private void init()
{
this.mode = new SicBlockCipher(new AesFastEngine());
// si las claves de encriptación no han sido inicializadas, las calculamos y las almacenamos en los valores estáticos.
if (ClavesTokenizador.EncriptIV == null)
{
byte[] _salt = Encoding.UTF8.GetBytes(ConfigurationManager.AppSettings["Seguridad.Sal"]);
System.Security.Cryptography.RijndaelManaged aesAlg = null;
try
{
// Calculamos los valores de las claves de encriptación para ser usadas en el algoritmo
System.Security.Cryptography.Rfc2898DeriveBytes key = new System.Security.Cryptography.Rfc2898DeriveBytes(ConfigurationManager.AppSettings["Seguridad.Secreto"], _salt);
aesAlg = new System.Security.Cryptography.RijndaelManaged();
this.key = key.GetBytes(aesAlg.KeySize / 8);
this.iv = key.GetBytes(aesAlg.BlockSize / 8);
// Asignamos las variables de claves de ecnriptación a memoria
ClavesTokenizador.EncriptKey = this.key;
ClavesTokenizador.EncriptKey = this.iv;
}
catch
{
};
}
else
{
// Obtenemos las variables de las claves del tokenizador de memoria
this.key = ClavesTokenizador.EncriptKey;
this.iv = ClavesTokenizador.EncriptIV;
}
}
public Packet ChannelDecrypt(ICipherSetRemoteInfo channelInfo, Packet outer)
{
// We gotta have the primary components and something to decrypt
if (outer.Body.Length < 25)
{
return(null);
}
var ci = (CS1ARemoteInfo)channelInfo;
// Rip apart our packet
byte[] token = outer.Body.Take(16).ToArray();
byte[] iv = outer.Body.Skip(16).Take(4).ToArray();
byte[] encryptedData = outer.Body.Skip(20).Take(outer.Body.Length - 24).ToArray();
byte[] dataMac = outer.Body.Skip(outer.Body.Length - 4).Take(4).ToArray();
// Make sure we're on the right channel
if (!token.SequenceEqual(ci.Token))
{
return(null);
}
// Validate us some hmac
byte[] hmacKey = new byte[20];
Buffer.BlockCopy(ci.DecryptionKey, 0, hmacKey, 0, 16);
Buffer.BlockCopy(iv, 0, hmacKey, 16, 4);
var hmac = new HMac(new Sha256Digest());
hmac.Init(new KeyParameter(hmacKey));
hmac.BlockUpdate(encryptedData, 0, encryptedData.Length);
byte[] mac = new byte[hmac.GetMacSize()];
hmac.DoFinal(mac, 0);
var foldedMac = Helpers.Fold(mac, 3);
if (!foldedMac.SequenceEqual(dataMac))
{
// Get out of here with your bad data
return(null);
}
// Everything seems ok. Get it decrypted
byte[] aesIV = new byte[16];
Buffer.BlockCopy(iv, 0, aesIV, 0, 4);
Array.Clear(aesIV, 4, 12);
var cipher = new SicBlockCipher(new AesFastEngine());
var parameters = new ParametersWithIV(new KeyParameter(ci.DecryptionKey), aesIV);
cipher.Init(false, parameters);
var decryptedData = new byte[encryptedData.Length];
BufferedBlockCipher bufferCipher = new BufferedBlockCipher(cipher);
var offset = bufferCipher.ProcessBytes(encryptedData, decryptedData, 0);
bufferCipher.DoFinal(decryptedData, offset);
// Build a packet and ship it off
return(Packet.DecodePacket(decryptedData));
}
public EaxBlockCipher(IBlockCipher cipher)
{
blockSize = cipher.GetBlockSize();
mac = new CMac(cipher);
macBlock = new byte[blockSize];
associatedTextMac = new byte[mac.GetMacSize()];
nonceMac = new byte[mac.GetMacSize()];
this.cipher = new SicBlockCipher(cipher);
}
public SicStreamCipher(SicBlockCipher parent)
{
this.parent = parent;
this.blockSize = parent.GetBlockSize();
this.zeroBlock = new byte[blockSize];
this.blockBuffer = new byte[blockSize];
// indicates that no bytes are available: lazy generation of counter blocks (they may not be needed)
this.processed = blockSize;
}
internal static IBufferedCipher CreateBufferedCipher(string name, AlgorithmMode algorithmMode, IParametersWithIV <IParameters <Algorithm>, Algorithm> parameters, bool forEncryption, IEngineProvider <Internal.IBlockCipher> cipherProvider)
{
Internal.IBlockCipher baseCipher = cipherProvider.CreateEngine(GetUsage(forEncryption, algorithmMode));
Internal.IBlockCipher cipher;
switch (algorithmMode)
{
case AlgorithmMode.CBC:
cipher = new CbcBlockCipher(baseCipher);
break;
case AlgorithmMode.CS1:
return(new NistCtsBlockCipher(NistCtsBlockCipher.CS1, baseCipher));
case AlgorithmMode.CS2:
return(new NistCtsBlockCipher(NistCtsBlockCipher.CS2, baseCipher));
case AlgorithmMode.CS3:
return(new NistCtsBlockCipher(NistCtsBlockCipher.CS3, baseCipher));
case AlgorithmMode.CFB8:
cipher = new CfbBlockCipher(baseCipher, 8);
break;
case AlgorithmMode.CFB64:
cipher = new CfbBlockCipher(baseCipher, 64);
break;
case AlgorithmMode.CFB128:
cipher = new CfbBlockCipher(baseCipher, 128);
break;
case AlgorithmMode.OpenPGPCFB:
cipher = new OpenPgpCfbBlockCipher(baseCipher);
break;
case AlgorithmMode.OFB64:
cipher = new OfbBlockCipher(baseCipher, 64);
break;
case AlgorithmMode.OFB128:
cipher = new OfbBlockCipher(baseCipher, 128);
break;
case AlgorithmMode.CTR:
cipher = new SicBlockCipher(baseCipher);
break;
default:
throw new ArgumentException("Unknown algorithm mode passed to " + name + ".Provider: " + algorithmMode);
}
return(new BufferedBlockCipher(cipher));
}
/// <summary>
/// Buisl a BlockCipher with a mode
/// </summary>
/// <param name="blockCipher">BlockCipher loaded with the algorithm Engine</param>
/// <param name="mode">SymmetricBlockModes enum, mode name</param>
/// <returns>BlockCipher with mode loaded</returns>
private IBlockCipher getCipherMode(IBlockCipher blockCipher, SymmetricBlockMode mode)
{
IBlockCipher bc = null;
switch (mode)
{
case SymmetricBlockMode.ECB:
case SymmetricBlockMode.NONE:
bc = blockCipher;
break;
case SymmetricBlockMode.CBC:
bc = new CbcBlockCipher(blockCipher);
break;
case SymmetricBlockMode.CFB:
bc = new CfbBlockCipher(blockCipher, blockCipher.GetBlockSize());
break;
case SymmetricBlockMode.CTR:
bc = new SicBlockCipher(blockCipher);
break;
case SymmetricBlockMode.CTS:
