Ejemplo n.º 1
0
        /// <summary>
        /// Tries to get the verified message.
        /// </summary>
        /// <param name="signedMessage">The signed message.</param>
        /// <param name="verifiedMessage">The verified message.</param>
        /// <param name="hidden">The hidden.</param>
        /// <returns>false if signature is not correct</returns>
        public bool TryGetVerifiedMessage(WebBase64 signedMessage, out string verifiedMessage, byte[] hidden = null)
        {
            byte[] output;
            var    verified = TryGetVerifiedMessage(signedMessage.ToBytes(), out output, hidden);

            verifiedMessage = Config.RawStringEncoding.GetString(output);
            return(verified);
        }
Ejemplo n.º 2
0
            /// <summary>
            /// Initializes a new instance of the <see cref="NonceSessionMaterial" /> class.
            /// </summary>
            /// <param name="key">The key.</param>
            public NonceSessionMaterial(AesKey key)
            {
                Key = key;
                var nonce = new byte[SessionNonceSize];

                Secure.Random.NextBytes(nonce);
                Nonce = WebBase64.FromBytes(nonce);
            }
Ejemplo n.º 3
0
 protected virtual void Dispose(bool disposing)
 {
     _keyset          = _keyset.SafeDispose();
     _crypter         = _crypter.SafeDispose();
     _signer          = _signer.SafeDispose();
     _verifier        = _verifier.SafeDispose();
     _nonce           = _nonce.Clear();
     _sessionMaterial = _sessionMaterial.Clear();
 }
Ejemplo n.º 4
0
        /// <summary>
        /// Initializes a new instance of the <see cref="SessionCrypter" /> class.
        /// </summary>
        /// <param name="keyEncrypter">The key encrypter.</param>
        /// <param name="signer">The signer, optionally used to certify sender. (Equivialent to SignedSessionEncrypter)</param>
        /// <param name="keySize">Size of the key.</param>
        /// <param name="symmetricKeyType">Type of the symmetric key. (requires unofficial keypacker)</param>
        /// <param name="keyPacker">The key packer.</param>
        /// <exception cref="System.ArgumentException">Without a supplying a keypacker you may only use KeyType.AES;symmetricKeyType</exception>
        public SessionCrypter(Encrypter keyEncrypter, AttachedSigner signer = null, int?keySize = null,
                              KeyType symmetricKeyType = null, ISessionKeyPacker keyPacker      = null)
        {
            Workings initLazy()
            {
                var workings = new Workings();

                symmetricKeyType = symmetricKeyType ?? KeyType.Aes;
                if (keyPacker == null && symmetricKeyType != KeyType.Aes)
                {
                    throw new ArgumentException("Without a supplying a keypacker you may only use KeyType.AES",
                                                nameof(symmetricKeyType));
                }

                if (signer != null)
                {
                    keyPacker = keyPacker ?? new NonceSignedSessionPacker();
                }
                keyPacker = keyPacker ?? new SimpleAesHmacSha1KeyPacker();

                var key = Key.Generate(symmetricKeyType, keySize ?? symmetricKeyType.DefaultSize);

                workings._keyset  = new ImportedKeySet(key, KeyPurpose.DecryptAndEncrypt);
                workings._crypter = new Crypter(workings._keyset);
                workings._signer  = signer;


                byte[] packedKey;
                var    sessionPacker = keyPacker as IInteroperableSessionMaterialPacker;

                if (sessionPacker == null)
                {
                    packedKey = keyPacker.Pack(key, Config);
                }
                else
                {
                    var nonceSession = new NonceSessionMaterial((AesKey)key);
                    packedKey       = sessionPacker.PackMaterial(nonceSession, Config);
                    workings._nonce = nonceSession.Nonce.ToBytes();
                }

                workings._sessionMaterial = WebBase64.FromBytes(keyEncrypter.Encrypt(packedKey));
                if (sessionPacker == null && workings._signer != null)
                {
                    workings._sessionMaterial = WebBase64.FromBytes(workings._signer.Sign(workings._sessionMaterial.ToBytes()));
                }
                return(workings);
            }

