// ------------------------------------------------------------------------------- /// <summary> /// Decrypt and uncompress the ciphertext. (with signature) /// </summary> /// <param name="ciphertext">The ciphertext to be decrypted.</param> /// <param name="compressStreamReader">A StreamReader for the uncompressing the stream</param> /// <returns>The encrypted plaintext (-> ciphertext).</returns> public byte[] Decrypt(byte[] ciphertext, CompressStreamReaderDelegate compressStreamReader) { byte[] ret; try { ret = SignedDecrypt(ciphertext, compressStreamReader); } catch (Exception ex) { throw new Exception("Error within OlympCryptography.Decrypt, see inner exception.", ex); } return(ret); }
// ------------------------------------------------------------------------------- /// <summary> /// SignedDecrypt the ciphertext. /// </summary> /// <param name="ciphertext">The ciphertext to be decrypted.</param> /// <param name="compressStreamReader">A StreamReader for the uncompressing the stream</param> /// <returns>The decrypted ciphertext (-> plaintext).</returns> private byte[] SignedDecrypt(byte[] ciphertext, CompressStreamReaderDelegate compressStreamReader) { byte[] plaintext = null; MemoryStream memoryStream = new MemoryStream(ciphertext); // get the initialization vector BinaryFormatter formatter = new BinaryFormatter(); byte[] IV = formatter.Deserialize(memoryStream) as byte[]; // get signature and DSA parameters byte[] signature = formatter.Deserialize(memoryStream) as byte[]; DSAParameters dsaParameters = (DSAParameters) formatter.Deserialize(memoryStream); DSACryptoServiceProvider dsaVerifier = new DSACryptoServiceProvider(); dsaVerifier.ImportParameters(dsaParameters); //Creates the default implementation, which is RijndaelManaged. SymmetricAlgorithm rijn = SymmetricAlgorithm.Create(); // creates a symmetric decryptor object with the specified Key and initialization vector (IV). ICryptoTransform decryptor = rijn.CreateDecryptor(this.key, IV); // prepare the Crypto Stream CryptoStream encryptedData = new CryptoStream(memoryStream, decryptor, CryptoStreamMode.Read); MemoryStream plainData = null; if (compressStreamReader != null) { // decrypt ciphertext MemoryStream decryptedData = this.GetBytes(encryptedData); decryptedData.Position = 0; // decompress ciphertext using (Stream sr = compressStreamReader(decryptedData)) { plainData = this.GetBytes(sr); sr.Close(); } plainData.Position = 0; } else { // decrypt ciphertext plainData = this.GetBytes(encryptedData); plainData.Position = 0; } // Check Digital signature SHA1 sha1Provider = new SHA1CryptoServiceProvider(); byte[] hashbytes = sha1Provider.ComputeHash(plainData); if(!dsaVerifier.VerifyHash(hashbytes, CryptoConfig.MapNameToOID(SHA1), signature)) { throw new Exception("OlympCryptography.SignedDecrypt: Invalid digital signature - data manipulated!"); } plaintext = plainData.ToArray(); return plaintext; }
// ------------------------------------------------------------------------------- /// <summary> /// Decrypt and uncompress the ciphertext. (with signature) /// </summary> /// <param name="ciphertext">The ciphertext to be decrypted.</param> /// <param name="compressStreamReader">A StreamReader for the uncompressing the stream</param> /// <returns>The encrypted plaintext (-> ciphertext).</returns> public byte[] Decrypt(byte[] ciphertext, CompressStreamReaderDelegate compressStreamReader) { byte[] ret; try { ret = SignedDecrypt(ciphertext, compressStreamReader); } catch (Exception ex) { throw new Exception("Error within OlympCryptography.Decrypt, see inner exception.", ex); } return ret; }
// ------------------------------------------------------------------------------- /// <summary> /// SignedDecrypt the ciphertext. /// </summary> /// <param name="ciphertext">The ciphertext to be decrypted.</param> /// <param name="compressStreamReader">A StreamReader for the uncompressing the stream</param> /// <returns>The decrypted ciphertext (-> plaintext).</returns> private byte[] SignedDecrypt(byte[] ciphertext, CompressStreamReaderDelegate compressStreamReader) { byte[] plaintext = null; MemoryStream memoryStream = new MemoryStream(ciphertext); // get the initialization vector BinaryFormatter formatter = new BinaryFormatter(); byte[] IV = formatter.Deserialize(memoryStream) as byte[]; // get signature and DSA parameters byte[] signature = formatter.Deserialize(memoryStream) as byte[]; DSAParameters dsaParameters = (DSAParameters)formatter.Deserialize(memoryStream); DSACryptoServiceProvider dsaVerifier = new DSACryptoServiceProvider(); dsaVerifier.ImportParameters(dsaParameters); //Creates the default implementation, which is RijndaelManaged. SymmetricAlgorithm rijn = SymmetricAlgorithm.Create(); // creates a symmetric decryptor object with the specified Key and initialization vector (IV). ICryptoTransform decryptor = rijn.CreateDecryptor(this.key, IV); // prepare the Crypto Stream CryptoStream encryptedData = new CryptoStream(memoryStream, decryptor, CryptoStreamMode.Read); MemoryStream plainData = null; if (compressStreamReader != null) { // decrypt ciphertext MemoryStream decryptedData = this.GetBytes(encryptedData); decryptedData.Position = 0; // decompress ciphertext using (Stream sr = compressStreamReader(decryptedData)) { plainData = this.GetBytes(sr); sr.Close(); } plainData.Position = 0; } else { // decrypt ciphertext plainData = this.GetBytes(encryptedData); plainData.Position = 0; } // Check Digital signature SHA1 sha1Provider = new SHA1CryptoServiceProvider(); byte[] hashbytes = sha1Provider.ComputeHash(plainData); if (!dsaVerifier.VerifyHash(hashbytes, CryptoConfig.MapNameToOID(SHA1), signature)) { throw new Exception("OlympCryptography.SignedDecrypt: Invalid digital signature - data manipulated!"); } plaintext = plainData.ToArray(); return(plaintext); }