Inheritance: System.Security.Cryptography.DeriveBytes
Beispiel #1
0
		}// Encrypt()

		public static byte[] Decrypt(byte[] masterKey, byte[] ciphertext, byte[] salt = null)
		{
			int cipherLength = ciphertext.Length - minCiphertextLength;
			if (cipherLength <= 0) return null;
			int ivcipherLength = aesIVLength + cipherLength;

			byte[] encKey, macKey;
			using (var hkdf = new HKDF(hmacFactory, masterKey, salt))
			{
				macKey = hkdf.GetBytes(macKeyLength);
				encKey = hkdf.GetBytes(encKeyLength);
			}

			using (var aes = aesFactory())
			{
				aes.Key = encKey;
				using (var hmac = hmacFactory())
				{
					hmac.Key = macKey;
					var fullmacActual = hmac.ComputeHash(ciphertext, 0, ivcipherLength);
					if (!Util.Xor(fullmacActual, 0, macLength, ciphertext, ivcipherLength, macLength)) return null;

					var iv = new byte[aesIVLength];
					Buffer.BlockCopy(ciphertext, 0, iv, 0, aesIVLength);
					aes.IV = iv;

					using (var stream = new MemoryStream())
					{
						using (var aesDecryptor = aes.CreateDecryptor())
						{
							using (var cryptoStream = new CryptoStream(stream, aesDecryptor, CryptoStreamMode.Write))
							{
								cryptoStream.Write(ciphertext, aesIVLength, cipherLength);
							}// using cryptoStream
						}// using aesDecryptor
						return stream.ToArray();
					}// using stream
				}// using hmac
			}// using aes
		}// Decrypt()
        public static byte[] Decrypt(byte[] masterKey, byte[] ciphertext, byte[] salt = null)
        {
            int cipherLength = ciphertext.Length - minCiphertextLength;
            if (cipherLength <= 0) return null;
            int ivcipherLength = aesIVLength + cipherLength;

            byte[] encKey, macKey;
            using (var hkdf = new HKDF(hmacFactory, masterKey, salt))
            {
                macKey = hkdf.GetBytes(macKeyLength);
                encKey = hkdf.GetBytes(encKeyLength);
            }

            using (var aes = aesFactory())
            {
                aes.Key = encKey;
                using (var hmac = hmacFactory())
                {
                    hmac.Key = macKey;
                    var fullmacActual = hmac.ComputeHash(ciphertext, 0, ivcipherLength);
                    if (!Util.Xor(fullmacActual, 0, macLength, ciphertext, ivcipherLength, macLength)) return null;

                    var iv = new byte[aesIVLength];
                    Buffer.BlockCopy(ciphertext, 0, iv, 0, aesIVLength);
                    aes.IV = iv;

                    using (var stream = new MemoryStream())
                    {
                        using (var aesDecryptor = aes.CreateDecryptor())
                        {
                            using (var cryptoStream = new CryptoStream(stream, aesDecryptor, CryptoStreamMode.Write))
                            {
                                cryptoStream.Write(ciphertext, aesIVLength, cipherLength);
                            }// using cryptoStream
                        }// using aesDecryptor
                        return stream.ToArray();
                    }// using stream
                }// using hmac
            }// using aes
        }
Beispiel #3
0
		public static byte[] Encrypt(byte[] masterKey, byte[] plaintext, byte[] salt = null)
		{
			byte[] encKey, macKey;
			using (var hkdf = new HKDF(hmacFactory, masterKey, salt))
			{
				macKey = hkdf.GetBytes(macKeyLength);
				encKey = hkdf.GetBytes(encKeyLength);
			}

			using (var aes = aesFactory())
			{
				aes.Key = encKey;
				var iv = aes.IV; // generates new IV

				using (var stream = new MemoryStream())
				{
					stream.Write(iv, 0, iv.Length);
					using (var aesEncryptor = aes.CreateEncryptor())
					{
						using (var cryptoStream = new CryptoStream(stream, aesEncryptor, CryptoStreamMode.Write))
						{
							cryptoStream.Write(plaintext, 0, plaintext.Length);
							cryptoStream.FlushFinalBlock();

							using (var hmac = hmacFactory())
							{
								hmac.Key = macKey;
								var fullmac = hmac.ComputeHash(stream.GetBuffer(), 0, (int)stream.Length);
								stream.Write(fullmac, 0, macLength);
								return stream.ToArray();
							}// using hmac
						}// using cryptoStream
					}// using aesEncryptor
				}// using stream
			}// using aes
		}// Encrypt()
        public static byte[] Encrypt(byte[] masterKey, byte[] plaintext, byte[] salt = null)
        {
            byte[] encKey, macKey;
            using (var hkdf = new HKDF(hmacFactory, masterKey, salt))
            {
                macKey = hkdf.GetBytes(macKeyLength);
                encKey = hkdf.GetBytes(encKeyLength);
            }

            using (var aes = aesFactory())
            {
                aes.Key = encKey;
                var iv = aes.IV; // generates new IV

                using (var stream = new MemoryStream())
                {
                    stream.Write(iv, 0, iv.Length);
                    using (var aesEncryptor = aes.CreateEncryptor())
                    {
                        using (var cryptoStream = new CryptoStream(stream, aesEncryptor, CryptoStreamMode.Write))
                        {
                            cryptoStream.Write(plaintext, 0, plaintext.Length);
                            cryptoStream.FlushFinalBlock();

                            using (var hmac = hmacFactory())
                            {
                                hmac.Key = macKey;
                                var fullmac = hmac.ComputeHash(stream.GetBuffer(), 0, (int)stream.Length);
                                stream.Write(fullmac, 0, macLength);
                                return stream.ToArray();
                            }// using hmac
                        }// using cryptoStream
                    }// using aesEncryptor
                }// using stream
            }// using aes
        }
        static HashResult HashWithAuthentication(byte[] text, byte[] salt, byte[] key, EnmHashingAlgorithm algorithm)
        {
            if (text == null || text.Length == 0)
                return null;
            if (salt == null || salt.Length < SALT_LENGTH)
                throw new ArgumentException("Must be atleast " + SALT_LENGTH.ToString() + " characters in length", "salt");
            if (key == null || key.Length < MIN_SECRETKEY_LENGTH)
                throw new ArgumentException("Must be atleast " + MIN_SECRETKEY_LENGTH.ToString() + " characters in length", "masterKey");

            // Tussenstap: Genereer nu o.b.v. de (master)key en de salt een nieuwe afgeleide sleutel waarmee we gaan hashen: de zogenaamde hashKey.
            // Dit doen we zodat je de key niet kan herleiden uit de hash die we straks gaan genereren.
            byte[] hashkeyBytes; // De hashkey. Hiermee gaan we zometeen hashen
            using (var hkdf = new HKDF(SecurityDrivenDotNet.HMACFactories.HMACSHA512, key, salt))
                hashkeyBytes = hkdf.GetBytes(64);

            // Magic: Transformeer de data, met behulp van de sleutel, naar een onleesbare maar voorspelbare hash.
            var hash = new HMAC2(algorithm.Factory(), hashkeyBytes).ComputeHash(text);

            // Retourneer het resultaat als een BASE-64 encoded string
            return new HashResult(algorithm.ToString(), Convert.ToBase64String(salt), Convert.ToBase64String(hash));
        }