private CommandBuilder(Connection connection, byte[] receivedBuffer)
{
m_ReceivedBuffer = receivedBuffer;
MemoryStream command = new MemoryStream(m_ReceivedBuffer);
byte[] header = new byte[Encoding.ASCII.GetByteCount(Constants.Protocol)];
command.Read(header, 0, header.Length);
if (!Encoding.ASCII.GetString(header).Equals(Constants.Protocol))
throw new InvalidDataException();
m_EncryptionMethod = (EncryptionMethod)command.ReadByte();
byte[] encryptedDataLength = new byte[2];
command.Read(encryptedDataLength, 0, encryptedDataLength.Length);
byte[] encryptedData = new byte[BitConverter.ToUInt16(encryptedDataLength, 0)];
if (encryptedData.Length > command.Position + encryptedData.Length)
throw new InvalidDataException();
command.Read(encryptedData, 0, encryptedData.Length);
switch (m_EncryptionMethod)
{
case EncryptionMethod.None:
m_CommandData = new MemoryStream(encryptedData);
break;
case EncryptionMethod.Rijndael:
m_CommandData = new MemoryStream(Core.RijndaelDecrypt(connection.ReceivingKey, encryptedData));
break;
case EncryptionMethod.RSA:
m_CommandData = new MemoryStream(Core.RSADecrypt(encryptedData));
break;
default:
throw new InvalidDataException();
}
}
private static ISignatureGenerator GetGeneratorForMethod(EncryptionMethod signMethod)
{
if (_instancedGenerators.ContainsKey(signMethod))
{
return _instancedGenerators[signMethod];
}
else
{
Type signType = signMethod.GetSignatureType();
ISignatureGenerator instancedType = Activator.CreateInstance(signType) as ISignatureGenerator;
_instancedGenerators.Add(signMethod, instancedType);
return instancedType;
}
}
public void SetEncryptionMethod(EncryptionMethod method)
{
if (!Enum.IsDefined(typeof(EncryptionMethod), method))
{
throw new InvalidEnumArgumentException();
}
KnownSevenZipFormat knownFormat = this.KnownFormat;
if (knownFormat != KnownSevenZipFormat.SevenZip)
{
if (knownFormat != KnownSevenZipFormat.Zip)
{
throw new NotSupportedException();
}
}
else
{
if (method != EncryptionMethod.AES256)
{
throw new NotSupportedException();
}
return;
}
this.Properties["em"] = method.ToString();
}
public static byte[] Encrypt(string data, string passphrase, EncryptionMethod encryptionMethod, Encoding encoding)
{
return(GetEncryptionEngine(encryptionMethod).Encrypt(new System.Text.UTF8Encoding().GetBytes(data), passphrase, encoding));
}
public static byte[] Encrypt(byte[] data, string passphrase, EncryptionMethod encryptionMethod, Encoding encoding)
{
return(GetEncryptionEngine(encryptionMethod).Encrypt(data, passphrase, encoding));
}
public static byte[] Encrypt(byte[] data, string passphrase, EncryptionMethod encryptionMethod)
{
return(Encrypt(data, passphrase, encryptionMethod, GetDefaultEncoding()));
}
public EncryptAttribute(EncryptionMethod encryptionMethod, EncryptionClassification encryptionClassification)
{
EncryptionMethod = encryptionMethod;
EncryptionClassification = encryptionClassification;
}
public string EncryptionMethodConverter(EncryptionMethod src, Language lang) => Convert <string>(new EncryptionMethodConverter(), src, lang);
public static void Encrypt(Stream toEncrypt, RsaKeyParameters key, out KeyInfo keyInfo, out EncryptionMethod encryptionMethod, out CipherData cipherData)
{
var random = new SecureRandom();
var keyData = new byte[128 / 8];
var ivData = new byte[128 / 8];
random.NextBytes(ivData);
random.NextBytes(keyData);
var sessionKey = new ParametersWithIV(new KeyParameter(keyData), ivData);
encryptionMethod = new EncryptionMethod(EncryptedXml.XmlEncAES128Url);
keyInfo = new KeyInfo();
EncryptedKey encKey;
keyInfo.AddClause(
new KeyInfoEncryptedKey(
encKey = new EncryptedKey()
{
CipherData = new CipherData(EncryptedXml.EncryptKey(keyData, key, useOAEP: true)),
EncryptionMethod = new EncryptionMethod(EncryptedXml.XmlEncRSAOAEPUrl)
}));
encKey.KeyInfo.AddClause(new RSAKeyValue(key));
byte[] dataToEncrypt = new byte[toEncrypt.Length];
toEncrypt.Read(dataToEncrypt, 0, (int)toEncrypt.Length);
var encryptedXml = new EncryptedXml();
encryptedXml.Padding = "PKCS7";
encryptedXml.Mode = "CBC";
byte[] encryptedData = encryptedXml.EncryptData(dataToEncrypt, sessionKey);
cipherData = new CipherData(encryptedData);
}
public void GetXml(EncryptionMethod method, string xml)
{
XmlElement element = method.GetXml();
Assert.Equal(xml, element.OuterXml);
}
internal ConfigLeafNode(dynamic v, KeyType key, ConfigNode parent, EncryptionMethod em)
: base(key, parent)
{
_state = em == EncryptionMethod.DPAPI_MACHINE ?
