/// <summary>
/// The tamper proof string decode.
/// </summary>
/// <param name="strValue">The string value.</param>
/// <param name="strKey">The string key.</param>
/// <returns>The <see cref="string" />.</returns>
/// <exception cref="ArgumentException">exception Argument Exception</exception>
private static string TamperProofStringDecode(string strValue, string strKey)
{
string strDataValue;
strValue = strValue.Trim();
strValue = strValue.Replace(" ", "+");
System.Security.Cryptography.MACTripleDES mac3Des = new System.Security.Cryptography.MACTripleDES();
System.Security.Cryptography.MD5CryptoServiceProvider md5 = new System.Security.Cryptography.MD5CryptoServiceProvider();
mac3Des.Key = md5.ComputeHash(System.Text.Encoding.UTF8.GetBytes(strKey));
try
{
strDataValue = System.Text.Encoding.UTF8.GetString(Convert.FromBase64String(strValue.Split(Convert.ToChar("-"))[0]));
var strCalcHash = System.Text.Encoding.UTF8.GetString(mac3Des.ComputeHash(System.Text.Encoding.UTF8.GetBytes(strDataValue)));
Console.Write(strCalcHash);
}
catch (Exception)
{
return(strValue);
}
return(strDataValue);
}
//Function to decode the string
//Throws an exception if the data is corrupt
static public string TamperProofStringDecode(string value, string key)
{
String dataValue = "";
String calcHash = "";
String storedHash = "";
System.Security.Cryptography.MACTripleDES mac3des = new System.Security.Cryptography.MACTripleDES();
System.Security.Cryptography.MD5CryptoServiceProvider md5 = new System.Security.Cryptography.MD5CryptoServiceProvider();
mac3des.Key = md5.ComputeHash(System.Text.Encoding.UTF8.GetBytes(key));
try
{
dataValue = System.Text.Encoding.UTF8.GetString(System.Convert.FromBase64String(value.Split(System.Convert.ToChar("-"))[0]));
storedHash = System.Text.Encoding.UTF8.GetString(System.Convert.FromBase64String(value.Split(System.Convert.ToChar("-"))[1]));
calcHash = System.Text.Encoding.UTF8.GetString(mac3des.ComputeHash(System.Text.Encoding.UTF8.GetBytes(dataValue)));
if (storedHash != calcHash)
{
//Data was corrupted
throw new ArgumentException("Hash value does not match");
//This error is immediately caught below
}
}
catch (System.Exception)
{
HttpContext.Current.Response.Clear();
HttpContext.Current.Response.Write("Invalid Url");
HttpContext.Current.Response.End();
}
return(dataValue);
}
//Function to encode the string
static public string TamperProofStringEncode(string value, string key)
{
System.Security.Cryptography.MACTripleDES mac3des = new System.Security.Cryptography.MACTripleDES();
System.Security.Cryptography.MD5CryptoServiceProvider md5 = new System.Security.Cryptography.MD5CryptoServiceProvider();
mac3des.Key = md5.ComputeHash(System.Text.Encoding.UTF8.GetBytes(key));
return(System.Convert.ToBase64String(System.Text.Encoding.UTF8.GetBytes(value)) + System.Convert.ToChar("-") + System.Convert.ToBase64String(mac3des.ComputeHash(System.Text.Encoding.UTF8.GetBytes(value))));
}
public static string Encrypt(string value, string key)
{
MACTripleDES mac3des = new MACTripleDES();
MD5CryptoServiceProvider md5 = new MD5CryptoServiceProvider();
mac3des.Key = md5.ComputeHash(Encoding.UTF8.GetBytes(key));
return Convert.ToBase64String(Encoding.UTF8.GetBytes(value)) + '-' + Convert.ToBase64String(mac3des.ComputeHash(Encoding.UTF8.GetBytes(value)));
}
//Function to encode the string
private string SecurityStringEncode(string value, string key)
{
var mac3des = new MACTripleDES();
var md5 = new MD5CryptoServiceProvider();
mac3des.Key = md5.ComputeHash(Encoding.UTF8.GetBytes(key));
return Convert.ToBase64String(Encoding.UTF8.GetBytes(value)) + '-' +
Convert.ToBase64String(mac3des.ComputeHash(Encoding.UTF8.GetBytes(value)));
}
//////////////////////////////////////////////////////////////////////////////////////////////////////////////
