public void Properties ()
{
RSAOAEPKeyExchangeFormatter keyex = new RSAOAEPKeyExchangeFormatter ();
keyex.SetKey (key);
Assert.IsNull (keyex.Parameter, "RSAOAEPKeyExchangeFormatter.Parameter");
Assert.IsNull (keyex.Parameters, "RSAOAEPKeyExchangeFormatter.Parameters");
Assert.IsNull (keyex.Rng, "RSAOAEPKeyExchangeFormatter.Rng");
Assert.AreEqual ("System.Security.Cryptography.RSAOAEPKeyExchangeFormatter", keyex.ToString ());
}
public void Properties ()
{
RSAOAEPKeyExchangeFormatter keyex = new RSAOAEPKeyExchangeFormatter ();
keyex.SetKey (key);
Assertion.AssertNull ("RSAOAEPKeyExchangeFormatter.Parameter", keyex.Parameter);
Assertion.AssertNull ("RSAOAEPKeyExchangeFormatter.Parameters", keyex.Parameters);
Assertion.AssertNull ("RSAOAEPKeyExchangeFormatter.Rng", keyex.Rng);
Assertion.AssertEquals ("RSAOAEPKeyExchangeFormatter.ToString()", "System.Security.Cryptography.RSAOAEPKeyExchangeFormatter", keyex.ToString ());
}
/// <summary>Encrypts data with the <see cref="T:System.Security.Cryptography.RSA" /> algorithm.</summary>
/// <returns>The encrypted data.</returns>
/// <param name="rgb">The data to be encrypted. </param>
/// <param name="fOAEP">true to perform direct <see cref="T:System.Security.Cryptography.RSA" /> encryption using Optimal Asymmetric Encryption Padding (OAEP), which is only available on a computer running Microsoft Windows XP or later; false to use PKCS#1 v1.5 padding. </param>
/// <exception cref="T:System.Security.Cryptography.CryptographicException">The cryptographic service provider (CSP) cannot be acquired.-or- The length of the <paramref name="rgb" /> parameter is greater than the maximum allowed length.-or- The <paramref name="fOAEP" /> parameter is true and OAEP padding is not supported. </exception>
/// <exception cref="T:System.ArgumentNullException">
/// <paramref name="rgb " />is null.</exception>
/// <PermissionSet>
/// <IPermission class="System.Security.Permissions.KeyContainerPermission, mscorlib, Version=2.0.3600.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" version="1" Unrestricted="true" />
/// </PermissionSet>
public byte[] Encrypt(byte[] rgb, bool fOAEP)
{
AsymmetricKeyExchangeFormatter asymmetricKeyExchangeFormatter;
if (fOAEP)
{
asymmetricKeyExchangeFormatter = new RSAOAEPKeyExchangeFormatter(this.rsa);
}
else
{
asymmetricKeyExchangeFormatter = new RSAPKCS1KeyExchangeFormatter(this.rsa);
}
return(asymmetricKeyExchangeFormatter.CreateKeyExchange(rgb));
}
public void ExchangeMin()
{
AsymmetricKeyExchangeFormatter keyex = new RSAOAEPKeyExchangeFormatter (key);
byte[] M = { 0x01 };
try {
byte[] EM = keyex.CreateKeyExchange (M);
AsymmetricKeyExchangeDeformatter keyback = new RSAOAEPKeyExchangeDeformatter (key);
byte[] Mback = keyback.DecryptKeyExchange (EM);
AssertEquals ("RSAOAEPKeyExchangeFormatter Min", M, Mback);
}
catch (CryptographicException ce) {
// not supported by every version of Windows - Minimum: Windows XP
Console.WriteLine (ce.Message + " (" + Environment.OSVersion.ToString () + ")");
}
}
public byte[] Encrypt(byte[] rgb, bool fOAEP)
{
// choose between OAEP or PKCS#1 v.1.5 padding
AsymmetricKeyExchangeFormatter fmt = null;
if (fOAEP)
{
fmt = new RSAOAEPKeyExchangeFormatter(rsa);
}
else
{
fmt = new RSAPKCS1KeyExchangeFormatter(rsa);
}
return(fmt.CreateKeyExchange(rgb));
}
/// <summary>
/// Encrypt binary.