bc = new CbcBlockCipher(blockCipher);
break;
case SymmetricBlockMode.GOFB:
bc = new GOfbBlockCipher(blockCipher);
break;
case SymmetricBlockMode.OFB:
bc = new OfbBlockCipher(blockCipher, blockCipher.GetBlockSize());
break;
case SymmetricBlockMode.OPENPGPCFB:
bc = new OpenPgpCfbBlockCipher(blockCipher);
break;
case SymmetricBlockMode.SIC:
if (blockCipher.GetBlockSize() < 16)
{
this.error.setError("SB016",
"Warning: SIC-Mode can become a twotime-pad if the blocksize of the cipher is too small. Use a cipher with a block size of at least 128 bits (e.g. AES)");
}
blockCipher = new SicBlockCipher(blockCipher);
break;
}
return(bc);
}
public Packet ChannelEncrypt(ICipherSetRemoteInfo channelInfo, Packet inner)
{
var ci = (CS1ARemoteInfo)channelInfo;
// TODO: Validate we don't care about endianess of IV here
// Setup and encrypt the actual data
byte[] aesIV = new byte[16];
Buffer.BlockCopy(BitConverter.GetBytes(ci.IV), 0, aesIV, 0, 4);
Array.Clear(aesIV, 4, 12);
var cipher = new SicBlockCipher(new AesFastEngine());
var parameters = new ParametersWithIV(new KeyParameter(ci.EncryptionKey), aesIV);
cipher.Init(true, parameters);
var encryptedInner = new byte[inner.FullPacket.Length];
BufferedBlockCipher bufferCipher = new BufferedBlockCipher(cipher);
var offset = bufferCipher.ProcessBytes(inner.FullPacket, encryptedInner, 0);
bufferCipher.DoFinal(encryptedInner, offset);
// Hmac the output
byte[] hmacKey = new byte[20];
Buffer.BlockCopy(ci.EncryptionKey, 0, hmacKey, 0, 16);
Buffer.BlockCopy(BitConverter.GetBytes(ci.IV), 0, hmacKey, 16, 4);
var hmac = new HMac(new Sha256Digest());
hmac.Init(new KeyParameter(hmacKey));
hmac.BlockUpdate(encryptedInner, 0, encryptedInner.Length);
byte[] mac = new byte[hmac.GetMacSize()];
hmac.DoFinal(mac, 0);
var foldedMac = Helpers.Fold(mac, 3);
// Create the outgoing packet
Packet outPacket = new Packet();
outPacket.Body = new byte[encryptedInner.Length + 24];
Buffer.BlockCopy(ci.Token, 0, outPacket.Body, 0, 16);
Buffer.BlockCopy(BitConverter.GetBytes(ci.IV), 0, outPacket.Body, 16, 4);
Buffer.BlockCopy(encryptedInner, 0, outPacket.Body, 20, encryptedInner.Length);
Buffer.BlockCopy(foldedMac, 0, outPacket.Body, outPacket.Body.Length - 4, 4);
// Next IV next packet
++ci.IV;
return(outPacket);
}
public string Encrypt(string text, string keyString, EncryptionAlgorithm algorithm, int keyIndex)
{
var aes = new RijndaelEngine();// AesEngine();
var blockCipher = new SicBlockCipher(aes);
var cipher = new PaddedBufferedBlockCipher(blockCipher, new Pkcs7Padding());
var iv = CreateRandomByteArray(_iVSizeInBytes);
var key = HexStringToByteArray(keyString);
var keyParam = new KeyParameter(key);
cipher.Init(true, new ParametersWithIV(keyParam, iv));
var textAsBytes = Encoding.ASCII.GetBytes(text);
var encryptedBytes = new byte[cipher.GetOutputSize(textAsBytes.Length)];
var length = cipher.ProcessBytes(textAsBytes, encryptedBytes, 0);
cipher.DoFinal(encryptedBytes, length);
var encryptedAsString = ByteArrayToString(encryptedBytes);
return($"[{((int)algorithm)},{keyIndex}]{ByteArrayToString(iv)}{encryptedAsString}");
}
public string Decrypt(string cipherText, string keyString, EncryptionAlgorithm algorithm)
{
var aes = new RijndaelEngine();
var blockCipher = new SicBlockCipher(aes);
var cipher = new PaddedBufferedBlockCipher(blockCipher, new Pkcs7Padding());
var ivString = cipherText.Substring(0, _iVSizeInBytes * 2);
var ivBytes = HexStringToByteArray(ivString);
var cipherNoIV = cipherText.Substring(_iVSizeInBytes * 2, cipherText.Length - _iVSizeInBytes * 2);
var cipherBytes = HexStringToByteArray(cipherNoIV);
var key = HexStringToByteArray(keyString);
var keyParam = new KeyParameter(key);
cipher.Init(false, new ParametersWithIV(keyParam, ivBytes));
var decryptedBytes = new byte[cipher.GetOutputSize(cipherBytes.Length)];
var length = cipher.ProcessBytes(cipherBytes, 0, cipherBytes.Length, decryptedBytes, 0);
cipher.DoFinal(decryptedBytes, length);
return(Encoding.ASCII.GetString(decryptedBytes));
}
public static IBufferedCipher GetCipher(
string algorithm)
{
if (algorithm == null)
{
throw new ArgumentNullException("algorithm");
}
algorithm = algorithm.ToUpper(CultureInfo.InvariantCulture);
string aliased = (string)algorithms[algorithm];
if (aliased != null)
{
algorithm = aliased;
}
IBasicAgreement iesAgreement = null;
if (algorithm == "IES")
{
iesAgreement = new DHBasicAgreement();
}
else if (algorithm == "ECIES")
{
iesAgreement = new ECDHBasicAgreement();
}
if (iesAgreement != null)
{
return(new BufferedIesCipher(
new IesEngine(
iesAgreement,
new Kdf2BytesGenerator(
new Sha1Digest()),
new HMac(
new Sha1Digest()))));
}
if (algorithm.StartsWith("PBE"))
{
switch (algorithm)
{
case "PBEWITHSHAAND2-KEYTRIPLEDES-CBC":
case "PBEWITHSHAAND3-KEYTRIPLEDES-CBC":
return(new PaddedBufferedBlockCipher(
new CbcBlockCipher(new DesEdeEngine())));
case "PBEWITHSHAAND128BITRC2-CBC":
case "PBEWITHSHAAND40BITRC2-CBC":
return(new PaddedBufferedBlockCipher(
new CbcBlockCipher(new RC2Engine())));
case "PBEWITHSHAAND128BITAES-CBC-BC":
case "PBEWITHSHAAND192BITAES-CBC-BC":
case "PBEWITHSHAAND256BITAES-CBC-BC":
case "PBEWITHSHA256AND128BITAES-CBC-BC":
case "PBEWITHSHA256AND192BITAES-CBC-BC":
case "PBEWITHSHA256AND256BITAES-CBC-BC":
case "PBEWITHMD5AND128BITAES-CBC-OPENSSL":
case "PBEWITHMD5AND192BITAES-CBC-OPENSSL":
case "PBEWITHMD5AND256BITAES-CBC-OPENSSL":
return(new PaddedBufferedBlockCipher(
new CbcBlockCipher(new AesFastEngine())));
case "PBEWITHSHA1ANDDES-CBC":
return(new PaddedBufferedBlockCipher(
new CbcBlockCipher(new DesEngine())));
case "PBEWITHSHA1ANDRC2-CBC":
return(new PaddedBufferedBlockCipher(
