Example #1
0
        public static void DecryptWithCiphertextOverlapping(AeadAlgorithm a)
        {
            using (var k = new Key(a))
            {
                var n  = new Nonce(Utilities.RandomBytes.Slice(0, a.NonceSize), 0);
                var ad = Utilities.RandomBytes.Slice(0, 100).ToArray();

                var b = Utilities.RandomBytes.Slice(200, 200).ToArray();

                Assert.Throws <ArgumentException>("plaintext", () => a.Decrypt(k, n, ad, b.AsSpan(10, 100 + a.TagSize), b.AsSpan(60, 100)));
                Assert.Throws <ArgumentException>("plaintext", () => a.Decrypt(k, n, ad, b.AsSpan(60, 100 + a.TagSize), b.AsSpan(10, 100)));
            }
        }
Example #2
0
 public static void DecryptWithSpanWithWrongKey(AeadAlgorithm a)
 {
     using (var k = new Key(SignatureAlgorithm.Ed25519))
     {
         Assert.Throws <ArgumentException>("key", () => a.Decrypt(k, default(Nonce), ReadOnlySpan <byte> .Empty, ReadOnlySpan <byte> .Empty, Span <byte> .Empty));
     }
 }
Example #3
0
 public static void DecryptWithSpanWithCiphertextTooSmall(AeadAlgorithm a)
 {
     using (var k = new Key(a))
     {
         Assert.False(a.Decrypt(k, new Nonce(0, a.NonceSize), ReadOnlySpan <byte> .Empty, new byte[a.TagSize - 1], Span <byte> .Empty));
     }
 }
Example #4
0
 public static void DecryptWithNonceTooSmall(AeadAlgorithm a)
 {
     using (var k = new Key(a))
     {
         Assert.False(a.Decrypt(k, new Nonce(0, a.NonceSize - 1), ReadOnlySpan <byte> .Empty, ReadOnlySpan <byte> .Empty, out var pt));
     }
 }
Example #5
0
        public static void DecryptWithSpanWithDisposedKey(AeadAlgorithm a)
        {
            var k = new Key(a);

            k.Dispose();
            Assert.Throws <ObjectDisposedException>(() => a.Decrypt(k, new Nonce(0, a.NonceSize), ReadOnlySpan <byte> .Empty, new byte[a.TagSize], Span <byte> .Empty));
        }
Example #6
0
        public bool DecryptAfterReceive(
            ReadOnlySpan <byte> associatedData,
            ReadOnlySpan <byte> ciphertext,
            Span <byte> plaintext)
        {
            // decrypt the ciphertext with the receive nonce
            if (!_algorithm.Decrypt(
                    _receiveKey,
                    _receiveNonce,
                    associatedData,
                    ciphertext,
                    plaintext))
            {
                // abort the connection if decryption fails
                _sendKey.Dispose();
                _receiveKey.Dispose();
                return(false);
            }

            // increment the counter field of the receive nonce
            if (!Nonce.TryIncrement(ref _receiveNonce))
            {
                // abort the connection when the counter field of the
                // receive nonce reaches the maximum value
                _sendKey.Dispose();
                _receiveKey.Dispose();
            }

            return(true);
        }
Example #7
0
        public static void DecryptWithSpanInPlace(AeadAlgorithm a)
        {
            using (var k = new Key(a))
            {
                var n  = new Nonce(Utilities.RandomBytes.Slice(0, a.NonceSize), 0);
                var ad = Utilities.RandomBytes.Slice(0, 100);

                var actual   = new byte[L + a.TagSize];
                var expected = new byte[L + a.TagSize];

                a.Encrypt(k, n, ad, Utilities.RandomBytes.Slice(0, L), actual);
                a.Encrypt(k, n, ad, Utilities.RandomBytes.Slice(0, L), expected);

