Delete unused code.

Signed-off-by: Bradley Grainger <[email protected]>

Author: bgrainger

src/MySqlConnector.Authentication.Ed25519/Chaos.NaCl/CryptoBytes.cs

@@ -5,29 +5,6 @@ namespace Chaos.NaCl
 {
     internal static class CryptoBytes
     {
-        public static bool ConstantTimeEquals(byte[] x, byte[] y)
-        {
-            if (x == null)
-                throw new ArgumentNullException("x");
-            if (y == null)
-                throw new ArgumentNullException("y");
-            if (x.Length != y.Length)
-                throw new ArgumentException("x.Length must equal y.Length");
-            return InternalConstantTimeEquals(x, 0, y, 0, x.Length) != 0;
-        }
-
-        public static bool ConstantTimeEquals(ArraySegment<byte> x, ArraySegment<byte> y)
-        {
-            if (x.Array == null)
-                throw new ArgumentNullException("x.Array");
-            if (y.Array == null)
-                throw new ArgumentNullException("y.Array");
-            if (x.Count != y.Count)
-                throw new ArgumentException("x.Count must equal y.Count");
-
-            return InternalConstantTimeEquals(x.Array, x.Offset, y.Array, y.Offset, x.Count) != 0;
-        }
-
         public static bool ConstantTimeEquals(byte[] x, int xOffset, byte[] y, int yOffset, int length)
         {
             if (x == null)
@@ -63,26 +40,6 @@ public static void Wipe(byte[] data)
             InternalWipe(data, 0, data.Length);
         }
 
-        public static void Wipe(byte[] data, int offset, int count)
-        {
-            if (data == null)
-                throw new ArgumentNullException("data");
-            if (offset < 0)
-                throw new ArgumentOutOfRangeException("offset");
-            if (count < 0)
-                throw new ArgumentOutOfRangeException("count", "Requires count >= 0");
-            if ((uint)offset + (uint)count > (uint)data.Length)
-                throw new ArgumentException("Requires offset + count <= data.Length");
-            InternalWipe(data, offset, count);
-        }
-
-        public static void Wipe(ArraySegment<byte> data)
-        {
-            if (data.Array == null)
-                throw new ArgumentNullException("data.Array");
-            InternalWipe(data.Array, data.Offset, data.Count);
-        }
-
         // Secure wiping is hard
         // * the GC can move around and copy memory
         //   Perhaps this can be avoided by using unmanaged memory or by fixing the position of the array in memory
@@ -104,87 +61,5 @@ internal static void InternalWipe<T>(ref T data)
         {
             data = default(T);
         }
-
-        // constant time hex conversion
-        // see http://stackoverflow.com/a/14333437/445517
-        //
-        // An explanation of the weird bit fiddling:
-        //
-        // 1. `bytes[i] >> 4` extracts the high nibble of a byte
-        //   `bytes[i] & 0xF` extracts the low nibble of a byte
-        // 2. `b - 10`
-        //    is `< 0` for values `b < 10`, which will become a decimal digit
-        //    is `>= 0` for values `b > 10`, which will become a letter from `A` to `F`.
-        // 3. Using `i >> 31` on a signed 32 bit integer extracts the sign, thanks to sign extension.
-        //    It will be `-1` for `i < 0` and `0` for `i >= 0`.
-        // 4. Combining 2) and 3), shows that `(b-10)>>31` will be `0` for letters and `-1` for digits.
-        // 5. Looking at the case for letters, the last summand becomes `0`, and `b` is in the range 10 to 15. We want to map it to `A`(65) to `F`(70), which implies adding 55 (`'A'-10`).
-        // 6. Looking at the case for digits, we want to adapt the last summand so it maps `b` from the range 0 to 9 to the range `0`(48) to `9`(57). This means it needs to become -7 (`'0' - 55`).
-        // Now we could just multiply with 7. But since -1 is represented by all bits being 1, we can instead use `& -7` since `(0 & -7) == 0` and `(-1 & -7) == -7`.
-        //
-        // Some further considerations:
-        //
-        // * I didn't use a second loop variable to index into `c`, since measurement shows that calculating it from `i` is cheaper.
-        // * Using exactly `i < bytes.Length` as upper bound of the loop allows the JITter to eliminate bounds checks on `bytes[i]`, so I chose that variant.
-        // * Making `b` an int avoids unnecessary conversions from and to byte.
-        public static string ToHexStringUpper(byte[] data)
-        {
-            if (data == null)
-                return null;
-            char[] c = new char[data.Length * 2];
-            int b;
-            for (int i = 0; i < data.Length; i++)
-            {
-                b = data[i] >> 4;
-                c[i * 2] = (char)(55 + b + (((b - 10) >> 31) & -7));
-                b = data[i] & 0xF;
-                c[i * 2 + 1] = (char)(55 + b + (((b - 10) >> 31) & -7));
-            }
-            return new string(c);
-        }
-
-        // Explanation is similar to ToHexStringUpper
-        // constant 55 -> 87 and -7 -> -39 to compensate for the offset 32 between lowercase and uppercase letters
-        public static string ToHexStringLower(byte[] data)
-        {
-            if (data == null)
-                return null;
-            char[] c = new char[data.Length * 2];
-            int b;
-            for (int i = 0; i < data.Length; i++)
-            {
-                b = data[i] >> 4;
-                c[i * 2] = (char)(87 + b + (((b - 10) >> 31) & -39));
-                b = data[i] & 0xF;
-                c[i * 2 + 1] = (char)(87 + b + (((b - 10) >> 31) & -39));
-            }
-            return new string(c);
-        }
-
-        public static byte[] FromHexString(string hexString)
-        {
-            if (hexString == null)
-                return null;
-            if (hexString.Length % 2 != 0)
-                throw new FormatException("The hex string is invalid because it has an odd length");
-            var result = new byte[hexString.Length / 2];
-            for (int i = 0; i < result.Length; i++)
-                result[i] = Convert.ToByte(hexString.Substring(i * 2, 2), 16);
-            return result;
-        }
-
-        public static string ToBase64String(byte[] data)
-        {
-            if (data == null)
-                return null;
-            return Convert.ToBase64String(data);
-        }
-
-        public static byte[] FromBase64String(string s)
-        {
-            if (s == null)
-                return null;
-            return Convert.FromBase64String(s);
-        }
     }
 }