/// </summary>
/// <param name="binary">The data to encrypt.</param>
/// <param name="publicKey">The public key.</param>
/// <param name="symmetricAlgorithmName">Optional. The name of the symmetric algorithm to use. Defaults to "Rijndael" (128 bits AES). See http://msdn.microsoft.com/en-us/library/k74a682y(v=vs.100).aspx for a list of valid values.</param>
/// <returns></returns>
public static byte[] Encrypt(this byte[] binary, RSA publicKey, string symmetricAlgorithmName = "Rijndael")
{
if (binary == null) throw new ArgumentNullException("binary");
if (publicKey == null) throw new ArgumentNullException("publicKey");
//create sym key of given type
var symmetricKey = SymmetricAlgorithm.Create(symmetricAlgorithmName);
if (symmetricKey == null)
throw new ArgumentException("Unsupported symmetricAlgorithmName: '{0}'".FormatWith(symmetricAlgorithmName), "symmetricAlgorithmName");
//encrypt input using the sym key
var encryptedBinary = symmetricKey.CreateEncryptor().TransformFinalBlock(binary, 0, binary.Length);
//encrypt sym key using asym key
var encryptedSymmetricKey = new RSAOAEPKeyExchangeFormatter(publicKey).CreateKeyExchange(symmetricKey.Key);
//concat encrypted sym key, IV (public) and encrypted binary
return Concatenate(encryptedSymmetricKey, symmetricKey.IV, encryptedBinary);
}
public void Exchange128()
{
AsymmetricKeyExchangeFormatter keyex = new RSAOAEPKeyExchangeFormatter (key);
byte[] M = { 0xd4, 0x36, 0xe9, 0x95, 0x69, 0xfd, 0x32, 0xa7, 0xc8, 0xa0, 0x5b, 0xbc, 0x90, 0xd3, 0x2c, 0x49 };
try {
byte[] EM = keyex.CreateKeyExchange (M, typeof (Rijndael));
AsymmetricKeyExchangeDeformatter keyback = new RSAOAEPKeyExchangeDeformatter (key);
byte[] Mback = keyback.DecryptKeyExchange (EM);
AssertEquals ("RSAOAEPKeyExchangeFormatter 128", M, Mback);
}
catch (CryptographicException ce) {
// not supported by every version of Windows - Minimum: Windows XP
Console.WriteLine (ce.Message + " (" + Environment.OSVersion.ToString () + ")");
}
}
/// <inheritdoc />
protected internal override byte[] Encrypt(byte[] data, byte[] iv)
{
var keyExchange = new RSAOAEPKeyExchangeFormatter(this.Rsa);
return keyExchange.CreateKeyExchange(data);
}
/// <inheritdoc />
protected internal override byte[] Encrypt(byte[] data, byte[] iv)
{
AsymmetricKeyExchangeFormatter keyExchange;
switch (this.Algorithm)
{
case AsymmetricAlgorithm.RsaOaepSha1:
case AsymmetricAlgorithm.RsaOaepSha256:
case AsymmetricAlgorithm.RsaOaepSha384:
case AsymmetricAlgorithm.RsaOaepSha512:
keyExchange = new RSAOAEPKeyExchangeFormatter(this.Rsa);
break;
case AsymmetricAlgorithm.RsaPkcs1:
keyExchange = new RSAPKCS1KeyExchangeFormatter(this.Rsa);
break;
default:
throw new NotSupportedException();
}
return keyExchange.CreateKeyExchange(data);
}
public byte[] Encrypt (byte[] rgb, bool fOAEP)
{
// choose between OAEP or PKCS#1 v.1.5 padding
AsymmetricKeyExchangeFormatter fmt = null;
if (fOAEP)
fmt = new RSAOAEPKeyExchangeFormatter (rsa);
else
fmt = new RSAPKCS1KeyExchangeFormatter (rsa);
return fmt.CreateKeyExchange (rgb);
}
/// <summary>
/// Encrypts the symmetric key data.
