// Decrypt a byte array into a byte array using a key and an IV
public static byte[] Decrypt(byte[] cipherData, byte[] Key, byte[] IV, CipherMode cipherMode, PaddingMode paddingMode)
{
// Create a MemoryStream that is going to accept the
// decrypted bytes
MemoryStream ms = new MemoryStream();
// Create a symmetric algorithm.
// We are going to use Rijndael because it is strong and
// available on all platforms.
// You can use other algorithms, to do so substitute the next
// line with something like
// TripleDES alg = TripleDES.Create();
Rijndael alg = Rijndael.Create();
// Now set the key and the IV.
// We need the IV (Initialization Vector) because the algorithm
// is operating in its default
// mode called CBC (Cipher Block Chaining). The IV is XORed with
// the first block (8 byte)
// of the data after it is decrypted, and then each decrypted
// block is XORed with the previous
// cipher block. This is done to make encryption more secure.
// There is also a mode called ECB which does not need an IV,
// but it is much less secure.
alg.Mode = cipherMode;
alg.Padding = paddingMode;
alg.Key = Key;
alg.IV = IV;
// Create a CryptoStream through which we are going to be
// pumping our data.
// CryptoStreamMode.Write means that we are going to be
// writing data to the stream
// and the output will be written in the MemoryStream
// we have provided.
CryptoStream cs = new CryptoStream(ms,
alg.CreateDecryptor(), CryptoStreamMode.Write);
// Write the data and make it do the decryption
cs.Write(cipherData, 0, cipherData.Length);
// Close the crypto stream (or do FlushFinalBlock).
// This will tell it that we have done our decryption
// and there is no more data coming in,
// and it is now a good time to remove the padding
// and finalize the decryption process.
cs.Close();
// Now get the decrypted data from the MemoryStream.
// Some people make a mistake of using GetBuffer() here,
// which is not the right way.
byte[] decryptedData = ms.ToArray();
return decryptedData;
}
[System.Security.SecurityCritical] // auto-generated
private ICryptoTransform _NewEncryptor (byte[] rgbKey, CipherMode mode, byte[] rgbIV, int feedbackSize, CryptoAPITransformMode encryptMode) {
int cArgs = 0;
int[] rgArgIds = new int[10];
Object[] rgArgValues = new Object[10];
// Check for bad values
// 1) we don't support OFB mode in DESCryptoServiceProvider
if (mode == CipherMode.OFB)
throw new CryptographicException(Environment.GetResourceString("Cryptography_CSP_OFBNotSupported"));
// 2) we only support CFB with a feedback size of 8 bits
if ((mode == CipherMode.CFB) && (feedbackSize != 8))
throw new CryptographicException(Environment.GetResourceString("Cryptography_CSP_CFBSizeNotSupported"));
// Build the key if one does not already exist
if (rgbKey == null) {
rgbKey = new byte[8];
Utils.StaticRandomNumberGenerator.GetBytes(rgbKey);
}
// Set the mode for the encryptor (defaults to CBC)
if (mode != CipherMode.CBC) {
rgArgIds[cArgs] = Constants.KP_MODE;
rgArgValues[cArgs] = mode;
cArgs += 1;
}
// If not ECB mode -- pass in an IV
if (mode != CipherMode.ECB) {
if (rgbIV == null) {
rgbIV = new byte[8];
Utils.StaticRandomNumberGenerator.GetBytes(rgbIV);
}
//
// We truncate IV's that are longer than the block size to 8 bytes : this is
// done to maintain backward compatibility with the behavior shipped in V1.x.
// The call to set the IV in CryptoAPI will ignore any bytes after the first 8
// bytes. We'll still reject IV's that are shorter than the block size though.
//
if (rgbIV.Length < 8)
throw new CryptographicException(Environment.GetResourceString("Cryptography_InvalidIVSize"));
rgArgIds[cArgs] = Constants.KP_IV;
rgArgValues[cArgs] = rgbIV;
cArgs += 1;
}
// If doing OFB or CFB, then we need to set the feed back loop size
if ((mode == CipherMode.OFB) || (mode == CipherMode.CFB)) {
rgArgIds[cArgs] = Constants.KP_MODE_BITS;
rgArgValues[cArgs] = feedbackSize;
cArgs += 1;
}
// Create the encryptpr/decryptor object
return new CryptoAPITransform(Constants.CALG_DES, cArgs, rgArgIds,
rgArgValues, rgbKey, PaddingValue,
mode, BlockSizeValue, feedbackSize, false,
encryptMode);
}
public static byte[] EncriptarDeImagen(byte[] bytEncriptar, string strPK, CipherMode cMode)
{
Rijndael rijndael = Rijndael.Create();
byte[] buffer = null;
byte[] array = null;
try
{
rijndael.Key = new PasswordDeriveBytes(strPK, null).GetBytes(0x20);
rijndael.Mode = cMode;
byte[] destinationArray = new byte[bytEncriptar.Length - 0x22];
Array.Copy(bytEncriptar, 0x22, destinationArray, 0, bytEncriptar.Length - 0x22);
buffer = rijndael.CreateEncryptor().TransformFinalBlock(destinationArray, 0, destinationArray.Length);
array = new byte[0x22 + buffer.Length];
bytEncriptar.CopyTo(array, 0);
buffer.CopyTo(array, 0x22);
}
catch
{
}
finally
{
rijndael.Clear();
}
return array;
}
public static byte[] EncriptarDeImagen(byte[] bytEncriptar, string strPK, CipherMode cMode)
{
Rijndael miRijndael = Rijndael.Create();
byte[] encrypted = null;
byte[] returnValue = null;
try
{
miRijndael.Key = (new PasswordDeriveBytes(strPK, null)).GetBytes(32);
miRijndael.Mode = cMode;
byte[] toEncrypt = new byte[bytEncriptar.Length-34];
Array.Copy(bytEncriptar, 34, toEncrypt, 0, bytEncriptar.Length-34);
encrypted = (miRijndael.CreateEncryptor()).TransformFinalBlock(toEncrypt, 0, toEncrypt.Length);
returnValue = new byte[34 + encrypted.Length];
bytEncriptar.CopyTo(returnValue, 0);
encrypted.CopyTo(returnValue, 34);
}
catch { }
finally { miRijndael.Clear(); }
return returnValue;
}
public static byte[] Decrypt(byte[] value, byte[] key, byte[] iv, CipherMode mode = CipherMode.CBC, PaddingMode padding = PaddingMode.None)
{
if (value == null || value.Length <= 0)
throw new ArgumentNullException("value");
if (key == null || key.Length <= 0)
throw new ArgumentNullException("key");
if (iv == null || iv.Length <= 0)
throw new ArgumentNullException("iv");
byte[] result;
using (RijndaelManaged rijndael = new RijndaelManaged())
{
rijndael.Key = key;
rijndael.IV = iv;
rijndael.Mode = mode;
rijndael.Padding = padding;
ICryptoTransform transform = rijndael.CreateDecryptor(rijndael.Key, rijndael.IV);
using (MemoryStream memory = new MemoryStream())
using (CryptoStream crypto = new CryptoStream(memory, transform, CryptoStreamMode.Read))
{
crypto.Write(value, 0, value.Length);
result = memory.ToArray();
}
}
return result;
}
private Native.SafeCipherHandle GetCipher(CipherMode mode, int keyLength)
{
if (mode == CipherMode.CBC) {
switch (keyLength) {
case 16:
return Native.EVP_aes_128_cbc ();
case 24:
return Native.EVP_aes_192_cbc ();
case 32:
return Native.EVP_aes_256_cbc ();
}
} else if (mode == CipherMode.ECB) {
switch (keyLength) {
case 16:
return Native.EVP_aes_128_ecb ();
case 24:
return Native.EVP_aes_192_ecb ();
case 32:
return Native.EVP_aes_256_ecb ();
}
}
throw new CryptographicException (string.Format ("{0} not supported", mode));
}
public static string DecryptMessage(string message, byte[] key, CipherMode mode)
{
var cipherBytes = CipherHelper.ConvertFromHexString(message).ToArray<byte>();
// first 16 bytes of cipher text is IV
var IV = cipherBytes.Take<byte>(blockSize).ToArray<byte>();
cipherBytes = cipherBytes.Skip<byte>(blockSize).ToArray<byte>();
var textBytes = new byte[cipherBytes.Length];
using (var aesAlg = Aes.Create())
{
aesAlg.Mode = mode;
aesAlg.KeySize = keySize;
aesAlg.Padding = PaddingMode.PKCS7;
using(ICryptoTransform decryptor = aesAlg.CreateDecryptor(key, IV))
{
using(MemoryStream memStream = new MemoryStream(cipherBytes))
{
using(CryptoStream cryptoStream = new CryptoStream(memStream, decryptor, CryptoStreamMode.Read))
{
using (var reader = new BinaryReader(cryptoStream))
{
textBytes = reader.ReadBytes(cipherBytes.Length);
}
}
}
}
}
return CipherHelper.GetASCIIString(textBytes);
}
public TripleDesOpenSslCipher(CipherMode cipherMode, int blockSizeInBytes, byte[] key, byte[] iv, bool encrypting)
: base(cipherMode.GetCipherIv(iv), blockSizeInBytes)
{
_encrypting = encrypting;
OpenKey(cipherMode, key);
}
private ICryptoTransform NewEncryptor (byte[] rgbKey,
CipherMode mode,
byte[] rgbIV,
int feedbackSize,
RijndaelManagedTransformMode encryptMode) {
// Build the key if one does not already exist
if (rgbKey == null) {
rgbKey = Utils.GenerateRandom(KeySizeValue / 8);
}
// If not ECB mode, make sure we have an IV. In CoreCLR we do not support ECB, so we must have
// an IV in all cases.