// ----------------------------------------------- start ----------------------------------------------------
///////////// rates section for ammenties section, this includes all functions //////////////////////////////
// rates block here which controls the rates section in ammenites
// ////////////////////////////////////////////////////////////
///////////// rates section for ammenties section, this includes all functions //////////////////////////////
// ----------------------------------------------- end ----------------------------------------------------
//////////////////////////////////////////////////////////////////////////////////////////////////////////////
// decript of querystring method /////////////////////////////////////////////////////////////////////
public string Decrypt(string value, string key)
{
string dataValue = "";
string calcHash = "";
string storedHash = "";
MACTripleDES mac3des = new MACTripleDES();
MD5CryptoServiceProvider md5 = new MD5CryptoServiceProvider();
mac3des.Key = md5.ComputeHash(Encoding.UTF8.GetBytes(key));
try
{
dataValue = Encoding.UTF8.GetString(Convert.FromBase64String(value.Split('-')[0]));
storedHash = Encoding.UTF8.GetString(Convert.FromBase64String(value.Split('-')[1]));
calcHash = Encoding.UTF8.GetString(mac3des.ComputeHash(Encoding.UTF8.GetBytes(dataValue)));
if (storedHash != calcHash)
{
//Data was corrupted
//throw new ArgumentException("Hash value does not match");
//This error is immediately caught below
OvationTabs.Visible = false;
OvationMultiPage.Visible = false;
RFPqueryError.Visible = true;
}
}
catch (Exception ex)
{
//dataValue = "0";
//throw new ArgumentException("Invalid query string");
OvationTabs.Visible = false;
OvationMultiPage.Visible = false;
RFPqueryError.Visible = true;
}
return dataValue;
}
//Function to decode the string
//Throws an exception if the data is corrupt
private string SecurityStringDecode(string value, string key)
{
string dataValue = "";
var mac3des = new MACTripleDES();
var md5 = new MD5CryptoServiceProvider();
mac3des.Key = md5.ComputeHash(Encoding.UTF8.GetBytes(key));
try
{
value = value.Replace("%3d", "=");
value = value.Replace("%2f", "?");
string[] strs = value.Split('-');
dataValue = Encoding.UTF8.GetString(Convert.FromBase64String(strs[0]));
}
catch (Exception)
{
}
return dataValue;
}
// Function to decode the string
// Throws an exception if the data is corrupt
private static string TamperProofStringDecode(string value, string key)
{
string dataValue = string.Empty;
string calcHash = string.Empty;
string storedHash = string.Empty;
string strKey = null;
MACTripleDES mac3des = new MACTripleDES();
MD5CryptoServiceProvider md5 = new MD5CryptoServiceProvider();
mac3des.Key = md5.ComputeHash(System.Text.Encoding.UTF8.GetBytes(key));
try
{
dataValue = System.Text.Encoding.UTF8.GetString(Convert.FromBase64String(value.Split('-')[0]));
strKey = value.Split('-')[1];
strKey = DecodeHexString(strKey);
storedHash = System.Text.Encoding.UTF8.GetString(Convert.FromBase64String(strKey));
calcHash = System.Text.Encoding.UTF8.GetString(mac3des.ComputeHash(System.Text.Encoding.UTF8.GetBytes(dataValue)));
if (storedHash != calcHash)
{
// Data was corrupted
// This error is immediately caught below
throw new ArgumentException("Hash value does not match");
}
}
catch
{
throw new ArgumentException(Convert.ToString((Convert.ToString("Invalid TamperProofString stored hash = ") + storedHash) + " calchash = ") + calcHash);
}
// Cleanup
mac3des.Clear();
md5.Clear();
return dataValue;
}
// - Test TransformFinalBlock - alone;
public void CheckD (string testName, byte[] key, byte[] data, byte[] result)
{
algo = new MACTripleDES ();
algo.Key = key;
// LAMESPEC or FIXME: TransformFinalBlock doesn't return HashValue !
