From a192c0281d6334c5d1753c015c29b1b6adb5262c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Pawe=C5=82=20Kaczy=C5=84ski?= <p.a.kaczynski@gmail.com>
Date: Sun, 15 Oct 2017 01:33:41 +0100
Subject: [PATCH 1/2] Fixed few memory issues and CPU overusage issues. Still
 have climbing RAM usage

---
 SecretSanta.Data/EncryptionProvider.cs | 14 ++++++++------
 1 file changed, 8 insertions(+), 6 deletions(-)

diff --git a/SecretSanta.Data/EncryptionProvider.cs b/SecretSanta.Data/EncryptionProvider.cs
index b0005cc..2743a41 100644
--- a/SecretSanta.Data/EncryptionProvider.cs
+++ b/SecretSanta.Data/EncryptionProvider.cs
@@ -87,9 +87,9 @@ public byte[] CalculatePasswordHash(string password, byte[] associatedData = nul
             {
                 Type = Argon2Type.DataDependentAddressing,
                 Version = Argon2Version.Nineteen,
-                TimeCost = 10,
+                TimeCost = 3,
                 MemoryCost = 65536,
-                Lanes = 5,
+                Lanes = 4,
                 Threads = Environment.ProcessorCount,
                 Password = passwordBytes,
                 Salt = salt, // >= 8 bytes if not null
@@ -97,7 +97,7 @@ public byte[] CalculatePasswordHash(string password, byte[] associatedData = nul
                 AssociatedData = associatedData, // from item
                 HashLength = 32 // >= 4
             };
-            var argon2A = new Argon2(config);
+            using (var argon2A = new Argon2(config))
             using (var hashA = argon2A.Hash())
             {
                 return Encoding.UTF8.GetBytes(config.EncodeString(hashA.Buffer));
@@ -158,9 +158,11 @@ private void WithCrypto<T>(T model, Action<T,PropertyInfo,ICryptoTransform> acti
 
                 foreach (var property in properties)
                 {
-                    var transform = decrypt ? aes.CreateDecryptor(aes.Key, aes.IV) : aes.CreateEncryptor(aes.Key
-                        , aes.IV);
-                    action(model, property, transform);
+                    using (var transform = decrypt ? aes.CreateDecryptor(aes.Key, aes.IV) : aes.CreateEncryptor(aes.Key, aes.IV))
+                    {
+                        action(model, property, transform);
+                    }
+                    aes.Clear();
                 }
             }
         }

From 61a999d6f3eebcc7d7c6209a7b9b32b0e06a6f45 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Pawe=C5=82=20Kaczy=C5=84ski?= <p.a.kaczynski@gmail.com>
Date: Sun, 15 Oct 2017 02:07:05 +0100
Subject: [PATCH 2/2] Switched from argon2 to scrypt, that helped with the
 memory/cpu issues.

---
 .../Interface/IEncryptionProvider.cs          |  1 -
 SecretSanta.Data/EncryptionProvider.cs        | 65 +++----------------
 SecretSanta.Data/SecretSanta.Data.csproj      |  6 +-
 SecretSanta.Data/packages.config              |  2 +-
 4 files changed, 14 insertions(+), 60 deletions(-)

diff --git a/SecretSanta.Common/Interface/IEncryptionProvider.cs b/SecretSanta.Common/Interface/IEncryptionProvider.cs
index 7f883c8..001d0b0 100644
--- a/SecretSanta.Common/Interface/IEncryptionProvider.cs
+++ b/SecretSanta.Common/Interface/IEncryptionProvider.cs
@@ -6,7 +6,6 @@ public interface IEncryptionProvider
     {
         void Decrypt<T>(T theModel) where T : ModelBase;
         void Encrypt<T>(T theModel) where T : ModelBase;
-        byte[] NewSalt();
         byte[] CalculatePasswordHash(string password, byte[] associatedData = null);
         bool VerifyPasswordHash(string password, byte[] storedHash);
         string GetEmailVerificationToken(SantaUser user);
diff --git a/SecretSanta.Data/EncryptionProvider.cs b/SecretSanta.Data/EncryptionProvider.cs
index 2743a41..a4de439 100644
--- a/SecretSanta.Data/EncryptionProvider.cs
+++ b/SecretSanta.Data/EncryptionProvider.cs
@@ -6,9 +6,8 @@
 using System.Reflection;
 using System.Security.Cryptography;
 using System.Text;
-using Isopoh.Cryptography.Argon2;
-using Isopoh.Cryptography.SecureArray;
 using JetBrains.Annotations;
+using Scrypt;
 using SecretSanta.Common.Helpers;
 using SecretSanta.Common.Interface;
 using SecretSanta.Domain.Models;
@@ -71,64 +70,20 @@ public void Decrypt<T>(T theModel) where T : ModelBase
                 (model, property, decryptor) => property.SetValue(model,
                     DecryptValue(decryptor, property.GetValue(model) as string)), decrypt: true);
 