#if !FEATURE_CRYPTO
if (mode != CipherMode.ECB) {
#endif // !FEATURE_CRYPTO
if (rgbIV == null) {
rgbIV = Utils.GenerateRandom(BlockSizeValue / 8);
}
#if !FEATURE_CRYPTO
}
#endif // !FEATURE_CRYPTO
// Create the encryptor/decryptor object
return new RijndaelManagedTransform (rgbKey,
mode,
rgbIV,
BlockSizeValue,
feedbackSize,
PaddingValue,
encryptMode);
}
private static ICryptoTransform CreateTransformCore(
CipherMode cipherMode,
PaddingMode paddingMode,
byte[] key,
byte[] iv,
int blockSize,
bool encrypting)
{
// The algorithm pointer is a static pointer, so not having any cleanup code is correct.
IntPtr algorithm;
switch (cipherMode)
{
case CipherMode.CBC:
algorithm = Interop.Crypto.EvpDesCbc();
break;
case CipherMode.ECB:
algorithm = Interop.Crypto.EvpDesEcb();
break;
default:
throw new NotSupportedException();
}
BasicSymmetricCipher cipher = new OpenSslCipher(algorithm, cipherMode, blockSize, key, 0, iv, encrypting);
return UniversalCryptoTransform.Create(paddingMode, cipher, encrypting);
}
public static string Decrypt(string cipherText, string Password, CipherMode cipherMode, PaddingMode paddingMode)
{
byte[] cipherData = Convert.FromBase64String(cipherText);
PasswordDeriveBytes bytes = new PasswordDeriveBytes(Password, new byte[] { 0x49, 0x76, 0x61, 110, 0x20, 0x4d, 0x65, 100, 0x76, 0x65, 100, 0x65, 0x76 });
byte[] buffer2 = Decrypt(cipherData, bytes.GetBytes(0x20), bytes.GetBytes(0x10), cipherMode, paddingMode);
return Encoding.Unicode.GetString(buffer2);
}
private void buttonGenerator_Click(object sender, EventArgs e)
{
try
{
// Selected 'Preset'
if (tabControl.SelectedIndex == 0)
{
CurrentBlockSize = comboBoxPresets.SelectedIndex == 0 ? 128 : 256;
CurrentKeySize = comboBoxPresets.SelectedIndex == 0 ? 128 : 256;
SelectedCipher = CipherMode.CBC;
SelectedPadding = PaddingMode.PKCS7;
}
int index = tabControl.SelectedIndex;
if ((index == 0 && comboBoxPresets.SelectedIndex == 1) ||
(index == 1 && radioButtonAes.Checked))
Build(new RijndaelManaged());
else
Build(new AesManaged());
}
catch (Exception ex)
{
MessageBox.Show(ex.Message, Application.ProductName, MessageBoxButtons.OK, MessageBoxIcon.Error);
}
}
public static bool TestAlgorithms(SymmetricAlgorithm encAlgorithm, SymmetricAlgorithm decAlgorithm, CipherMode[] modes, int maxLength, int iterations)
{
Random rand = new Random();
for (int i = 0; i < iterations; i++)
{
// Create random data, key, IV, mode
//
byte[] key = new byte[KeySizeBytes[rand.Next(KeySizeBytes.Length)]];
rand.NextBytes(key);
byte[] data = new byte[rand.Next(1, maxLength + 1)];
rand.NextBytes(data);
byte[] IV = new byte[BlockSizeBytes];
rand.NextBytes(IV);
CipherMode mode = modes[rand.Next(modes.Length)];
PaddingMode padding = PaddingModes[new Random().Next(PaddingModes.Length)];
// Encrypt the data
//
byte[] encryptedData;
encAlgorithm.Key = key;
encAlgorithm.IV = IV;
encAlgorithm.Mode = mode;
encAlgorithm.Padding = padding;
ICryptoTransform transform = encAlgorithm.CreateEncryptor();
encryptedData = transform.TransformFinalBlock(data, 0, data.Length);
// Decrypt the data
//
byte[] decryptedData;
decAlgorithm.Key = key;
decAlgorithm.IV = IV;
decAlgorithm.Mode = mode;
decAlgorithm.Padding = padding;
transform = decAlgorithm.CreateDecryptor();
decryptedData = transform.TransformFinalBlock(encryptedData, 0, encryptedData.Length);
if (!CompareBytes(data, decryptedData))
{
Console.WriteLine("ERROR - roundtrip encrypt/decrypt failed!\n");
Console.WriteLine("Encryption algorithm: {0}", encAlgorithm.ToString());
Console.WriteLine("Decryption algorithm: {0}", decAlgorithm.ToString());
Console.WriteLine("Original data: {0}", ByteArrayToString(data));
Console.WriteLine("Roundtrip data: {0}", ByteArrayToString(decryptedData));
Console.WriteLine("Key: {0}", ByteArrayToString(key));
Console.WriteLine("IV: {0}", ByteArrayToString(IV));
Console.WriteLine("Cipher mode: {0}", mode.ToString());
Console.WriteLine("Padding mode: {0}", padding.ToString());
return false;
}
}
return true;
}
public CapiSymmetricAlgorithm(int blockSize, int feedbackSize, SafeCspHandle provider, SafeCapiKeyHandle key, byte[] iv, CipherMode cipherMode, PaddingMode paddingMode, EncryptionMode encryptionMode)
{
this.m_blockSize = blockSize;
this.m_encryptionMode = encryptionMode;
this.m_paddingMode = paddingMode;
this.m_provider = provider.Duplicate();
this.m_key = SetupKey(key, ProcessIV(iv, blockSize, cipherMode), cipherMode, feedbackSize);
}
/// <summary>
/// Initializes a new instance of the SymmetricAlgorithm class.
/// </summary>
/// <param name="session">The cryptoki session context for which the symmectric algorithm will execute.</param>
/// <param name="ownsSession">true if the session should be closed by this base class, false otherwise.</param>
protected SymmetricAlgorithm(Session session, bool ownsSession)
: base(session, ownsSession)
{
// Default to cipher block chaining (CipherMode.CBC) and
// PKCS-style padding (pad n bytes with value n)
ModeValue = CipherMode.CBC;
PaddingValue = PaddingMode.PKCS7;
}
/// <summary>
/// Initialize new AES
/// </summary>
/// <param name="keySize">Optional key size. Default 128.</param>
/// <param name="mode">Optional cipher mode. Default: CBC</param>
public AES_THL(int keySize = 128, CipherMode mode = CipherMode.CBC)
{
this.keySize = keySize;
this.mode = mode;
aes = new AesCryptoServiceProvider();
aes.Mode = mode;
aes.KeySize = keySize;
}
private static ICryptoTransform CreateEncryptor(
CipherMode cipherMode,
PaddingMode paddingMode,
byte[] key,
byte[] iv,
int blockSize)
{
return new AesOpenSslCryptoTransform(cipherMode, paddingMode, key, iv, blockSize, true);
}
private static ICryptoTransform CreateDecryptor(
CipherMode cipherMode,
PaddingMode paddingMode,
byte[] key,
byte[] iv,
int blockSize)
{
return new AesCngCryptoDecryptor(cipherMode, paddingMode, key, iv, blockSize);
}
public OpenSslCipher(IntPtr algorithm, CipherMode cipherMode, int blockSizeInBytes, byte[] key, int effectiveKeyLength, byte[] iv, bool encrypting)
: base(cipherMode.GetCipherIv(iv), blockSizeInBytes)
{
Debug.Assert(algorithm != IntPtr.Zero);
_encrypting = encrypting;
OpenKey(algorithm, key, effectiveKeyLength);
}
public HwAes(Connection connection, byte[] Key, int KeySize, CipherMode cipherMode, PaddingMode padding)
{
this.AES = new AesCryptoServiceProvider();
this.AES.Padding = padding;
this.AES.Mode = cipherMode;
this.AES.KeySize = KeySize;
this.IvConfuser = new DataConfuser(connection.PrivateSeed, 16);
ApplyKey(Key);
}
public TripleDesSymmetricKeyCryptoProvider(string base64EncodedKey, CipherMode cipherMode, PaddingMode paddingMode)
{
var tripleDes = TripleDES.Create();
tripleDes.Mode = cipherMode;
tripleDes.Padding = paddingMode;
tripleDes.Key = Convert.FromBase64String(base64EncodedKey);
_encrypt = tripleDes.CreateEncryptor();
_decrypt = tripleDes.CreateDecryptor();
}
/// <summary>
/// Costruttore della classe per crittografare
/// </summary>
public Encryption(string strSalt = "")
{
keySize = 32; // 32 caratteri (256 bit)
blockSize = 32; // 32 caratteri (256 bit)
paddingMode = PaddingMode.PKCS7; // Completa con numero progressivo
cipherMode = CipherMode.CBC; // Combina blocco precedente crittografato al successivo (contro blocchi identici)
IVbase64size = IVbase64length(); // Imposta la lunghezza dell'IV in base64
errors = new List<string>(); // Lista dei messaggi di errore o altro
SetSalt(strSalt);
}
/// <summary>
/// Initializes a new instance of the RijndaelUnmanagedTransform class.
