Beispiel #1
0
        /// <summary>
        /// 对字符串依据指定的算法和密钥进行加密,如果使用 CBC 算法,还需要初始化向量
        /// </summary>
        /// <param name="content">源字符串</param>
        /// <param name="strAlgName">加密算法</param>
        /// <param name="encoding">字符串编码方式</param>
        /// <param name="key">密钥</param>
        /// <param name="iniVec">CBC 初始化向量</param>
        /// <returns></returns>
        public static IBuffer CipherEncryption(string content, string strAlgName,
                                               BinaryStringEncoding encoding, CryptographicKey key, IBuffer iniVec = null)
        {
            // Create a buffer that contains the encoded message to be encrypted.
            IBuffer buffContent = CryptographicBuffer.ConvertStringToBinary(content, encoding);

            // Open a symmetric algorithm provider for the specified algorithm.
            SymmetricKeyAlgorithmProvider objAlg = SymmetricKeyAlgorithmProvider.OpenAlgorithm(strAlgName);

            // Determine whether the message length is a multiple of the block length.
            // This is not necessary for PKCS #7 algorithms which automatically pad the
            // message to an appropriate length.
            if (!strAlgName.Contains("PKCS7"))
            {
                if ((buffContent.Length % objAlg.BlockLength) != 0)
                {
                    throw new Exception("Message buffer length must be multiple of block length.");
                }
            }

            if (strAlgName.Contains("CBC") && iniVec == null)
            {
                throw new ArgumentException("Using CBC Encryption, initial vector must have value");
            }
            // Encrypt the data and return.
            IBuffer buffEncrypt = CryptographicEngine.Encrypt(key, buffContent, iniVec);

            return(buffEncrypt);
        }
        public static string CipherDecryption(
            string strAlgName,
            IBuffer buffEncrypt,
            IBuffer iv,
            BinaryStringEncoding encoding,
            CryptographicKey key)
        {
            // Declare a buffer to contain the decrypted data.
            IBuffer buffDecrypted;

            // Open an symmetric algorithm provider for the specified algorithm.
            SymmetricKeyAlgorithmProvider objAlg = SymmetricKeyAlgorithmProvider.OpenAlgorithm(strAlgName);

            // The input key must be securely shared between the sender of the encrypted message
            // and the recipient. The initialization vector must also be shared but does not
            // need to be shared in a secure manner. If the sender encodes a message string
            // to a buffer, the binary encoding method must also be shared with the recipient.
            buffDecrypted = CryptographicEngine.Decrypt(key, buffEncrypt, iv);

            // Convert the decrypted buffer to a string (for display). If the sender created the
            // original message buffer from a string, the sender must tell the recipient what
            // BinaryStringEncoding value was used. Here, BinaryStringEncoding.Utf8 is used to
            // convert the message to a buffer before encryption and to convert the decrypted
            // buffer back to the original plaintext.
            return(CryptographicBuffer.ConvertBinaryToString(encoding, buffDecrypted));
        }
 public Encrypted(string algorithm, BinaryStringEncoding encoding, string value)
 {
     Algorithm = algorithm;
     Value     = value;
     Encoding  = encoding;
     Validate();
 }
 public Encrypted(string algorithm, BinaryStringEncoding encoding, string value)
 {
     Algorithm = algorithm;
     Value = value;
     Encoding = encoding;
     Validate();
 }
        void CreateHMAC(String strMsg, String strAlgName, out IBuffer buffMsg, out CryptographicKey hmacKey, out IBuffer buffHMAC)
        {
            // Create a MacAlgorithmProvider object for the specified algorithm.
            MacAlgorithmProvider objMacProv = MacAlgorithmProvider.OpenAlgorithm(strAlgName);

            // Demonstrate how to retrieve the name of the algorithm used.
            String strNameUsed = objMacProv.AlgorithmName;

            // Create a buffer that contains the message to be signed.
            BinaryStringEncoding encoding = BinaryStringEncoding.Utf8;

            buffMsg = CryptographicBuffer.ConvertStringToBinary(strMsg, encoding);

            // Create a key to be signed with the message.
            IBuffer buffKeyMaterial = CryptographicBuffer.GenerateRandom(objMacProv.MacLength);

            hmacKey = objMacProv.CreateKey(buffKeyMaterial);

            // Sign the key and message together.
            buffHMAC = CryptographicEngine.Sign(hmacKey, buffMsg);

            // Verify that the HMAC length is correct for the selected algorithm
            if (buffHMAC.Length != objMacProv.MacLength)
            {
                throw new Exception("Error computing digest");
            }
        }
Beispiel #6
0
        public async void ProtectData()
        {
            // Initialize function arguments.
            String strDescriptor = "LOCAL=user";
            String strLoremIpsum = "Lorem ipsum dolor sit amet, consectetur adipiscing elit. Suspendisse elementum "
                                   + "ullamcorper eros, vitae gravida nunc consequat sollicitudin. Vivamus lacinia, "
                                   + "diam a molestie porttitor, sapien neque volutpat est, non suscipit leo dolor "
                                   + "sit amet nisl. Praesent tincidunt tincidunt quam ut pharetra. Sed tincidunt "
                                   + "sit amet nisl. Praesent tincidunt tincidunt quam ut pharetra. Sed tincidunt "
                                   + "porttitor massa, at convallis dolor dictum suscipit. Nullam vitae lectus in "
                                   + "lorem scelerisque convallis sed scelerisque orci. Praesent sed ligula vel erat "
                                   + "eleifend tempus. Nullam dignissim aliquet mauris a aliquet. Nulla augue justo, "
                                   + "posuere a consectetur ut, suscipit et sem. Proin eu libero ut felis tincidunt "
                                   + "interdum. Curabitur vulputate eros nec sapien elementum ut dapibus eros "
                                   + "dapibus. Suspendisse quis dui dolor, non imperdiet leo. In consequat, odio nec "
                                   + "aliquam tincidunt, magna enim ultrices massa, ac pharetra est urna at arcu. "
                                   + "Nunc suscipit, velit non interdum suscipit, lectus lectus auctor tortor, quis "
                                   + "ultrices orci felis in dolor. Etiam congue pretium libero eu vestibulum. "
                                   + "Mauris bibendum erat eleifend nibh consequat eu pharetra metus convallis. "
                                   + "Morbi sem eros, venenatis vel vestibulum consequat, hendrerit rhoncus purus.";
            BinaryStringEncoding encoding = BinaryStringEncoding.Utf16BE;