algo.TransformFinalBlock (data, 0, data.Length);
AssertEquals (testName + "d", result, algo.Hash);
}
// - Test constructor #3 (string, byte[])
// - Test ComputeHash (stream);
public void CheckC (string testName, byte[] key, byte[] data, byte[] result)
{
algo = new MACTripleDES ("TripleDES", key);
algo.Key = key;
MemoryStream ms = new MemoryStream (data);
byte[] hmac = algo.ComputeHash (ms);
AssertEquals (testName + "c1", result, hmac);
AssertEquals (testName + "c2", result, algo.Hash);
}
// - Test constructor #2 (byte[])
// - Test ComputeHash (byte[], int, int);
public void CheckB (string testName, byte[] key, byte[] data, byte[] result)
{
algo = new MACTripleDES (key);
byte[] hmac = algo.ComputeHash (data, 0, data.Length);
AssertEquals (testName + "b1", result, hmac);
AssertEquals (testName + "b2", result, algo.Hash);
}
// - Test constructor #1 ()
// - Test ComputeHash (byte[]);
public void CheckA (string testName, byte[] key, byte[] data, byte[] result)
{
algo = new MACTripleDES ();
algo.Key = key;
byte[] hmac = algo.ComputeHash (data);
AssertEquals (testName + "a1", result, hmac);
AssertEquals (testName + "a2", result, algo.Hash);
}
private static string TamperProofStringDecode(string value, string key)
{
String dataValue = "";
String calcHash = "";
String storedHash = "";
System.Security.Cryptography.MACTripleDES mac3des = new System.Security.Cryptography.MACTripleDES();
System.Security.Cryptography.MD5CryptoServiceProvider md5 = new System.Security.Cryptography.MD5CryptoServiceProvider();
mac3des.Key = md5.ComputeHash(System.Text.Encoding.UTF8.GetBytes(key));
try
{
dataValue = System.Text.Encoding.UTF8.GetString(System.Convert.FromBase64String(value.Split(System.Convert.ToChar("-"))[0]));
storedHash = System.Text.Encoding.UTF8.GetString(System.Convert.FromBase64String(value.Split(System.Convert.ToChar("-"))[1]));
calcHash = System.Text.Encoding.UTF8.GetString(mac3des.ComputeHash(System.Text.Encoding.UTF8.GetBytes(dataValue)));
if (storedHash != calcHash)
{
throw new ArgumentException("Hash value does not match");
}
}
catch (System.Exception)
{
throw new ArgumentException("Invalid TamperProofString");
}
return dataValue;
}
// LAMESPEC: [ExpectedException (typeof (ArgumentNullException))]
public void ConstructorNameNullKey ()
{
byte[] key = CombineKeys (key1, key2, key3);
// funny null is a valid name!