/// </summary>
/// <param name="algorithm">One of the <see cref="CryptoAlgorithm"/> values.</param>
/// <param name="method">One of the <see cref="CryptoMethod"/> values.</param>
/// <param name="key">The key to use.</param>
/// <param name="iv">The IV to use.</param>
/// <param name="mode">One of the <see cref="CipherMode"/> values.</param>
/// <param name="feedback">The feedback size of the cryptographic operation in bits.</param>
/// <param name="padding">One of the <see cref="PaddingMode"/> values.</param>
public RijndaelUnmanagedTransform(CryptoAlgorithm algorithm, CryptoMethod method, byte[] key, byte[] iv, CipherMode mode, int feedback, PaddingMode padding) {
m_Key = new SymmetricKey(CryptoProvider.RsaAes, algorithm, key);
m_Key.IV = iv;
m_Key.Mode = mode;
if (mode == CipherMode.CFB)
m_Key.FeedbackSize = feedback;
m_Key.Padding = padding;
m_BlockSize = 128;
m_Method = method;
}
public EncryptedXml(XmlDocument document, Evidence evidence)
{
this.m_document = document;
this.m_evidence = evidence;
this.m_xmlResolver = null;
this.m_padding = PaddingMode.ISO10126;
this.m_mode = CipherMode.CBC;
this.m_encoding = System.Text.Encoding.UTF8;
this.m_keyNameMapping = new Hashtable(4);
}
public RijndaelParameters(RijndaelManaged rijndael)
{
BlockSize = rijndael.BlockSize;
FeedbackSize = rijndael.FeedbackSize;
KeySize = rijndael.KeySize;
Mode = rijndael.Mode;
Padding = rijndael.Padding;
IV = rijndael.IV;
Key = rijndael.Key;
}
static double[] Run (SymmetricAlgorithm algo, CipherMode mode, int keySize, int blockSize, int dataSize)
{
double[] result = SpeedTest.Run (algo, mode, keySize, blockSize, dataSize);
for (int i = 0; i < 10; i++) {
double[] temp = SpeedTest.Run (algo, mode, keySize, blockSize, dataSize);
result[0] = Math.Max (result[0], temp[0]);
result[1] = Math.Max (result[1], temp[1]);
}
return result;
}
private ICryptoTransform CreateTransformCore(
CipherMode cipherMode,
PaddingMode paddingMode,
byte[] key,
byte[] iv,
int blockSize,
bool encrypting)
{
BasicSymmetricCipher cipher = new TripleDesCngCipher(cipherMode, blockSize, key, iv, encrypting);
return UniversalCryptoTransform.Create(paddingMode, cipher, encrypting);
}
private ICryptoTransform NewEncryptor(byte[] rgbKey, CipherMode mode, byte[] rgbIV, int feedbackSize, RijndaelManagedTransformMode encryptMode)
{
if (rgbKey == null)
{
rgbKey = Utils.GenerateRandom(base.KeySizeValue / 8);
}
if (rgbIV == null)
{
rgbIV = Utils.GenerateRandom(base.BlockSizeValue / 8);
}
return new RijndaelManagedTransform(rgbKey, mode, rgbIV, base.BlockSizeValue, feedbackSize, base.PaddingValue, encryptMode);
}
internal static void VerifyPersistedKey(
string keyName,
int plainBytesCount,
Func<string, SymmetricAlgorithm> persistedFunc,
Func<SymmetricAlgorithm> ephemeralFunc,
CipherMode cipherMode,
PaddingMode paddingMode)
{
byte[] plainBytes = GenerateRandom(plainBytesCount);
using (SymmetricAlgorithm persisted = persistedFunc(keyName))
using (SymmetricAlgorithm ephemeral = ephemeralFunc())
{
persisted.Mode = ephemeral.Mode = cipherMode;
persisted.Padding = ephemeral.Padding = paddingMode;
ephemeral.Key = persisted.Key;
ephemeral.GenerateIV();
persisted.IV = ephemeral.IV;
using (ICryptoTransform persistedEncryptor = persisted.CreateEncryptor())
using (ICryptoTransform persistedDecryptor = persisted.CreateDecryptor())
using (ICryptoTransform ephemeralEncryptor = ephemeral.CreateEncryptor())
{
Assert.True(
persistedEncryptor.CanTransformMultipleBlocks,
"Pre-condition: persistedEncryptor.CanTransformMultipleBlocks");
byte[] persistedEncrypted = persistedEncryptor.TransformFinalBlock(plainBytes, 0, plainBytesCount);
byte[] ephemeralEncrypted = ephemeralEncryptor.TransformFinalBlock(plainBytes, 0, plainBytesCount);
Assert.Equal(ephemeralEncrypted, persistedEncrypted);
byte[] cipherBytes = persistedEncrypted;
byte[] persistedDecrypted = persistedDecryptor.TransformFinalBlock(cipherBytes, 0,
cipherBytes.Length);
byte[] expectedBytes = plainBytes;
if (persistedDecrypted.Length > plainBytes.Length)
{
// This should only ever happen in
Assert.Equal(PaddingMode.Zeros, paddingMode);
expectedBytes = new byte[persistedDecrypted.Length];
Buffer.BlockCopy(plainBytes, 0, expectedBytes, 0, plainBytesCount);
}
Assert.Equal(expectedBytes, persistedDecrypted);
}
}
}
private ICryptoTransform _NewEncryptor(byte[] rgbKey, CipherMode mode, byte[] rgbIV, int feedbackSize, CryptoAPITransformMode encryptMode)
{
int index = 0;
int[] rgArgIds = new int[10];
object[] rgArgValues = new object[10];
int algid = 0x6603;
if (mode == CipherMode.OFB)
{
throw new CryptographicException(Environment.GetResourceString("Cryptography_CSP_OFBNotSupported"));
}
if ((mode == CipherMode.CFB) && (feedbackSize != 8))
{
throw new CryptographicException(Environment.GetResourceString("Cryptography_CSP_CFBSizeNotSupported"));
}
if (rgbKey == null)
{
rgbKey = new byte[base.KeySizeValue / 8];
Utils.StaticRandomNumberGenerator.GetBytes(rgbKey);
}
if (mode != CipherMode.CBC)
{
rgArgIds[index] = 4;
rgArgValues[index] = mode;
index++;
}
if (mode != CipherMode.ECB)
{
if (rgbIV == null)
{
rgbIV = new byte[8];
Utils.StaticRandomNumberGenerator.GetBytes(rgbIV);
}
if (rgbIV.Length < 8)
{
throw new CryptographicException(Environment.GetResourceString("Cryptography_InvalidIVSize"));
}
rgArgIds[index] = 1;
rgArgValues[index] = rgbIV;
index++;
}
if ((mode == CipherMode.OFB) || (mode == CipherMode.CFB))
{
rgArgIds[index] = 5;
rgArgValues[index] = feedbackSize;
index++;
}
if (rgbKey.Length == 0x10)
{
algid = 0x6609;
}
return new CryptoAPITransform(algid, index, rgArgIds, rgArgValues, rgbKey, base.PaddingValue, mode, base.BlockSizeValue, feedbackSize, false, encryptMode);
}
private static string EncryptStringToBytes_Aes(string plainText, byte[] Key, byte[] IV, CipherMode mode, PaddingMode padding)
{
if (plainText == null || plainText.Length <= 0)
{
throw new ArgumentNullException("plainText");
}
if (Key == null || Key.Length <= 0)
{
throw new ArgumentNullException("Key");
}
if (IV == null || IV.Length <= 0)
{
throw new ArgumentNullException("IV");
}
byte[] encrypted;
using (RijndaelManaged aesAlg = new RijndaelManaged())
{
aesAlg.KeySize = 256;
aesAlg.BlockSize = 128;
aesAlg.Key = Key;
aesAlg.IV = IV;
aesAlg.Mode = mode;
aesAlg.Padding = padding;
ICryptoTransform encryptor = aesAlg.CreateEncryptor(aesAlg.Key, aesAlg.IV);
using (MemoryStream msEncrypt = new MemoryStream())
{
using (CryptoStream csEncrypt =
new CryptoStream(msEncrypt, encryptor, CryptoStreamMode.Write))
{
using (StreamWriter swEncrypt = new StreamWriter(csEncrypt))
{
swEncrypt.Write(plainText);
}
encrypted = msEncrypt.ToArray();
}
}
}
return(Convert.ToBase64String(encrypted));
}
private static byte[] Decrypt(byte[] cyphertext, SymmetricAlgorithm sa, byte[] key, byte[] iv, CipherMode mode,
PaddingMode padding)
{
sa.Key = key;
sa.IV = iv;
sa.Mode = mode;
sa.Padding = padding;
MemoryStream ms = new MemoryStream(cyphertext);
CryptoStream cs = new CryptoStream(ms, sa.CreateDecryptor(), CryptoStreamMode.Read);
byte[] buffer = new byte[cyphertext.Length];
int readCount = cs.Read(buffer, 0, cyphertext.Length);
byte[] result = new byte[readCount];
Array.Copy(buffer, result, readCount);
cs.Close();
ms.Close();
return(result);
}
[System.Security.SecurityCritical] // auto-generated
private ICryptoTransform _NewEncryptor(byte[] rgbKey, CipherMode mode, byte[] rgbIV,
int effectiveKeySize, int feedbackSize, CryptoAPITransformMode encryptMode)
{
int cArgs = 0;
int[] rgArgIds = new int[10];
Object[] rgArgValues = new Object[10];
// Check for bad values
// 1) we don't support OFB mode in RC2_CSP
if (mode == CipherMode.OFB)
{
throw new CryptographicException(Environment.GetResourceString("Cryptography_CSP_OFBNotSupported"));
}
// 2) we only support CFB with a feedback size of 8 bits
if ((mode == CipherMode.CFB) && (feedbackSize != 8))
{
throw new CryptographicException(Environment.GetResourceString("Cryptography_CSP_CFBSizeNotSupported"));
}
if (rgbKey == null)
{
rgbKey = new byte[KeySizeValue / 8];
Utils.StaticRandomNumberGenerator.GetBytes(rgbKey);
}
// Check the rgbKey size
int keySizeValue = rgbKey.Length * 8;
if (!ValidKeySize(keySizeValue))
{
throw new CryptographicException(Environment.GetResourceString("Cryptography_InvalidKeySize"));
}
// Deal with effective key length questions
rgArgIds[cArgs] = Constants.KP_EFFECTIVE_KEYLEN;
if (EffectiveKeySizeValue == 0)
{
rgArgValues[cArgs] = keySizeValue;
}
else
{
rgArgValues[cArgs] = effectiveKeySize;
}
cArgs += 1;
// Set the mode for the encryptor (defaults to CBC)
if (mode != CipherMode.CBC)
{
rgArgIds[cArgs] = Constants.KP_MODE;
rgArgValues[cArgs] = mode;
cArgs += 1;
}
// If not ECB mode -- pass in an IV
if (mode != CipherMode.ECB)
{
if (rgbIV == null)
{
rgbIV = new byte[8];
Utils.StaticRandomNumberGenerator.GetBytes(rgbIV);
}
//
// We truncate IV's that are longer than the block size to 8 bytes : this is
// done to maintain backward compatibility with the behavior shipped in V1.x.