            // Encrypt the data as a stream.
            IBuffer buffProtected = await this.SampleDataProtectionStream(
                strDescriptor,
                strLoremIpsum,
                encoding);

            // Decrypt a data stream.
            String strUnprotected = await this.SampleDataUnprotectStream(
                buffProtected,
                encoding);
        }
        /// <summary>
        /// 对字符串依据指定的算法和密钥进行加密,如果使用 CBC 算法,还需要初始化向量
        /// </summary>
        /// <param name="content">源字符串</param>
        /// <param name="strAlgName">加密算法</param>
        /// <param name="encoding">字符串编码方式</param>
        /// <param name="key">密钥</param>
        /// <param name="iniVec">CBC 初始化向量</param>
        /// <returns></returns>
        public static IBuffer CipherEncryption(string content, string strAlgName,
            BinaryStringEncoding encoding, CryptographicKey key, IBuffer iniVec = null)
        {
            // Create a buffer that contains the encoded message to be encrypted. 
            IBuffer buffContent = CryptographicBuffer.ConvertStringToBinary(content, encoding);

            // Open a symmetric algorithm provider for the specified algorithm. 
            SymmetricKeyAlgorithmProvider objAlg = SymmetricKeyAlgorithmProvider.OpenAlgorithm(strAlgName);

            // Determine whether the message length is a multiple of the block length.
            // This is not necessary for PKCS #7 algorithms which automatically pad the
            // message to an appropriate length.
            if (!strAlgName.Contains("PKCS7"))
            {
                if ((buffContent.Length % objAlg.BlockLength) != 0)
                {
                    throw new Exception("Message buffer length must be multiple of block length.");
                }
            }

            if (strAlgName.Contains("CBC") && iniVec == null)
            {
                throw new ArgumentException("Using CBC Encryption, initial vector must have value");
            }
            // Encrypt the data and return.
            IBuffer buffEncrypt = CryptographicEngine.Encrypt(key, buffContent, iniVec);
            return buffEncrypt;
        }
Beispiel #8
0
        /// <summary>
        /// Generates a signature using the specified signatureType
        /// </summary>
        /// <param name="url">The full url that needs to be signed including its non OAuth url parameters</param>
        /// <param name="consumerKey">The consumer key</param>
        /// <param name="consumerSecret">The consumer seceret</param>
        /// <param name="token">The token, if available. If not available pass null or an empty string</param>
        /// <param name="tokenSecret">The token secret, if available. If not available pass null or an empty string</param>
        /// <param name="httpMethod">The http method used. Must be a valid HTTP method verb (POST,GET,PUT, etc)</param>
        /// <param name="signatureType">The type of signature to use</param>
        /// <returns>A base64 string of the hash value</returns>
        public string GenerateSignature(Uri url, string consumerKey, string consumerSecret, string token, string tokenSecret, string httpMethod, string timeStamp, string nonce, SignatureTypes signatureType, out string normalizedUrl, out string normalizedRequestParameters)
        {
            normalizedUrl = null;
            normalizedRequestParameters = null;

            switch (signatureType)
            {
            case SignatureTypes.PLAINTEXT:

                return(Uri.EscapeDataString(string.Format("{0}&{1}", consumerSecret, tokenSecret)));

            case SignatureTypes.HMACSHA1:
                string signatureBase = GenerateSignatureBase(url, consumerKey, token, tokenSecret, httpMethod, timeStamp, nonce, HMACSHA1SignatureType, out normalizedUrl, out normalizedRequestParameters);

                MacAlgorithmProvider hmacsha1 = MacAlgorithmProvider.OpenAlgorithm("HMAC_SHA1");
                //HMACSHA1 hmacsha1 = new HMACSHA1();

                // Create a key to be signed with the message.
                BinaryStringEncoding encoding = BinaryStringEncoding.Utf8;
                IBuffer buffKeyMaterial       = CryptographicBuffer.ConvertStringToBinary(string.Format("{0}&{1}", UrlEncode(consumerSecret), string.IsNullOrEmpty(tokenSecret) ? "" : UrlEncode(tokenSecret)), encoding);

                CryptographicKey hmacKey = hmacsha1.CreateKey(buffKeyMaterial);

                return(GenerateSignatureUsingHash(signatureBase, hmacsha1, hmacKey));

            case SignatureTypes.RSASHA1:
                throw new NotImplementedException();

            default:
                throw new ArgumentException("Unknown signature type", "signatureType");
            }
        }
Beispiel #9
0
        public string Encrypt(string plainText)
        {
            if (string.IsNullOrEmpty(plainText))
            {
                throw new ArgumentNullException("plainText");
            }
            if (string.IsNullOrEmpty(key))
            {
                throw new ArgumentNullException("Key");
            }
            if (string.IsNullOrEmpty(iv))
            {
                throw new ArgumentNullException("IV");
            }

            BinaryStringEncoding encoding = BinaryStringEncoding.Utf8;

            IBuffer          keyBuffer = CryptographicBuffer.ConvertStringToBinary(key, encoding);
            CryptographicKey cryptoKey = alg.CreateSymmetricKey(keyBuffer);
            IBuffer          ivBuffer  = CryptographicBuffer.ConvertStringToBinary(iv, encoding);

            // Add padding so buffer length is multiple of 16
            plainText = PadString(plainText);