            _working = new Lazy <Workings>(initLazy);
        }
Ejemplo n.º 5
0
        /// <summary>
        /// Initializes a new instance of the <see cref="SessionCrypter" /> class.
        /// </summary>
        /// <param name="keyDecrypter">The key decrypter.</param>
        /// <param name="sessionMaterial">The session material.</param>
        /// <param name="verifier">The verifier, optionally used to certify sender. (Equivialent to SignedSessionDecrypter)</param>
        /// <param name="keyPacker">The key packer.</param>
        public SessionCrypter(Crypter keyDecrypter, WebBase64 sessionMaterial, AttachedVerifier verifier = null,
                              ISessionKeyPacker keyPacker = null)
        {
            Workings initLazy()
            {
                var workings = new Workings();

                if (verifier != null)
                {
                    keyPacker = keyPacker ?? new NonceSignedSessionPacker();
                }
                keyPacker = keyPacker ?? new SimpleAesHmacSha1KeyPacker();

                var sessionMaterialBytes = sessionMaterial.ToBytes();
                var sessionPacker        = keyPacker as IInteroperableSessionMaterialPacker;

                workings._verifier = verifier;

                if (sessionPacker == null && workings._verifier != null)
                {
                    sessionMaterialBytes = workings._verifier.VerifiedMessage(sessionMaterialBytes);
                }
                var packedBytes = keyDecrypter.Decrypt(sessionMaterialBytes);

                Key key;

                if (sessionPacker == null)
                {
                    key = keyPacker.Unpack(packedBytes, Config);
                }
                else
                {
                    var nonceSession = sessionPacker.UnpackMaterial(packedBytes, Config);
                    key             = nonceSession.Key;
                    workings._nonce = nonceSession.Nonce.ToBytes();
                }

                workings._keyset          = new ImportedKeySet(key, KeyPurpose.DecryptAndEncrypt);
                workings._crypter         = new Crypter(workings._keyset);
                workings._sessionMaterial = sessionMaterial;
                return(workings);
            }

            _working = new Lazy <Workings>(initLazy);
        }
Ejemplo n.º 6
0
        /// <summary>
        /// Initializes a new instance of the <see cref="SessionCrypter" /> class.
        /// </summary>
        /// <param name="keyEncrypter">The key encrypter.</param>
        /// <param name="signer">The signer, optionally used to certify sender. (Equivialent to SignedSessionEncrypter)</param>
        /// <param name="keySize">Size of the key.</param>
        /// <param name="symmetricKeyType">Type of the symmetric key. (requires unofficial keypacker)</param>
        /// <param name="keyPacker">The key packer.</param>
        /// <exception cref="System.ArgumentException">Without a supplying a keypacker you may only use KeyType.AES;symmetricKeyType</exception>
        public SessionCrypter(Encrypter keyEncrypter, AttachedSigner signer = null, int?keySize = null,
                              KeyType symmetricKeyType = null, ISessionKeyPacker keyPacker      = null)
        {
            symmetricKeyType = symmetricKeyType ?? KeyType.Aes;
            if (keyPacker == null && symmetricKeyType != KeyType.Aes)
            {
                throw new ArgumentException("Without a supplying a keypacker you may only use KeyType.AES",
                                            "symmetricKeyType");
            }

            if (signer != null)
            {
                keyPacker = keyPacker ?? new NonceSignedSessionPacker();
            }
            keyPacker = keyPacker ?? new SimpleAesHmacSha1KeyPacker();

            var key = Key.Generate(symmetricKeyType, keySize ?? symmetricKeyType.DefaultSize);

