" />
diff --git a/RedpilledOuttaCucktown/KDF.cs b/RedpilledOuttaCucktown/KDF.cs
new file mode 100644
index 0000000..63864c4
--- /dev/null
+++ b/RedpilledOuttaCucktown/KDF.cs
@@ -0,0 +1,60 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Text;
+using System.Threading.Tasks;
+
+namespace Tofvesson.Crypto
+{
+    // Class for key derivation
+    public static class KDF
+    {
+        public delegate byte[] HashFunction(byte[] message);
+        public static byte[] HMAC(byte[] key, byte[] message, HashFunction func, int blockSizeBytes)
+        {
+            if (key.Length > blockSizeBytes) key = func(key);
+            else if (key.Length < blockSizeBytes)
+            {
+                byte[] b = new byte[blockSizeBytes];
+                Array.Copy(key, b, key.Length);
+                key = b;
+            }
+
+            byte[] o_key_pad = new byte[blockSizeBytes];
+            byte[] i_key_pad = new byte[blockSizeBytes];
+            for (int i = 0; i < blockSizeBytes; ++i)
+            {
+                o_key_pad[i] = (byte)(key[i] ^ 0x5c);
+                i_key_pad[i] = (byte)(key[i] ^ 0x36);
+            }
+            return func(Support.Concatenate(o_key_pad, func(Support.Concatenate(i_key_pad, message))));
+        }
+
+        public static byte[] HMAC_SHA1(byte[] key, byte[] message) => HMAC(key, message, SHA.SHA1, 64);
+
+        public delegate byte[] PRF(byte[] key, byte[] salt);
+        public static byte[] PBKDF2(PRF function, byte[] password, byte[] salt, int iterations, int dklen)
+        {
+            byte[] dk = new byte[0];
+            uint iter = 1;
+            while (dk.Length < dklen)
+            {
+                // F-function
+                byte[] u = function(password, Support.Concatenate(salt, Support.WriteToArray(new byte[4], Support.SwapEndian(iter), 0)));
+                byte[] ures = new byte[u.Length];
+                Array.Copy(u, ures, u.Length);
+                for(int i = 1; i<iterations; ++i)
+                {
+                    u = function(password, u);
+                    for (int i = 0; i < u.Length; ++i) ures[i] ^= u[i];
+                }
+
+                dk = Support.Concatenate(dk, ures);
+
+                ++iter;
+            }
+
+            return dk.ToLength(dklen);
+        }
+    }
+}
diff --git a/RedpilledOuttaCucktown/SHA.cs b/RedpilledOuttaCucktown/SHA.cs
new file mode 100644
index 0000000..31b5093
--- /dev/null
+++ b/RedpilledOuttaCucktown/SHA.cs
@@ -0,0 +1,90 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Text;
+using System.Threading.Tasks;
+
+namespace Tofvesson.Crypto
+{
+    /// <summary>
+    /// Secure Hashing Alorithm implementations
+    /// </summary>
+    public static class SHA
+    {
+        public static byte[] SHA1(byte[] message)
+        {
+            // Initialize buffers
+            uint h0 = 0x67452301;
+            uint h1 = 0xEFCDAB89;
+            uint h2 = 0x98BADCFE;
+            uint h3 = 0x10325476;
+            uint h4 = 0xC3D2E1F0;
+
+            // Pad message
+            int ml = message.Length + 1;
+            byte[] msg = new byte[ml + ((960 - (ml*8 % 512)) % 512)/8 + 8];
+            Array.Copy(message, msg, message.Length);
+            msg[message.Length] = 0x80;
+            long len = message.Length * 8;
+            for (int i = 0; i < 8; ++i) msg[msg.Length - 1 - i] = (byte)((len >> (i*8)) & 255);
+            //Support.WriteToArray(msg, message.Length * 8, msg.Length - 8);
+            //for (int i = 0; i <4; ++i) msg[msg.Length - 5 - i] = (byte)(((message.Length*8) >> (i * 8)) & 255);
+
+            int chunks = msg.Length / 64;
+
+            // Perform hashing for each 512-bit block
+            for(int i = 0; i<chunks; ++i)
+            {
+
+                // Split block into words
+                uint[] w = new uint[80];
+                for(int j = 0; j<16; ++j)
+                    w[j] |= (uint) ((msg[i * 64 + j * 4] << 24) | (msg[i * 64 + j * 4 + 1] << 16) | (msg[i * 64 + j * 4 + 2] << 8) | (msg[i * 64 + j * 4 + 3] << 0));
+
+                // Expand words
+                for(int j = 16; j<80; ++j)
