Beispiel #1
0
        public byte[] DecryptData(EncryptedPacket encryptedPacket, NewRSA rsaParams,
                                  NewDigitalSignature digitalSignature)
        {
            var decryptedSessionKey =
                rsaParams.Decrypt(encryptedPacket.EncryptedSessionKey);

            byte[] newHMAC = ComputeHMACSha256(
                Combine(encryptedPacket.EncryptedData, encryptedPacket.Iv),
                decryptedSessionKey);

            if (!Compare(encryptedPacket.SignatureHMAC, newHMAC))
            {
                throw new CryptographicException(
                          "HMAC for decryption does not match encrypted packet.");
            }

            if (!digitalSignature.VerifySignature(
                    encryptedPacket.Signature,
                    encryptedPacket.SignatureHMAC))
            {
                throw new CryptographicException(
                          "Digital Signature can not be verified.");
            }

            var decryptedData = _aes.Decrypt(encryptedPacket.EncryptedData,
                                             decryptedSessionKey,
                                             encryptedPacket.Iv,
                                             encryptedPacket.Tag,
                                             null);

            return(decryptedData);
        }
        static void Main()
        {
            const string original = "Very secret and important information that can not fall into the wrong hands.";

            var hybrid = new HybridEncryption();

            var rsaParams = new NewRSA();

            var digitalSignature = new NewDigitalSignature();

            Console.WriteLine("Hybrid Encryption with Integrity Check and Digital Signature Demonstration in .NET");
            Console.WriteLine("----------------------------------------------------------------------------------");
            Console.WriteLine();

            try
            {
                var encryptedBlock = hybrid.EncryptData(Encoding.UTF8.GetBytes(original), rsaParams,
                                                        digitalSignature);

                var decrpyted = hybrid.DecryptData(encryptedBlock, rsaParams, digitalSignature);

                Console.WriteLine("Original Message = " + original);
                Console.WriteLine();
                Console.WriteLine("Message After Decryption = " + Encoding.UTF8.GetString(decrpyted));
            }
            catch (CryptographicException ex)
            {
                Console.WriteLine("Error : " + ex.Message);
            }

            Console.ReadLine();
        }
Beispiel #3
0
        public EncryptedPacket EncryptData(byte[] original, NewRSA rsaParams,
                                           NewDigitalSignature digitalSignature)
        {
            // Create AES session key.
            var sessionKey = _aes.GenerateRandomNumber(32);

            var encryptedPacket = new EncryptedPacket {
                Iv = _aes.GenerateRandomNumber(12)
            };

            // Encrypt data with AES-GCM
            (byte[] ciphereText, byte[] tag)encrypted =
                _aes.Encrypt(original, sessionKey, encryptedPacket.Iv, null);

            encryptedPacket.EncryptedData = encrypted.ciphereText;

            encryptedPacket.Tag = encrypted.tag;

            encryptedPacket.EncryptedSessionKey = rsaParams.Encrypt(sessionKey);

            encryptedPacket.SignatureHMAC =
                ComputeHMACSha256(
                    Combine(encryptedPacket.EncryptedData, encryptedPacket.Iv),
                    sessionKey);

            encryptedPacket.Signature =
                digitalSignature.SignData(encryptedPacket.SignatureHMAC);

            return(encryptedPacket);
        }