                Assert.True(a.Decrypt(k, n, ad, actual, expected.AsSpan(0, L)));
                Assert.True(a.Decrypt(k, n, ad, actual, actual.AsSpan(0, L)));
                Assert.Equal(expected, actual);
            }
        }
Example #8
0
 private static void Tests()
 {
     Console.WriteLine("Performing tests...");
     foreach (var i in Enumerable.Range(0, 10000))
     {
         var key = Key.Create(KeyAgreementAlgorithm.X25519,
                              new KeyCreationParameters {
             ExportPolicy = KeyExportPolicies.AllowPlaintextExport
         });
         var key2 = Key.Create(KeyAgreementAlgorithm.X25519,
                               new KeyCreationParameters {
             ExportPolicy = KeyExportPolicies.AllowPlaintextExport
         });
         var test1 = Convert.ToBase64String(SharedKey(key.Export(Pub), key2.Export(Priv))
                                            .Export(KeyBlobFormat.NSecSymmetricKey)) ==
                     Convert.ToBase64String(SharedKey(key2.Export(Pub), key.Export(Priv))
                                            .Export(KeyBlobFormat.NSecSymmetricKey));
         var encdata = Aead.Encrypt(SharedKey(key.Export(Pub), key2.Export(Priv)), new Nonce(0, 12),
                                    ReadOnlySpan <byte> .Empty, Encoding.UTF8.GetBytes("test2"));
         var encdata2 = Aead.Encrypt(SharedKey(key2.Export(Pub), key.Export(Priv)), new Nonce(0, 12),
                                     ReadOnlySpan <byte> .Empty, Encoding.UTF8.GetBytes("test2"));
         var test2 = Convert.ToBase64String(encdata) == Convert.ToBase64String(encdata2);
         var dec   = Aead.Decrypt(SharedKey(key.Export(Pub), key2.Export(Priv)), new Nonce(0, 12),
                                  ReadOnlySpan <byte> .Empty, encdata, out var decdata);
         var dec2 = Aead.Decrypt(SharedKey(key2.Export(Pub), key.Export(Priv)), new Nonce(0, 12),
                                 ReadOnlySpan <byte> .Empty, encdata, out var decdata2);
         var test3 = dec && dec2;
         var test4 = Convert.ToBase64String(decdata ?? throw new InvalidOperationException()) ==
                     Convert.ToBase64String(decdata2 ?? throw new InvalidOperationException());
         if (test1 && test2 && test3 && test4)
         {
             if (i % 100 == 0)
             {
                 Console.WriteLine($"Passed {i}");
             }
         }
         else
         {
             Console.WriteLine(
                 $"Failed a test at {i} out of 10000. Test 1 (Key agreement): {test1} \r\nTest 2 (Encrypting with same key): {test2}\r\nTest 3 (Testing if decryption passes): {test3}\r\nTest 4(Testing if decrypted data is identical: {test4}");
             return;
         }
     }
 }
Example #9
0
        public static void DecryptWithSpanTooLarge(AeadAlgorithm a)
        {
            using (var k = new Key(a))
            {
                var ct = a.Encrypt(k, new Nonce(0, a.NonceSize), ReadOnlySpan <byte> .Empty, ReadOnlySpan <byte> .Empty);
                Assert.NotNull(ct);
                Assert.Equal(a.TagSize, ct.Length);

                Assert.Throws <ArgumentException>("plaintext", () => a.Decrypt(k, new Nonce(0, a.NonceSize), ReadOnlySpan <byte> .Empty, ct, new byte[1]));
            }
        }
Example #10
0
        public static void DecryptWithSpanWithNonceTooLarge(AeadAlgorithm a)
        {
            if (a.NonceSize == Nonce.MaxSize)
            {
                return;
            }

            using (var k = new Key(a))
            {
                Assert.False(a.Decrypt(k, new Nonce(0, a.NonceSize + 1), ReadOnlySpan <byte> .Empty, ReadOnlySpan <byte> .Empty, Span <byte> .Empty));
            }
        }
Example #11
0
        public static void DecryptEmptySuccess(AeadAlgorithm a)
        {
            using (var k = new Key(a))
            {
                var ct = a.Encrypt(k, new Nonce(0, a.NonceSize), ReadOnlySpan <byte> .Empty, ReadOnlySpan <byte> .Empty);
                Assert.NotNull(ct);
                Assert.Equal(a.TagSize, ct.Length);

