public Encryptor()
{
byte[] masterSalt = Owasp.Esapi.Esapi.SecurityConfiguration().MasterSalt;
string masterPassword = Owasp.Esapi.Esapi.SecurityConfiguration().MasterPassword;
this.encryptAlgorithm = Owasp.Esapi.Esapi.SecurityConfiguration().EncryptionAlgorithm;
this.signatureAlgorithm = Owasp.Esapi.Esapi.SecurityConfiguration().DigitalSignatureAlgorithm;
this.randomAlgorithm = Owasp.Esapi.Esapi.SecurityConfiguration().RandomAlgorithm;
this.hashAlgorithm = Owasp.Esapi.Esapi.SecurityConfiguration().HashAlgorithm;
try
{
SymmetricAlgorithm symmetricAlgorithm = SymmetricAlgorithm.Create(this.encryptAlgorithm);
symmetricAlgorithm.GenerateIV();
this.iv = symmetricAlgorithm.IV;
symmetricAlgorithm.Padding = PaddingMode.PKCS7;
this.secretKey = new PasswordDeriveBytes(masterPassword, masterSalt).CryptDeriveKey(this.encryptAlgorithm, "SHA1", symmetricAlgorithm.KeySize, this.iv);
this.encoding = Owasp.Esapi.Esapi.SecurityConfiguration().CharacterEncoding;
this.asymmetricKeyPair = new CspParameters(13);
this.asymmetricKeyPair.KeyContainerName = "ESAPI";
RandomNumberGenerator.Create(this.randomAlgorithm);
}
catch (Exception ex)
{
EncryptionException encryptionException = new EncryptionException("Encryption failure", "Error creating Encryptor", ex);
}
}
public bool VerifySeal(string seal, string data)
{
string str;
try
{
str = this.Decrypt(seal);
}
catch (EncryptionException ex)
{
EncryptionException encryptionException = new EncryptionException("Invalid seal", "Seal did not decrypt properly", (Exception)ex);
return(false);
}
int length = str.IndexOf(":");
if (length == -1)
{
EncryptionException encryptionException = new EncryptionException("Invalid seal", "Seal did not contain properly formatted separator");
return(false);
}
if (DateTime.Now.Ticks > long.Parse(str.Substring(0, length)))
{
EncryptionException encryptionException = new EncryptionException("Invalid seal", "Seal expiration date has expired");
return(false);
}
if (str.Substring(length + 1).Equals(data))
{
return(true);
}
EncryptionException encryptionException1 = new EncryptionException("Invalid seal", "Seal data does not match");
return(false);
}
public void EncryptionException()
{
var ex1 = new EncryptionException("MyMessage1");
var ex2 = new EncryptionException("MyMessage2", ex1);
Assert.AreEqual(ex1, ex2.InnerException);
Assert.AreEqual("MyMessage2", ex2.Message);
}
public Randomizer()
{
string randomAlgorithm = Owasp.Esapi.Esapi.SecurityConfiguration().RandomAlgorithm;
try
{
this.randomNumberGenerator = RandomNumberGenerator.Create();
}
catch (Exception ex)
{
EncryptionException encryptionException = new EncryptionException("Error creating randomizer", "Can't find random algorithm " + randomAlgorithm, ex);
}
}
public bool VerifySignature(string signature, string data)
{
try
{
DSACryptoServiceProvider cryptoServiceProvider = new DSACryptoServiceProvider(this.asymmetricKeyPair);
Encoding encoding = Encoding.GetEncoding(this.encoding);
byte[] rgbSignature = Owasp.Esapi.Esapi.Encoder().DecodeFromBase64(signature);
byte[] bytes = encoding.GetBytes(data);
return(cryptoServiceProvider.VerifyData(bytes, rgbSignature));
}
catch (Exception ex)
{
EncryptionException encryptionException = new EncryptionException("Invalid signature", "Problem verifying signature: " + ex.Message, ex);
return(false);
}
}
/* ----------------------------------------------------------------- */ /// /// CreateMessage /// /// <summary> /// PDF の結合中に暗号化に関わるエラーが発生した時のメッセージを /// 生成します。 /// </summary> /// /* ----------------------------------------------------------------- */ private static string CreateMessage(EncryptionException err) => Properties.Resources.MessageMergePassword;
