Skip to content

Commit e9f4bce

Browse files
JVanloofsveltJVanloofsvelt
committed
Properly dispose of managed digest instances.
1 parent e62a152 commit e9f4bce

File tree

2 files changed

+27
-15
lines changed

2 files changed

+27
-15
lines changed

NBitcoin/BIP39/Mnemonic.cs

+9-3
Original file line numberDiff line numberDiff line change
@@ -175,11 +175,17 @@ public byte[] DeriveSeed(string passphrase = null)
175175
#if NO_NATIVE_HMACSHA512
176176
#if NONATIVEHASH
177177
var mac = new NBitcoin.BouncyCastle.Crypto.Macs.HMac(new NBitcoin.BouncyCastle.Crypto.Digests.Sha512Digest());
178-
#else
179-
var mac = new NBitcoin.BouncyCastle.Crypto.Macs.HMac(new Crypto.digests.ManagedSha512Digest());
180-
#endif
181178
mac.Init(new NBitcoin.BouncyCastle.Crypto.Parameters.KeyParameter(bytes));
182179
return Pbkdf2.ComputeDerivedKey(mac, salt, 2048, 64);
180+
#else
181+
using (var sha512 = new Crypto.NativeDigests.ManagedSha512Digest())
182+
{
183+
var mac = new NBitcoin.BouncyCastle.Crypto.Macs.HMac(sha512);
184+
mac.Init(new NBitcoin.BouncyCastle.Crypto.Parameters.KeyParameter(bytes));
185+
return Pbkdf2.ComputeDerivedKey(mac, salt, 2048, 64);
186+
}
187+
#endif
188+
183189
#elif NO_NATIVE_RFC2898_HMACSHA512
184190
return NBitcoin.Crypto.Pbkdf2.ComputeDerivedKey(new System.Security.Cryptography.HMACSHA512(bytes), salt, 2048, 64);
185191
#else

NBitcoin/Crypto/Hashes.cs

+18-12
Original file line numberDiff line numberDiff line change
@@ -835,12 +835,15 @@ public static byte[] HMACSHA256(byte[] key, byte[] data)
835835
#elif NO_NATIVE_HMACSHA512 // There is a native hash, but no native HMAC.
836836
public static byte[] HMACSHA512(byte[] key, byte[] data)
837837
{
838-
var mac = new NBitcoin.BouncyCastle.Crypto.Macs.HMac(new ManagedSha512Digest());
839-
mac.Init(new KeyParameter(key));
840-
mac.BlockUpdate(data, 0, data.Length);
841-
byte[] result = new byte[mac.GetMacSize()];
842-
mac.DoFinal(result, 0);
843-
return result;
838+
using (var sha512 = new ManagedSha512Digest())
839+
{
840+
var mac = new NBitcoin.BouncyCastle.Crypto.Macs.HMac(sha512);
841+
mac.Init(new KeyParameter(key));
842+
mac.BlockUpdate(data, 0, data.Length);
843+
byte[] result = new byte[mac.GetMacSize()];
844+
mac.DoFinal(result, 0);
845+
return result;
846+
}
844847
}
845848

846849
#if HAS_SPAN
@@ -859,12 +862,15 @@ public static bool HMACSHA512(byte[] key, ReadOnlySpan<byte> data, Span<byte> ou
859862

860863
public static byte[] HMACSHA256(byte[] key, byte[] data)
861864
{
862-
var mac = new NBitcoin.BouncyCastle.Crypto.Macs.HMac(new ManagedSha256Digest());
863-
mac.Init(new KeyParameter(key));
864-
mac.BlockUpdate(data, 0, data.Length);
865-
byte[] result = new byte[mac.GetMacSize()];
866-
mac.DoFinal(result, 0);
867-
return result;
865+
using (var sha256 = new ManagedSha256Digest())
866+
{
867+
var mac = new NBitcoin.BouncyCastle.Crypto.Macs.HMac(sha256);
868+
mac.Init(new KeyParameter(key));
869+
mac.BlockUpdate(data, 0, data.Length);
870+
byte[] result = new byte[mac.GetMacSize()];
871+
mac.DoFinal(result, 0);
872+
return result;
873+
}
868874
}
869875
#else // There is no native hash and no native HMAC
870876
public static byte[] HMACSHA512(byte[] key, byte[] data)

0 commit comments

Comments
 (0)