src/MySqlConnector.Authentication.Ed25519/Chaos.NaCl/Ed25519.cs

@@ -1,4 +1,5 @@
-using System;
+using System;
+using System.Security.Cryptography;
 using Chaos.NaCl.Internal.Ed25519Ref10;
 
 namespace Chaos.NaCl
@@ -11,30 +12,6 @@ internal static class Ed25519
         public static readonly int PrivateKeySeedSizeInBytes = 32;
         public static readonly int SharedKeySizeInBytes = 32;
 
-        public static bool Verify(ArraySegment<byte> signature, ArraySegment<byte> message, ArraySegment<byte> publicKey)
-        {
-            if (signature.Count != SignatureSizeInBytes)
-                throw new ArgumentException(string.Format("Signature size must be {0}", SignatureSizeInBytes), "signature.Count");
-            if (publicKey.Count != PublicKeySizeInBytes)
-                throw new ArgumentException(string.Format("Public key size must be {0}", PublicKeySizeInBytes), "publicKey.Count");
-            return Ed25519Operations.crypto_sign_verify(signature.Array, signature.Offset, message.Array, message.Offset, message.Count, publicKey.Array, publicKey.Offset);
-        }
-
-        public static bool Verify(byte[] signature, byte[] message, byte[] publicKey)
-        {
-            if (signature == null)
-                throw new ArgumentNullException("signature");
-            if (message == null)
-                throw new ArgumentNullException("message");
-            if (publicKey == null)
-                throw new ArgumentNullException("publicKey");
-            if (signature.Length != SignatureSizeInBytes)
-                throw new ArgumentException(string.Format("Signature size must be {0}", SignatureSizeInBytes), "signature.Length");
-            if (publicKey.Length != PublicKeySizeInBytes)
-                throw new ArgumentException(string.Format("Public key size must be {0}", PublicKeySizeInBytes), "publicKey.Length");
-            return Ed25519Operations.crypto_sign_verify(signature, 0, message, 0, message.Length, publicKey, 0);
-        }
-
         public static void Sign(ArraySegment<byte> signature, ArraySegment<byte> message, ArraySegment<byte> expandedPrivateKey)
         {
             if (signature.Array == null)
@@ -57,21 +34,16 @@ public static byte[] Sign(byte[] message, byte[] expandedPrivateKey)
             return signature;
         }
 
-        public static byte[] PublicKeyFromSeed(byte[] privateKeySeed)
-        {
-            byte[] privateKey;
-            byte[] publicKey;
-            KeyPairFromSeed(out publicKey, out privateKey, privateKeySeed);
-            CryptoBytes.Wipe(privateKey);
-            return publicKey;
-        }
-
         public static byte[] ExpandedPrivateKeyFromSeed(byte[] privateKeySeed)
         {
             byte[] privateKey;
             byte[] publicKey;
             KeyPairFromSeed(out publicKey, out privateKey, privateKeySeed);
+#if NETSTANDARD2_1_OR_GREATER || NETCOREAPP2_1_OR_GREATER
+            CryptographicOperations.ZeroMemory(publicKey);
+#else
             CryptoBytes.Wipe(publicKey);
+#endif
             return privateKey;
         }
 
@@ -87,25 +59,5 @@ public static void KeyPairFromSeed(out byte[] publicKey, out byte[] expandedPriv
             publicKey = pk;
             expandedPrivateKey = sk;
         }
-
-        public static void KeyPairFromSeed(ArraySegment<byte> publicKey, ArraySegment<byte> expandedPrivateKey, ArraySegment<byte> privateKeySeed)
-        {
-            if (publicKey.Array == null)
-                throw new ArgumentNullException("publicKey.Array");
-            if (expandedPrivateKey.Array == null)
-                throw new ArgumentNullException("expandedPrivateKey.Array");
-            if (privateKeySeed.Array == null)
-                throw new ArgumentNullException("privateKeySeed.Array");
-            if (publicKey.Count != PublicKeySizeInBytes)
-                throw new ArgumentException("publicKey.Count");
-            if (expandedPrivateKey.Count != ExpandedPrivateKeySizeInBytes)
-                throw new ArgumentException("expandedPrivateKey.Count");
-            if (privateKeySeed.Count != PrivateKeySeedSizeInBytes)
-                throw new ArgumentException("privateKeySeed.Count");
-            Ed25519Operations.crypto_sign_keypair(
-                publicKey.Array, publicKey.Offset,
-                expandedPrivateKey.Array, expandedPrivateKey.Offset,
-                privateKeySeed.Array, privateKeySeed.Offset);
-        }
     }
 }