new CbcBlockCipher(new RC2Engine())));
}
}
string[] parts = algorithm.Split('/');
IBlockCipher blockCipher = null;
IAsymmetricBlockCipher asymBlockCipher = null;
IStreamCipher streamCipher = null;
switch (parts[0])
{
case "AES":
blockCipher = new AesFastEngine();
break;
case "ARC4":
streamCipher = new RC4Engine();
break;
case "BLOWFISH":
blockCipher = new BlowfishEngine();
break;
case "CAMELLIA":
blockCipher = new CamelliaEngine();
break;
case "CAST5":
blockCipher = new Cast5Engine();
break;
case "CAST6":
blockCipher = new Cast6Engine();
break;
case "DES":
blockCipher = new DesEngine();
break;
case "DESEDE":
blockCipher = new DesEdeEngine();
break;
case "ELGAMAL":
asymBlockCipher = new ElGamalEngine();
break;
case "GOST28147":
blockCipher = new Gost28147Engine();
break;
case "HC128":
streamCipher = new HC128Engine();
break;
case "HC256":
streamCipher = new HC256Engine();
break;
#if INCLUDE_IDEA
case "IDEA":
blockCipher = new IdeaEngine();
break;
#endif
case "NOEKEON":
blockCipher = new NoekeonEngine();
break;
case "PBEWITHSHAAND128BITRC4":
case "PBEWITHSHAAND40BITRC4":
streamCipher = new RC4Engine();
break;
case "RC2":
blockCipher = new RC2Engine();
break;
case "RC5":
blockCipher = new RC532Engine();
break;
case "RC5-64":
blockCipher = new RC564Engine();
break;
case "RC6":
blockCipher = new RC6Engine();
break;
case "RIJNDAEL":
blockCipher = new RijndaelEngine();
break;
case "RSA":
asymBlockCipher = new RsaBlindedEngine();
break;
case "SALSA20":
streamCipher = new Salsa20Engine();
break;
case "SEED":
blockCipher = new SeedEngine();
break;
case "SERPENT":
blockCipher = new SerpentEngine();
break;
case "SKIPJACK":
blockCipher = new SkipjackEngine();
break;
case "TEA":
blockCipher = new TeaEngine();
break;
case "TWOFISH":
blockCipher = new TwofishEngine();
break;
case "VMPC":
streamCipher = new VmpcEngine();
break;
case "VMPC-KSA3":
streamCipher = new VmpcKsa3Engine();
break;
case "XTEA":
blockCipher = new XteaEngine();
break;
default:
throw new SecurityUtilityException("Cipher " + algorithm + " not recognised.");
}
if (streamCipher != null)
{
if (parts.Length > 1)
{
throw new ArgumentException("Modes and paddings not used for stream ciphers");
}
return(new BufferedStreamCipher(streamCipher));
}
bool cts = false;
bool padded = true;
IBlockCipherPadding padding = null;
IAeadBlockCipher aeadBlockCipher = null;
if (parts.Length > 2)
{
if (streamCipher != null)
{
throw new ArgumentException("Paddings not used for stream ciphers");
}
switch (parts[2])
{
case "NOPADDING":
padded = false;
break;
case "":
case "RAW":
break;
case "ISO10126PADDING":
case "ISO10126D2PADDING":
case "ISO10126-2PADDING":
padding = new ISO10126d2Padding();
break;
case "ISO7816-4PADDING":
case "ISO9797-1PADDING":
padding = new ISO7816d4Padding();
break;
case "ISO9796-1":
case "ISO9796-1PADDING":
asymBlockCipher = new ISO9796d1Encoding(asymBlockCipher);
break;
case "OAEP":
case "OAEPPADDING":
asymBlockCipher = new OaepEncoding(asymBlockCipher);
break;
case "OAEPWITHMD5ANDMGF1PADDING":
asymBlockCipher = new OaepEncoding(asymBlockCipher, new MD5Digest());
break;
case "OAEPWITHSHA1ANDMGF1PADDING":
case "OAEPWITHSHA-1ANDMGF1PADDING":
asymBlockCipher = new OaepEncoding(asymBlockCipher, new Sha1Digest());
break;
case "OAEPWITHSHA224ANDMGF1PADDING":
case "OAEPWITHSHA-224ANDMGF1PADDING":
asymBlockCipher = new OaepEncoding(asymBlockCipher, new Sha224Digest());
break;
case "OAEPWITHSHA256ANDMGF1PADDING":
case "OAEPWITHSHA-256ANDMGF1PADDING":
asymBlockCipher = new OaepEncoding(asymBlockCipher, new Sha256Digest());
break;
case "OAEPWITHSHA384ANDMGF1PADDING":
case "OAEPWITHSHA-384ANDMGF1PADDING":
asymBlockCipher = new OaepEncoding(asymBlockCipher, new Sha384Digest());
break;
case "OAEPWITHSHA512ANDMGF1PADDING":
case "OAEPWITHSHA-512ANDMGF1PADDING":
asymBlockCipher = new OaepEncoding(asymBlockCipher, new Sha512Digest());
break;
case "PKCS1":
case "PKCS1PADDING":
asymBlockCipher = new Pkcs1Encoding(asymBlockCipher);
break;
case "PKCS5":
case "PKCS5PADDING":
case "PKCS7":
case "PKCS7PADDING":
// NB: Padding defaults to Pkcs7Padding already
break;
case "TBCPADDING":
padding = new TbcPadding();
break;
case "WITHCTS":
cts = true;
break;
case "X9.23PADDING":
case "X923PADDING":
padding = new X923Padding();
break;
case "ZEROBYTEPADDING":
padding = new ZeroBytePadding();
break;
default:
throw new SecurityUtilityException("Cipher " + algorithm + " not recognised.");
}
}
string mode = "";
if (parts.Length > 1)
{
mode = parts[1];
int di = GetDigitIndex(mode);
string modeName = di >= 0 ? mode.Substring(0, di) : mode;
switch (modeName)
{
case "":
case "ECB":
case "NONE":
break;
case "CBC":
blockCipher = new CbcBlockCipher(blockCipher);
break;
case "CCM":
aeadBlockCipher = new CcmBlockCipher(blockCipher);
break;
case "CFB":
{
int bits = (di < 0)
? 8 * blockCipher.GetBlockSize()
: int.Parse(mode.Substring(di));
blockCipher = new CfbBlockCipher(blockCipher, bits);
break;
}
case "CTR":
blockCipher = new SicBlockCipher(blockCipher);
break;
case "CTS":
cts = true;
blockCipher = new CbcBlockCipher(blockCipher);
break;
case "EAX":
aeadBlockCipher = new EaxBlockCipher(blockCipher);
break;
case "GCM":
aeadBlockCipher = new GcmBlockCipher(blockCipher);
break;
case "GOFB":
blockCipher = new GOfbBlockCipher(blockCipher);
break;
case "OFB":
{
int bits = (di < 0)
? 8 * blockCipher.GetBlockSize()
: int.Parse(mode.Substring(di));
blockCipher = new OfbBlockCipher(blockCipher, bits);
break;
}
case "OPENPGPCFB":
blockCipher = new OpenPgpCfbBlockCipher(blockCipher);
break;
case "SIC":
if (blockCipher.GetBlockSize() < 16)
{
