Converting WarpWallet's hashing algorithm from javascript into C#

Question

I'm trying to implement the warpwallet code in C#. I'm using cryptsharp for its scrypt and PBKDF2 implementations. However, I seem to be getting different results than the real website.

Here is my code:

static void Main(string[] args)
{
    string randomString = "mypassword";
    byte[] passwordBytes = Encoding.UTF8.GetBytes(randomString);
    byte[] passwordBytesScrypt = new byte[passwordBytes.Length + 1];
    Array.Copy(passwordBytes, 0, passwordBytesScrypt, 0, passwordBytes.Length);
    passwordBytesScrypt[passwordBytes.Length] = 0x1;

    string salt = "[email protected]";
    byte[] saltBytes = Encoding.UTF8.GetBytes(salt);
    byte[] saltBytesScrypt = new byte[saltBytes.Length + 1];
    Array.Copy(saltBytes, 0, saltBytesScrypt, 0, saltBytes.Length);
    saltBytesScrypt[saltBytes.Length] = 0x1;

    byte[] scryptBytes = CryptSharp.Utility.SCrypt.ComputeDerivedKey(passwordBytesScrypt, saltBytes, 524288, 8, 1, null, 32);

    byte[] passwordBytesPBKDF2 = passwordBytesScrypt;
    passwordBytesPBKDF2[passwordBytes.Length] = 0x2;

    byte[] saltBytesPBKDF2 = saltBytesScrypt;
    saltBytesScrypt[saltBytes.Length] = 0x2;

    byte[] pbkdf2Bytes = CryptSharp.Utility.Pbkdf2.ComputeDerivedKey(new HMACSHA256(passwordBytesPBKDF2), saltBytes, 65536, 32);
}

According to the website (I modified the code to log to console), the scrypt hash result should be

4dfe98afd8f279e856abdcccce09aa54031fbd7fa39a912bb3caf5ce28648fe6

and the PBKDF2 hash result should be

847c053e66c093927d1f1258b52455675fe6788e537c2073927fbddddfacc0d3

My result for scrypt is

790BE1F92DDDF297CF7BACAA69218BE2C67680C706B2A214081A559B8E0EF43D

and PBKDF2

CB640D1C8C13B44712EBCF341FA68F22F90D69AA5BC8427CD5ABED37FDFFE4EF

I don't understand what I'm doing wrong. Are the cryptsharp implementations incorrect? Have I missed a step somewhere? I don't know javascript very well, so that's entirely possible. Any help would be appreciated.

Answer 1

I've found two problems with your code:

1. 2^18 is not 524288 but 262144.

2. It seems the way you're injecting 0x1 is not working, I've done it in a different way and it works:

       string randomString = "mypassword";
   
       string salt = "[email protected]";
   
       //Setup Lists to take the extra byte of the byte array to the end
       var passArrList = new List<byte>();
       var saltArrList = new List<byte>();
   
       //Get the byte array of incoming passphrase
       byte[] passArr = Encoding.UTF8.GetBytes(randomString);
       //Add the pass byte array to the list
       passArrList.AddRange(passArr);
       //Append the needed 0x1 to the end of the array
       passArrList.Add(1);
   
       //Get the bytes of the salt
       byte[] saltArr = Encoding.UTF8.GetBytes(salt);
       //Add the salt to the list
       saltArrList.AddRange(saltArr);
       //Append the needed salt to the end
       saltArrList.Add(1);
   
       byte[] scryptBytes = CryptSharp.Utility.SCrypt.ComputeDerivedKey(passArrList.ToArray(), saltArrList.ToArray(), 262144, 8, 1, null, 32);
   
       Console.WriteLine(BitConverter.ToString(scryptBytes).Replace("-", ""));