Beispiel #1
0
        public byte[] DecryptData(EncryptedPacket encryptedPacket, RSAWithRSAParameterKey rsaParams)
        {
            // Decrypt AES Key with RSA
            var decryptedSessionKey = rsaParams.DecryptData(encryptedPacket.EncryptedSessionKey);

            // Decrypt our data with AES using the decryptedSessionKey
            return(_aes.Decrypt(encryptedPacket.EncryptedData, decryptedSessionKey, encryptedPacket.IV));
        }
Beispiel #2
0
        public EncryptedPacket EncryptData(byte[] original, RSAWithRSAParameterKey rsaParams)
        {
            // Generate our session key
            var sessionKey = _aes.GenerateRandomNumber(32);

            // Create the encrypted packet and generate the IV
            var encryptedPacket = new EncryptedPacket
            {
                IV = _aes.GenerateRandomNumber(16)
            };

            // Encrypt our data with AES
            encryptedPacket.EncryptedData = _aes.Encrypt(original, sessionKey, encryptedPacket.IV);

            // Encrypt the session key with RSA
            encryptedPacket.EncryptedSessionKey = rsaParams.EncryptData(sessionKey);

            return(encryptedPacket);
        }
Beispiel #3
0
        public byte[] DecryptData(EncryptedPacket encryptedPacket, RSAWithRSAParameterKey privateKey)
        {
            // Decrypt the unique 256 bits AES session key
            var sessionKey = privateKey.DecryptData(encryptedPacket.EncryptedSessionKey);

            // Validate the encrypted data is accurate
            using (var hmac = new HMACSHA256(sessionKey))
            {
                var hmacToCheck = hmac.ComputeHash(encryptedPacket.EncryptedData);
                if (!CompareBytes(encryptedPacket.Hmac, hmacToCheck))
                {
                    throw new CryptographicException("HMAC invalid, data is corrupted.");
                }
            }

            // Decrypt the data
            var data = _aes.Decrypt(encryptedPacket.EncryptedData, sessionKey, encryptedPacket.Iv);

            return(data);
        }
Beispiel #4
0
        /// <summary>
        /// This is an example of what a sender would do to securely transmit data
        /// using a hybrid encryption solution, (combining symmetric (AES) encryption
        /// with asymmetric encryption (RSA)).
        /// </summary>
        /// <param name="data">Data to be encrypted</param>
        /// <param name="publicKey">The public key, used to encrypt the session key used to encrypt the data.</param>
        /// <returns>Encrypted Packet of data that can be securely transferred</returns>
        public EncryptedPacket EncryptData(byte[] data, RSAWithRSAParameterKey publicKey)
        {
            var encryptedPacket = new EncryptedPacket();

            // Generate our unique 256 bits session key
            var sessionKey = _aes.GenerateRandomNumbers(32);

            // Generate the 128 bit Initialization Vector
            encryptedPacket.Iv = _aes.GenerateRandomNumbers(16);

            // Encrypt data using AES (symmetric encryption) session key and IV
            encryptedPacket.EncryptedData = _aes.Encrypt(data, sessionKey, encryptedPacket.Iv);

            // Encrypt the session key with the public RSA key
            encryptedPacket.EncryptedSessionKey = publicKey.EncryptData(sessionKey);

            // Generate a HMAC using the unique session key
            using (var hmac = new HMACSHA256(sessionKey))
            {
                encryptedPacket.Hmac = hmac.ComputeHash(encryptedPacket.EncryptedData);
            }

            return(encryptedPacket);
        }