throw new ArgumentException("Warning: SIC-Mode can become a twotime-pad if the blocksize of the cipher is too small. Use a cipher with a block size of at least 128 bits (e.g. AES)");
}
blockCipher = new SicBlockCipher(blockCipher);
break;
default:
throw new SecurityUtilityException("Cipher " + algorithm + " not recognised.");
}
}
if (aeadBlockCipher != null)
{
if (cts)
{
throw new SecurityUtilityException("CTS mode not valid for AEAD ciphers.");
}
if (padded && parts.Length > 1 && parts[2] != "")
{
throw new SecurityUtilityException("Bad padding specified for AEAD cipher.");
}
return(new BufferedAeadBlockCipher(aeadBlockCipher));
}
if (blockCipher != null)
{
if (cts)
{
return(new CtsBlockCipher(blockCipher));
}
if (!padded || blockCipher.IsPartialBlockOkay)
{
return(new BufferedBlockCipher(blockCipher));
}
if (padding != null)
{
return(new PaddedBufferedBlockCipher(blockCipher, padding));
}
return(new PaddedBufferedBlockCipher(blockCipher));
}
if (asymBlockCipher != null)
{
return(new BufferedAsymmetricBlockCipher(asymBlockCipher));
}
throw new SecurityUtilityException("Cipher " + algorithm + " not recognised.");
}
public StreamingSicBlockCipher(SicBlockCipher parent)
{
this.parent = new SicStreamCipher(parent);
this.blockSize = parent.GetBlockSize();
}
public AES(Encoding encoding)
{
this.encoding = encoding;
this.mode = new SicBlockCipher(new AesEngine());
}
public AesCtrCrypto(byte[] key, byte[] initializationVector)
{
mode = new SicBlockCipher(new AesFastEngine( ));
_key = key;
_iv = initializationVector;
}
public virtual int ProcessPacket(byte[] input, int inOff, int inLen, byte[] output, int outOff)
{
if (keyParam == null)
{
throw new InvalidOperationException("CCM cipher unitialized.");
}
int num = nonce.Length;
int num2 = 15 - num;
if (num2 < 4)
{
int num3 = 1 << 8 * num2;
if (inLen >= num3)
{
throw new InvalidOperationException("CCM packet too large for choice of q.");
}
}
byte[] array = new byte[BlockSize];
array[0] = (byte)((num2 - 1) & 7);
nonce.CopyTo(array, 1);
IBlockCipher blockCipher = new SicBlockCipher(cipher);
blockCipher.Init(forEncryption, new ParametersWithIV(keyParam, array));
int i = inOff;
int num4 = outOff;
int num5;
if (forEncryption)
{
num5 = inLen + macSize;
Check.OutputLength(output, outOff, num5, "Output buffer too short.");
CalculateMac(input, inOff, inLen, macBlock);
byte[] array2 = new byte[BlockSize];
blockCipher.ProcessBlock(macBlock, 0, array2, 0);
for (; i < inOff + inLen - BlockSize; i += BlockSize)
{
blockCipher.ProcessBlock(input, i, output, num4);
num4 += BlockSize;
}
byte[] array3 = new byte[BlockSize];
Array.Copy(input, i, array3, 0, inLen + inOff - i);
blockCipher.ProcessBlock(array3, 0, array3, 0);
Array.Copy(array3, 0, output, num4, inLen + inOff - i);
Array.Copy(array2, 0, output, outOff + inLen, macSize);
}
else
{
if (inLen < macSize)
{
throw new InvalidCipherTextException("data too short");
}
num5 = inLen - macSize;
Check.OutputLength(output, outOff, num5, "Output buffer too short.");
Array.Copy(input, inOff + num5, macBlock, 0, macSize);
blockCipher.ProcessBlock(macBlock, 0, macBlock, 0);
for (int j = macSize; j != macBlock.Length; j++)
{
macBlock[j] = 0;
}
for (; i < inOff + num5 - BlockSize; i += BlockSize)
{
blockCipher.ProcessBlock(input, i, output, num4);
num4 += BlockSize;
}
byte[] array4 = new byte[BlockSize];
Array.Copy(input, i, array4, 0, num5 - (i - inOff));
blockCipher.ProcessBlock(array4, 0, array4, 0);
Array.Copy(array4, 0, output, num4, num5 - (i - inOff));
byte[] b = new byte[BlockSize];
CalculateMac(output, outOff, num5, b);
if (!Arrays.ConstantTimeAreEqual(macBlock, b))
{
throw new InvalidCipherTextException("mac check in CCM failed");
}
}
return(num5);
}
public Packet MessageEncrypt(ICipherSetRemoteInfo remoteInfo, Packet inner)
{
CS1ARemoteInfo ri = (CS1ARemoteInfo)remoteInfo;
var agreedValue = ECDHAgree(ri.RemotePublicKey, ri.EphemeralKeys.PrivateKey);
// Hash the agreed key
var hashedValue = Helpers.SHA256Hash(Helpers.ToByteArray(agreedValue, 20));
// Fold to get the actual key for AES
byte[] aesKey = Helpers.Fold(hashedValue);
Random rnd = new Random();
// Setup and encrypt the actual data
byte[] aesIV = new byte[16];
rnd.NextBytes(aesIV);
Array.Clear(aesIV, 4, 12);
var cipher = new SicBlockCipher(new AesFastEngine());
var parameters = new ParametersWithIV(new KeyParameter(aesKey), aesIV);
cipher.Init(true, parameters);
var encryptedInner = new byte[inner.FullPacket.Length];
BufferedBlockCipher bufferCipher = new BufferedBlockCipher(cipher);
var offset = bufferCipher.ProcessBytes(inner.FullPacket, encryptedInner, 0);
bufferCipher.DoFinal(encryptedInner, offset);
// Construct the packet minus the hmac
Packet outPacket = new Packet();
outPacket.Body = new byte[29 + encryptedInner.Length];
Buffer.BlockCopy(ri.EphemeralKeys.PublicKey, 0, outPacket.Body, 0, ri.EphemeralKeys.PublicKey.Length);
Buffer.BlockCopy(aesIV, 0, outPacket.Body, 21, 4);
Buffer.BlockCopy(encryptedInner, 0, outPacket.Body, 25, encryptedInner.Length);
// ECDH for the hmac key using
var idAgreedValue = ECDHAgree(ri.RemotePublicKey, Key.PrivateKey);
// Mash on the IV for the compound key
byte[] macKey = new byte[24];
byte[] idAgreedValueArray = Helpers.ToByteArray(idAgreedValue, 20);
Buffer.BlockCopy(idAgreedValueArray, 0, macKey, 0, idAgreedValueArray.Length);
Buffer.BlockCopy(aesIV, 0, macKey, idAgreedValueArray.Length, 4);
// Actually hmac all the data now
var hmac = new HMac(new Sha256Digest());
hmac.Init(new KeyParameter(macKey, 0, 24));
hmac.BlockUpdate(outPacket.Body, 0, 25 + encryptedInner.Length);
byte[] mac = new byte[hmac.GetMacSize()];
hmac.DoFinal(mac, 0);
// Fold it up, shove it in and we're done
var foldedMac = Helpers.Fold(mac, 3);