                Assert.True(a.Decrypt(k, new Nonce(0, a.NonceSize), ReadOnlySpan <byte> .Empty, ct, out var pt));
                Assert.NotNull(pt);
                Assert.Empty(pt);
            }
        }
Example #12
0
        private string DecryptSensitiveData(string encryptedData, byte[] keyBytes, byte[] nonce)
        {
            AeadAlgorithm aeadAlgorithm = AeadAlgorithm.Aes256Gcm;

            using Key key = Key.Import(AeadAlgorithm.Aes256Gcm, keyBytes, _keyBlobFormat);

            byte[] dataBytes = encryptedData.HexStringToByteArray();

            byte[] decrypted =
                aeadAlgorithm.Decrypt(key, nonce, null, Encoding.UTF8.GetBytes(encryptedData));

            return(decrypted.ByteArrayToHexString());
        }
Example #13
0
        private static bool DecryptAfterReceive(Nonce receiveNonce, ReadOnlySpan <byte> ciphertext, Span <byte> plaintext)
        {
            if (!_algorithm.Decrypt(_sendKey, receiveNonce, _associatedData, ciphertext, plaintext))
            {
                _sendKey.Dispose();
                return(false);
            }

            if (!Nonce.TryIncrement(ref _receiveSequenceNumber))
            {
                _sendKey.Dispose();
                return(false);
            }
            return(true);
        }
Example #14
0
        public static void DecryptWithSpanOutOfPlace(AeadAlgorithm a)
        {
            using (var k = new Key(a))
            {
                var n  = new Nonce(Utilities.RandomBytes.Slice(0, a.NonceSize), 0);
                var ad = Utilities.RandomBytes.Slice(0, 100);

                var expected = Utilities.RandomBytes.Slice(0, L).ToArray();
                var actual   = new byte[L];

                var ciphertext = a.Encrypt(k, n, ad, expected);

                Assert.True(a.Decrypt(k, n, ad, ciphertext, actual));
                Assert.Equal(expected, actual);
            }
        }
Example #15
0
        public static void DecryptFailClearsPlaintext(AeadAlgorithm a)
        {
            using (var k = new Key(a))
            {
                var pt = new byte[16];
                for (var i = 0; i < pt.Length; i++)
                {
                    pt[i] = 0xD6;
                }

                var ct = new byte[pt.Length + a.TagSize];

                Assert.False(a.Decrypt(k, new Nonce(0, a.NonceSize), ReadOnlySpan <byte> .Empty, ct, pt));
                Assert.Equal(new byte[pt.Length], pt);
            }
        }
Example #16
0
        public static void DecryptWithAdOverlapping(AeadAlgorithm a)
        {
            using (var k = new Key(a))
            {
                var n = new Nonce(Utilities.RandomBytes.Slice(0, a.NonceSize), 0);
                var b = Utilities.RandomBytes.Slice(0, L);

                var expected = b.ToArray();
                var actual   = Utilities.RandomBytes.Slice(200, L).ToArray();

                var ciphertext = a.Encrypt(k, n, actual.AsSpan(10, 100), expected);

                Assert.True(a.Decrypt(k, n, actual.AsSpan(10, 100), ciphertext, actual));
                Assert.Equal(expected, actual);
            }
        }
Example #17
0
 public string Decrypt(byte[] cipherText, EncryptorKey encryptorKey)
 {
     aeadAlgorithm.Decrypt(encryptorKey.Key, encryptorKey.Nonce, null, cipherText, out byte[] byteText);
     return(Encoding.UTF8.GetString(byteText));
 }
Example #18
0
 public static void DecryptWithSpanWithNullKey(AeadAlgorithm a)
 {
     Assert.Throws <ArgumentNullException>("key", () => a.Decrypt(null, default(Nonce), ReadOnlySpan <byte> .Empty, ReadOnlySpan <byte> .Empty, Span <byte> .Empty));
 }