/// <summary>
        /// Instantiate a thumb print
        /// </summary>
        /// <param name="key">The key to thumbprint.</param>
        /// <param name="salt">The salt to use.</param>
        public AesKeyThumbprint(AesKey key, KeyWrapSalt salt, long iterations)
        {
            if (key == null)
            {
                throw new ArgumentNullException("key");
            }
            if (salt == null)
            {
                throw new ArgumentNullException("salt");
            }

            KeyWrap keyWrap = new KeyWrap(key, salt, iterations, KeyWrapMode.Specification);

            byte[] wrap = keyWrap.Wrap(key);

            Initialize(wrap);
        }
Beispiel #2
0
        public static void TestDispose()
        {
            KeyWrap keyWrap = new KeyWrap(_keyEncryptingKey, 6, KeyWrapMode.Specification);
            keyWrap.Dispose();
            Assert.Throws<ObjectDisposedException>(() =>
            {
                keyWrap.Wrap(new AesKey());
            });

            Assert.Throws<ObjectDisposedException>(() =>
            {
                keyWrap.Unwrap(new byte[16 + 8]);
            });

            Assert.DoesNotThrow(() =>
            {
                keyWrap.Dispose();
            });
        }
        /// <summary>
        /// Instantiate a thumb print
        /// </summary>
        /// <param name="passphrase">The passphrase to thumbprint.</param>
        /// <param name="salt">The salt to use.</param>
        public SymmetricKeyThumbprint(Passphrase passphrase, Salt salt, long keyWrapIterations)
        {
            if (passphrase == null)
            {
                throw new ArgumentNullException("passphrase");
            }
            if (salt == null)
            {
                throw new ArgumentNullException("salt");
            }

            ICryptoFactory factory = Resolve.CryptoFactory.Minimum;
            ICrypto        crypto  = factory.CreateCrypto(factory.RestoreDerivedKey(passphrase, salt, CryptoFactory.DerivationIterations).DerivedKey, null, 0);
            KeyWrap        keyWrap = new KeyWrap(salt, keyWrapIterations, KeyWrapMode.Specification);

            byte[] wrap = keyWrap.Wrap(crypto, crypto.Key);

            _bytes = wrap.Reduce(6);
        }
 public void RewrapMasterKey(AesKey masterKey, AesKey keyEncryptingKey)
 {
     KeyWrapSalt salt = new KeyWrapSalt(keyEncryptingKey.Length);
     using (KeyWrap keyWrap = new KeyWrap(keyEncryptingKey, salt, Iterations, KeyWrapMode.AxCrypt))
     {
         byte[] wrappedKeyData = keyWrap.Wrap(masterKey);
         Set(wrappedKeyData, salt, Iterations);
     }
 }
 private void Initialize(AesKey keyEncryptingKey)
 {
     AesKey masterKey = new AesKey();
     long iterations = OS.Current.KeyWrapIterations;
     KeyWrapSalt salt = new KeyWrapSalt(keyEncryptingKey.Length);
     using (KeyWrap keyWrap = new KeyWrap(keyEncryptingKey, salt, iterations, KeyWrapMode.AxCrypt))
     {
         byte[] wrappedKeyData = keyWrap.Wrap(masterKey);
         Set(wrappedKeyData, salt, iterations);
     }
 }
        public byte[] UnwrapMasterKey(AesKey keyEncryptingKey, byte fileVersionMajor)
        {
            byte[] wrappedKeyData = GetKeyData();
            KeyWrapSalt salt = Salt;
            if (fileVersionMajor <= 1)
            {
                // Due to a bug in 1.1 and earlier we only used a truncated part of the key and salt :-(
                // Compensate for this here. Users should be warned if FileVersionMajor <= 1 .
                byte[] badKey = new byte[keyEncryptingKey.Length];
                Array.Copy(keyEncryptingKey.GetBytes(), 0, badKey, 0, 4);
                keyEncryptingKey = new AesKey(badKey);

                byte[] badSalt = new byte[salt.Length];
                Array.Copy(salt.GetBytes(), 0, badSalt, 0, 4);
                salt = new KeyWrapSalt(badSalt);
            }

            byte[] unwrappedKeyData;
            using (KeyWrap keyWrap = new KeyWrap(keyEncryptingKey, salt, Iterations, KeyWrapMode.AxCrypt))
            {
                unwrappedKeyData = keyWrap.Unwrap(wrappedKeyData);
            }
            return unwrappedKeyData;
        }
        public void TestUnwrapFromSimpleFile()
        {
            using (Stream testStream = FakeRuntimeFileInfo.ExpandableMemoryStream(Resources.helloworld_key_a_txt))
            {
                KeyWrap1HeaderBlock keyWrapHeaderBlock = null;
                using (AxCryptReader axCryptReader = AxCryptReader.Create(testStream))
                {
                    int headers = 0;
                    while (axCryptReader.Read())
                    {
                        switch (axCryptReader.CurrentItemType)
                        {
                            case AxCryptItemType.None:
                                break;

                            case AxCryptItemType.MagicGuid:
                                break;

                            case AxCryptItemType.HeaderBlock:
                                if (axCryptReader.CurrentHeaderBlock.HeaderBlockType == HeaderBlockType.KeyWrap1)
                                {
                                    keyWrapHeaderBlock = (KeyWrap1HeaderBlock)axCryptReader.CurrentHeaderBlock;
                                    ++headers;
                                }
                                break;

                            case AxCryptItemType.Data:
                                break;