Buffer.BlockCopy(foldedMac, 0, outPacket.Body, 25 + encryptedInner.Length, foldedMac.Length);
return(outPacket);
}
public static IBufferedCipher GetCipher(
string algorithm)
{
if (algorithm == null)
{
throw new ArgumentNullException("algorithm");
}
algorithm = Platform.ToUpperInvariant(algorithm);
{
string aliased = (string)algorithms[algorithm];
if (aliased != null)
{
algorithm = aliased;
}
}
IBasicAgreement iesAgreement = null;
if (algorithm == "IES")
{
iesAgreement = new DHBasicAgreement();
}
else if (algorithm == "ECIES")
{
iesAgreement = new ECDHBasicAgreement();
}
if (iesAgreement != null)
{
return(new BufferedIesCipher(
new IesEngine(
iesAgreement,
new Kdf2BytesGenerator(
new Sha1Digest()),
new HMac(
new Sha1Digest()))));
}
if (Platform.StartsWith(algorithm, "PBE"))
{
if (Platform.EndsWith(algorithm, "-CBC"))
{
if (algorithm == "PBEWITHSHA1ANDDES-CBC")
{
return(new PaddedBufferedBlockCipher(
new CbcBlockCipher(new DesEngine())));
}
else if (algorithm == "PBEWITHSHA1ANDRC2-CBC")
{
return(new PaddedBufferedBlockCipher(
new CbcBlockCipher(new RC2Engine())));
}
else if (Strings.IsOneOf(algorithm,
"PBEWITHSHAAND2-KEYTRIPLEDES-CBC", "PBEWITHSHAAND3-KEYTRIPLEDES-CBC"))
{
return(new PaddedBufferedBlockCipher(
new CbcBlockCipher(new DesEdeEngine())));
}
else if (Strings.IsOneOf(algorithm,
"PBEWITHSHAAND128BITRC2-CBC", "PBEWITHSHAAND40BITRC2-CBC"))
{
return(new PaddedBufferedBlockCipher(
new CbcBlockCipher(new RC2Engine())));
}
}
else if (Platform.EndsWith(algorithm, "-BC") || Platform.EndsWith(algorithm, "-OPENSSL"))
{
if (Strings.IsOneOf(algorithm,
"PBEWITHSHAAND128BITAES-CBC-BC",
"PBEWITHSHAAND192BITAES-CBC-BC",
"PBEWITHSHAAND256BITAES-CBC-BC",
"PBEWITHSHA256AND128BITAES-CBC-BC",
"PBEWITHSHA256AND192BITAES-CBC-BC",
"PBEWITHSHA256AND256BITAES-CBC-BC",
"PBEWITHMD5AND128BITAES-CBC-OPENSSL",
"PBEWITHMD5AND192BITAES-CBC-OPENSSL",
"PBEWITHMD5AND256BITAES-CBC-OPENSSL"))
{
return(new PaddedBufferedBlockCipher(
new CbcBlockCipher(new AesFastEngine())));
}
}
}
string[] parts = algorithm.Split('/');
IBlockCipher blockCipher = null;
IAsymmetricBlockCipher asymBlockCipher = null;
IStreamCipher streamCipher = null;
string algorithmName = parts[0];
{
string aliased = (string)algorithms[algorithmName];
if (aliased != null)
{
algorithmName = aliased;
}
}
CipherAlgorithm cipherAlgorithm;
try
{
cipherAlgorithm = (CipherAlgorithm)Enums.GetEnumValue(typeof(CipherAlgorithm), algorithmName);
}
catch (ArgumentException)
{
throw new SecurityUtilityException("Cipher " + algorithm + " not recognised.");
}
switch (cipherAlgorithm)
{
case CipherAlgorithm.AES:
blockCipher = new AesFastEngine();
break;
case CipherAlgorithm.ARC4:
streamCipher = new RC4Engine();
break;
case CipherAlgorithm.BLOWFISH:
blockCipher = new BlowfishEngine();
break;
case CipherAlgorithm.CAMELLIA:
blockCipher = new CamelliaEngine();
break;
case CipherAlgorithm.CAST5:
blockCipher = new Cast5Engine();
break;
case CipherAlgorithm.CAST6:
blockCipher = new Cast6Engine();
break;
case CipherAlgorithm.DES:
blockCipher = new DesEngine();
break;
case CipherAlgorithm.DESEDE:
blockCipher = new DesEdeEngine();
break;
case CipherAlgorithm.ELGAMAL:
asymBlockCipher = new ElGamalEngine();
break;
case CipherAlgorithm.GOST28147:
blockCipher = new Gost28147Engine();
break;
case CipherAlgorithm.HC128:
streamCipher = new HC128Engine();
break;
case CipherAlgorithm.HC256:
streamCipher = new HC256Engine();
break;
case CipherAlgorithm.IDEA:
blockCipher = new IdeaEngine();
break;
case CipherAlgorithm.NOEKEON:
blockCipher = new NoekeonEngine();
break;
case CipherAlgorithm.PBEWITHSHAAND128BITRC4:
case CipherAlgorithm.PBEWITHSHAAND40BITRC4:
streamCipher = new RC4Engine();
break;
case CipherAlgorithm.RC2:
blockCipher = new RC2Engine();
break;
case CipherAlgorithm.RC5:
blockCipher = new RC532Engine();
break;
case CipherAlgorithm.RC5_64:
blockCipher = new RC564Engine();
break;
case CipherAlgorithm.RC6:
blockCipher = new RC6Engine();
break;
case CipherAlgorithm.RIJNDAEL:
blockCipher = new RijndaelEngine();
break;
case CipherAlgorithm.RSA:
asymBlockCipher = new RsaBlindedEngine();
break;
case CipherAlgorithm.SALSA20:
streamCipher = new Salsa20Engine();
break;
case CipherAlgorithm.SEED:
blockCipher = new SeedEngine();
break;
case CipherAlgorithm.SERPENT:
blockCipher = new SerpentEngine();
break;
case CipherAlgorithm.SKIPJACK:
blockCipher = new SkipjackEngine();
break;
case CipherAlgorithm.TEA:
blockCipher = new TeaEngine();
break;
case CipherAlgorithm.THREEFISH_256:
blockCipher = new ThreefishEngine(ThreefishEngine.BLOCKSIZE_256);
break;
case CipherAlgorithm.THREEFISH_512:
blockCipher = new ThreefishEngine(ThreefishEngine.BLOCKSIZE_512);
break;
case CipherAlgorithm.THREEFISH_1024:
blockCipher = new ThreefishEngine(ThreefishEngine.BLOCKSIZE_1024);
break;
case CipherAlgorithm.TNEPRES:
blockCipher = new TnepresEngine();
break;
case CipherAlgorithm.TWOFISH:
blockCipher = new TwofishEngine();
break;
case CipherAlgorithm.VMPC:
streamCipher = new VmpcEngine();
break;
case CipherAlgorithm.VMPC_KSA3:
streamCipher = new VmpcKsa3Engine();
break;
case CipherAlgorithm.XTEA:
blockCipher = new XteaEngine();
break;
default:
throw new SecurityUtilityException("Cipher " + algorithm + " not recognised.");
}
if (streamCipher != null)
{
if (parts.Length > 1)
{
throw new ArgumentException("Modes and paddings not used for stream ciphers");
}
return(new BufferedStreamCipher(streamCipher));
}
bool cts = false;
bool padded = true;
IBlockCipherPadding padding = null;
IAeadBlockCipher aeadBlockCipher = null;
if (parts.Length > 2)
{
if (streamCipher != null)
{
throw new ArgumentException("Paddings not used for stream ciphers");
}
string paddingName = parts[2];