            IBuffer inputBuffer     = CryptographicBuffer.ConvertStringToBinary(plainText, encoding);
            IBuffer encryptedBuffer = CryptographicEngine.Encrypt(cryptoKey, inputBuffer, ivBuffer);

            return(CryptographicBuffer.EncodeToHexString(encryptedBuffer));
        }
Beispiel #10
0
        /// <summary>
        /// Write a string terminated with a specific character
        /// </summary>
        /// <param name="writer">DataWriter to write to</param>
        /// <param name="encoding">The string encoding used</param>
        /// <param name="s">The string to write</param>
        /// <param name="terminator">The terminating character</param>
        protected void WTS(DataWriter writer, BinaryStringEncoding encoding, string s, string terminator)
        {
            Encoding enc = GeneralUtils.GetEncodingFromType(encoding);

            byte[] data = enc.GetBytes(s);
            byte[] term = enc.GetBytes(terminator);

            writer.Write(data);
            writer.Write(term);
        }
Beispiel #11
0
        static Cryptographer()
        {
            _targetKeySize = 256;
            _encoding      = BinaryStringEncoding.Utf16LE;

            _keyDerivationAlgorithmName = KeyDerivationAlgorithmNames.Pbkdf2Sha512;
            _iterationCount             = 10000;

            _encryptionAlgorithmName = SymmetricAlgorithmNames.AesCbcPkcs7;
        }
        public async Task <string> UnprotectDataAsync(string strProtect, BinaryStringEncoding encoding)
        {
            DataProtectionProvider provider = new DataProtectionProvider();

            encoding = BinaryStringEncoding.Utf8;
            IBuffer buffProtect = CryptographicBuffer.ConvertStringToBinary(strProtect, encoding);
            IBuffer buffMsg     = await provider.UnprotectAsync(buffProtect);

            return(CryptographicBuffer.ConvertBinaryToString(encoding, buffMsg));
        }
Beispiel #13
0
        /// <summary>
        /// Converts encoding to an encoding object
        /// </summary>
        /// <param name="encoding">The encoding type</param>
        /// <returns>The encoding</returns>
        public static Encoding GetEncodingFromType(BinaryStringEncoding encoding)
        {
            Encoding ret;

            switch (encoding)
            {
            case BinaryStringEncoding.ASCII:
                ret = new BinaryEncoding();
                break;

            case BinaryStringEncoding.UTF16_BE:
                ret = new UnicodeEncoding(true, false);
                break;

            case BinaryStringEncoding.UTF16_LE:
                ret = new UnicodeEncoding(false, false);
                break;

            case BinaryStringEncoding.UTF32_BE:
                ret = new UTF32Encoding(true, false);
                break;

            case BinaryStringEncoding.UTF32_LE:
                ret = new UTF32Encoding(false, false);
                break;

            case BinaryStringEncoding.UTF8:
                ret = new UTF8Encoding();
                break;

            case BinaryStringEncoding.UTF7:
                ret = new UTF7Encoding();
                break;

            case BinaryStringEncoding.EBCDIC_US:
                ret = Encoding.GetEncoding(37);
                break;

            case BinaryStringEncoding.Latin1:
                ret = Encoding.GetEncoding(28591);
                break;

            case BinaryStringEncoding.ShiftJIS:
                ret = Encoding.GetEncoding(932);
                break;

            default:
                ret = Encoding.GetEncoding((int)encoding);
                break;
            }

            return(ret);
        }
Beispiel #14
0
        public static async void ProtectExample()
        {
            // Initialize function arguments.
            String strMsg                 = "This is a message to be protected.";
            String strDescriptor          = "LOCAL=user";
            BinaryStringEncoding encoding = BinaryStringEncoding.Utf8;
            // Protect a message to the local user.
            IBuffer buffProtected = await SampleProtectAsync(strMsg, strDescriptor, encoding);

            // Decrypt the previously protected message.
            String strDecrypted = await SampleUnprotectData(buffProtected, encoding);
        }
Beispiel #15
0
        private async Task <IBuffer> SampleDataProtectionStream(
            String descriptor,
            String strMsg,
            BinaryStringEncoding encoding)
        {
            // Create a DataProtectionProvider object for the specified descriptor.
            DataProtectionProvider Provider = new DataProtectionProvider(descriptor);

            // Convert the input string to a buffer.
            IBuffer buffMsg = CryptographicBuffer.ConvertStringToBinary(strMsg, encoding);

            // Create a random access stream to contain the plaintext message.
            InMemoryRandomAccessStream inputData = new InMemoryRandomAccessStream();

            // Create a random access stream to contain the encrypted message.
            InMemoryRandomAccessStream protectedData = new InMemoryRandomAccessStream();

            // Retrieve an IOutputStream object and fill it with the input (plaintext) data.
            IOutputStream outputStream = inputData.GetOutputStreamAt(0);
            DataWriter    writer       = new DataWriter(outputStream);

            writer.WriteBuffer(buffMsg);
            await writer.StoreAsync();

            await outputStream.FlushAsync();

            // Retrieve an IInputStream object from which you can read the input data.
            IInputStream source = inputData.GetInputStreamAt(0);

            // Retrieve an IOutputStream object and fill it with encrypted data.
            IOutputStream dest = protectedData.GetOutputStreamAt(0);
            await Provider.ProtectStreamAsync(source, dest);

            await dest.FlushAsync();

            //Verify that the protected data does not match the original
            DataReader reader1 = new DataReader(inputData.GetInputStreamAt(0));
            DataReader reader2 = new DataReader(protectedData.GetInputStreamAt(0));
            await reader1.LoadAsync((uint)inputData.Size);

            await reader2.LoadAsync((uint)protectedData.Size);

            IBuffer buffOriginalData  = reader1.ReadBuffer((uint)inputData.Size);
            IBuffer buffProtectedData = reader2.ReadBuffer((uint)protectedData.Size);

            if (CryptographicBuffer.Compare(buffOriginalData, buffProtectedData))
            {
                throw new Exception("ProtectStreamAsync returned unprotected data");
            }

            // Return the encrypted data.
            return(buffProtectedData);
        }
Beispiel #16
0
        public async Task<string> Decrypt(IBuffer buffProtected, BinaryStringEncoding encoding)
        {
            try
            {
                // Create a DataProtectionProvider object.
                DataProtectionProvider Provider = new DataProtectionProvider();

                // Create a random access stream to contain the encrypted message.
                InMemoryRandomAccessStream inputData = new InMemoryRandomAccessStream();