            _keyset  = new ImportedKeySet(key, KeyPurpose.DecryptAndEncrypt);
            _crypter = new Crypter(_keyset);
            _signer  = signer;


            byte[] packedKey;
            var    sessionPacker = keyPacker as IInteroperableSessionMaterialPacker;

            if (sessionPacker == null)
            {
                packedKey = keyPacker.Pack(key);
            }
            else
            {
                var nonceSession = new NonceSessionMaterial((AesKey)key);
                packedKey = sessionPacker.PackMaterial(nonceSession);
                _nonce    = nonceSession.Nonce.ToBytes();
            }

            _sessionMaterial = WebBase64.FromBytes(keyEncrypter.Encrypt(packedKey));
            if (sessionPacker == null && _signer != null)
            {
                _sessionMaterial = WebBase64.FromBytes(_signer.Sign(_sessionMaterial.ToBytes()));
            }
        }
Ejemplo n.º 7
0
        /// <summary>
        /// Initializes a new instance of the <see cref="SessionCrypter" /> class.
        /// </summary>
        /// <param name="keyDecrypter">The key decrypter.</param>
        /// <param name="sessionMaterial">The session material.</param>
        /// <param name="verifier">The verifier, optionally used to certify sender. (Equivialent to SignedSessionDecrypter)</param>
        /// <param name="keyPacker">The key packer.</param>
        public SessionCrypter(Crypter keyDecrypter, WebBase64 sessionMaterial, AttachedVerifier verifier = null,
                              ISessionKeyPacker keyPacker = null)
        {
            if (verifier != null)
            {
                keyPacker = keyPacker ?? new NonceSignedSessionPacker();
            }
            keyPacker = keyPacker ?? new SimpleAesHmacSha1KeyPacker();

            var sessionMaterialBytes = sessionMaterial.ToBytes();
            var sessionPacker        = keyPacker as IInteroperableSessionMaterialPacker;

            _verifier = verifier;

            if (sessionPacker == null && _verifier != null)
            {
                sessionMaterialBytes = _verifier.VerifiedMessage(sessionMaterialBytes);
            }
            var packedBytes = keyDecrypter.Decrypt(sessionMaterialBytes);

            Key key;

            if (sessionPacker == null)
            {
                key = keyPacker.Unpack(packedBytes);
            }
            else
            {
                var nonceSession = sessionPacker.UnpackMaterial(packedBytes);
                key    = nonceSession.Key;
                _nonce = nonceSession.Nonce.ToBytes();
            }