CipherPadding cipherPadding;
if (paddingName == "")
{
cipherPadding = CipherPadding.RAW;
}
else if (paddingName == "X9.23PADDING")
{
cipherPadding = CipherPadding.X923PADDING;
}
else
{
try
{
cipherPadding = (CipherPadding)Enums.GetEnumValue(typeof(CipherPadding), paddingName);
}
catch (ArgumentException)
{
throw new SecurityUtilityException("Cipher " + algorithm + " not recognised.");
}
}
switch (cipherPadding)
{
case CipherPadding.NOPADDING:
padded = false;
break;
case CipherPadding.RAW:
break;
case CipherPadding.ISO10126PADDING:
case CipherPadding.ISO10126D2PADDING:
case CipherPadding.ISO10126_2PADDING:
padding = new ISO10126d2Padding();
break;
case CipherPadding.ISO7816_4PADDING:
case CipherPadding.ISO9797_1PADDING:
padding = new ISO7816d4Padding();
break;
case CipherPadding.ISO9796_1:
case CipherPadding.ISO9796_1PADDING:
asymBlockCipher = new ISO9796d1Encoding(asymBlockCipher);
break;
case CipherPadding.OAEP:
case CipherPadding.OAEPPADDING:
asymBlockCipher = new OaepEncoding(asymBlockCipher);
break;
case CipherPadding.OAEPWITHMD5ANDMGF1PADDING:
asymBlockCipher = new OaepEncoding(asymBlockCipher, new MD5Digest());
break;
case CipherPadding.OAEPWITHSHA1ANDMGF1PADDING:
case CipherPadding.OAEPWITHSHA_1ANDMGF1PADDING:
asymBlockCipher = new OaepEncoding(asymBlockCipher, new Sha1Digest());
break;
case CipherPadding.OAEPWITHSHA224ANDMGF1PADDING:
case CipherPadding.OAEPWITHSHA_224ANDMGF1PADDING:
asymBlockCipher = new OaepEncoding(asymBlockCipher, new Sha224Digest());
break;
case CipherPadding.OAEPWITHSHA256ANDMGF1PADDING:
case CipherPadding.OAEPWITHSHA_256ANDMGF1PADDING:
asymBlockCipher = new OaepEncoding(asymBlockCipher, new Sha256Digest());
break;
case CipherPadding.OAEPWITHSHA384ANDMGF1PADDING:
case CipherPadding.OAEPWITHSHA_384ANDMGF1PADDING:
asymBlockCipher = new OaepEncoding(asymBlockCipher, new Sha384Digest());
break;
case CipherPadding.OAEPWITHSHA512ANDMGF1PADDING:
case CipherPadding.OAEPWITHSHA_512ANDMGF1PADDING:
asymBlockCipher = new OaepEncoding(asymBlockCipher, new Sha512Digest());
break;
case CipherPadding.PKCS1:
case CipherPadding.PKCS1PADDING:
asymBlockCipher = new Pkcs1Encoding(asymBlockCipher);
break;
case CipherPadding.PKCS5:
case CipherPadding.PKCS5PADDING:
case CipherPadding.PKCS7:
case CipherPadding.PKCS7PADDING:
padding = new Pkcs7Padding();
break;
case CipherPadding.TBCPADDING:
padding = new TbcPadding();
break;
case CipherPadding.WITHCTS:
cts = true;
break;
case CipherPadding.X923PADDING:
padding = new X923Padding();
break;
case CipherPadding.ZEROBYTEPADDING:
padding = new ZeroBytePadding();
break;
default:
throw new SecurityUtilityException("Cipher " + algorithm + " not recognised.");
}
}
string mode = "";
if (parts.Length > 1)
{
mode = parts[1];
int di = GetDigitIndex(mode);
string modeName = di >= 0 ? mode.Substring(0, di) : mode;
try
{
CipherMode cipherMode = modeName == ""
? CipherMode.NONE
: (CipherMode)Enums.GetEnumValue(typeof(CipherMode), modeName);
switch (cipherMode)
{
case CipherMode.ECB:
case CipherMode.NONE:
break;
case CipherMode.CBC:
blockCipher = new CbcBlockCipher(blockCipher);
break;
case CipherMode.CCM:
aeadBlockCipher = new CcmBlockCipher(blockCipher);
break;
case CipherMode.CFB:
{
int bits = (di < 0)
? 8 * blockCipher.GetBlockSize()
: int.Parse(mode.Substring(di));
blockCipher = new CfbBlockCipher(blockCipher, bits);
break;
}
case CipherMode.CTR:
blockCipher = new SicBlockCipher(blockCipher);
break;
case CipherMode.CTS:
cts = true;
blockCipher = new CbcBlockCipher(blockCipher);
break;
case CipherMode.EAX:
aeadBlockCipher = new EaxBlockCipher(blockCipher);
break;
case CipherMode.GCM:
aeadBlockCipher = new GcmBlockCipher(blockCipher);
break;
case CipherMode.GOFB:
blockCipher = new GOfbBlockCipher(blockCipher);
break;
case CipherMode.OCB:
aeadBlockCipher = new OcbBlockCipher(blockCipher, CreateBlockCipher(cipherAlgorithm));
break;
case CipherMode.OFB:
{
int bits = (di < 0)
? 8 * blockCipher.GetBlockSize()
: int.Parse(mode.Substring(di));
blockCipher = new OfbBlockCipher(blockCipher, bits);
break;
}
case CipherMode.OPENPGPCFB:
blockCipher = new OpenPgpCfbBlockCipher(blockCipher);
break;
case CipherMode.SIC:
if (blockCipher.GetBlockSize() < 16)
{
throw new ArgumentException("Warning: SIC-Mode can become a twotime-pad if the blocksize of the cipher is too small. Use a cipher with a block size of at least 128 bits (e.g. AES)");
}
blockCipher = new SicBlockCipher(blockCipher);
break;
default:
throw new SecurityUtilityException("Cipher " + algorithm + " not recognised.");
}
}
catch (ArgumentException)
{
throw new SecurityUtilityException("Cipher " + algorithm + " not recognised.");
}
}
if (aeadBlockCipher != null)
{
if (cts)
{
throw new SecurityUtilityException("CTS mode not valid for AEAD ciphers.");
}
if (padded && parts.Length > 2 && parts[2] != "")
{
throw new SecurityUtilityException("Bad padding specified for AEAD cipher.");
}
return(new BufferedAeadBlockCipher(aeadBlockCipher));
}
if (blockCipher != null)
{
if (cts)
{
return(new CtsBlockCipher(blockCipher));
}
if (padding != null)
{
return(new PaddedBufferedBlockCipher(blockCipher, padding));
}
if (!padded || blockCipher.IsPartialBlockOkay)
{
return(new BufferedBlockCipher(blockCipher));
}
return(new PaddedBufferedBlockCipher(blockCipher));
}
if (asymBlockCipher != null)
{
return(new BufferedAsymmetricBlockCipher(asymBlockCipher));
}
throw new SecurityUtilityException("Cipher " + algorithm + " not recognised.");
}
public static IBufferedCipher GetCipher(string algorithm)
{
//IL_0008: Unknown result type (might be due to invalid IL or missing references)
//IL_0469: Unknown result type (might be due to invalid IL or missing references)