                // Create a random access stream to contain the decrypted data.
                InMemoryRandomAccessStream unprotectedData = new InMemoryRandomAccessStream();

                // Retrieve an IOutputStream object and fill it with the input (encrypted) data.
                IOutputStream outputStream = inputData.GetOutputStreamAt(0);
                DataWriter writer = new DataWriter(outputStream);
                writer.WriteBuffer(buffProtected);
                await writer.StoreAsync();
                await outputStream.FlushAsync();

                // Retrieve an IInputStream object from which you can read the input (encrypted) data.
                IInputStream source = inputData.GetInputStreamAt(0);

                // Retrieve an IOutputStream object and fill it with decrypted data.
                IOutputStream dest = unprotectedData.GetOutputStreamAt(0);
                await Provider.UnprotectStreamAsync(source, dest);
                await dest.FlushAsync();

                // Write the decrypted data to an IBuffer object.
                DataReader reader2 = new DataReader(unprotectedData.GetInputStreamAt(0));
                await reader2.LoadAsync((uint)unprotectedData.Size);
                IBuffer buffUnprotectedData = reader2.ReadBuffer((uint)unprotectedData.Size);

                // Convert the IBuffer object to a string using the same encoding that was
                // used previously to conver the plaintext string (before encryption) to an
                // IBuffer object.
                String strUnprotected = CryptographicBuffer.ConvertBinaryToString(encoding, buffUnprotectedData);

                // Return the decrypted data.
                return strUnprotected;
            }
            catch (Exception ex)
            {
                App.Telemetry.TrackException(ex);
                return "";

            }

        }
Beispiel #17
0
        public static async Task <String> SampleUnprotectData(IBuffer buffProtected, BinaryStringEncoding encoding)
        {
            // Create a DataProtectionProvider object.
            DataProtectionProvider Provider = new DataProtectionProvider();
            // Decrypt the protected message specified on input.
            IBuffer buffUnprotected = await Provider.UnprotectAsync(buffProtected);

            // Execution of the SampleUnprotectData method resumes here
            // after the awaited task (Provider.UnprotectAsync) completes
            // Convert the unprotected message from an IBuffer object to a string.
            String strClearText = CryptographicBuffer.ConvertBinaryToString(encoding, buffUnprotected);

            // Return the plaintext string.
            return(strClearText);
        }
Beispiel #18
0
        private static async Task <String> UnprotectAsync(
            IBuffer buffProtected,
            BinaryStringEncoding encoding = BinaryStringEncoding.Utf8)
        {
            // Create a DataProtectionProvider object.
            var provider = new DataProtectionProvider();

            // Decrypt the protected message specified on input.
            var unprotectedBuffer = await provider.UnprotectAsync(buffProtected);

            // Execution of the SampleUnprotectData method resumes here
            // after the awaited task (Provider.UnprotectAsync) completes
            // Convert the unprotected message from an IBuffer object to a string.
            return(CryptographicBuffer.ConvertBinaryToString(encoding, unprotectedBuffer));
        }
Beispiel #19
0
        /// <summary>
        ///
        /// </summary>
        /// <param name="key"></param>
        /// <param name="data"></param>
        /// <returns></returns>
#if NETFX_CORE
        public static String GenerateSignatureUsingHash(String key, String data)
        {
            MacAlgorithmProvider hash     = MacAlgorithmProvider.OpenAlgorithm(MacAlgorithmNames.HmacSha1);
            BinaryStringEncoding encoding = BinaryStringEncoding.Utf8;
            var     dataBuffer            = CryptographicBuffer.ConvertStringToBinary(data, encoding);
            IBuffer buffKeyMaterial       = CryptographicBuffer.GenerateRandom(hash.MacLength);
            var     hmacKey   = hash.CreateKey(OAuth1Client.GenerateSignatureEncoding.GetBytes(key).AsBuffer());
            var     hashBytes = CryptographicEngine.Sign(hmacKey, dataBuffer);

            // Verify that the HMAC length is correct for the selected algorithm
            if (hashBytes.Length != hash.MacLength)
            {
                throw new Exception("Error computing digest");
            }
            return(Convert.ToBase64String(hashBytes.ToArray()));
        }
Beispiel #20
0
        /// <summary>
        /// Read a string of a fixed length
        /// </summary>
        /// <param name="reader">DataReader to read from</param>
        /// <param name="encoding">The string encoding used</param>
        /// <param name="length">The length of the string to read</param>
        /// <returns>The string read from the stream</returns>
        protected string FixS(DataReader reader, BinaryStringEncoding encoding, int length, int adjustment)
        {
            StringBuilder builder = new StringBuilder();
            int           i       = 0;

            int      len = length + adjustment;
            Encoding enc = GeneralUtils.GetEncodingFromType(encoding);

            while (i < len)
            {
                builder.Append(reader.ReadChar(enc));
                ++i;
            }

            return(builder.ToString());
        }
Beispiel #21
0
        /// <summary>
        /// Este método decodifica un string en base64 con las características de padding especiales.
        /// </summary>
        /// <param name="b64String">cadena con los datos cifrados y con el padding definido</param>
        /// <param name="keyString">clave de descifrado</param>
        /// <returns></returns>
        public static byte[] decriptSpecialDES(string b64String, string keyString)
        {
            byte[] returnData = null;
            string sPadding   = b64String.Substring(0, 2);

            byte[] encoded = Convert.FromBase64String(b64String.Substring(2));
            int    padding = 0;
            bool   intConv = int.TryParse(sPadding.Substring(0, 1), out padding);

            if (!intConv)
            {
                return(returnData);
            }

            //creamos el proveedor de cifrado
            SymmetricKeyAlgorithmProvider symmetricKeyAlgorithmProvider =
                SymmetricKeyAlgorithmProvider.OpenAlgorithm(SymmetricAlgorithmNames.DesEcb);

            // Declaramos el encoding
            BinaryStringEncoding encoding = BinaryStringEncoding.Utf8;
            // Creamos un buffer con el contenido de la clave
            IBuffer buffkey = CryptographicBuffer.ConvertStringToBinary(keyString, encoding);