// The call to set the IV in CryptoAPI will ignore any bytes after the first 8
// bytes. We'll still reject IV's that are shorter than the block size though.
//
if (rgbIV.Length < 8)
{
throw new CryptographicException(Environment.GetResourceString("Cryptography_InvalidIVSize"));
}
rgArgIds[cArgs] = Constants.KP_IV;
rgArgValues[cArgs] = rgbIV;
cArgs += 1;
}
// If doing OFB or CFB, then we need to set the feed back loop size
if ((mode == CipherMode.OFB) || (mode == CipherMode.CFB))
{
rgArgIds[cArgs] = Constants.KP_MODE_BITS;
rgArgValues[cArgs] = feedbackSize;
cArgs += 1;
}
if (!Utils.HasAlgorithm(Constants.CALG_RC2, keySizeValue))
{
throw new CryptographicException(Environment.GetResourceString("Cryptography_CSP_AlgKeySizeNotAvailable", keySizeValue));
}
// Create the encryptor/decryptor object
return(new CryptoAPITransform(Constants.CALG_RC2, cArgs, rgArgIds,
rgArgValues, rgbKey, PaddingValue,
mode, BlockSizeValue, feedbackSize, m_use40bitSalt,
encryptMode));
}
// Run a cipher mode test.
private void RunModeTest(SymmetricAlgorithm alg, CipherMode mode,
PaddingMode padding, String input)
{
// Set the algorithm modes.
alg.Mode = mode;
alg.Padding = padding;
// Get the raw and padded versions of the input.
byte[] rawInput = Encoding.ASCII.GetBytes(input);
byte[] paddedInput = StringToBytes(input, alg);
// Generate key and IV values.
byte[] key = CreateKey(alg);
byte[] iv = CreateIV(alg);
// Encrypt the raw input in the selected mode.
int size = alg.BlockSize / 8;
int cutoff = rawInput.Length - rawInput.Length % size;
ICryptoTransform encryptor;
encryptor = alg.CreateEncryptor(key, iv);
Assert(GetError("encryptor cannot transform multiple blocks",
alg, input),
encryptor.CanTransformMultipleBlocks);
if (mode == CipherMode.ECB || mode == CipherMode.CBC)
{
AssertEquals(GetError("encryptor has wrong input size",
alg, input),
size, encryptor.InputBlockSize);
AssertEquals(GetError("encryptor has wrong output size",
alg, input),
size, encryptor.OutputBlockSize);
}
else
{
AssertEquals(GetError("encryptor has wrong input size",
alg, input),
1, encryptor.InputBlockSize);
AssertEquals(GetError("encryptor has wrong output size",
alg, input),
1, encryptor.OutputBlockSize);
}
byte[] rawOutput = new byte [rawInput.Length + 256];
int len = encryptor.TransformBlock
(rawInput, 0, cutoff, rawOutput, 0);
byte[] rawTail = encryptor.TransformFinalBlock
(rawInput, cutoff, rawInput.Length - cutoff);
Array.Copy(rawTail, 0, rawOutput, len, rawTail.Length);
len += rawTail.Length;
((IDisposable)encryptor).Dispose();
// Reverse the ciphertext back to the original.
cutoff = len - len % size;
ICryptoTransform decryptor;
decryptor = alg.CreateDecryptor(key, iv);
Assert(GetError("decryptor cannot transform multiple blocks",
alg, input),
decryptor.CanTransformMultipleBlocks);
if (mode == CipherMode.ECB || mode == CipherMode.CBC)
{
AssertEquals(GetError("decryptor has wrong input size",
alg, input),
size, decryptor.InputBlockSize);
AssertEquals(GetError("decryptor has wrong output size",
alg, input),
size, decryptor.OutputBlockSize);
}
else
{
AssertEquals(GetError("decryptor has wrong input size",
alg, input),
1, decryptor.InputBlockSize);
AssertEquals(GetError("decryptor has wrong output size",
alg, input),
1, decryptor.OutputBlockSize);
}
byte[] rawReverse = new byte [rawInput.Length + 256];
int rlen = decryptor.TransformBlock
(rawOutput, 0, cutoff, rawReverse, 0);
rawTail = decryptor.TransformFinalBlock
(rawOutput, cutoff, len - cutoff);
Array.Copy(rawTail, 0, rawReverse, rlen, rawTail.Length);
rlen += rawTail.Length;
((IDisposable)decryptor).Dispose();
// Compare the reversed plaintext with the original.
if (padding != PaddingMode.None)
{
AssertEquals(GetError
("reversed plaintext has incorrect length",
alg, input), rawInput.Length, rlen);
if (!IdenticalBlock(rawInput, 0, rawReverse, 0, rlen))
{
Fail(GetError
("reversed plaintext is not the same as original",
alg, input));
}
}
else
{
if (rawInput.Length > rlen)
{
Fail(GetError
("reversed plaintext has incorrect length",
alg, input));
}
if (!IdenticalBlock(rawInput, 0, rawReverse, 0,
rawInput.Length))
{
Fail(GetError
("reversed plaintext is not the same as original",
alg, input));
}
}
// Encrypt the padded plaintext using a primitive
// algorithm simulation to verify the expected output.
byte[] paddedOutput;
switch (mode)
{
case CipherMode.ECB:
{
paddedOutput = DoECB(paddedInput, alg, key);
}
break;
case CipherMode.CBC:
{
paddedOutput = DoCBC(paddedInput, alg, key, iv);
}
break;
case CipherMode.OFB:
{
paddedOutput = DoOFB(paddedInput, alg, key, iv);
}
break;
case CipherMode.CFB:
{
paddedOutput = DoCFB(paddedInput, alg, key, iv);
}
break;
case CipherMode.CTS:
default:
{
paddedOutput = DoCTS(paddedInput, alg, key, iv);
}
break;
}
// Compare the actual output with the expected output.
AssertEquals(GetError("ciphertext has incorrect length",
alg, input),
paddedOutput.Length, len);
if (!IdenticalBlock(paddedOutput, 0, rawOutput, 0, len))
{
Fail(GetError("ciphertext was not the expected value",
alg, input));
}
}
public void TryDecryptOneShot_DestinationJustRight(byte[] plaintext, byte[] ciphertext, PaddingMode padding, CipherMode mode) => TryDecryptOneShot_DestinationJustRightTest(plaintext, ciphertext, padding, mode);
/// <summary>
/// 加密 - 默认加密
/// </summary>
/// <typeparam name="T">对称加密算法类型</typeparam>
/// <param name="data">明文</param>
/// <param name="key">秘钥</param>
/// <param name="encoding">编码方式,默认:UTF-8</param>
/// <param name="outType">输出类型,默认:Base64</param>
/// <param name="iv">加密偏移量,<see cref="CipherMode.ECB"/>模式不可用</param>
/// <param name="keySize">秘钥大小</param>
/// <param name="blockSize">块大小</param>
/// <param name="cipherMode">对称算法加密模式,默认:<see cref="CipherMode.ECB"/></param>
/// <param name="paddingMode">填充模式,默认:<see cref="PaddingMode.PKCS7"/></param>
/// <returns></returns>
internal static string Encrypt <T>(string data, string key, Encoding encoding = null,
OutType outType = OutType.Base64, string iv = null,
int keySize = 128, int blockSize = 128, CipherMode cipherMode = CipherMode.ECB,
PaddingMode paddingMode = PaddingMode.PKCS7) where T : SymmetricAlgorithm, new()
{
data.CheckNotNullOrEmpty(nameof(data));
if (encoding == null)
{
encoding = Encoding.UTF8;
}
byte[] plainBytes = encoding.GetBytes(data);
byte[] encrypted;
using (T cipher = new T())
{
cipher.KeySize = keySize;
cipher.BlockSize = blockSize;
cipher.Mode = cipherMode;
cipher.Padding = paddingMode;
cipher.Key = encoding.GetBytes(key);
if (iv != null)
{
int ivsLength = blockSize / 8;
byte[] ivs = new byte[ivsLength];
Array.Copy(encoding.GetBytes(iv.PadRight(ivsLength)), ivs, ivsLength);
cipher.IV = ivs;
}
using (ICryptoTransform encryptor = cipher.CreateEncryptor())
{
encrypted = encryptor.TransformFinalBlock(plainBytes, 0, plainBytes.Length);
}
cipher.Clear();
}
return(GetEncryptResult(encrypted, outType));
}
protected void RunModeTest(SymmetricAlgorithm alg, CipherMode mode)
{
RunModeTest(alg, mode, PaddingMode.None);
RunModeTest(alg, mode, PaddingMode.PKCS7);
RunModeTest(alg, mode, PaddingMode.Zeros);
}
/// <summary>
/// Creates a decryption transform that can be used by the .NET cryptography APIs.
