Skip to content

Commit eca59f5

Browse files
JVanloofsveltJVanloofsvelt
committed
Properly dispose of managed digest instances.
1 parent e8b64ad commit eca59f5

File tree

2 files changed

+27
-15
lines changed

2 files changed

+27
-15
lines changed

NBitcoin/BIP39/Mnemonic.cs

+9-3
Original file line numberDiff line numberDiff line change
@@ -175,11 +175,17 @@ public byte[] DeriveSeed(string passphrase = null)
175175
#if NO_NATIVE_HMACSHA512
176176
#if NONATIVEHASH
177177
var mac = new NBitcoin.BouncyCastle.Crypto.Macs.HMac(new NBitcoin.BouncyCastle.Crypto.Digests.Sha512Digest());
178-
#else
179-
var mac = new NBitcoin.BouncyCastle.Crypto.Macs.HMac(new Crypto.digests.ManagedSha512Digest());
180-
#endif
181178
mac.Init(new NBitcoin.BouncyCastle.Crypto.Parameters.KeyParameter(bytes));
182179
return Pbkdf2.ComputeDerivedKey(mac, salt, 2048, 64);
180+
#else
181+
using (var sha512 = new Crypto.NativeDigests.ManagedSha512Digest())
182+
{
183+
var mac = new NBitcoin.BouncyCastle.Crypto.Macs.HMac(sha512);
184+
mac.Init(new NBitcoin.BouncyCastle.Crypto.Parameters.KeyParameter(bytes));
185+
return Pbkdf2.ComputeDerivedKey(mac, salt, 2048, 64);
186+
}
187+
#endif
188+
183189
#elif NO_NATIVE_RFC2898_HMACSHA512
184190
return NBitcoin.Crypto.Pbkdf2.ComputeDerivedKey(new System.Security.Cryptography.HMACSHA512(bytes), salt, 2048, 64);
185191
#else

NBitcoin/Crypto/Hashes.cs

+18-12
Original file line numberDiff line numberDiff line change
@@ -839,12 +839,15 @@ public static byte[] HMACSHA256(byte[] key, byte[] data)
839839
#elif NO_NATIVE_HMACSHA512 // There is a native hash, but no native HMAC.
840840
public static byte[] HMACSHA512(byte[] key, byte[] data)
841841
{
842-
var mac = new NBitcoin.BouncyCastle.Crypto.Macs.HMac(new ManagedSha512Digest());
843-
mac.Init(new KeyParameter(key));
844-
mac.BlockUpdate(data, 0, data.Length);
845-
byte[] result = new byte[mac.GetMacSize()];
846-
mac.DoFinal(result, 0);
847-
return result;
842+
using (var sha512 = new ManagedSha512Digest())
843+
{
844+
var mac = new NBitcoin.BouncyCastle.Crypto.Macs.HMac(sha512);
845+
mac.Init(new KeyParameter(key));
846+
mac.BlockUpdate(data, 0, data.Length);
847+
byte[] result = new byte[mac.GetMacSize()];
848+
mac.DoFinal(result, 0);
849+
return result;
850+
}
848851
}
849852

850853
#if HAS_SPAN
@@ -863,12 +866,15 @@ public static bool HMACSHA512(byte[] key, ReadOnlySpan<byte> data, Span<byte> ou
863866

864867
public static byte[] HMACSHA256(byte[] key, byte[] data)
865868
{
866-
var mac = new NBitcoin.BouncyCastle.Crypto.Macs.HMac(new ManagedSha256Digest());
867-
mac.Init(new KeyParameter(key));
868-
mac.BlockUpdate(data, 0, data.Length);
869-
byte[] result = new byte[mac.GetMacSize()];
870-
mac.DoFinal(result, 0);
871-
return result;
869+
using (var sha256 = new ManagedSha256Digest())
870+
{
871+
var mac = new NBitcoin.BouncyCastle.Crypto.Macs.HMac(sha256);
872+
mac.Init(new KeyParameter(key));
873+
mac.BlockUpdate(data, 0, data.Length);
874+
byte[] result = new byte[mac.GetMacSize()];
875+
mac.DoFinal(result, 0);
876+
return result;
877+
}
872878
}
873879
#else // There is no native hash and no native HMAC
874880
public static byte[] HMACSHA512(byte[] key, byte[] data)

0 commit comments

Comments
 (0)