//IL_0495: Unknown result type (might be due to invalid IL or missing references)
//IL_07f1: Unknown result type (might be due to invalid IL or missing references)
if (algorithm == null)
{
throw new ArgumentNullException("algorithm");
}
algorithm = Platform.ToUpperInvariant(algorithm);
string text = (string)algorithms.get_Item((object)algorithm);
if (text != null)
{
algorithm = text;
}
IBasicAgreement basicAgreement = null;
if (algorithm == "IES")
{
basicAgreement = new DHBasicAgreement();
}
else if (algorithm == "ECIES")
{
basicAgreement = new ECDHBasicAgreement();
}
if (basicAgreement != null)
{
return(new BufferedIesCipher(new IesEngine(basicAgreement, new Kdf2BytesGenerator(new Sha1Digest()), new HMac(new Sha1Digest()))));
}
if (Platform.StartsWith(algorithm, "PBE"))
{
if (Platform.EndsWith(algorithm, "-CBC"))
{
if (algorithm == "PBEWITHSHA1ANDDES-CBC")
{
return(new PaddedBufferedBlockCipher(new CbcBlockCipher(new DesEngine())));
}
if (algorithm == "PBEWITHSHA1ANDRC2-CBC")
{
return(new PaddedBufferedBlockCipher(new CbcBlockCipher(new RC2Engine())));
}
if (Strings.IsOneOf(algorithm, "PBEWITHSHAAND2-KEYTRIPLEDES-CBC", "PBEWITHSHAAND3-KEYTRIPLEDES-CBC"))
{
return(new PaddedBufferedBlockCipher(new CbcBlockCipher(new DesEdeEngine())));
}
if (Strings.IsOneOf(algorithm, "PBEWITHSHAAND128BITRC2-CBC", "PBEWITHSHAAND40BITRC2-CBC"))
{
return(new PaddedBufferedBlockCipher(new CbcBlockCipher(new RC2Engine())));
}
}
else if ((Platform.EndsWith(algorithm, "-BC") || Platform.EndsWith(algorithm, "-OPENSSL")) && Strings.IsOneOf(algorithm, "PBEWITHSHAAND128BITAES-CBC-BC", "PBEWITHSHAAND192BITAES-CBC-BC", "PBEWITHSHAAND256BITAES-CBC-BC", "PBEWITHSHA256AND128BITAES-CBC-BC", "PBEWITHSHA256AND192BITAES-CBC-BC", "PBEWITHSHA256AND256BITAES-CBC-BC", "PBEWITHMD5AND128BITAES-CBC-OPENSSL", "PBEWITHMD5AND192BITAES-CBC-OPENSSL", "PBEWITHMD5AND256BITAES-CBC-OPENSSL"))
{
return(new PaddedBufferedBlockCipher(new CbcBlockCipher(new AesFastEngine())));
}
}
string[] array = algorithm.Split(new char[1] {
'/'
});
IBlockCipher blockCipher = null;
IAsymmetricBlockCipher asymmetricBlockCipher = null;
IStreamCipher streamCipher = null;
string text2 = array[0];
string text3 = (string)algorithms.get_Item((object)text2);
if (text3 != null)
{
text2 = text3;
}
CipherAlgorithm cipherAlgorithm;
try
{
cipherAlgorithm = (CipherAlgorithm)Enums.GetEnumValue(typeof(CipherAlgorithm), text2);
}
catch (ArgumentException)
{
throw new SecurityUtilityException("Cipher " + algorithm + " not recognised.");
}
switch (cipherAlgorithm)
{
case CipherAlgorithm.AES:
blockCipher = new AesFastEngine();
break;
case CipherAlgorithm.ARC4:
streamCipher = new RC4Engine();
break;
case CipherAlgorithm.BLOWFISH:
blockCipher = new BlowfishEngine();
break;
case CipherAlgorithm.CAMELLIA:
blockCipher = new CamelliaEngine();
break;
case CipherAlgorithm.CAST5:
blockCipher = new Cast5Engine();
break;
case CipherAlgorithm.CAST6:
blockCipher = new Cast6Engine();
break;
case CipherAlgorithm.DES:
blockCipher = new DesEngine();
break;
case CipherAlgorithm.DESEDE:
blockCipher = new DesEdeEngine();
break;
case CipherAlgorithm.ELGAMAL:
asymmetricBlockCipher = new ElGamalEngine();
break;
case CipherAlgorithm.GOST28147:
blockCipher = new Gost28147Engine();
break;
case CipherAlgorithm.HC128:
streamCipher = new HC128Engine();
break;
case CipherAlgorithm.HC256:
streamCipher = new HC256Engine();
break;
case CipherAlgorithm.IDEA:
blockCipher = new IdeaEngine();
break;
case CipherAlgorithm.NOEKEON:
blockCipher = new NoekeonEngine();
break;
case CipherAlgorithm.PBEWITHSHAAND128BITRC4:
case CipherAlgorithm.PBEWITHSHAAND40BITRC4:
streamCipher = new RC4Engine();
break;
case CipherAlgorithm.RC2:
blockCipher = new RC2Engine();
break;
case CipherAlgorithm.RC5:
blockCipher = new RC532Engine();
break;
case CipherAlgorithm.RC5_64:
blockCipher = new RC564Engine();
break;
case CipherAlgorithm.RC6:
blockCipher = new RC6Engine();
break;
case CipherAlgorithm.RIJNDAEL:
blockCipher = new RijndaelEngine();
break;
case CipherAlgorithm.RSA:
asymmetricBlockCipher = new RsaBlindedEngine();
break;
case CipherAlgorithm.SALSA20:
streamCipher = new Salsa20Engine();
break;
case CipherAlgorithm.SEED:
blockCipher = new SeedEngine();
break;
case CipherAlgorithm.SERPENT:
blockCipher = new SerpentEngine();
break;
case CipherAlgorithm.SKIPJACK:
blockCipher = new SkipjackEngine();
break;
case CipherAlgorithm.TEA:
blockCipher = new TeaEngine();
break;
case CipherAlgorithm.THREEFISH_256:
blockCipher = new ThreefishEngine(256);
break;
case CipherAlgorithm.THREEFISH_512:
blockCipher = new ThreefishEngine(512);
break;
case CipherAlgorithm.THREEFISH_1024:
blockCipher = new ThreefishEngine(1024);
break;
case CipherAlgorithm.TNEPRES:
blockCipher = new TnepresEngine();
break;
case CipherAlgorithm.TWOFISH:
blockCipher = new TwofishEngine();
break;
case CipherAlgorithm.VMPC:
streamCipher = new VmpcEngine();
break;
case CipherAlgorithm.VMPC_KSA3:
streamCipher = new VmpcKsa3Engine();
break;
case CipherAlgorithm.XTEA:
blockCipher = new XteaEngine();
break;
default:
throw new SecurityUtilityException("Cipher " + algorithm + " not recognised.");
}
if (streamCipher != null)
{
if (array.Length > 1)
{
throw new ArgumentException("Modes and paddings not used for stream ciphers");
}
return(new BufferedStreamCipher(streamCipher));
}
bool flag = false;
bool flag2 = true;
IBlockCipherPadding blockCipherPadding = null;
IAeadBlockCipher aeadBlockCipher = null;
if (array.Length > 2)
{
if (streamCipher != null)
{
throw new ArgumentException("Paddings not used for stream ciphers");
}
string text4 = array[2];
CipherPadding cipherPadding;
if (text4 == "")