/// </summary>
/// <param name="cipherMode">The mode if the cipher to use.</param>
/// <param name="initializationVector">An initialization vector (if used by the <paramref name="cipherMode"/>, or <see langword="null"/> if not used).</param>
/// <param name="feedbackSizeInBits">Size of the feedback register in bits for feedback modes.</param>
/// <param name="paddingMode">The style of padding to apply to the last block.</param>
/// <returns>An decryption transform that can be used by the .NET cryptography APIs.</returns>
public ICryptoTransform CreateDecryptor(CipherMode cipherMode, byte[] initializationVector,
int feedbackSizeInBits, PaddingMode paddingMode)
{
return(RijndaelDecryptionTransformFactory.Create(this, cipherMode, initializationVector, feedbackSizeInBits,
paddingMode));
}
//----------------------------------------------------------------------------------
static void Main(string[] args)
{
CipherMode cm = CipherMode.CBC;
string salt = Program.SALT;
string hash = Program.HASH;
string iv = Program.IV;
string pwd = string.Empty;
string mode = string.Empty;
string ifn = string.Empty;
string ofn = string.Empty;
byte op = 0;
int iks = 256;
int inum = Program.INUM;
bool bow = false;
int l = args.Length;
if (l < 1)
{
Program.ShowHelp();
}
else
{
try
{
for (int i = 0; i < l; ++i)
{
switch (args[i].ToLower())
{
case "-e":
case "--encrypt-encode":
op = 1;
break;
case "-d":
case "--decrypt-decode":
op = 2;
break;
case "-o":
case "--output-file":
ofn = args[++i];
break;
case "-w":
case "--overwrite":
bow = true;
break;
case "-k":
case "--key-size":
switch (iks = Convert.ToInt32(args[++i]))
{
case 128:
case 192:
case 256:
break;
default:
throw new Exception("Invalid key size!");
}
break;
case "-p":
case "--password":
pwd = args[++i];
break;
case "-m":
case "--mode":
mode = args[++i].ToLower();
break;
case "-h":
case "--hash":
switch (hash = args[++i].ToUpper())
{
case "MD5":
case "SHA1":
case "SHA256":
break;
default:
throw new Exception("Invalid algorithm!");
}
break;
case "-c":
case "--cipher-mode":
switch (args[++i].ToUpper())
{
case "CBC":
cm = CipherMode.CBC;
break;
case "ECB":
cm = CipherMode.ECB;
break;
default:
throw new Exception("Invalid Cipher-Mode!");
}
break;
case "-s":
case "--salt":
salt = args[++i];
break;
case "-i":
case "--initial-vector":
if (args[++i].Length == 16)
{
iv = args[i];
}
else
{
throw new Exception
(
"Initial Vector does not have 16 characters!"
);
}
break;
case "-n":
case "--num-iterations":
if ((inum = Convert.ToInt32(args[++i])) < 1)
{
inum = 1;
}
break;
case "--help":
Program.ShowHelp();
Environment.Exit(0);
break;
default:
ifn = args[i];
break;
}
}
Program.ShowLogo();
if (File.Exists(ifn))
{
BinaryReader br = new BinaryReader(File.Open(ifn, FileMode.Open));
long ln = br.BaseStream.Length;
byte[] bf = new byte[ln];
for (long i = 0; i < ln; ++i)
{
bf[i] = br.ReadByte();
}
br.Close();
Messenger.Print(Messenger.Icon.INFORMATION, "Processing. Please wait...");
switch (mode)
{
case "b64":
if (op == 1)
{
bf = ASCIIEncoding.ASCII.GetBytes
(
Convert.ToBase64String(bf)
);
}
else if (op == 2)
{
bf = Convert.FromBase64String
(
ASCIIEncoding.ASCII.GetString(bf)
);
}
ln = bf.Length;
break;
case "aes":
while (pwd.Length == 0)
{
Messenger.Print(Messenger.Icon.WARNING, "Password: "******"Mode no found!");
}
if (ofn.Length < 1)
{
Messenger.Print(Messenger.Icon.ERROR, "Output file name no found!\n");
}
else
{
if (File.Exists(ofn))
{
if (!bow)
{
bow = ConsoleKey.Y == Messenger.Print
(
Messenger.Icon.QUESTION
, String.Format
(
"The file \"{0}\"\n" +
" Already exists! Overwrite?"
, Path.GetFullPath(ofn)
)
, new ConsoleKey[] { ConsoleKey.Y, ConsoleKey.N }
, true
, true
);
}
if (bow)
{
File.Delete(ofn);
}
else
{
Messenger.Print
(
Messenger.Icon.WARNING
, "Process canceled by user!\n"
);
Environment.Exit(0);
}
}
BinaryWriter bw = new BinaryWriter(File.Open(ofn, FileMode.CreateNew));
for (long i = 0; i < ln; ++i)
{
bw.Write(bf[i]);
}
bw.Close();
Messenger.Print(Messenger.Icon.INFORMATION, "Done!\n");
}
}
else
{
throw new Exception
(
String.Format
(
"File \"{0}\" no found!"
, ifn
)
);
}
}
catch (Exception e)
{
Program.ShowLogo();
if (e.Message.Length > 0)
{
Messenger.Print(Messenger.Icon.ERROR, e.Message, false, true);
}
Environment.Exit(1);
}
}
}
/// <summary>
/// 加密
/// </summary>
/// <param name="keyArray"></param>
/// <param name="toEncryptArray"></param>
/// <param name="iv">偏移量</param>
/// <param name="keySize">key大小</param>
/// <param name="blockSize">块大小</param>
/// <param name="cipherMode"></param>
/// <param name="paddingMode"></param>
/// <returns></returns>
public static byte[] Encrypt(byte[] keyArray, byte[] toEncryptArray, byte[] iv = null, int keySize = 256, int blockSize = 128, CipherMode cipherMode = CipherMode.ECB, PaddingMode paddingMode = PaddingMode.PKCS7)
{
using (Aes rDel = Aes.Create())
{
rDel.KeySize = keySize;
rDel.BlockSize = blockSize;
rDel.Key = keyArray;
if (iv != null)
{
rDel.IV = iv;
}
rDel.Mode = cipherMode;
rDel.Padding = paddingMode;
ICryptoTransform cTransform = rDel.CreateEncryptor();
byte[] resultArray = cTransform.TransformFinalBlock(toEncryptArray, 0, toEncryptArray.Length);
return(resultArray);
}
}
public static IBufferedCipher GetCipher(
string algorithm)
{
if (algorithm == null)
{
throw new ArgumentNullException("algorithm");
}
algorithm = Platform.ToUpperInvariant(algorithm);
{
string aliased = (string)algorithms[algorithm];
if (aliased != null)
{
algorithm = aliased;
}
}
IBasicAgreement iesAgreement = null;
if (algorithm == "IES")
{
iesAgreement = new DHBasicAgreement();
}
else if (algorithm == "ECIES")
{
iesAgreement = new ECDHBasicAgreement();
}
if (iesAgreement != null)
{
return(new BufferedIesCipher(
new IesEngine(
iesAgreement,
new Kdf2BytesGenerator(
new Sha1Digest()),
new HMac(
new Sha1Digest()))));
}
if (Platform.StartsWith(algorithm, "PBE"))
{
if (Platform.EndsWith(algorithm, "-CBC"))
{
if (algorithm == "PBEWITHSHA1ANDDES-CBC")
{
return(new PaddedBufferedBlockCipher(
new CbcBlockCipher(new DesEngine())));
}
else if (algorithm == "PBEWITHSHA1ANDRC2-CBC")
{
return(new PaddedBufferedBlockCipher(
new CbcBlockCipher(new RC2Engine())));
}
else if (Strings.IsOneOf(algorithm,
"PBEWITHSHAAND2-KEYTRIPLEDES-CBC", "PBEWITHSHAAND3-KEYTRIPLEDES-CBC"))
{
return(new PaddedBufferedBlockCipher(
new CbcBlockCipher(new DesEdeEngine())));
}
else if (Strings.IsOneOf(algorithm,
"PBEWITHSHAAND128BITRC2-CBC", "PBEWITHSHAAND40BITRC2-CBC"))
{
return(new PaddedBufferedBlockCipher(
new CbcBlockCipher(new RC2Engine())));
}
}
else if (Platform.EndsWith(algorithm, "-BC") || Platform.EndsWith(algorithm, "-OPENSSL"))
{
if (Strings.IsOneOf(algorithm,
"PBEWITHSHAAND128BITAES-CBC-BC",
"PBEWITHSHAAND192BITAES-CBC-BC",
"PBEWITHSHAAND256BITAES-CBC-BC",
"PBEWITHSHA256AND128BITAES-CBC-BC",
"PBEWITHSHA256AND192BITAES-CBC-BC",
"PBEWITHSHA256AND256BITAES-CBC-BC",
"PBEWITHMD5AND128BITAES-CBC-OPENSSL",
"PBEWITHMD5AND192BITAES-CBC-OPENSSL",
"PBEWITHMD5AND256BITAES-CBC-OPENSSL"))
{
return(new PaddedBufferedBlockCipher(
new CbcBlockCipher(new AesEngine())));
}
}
}
string[] parts = algorithm.Split('/');
IBlockCipher blockCipher = null;
IAsymmetricBlockCipher asymBlockCipher = null;
IStreamCipher streamCipher = null;
string algorithmName = parts[0];
{
string aliased = (string)algorithms[algorithmName];
if (aliased != null)
{
algorithmName = aliased;
}
}
CipherAlgorithm cipherAlgorithm;
try
{
cipherAlgorithm = (CipherAlgorithm)Enums.GetEnumValue(typeof(CipherAlgorithm), algorithmName);
}
catch (ArgumentException)
{
throw new SecurityUtilityException("Cipher " + algorithm + " not recognised.");
}
switch (cipherAlgorithm)
{
case CipherAlgorithm.AES:
blockCipher = new AesEngine();
break;
case CipherAlgorithm.ARC4:
streamCipher = new RC4Engine();
