Главная Обзор Помощь
Вход
pascal
/
innosetup
зеркало из https://github.com/jrsoftware/issrc.git
2
0
Ответвить 0
Файлы Задачи 0 Вики
Ветка: is7-preview
Ветки Метки
innosetup
/
Components
/
PBKDF2.pas

PBKDF2.pas 4.2 KB
Постоянная ссылка История Исходник

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129 
  1. unit PBKDF2;
    2. 

  2. 

  3. {
    4. 

  4.   Inno Setup
    5. 

  5.   Copyright (C) 1997-2024 Jordan Russell
    6. 

  6.   Portions by Martijn Laan
    7. 

  7.   For conditions of distribution and use, see LICENSE.TXT.
    8. 

  8. 

  9.   PBKDF2-HMAC-SHA256 password-based key derivation
    10. 

  10. }
    11. 

  11. 

  12. interface
    13. 

  13. 

  14. uses
    15. 

  15.   System.SysUtils;
    16. 

  16. 

  17. function PBKDF2SHA256(Password: TBytes; const Salt: TBytes; const Iterations, KeyLength: Integer): TBytes; overload;
    18. 

  18. function PBKDF2SHA256(const Password: String; const Salt: TBytes; const Iterations, KeyLength: Integer): TBytes; overload;
    19. 

  19. 

  20. implementation
    21. 

  21. 

  22. uses
    23. 

  23.   System.Hash, System.Math;
    24. 

  24. 

  25. function PBKDF2SHA256(Password: TBytes; const Salt: TBytes; const Iterations, KeyLength: Integer): TBytes;
    26. 

  26. begin
    27. 

  27.   var HashVersion := THashSHA2.TSHA2Version.SHA256;
    28. 

  28. 

  29.   var Hash := THashSHA2.Create(HashVersion); { This is a record so no need to free }
    30. 

  30.   var HashSize := Hash.GetHashSize;
    31. 

  31. 

  32.   if Length(Password) > Hash.GetBlockSize then begin
    33. 

  33.     { Pre-hash password so THashSHA2.GetHMACAsBytes wont do this over and over again }
    34. 

  34.     Hash.Update(Password);
    35. 

  35.     Password := Hash.HashAsBytes;
    36. 

  36.   end;
    37. 

  37. 

  38.   SetLength(Result, KeyLength);
    39. 

  39.   var BytesDone := 0;
    40. 

  40. 

  41.   var L := Ceil(KeyLength / HashSize);
    42. 

  42. 

  43.   for var Block := 1 to L do begin
    44. 

  44.     var SaltAndBlock := Salt + [Byte(Block shr 24), Byte(Block shr 16), Byte(Block shr 8), Byte(Block)];
    45. 

  45.     var U := THashSHA2.GetHMACAsBytes(SaltAndBlock, Password, HashVersion);
    46. 

  46.     var F := U;
    47. 

  47. 

  48.     for var I := 2 to Iterations do begin
    49. 

  49.       U := THashSHA2.GetHMACAsBytes(U, Password, HashVersion);
    50. 

  50.       for var J := 0 to High(F) do
    51. 

  51.         F[J] := F[J] xor U[J];
    52. 

  52.     end;
    53. 

  53. 

  54.     var BytesLeft := KeyLength - BytesDone;
    55. 

  55.     var BytesToCopy := Min(BytesLeft, Length(F));
    56. 

  56.     Move(F[0], Result[BytesDone], BytesToCopy);
    57. 

  57.     Inc(BytesDone, BytesToCopy);
    58. 

  58.   end;
    59. 

  59. end;
    60. 

  60. 

  61. function PBKDF2SHA256(const Password: String; const Salt: TBytes; const Iterations, KeyLength: Integer): TBytes;
    62. 

  62. 

  63.   function StringToBytes(const S: String): TBytes;
    64. 

  64.   begin
    65. 

  65.     var N := Length(S)*SizeOf(S[1]);
    66. 

  66.     SetLength(Result, N);
    67. 

  67.     if N > 0 then
    68. 

  68.       Move(S[1], Result[0], N);
    69. 

  69.   end;
    70. 

  70. 

  71. begin
    72. 

  72.   Result := PBKDF2SHA256(StringToBytes(Password), Salt, Iterations, KeyLength);
    73. 

  73. end;
    74. 