(ILeafNodeState) new DPAPIMachineState(v, true) : new DPAPIUserState(v, true);
}
public Stream Decrypt(EncryptionMethod encryptionMethod, KeyInfo keyInfo, Stream toDecrypt)
{
Assert.NotNull(encryptionMethod);
Assert.NotNull(keyInfo);
Assert.NotNull(toDecrypt);
Assert.True(encryptionMethod.KeyAlgorithm == EncryptedXml.XmlEncAES128Url ||
encryptionMethod.KeyAlgorithm == EncryptedXml.XmlEncAES192Url ||
encryptionMethod.KeyAlgorithm == EncryptedXml.XmlEncAES256Url);
Assert.Equal(keyInfo.Count, 1);
byte[] decryptedKey = null;
foreach (KeyInfoClause clause in keyInfo)
{
if (clause is KeyInfoEncryptedKey)
{
KeyInfoEncryptedKey encryptedKeyInfo = clause as KeyInfoEncryptedKey;
EncryptedKey encryptedKey = encryptedKeyInfo.EncryptedKey;
Assert.Equal(encryptedKey.EncryptionMethod.KeyAlgorithm, EncryptedXml.XmlEncRSAOAEPUrl);
Assert.Equal(encryptedKey.KeyInfo.Count, 1);
Assert.NotEqual(_asymmetricKeys.Count, 0);
RsaKeyParameters rsaParams = null;
RsaKeyParameters rsaInputParams = null;
foreach (KeyInfoClause rsa in encryptedKey.KeyInfo)
{
if (rsa is RSAKeyValue)
{
rsaParams = (rsa as RSAKeyValue).Key;
break;
}
else
{
Assert.True(false, "Invalid License - MalformedKeyInfoClause");
}
}
bool keyMismatch = true;
foreach (AsymmetricCipherKeyPair key in _asymmetricKeys)
{
RsaKeyParameters rsaKey = key.Private as RsaKeyParameters;
Assert.NotNull(rsaKey);
rsaInputParams = key.Public as RsaKeyParameters;
Assert.NotNull(rsaInputParams);
if (!PublicKeysEqual(rsaParams, rsaInputParams))
{
continue;
}
keyMismatch = false;
// Decrypt session key
byte[] encryptedKeyValue = encryptedKey.CipherData.CipherValue;
if (encryptedKeyValue == null)
{
throw new System.Security.Cryptography.CryptographicException("MissingKeyCipher");
}
decryptedKey = EncryptedXml.DecryptKey(encryptedKeyValue,
rsaKey, true);
break;
}
if (keyMismatch)
{
throw new Exception("Invalid License - AsymmetricKeyMismatch");
}
}
else if (clause is KeyInfoName)
{
Assert.True(false, "This test should not have KeyInfoName clauses");
}
else
{
throw new System.Security.Cryptography.CryptographicException("MalformedKeyInfoClause");
}
break;
}
if (decryptedKey == null)
{
throw new System.Security.Cryptography.CryptographicException("KeyDecryptionFailure");
}
return(DecryptStream(toDecrypt, new KeyParameter(decryptedKey), "AES/CBC/PKCS7"));
}
public static ICipher CreateCipher(EncryptionMethod encrypt)
{
return Dict[encrypt].Value;
}
public CommandBuilder(EncryptionMethod encryptionMethod, byte commandCode)
{
m_EncryptionMethod = encryptionMethod;
m_CommandData = new MemoryStream();
m_CommandCode = commandCode;
}
/// <summary>
/// Wraps around the fastEncryptionProvider and the given stream and rebounds data.