-        public byte[] NewSalt()
-        {
-            var result = new byte[_saltLength];
-            _rngProvider.GetBytes(result);
-            return result;
-        }
-
         public byte[] CalculatePasswordHash(string password, byte[] associatedData = null)
         {
-            var passwordBytes = Encoding.UTF8.GetBytes(password);
-            var salt = new byte[16];
-            _rngProvider.GetBytes(salt);
-            var config = new Argon2Config
-            {
-                Type = Argon2Type.DataDependentAddressing,
-                Version = Argon2Version.Nineteen,
-                TimeCost = 3,
-                MemoryCost = 65536,
-                Lanes = 4,
-                Threads = Environment.ProcessorCount,
-                Password = passwordBytes,
-                Salt = salt, // >= 8 bytes if not null
-                Secret = _secret, // from config
-                AssociatedData = associatedData, // from item
-                HashLength = 32 // >= 4
-            };
-            using (var argon2A = new Argon2(config))
-            using (var hashA = argon2A.Hash())
-            {
-                return Encoding.UTF8.GetBytes(config.EncodeString(hashA.Buffer));
-            }
+            var encoder = new ScryptEncoder();
+            var hash = encoder.Encode(password);
+
+            return Encoding.UTF8.GetBytes(hash);
         }
 
         public bool VerifyPasswordHash(string password, byte[] storedHash)
         {
-            var passwordBytes = Encoding.UTF8.GetBytes(password);
-            var argonString = Encoding.UTF8.GetString(storedHash);
-            var configOfPasswordToVerify = new Argon2Config
-            {
-                Password = passwordBytes,
-                Secret = _secret,
-                Threads = 1
-            };
-            SecureArray<byte> hashB = null;
-            try
-            {
-                if (configOfPasswordToVerify.DecodeString(argonString, out hashB) && hashB != null)
-                {
-                    var argon2ToVerify = new Argon2(configOfPasswordToVerify);
-                    using (var hashToVerify = argon2ToVerify.Hash())
-                        return !hashB.Buffer.Where((b, i) => b != hashToVerify[i]).Any();
-                }
-            }
-            finally
-            {
-                hashB?.Dispose();
-            }
-            return false;
+            var hashString = Encoding.UTF8.GetString(storedHash);
+
+            var encoder = new ScryptEncoder();
+            return encoder.Compare(password, hashString);
         }
 
         public string GetEmailVerificationToken(SantaUser user)
@@ -162,8 +117,8 @@ private void WithCrypto<T>(T model, Action<T,PropertyInfo,ICryptoTransform> acti
                     {
                         action(model, property, transform);
                     }
-                    aes.Clear();
                 }
+                aes.Clear();
             }
         }
 
diff --git a/SecretSanta.Data/SecretSanta.Data.csproj b/SecretSanta.Data/SecretSanta.Data.csproj
index ed290f4..9936f14 100644
--- a/SecretSanta.Data/SecretSanta.Data.csproj
+++ b/SecretSanta.Data/SecretSanta.Data.csproj
@@ -40,9 +40,6 @@
     <Reference Include="Dapper.Contrib, Version=1.50.0.0, Culture=neutral, processorArchitecture=MSIL">
       <HintPath>..\packages\Dapper.Contrib.1.50.0\lib\net45\Dapper.Contrib.dll</HintPath>
     </Reference>
-    <Reference Include="Isopoh.Cryptography.Argon2, Version=1.0.0.0, Culture=neutral, PublicKeyToken=9014340f40f5d160, processorArchitecture=MSIL">
-      <HintPath>..\packages\Isopoh.Cryptography.Argon2.1.0.4\lib\netstandard1.3\Isopoh.Cryptography.Argon2.dll</HintPath>
-    </Reference>
     <Reference Include="Isopoh.Cryptography.Blake2b, Version=1.0.0.0, Culture=neutral, PublicKeyToken=9014340f40f5d160, processorArchitecture=MSIL">
       <HintPath>..\packages\Isopoh.Cryptography.Blake2b.1.0.4\lib\netstandard1.3\Isopoh.Cryptography.Blake2b.dll</HintPath>
     </Reference>
@@ -58,6 +55,9 @@
     <Reference Include="Microsoft.Win32.Primitives, Version=4.0.2.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=MSIL">
       <HintPath>..\packages\Microsoft.Win32.Primitives.4.3.0\lib\net46\Microsoft.Win32.Primitives.dll</HintPath>
     </Reference>
+    <Reference Include="Scrypt, Version=1.3.0.0, Culture=neutral, processorArchitecture=MSIL">
+      <HintPath>..\packages\Scrypt.NET.1.3.0\lib\net20\Scrypt.dll</HintPath>
+    </Reference>
     <Reference Include="System" />
     <Reference Include="System.AppContext, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=MSIL">
       <HintPath>..\packages\System.AppContext.4.3.0\lib\net46\System.AppContext.dll</HintPath>
diff --git a/SecretSanta.Data/packages.config b/SecretSanta.Data/packages.config
index c182e0c..f1f3c3e 100644
--- a/SecretSanta.Data/packages.config
+++ b/SecretSanta.Data/packages.config
@@ -3,7 +3,6 @@
   <package id="AutoMapper" version="6.1.1" targetFramework="net461" />
   <package id="Dapper" version="1.50.2" targetFramework="net461" />
   <package id="Dapper.Contrib" version="1.50.0" targetFramework="net461" />
-  <package id="Isopoh.Cryptography.Argon2" version="1.0.4" targetFramework="net461" />
   <package id="Isopoh.Cryptography.Blake2b" version="1.0.4" targetFramework="net461" />
   <package id="Isopoh.Cryptography.SecureArray" version="1.0.4" targetFramework="net461" />
   <package id="JetBrains.Annotations" version="11.0.0" targetFramework="net461" />
@@ -11,6 +10,7 @@
   <package id="Microsoft.NETCore.Platforms" version="1.1.0" targetFramework="net461" />
   <package id="Microsoft.Win32.Primitives" version="4.3.0" targetFramework="net461" />
   <package id="NETStandard.Library" version="1.6.1" targetFramework="net461" />
+  <package id="Scrypt.NET" version="1.3.0" targetFramework="net461" />
   <package id="System.AppContext" version="4.3.0" targetFramework="net461" />
   <package id="System.Collections" version="4.3.0" targetFramework="net461" />
   <package id="System.Collections.Concurrent" version="4.3.0" targetFramework="net461" />