                            case AxCryptItemType.EndOfStream:
                                break;
                            default:
                                break;
                        }
                    }
                    Assert.That(headers, Is.EqualTo(1), "We're expecting exactly one KeyWrap1 block to be found!");
                    byte[] wrapped = keyWrapHeaderBlock.GetKeyData();
                    using (KeyWrap keyWrap = new KeyWrap(new Passphrase("a").DerivedPassphrase, keyWrapHeaderBlock.Salt, keyWrapHeaderBlock.Iterations, KeyWrapMode.AxCrypt))
                    {
                        byte[] unwrapped = keyWrap.Unwrap(wrapped);
                        Assert.That(unwrapped.Length, Is.Not.EqualTo(0), "An unwrapped key is invalid if it is returned as a zero-length array.");
                    }
                }
            }
        }
Beispiel #8
0
        public void TestKeyWrapConstructorWithBadArgument()
        {
            using (KeyWrap keyWrap = new KeyWrap(_keyEncryptingKey, 6, KeyWrapMode.Specification))
            {
                Assert.Throws<InternalErrorException>(() => { keyWrap.Unwrap(_keyData.GetBytes()); }, "Calling with too short wrapped data.");
            }

            Assert.Throws<InternalErrorException>(() =>
            {
                using (KeyWrap keyWrap = new KeyWrap(_keyEncryptingKey, new KeyWrapSalt(32), 6, KeyWrapMode.AxCrypt))
                {
                }
            }, "Calling with too long salt.");

            Assert.Throws<InternalErrorException>(() =>
            {
                using (KeyWrap keyWrap = new KeyWrap(_keyEncryptingKey, 5, KeyWrapMode.AxCrypt))
                {
                }
            }, "Calling with too few iterations.");

            Assert.Throws<InternalErrorException>(() =>
            {
                using (KeyWrap keyWrap = new KeyWrap(_keyEncryptingKey, 0, KeyWrapMode.AxCrypt))
                {
                }
            }, "Calling with zero (too few) iterations.");

            Assert.Throws<InternalErrorException>(() =>
            {
                using (KeyWrap keyWrap = new KeyWrap(_keyEncryptingKey, -100, KeyWrapMode.AxCrypt))
                {
                }
            }, "Calling with negative number of iterations.");

            Assert.Throws<InternalErrorException>(() =>
            {
                using (KeyWrap keyWrap = new KeyWrap(_keyEncryptingKey, 6, (KeyWrapMode)9999))
                {
                }
            }, "Calling with bogus KeyWrapMode.");

            Assert.Throws<ArgumentNullException>(() =>
            {
                using (KeyWrap keyWrap = new KeyWrap(null, new KeyWrapSalt(16), 6, KeyWrapMode.AxCrypt))
                {
                }
            }, "Calling with null key argument.");

            Assert.Throws<ArgumentNullException>(() =>
            {
                using (KeyWrap keyWrap = new KeyWrap(_keyEncryptingKey, null, 6, KeyWrapMode.Specification))
                {
                }
            }, "Calling with null salt argument.");
        }
Beispiel #9
0
        public void TestWrapAndUnwrapSpecificationMode()
        {
            AesKey keyToWrap = new AesKey(new byte[] { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15 });
            AesKey keyEncryptingKey = new AesKey(new byte[] { 15, 14, 13, 12, 11, 10, 9, 8, 7, 6, 5, 4, 3, 2, 1, 0 });
            KeyWrapSalt salt = new KeyWrapSalt(new byte[] { 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31 });
            long iterations = 23456;
            byte[] wrapped;
            using (KeyWrap keyWrap = new KeyWrap(keyEncryptingKey, salt, iterations, KeyWrapMode.Specification))
            {
                wrapped = keyWrap.Wrap(keyToWrap);
            }
            byte[] unwrapped;
            using (KeyWrap keyWrap = new KeyWrap(keyEncryptingKey, salt, iterations, KeyWrapMode.Specification))
            {
                unwrapped = keyWrap.Unwrap(wrapped);
            }

            Assert.That(unwrapped, Is.EquivalentTo(keyToWrap.GetBytes()), "The unwrapped data should be equal to original.");
        }
Beispiel #10
0
        public void TestWrap()
        {
            byte[] wrapped;
            using (KeyWrap keyWrap = new KeyWrap(_keyEncryptingKey, 6, KeyWrapMode.Specification))
            {
                wrapped = keyWrap.Wrap(_keyData);
            }

            Assert.That(wrapped, Is.EquivalentTo(_wrapped), "The wrapped data is not correct according to specification.");

            using (KeyWrap keyWrap = new KeyWrap(_keyEncryptingKey, 6, KeyWrapMode.Specification))
            {
                Assert.Throws<ArgumentNullException>(() =>
                {
                    wrapped = keyWrap.Wrap(null);
                });
            }
        }
Beispiel #11
0
        public void TestUnwrap()
        {
            byte[] unwrapped;
            using (KeyWrap keyWrap = new KeyWrap(_keyEncryptingKey, 6, KeyWrapMode.Specification))
            {
                unwrapped = keyWrap.Unwrap(_wrapped);
            }

            Assert.That(unwrapped, Is.EquivalentTo(_keyData.GetBytes()), "Unwrapped the wrong data");
        }
            public void Iterate(long keyWrapIterations)
            {
                KeyWrap keyWrap = new KeyWrap(_dummySalt, keyWrapIterations, KeyWrapMode.Specification);

                keyWrap.Wrap(_dummyCrypto, _dummyKey);
            }