{
cipherPadding = CipherPadding.RAW;
}
else if (text4 == "X9.23PADDING")
{
cipherPadding = CipherPadding.X923PADDING;
}
else
{
try
{
cipherPadding = (CipherPadding)Enums.GetEnumValue(typeof(CipherPadding), text4);
}
catch (ArgumentException)
{
throw new SecurityUtilityException("Cipher " + algorithm + " not recognised.");
}
}
switch (cipherPadding)
{
case CipherPadding.NOPADDING:
flag2 = false;
break;
case CipherPadding.ISO10126PADDING:
case CipherPadding.ISO10126D2PADDING:
case CipherPadding.ISO10126_2PADDING:
blockCipherPadding = new ISO10126d2Padding();
break;
case CipherPadding.ISO7816_4PADDING:
case CipherPadding.ISO9797_1PADDING:
blockCipherPadding = new ISO7816d4Padding();
break;
case CipherPadding.ISO9796_1:
case CipherPadding.ISO9796_1PADDING:
asymmetricBlockCipher = new ISO9796d1Encoding(asymmetricBlockCipher);
break;
case CipherPadding.OAEP:
case CipherPadding.OAEPPADDING:
asymmetricBlockCipher = new OaepEncoding(asymmetricBlockCipher);
break;
case CipherPadding.OAEPWITHMD5ANDMGF1PADDING:
asymmetricBlockCipher = new OaepEncoding(asymmetricBlockCipher, new MD5Digest());
break;
case CipherPadding.OAEPWITHSHA1ANDMGF1PADDING:
case CipherPadding.OAEPWITHSHA_1ANDMGF1PADDING:
asymmetricBlockCipher = new OaepEncoding(asymmetricBlockCipher, new Sha1Digest());
break;
case CipherPadding.OAEPWITHSHA224ANDMGF1PADDING:
case CipherPadding.OAEPWITHSHA_224ANDMGF1PADDING:
asymmetricBlockCipher = new OaepEncoding(asymmetricBlockCipher, new Sha224Digest());
break;
case CipherPadding.OAEPWITHSHA256ANDMGF1PADDING:
case CipherPadding.OAEPWITHSHA_256ANDMGF1PADDING:
asymmetricBlockCipher = new OaepEncoding(asymmetricBlockCipher, new Sha256Digest());
break;
case CipherPadding.OAEPWITHSHA384ANDMGF1PADDING:
case CipherPadding.OAEPWITHSHA_384ANDMGF1PADDING:
asymmetricBlockCipher = new OaepEncoding(asymmetricBlockCipher, new Sha384Digest());
break;
case CipherPadding.OAEPWITHSHA512ANDMGF1PADDING:
case CipherPadding.OAEPWITHSHA_512ANDMGF1PADDING:
asymmetricBlockCipher = new OaepEncoding(asymmetricBlockCipher, new Sha512Digest());
break;
case CipherPadding.PKCS1:
case CipherPadding.PKCS1PADDING:
asymmetricBlockCipher = new Pkcs1Encoding(asymmetricBlockCipher);
break;
case CipherPadding.PKCS5:
case CipherPadding.PKCS5PADDING:
case CipherPadding.PKCS7:
case CipherPadding.PKCS7PADDING:
blockCipherPadding = new Pkcs7Padding();
break;
case CipherPadding.TBCPADDING:
blockCipherPadding = new TbcPadding();
break;
case CipherPadding.WITHCTS:
flag = true;
break;
case CipherPadding.X923PADDING:
blockCipherPadding = new X923Padding();
break;
case CipherPadding.ZEROBYTEPADDING:
blockCipherPadding = new ZeroBytePadding();
break;
default:
throw new SecurityUtilityException("Cipher " + algorithm + " not recognised.");
case CipherPadding.RAW:
break;
}
}
string text5 = "";
if (array.Length > 1)
{
text5 = array[1];
int digitIndex = GetDigitIndex(text5);
string text6 = ((digitIndex >= 0) ? text5.Substring(0, digitIndex) : text5);
try
{
switch ((text6 == "") ? CipherMode.NONE : ((CipherMode)Enums.GetEnumValue(typeof(CipherMode), text6)))
{
case CipherMode.CBC:
blockCipher = new CbcBlockCipher(blockCipher);
break;
case CipherMode.CCM:
aeadBlockCipher = new CcmBlockCipher(blockCipher);
break;
case CipherMode.CFB:
{
int bitBlockSize = ((digitIndex < 0) ? (8 * blockCipher.GetBlockSize()) : int.Parse(text5.Substring(digitIndex)));
blockCipher = new CfbBlockCipher(blockCipher, bitBlockSize);
break;
}
case CipherMode.CTR:
blockCipher = new SicBlockCipher(blockCipher);
break;
case CipherMode.CTS:
flag = true;
blockCipher = new CbcBlockCipher(blockCipher);
break;
case CipherMode.EAX:
aeadBlockCipher = new EaxBlockCipher(blockCipher);
break;
case CipherMode.GCM:
aeadBlockCipher = new GcmBlockCipher(blockCipher);
break;
case CipherMode.GOFB:
blockCipher = new GOfbBlockCipher(blockCipher);
break;
case CipherMode.OCB:
aeadBlockCipher = new OcbBlockCipher(blockCipher, CreateBlockCipher(cipherAlgorithm));
break;
case CipherMode.OFB:
{
int blockSize = ((digitIndex < 0) ? (8 * blockCipher.GetBlockSize()) : int.Parse(text5.Substring(digitIndex)));
blockCipher = new OfbBlockCipher(blockCipher, blockSize);
break;
}
case CipherMode.OPENPGPCFB:
blockCipher = new OpenPgpCfbBlockCipher(blockCipher);
break;
case CipherMode.SIC:
if (blockCipher.GetBlockSize() < 16)
{
throw new ArgumentException("Warning: SIC-Mode can become a twotime-pad if the blocksize of the cipher is too small. Use a cipher with a block size of at least 128 bits (e.g. AES)");
}
blockCipher = new SicBlockCipher(blockCipher);
break;
default:
throw new SecurityUtilityException("Cipher " + algorithm + " not recognised.");
case CipherMode.ECB:
case CipherMode.NONE:
break;
}
}
catch (ArgumentException)
{
throw new SecurityUtilityException("Cipher " + algorithm + " not recognised.");
}
}
if (aeadBlockCipher != null)
{
if (flag)
{
throw new SecurityUtilityException("CTS mode not valid for AEAD ciphers.");
}
if (flag2 && array.Length > 2 && array[2] != "")
{
throw new SecurityUtilityException("Bad padding specified for AEAD cipher.");
}
return(new BufferedAeadBlockCipher(aeadBlockCipher));
}
if (blockCipher != null)
{
if (flag)
{
return(new CtsBlockCipher(blockCipher));
}
if (blockCipherPadding != null)
{
return(new PaddedBufferedBlockCipher(blockCipher, blockCipherPadding));
}
if (!flag2 || blockCipher.IsPartialBlockOkay)
{
return(new BufferedBlockCipher(blockCipher));
}
return(new PaddedBufferedBlockCipher(blockCipher));
}
if (asymmetricBlockCipher != null)
{
return(new BufferedAsymmetricBlockCipher(asymmetricBlockCipher));
}
throw new SecurityUtilityException("Cipher " + algorithm + " not recognised.");
}
