// -------------------------------------------------------------------------------
/// <summary>
/// Decrypt and uncompress the ciphertext. (with signature)
/// </summary>
/// <param name="ciphertext">The ciphertext to be decrypted.</param>
/// <param name="compressStreamReader">A StreamReader for the uncompressing the stream</param>
/// <returns>The encrypted plaintext (-> ciphertext).</returns>
public byte[] Decrypt(byte[] ciphertext, CompressStreamReaderDelegate compressStreamReader)
{
byte[] ret;
try
{
ret = SignedDecrypt(ciphertext, compressStreamReader);
}
catch (Exception ex)
{
throw new Exception("Error within OlympCryptography.Decrypt, see inner exception.", ex);
}
return(ret);
}
// -------------------------------------------------------------------------------
/// <summary>
/// SignedDecrypt the ciphertext.
/// </summary>
/// <param name="ciphertext">The ciphertext to be decrypted.</param>
/// <param name="compressStreamReader">A StreamReader for the uncompressing the stream</param>
/// <returns>The decrypted ciphertext (-> plaintext).</returns>
private byte[] SignedDecrypt(byte[] ciphertext, CompressStreamReaderDelegate compressStreamReader)
{
byte[] plaintext = null;
MemoryStream memoryStream = new MemoryStream(ciphertext);
// get the initialization vector
BinaryFormatter formatter = new BinaryFormatter();
byte[] IV = formatter.Deserialize(memoryStream) as byte[];
// get signature and DSA parameters
byte[] signature = formatter.Deserialize(memoryStream) as byte[];
DSAParameters dsaParameters = (DSAParameters) formatter.Deserialize(memoryStream);
DSACryptoServiceProvider dsaVerifier = new DSACryptoServiceProvider();
dsaVerifier.ImportParameters(dsaParameters);
//Creates the default implementation, which is RijndaelManaged.
SymmetricAlgorithm rijn = SymmetricAlgorithm.Create();
// creates a symmetric decryptor object with the specified Key and initialization vector (IV).
ICryptoTransform decryptor = rijn.CreateDecryptor(this.key, IV);
// prepare the Crypto Stream
CryptoStream encryptedData = new CryptoStream(memoryStream, decryptor, CryptoStreamMode.Read);
MemoryStream plainData = null;
if (compressStreamReader != null)
{
// decrypt ciphertext
MemoryStream decryptedData = this.GetBytes(encryptedData);
decryptedData.Position = 0;
// decompress ciphertext
using (Stream sr = compressStreamReader(decryptedData))
{
plainData = this.GetBytes(sr);
sr.Close();
}
plainData.Position = 0;
}
else
{
// decrypt ciphertext
plainData = this.GetBytes(encryptedData);
plainData.Position = 0;
}
// Check Digital signature
SHA1 sha1Provider = new SHA1CryptoServiceProvider();
byte[] hashbytes = sha1Provider.ComputeHash(plainData);
if(!dsaVerifier.VerifyHash(hashbytes, CryptoConfig.MapNameToOID(SHA1), signature))
{
throw new Exception("OlympCryptography.SignedDecrypt: Invalid digital signature - data manipulated!");
}
plaintext = plainData.ToArray();
return plaintext;
}
// -------------------------------------------------------------------------------
/// <summary>
/// Decrypt and uncompress the ciphertext. (with signature)
/// </summary>
/// <param name="ciphertext">The ciphertext to be decrypted.</param>
/// <param name="compressStreamReader">A StreamReader for the uncompressing the stream</param>
/// <returns>The encrypted plaintext (-> ciphertext).</returns>
public byte[] Decrypt(byte[] ciphertext, CompressStreamReaderDelegate compressStreamReader)
{
byte[] ret;
try
{
ret = SignedDecrypt(ciphertext, compressStreamReader);
}
catch (Exception ex)
{
throw new Exception("Error within OlympCryptography.Decrypt, see inner exception.", ex);
}
return ret;
}
// -------------------------------------------------------------------------------
/// <summary>
/// SignedDecrypt the ciphertext.
/// </summary>
/// <param name="ciphertext">The ciphertext to be decrypted.</param>
/// <param name="compressStreamReader">A StreamReader for the uncompressing the stream</param>
/// <returns>The decrypted ciphertext (-> plaintext).</returns>
private byte[] SignedDecrypt(byte[] ciphertext, CompressStreamReaderDelegate compressStreamReader)
{
byte[] plaintext = null;
MemoryStream memoryStream = new MemoryStream(ciphertext);
// get the initialization vector
BinaryFormatter formatter = new BinaryFormatter();
byte[] IV = formatter.Deserialize(memoryStream) as byte[];
// get signature and DSA parameters
byte[] signature = formatter.Deserialize(memoryStream) as byte[];
DSAParameters dsaParameters = (DSAParameters)formatter.Deserialize(memoryStream);
DSACryptoServiceProvider dsaVerifier = new DSACryptoServiceProvider();
dsaVerifier.ImportParameters(dsaParameters);
//Creates the default implementation, which is RijndaelManaged.
SymmetricAlgorithm rijn = SymmetricAlgorithm.Create();
// creates a symmetric decryptor object with the specified Key and initialization vector (IV).
ICryptoTransform decryptor = rijn.CreateDecryptor(this.key, IV);
// prepare the Crypto Stream
CryptoStream encryptedData = new CryptoStream(memoryStream, decryptor, CryptoStreamMode.Read);
MemoryStream plainData = null;
if (compressStreamReader != null)
{
// decrypt ciphertext
MemoryStream decryptedData = this.GetBytes(encryptedData);
decryptedData.Position = 0;
// decompress ciphertext
using (Stream sr = compressStreamReader(decryptedData))
{
plainData = this.GetBytes(sr);
sr.Close();
}
plainData.Position = 0;
}
else
{
// decrypt ciphertext
plainData = this.GetBytes(encryptedData);
plainData.Position = 0;
}
// Check Digital signature
SHA1 sha1Provider = new SHA1CryptoServiceProvider();
byte[] hashbytes = sha1Provider.ComputeHash(plainData);
if (!dsaVerifier.VerifyHash(hashbytes, CryptoConfig.MapNameToOID(SHA1), signature))
{
throw new Exception("OlympCryptography.SignedDecrypt: Invalid digital signature - data manipulated!");
}
plaintext = plainData.ToArray();
return(plaintext);
}