break;
case CipherAlgorithm.BLOWFISH:
blockCipher = new BlowfishEngine();
break;
case CipherAlgorithm.CAMELLIA:
blockCipher = new CamelliaEngine();
break;
case CipherAlgorithm.CAST5:
blockCipher = new Cast5Engine();
break;
case CipherAlgorithm.CAST6:
blockCipher = new Cast6Engine();
break;
case CipherAlgorithm.DES:
blockCipher = new DesEngine();
break;
case CipherAlgorithm.DESEDE:
blockCipher = new DesEdeEngine();
break;
case CipherAlgorithm.ELGAMAL:
asymBlockCipher = new ElGamalEngine();
break;
case CipherAlgorithm.GOST28147:
blockCipher = new Gost28147Engine();
break;
case CipherAlgorithm.HC128:
streamCipher = new HC128Engine();
break;
case CipherAlgorithm.HC256:
streamCipher = new HC256Engine();
break;
case CipherAlgorithm.IDEA:
blockCipher = new IdeaEngine();
break;
case CipherAlgorithm.NOEKEON:
blockCipher = new NoekeonEngine();
break;
case CipherAlgorithm.PBEWITHSHAAND128BITRC4:
case CipherAlgorithm.PBEWITHSHAAND40BITRC4:
streamCipher = new RC4Engine();
break;
case CipherAlgorithm.RC2:
blockCipher = new RC2Engine();
break;
case CipherAlgorithm.RC5:
blockCipher = new RC532Engine();
break;
case CipherAlgorithm.RC5_64:
blockCipher = new RC564Engine();
break;
case CipherAlgorithm.RC6:
blockCipher = new RC6Engine();
break;
case CipherAlgorithm.RIJNDAEL:
blockCipher = new RijndaelEngine();
break;
case CipherAlgorithm.RSA:
asymBlockCipher = new RsaBlindedEngine();
break;
case CipherAlgorithm.SALSA20:
streamCipher = new Salsa20Engine();
break;
case CipherAlgorithm.SEED:
blockCipher = new SeedEngine();
break;
case CipherAlgorithm.SERPENT:
blockCipher = new SerpentEngine();
break;
case CipherAlgorithm.SKIPJACK:
blockCipher = new SkipjackEngine();
break;
case CipherAlgorithm.SM4:
blockCipher = new SM4Engine();
break;
case CipherAlgorithm.TEA:
blockCipher = new TeaEngine();
break;
case CipherAlgorithm.THREEFISH_256:
blockCipher = new ThreefishEngine(ThreefishEngine.BLOCKSIZE_256);
break;
case CipherAlgorithm.THREEFISH_512:
blockCipher = new ThreefishEngine(ThreefishEngine.BLOCKSIZE_512);
break;
case CipherAlgorithm.THREEFISH_1024:
blockCipher = new ThreefishEngine(ThreefishEngine.BLOCKSIZE_1024);
break;
case CipherAlgorithm.TNEPRES:
blockCipher = new TnepresEngine();
break;
case CipherAlgorithm.TWOFISH:
blockCipher = new TwofishEngine();
break;
case CipherAlgorithm.VMPC:
streamCipher = new VmpcEngine();
break;
case CipherAlgorithm.VMPC_KSA3:
streamCipher = new VmpcKsa3Engine();
break;
case CipherAlgorithm.XTEA:
blockCipher = new XteaEngine();
break;
default:
throw new SecurityUtilityException("Cipher " + algorithm + " not recognised.");
}
if (streamCipher != null)
{
if (parts.Length > 1)
{
throw new ArgumentException("Modes and paddings not used for stream ciphers");
}
return(new BufferedStreamCipher(streamCipher));
}
bool cts = false;
bool padded = true;
IBlockCipherPadding padding = null;
IAeadBlockCipher aeadBlockCipher = null;
if (parts.Length > 2)
{
if (streamCipher != null)
{
throw new ArgumentException("Paddings not used for stream ciphers");
}
string paddingName = parts[2];
CipherPadding cipherPadding;
if (paddingName == "")
{
cipherPadding = CipherPadding.RAW;
}
else if (paddingName == "X9.23PADDING")
{
cipherPadding = CipherPadding.X923PADDING;
}
else
{
try
{
cipherPadding = (CipherPadding)Enums.GetEnumValue(typeof(CipherPadding), paddingName);
}
catch (ArgumentException)
{
throw new SecurityUtilityException("Cipher " + algorithm + " not recognised.");
}
}
switch (cipherPadding)
{
case CipherPadding.NOPADDING:
padded = false;
break;
case CipherPadding.RAW:
break;
case CipherPadding.ISO10126PADDING:
case CipherPadding.ISO10126D2PADDING:
case CipherPadding.ISO10126_2PADDING:
padding = new ISO10126d2Padding();
break;
case CipherPadding.ISO7816_4PADDING:
case CipherPadding.ISO9797_1PADDING:
padding = new ISO7816d4Padding();
break;
case CipherPadding.ISO9796_1:
case CipherPadding.ISO9796_1PADDING:
asymBlockCipher = new ISO9796d1Encoding(asymBlockCipher);
break;
case CipherPadding.OAEP:
case CipherPadding.OAEPPADDING:
asymBlockCipher = new OaepEncoding(asymBlockCipher);
break;
case CipherPadding.OAEPWITHMD5ANDMGF1PADDING:
asymBlockCipher = new OaepEncoding(asymBlockCipher, new MD5Digest());
break;
case CipherPadding.OAEPWITHSHA1ANDMGF1PADDING:
case CipherPadding.OAEPWITHSHA_1ANDMGF1PADDING:
asymBlockCipher = new OaepEncoding(asymBlockCipher, new Sha1Digest());
break;
case CipherPadding.OAEPWITHSHA224ANDMGF1PADDING:
case CipherPadding.OAEPWITHSHA_224ANDMGF1PADDING:
asymBlockCipher = new OaepEncoding(asymBlockCipher, new Sha224Digest());
break;
case CipherPadding.OAEPWITHSHA256ANDMGF1PADDING:
case CipherPadding.OAEPWITHSHA_256ANDMGF1PADDING:
asymBlockCipher = new OaepEncoding(asymBlockCipher, new Sha256Digest());
break;
case CipherPadding.OAEPWITHSHA384ANDMGF1PADDING:
case CipherPadding.OAEPWITHSHA_384ANDMGF1PADDING:
asymBlockCipher = new OaepEncoding(asymBlockCipher, new Sha384Digest());
break;
case CipherPadding.OAEPWITHSHA512ANDMGF1PADDING:
case CipherPadding.OAEPWITHSHA_512ANDMGF1PADDING:
asymBlockCipher = new OaepEncoding(asymBlockCipher, new Sha512Digest());
break;
case CipherPadding.PKCS1:
case CipherPadding.PKCS1PADDING:
asymBlockCipher = new Pkcs1Encoding(asymBlockCipher);
break;
case CipherPadding.PKCS5:
case CipherPadding.PKCS5PADDING:
case CipherPadding.PKCS7:
case CipherPadding.PKCS7PADDING:
padding = new Pkcs7Padding();
break;
case CipherPadding.TBCPADDING:
padding = new TbcPadding();
break;
case CipherPadding.WITHCTS:
cts = true;
break;
case CipherPadding.X923PADDING:
padding = new X923Padding();
break;
case CipherPadding.ZEROBYTEPADDING:
padding = new ZeroBytePadding();
break;
default:
throw new SecurityUtilityException("Cipher " + algorithm + " not recognised.");
}
}
string mode = "";
if (parts.Length > 1)
{
mode = parts[1];
int di = GetDigitIndex(mode);
string modeName = di >= 0 ? mode.Substring(0, di) : mode;
try
{
CipherMode cipherMode = modeName == ""
? CipherMode.NONE
: (CipherMode)Enums.GetEnumValue(typeof(CipherMode), modeName);
switch (cipherMode)
{
case CipherMode.ECB:
case CipherMode.NONE:
break;
case CipherMode.CBC:
blockCipher = new CbcBlockCipher(blockCipher);
break;
case CipherMode.CCM:
aeadBlockCipher = new CcmBlockCipher(blockCipher);
break;
case CipherMode.CFB:
{
int bits = (di < 0)
? 8 * blockCipher.GetBlockSize()
: int.Parse(mode.Substring(di));
blockCipher = new CfbBlockCipher(blockCipher, bits);
break;
}
case CipherMode.CTR:
blockCipher = new SicBlockCipher(blockCipher);
break;
case CipherMode.CTS:
cts = true;
blockCipher = new CbcBlockCipher(blockCipher);
break;
case CipherMode.EAX:
aeadBlockCipher = new EaxBlockCipher(blockCipher);
break;
case CipherMode.GCM:
aeadBlockCipher = new GcmBlockCipher(blockCipher);
break;
case CipherMode.GOFB:
blockCipher = new GOfbBlockCipher(blockCipher);
break;
case CipherMode.OCB:
aeadBlockCipher = new OcbBlockCipher(blockCipher, CreateBlockCipher(cipherAlgorithm));
break;
case CipherMode.OFB:
{
int bits = (di < 0)
? 8 * blockCipher.GetBlockSize()
: int.Parse(mode.Substring(di));
blockCipher = new OfbBlockCipher(blockCipher, bits);
break;
}
case CipherMode.OPENPGPCFB:
blockCipher = new OpenPgpCfbBlockCipher(blockCipher);
break;
case CipherMode.SIC:
if (blockCipher.GetBlockSize() < 16)
{
throw new ArgumentException("Warning: SIC-Mode can become a twotime-pad if the blocksize of the cipher is too small. Use a cipher with a block size of at least 128 bits (e.g. AES)");
}
blockCipher = new SicBlockCipher(blockCipher);
break;
default:
throw new SecurityUtilityException("Cipher " + algorithm + " not recognised.");
}
}
catch (ArgumentException)
{
throw new SecurityUtilityException("Cipher " + algorithm + " not recognised.");
}
}
if (aeadBlockCipher != null)
{