/// </summary>
/// <param name="cert">The cert.</param>
/// <param name="keyData">The key data.</param>
/// <returns>The encrypted data.</returns>
public static byte[] EncryptSymmetricKeyData(X509Certificate2 cert, byte[] keyData)
{
if (cert == null)
{
throw new ArgumentNullException("cert");
}
if (keyData == null)
{
throw new ArgumentNullException("keyData");
}
RSACryptoServiceProvider rsaPublicKey = cert.PublicKey.Key as RSACryptoServiceProvider;
RSAOAEPKeyExchangeFormatter keyFormatter = new RSAOAEPKeyExchangeFormatter(rsaPublicKey);
return keyFormatter.CreateKeyExchange(keyData);
}
// encrypts the supplied input key data using an RSA key and specifies whether we want to use OAEP
// padding or PKCS#1 v1.5 padding as described in the PKCS specification
public static byte[] EncryptKey (byte[] keyData, RSA rsa, bool useOAEP) {
if (keyData == null)
throw new ArgumentNullException("keyData");
if (rsa == null)
throw new ArgumentNullException("rsa");
if (useOAEP) {
RSAOAEPKeyExchangeFormatter rsaFormatter = new RSAOAEPKeyExchangeFormatter(rsa);
return rsaFormatter.CreateKeyExchange(keyData);
} else {
RSAPKCS1KeyExchangeFormatter rsaFormatter = new RSAPKCS1KeyExchangeFormatter(rsa);
return rsaFormatter.CreateKeyExchange(keyData);
}
}
// FIXME [KeyContainerPermission (SecurityAction.Assert, KeyContainerName = "DAPI",
// Flags = KeyContainerPermissionFlags.Open | KeyContainerPermissionFlags.Create)]
public static byte[] Protect (byte[] userData, byte[] optionalEntropy, DataProtectionScope scope)
{
if (userData == null)
throw new ArgumentNullException ("userData");
Rijndael aes = Rijndael.Create ();
aes.KeySize = 128;
byte[] encdata = null;
using (MemoryStream ms = new MemoryStream ()) {
ICryptoTransform t = aes.CreateEncryptor ();
using (CryptoStream cs = new CryptoStream (ms, t, CryptoStreamMode.Write)) {
cs.Write (userData, 0, userData.Length);
cs.Close ();
encdata = ms.ToArray ();
}
}
byte[] key = null;
byte[] iv = null;
byte[] secret = null;
byte[] header = null;
SHA256 hash = SHA256.Create ();
try {
key = aes.Key;
iv = aes.IV;
secret = new byte[1 + 1 + 16 + 1 + 16 + 1 + 32];
byte[] digest = hash.ComputeHash (userData);
if ((optionalEntropy != null) && (optionalEntropy.Length > 0)) {
// the same optionalEntropy will be required to get the data back
byte[] mask = hash.ComputeHash (optionalEntropy);
for (int i = 0; i < 16; i++) {
key[i] ^= mask[i];
iv[i] ^= mask[i + 16];
}
secret[0] = 2; // entropy
} else {
secret[0] = 1; // without entropy
}
secret[1] = 16; // key size
Buffer.BlockCopy (key, 0, secret, 2, 16);
secret[18] = 16; // iv size
Buffer.BlockCopy (iv, 0, secret, 19, 16);
secret[35] = 32; // digest size
Buffer.BlockCopy (digest, 0, secret, 36, 32);
RSAOAEPKeyExchangeFormatter formatter = new RSAOAEPKeyExchangeFormatter (GetKey (scope));
header = formatter.CreateKeyExchange (secret);
}
finally {
if (key != null) {
Array.Clear (key, 0, key.Length);
key = null;
}
if (secret != null) {
Array.Clear (secret, 0, secret.Length);
secret = null;
}
if (iv != null) {
Array.Clear (iv, 0, iv.Length);
iv = null;
}
aes.Clear ();
hash.Clear ();
}
byte[] result = new byte[header.Length + encdata.Length];
Buffer.BlockCopy (header, 0, result, 0, header.Length);
Buffer.BlockCopy (encdata, 0, result, header.Length, encdata.Length);
return result;
}
public void ExchangeDSAKey ()
{
DSA dsa = DSA.Create ();
AsymmetricKeyExchangeFormatter keyex = new RSAOAEPKeyExchangeFormatter (dsa);
}
public static byte[] EncryptKey (byte[] keyData, RSA rsa, bool fOAEP)
{
AsymmetricKeyExchangeFormatter formatter = null;
if (fOAEP)
formatter = new RSAOAEPKeyExchangeFormatter (rsa);
else
formatter = new RSAPKCS1KeyExchangeFormatter (rsa);
return formatter.CreateKeyExchange (keyData);
}
public void ExchangeTooBig()
{
AsymmetricKeyExchangeFormatter keyex = new RSAOAEPKeyExchangeFormatter (key);
byte[] M = new byte [(key.KeySize >> 3)- 10];
byte[] EM = keyex.CreateKeyExchange (M);
}
public void Parameter ()
{
RSAOAEPKeyExchangeFormatter keyex = new RSAOAEPKeyExchangeFormatter (key);
keyex.Parameter = new byte [1];
Assert.AreEqual (1, keyex.Parameter.Length);
}
public void ExchangeNoKey ()
{
AsymmetricKeyExchangeFormatter keyex = new RSAOAEPKeyExchangeFormatter ();
byte[] M = keyex.CreateKeyExchange (new byte [16]);
}
public void Rng ()
{
RSAOAEPKeyExchangeFormatter keyex = new RSAOAEPKeyExchangeFormatter (key);
Assert.IsNull (keyex.Rng, "Rng");
keyex.Rng = RandomNumberGenerator.Create ();
Assert.IsNotNull (keyex.Rng, "Rng 2");
}
