internal static byte[] ChachaEncrypt(byte[] data, ref byte[] key, ref byte[] iv)
{
ChaChaEngine engine = new ChaChaEngine();
key = key ?? RandomUtils.GetBytes(ChachaKeySize);
iv = iv ?? RandomUtils.GetBytes(ChachaKeySize / 2);
engine.Init(true, new ParametersWithIV(new KeyParameter(key), iv));
byte[] result = new byte[iv.Length + data.Length];
Array.Copy(iv, result, iv.Length);
engine.ProcessBytes(data, 0, data.Length, result, iv.Length);
return(result);
}
/// <summary>
/// Decrypt data with ChaCha20
/// </summary>
/// <param name="data">Data to decrypt</param>
/// <param name="key">Key</param>
/// <param name="nonce">Nonce</param>
/// <returns>Decrypted data</returns>
public static byte[] Decrypt(byte[] data, byte[] key, byte[] nonce)
{
byte[] dec = new byte[data.Length];
ChaChaEngine engine = new ChaChaEngine();
ParametersWithIV parameters = new ParametersWithIV(new KeyParameter(key, 0, key.Length), nonce, 0, nonce.Length);
engine.Init(false, parameters);
engine.ProcessBytes(data, 0, data.Length, dec, 0);
return(dec);
}
protected virtual KeyParameter InitRecordMac(ChaChaEngine cipher, bool forEncryption, long seqNo)
{
byte[] array = new byte[8];
TlsUtilities.WriteUint64(seqNo, array, 0);
cipher.Init(forEncryption, new ParametersWithIV(null, array));
byte[] array2 = new byte[64];
cipher.ProcessBytes(array2, 0, array2.Length, array2, 0);
Array.Copy(array2, 0, array2, 32, 16);
KeyParameter keyParameter = new KeyParameter(array2, 16, 32);
Poly1305KeyGenerator.Clamp(keyParameter.GetKey());
return(keyParameter);
}
public byte[] Encrypt(byte[] data)
{
ChaChaEngine chacha = new ChaChaEngine();
byte[] iv = new byte[8];
chacha.Init(true, new ParametersWithIV(_key, iv));
byte[] output = new byte[data.Length + iv.Length];
Array.Copy(iv, output, iv.Length);
chacha.ProcessBytes(data, 0, data.Length, output, iv.Length);
return(output);
}
protected virtual KeyParameter InitRecordMac(ChaChaEngine cipher, bool forEncryption, long seqNo)
{
byte[] nonce = new byte[8];
TlsUtilities.WriteUint64(seqNo, nonce, 0);
cipher.Init(forEncryption, new ParametersWithIV(null, nonce));
byte[] firstBlock = new byte[64];
cipher.ProcessBytes(firstBlock, 0, firstBlock.Length, firstBlock, 0);
// NOTE: The BC implementation puts 'r' after 'k'
Array.Copy(firstBlock, 0, firstBlock, 32, 16);
KeyParameter macKey = new KeyParameter(firstBlock, 16, 32);
Poly1305KeyGenerator.Clamp(macKey.GetKey());
return(macKey);
}
/// <summary>
/// Decloak the given buffer and return the valid Packet from it
/// </summary>
/// <param name="buffer">A cloaked packet buffer.</param>
static public Packet Decloak(byte[] buffer)
{
if (buffer.Length < 8 || buffer [0] == 0)
{
return(Packet.DecodePacket(buffer));
}
byte[] nonce = buffer.Take(8).ToArray();
var parms = new ParametersWithIV(new KeyParameter(cloakKey), nonce);
var chacha = new ChaChaEngine(20);
chacha.Init(false, parms);
byte[] outBuff = new byte[buffer.Length - 8];
chacha.ProcessBytes(buffer, 8, buffer.Length - 8, outBuff, 0);
return(Decloak(outBuff));
}
static byte[] DecryptStatic(byte[] src, out byte[] iv)
{
var key = new byte[] {