if (cts)
{
throw new SecurityUtilityException("CTS mode not valid for AEAD ciphers.");
}
if (padded && parts.Length > 2 && parts[2] != "")
{
throw new SecurityUtilityException("Bad padding specified for AEAD cipher.");
}
return(new BufferedAeadBlockCipher(aeadBlockCipher));
}
if (blockCipher != null)
{
if (cts)
{
return(new CtsBlockCipher(blockCipher));
}
if (padding != null)
{
return(new PaddedBufferedBlockCipher(blockCipher, padding));
}
if (!padded || blockCipher.IsPartialBlockOkay)
{
return(new BufferedBlockCipher(blockCipher));
}
return(new PaddedBufferedBlockCipher(blockCipher));
}
if (asymBlockCipher != null)
{
return(new BufferedAsymmetricBlockCipher(asymBlockCipher));
}
throw new SecurityUtilityException("Cipher " + algorithm + " not recognised.");
}
public static void ResetPaddingAndCipherModes()
{
_paddingMode = PaddingMode.ISO10126;
_cipherMode = CipherMode.CBC;
}
[System.Security.SecurityCritical] // auto-generated
internal CryptoAPITransform(int algid, int cArgs, int[] rgArgIds,
Object[] rgArgValues, byte[] rgbKey, PaddingMode padding,
CipherMode cipherChainingMode, int blockSize,
int feedbackSize, bool useSalt,
CryptoAPITransformMode encDecMode)
{
int dwValue;
byte[] rgbValue;
BlockSizeValue = blockSize;
ModeValue = cipherChainingMode;
PaddingValue = padding;
encryptOrDecrypt = encDecMode;
// Copy the input args
int _cArgs = cArgs;
int[] _rgArgIds = new int[rgArgIds.Length];
Array.Copy(rgArgIds, _rgArgIds, rgArgIds.Length);
_rgbKey = new byte[rgbKey.Length];
Array.Copy(rgbKey, _rgbKey, rgbKey.Length);
Object[] _rgArgValues = new Object[rgArgValues.Length];
// an element of rgArgValues can only be an int or a byte[]
for (int j = 0; j < rgArgValues.Length; j++)
{
if (rgArgValues[j] is byte[])
{
byte[] rgbOrig = (byte[])rgArgValues[j];
byte[] rgbNew = new byte[rgbOrig.Length];
Array.Copy(rgbOrig, rgbNew, rgbOrig.Length);
_rgArgValues[j] = rgbNew;
continue;
}
if (rgArgValues[j] is int)
{
_rgArgValues[j] = (int)rgArgValues[j];
continue;
}
if (rgArgValues[j] is CipherMode)
{
_rgArgValues[j] = (int)rgArgValues[j];
continue;
}
}
_safeProvHandle = Utils.AcquireProvHandle(new CspParameters(Utils.DefaultRsaProviderType));
SafeKeyHandle safeKeyHandle = SafeKeyHandle.InvalidHandle;
// _ImportBulkKey will check for failures and throw an exception
Utils._ImportBulkKey(_safeProvHandle, algid, useSalt, _rgbKey, ref safeKeyHandle);
_safeKeyHandle = safeKeyHandle;
for (int i = 0; i < cArgs; i++)
{
switch (rgArgIds[i])
{
case Constants.KP_IV:
IVValue = (byte[])_rgArgValues[i];
rgbValue = IVValue;
Utils.SetKeyParamRgb(_safeKeyHandle, _rgArgIds[i], rgbValue, rgbValue.Length);
break;
case Constants.KP_MODE:
ModeValue = (CipherMode)_rgArgValues[i];
dwValue = (Int32)_rgArgValues[i];
SetAsDWord:
Utils.SetKeyParamDw(_safeKeyHandle, _rgArgIds[i], dwValue);
break;
case Constants.KP_MODE_BITS:
dwValue = (Int32)_rgArgValues[i];
goto SetAsDWord;
case Constants.KP_EFFECTIVE_KEYLEN:
dwValue = (Int32)_rgArgValues[i];
goto SetAsDWord;
default:
throw new CryptographicException(Environment.GetResourceString("Cryptography_InvalidKeyParameter"), "_rgArgIds[i]");
}
}
}
public void EncryptOneShot_Array(byte[] plaintext, byte[] ciphertext, PaddingMode padding, CipherMode mode) => EncryptOneShot_ArrayTest(plaintext, ciphertext, padding, mode);
/// <summary>
/// 3des ecb模式加密
/// </summary>
/// <param name="aStrString">待加密的字符串</param>
/// <param name="aStrKey">密钥</param>
/// <param name="iv">加密矢量:只有在CBC解密模式下才适用</param>
/// <param name="mode">运算模式</param>
/// <returns>加密后的字符串</returns>
public static string Encrypt3Des(string aStrString, string aStrKey = "12345678qwertyui87654321", CipherMode mode = CipherMode.ECB, string iv = "1234abcd")
{
try
{
var des = new TripleDESCryptoServiceProvider
{
Key = Encoding.UTF8.GetBytes(aStrKey),
Mode = mode
};
if (mode == CipherMode.CBC)
{
des.IV = Encoding.UTF8.GetBytes(iv);
}
des.Padding = PaddingMode.PKCS7;
var desEncrypt = des.CreateEncryptor();
byte[] buffer = Encoding.UTF8.GetBytes(aStrString);
return(Convert.ToBase64String(desEncrypt.TransformFinalBlock(buffer, 0, buffer.Length)));
}
catch (Exception e)
{
return(string.Empty);
}
}
public void DecryptOneShot_Span(byte[] plaintext, byte[] ciphertext, PaddingMode padding, CipherMode mode) => DecryptOneShot_SpanTest(plaintext, ciphertext, padding, mode);
public void TryEncryptOneShot_Overlaps(byte[] plaintext, byte[] ciphertext, PaddingMode padding, CipherMode mode) => TryEncryptOneShot_OverlapsTest(plaintext, ciphertext, padding, mode);
public void setMode(CipherMode mode)
{
this.mode = mode;
}
public void TryEncryptOneShot_DestinationLarger(byte[] plaintext, byte[] ciphertext, PaddingMode padding, CipherMode mode) => TryEncryptOneShot_DestinationLargerTest(plaintext, ciphertext, padding, mode);
/// <summary>
/// 对称加密算法AES RijndaelManaged解密字符串
/// </summary>
/// <param name="decryptString">待解密的字符串</param>
/// <param name="decryptKey">解密密钥,和加密密钥相同</param>
/// <param name="mode">加密模式</param>
/// <returns>解密成功返回解密后的字符串,失败返回空</returns>
public static string AESDecrypt(this string decryptString, byte[] decryptKey, CipherMode mode = CipherMode.CBC)
{
try
{
using var rijndaelProvider = new RijndaelManaged()
{
Key = decryptKey,
IV = Keys,
Mode = mode
};
using ICryptoTransform rijndaelDecrypt = rijndaelProvider.CreateDecryptor();
byte[] inputData = Convert.FromBase64String(decryptString);
byte[] decryptedData = rijndaelDecrypt.TransformFinalBlock(inputData, 0, inputData.Length);
return(Encoding.UTF8.GetString(decryptedData));
}
catch
{
return(string.Empty);
}
}
public void OneShotRoundtrip(byte[] plaintext, byte[] ciphertext, PaddingMode padding, CipherMode mode) => OneShotRoundtripTest(plaintext, ciphertext, padding, mode);
/// <summary>
/// 加密文件流
/// </summary>
/// <param name="fs">需要加密的文件流</param>
/// <param name="decryptKey">加密密钥</param>
/// <param name="mode">加密模式</param>
/// <returns>加密流</returns>
public static CryptoStream AESEncryptStrream(this FileStream fs, string decryptKey, CipherMode mode = CipherMode.CBC)
{
decryptKey = GetSubString(decryptKey, 32, "");
decryptKey = decryptKey.PadRight(32, ' ');
using var rijndaelProvider = new RijndaelManaged()
{
Key = Encoding.UTF8.GetBytes(decryptKey),
IV = Keys,
Mode = mode
};
using var encrypto = rijndaelProvider.CreateEncryptor();
return(new CryptoStream(fs, encrypto, CryptoStreamMode.Write));
}
private static byte[] Encrypt(byte[] message, SymmetricAlgorithm sa, byte[] key, byte[] iv, CipherMode mode,
PaddingMode padding)
{
sa.Key = key;
sa.IV = iv;
sa.Mode = mode;
sa.Padding = padding;
MemoryStream ms = new MemoryStream();
CryptoStream cs = new CryptoStream(ms, sa.CreateEncryptor(), CryptoStreamMode.Write);
cs.Write(message, 0, message.Length);
cs.Close();
ms.Close();
return(ms.ToArray());
}
/// <summary>
/// 加密文件流
/// </summary>
/// <param name="fs">需要加密的文件流</param>
/// <param name="decryptKey">加密密钥</param>
/// <param name="mode">加密模式</param>
/// <returns>加密流</returns>
public static CryptoStream AESEncryptStrream(this FileStream fs, byte[] decryptKey, CipherMode mode = CipherMode.CBC)
{
using var rijndaelProvider = new RijndaelManaged()
{
Key = decryptKey,
IV = Keys,
Mode = mode
};
using var encrypto = rijndaelProvider.CreateEncryptor();
return(new CryptoStream(fs, encrypto, CryptoStreamMode.Write));
}
public static string DecryptStringFromBytes_Aes(byte[] cipherBytes, byte[] key, byte[] iv, int blockSize, CipherMode mode)
{
if (cipherBytes == null || cipherBytes.Length <= 0)
{
throw new ArgumentNullException("cipherText");
}
if (key == null || key.Length <= 0)
{
throw new ArgumentNullException("Key");
}
if (iv == null || iv.Length <= 0)
{
throw new ArgumentNullException("Key");
}
// Declare the string used to hold the decrypted text.