            //creamos la clave
            CryptographicKey cryptographicKey =
                symmetricKeyAlgorithmProvider.CreateSymmetricKey(buffkey);

            // Creamos un buffer con el contenido a cifrar
            IBuffer dataBuffer = CryptographicBuffer.CreateFromByteArray(encoded);

            //ciframos
            IBuffer cipherTextBuffered = CryptographicEngine.Decrypt(cryptographicKey, dataBuffer, null);

            //Se prepara el contenedor del mensaje cifrado
            byte[] cipherText = new byte[cipherTextBuffered.Length];

            //Se copia el contenido
            CryptographicBuffer.CopyToByteArray(cipherTextBuffered, out cipherText);

            returnData = new byte[cipherText.Length - 8 - padding];
            for (int i = 0; i < cipherText.Length - 8 - padding; i++)
            {
                returnData[i] = cipherText[i];
            }

            return(returnData);
        }
Beispiel #22
0
        public static async Task <String> SampleProtectAsync(
            String strMsg,
            BinaryStringEncoding encoding = BinaryStringEncoding.Utf8)
        {
            // Create a DataProtectionProvider object for the specified descriptor.
            DataProtectionProvider provider = new DataProtectionProvider(strDescriptor);

            // Encode the plaintext input message to a buffer.
            IBuffer buffMsg = CryptographicBuffer.ConvertStringToBinary(strMsg, encoding);

            // Encrypt the message.
            IBuffer buffProtected = await provider.ProtectAsync(buffMsg);

            // Execution of the SampleProtectAsync function resumes here
            // after the awaited task (Provider.ProtectAsync) completes.
            return(CryptographicBuffer.ConvertBinaryToString(BinaryStringEncoding.Utf16BE, buffProtected));
        }
Beispiel #23
0
        public async Task<IBuffer> Encrypt(string descriptor, string strMsg, BinaryStringEncoding encoding)
        {
            // Create a DataProtectionProvider object for the specified descriptor.
            DataProtectionProvider Provider = new DataProtectionProvider(descriptor);

            // Convert the input string to a buffer.
            IBuffer buffMsg = CryptographicBuffer.ConvertStringToBinary(strMsg, encoding);

            // Create a random access stream to contain the plaintext message.
            InMemoryRandomAccessStream inputData = new InMemoryRandomAccessStream();

            // Create a random access stream to contain the encrypted message.
            InMemoryRandomAccessStream protectedData = new InMemoryRandomAccessStream();

            // Retrieve an IOutputStream object and fill it with the input (plaintext) data.
            IOutputStream outputStream = inputData.GetOutputStreamAt(0);
            DataWriter writer = new DataWriter(outputStream);
            writer.WriteBuffer(buffMsg);
            await writer.StoreAsync();
            await outputStream.FlushAsync();

            // Retrieve an IInputStream object from which you can read the input data.
            IInputStream source = inputData.GetInputStreamAt(0);

            // Retrieve an IOutputStream object and fill it with encrypted data.
            IOutputStream dest = protectedData.GetOutputStreamAt(0);
            await Provider.ProtectStreamAsync(source, dest);
            await dest.FlushAsync();

            //Verify that the protected data does not match the original
            DataReader reader1 = new DataReader(inputData.GetInputStreamAt(0));
            DataReader reader2 = new DataReader(protectedData.GetInputStreamAt(0));
            await reader1.LoadAsync((uint)inputData.Size);
            await reader2.LoadAsync((uint)protectedData.Size);
            IBuffer buffOriginalData = reader1.ReadBuffer((uint)inputData.Size);
            IBuffer buffProtectedData = reader2.ReadBuffer((uint)protectedData.Size);

            if (CryptographicBuffer.Compare(buffOriginalData, buffProtectedData))
            {
                throw new Exception("ProtectStreamAsync returned unprotected data");
            }

            // Return the encrypted data.
            return buffProtectedData;
        }
Beispiel #24
0
        private async Task <String> SampleDataUnprotectStream(
            IBuffer buffProtected,
            BinaryStringEncoding encoding)
        {
            // Create a DataProtectionProvider object.
            DataProtectionProvider Provider = new DataProtectionProvider();

            // Create a random access stream to contain the encrypted message.
            InMemoryRandomAccessStream inputData = new InMemoryRandomAccessStream();

            // Create a random access stream to contain the decrypted data.
            InMemoryRandomAccessStream unprotectedData = new InMemoryRandomAccessStream();

            // Retrieve an IOutputStream object and fill it with the input (encrypted) data.
            IOutputStream outputStream = inputData.GetOutputStreamAt(0);
            DataWriter    writer       = new DataWriter(outputStream);

            writer.WriteBuffer(buffProtected);
            await writer.StoreAsync();

            await outputStream.FlushAsync();

            // Retrieve an IInputStream object from which you can read the input (encrypted) data.
            IInputStream source = inputData.GetInputStreamAt(0);

            // Retrieve an IOutputStream object and fill it with decrypted data.
            IOutputStream dest = unprotectedData.GetOutputStreamAt(0);
            await Provider.UnprotectStreamAsync(source, dest);

            await dest.FlushAsync();

            // Write the decrypted data to an IBuffer object.
            DataReader reader2 = new DataReader(unprotectedData.GetInputStreamAt(0));
            await reader2.LoadAsync((uint)unprotectedData.Size);

            IBuffer buffUnprotectedData = reader2.ReadBuffer((uint)unprotectedData.Size);

            // Convert the IBuffer object to a string using the same encoding that was
            // used previously to conver the plaintext string (before encryption) to an
            // IBuffer object.
            String strUnprotected = CryptographicBuffer.ConvertBinaryToString(encoding, buffUnprotectedData);

            // Return the decrypted data.
            return(strUnprotected);
        }
        public static IBuffer CipherEncryption(
            string strMsg,
            string strAlgName,
            out BinaryStringEncoding encoding,
            out IBuffer iv,
            out CryptographicKey key,
            uint keyLength = 128)
        {
            iv       = null; // Initialize the initialization vector because some type encryptions do not need it.
            encoding = BinaryStringEncoding.Utf8;

            IBuffer buffMsg = CryptographicBuffer.ConvertStringToBinary(strMsg, encoding);