0xD3, 0x61, 0x57, 0x17, 0xE2, 0x16, 0x3F, 0x70, 0xAC, 0x69, 0x51, 0xB2, 0x7D, 0x7A, 0x0B, 0x86,
0xD8, 0xE9, 0x3E, 0x16, 0xEA, 0xBF, 0x63, 0x2F, 0xDF, 0xBC, 0xC0, 0x0A, 0x1D, 0x3D, 0x62, 0xD6
};
iv = new byte[8];
Array.Copy(src, iv, 8);
var cce = new ChaChaEngine();
cce.Init(false, new ParametersWithIV(new KeyParameter(key), iv));
var bsc = new BufferedStreamCipher(cce);
return(bsc.ProcessBytes(src, 8, src.Length - 8));
}
private void chachaTest2(
ICipherParameters parameters,
string v0,
string v65472,
string v65536)
{
IStreamCipher salsa = new ChaChaEngine();
byte[] buf = new byte[64];
salsa.Init(true, parameters);
for (int i = 0; i != 1025; i++)
{
salsa.ProcessBytes(zeroes, 0, 64, buf, 0);
switch (i)
{
case 0:
if (!AreEqual(buf, Hex.Decode(v0)))
{
mismatch("v0", v0, buf);
}
break;
case 1023:
if (!AreEqual(buf, Hex.Decode(v65472)))
{
mismatch("v65472", v65472, buf);
}
break;
case 1024:
if (!AreEqual(buf, Hex.Decode(v65536)))
{
mismatch("v65536", v65536, buf);
}
break;
default:
// ignore
break;
}
}
}
// Encrypt data using Chacha engine
public byte[] encryptWithChacha(byte[] input, byte[] key)
{
// Create a buffer that will contain the encrypted output and an 8 byte nonce
byte[] outData = new byte[input.Length + 8];
// Generate the 8 byte nonce
byte[] nonce = new byte[8];
using (RNGCryptoServiceProvider rngCsp = new RNGCryptoServiceProvider())
{
// Fill the array with a random value.
rngCsp.GetBytes(nonce);
}
// Prevent leading 0 to avoid edge cases
if (nonce[0] == 0)
{
nonce[0] = 1;
}
// Generate the Chacha engine
var parms = new ParametersWithIV(new KeyParameter(key), nonce);
var chacha = new ChaChaEngine(chacha_rounds);
try
{
chacha.Init(true, parms);
}
catch (Exception e)
{
Logging.error(string.Format("Error in chacha encryption. {0}", e.ToString()));
return(null);
}
// Encrypt the input data while maintaing an 8 byte offset at the start
chacha.ProcessBytes(input, 0, input.Length, outData, 8);
// Copy the 8 byte nonce to the start of outData buffer
Buffer.BlockCopy(nonce, 0, outData, 0, 8);
// Return the encrypted data buffer
return(outData);
}
// Decrypt data using Chacha engine
public byte[] decryptWithChacha(byte[] input, byte[] key)
{
// Extract the nonce from the input
byte[] nonce = input.Take(8).ToArray();
// Generate the Chacha engine
var parms = new ParametersWithIV(new KeyParameter(key), nonce);
var chacha = new ChaChaEngine(chacha_rounds);
chacha.Init(false, parms);
// Create a buffer that will contain the decrypted output
byte[] outData = new byte[input.Length - 8];
// Decrypt the input data
chacha.ProcessBytes(input, 8, input.Length - 8, outData, 0);
// Return the decrypted data buffer
return(outData);
}
private static byte[] DoChaCha20(byte[] input, byte[] key, byte[] iv, bool encrypt)
{
if (key.Length != 16)
{
throw new Exception();
}
if (iv.Length != 8)
{
throw new Exception();
}
var buf = new byte[input.Length];
var salsa = new ChaChaEngine(Rounds);
ICipherParameters parameters = new ParametersWithIV(new KeyParameter(key), iv);
salsa.Init(encrypt, parameters);
salsa.ProcessBytes(input, 0, input.Length, buf, 0);
return(buf);
}