algo = new MACTripleDES (null, key);
}
public void ConstructorKeyNull ()
{
algo = new MACTripleDES (null);
}
public void ConstructorEmpty ()
{
algo = new MACTripleDES ();
AssertNotNull ("MACTripleDES ()", algo);
}
public void Invariants ()
{
algo = new MACTripleDES ();
AssertEquals ("MACTripleDES.CanReuseTransform", true, algo.CanReuseTransform);
AssertEquals ("MACTripleDES.CanTransformMultipleBlocks", true, algo.CanTransformMultipleBlocks);
AssertEquals ("MACTripleDES.HashSize", 64, algo.HashSize);
AssertEquals ("MACTripleDES.InputBlockSize", 1, algo.InputBlockSize);
AssertEquals ("MACTripleDES.OutputBlockSize", 1, algo.OutputBlockSize);
AssertEquals ("MACTripleDES.ToString()", "System.Security.Cryptography.MACTripleDES", algo.ToString ());
AssertNotNull ("MACTripleDES.Key", algo.Key);
}
/// <summary>ハッシュ(キー付き)サービスプロバイダの生成</summary>
/// <returns>ハッシュ(キー付き)サービスプロバイダ</returns>
private KeyedHashAlgorithm CreateKeyedHashAlgorithmServiceProvider()
{
// ハッシュ(キー付き)サービスプロバイダ
KeyedHashAlgorithm kha = null;
if (this.comboBox2.SelectedItem.ToString() == "既定のプロバイダ")
{
// 既定の暗号化サービスプロバイダ
kha = KeyedHashAlgorithm.Create();
}
else if (this.comboBox2.SelectedItem.ToString() == "HMACSHA1")
{
// HMACSHA1サービスプロバイダ
kha = new HMACSHA1();
}
else if (this.comboBox2.SelectedItem.ToString() == "MACTripleDES")
{
// MACTripleDESサービスプロバイダ
kha = new MACTripleDES();
}
return kha;
}
// MACTripleDES tests
#if NET_2_0
private string MAC (PaddingMode padding, int length)
{
byte[] key = new byte [24] { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x08, 0x07, 0x06, 0x05, 0x04, 0x03, 0x02, 0x01, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08 };
MACTripleDES mac = new MACTripleDES (key);
mac.Padding = padding;
byte[] data = new byte [length];
byte[] hash = mac.TransformFinalBlock (data, 0, data.Length);
string result = BitConverter.ToString (mac.Hash);
return result;
}
public static bool Test(Session session)
{
bool bRes = true;
byte[] plaintext = new byte[16];
for (int i = 0; i < plaintext.Length - 5; i++) plaintext[i] = (byte)i;
for (int i = plaintext.Length - 5; i < plaintext.Length; i++) plaintext[i] = (byte)0;
byte[] plaintext1 = new byte[plaintext.Length - 5];
for (int i = 0; i < plaintext1.Length; i++) plaintext1[i] = (byte)i;
SymmetricAlgorithm td = new TripleDESCryptoServiceProvider(session);
td.Padding = PaddingMode.None;
td.IV = new byte[8];
ICryptoTransform sse = td.CreateEncryptor();
//MemoryStream ms = new MemoryStream(plaintext);
ICryptoTransform ct = td.CreateEncryptor();
//CryptoStream cs1 = new CryptoStream(ms, sse, CryptoStreamMode.Write);
//cs1.Write(plaintext, 0, plaintext.Length);
//cs1.FlushFinalBlock();
//Log.Comment(ms.Position);
//byte[] ciphertext = ms.ToArray();
//cs1.Close();
byte[] ciphertext = ct.TransformFinalBlock(plaintext, 0, plaintext.Length);
ct.Dispose();
Log.Comment("CipherText:");
PrintByteArray(ciphertext);
td.Padding = PaddingMode.Zeros;
ICryptoTransform sse1 = td.CreateEncryptor();
//MemoryStream ms1 = new MemoryStream();
//CryptoStream cs2 = new CryptoStream(ms1, sse1, CryptoStreamMode.Write);
//cs2.Write(plaintext1, 0, plaintext1.Length);
cs2.FlushFinalBlock();
Log.Comment(ms1.Position);
byte[] ciphertext1 = ms1.ToArray();
cs2.Close();
Log.Comment("CipherText #2:");
PrintByteArray(ciphertext1);
if (!Compare(ciphertext, ciphertext1))
{
bRes = false;
Log.Comment("WRONG: ciphertexts are different. Probably padding problems.");
}
MACTripleDES mtd = new MACTripleDES(td.Key);
byte[] hash = mtd.ComputeHash(plaintext1);
Log.Comment("Hash:");
PrintByteArray(hash);
byte[] subciphertext = new byte[8];
Array.Copy(ciphertext, ciphertext.Length - 8, subciphertext, 0, 8);
if (!Compare(subciphertext, hash))
{
Log.Comment("WRONG: MAC3DES result is different from the last block of ciphertext!");
bRes = false;
}
return bRes;
}
private static string TamperProofStringEncode(string value, string key)
{
System.Security.Cryptography.MACTripleDES mac3des = new System.Security.Cryptography.MACTripleDES();
System.Security.Cryptography.MD5CryptoServiceProvider md5 = new System.Security.Cryptography.MD5CryptoServiceProvider();
mac3des.Key = md5.ComputeHash(System.Text.Encoding.UTF8.GetBytes(key));
return System.Convert.ToBase64String(System.Text.Encoding.UTF8.GetBytes(value)) + System.Convert.ToChar("-") + System.Convert.ToBase64String(mac3des.ComputeHash(System.Text.Encoding.UTF8.GetBytes(value)));
}
// - Test TransformBlock/TransformFinalBlock
public void CheckE (string testName, byte[] key, byte[] data, byte[] result)
{
algo = new MACTripleDES ();
algo.Key = key;
byte[] copy = new byte [data.Length];
// LAMESPEC or FIXME: TransformFinalBlock doesn't return HashValue !