            // Open a symmetric algorithm provider for the specified algorithm.
            var objAlg = SymmetricKeyAlgorithmProvider.OpenAlgorithm(strAlgName);

            // Determine whether the message length is a multiple of the block length.
            // This is not necessary for PKCS #7 algorithms which automatically pad the
            // message to an appropriate length.
            if (!strAlgName.Contains("PKCS7"))
            {
                if ((buffMsg.Length % objAlg.BlockLength) != 0)
                {
                    throw new Exception("Message buffer length must be multiple of block length.");
                }
            }

            // Create a symmetric key.
            // IBuffer keyMaterial = CryptographicBuffer.GenerateRandom(keyLength);     // drop it.
            IBuffer keyMaterial = CryptographicBuffer.CreateFromByteArray(CollForKeyAndIv);

            key = objAlg.CreateSymmetricKey(keyMaterial);

            // CBC algorithms require an initialization vector. Here, a random number is used for the vector.
            if (strAlgName.Contains("CBC"))
            {
                //iv = CryptographicBuffer.GenerateRandom(objAlg.BlockLength);   // drop it.
                iv = CryptographicBuffer.CreateFromByteArray(CollForKeyAndIv);
            }

            // Encrypt the data and return.
            IBuffer buffEncrypt = CryptographicEngine.Encrypt(key, buffMsg, iv);

            return(buffEncrypt);
        }
Beispiel #26
0
        public async static Task <string> ProtectAsync(String msg)
        {
            // Create a DataProtectionProvider object for the specified descriptor.
            DataProtectionProvider Provider = new DataProtectionProvider(strDescriptor);

            // Encode the plaintext input message to a buffer.
            BinaryStringEncoding encoding = BinaryStringEncoding.Utf8;
            IBuffer buffMsg = CryptographicBuffer.ConvertStringToBinary(msg, encoding);

            // Encrypt the message.
            IBuffer buffProtected = await Provider.ProtectAsync(buffMsg);

            // Execution of the SampleProtectAsync function resumes here
            // after the awaited task (Provider.ProtectAsync) completes.
            string s = CryptographicBuffer.EncodeToHexString(buffProtected);

            return(s);
        }
        public async Task<String> SampleUnprotectData(
            IBuffer buffProtected,
            BinaryStringEncoding encoding)
        {
            // Create a DataProtectionProvider object.
            DataProtectionProvider Provider = new DataProtectionProvider();

            // Decrypt the protected message specified on input.
            IBuffer buffUnprotected = await Provider.UnprotectAsync(buffProtected);

            // Execution of the SampleUnprotectData method resumes here
            // after the awaited task (Provider.UnprotectAsync) completes
            // Convert the unprotected message from an IBuffer object to a string.
            String strClearText = CryptographicBuffer.ConvertBinaryToString(encoding, buffUnprotected);

            // Return the plaintext string.
            return strClearText;
        }
Beispiel #28
0
        private static async Task <IBuffer> ProtectAsync(
            String strMsg,
            String strDescriptor,
            BinaryStringEncoding encoding = BinaryStringEncoding.Utf8)
        {
            // Create a DataProtectionProvider object for the specified descriptor.
            var provider = new DataProtectionProvider(strDescriptor);

            // Encode the plaintext input message to a buffer.
            encoding = BinaryStringEncoding.Utf8;
            var buffMsg = CryptographicBuffer.ConvertStringToBinary(strMsg, encoding);

            // Encrypt the message.
            var protectedBuffer = await provider.ProtectAsync(buffMsg);

            // Execution of the SampleProtectAsync function resumes here
            // after the awaited task (Provider.ProtectAsync) completes.
            return(protectedBuffer);
        }
        public async Task<IBuffer> SampleProtectAsync(
            String strMsg,
            String strDescriptor,
            BinaryStringEncoding encoding)
        {
            // Create a DataProtectionProvider object for the specified descriptor.
            DataProtectionProvider Provider = new DataProtectionProvider(strDescriptor);

            // Encode the plaintext input message to a buffer.
            encoding = BinaryStringEncoding.Utf8;
            IBuffer buffMsg = CryptographicBuffer.ConvertStringToBinary(strMsg, encoding);

            // Encrypt the message.
            IBuffer buffProtected = await Provider.ProtectAsync(buffMsg);
           
            // Execution of the SampleProtectAsync function resumes here
            // after the awaited task (Provider.ProtectAsync) completes.
            return buffProtected;
        }
Beispiel #30
0
        public void EncryptTest()
        {
            string strMsg                 = string.Empty;              // Message string
            string strAlgName             = string.Empty;              // Algorithm name
            uint   keyLength              = 0;                         // Length of key
            BinaryStringEncoding encoding = BinaryStringEncoding.Utf8; // Binary encoding type

            strAlgName = SymmetricAlgorithmNames.AesCbc;
            keyLength  = 32;
            CryptographicKey key = CryptoHelper.GenerateKey(strAlgName, keyLength);                   // Symmetric Key

            strMsg = "1234567812345678";


            IBuffer buffEncrypted = CryptoHelper.CipherEncryption(strMsg, strAlgName, encoding, key);
            var     actual        = CryptoHelper.CipherDecryption(strAlgName, buffEncrypted, encoding, key);

            Assert.AreEqual(strMsg, actual);
        }
Beispiel #31
0
        /// <summary>
        /// Obtiene los datos cifrados con DES
        /// </summary>
        /// <param name="data">Datos a cifrar</param>
        /// <param name="keyString">clave con la que cifrar</param>
        /// <returns></returns>
        public static byte[] getDES(byte[] data, string keyString)
        {
            //creamos el proveedor de cifrado
            SymmetricKeyAlgorithmProvider symmetricKeyAlgorithmProvider =
                SymmetricKeyAlgorithmProvider.OpenAlgorithm(SymmetricAlgorithmNames.DesEcb);

            // Declaramos el encoding
            BinaryStringEncoding encoding = BinaryStringEncoding.Utf8;
            // Creamos un buffer con el contenido de la clave
            IBuffer buffkey = CryptographicBuffer.ConvertStringToBinary(keyString, encoding);