string plainText = null;
// Create an AesManaged object with the specified key and IV.
using (AesManaged aesAlg = new AesManaged()) {
aesAlg.Key = key;
aesAlg.IV = iv;
aesAlg.BlockSize = blockSize;
aesAlg.Mode = mode;
// Create a decrytor to perform the stream transform.
ICryptoTransform decryptor = aesAlg.CreateDecryptor(aesAlg.Key, aesAlg.IV);
// Create the streams used for decryption.
using (MemoryStream msDecrypt = new MemoryStream(cipherBytes)) {
using (CryptoStream csDecrypt = new CryptoStream(msDecrypt, decryptor, CryptoStreamMode.Read)) {
using (StreamReader srDecrypt = new StreamReader(csDecrypt)) {
// Read the decrypted bytes from the decrypting stream and place them in a string.
plainText = srDecrypt.ReadToEnd();
}
}
}
}
return(plainText);
}
private static void aesEncryptFile(CipherMode mode, byte[] keyBytes, byte[] ivBytes, string inputFile, string outputFile)
{
//Setting Up the AES object
Aes aes = Aes.Create();
aes.Mode = mode;
aes.Key = keyBytes;
//For ECB it will ignore the IV anyway so we dont have to worry about checking mode
if (ivBytes != null)
{
aes.IV = ivBytes;
}
else
{
// In the case where the user has not provided the IV
// It will print the IV to the console. We would not usally do
// this. But this allows me to check my output.
printIV(aes.IV);
}
// The Assignment doesn't seem require us to create code that will decrpyt the file as well.
// However, if you wanted to decrypt as well, it would be the same code as this method except
// here you would call aes.CreateDecryptor().
ICryptoTransform cryptoTransform = aes.CreateEncryptor();
// Here we open the input file
using (FileStream outputFileStream = new FileStream(outputFile, FileMode.Create))
{
using (CryptoStream cryptoStream = new CryptoStream(outputFileStream, cryptoTransform, CryptoStreamMode.Write))
{
// We are reading in blocks in a time just to make it a bit faster
var totalBytesRead = 0;
var offset = 0;
// This is how many bits per block we read in a time. However, it
// However, this has nothing do with AES block size. We could choose
// any block size. But we might as well use the AES block size and
// hopefully save some padding.
int inputBlockSize = 128;
byte[] inputData = new byte[inputBlockSize];
using (FileStream inputFileStream = new FileStream(inputFile, FileMode.Open))
{
var bytesRead = 0;
do
{
bytesRead = inputFileStream.Read(inputData, 0, inputBlockSize);
offset += bytesRead;
// The Crypto Stream will use the transformer we declared above
// to actually carry out the transformation.
cryptoStream.Write(inputData, 0, bytesRead);
totalBytesRead += bytesRead;
}while (bytesRead > 0);
inputFileStream.Close();
}
cryptoStream.FlushFinalBlock();
cryptoStream.Close();
}
outputFileStream.Close();
}
}
/// <summary>
/// 对称加密算法AES RijndaelManaged加密(RijndaelManaged(AES)算法是块式加密算法)
/// </summary>
/// <param name="encryptString">待加密字符串</param>
/// <param name="encryptKey">加密密钥,须半角字符</param>
/// <param name="mode">加密模式</param>
/// <returns>加密结果字符串</returns>
public static string AESEncrypt(this string encryptString, byte[] encryptKey, CipherMode mode = CipherMode.CBC)
{
using var rijndaelProvider = new RijndaelManaged
{
Key = encryptKey,
IV = Keys,
Mode = mode
};
using ICryptoTransform rijndaelEncrypt = rijndaelProvider.CreateEncryptor();
byte[] inputData = Encoding.UTF8.GetBytes(encryptString);
byte[] encryptedData = rijndaelEncrypt.TransformFinalBlock(inputData, 0, inputData.Length);
return(Convert.ToBase64String(encryptedData));
}
/// <summary>
/// 对称加密算法AES RijndaelManaged解密字符串
/// </summary>
/// <param name="decryptString">待解密的字符串</param>
/// <param name="mode">加密模式</param>
/// <returns>解密成功返回解密后的字符串,失败返源串</returns>
public static string AESDecrypt(this string decryptString, CipherMode mode = CipherMode.CBC)
{
return(AESDecrypt(decryptString, Default_AES_Key, mode));
}
/// <summary>
/// Initialize algo with key, block size, key size, padding mode and cipher mode to be known.
/// </summary>
/// <param name="key">ASCII key to be used for encryption or decryption</param>
/// <param name="blockSize">block size to use for AES algorithm. 128, 192 or 256 bits (default for incorrect size=256)</param>
/// <param name="keySize">key length to use for AES algorithm. 128, 192, or 256 bits (default for incorrect size=128)</param>
/// <param name="paddingMode"></param>
/// <param name="cipherMode"></param>
public AnotherAES(string key, int blockSize, int keySize, PaddingMode paddingMode, CipherMode cipherMode)
{
rijn = new RijndaelManaged();
rijn.Key = Encoding.UTF8.GetBytes(key);
rijn.BlockSize = (new string[] { "128", "192", "256" }).Contains(blockSize.ToString()) ? blockSize : 256;
rijn.KeySize = (new string[] { "128", "192", "256" }).Contains(blockSize.ToString()) ? keySize : 128;
rijn.Padding = paddingMode;
rijn.Mode = cipherMode;
}
private static string DecryptStringFromBytes_Aes(string cipherTextString, byte[] Key, byte[] IV, CipherMode mode, PaddingMode padding)
{
byte[] cipherText = Convert.FromBase64String(cipherTextString);
if (cipherText == null || cipherText.Length <= 0)
{
throw new ArgumentNullException("cipherText");
}
if (Key == null || Key.Length <= 0)
{
throw new ArgumentNullException("Key");
}
if (IV == null || IV.Length <= 0)
{
throw new ArgumentNullException("IV");
}
string plaintext = null;
using (Aes aesAlg = Aes.Create())
{
aesAlg.KeySize = 256;
aesAlg.BlockSize = 128;
aesAlg.Key = Key;
aesAlg.IV = IV;
aesAlg.Mode = mode;
aesAlg.Padding = padding;
ICryptoTransform decryptor = aesAlg.CreateDecryptor(aesAlg.Key, aesAlg.IV);
using (MemoryStream msDecrypt = new MemoryStream(cipherText))
{
using (CryptoStream csDecrypt =
new CryptoStream(msDecrypt, decryptor, CryptoStreamMode.Read))
{
using (StreamReader srDecrypt = new StreamReader(csDecrypt))
{
plaintext = srDecrypt.ReadToEnd();
}
}
}
}
return(plaintext);
}
