Beispiel #1
0
        protected void encryptBtn_Click(object sender, EventArgs e)
        {
            //get the users data and pin code input
            String pass     = passText.Text;
            String passname = passName.Text;
            String pin      = pinText.Text;

            //server side input validation
            if (passname.Length < 1)
            {
                Label2.ForeColor = System.Drawing.Color.Red;
                Label2.Text      = "Please Enter a Password Name";
                return;
            }
            if (pass.Length < 1)
            {
                Label2.ForeColor = System.Drawing.Color.Red;
                Label2.Text      = "Please Enter a Password";
                return;
            }
            if (pin.Length < 1)
            {
                Label2.ForeColor = System.Drawing.Color.Red;
                Label2.Text      = "Please Enter a Pin Code";
                return;
            }

            //hash the user inputted pincode
            String key = Bouncy.Hash(pin);
            //get instance of AESCipher internal class
            AESCipher AESCipher = new AESCipher();

            //generate a 16 byte random IV
            byte[] ivBytes = AESCipher.GenerateRandomIV(16);
            //convert IV to string
            String iv = Convert.ToBase64String(ivBytes);
            //encrypt the password using the pin code and the IV
            String encrypted = AESCipher.encrypt(pass, key, iv);

            Debug.WriteLine("encrypted text..................................." + encrypted);

            //set the encrypted password and hashed pin code on screen
            passText.Text = encrypted;
            pinText.Text  = key;
        }
Beispiel #2
0
        public void TestAESCipher()
        {
            AESCipher aesCipher = new AESCipher();

            byte[] key = aesCipher.Key;
            Assert.AreEqual(32, key.Length);
            byte[] iv = aesCipher.IV;
            // AES block size is 16 bytes
            Assert.AreEqual(16, iv.Length);
            Console.WriteLine("AES Key: " + Convert.ToBase64String(key));
            Console.WriteLine("AES IV: " + Convert.ToBase64String(iv));
            string cleartext = "<?xml version=\"1.0\" encoding=\"utf-8\"?><FolaighMethodCall><methodName>methodOne</methodName><arg0>arg0</arg0><arg1>arg1</arg1></FolaighMethodCall>";

            byte[] encryptedText = aesCipher.encrypt(cleartext);
            Console.WriteLine("Encrypted text:" + Convert.ToBase64String(encryptedText));

            aesCipher = new AESCipher(key, iv);
            string decryptedText = aesCipher.decrypt(encryptedText);

            Assert.AreEqual(cleartext, decryptedText);
            Console.WriteLine("Decrypted Text: <" + decryptedText + ">");
        }
Beispiel #3
0
        public void TestSecureTransport()
        {
            String methodName                     = "methodOne";
            String arg0                           = "arg0";
            String arg1                           = "arg1";
            TestWebServiceProxy testProxy         = new TestWebServiceProxy();
            ITransportProxy     proxy             = testProxy;
            FolaighKeyStore     keyStore          = new FolaighKeyStore(KEYSTORE, "bird8top".ToCharArray());
            RSACipher           encryptorVerifier = new RSACipher(
                keyStore,
                "countyKey",
                false);
            RSACipher signerDecryptor = new RSACipher(
                keyStore,
                "stateKey",
                true);
            SecureTransport transport = new SecureTransport(
                proxy,
                encryptorVerifier,
                signerDecryptor);

            // Test for the proxy method
            String message     = "message";
            String signature   = "signature";
            String aesKey      = "key";
            String iv          = "iv";
            String senderAlias = "alias";
            String retval      = proxy.send(message, signature, aesKey, iv, senderAlias);

            String returnVal = transport.send(methodName, new String[] { arg0, arg1 });

            // First, just check to see if something got to the proxy.
            Assert.IsNotNull(returnVal);
            Assert.IsNotNull(testProxy.m_aesKey);
            Assert.IsNotNull(testProxy.m_iv);
            Assert.IsNotNull(testProxy.m_message);
            Assert.IsNotNull(testProxy.m_senderAlias);
            Assert.IsNotNull(testProxy.m_signature);

            Console.WriteLine("Encrypted AES Key:" + testProxy.m_aesKey);
            Console.WriteLine("Encrypted IV:" + testProxy.m_iv);
            Console.WriteLine("Encrypted Message:" + testProxy.m_message);
            Console.WriteLine("Sender Alias:" + testProxy.m_senderAlias);
            Console.WriteLine("Signature:" + testProxy.m_signature);

            // Decrypt the AES Key
            RSACipher testDecryptor = new RSACipher(
                keyStore,
                "countyKey",
                true);

            byte[] testKey = testDecryptor.decrypt(Convert.FromBase64String(testProxy.m_aesKey));
            byte[] testIV  = testDecryptor.decrypt(Convert.FromBase64String(testProxy.m_iv));

            Console.WriteLine("Decrypted Key:" + Convert.ToBase64String(testKey));
            Console.WriteLine("Decrypted IV:" + Convert.ToBase64String(testIV));

            AESCipher cipher = new AESCipher(testKey, testIV);

            // Independently encrypt the message and make sure they're the same
            MethodInfo mInfo = new MethodInfo(methodName, new String[] { arg0, arg1 });
            String     xml   = mInfo.encode();

            String testEncryptedMessage = Convert.ToBase64String(cipher.encrypt(xml));

            Assert.AreEqual(xml, cipher.decrypt(Convert.FromBase64String(testEncryptedMessage)));
            Assert.AreEqual(testEncryptedMessage, testProxy.m_message);

            string decryptedMessage = cipher.decrypt(Convert.FromBase64String(testProxy.m_message));
            string expectedMessage  = expectedMethodInfo.encode();

            Assert.AreEqual(expectedMessage, decryptedMessage);
        }