Ejemplo n.º 1
0
        /// <summary>
        /// Performs AES decryption in GCM chaning mode over cipher text
        /// </summary>
        /// <param name="key">aes key</param>
        /// <param name="iv">initialization vector</param>
        /// <param name="aad">additional authn data</param>
        /// <param name="plainText">plain text message to be encrypted</param>
        /// <returns>decrypted plain text messages</returns>
        /// <exception cref="CryptographicException">if decryption failed by any reason</exception>
        public static byte[] Decrypt(byte[] key, byte[] iv, byte[] aad, byte[] cipherText, byte[] authTag)
        {
            using var gcm = new System.Security.Cryptography.AesGcm(key);

            var plaintext = new byte[cipherText.Length];

            gcm.Decrypt(nonce: iv, ciphertext: cipherText, tag: authTag, plaintext: plaintext, associatedData: aad);

            return(plaintext);
        }
Ejemplo n.º 2
0
        /// <summary>
        /// Performs AES encryption in GCM chaining mode over plain text
        /// </summary>
        /// <param name="key">aes key</param>
        /// <param name="iv">initialization vector</param>
        /// <param name="aad">additional authn data</param>
        /// <param name="plainText">plain text message to be encrypted</param>
        /// <returns>2 byte[] arrays: [0]=cipher text, [1]=authentication tag</returns>
        /// /// <exception cref="CryptographicException">if encryption failed by any reason</exception>
        public static byte[][] Encrypt(byte[] key, byte[] iv, byte[] aad, byte[] plainText)
        {
            using var gcm = new System.Security.Cryptography.AesGcm(key);

            var ciphertext = new byte[plainText.Length];
            var tag        = new byte[System.Security.Cryptography.AesGcm.TagByteSizes.MaxSize];

            gcm.Encrypt(nonce: iv, plaintext: plainText, ciphertext: ciphertext, tag: tag, associatedData: aad);

            return(new byte[][] { ciphertext, tag });
        }
Ejemplo n.º 3
0
    Decrypt(byte[] key, byte[] infoCipher)
    {
        if (key == null || key.Length != 32)
        {
            throw new ArgumentException("AesGcm key must be 32 bytes long.");
        }

        // Authentication tag.
        byte[] tag = new byte[16];

        // IV.
        byte[] nonce = new byte[12];

        int cipher_text_len;

        byte[] cipher_text;
        try
        {
            // Length of the cipher_text of interest inside the AES-GCM payload.
            cipher_text_len = infoCipher.Length - tag.Length - nonce.Length;
            cipher_text     = new byte[cipher_text_len];

            // Extract each entity of AES-GCM payload.
            Buffer.BlockCopy(infoCipher, infoCipher.Length - tag.Length, tag, 0, tag.Length);
            Buffer.BlockCopy(infoCipher, 0, nonce, 0, nonce.Length);
            Buffer.BlockCopy(infoCipher, nonce.Length, cipher_text, 0, cipher_text_len);
        }
        catch (Exception e)
        {
            Debug.WriteLine(e.Message);
            return(null);
        }

        //Debug.WriteLine(
        //    $"tag({Convert.ToBase64String(tag)}), "
        //    + $"nonce({Convert.ToBase64String(nonce)}), "
        //    + $"cipher({Convert.ToBase64String(cipher_text)})"
        //);

        byte[] plain_text = new byte[cipher_text_len];
        using (var c = new SysCrypto.AesGcm(key))
        {
            try
            {
                c.Decrypt(nonce, cipher_text, tag, plain_text, null);
                return(plain_text);
            }
            catch (Exception e)
            {
                Debug.WriteLine(e.Message);
                return(null);
            }
        }
    }
Ejemplo n.º 4
0
        internal static AesGcmAuthenticated Encrypt(byte[] secretKeyBytes, byte[] nonce, byte[] plaintext, byte[] aad)
        {
#if NETSTANDARD2_1
            byte[] ciphertext = new byte[plaintext.Length];
            byte[] authTag    = new byte[System.Security.Cryptography.AesGcm.TagByteSizes.MaxSize];
            using (var aes = new System.Security.Cryptography.AesGcm(secretKeyBytes))
            {
                aes.Encrypt(nonce, plaintext, ciphertext, authTag, aad);
            }
            return(new AesGcmAuthenticated(ciphertext, authTag));
#else
            throw new EncryptionException("AES/GCM/NoPadding is unsupported on .NET Standard < 2.1");
#endif
        }
Ejemplo n.º 5
0
        internal static byte[] Decrypt(byte[] secretKeyBytes, JweObject jweObject)
        {
#if NETSTANDARD2_1
            byte[] plaintext;
            using (var aes = new System.Security.Cryptography.AesGcm(secretKeyBytes))
            {
                byte[] nonce      = Base64Utils.URLDecode(jweObject.Iv);
                byte[] aad        = Encoding.ASCII.GetBytes(jweObject.RawHeader);
                byte[] authTag    = Base64Utils.URLDecode(jweObject.AuthTag);
                byte[] ciphertext = Base64Utils.URLDecode(jweObject.CipherText);
                plaintext = new byte[ciphertext.Length];

                aes.Decrypt(nonce, ciphertext, authTag, plaintext, aad);
            }
            return(plaintext);
#else
            throw new EncryptionException("AES/GCM/NoPadding is unsupported on .NET Standard < 2.1");
#endif
        }
Ejemplo n.º 6
0
 public AesGcmWrapper(byte[] key)
 {
     _aesGcm = new Crypto.AesGcm(key);
 }
Ejemplo n.º 7
0
    Encrypt(byte[] key, byte[] plainText, byte[] nonce = null)
    {
        if (plainText == null)
        {
            throw new ArgumentException("AesGcm plaintext must not be null.");
        }

        if (key == null || key.Length != 32)
        {
            throw new ArgumentException("AesGcm key must be 32 bytes long.");
        }

        // Authentication tag.
        byte[] tag = new byte[16];

        // IV.
        byte[] _nonce = new byte[12];

        if (nonce == null)
        {
            Rng.GetBytes(_nonce);
        }
        else
        {
            if (nonce.Length != 12)
            {
                throw new ArgumentException("AesGcm must be 12 bytes long.");
            }
            _nonce = nonce;
        }

        byte[] cipherText = new byte[plainText.Length];

        using (var c = new SysCrypto.AesGcm(key))
        {
            try
            {
                c.Encrypt(_nonce, plainText, cipherText, tag, null);
            }
            catch (Exception e)
            {
                Debug.WriteLine(e.Message);
                return(null);
            }
        }

        byte[] infoCipher = new byte[_nonce.Length + cipherText.Length + tag.Length];

        Buffer.BlockCopy(
            _nonce, 0,
            infoCipher, 0,
            _nonce.Length
            );

        Buffer.BlockCopy(
            cipherText, 0,
            infoCipher, _nonce.Length,
            cipherText.Length
            );

        Buffer.BlockCopy(
            tag, 0,
            infoCipher, _nonce.Length + cipherText.Length,
            tag.Length
            );

        return(infoCipher);
    }