            _keyset          = new ImportedKeySet(key, KeyPurpose.DecryptAndEncrypt);
            _crypter         = new Crypter(_keyset);
            _sessionMaterial = sessionMaterial;
        }
Ejemplo n.º 8
0
 /// <summary>
 /// Encrypts the specified raw string data.
 /// </summary>
 /// <param name="rawData">The raw string data.</param>
 /// <returns></returns>
 public WebBase64 Encrypt(string rawData)
 => WebBase64.FromBytes(Encrypt(Config.RawStringEncoding.GetBytes(rawData)));
Ejemplo n.º 9
0
 /// <summary>
 /// Signs the specified raw data.
 /// </summary>
 /// <param name="rawData">The raw data.</param>
 /// <returns></returns>
 public WebBase64 Sign(String rawData)
 => WebBase64.FromBytes(Sign(Config.RawStringEncoding.GetBytes(rawData)));
Ejemplo n.º 10
0
 /// <summary>
 /// Encrypts the specified raw data.
 /// </summary>
 /// <param name="rawData">The raw data.</param>
 /// <returns></returns>
 public WebBase64 Encrypt(string rawData)
 {
     return(WebBase64.FromBytes(Encrypt(Keyczar.RawStringEncoding.GetBytes(rawData))));
 }
Ejemplo n.º 11
0
 /// <summary>
 /// Decrypts the specified data.
 /// </summary>
 /// <param name="data">The data.</param>
 /// <returns></returns>
 public string Decrypt(WebBase64 data)
 {
     return(Keyczar.RawStringEncoding.GetString(Decrypt(data.ToBytes())));
 }
Ejemplo n.º 12
0
 /// <summary>
 /// Signs the specified raw data.
 /// </summary>
 /// <param name="rawData">The raw data.</param>
 /// <param name="expiration">The expiration.</param>
 /// <returns></returns>
 public WebBase64 Sign(String rawData, DateTime expiration)
 => WebBase64.FromBytes(Sign(Config.RawStringEncoding.GetBytes(rawData), expiration));
Ejemplo n.º 13
0
 /// <summary>
 /// Verifies the specified raw data.
 /// </summary>
 /// <param name="rawData">The raw data.</param>
 /// <param name="signature">The signature.</param>
 /// <returns></returns>
 public bool Verify(string rawData, WebBase64 signature)
 {
     return(Verify(RawStringEncoding.GetBytes(rawData), signature.ToBytes()));
 }
Ejemplo n.º 14
0
 /// <summary>
 /// Signs the specified raw data.
 /// </summary>
 /// <param name="rawData">The raw data.</param>
 /// <returns></returns>
 public WebBase64 Sign(String rawData)
 {
     return(WebBase64.FromBytes(Sign(RawStringEncoding.GetBytes(rawData))));
 }
Ejemplo n.º 15
0
 /// <summary>
 /// Signs the specified raw data.
 /// </summary>
 /// <param name="rawData">The raw data.</param>
 /// <param name="hidden">The hidden data used to generate the digest signature.</param>
 /// <returns></returns>
 public WebBase64 Sign(String rawData, Byte[] hidden = null)
 {
     return(WebBase64.FromBytes(Sign(RawStringEncoding.GetBytes(rawData), hidden)));
 }
Ejemplo n.º 16
0
 /// <summary>
 /// Verifies the specified raw data.
 /// </summary>
 /// <param name="rawData">The raw data.</param>
 /// <param name="signature">The signature.</param>
 /// <returns></returns>
 public bool Verify(string rawData, WebBase64 signature)
 => Verify(Config.RawStringEncoding.GetBytes(rawData), signature.ToBytes());
Ejemplo n.º 17
0
 /// <summary>
 /// Gets Verified message from signed message
 /// </summary>
 /// <param name="rawData">The raw data.</param>
 /// <param name="hidden">Optional hidden data used to generate the digest signature.</param>
 /// <returns></returns>
 /// <exception cref="InvalidCryptoDataException">Data Doesn't Match Signature!</exception>
 public string VerifiedMessage(WebBase64 rawData, byte[] hidden = null)
 => Config.RawStringEncoding.GetString(VerifiedMessage(rawData.ToBytes(), hidden));
Ejemplo n.º 18
0
 /// <summary>
 /// Verifies the specified message.
 /// </summary>
 /// <param name="signedMessage">The signed message.</param>
 /// <param name="hidden">Optional hidden data used to generate the digest signature.</param>
 /// <returns></returns>
 public bool Verify(WebBase64 signedMessage, byte[] hidden = null) =>
 Verify(signedMessage.ToBytes(), hidden);
Ejemplo n.º 19
0
 /// <summary>
 /// Verifies the specified message.
 /// </summary>
 /// <param name="signedMessage">The signed message.</param>
 /// <param name="hidden">Optional hidden data used to generate the digest signature.</param>
 /// <returns></returns>
 public bool Verify(WebBase64 signedMessage, byte[] hidden = null)
 {
     return(Verify(signedMessage.ToBytes(), hidden));
 }
Ejemplo n.º 20
0
 /// <summary>
 /// Signs the specified raw data.
 /// </summary>
 /// <param name="rawData">The raw data.</param>
 /// <param name="expiration">The expiration.</param>
 /// <returns></returns>
 public WebBase64 Sign(String rawData, DateTime expiration)
 {
     return(WebBase64.FromBytes(Sign(RawStringEncoding.GetBytes(rawData), expiration)));
 }