  74. 

  75. {.$DEFINE TEST}
    76. 

  76. 

  77. {$IFDEF TEST}
    78. 

  78. 

  79. {$C+}
    80. 

  80. 

  81. procedure TestPBKDF2SHA256;
    82. 

  82. 

  83.   function AnsiStringToBytes(const S: AnsiString): TBytes;
    84. 

  84.   begin
    85. 

  85.     var N := Length(S)*SizeOf(S[1]);
    86. 

  86.     SetLength(Result, N);
    87. 

  87.     if N > 0 then
    88. 

  88.       Move(S[1], Result[0], N);
    89. 

  89.   end;
    90. 

  90. 

  91.   procedure Test(const Key1, Key2: TBytes);
    92. 

  92.   begin
    93. 

  93.     Assert(Length(Key1) = Length(Key2));
    94. 

  94.     for var I := 0 to High(Key1) do
    95. 

  95.       Assert(Key1[I] = Key2[I]);
    96. 

  96.   end;
    97. 

  97. 

  98. begin
    99. 

  99.   //https://stackoverflow.com/a/5136918/301485
    100. 

  100.   var Password := AnsiStringToBytes('password');
    101. 

  101.   var Salt := AnsiStringToBytes('salt');
    102. 

  102.   Test(PBKDF2SHA256(Password, Salt, 1, 32),
    103. 

  103.        [$12, $0f, $b6, $cf, $fc, $f8, $b3, $2c, $43, $e7, $22, $52, $56, $c4, $f8, $37, $a8, $65, $48, $c9, $2c, $cc, $35, $48, $08, $05, $98, $7c, $b7, $0b, $e1, $7b]);
    104. 

  104.   Test(PBKDF2SHA256(Password, Salt, 4096, 32),
    105. 

  105.        [$c5, $e4, $78, $d5, $92, $88, $c8, $41, $aa, $53, $0d, $b6, $84, $5c, $4c, $8d, $96, $28, $93, $a0, $01, $ce, $4e, $11, $a4, $96, $38, $73, $aa, $98, $13, $4a]);
    106. 

  106. 

  107.   Password := AnsiStringToBytes('passwordPASSWORDpassword');
    108. 

  108.   Salt := AnsiStringToBytes('saltSALTsaltSALTsaltSALTsaltSALTsalt');
    109. 

  109.   Test(PBKDF2SHA256(Password, Salt, 4096, 40),
    110. 

  110.        [$34, $8c, $89, $db, $cb, $d3, $2b, $2f, $32, $d8, $14, $b8, $11, $6e, $84, $cf, $2b, $17, $34, $7e, $bc, $18, $00, $18, $1c, $4e, $2a, $1f, $b8, $dd, $53, $e1, $c6, $35, $51, $8c, $7d, $ac, $47, $e9]);
    111. 

  111. 

  112.   Password := AnsiStringToBytes('pass'#0'word');
    113. 

  113.   Salt := AnsiStringToBytes('sa'#0'lt');
    114. 

  114.   Test(PBKDF2SHA256(Password, Salt, 4096, 16),
    115. 

  115.        [$89, $b6, $9d, $05, $16, $f8, $29, $89, $3c, $69, $62, $26, $65, $0a, $86, $87]);
    116. 

  116. 

  117.   //https://en.wikipedia.org/wiki/PBKDF2 - but with SHA256 instead of SHA1 - first tested using SHA1
    118. 

  118.   Password := AnsiStringToBytes('plnlrtfpijpuhqylxbgqiiyipieyxvfsavzgxbbcfusqkozwpngsyejqlmjsytrmd');
    119. 

  119.   Salt := [$a0, $09, $c1, $a4, $85, $91, $2c, $6a, $e6, $30, $d3, $e7, $44, $24, $0b, $04];
    120. 

  120.   Test(PBKDF2SHA256(Password, Salt, 1000, 16),
    121. 

  121.        [$28, $86, $9b, $5f, $31, $ae, $29, $23, $6f, $16, $4c, $5c, $b3, $3e, $2e, $3b]);
    122. 

  122. end;
    123. 

  123. 

  124. initialization
    125. 

  125.   TestPBKDF2SHA256;
    126. 

  126. 

  127. {$ENDIF}
    128. 

  128. 

  129. end.
    130.