public void TestEncrypt()
{
foreach (var example in LoadExamples())
{
var key = Hex.Decode(example.Key);
var iv = Hex.Decode(example.Iv);
var plaintext = Hex.Decode(example.Plaintext);
using (var ctr = new AesCtr(key, iv))
{
ctr.Encrypt(plaintext, 0, plaintext.Length, plaintext, 0);
Assert.Equal(example.Ciphertext, Hex.Encode(plaintext));
}
}
}
public void TestChallenge18()
{
var encrypted = Convert.FromBase64String(Set3Data.Challenge18Input);
var keyStr = "YELLOW SUBMARINE";
var key = System.Text.Encoding.ASCII.GetBytes(keyStr);
ulong nonce = 0;
var decrypted = AesCtr.Decrypt(key, nonce, encrypted);
var actual = System.Text.Encoding.ASCII.GetString(decrypted);
Assert.AreEqual(Set3Data.Challenge18Solution, actual);
// Encrypt and verify against input data
var enc = AesCtr.Encrypt(key, nonce, decrypted);
CollectionAssert.AreEqual(encrypted, enc);
}
public void Aes128CtrEncrypt(string plainString, string encryptedHexString)
{
// Obtain the key.
byte[] key = "7b6dcbffad4bbbcd25e2a80201739233".HexToBytes();
// Obtain the data as bytes.
byte[] plainData = Encoding.UTF8.GetBytes(plainString);
// Encrypt the provided data.
byte[] resultData = AesCtr.Encrypt(key, plainData, null);
string resultHexString = resultData.ToHexString(false);
// Assert the data is the same length
Assert.Equal(plainData.Length, resultData.Length);
// Verify the string equals the original string.
Assert.Equal(encryptedHexString, resultHexString, true);
}
public void Aes192CtrEncryptDecrypt(string testString)
{
// Generate a random key.
byte[] key = new byte[24]; // 192 bit
RandomNumberGenerator random = RandomNumberGenerator.Create();
random.GetBytes(key);
// Obtain the data as bytes.
byte[] testData = Encoding.UTF8.GetBytes(testString);
// Encrypt then decrypt the data.
byte[] encrypted = AesCtr.Encrypt(key, testData);
byte[] decrypted = AesCtr.Decrypt(key, encrypted);
// Get the decrypted result as a string
string result = Encoding.UTF8.GetString(decrypted);
// Verify the string equals the original string.
Assert.Equal(testString, result);
}
[InlineData("603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4", "f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff", "6bc1bee22e409f96e93d7e117393172aae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411e5fbc1191a0a52eff69f2445df4f9b17ad2b417be66c3710", "601ec313775789a5b7a7f504bbf3d228f443e3ca4d62b59aca84e990cacaf5c52b0930daa23de94ce87017ba2d84988ddfc9c58db67aada613c2dd08457941a6")] // AES-256-CTR
public void AesCtrTestWithNISTVectors(string keyHexString, string counterHexString, string plainTextHexString, string cipherTextHexString)
{
// Obtain the components as bytes.
byte[] key = keyHexString.HexToBytes();
byte[] counter = counterHexString.HexToBytes();
byte[] plainTextData = plainTextHexString.HexToBytes();
// Encrypt the provided data.