/// </summary>
/// <param name="InternalStream"></param>
/// <param name="EM">It's recommended to use XXTEA, it's the most secure and fastest method.</param>
/// <param name="Key">Key has to be 4 words long</param>
/// <exception cref="T:System.AccessViolationException">No access is granted when an instance of this class is already active.</exception>
public FastEncryptorStream(Stream InternalStream, EncryptionMethod EM, uint[] Key)
{
internalStream = InternalStream;
FastEncryptionProvider.Init(Key, EM);
}
public SocketEncryption(EncryptionMethod method)
{
Method = method;
}
public SocketEncryption()
{
Method = new DefaultEncryption();
}
public EncryptAttribute(string encryptionSaltKey, EncryptionMethod encryptionMethod, StringCase @case = StringCase.None)
{
EncryptionSaltKey = encryptionSaltKey;
EncryptionMethod = encryptionMethod;
Case = @case;
}
private string Write167_EncryptionMethod(EncryptionMethod v)
{
switch (v)
{
case EncryptionMethod.AES256:
return "AES256";
case EncryptionMethod.ZipCrypto:
return "ZipCrypto";
}
long num = (long) v;
throw base.CreateInvalidEnumValueException(num.ToString(CultureInfo.InvariantCulture), "Nomad.FileSystem.Archive.SevenZip.EncryptionMethod");
}
public Stream Decrypt(EncryptionMethod encryptionMethod, KeyInfo keyInfo, Stream toDecrypt)
{
Assert.NotNull(encryptionMethod);
Assert.NotNull(keyInfo);
Assert.NotNull(toDecrypt);
Assert.True(encryptionMethod.KeyAlgorithm == EncryptedXml.XmlEncAES128Url ||
encryptionMethod.KeyAlgorithm == EncryptedXml.XmlEncAES192Url ||
encryptionMethod.KeyAlgorithm == EncryptedXml.XmlEncAES256Url);
Assert.Equal(1, keyInfo.Count);
byte[] decryptedKey = null;
foreach (KeyInfoClause clause in keyInfo)
{
if (clause is KeyInfoEncryptedKey)
{
KeyInfoEncryptedKey encryptedKeyInfo = clause as KeyInfoEncryptedKey;
EncryptedKey encryptedKey = encryptedKeyInfo.EncryptedKey;
Assert.Equal(encryptedKey.EncryptionMethod.KeyAlgorithm, EncryptedXml.XmlEncRSAOAEPUrl);
Assert.Equal(1, encryptedKey.KeyInfo.Count);
Assert.NotEqual(0, _asymmetricKeys.Count);
RSAParameters rsaParams = new RSAParameters();
RSAParameters rsaInputParams = new RSAParameters();
foreach (KeyInfoClause rsa in encryptedKey.KeyInfo)
{
if (rsa is RSAKeyValue)
{
rsaParams = (rsa as RSAKeyValue).Key.ExportParameters(false);
break;
}
else
{
Assert.True(false, "Invalid License - MalformedKeyInfoClause");
}
}
bool keyMismatch = true;
foreach (AsymmetricAlgorithm key in _asymmetricKeys)
{
RSA rsaKey = key as RSA;
Assert.NotNull(rsaKey);
rsaInputParams = rsaKey.ExportParameters(false);
if (!PublicKeysEqual(rsaParams, rsaInputParams))
{
continue;
}
keyMismatch = false;
// Decrypt session key
byte[] encryptedKeyValue = encryptedKey.CipherData.CipherValue;
if (encryptedKeyValue == null)
{
throw new CryptographicException("MissingKeyCipher");
}
decryptedKey = EncryptedXml.DecryptKey(encryptedKeyValue,
rsaKey, true);
break;
}
if (keyMismatch)
{
throw new Exception("Invalid License - AsymmetricKeyMismatch");
}
}
else if (clause is KeyInfoName)
{
Assert.True(false, "This test should not have KeyInfoName clauses");
}
else
{
throw new CryptographicException("MalformedKeyInfoClause");
}
break;
}
if (decryptedKey == null)
{
throw new CryptographicException("KeyDecryptionFailure");
}
using (Aes aes = Aes.Create())
{
aes.Key = decryptedKey;
aes.Padding = PaddingMode.PKCS7;
aes.Mode = CipherMode.CBC;
return(DecryptStream(toDecrypt, aes));
}
}
public void GetXml_FromConstructor_DoesntCacheXml()
{
EncryptionMethod method = new EncryptionMethod();
Assert.NotSame(method.GetXml(), method.GetXml());
}
public static string CreateSignature(EncryptionMethod signMethod, string baseString, string key)
{
return GetGeneratorForMethod(signMethod).Generate(baseString.Trim(), key.Trim());
}
public void KeySize_SetNegativeValue_ThrowsArgumentOutOfRangeException(int value)
{
EncryptionMethod method = new EncryptionMethod();
AssertExtensions.Throws <ArgumentOutOfRangeException>("value", null, () => method.KeySize = value);
}
/// <summary>
/// Set the encryption method that should be used for this request.
/// </summary>
/// <param name="enc">A <see cref="EncryptionMethod"/></param>
/// <returns>Itself to chain.</returns>
/// <remarks>This is equivalent to setting <see cref="OAuthRequestWrapper.SigningMethod"/>. If it is not set,
/// the default is to use <see cref="EncryptionMethod.HMACSHA1"/>.</remarks>
public OAuthRequestWrapper WithEncryption(EncryptionMethod enc)
{
SigningMethod = enc;
return this;
}
public CommandBuilder(EncryptionMethod encryptionMethod, byte commandCode)
{
m_EncryptionMethod = encryptionMethod;
m_CommandData = new MemoryStream();
m_CommandCode = commandCode;
}