for (int i=0; i < data.Length - 1; i++)
algo.TransformBlock (data, i, 1, copy, i);
algo.TransformFinalBlock (data, data.Length - 1, 1);
AssertEquals (testName + "e", result, algo.Hash);
}
public void ConstructorEmpty ()
{
algo = new MACTripleDES ();
}
// Function to encode the string
private static string TamperProofStringEncode(string value, string Key)
{
string strKey = null;
MACTripleDES mac3des = new MACTripleDES();
MD5CryptoServiceProvider md5 = new MD5CryptoServiceProvider();
mac3des.Key = md5.ComputeHash(System.Text.Encoding.UTF8.GetBytes(Key));
strKey = Convert.ToBase64String(mac3des.ComputeHash(System.Text.Encoding.UTF8.GetBytes(value)));
// convert key to hex because we can't have goofy characters in the query string
strKey = EncodeHexString(strKey);
// Cleanup
mac3des.Clear();
md5.Clear();
return Convert.ToString(Convert.ToBase64String(System.Text.Encoding.UTF8.GetBytes(value)) + '-') + strKey;
}
public void ConstructorNameKey ()
{
byte[] key = CombineKeys (key1, key2, key3);
algo = new MACTripleDES ("TripleDES", key);
}
public void InvalidAlgorithmName ()
{
byte[] key = CombineKeys (key1, key2, key3);
algo = new MACTripleDES ("DES", key);
}
public void ConstructorNameKey ()
{
byte[] key = CombineKeys (key1, key2, key3);
algo = new MACTripleDES ("TripleDES", key);
AssertNotNull ("MACTripleDES ('TripleDES',key)", algo);
}
public void ObjectDisposed ()
{
byte[] key = CombineKeys (key1, key2, key3);
algo = new MACTripleDES (key);
algo.Clear ();
algo.ComputeHash (new byte[1]);
}
public void SymmetricMACTripleDESSignature ()
{
SignedXml signedXml = MSDNSample ();
// Compute the signature.
byte[] secretkey = Encoding.Default.GetBytes ("password");
MACTripleDES hmac = new MACTripleDES (secretkey);
signedXml.ComputeSignature (hmac);
}
public void Invariants ()
{
algo = new MACTripleDES ();
Assert.IsTrue (algo.CanReuseTransform, "MACTripleDES.CanReuseTransform");
Assert.IsTrue (algo.CanTransformMultipleBlocks, "MACTripleDES.CanTransformMultipleBlocks");
Assert.AreEqual (64, algo.HashSize, "MACTripleDES.HashSize");
Assert.AreEqual (1, algo.InputBlockSize, "MACTripleDES.InputBlockSize");
Assert.AreEqual (1, algo.OutputBlockSize, "MACTripleDES.OutputBlockSize");
Assert.AreEqual ("System.Security.Cryptography.MACTripleDES", algo.ToString (), "MACTripleDES.ToString()");
Assert.IsNotNull (algo.Key, "MACTripleDES.Key");
}