            //creamos la clave
            CryptographicKey cryptographicKey =
                symmetricKeyAlgorithmProvider.CreateSymmetricKey(buffkey);

            // Creamos un buffer con el contenido a cifrar
            IBuffer dataBuffer = CryptographicBuffer.CreateFromByteArray(data);
            IBuffer dataToSign = dataBuffer;

            if ((data.Length % 8) > 0)
            {
                int    diff = (int)(data.Length % 8);
                byte[] buff = new byte[dataBuffer.Length + (8 - diff)];
                for (int i = 0; i < buff.Length; i++)
                {
                    buff[i] = 0;
                }
                Array.Copy(data, buff, data.Length);
                dataToSign = CryptographicBuffer.CreateFromByteArray(buff);
            }
            //ciframos
            IBuffer cipherTextBuffered = CryptographicEngine.Encrypt(cryptographicKey, dataToSign, null);

            //Se prepara el contenedor del mensaje cifrado
            byte[] cipherText = new byte[cipherTextBuffered.Length];

            //Se copia el contenido
            CryptographicBuffer.CopyToByteArray(cipherTextBuffered, out cipherText);

            //se devuelve el contenido cifrado.
            return(cipherText);
        }
        public static async Task<string> ComputeMd5(IInputStream stream, BinaryStringEncoding encoding = BinaryStringEncoding.Utf8)
        {
            var hashAlgorithmProvider = HashAlgorithmProvider.OpenAlgorithm(HashAlgorithmNames.Md5);
            var hash = hashAlgorithmProvider.CreateHash();
            uint size = 1024*64;
            var buffer = new Buffer(size);
            while (true)
            {
                var x = await stream.ReadAsync(buffer, size, InputStreamOptions.Partial);
                if (x.Length < 1)
                {
                    break;
                }
                hash.Append(x);
            }

            var result = hash.GetValueAndReset();
            var hex = CryptographicBuffer.EncodeToHexString(result);
            return hex;
        }
    public string getSaSToken(string uri, int minUntilExpire)
    {
        string targetUri = Uri.EscapeDataString(uri.ToLower()).ToLower();
        // Add an expiration in seconds to it.
        long expiresOnDate = DateTime.Now.Ticks / TimeSpan.TicksPerMillisecond;

        expiresOnDate += minUntilExpire * 60 * 1000;
        long   expires_seconds = expiresOnDate / 1000;
        String toSign          = targetUri + "\n" + expires_seconds;
        // Generate a HMAC-SHA256 hash or the uri and expiration using your secret key.
        MacAlgorithmProvider macAlgorithmProvider = MacAlgorithmProvider.OpenAlgorithm(MacAlgorithmNames.HmacSha256);
        BinaryStringEncoding encoding             = BinaryStringEncoding.Utf8;
        var              messageBuffer            = CryptographicBuffer.ConvertStringToBinary(toSign, encoding);
        IBuffer          keyBuffer     = CryptographicBuffer.ConvertStringToBinary(SasKeyValue, encoding);
        CryptographicKey hmacKey       = macAlgorithmProvider.CreateKey(keyBuffer);
        IBuffer          signedMessage = CryptographicEngine.Sign(hmacKey, messageBuffer);
        string           signature     = Uri.EscapeDataString(CryptographicBuffer.EncodeToBase64String(signedMessage));

        return("SharedAccessSignature sr=" + targetUri + "&sig=" + signature + "&se=" + expires_seconds + "&skn=" + SasKeyName);
    }
        // Encryption and authentication method
        private void AuthenticatedEncryption(
            String strMsg,
            String strAlgName,
            UInt32 keyLength)
        {
            // Open a SymmetricKeyAlgorithmProvider object for the specified algorithm.
            SymmetricKeyAlgorithmProvider objAlgProv = SymmetricKeyAlgorithmProvider.OpenAlgorithm(strAlgName);

            // Create a buffer that contains the data to be encrypted.
            encoding = BinaryStringEncoding.Utf8;
            IBuffer buffMsg = CryptographicBuffer.ConvertStringToBinary(strMsg, encoding);

            // Generate a symmetric key.
            keyMaterial       = CryptographicBuffer.GenerateRandom(keyLength);
            keyMaterialString = CryptographicBuffer.EncodeToBase64String(keyMaterial);
            key = objAlgProv.CreateSymmetricKey(keyMaterial);

            // Generate a new nonce value.
            buffNonce = GetNonce();

            // Encrypt and authenticate the message.
            EncryptedAndAuthenticatedData objEncrypted = CryptographicEngine.EncryptAndAuthenticate(
                key,
                buffMsg,
                buffNonce,
                null);

            encryptedMessageData       = objEncrypted.EncryptedData;
            authenticationTag          = objEncrypted.AuthenticationTag;
            encryptedMessageDataString = CryptographicBuffer.EncodeToBase64String(encryptedMessageData);
            authenticationTagString    = CryptographicBuffer.EncodeToBase64String(authenticationTag);
            nonceString = CryptographicBuffer.EncodeToBase64String(buffNonce);
            plaintext   = encryptedMessageDataString;
            tag.Text    = authenticationTagString;
            nonce.Text  = nonceString;
        }
Beispiel #35
0
 /// <summary>
 /// 加密字符串
 /// </summary>
 public static IBuffer SampleCipherEncryption(String strMsg, string keyStr, BinaryStringEncoding encoding)
 {
     IBuffer buffMsg = CryptographicBuffer.ConvertStringToBinary(strMsg, encoding);
     return SampleCipherEncryption(buffMsg, keyStr, encoding);
 }
Beispiel #36
0
        /// <summary>
        /// 加密buffer内容
        /// </summary>
        /// <param name="original"></param>
        /// <param name="keyStr"></param>
        /// <param name="encoding"></param>
        /// <returns></returns>
        public static IBuffer SampleCipherEncryption(IBuffer original, string keyStr, BinaryStringEncoding encoding)
        {
            // Initialize the initialization vector.
            // Initialize the binary encoding value.
            //var encoding = BinaryStringEncoding.Utf8;
            // Create a buffer that contains the encoded message to be encrypted. 
            String strAlgName = SymmetricAlgorithmNames.Rc2EcbPkcs7;
            // Open a symmetric algorithm provider for the specified algorithm. 
            SymmetricKeyAlgorithmProvider objAlg = SymmetricKeyAlgorithmProvider.OpenAlgorithm(strAlgName);