byte[] encryptedData = AesCtr.Encrypt(key, plainTextData, counter);
string encryptedDataHexString = encryptedData.ToHexString(false);
// Assert this equals our ciphered text
Assert.Equal(cipherTextHexString, encryptedDataHexString, true);
// Decrypt the data back to it's original format
byte[] decryptedData = AesCtr.Decrypt(key, encryptedData, counter);
string decryptedDataHexString = decryptedData.ToHexString(false);
// Assert this equals our plain text
Assert.Equal(plainTextHexString, decryptedDataHexString, true);
}
public void TestLargeMessage()
{
var key = new byte[16];
var iv = new byte[16];
var message = new byte[10000];
var last = new byte[16];
var expected = "3b9a44f22bb1522f10c00ff8ca5195ea";
// Test encrypting the whole message
using (var ctr = new AesCtr(key, iv))
{
ctr.Encrypt(message, 0, message.Length, message, 0);
Array.Copy(message, message.Length - last.Length, last, 0, last.Length);
Assert.Equal(expected, Hex.Encode(last));
}
// Test encrypting the message in chunks
using (var ctr = new AesCtr(key, iv))
{
Array.Clear(message, 0, message.Length);
var seg = new ArraySegment <byte>(message);
var chunkSize = 137;
while (seg.Count > 0)
{
ctr.Encrypt(seg.Array, seg.Offset, seg.Count, message, 0);
seg = seg.Slice(Math.Min(seg.Count, chunkSize));
}
Array.Copy(message, message.Length - last.Length, last, 0, last.Length);
Assert.Equal(expected, Hex.Encode(last));
}
}
public static byte[] Encrypt(EthereumEcdsa remotePublicKey, byte[] data, byte[] sharedMacData = null)
{
// If we have no shared mac data, we set it as a blank array
sharedMacData = sharedMacData ?? Array.Empty <byte>();
// Generate a random private key
EthereumEcdsa senderPrivateKey = EthereumEcdsa.Generate(new SystemRandomAccountDerivation());
// Generate the elliptic curve diffie hellman ("ECDH") shared key
byte[] ecdhKey = senderPrivateKey.ComputeECDHKey(remotePublicKey);
// Perform NIST SP 800-56 Concatenation Key Derivation Function ("KDF")
Memory <byte> keyData = DeriveKeyKDF(ecdhKey, 32);
// Split the AES encryption key and MAC from the derived key data.
var aesKey = keyData.Slice(0, 16).ToArray();
byte[] hmacSha256Key = keyData.Slice(16, 16).ToArray();
hmacSha256Key = _sha256.ComputeHash(hmacSha256Key);
// We generate a counter for our aes-128-ctr operation.
byte[] counter = new byte[AesCtr.BLOCK_SIZE];
_randomNumberGenerator.GetBytes(counter);
// Encrypt the data accordingly.
byte[] encryptedData = AesCtr.Encrypt(aesKey, data, counter);
// Obtain the sender's public key to compile our message.
byte[] localPublicKey = senderPrivateKey.ToPublicKeyArray(false, true);
// We'll want to put this data into the message in the following order (where || is concatenation):
// ECIES_HEADER_BYTE (1 byte) || sender's public key (64 bytes) || counter (16 bytes) || encrypted data (arbitrary length) || tag (32 bytes)
// This gives us a total size of 113 + data.Length
byte[] result = new byte[ECIES_ADDITIONAL_OVERHEAD + encryptedData.Length];
// Define a pointer and copy in our data as suggested.
int offset = 0;
result[offset++] = ECIES_HEADER_BYTE;
Array.Copy(localPublicKey, 0, result, offset, localPublicKey.Length);
offset += localPublicKey.Length;
Array.Copy(counter, 0, result, offset, counter.Length);
offset += counter.Length;
Array.Copy(encryptedData, 0, result, offset, encryptedData.Length);
offset += encryptedData.Length;
// We still have to copy the tag, which is a HMACSHA256 of our counter + encrypted data + shared mac.
// We copy the data into a buffer for this hash computation since counter + encrypted data are already aligned.
byte[] tagPreimage = new byte[counter.Length + encryptedData.Length + sharedMacData.Length];
Array.Copy(result, 65, tagPreimage, 0, counter.Length + encryptedData.Length);
Array.Copy(sharedMacData, 0, tagPreimage, counter.Length + encryptedData.Length, sharedMacData.Length);
// Obtain a HMACSHA256 provider
HMACSHA256 hmacSha256 = new HMACSHA256(hmacSha256Key);
// Compute a hash of our counter + encrypted data + shared mac data.
byte[] tag = hmacSha256.ComputeHash(tagPreimage);
// Copy the tag into our result buffer.
Array.Copy(tag, 0, result, offset, tag.Length);
offset += tag.Length;
// Return the resulting data.
return(result);
}