+                    w[j] = Rot(w[j - 3] ^ w[j - 8] ^ w[j - 14] ^ w[j - 16], 1);
+
+                // Initialize chunk-hash
+                uint
+                    a = h0,
+                    b = h1,
+                    c = h2,
+                    d = h3,
+                    e = h4;
+
+                // Do hash rounds
+                for (int t = 0; t<80; ++t)
+                {
+                    uint tmp = Rot(a, 5) + func(t, b, c, d) + e + K(t) + w[t];
+                    e = d;
+                    d = c;
+                    c = Rot(b, 30);
+                    b = a;
+                    a = tmp;
+                }
+                h0 += a;
+                h1 += b;
+                h2 += c;
+                h3 += d;
+                h4 += e;
+            }
+
+            return Support.WriteContiguous(new byte[20], 0, Support.SwapEndian(h0), Support.SwapEndian(h1), Support.SwapEndian(h2), Support.SwapEndian(h3), Support.SwapEndian(h4));
+        }
+
+        private static uint func(int t, uint b, uint c, uint d) =>
+            t < 20 ? (b & c) | ((~b) & d) :
+            t < 40 ? b ^ c ^ d :
+            t < 60 ? (b & c) | (b & d) | (c & d) :
+            /*t<80*/ b ^ c ^ d;
+
+        private static uint K(int t) =>
+            t < 20 ? 0x5A827999 :
+            t < 40 ? 0x6ED9EBA1 :
+            t < 60 ? 0x8F1BBCDC :
+            /*t<80*/ 0xCA62C1D6 ;
+
+        private static uint Rot(uint val, int by) => (val << by) | (val >> (32 - by));
+    }
+}
diff --git a/RedpilledOuttaCucktown/Support.cs b/RedpilledOuttaCucktown/Support.cs
index e96a14a..77d76bc 100644
--- a/RedpilledOuttaCucktown/Support.cs
+++ b/RedpilledOuttaCucktown/Support.cs
@@ -236,6 +236,39 @@ namespace Tofvesson.Crypto
             return target;
         }
 
+        public static byte[] WriteContiguous(byte[] target, int offset, params int[] data)
+        {
+            for (int i = 0; i < data.Length; ++i) WriteToArray(target, data[i], offset + i * 4);
+            return target;
+        }
+
+        public static byte[] WriteToArray(byte[] target, uint data, int offset)
+        {
+            for (int i = 0; i < 4; ++i)
+                target[i + offset] = (byte)((data >> (i * 8)) & 255);
+            return target;
+        }
+
+        public static byte[] WriteContiguous(byte[] target, int offset, params uint[] data)
+        {
+            for (int i = 0; i < data.Length; ++i) WriteToArray(target, data[i], offset + i * 4);
+            return target;
+        }
+
+        public static byte[] Concatenate(params byte[][] bytes)
+        {
+            int alloc = 0;
+            foreach (byte[] b in bytes) alloc += b.Length;
+            byte[] result = new byte[alloc];
+            alloc = 0;
+            for(int i = 0; i<bytes.Length; ++i)
+            {
+                Array.Copy(bytes[i], 0, result, alloc, bytes[i].Length);
+                alloc += bytes[i].Length;
+            }
+            return result;
+        }
+
         public static void ArrayCopy<T>(IEnumerable<T> source, int sourceOffset, T[] destination, int offset, int length)
         {
             for (int i = 0; i < length; ++i) destination[i + offset] = source.ElementAt<T>(i+sourceOffset);
@@ -310,6 +343,20 @@ namespace Tofvesson.Crypto
                     return lst.Item(i);
             return null;
         }
+        
+        // Swap endianness of a given integer
+        public static uint SwapEndian(uint value) => (uint)(((value >> 24) & (255 << 0)) | ((value >> 8) & (255 << 8)) | ((value << 8) & (255 << 16)) | ((value << 24) & (255 << 24)));
+
+        public static string ToHexString(byte[] value)
+        {
+            StringBuilder builder = new StringBuilder();
+            foreach(byte b in value)
+            {
+                builder.Append((char)((((b >> 4) < 10) ? 48 : 87) + (b >> 4)));
+                builder.Append((char)((((b & 15) < 10) ? 48 : 87) + (b & 15)));
+            }
+            return builder.ToString();
+        }
 
         public static bool ReadYNBool(this TextReader reader, string nonDefault) => reader.ReadLine().ToLower().Equals(nonDefault);
     }