            // Determine whether the message length is a multiple of the block length.
            // This is not necessary for PKCS #7 algorithms which automatically pad the
            // message to an appropriate length.
            if (!strAlgName.Contains("PKCS7"))
            {
                if ((original.Length % objAlg.BlockLength) != 0)
                {
                    throw new Exception("Message buffer length must be multiple of block length.");
                }
            }
            // Create a symmetric key.
            var keyMaterial = CryptographicBuffer.ConvertStringToBinary(keyStr, encoding);
            var key = objAlg.CreateSymmetricKey(keyMaterial);

            // CBC algorithms require an initialization vector. Here, a random
            // number is used for the vector.
            //if (strAlgName.Contains("CBC"))
            //{
            //    iv = CryptographicBuffer.GenerateRandom(objAlg.BlockLength);
            //}
            // Encrypt the data and return.
            IBuffer buffEncrypt = CryptographicEngine.Encrypt(key, original, null);
            return buffEncrypt;
        }
 private static string ComputeHash(string str, string hashAlgorithmName, BinaryStringEncoding encoding)
 {
     var buff = CryptographicBuffer.ConvertStringToBinary(str, encoding);
     var hashed = ComputeHashWithBuffer(buff, hashAlgorithmName);
     return CryptographicBuffer.EncodeToHexString(hashed);
 }
        /// <summary>
        /// 对一段 Buffer 根据指定的算法和密钥解密,如果使用 CBC 算法,还需要初始化向量
        /// </summary>
        /// <param name="strAlgName">算法</param>
        /// <param name="buffEncrypt">加密缓冲区</param>
        /// <param name="encoding">编码方式</param>
        /// <param name="key">密钥</param>
        /// /// <param name="iniVec">初始化向量</param>
        /// <returns></returns>
        public static string CipherDecryption(string strAlgName, IBuffer buffEncrypt,
            BinaryStringEncoding encoding, CryptographicKey key, IBuffer iniVec = null)
        {
            // Declare a buffer to contain the decrypted data.
            IBuffer buffDecrypted;

            // Open an symmetric algorithm provider for the specified algorithm. 
            SymmetricKeyAlgorithmProvider objAlg = SymmetricKeyAlgorithmProvider.OpenAlgorithm(strAlgName);

            // The input key must be securely shared between the sender of the encrypted message
            // and the recipient. The initialization vector must also be shared but does not
            // need to be shared in a secure manner. If the sender encodes a message string 
            // to a buffer, the binary encoding method must also be shared with the recipient.
            buffDecrypted = CryptographicEngine.Decrypt(key, buffEncrypt, iniVec);

            // Convert the decrypted buffer to a string (for display). If the sender created the
            // original message buffer from a string, the sender must tell the recipient what 
            // BinaryStringEncoding value was used. Here, BinaryStringEncoding.Utf8 is used to
            // convert the message to a buffer before encryption and to convert the decrypted
            // buffer back to the original plaintext.
            return ToString(encoding, buffDecrypted);
        }
Beispiel #39
0
 public static Windows.Storage.Streams.IBuffer ConvertStringToBinary(string value, BinaryStringEncoding encoding) => throw null;
 public static string ToString(BinaryStringEncoding encoding, IBuffer buff)
 {
     return CryptographicBuffer.ConvertBinaryToString(encoding, buff);
 }
 public static string ComputeSha256(string str, BinaryStringEncoding encoding = BinaryStringEncoding.Utf8)
 {
     return ComputeHash(str, HashAlgorithmNames.Sha256, encoding);
 }
Beispiel #42
0
 public static IBuffer ConvertToBuffer(this string stringToConvert, BinaryStringEncoding encoding = BinaryStringEncoding.Utf8)
 {
     return(CryptographicBuffer.ConvertStringToBinary(stringToConvert, encoding));
 }
Beispiel #43
0
 public static string ToString(BinaryStringEncoding encoding, IBuffer buff)
 {
     return(CryptographicBuffer.ConvertBinaryToString(encoding, buff));
 }
Beispiel #44
0
        /// <summary>
        /// 解密字符串
        /// </summary>
        /// <param name="strAlgName"></param>
        /// <param name="buffEncrypt"></param>
        /// <param name="iv"></param>
        /// <param name="encoding"></param>
        /// <param name="key"></param>
        /// <returns></returns>
        public static IBuffer SampleCipherDecryption(IBuffer buffEncrypt, string keyStr, BinaryStringEncoding encoding)
        {
            // Declare a buffer to contain the decrypted data.
            IBuffer buffDecrypted;
            String strAlgName = SymmetricAlgorithmNames.Rc2EcbPkcs7;
            // Open an symmetric algorithm provider for the specified algorithm. 
            SymmetricKeyAlgorithmProvider objAlg = SymmetricKeyAlgorithmProvider.OpenAlgorithm(strAlgName);
            var keyMaterial = CryptographicBuffer.ConvertStringToBinary(keyStr, encoding);
            var key = objAlg.CreateSymmetricKey(keyMaterial);
            // The input key must be securely shared between the sender of the encrypted message
            // and the recipient. The initialization vector must also be shared but does not
            // need to be shared in a secure manner. If the sender encodes a message string 
            // to a buffer, the binary encoding method must also be shared with the recipient.
            buffDecrypted = CryptographicEngine.Decrypt(key, buffEncrypt, null);

            // Convert the decrypted buffer to a string (for display). If the sender created the
            // original message buffer from a string, the sender must tell the recipient what 
            // BinaryStringEncoding value was used. Here, BinaryStringEncoding.Utf8 is used to
            // convert the message to a buffer before encryption and to convert the decrypted
            // buffer back to the original plaintext.
            //String strDecrypted = CryptographicBuffer.ConvertBinaryToString(encoding, buffDecrypted);
            return buffDecrypted;
        }