internal PemBlockCipherImpl(bool forEncryption, DekInfo dekInfo, IBlockCipherBuilder <IParameters <Algorithm> > baseCipher) { this.dekInfo = dekInfo; this.baseCipher = baseCipher; }
internal static ICipherBuilder <DekInfo> Crypt( bool encrypt, char[] password, String dekAlgName, byte[] iv) { byte[] ivValue = iv; String blockMode = "CBC"; byte[] sKey; IBlockCipherService cipherService = null; IBlockCipherBuilder <IParameters <Algorithm> > blockCipherBuilder = null; ICipherBuilder <IParameters <Algorithm> > cipherBuilder = null; DekInfo dekInfo; if (iv != null && iv.Length != 0) { dekInfo = new DekInfo(dekAlgName + "," + Hex.ToHexString(iv)); } else { dekInfo = new DekInfo(dekAlgName); } // Figure out block mode and padding. if (dekAlgName.EndsWith("-CFB")) { blockMode = "CFB"; } if (dekAlgName.EndsWith("-ECB") || "DES-EDE".Equals(dekAlgName) || "DES-EDE3".Equals(dekAlgName)) { // ECB is actually the default (though seldom used) when OpenSSL // uses DES-EDE (des2) or DES-EDE3 (des3). blockMode = "ECB"; } if (dekAlgName.EndsWith("-OFB")) { blockMode = "OFB"; } // Figure out algorithm and key size. if (dekAlgName.StartsWith("DES-EDE")) { // "DES-EDE" is actually des2 in OpenSSL-speak! // "DES-EDE3" is des3. bool des2 = !dekAlgName.StartsWith("DES-EDE3"); FipsTripleDes.Key tdesKey = new FipsTripleDes.Key(getKey(password, 24, iv, des2)); cipherService = CryptoServicesRegistrar.CreateService(tdesKey); if (blockMode.Equals("CBC")) { if (encrypt) { blockCipherBuilder = cipherService.CreateBlockEncryptorBuilder(FipsTripleDes.Cbc.WithIV(ivValue)); } else { blockCipherBuilder = cipherService.CreateBlockDecryptorBuilder(FipsTripleDes.Cbc.WithIV(ivValue)); } } else if (blockMode.Equals("CFB")) { if (encrypt) { cipherBuilder = cipherService.CreateEncryptorBuilder(FipsTripleDes.Cfb64.WithIV(ivValue)); } else { cipherBuilder = cipherService.CreateDecryptorBuilder(FipsTripleDes.Cfb64.WithIV(ivValue)); } } else if (blockMode.Equals("OFB")) { if (encrypt) { cipherBuilder = cipherService.CreateEncryptorBuilder(FipsTripleDes.Ofb.WithIV(ivValue)); } else { cipherBuilder = cipherService.CreateDecryptorBuilder(FipsTripleDes.Ofb.WithIV(ivValue)); } } else { if (encrypt) { blockCipherBuilder = cipherService.CreateBlockEncryptorBuilder(FipsTripleDes.Ecb); } else { blockCipherBuilder = cipherService.CreateBlockDecryptorBuilder(FipsTripleDes.Ecb); } } } else if (dekAlgName.StartsWith("DES-")) { sKey = getKey(password, 8, iv); throw new InvalidOperationException("no support for DES"); } else if (dekAlgName.StartsWith("BF-")) { sKey = getKey(password, 16, iv); throw new InvalidOperationException("no support for Blowfish"); } else if (dekAlgName.StartsWith("RC2-")) { int keyBits = 128; if (dekAlgName.StartsWith("RC2-40-")) { keyBits = 40; } else if (dekAlgName.StartsWith("RC2-64-")) { keyBits = 64; } //sKey = new RC2Parameters(getKey(password, keyBits / 8, iv).getKey(), keyBits); throw new InvalidOperationException("no support for RC2"); } else if (dekAlgName.StartsWith("AES-")) { byte[] salt = iv; if (salt.Length > 8) { salt = new byte[8]; Array.Copy(iv, 0, salt, 0, 8); } int keyBits; if (dekAlgName.StartsWith("AES-128-")) { keyBits = 128; } else if (dekAlgName.StartsWith("AES-192-")) { keyBits = 192; } else if (dekAlgName.StartsWith("AES-256-")) { keyBits = 256; } else { throw new InvalidOperationException("unknown AES encryption with private key: " + dekAlgName); } FipsAes.Key aesKey = new FipsAes.Key(getKey(password, keyBits / 8, salt)); cipherService = CryptoServicesRegistrar.CreateService(aesKey); if (blockMode.Equals("CBC")) { if (encrypt) { blockCipherBuilder = cipherService.CreateBlockEncryptorBuilder(FipsAes.Cbc.WithIV(ivValue)); } else { blockCipherBuilder = cipherService.CreateBlockDecryptorBuilder(FipsAes.Cbc.WithIV(ivValue)); } } else if (blockMode.Equals("CFB")) { if (encrypt) { cipherBuilder = cipherService.CreateEncryptorBuilder(FipsAes.Cfb128.WithIV(ivValue)); } else { cipherBuilder = cipherService.CreateDecryptorBuilder(FipsAes.Cfb128.WithIV(ivValue)); } } else if (blockMode.Equals("OFB")) { if (encrypt) { cipherBuilder = cipherService.CreateEncryptorBuilder(FipsAes.Ofb.WithIV(ivValue)); } else { cipherBuilder = cipherService.CreateDecryptorBuilder(FipsAes.Ofb.WithIV(ivValue)); } } else { if (encrypt) { blockCipherBuilder = cipherService.CreateBlockEncryptorBuilder(FipsAes.Ecb); } else { blockCipherBuilder = cipherService.CreateBlockDecryptorBuilder(FipsAes.Ecb); } } } else { throw new InvalidOperationException("unknown encryption with private key: " + dekAlgName); } if (blockMode.Equals("CBC") || blockMode.Equals("ECB")) { if (encrypt) { return(new PemBlockCipherImpl(encrypt, dekInfo, blockCipherBuilder)); } else { return(new PemBlockCipherImpl(encrypt, dekInfo, blockCipherBuilder)); } } else { if (encrypt) { return(new PemCipherImpl(dekInfo, cipherBuilder)); } else { return(new PemCipherImpl(dekInfo, cipherBuilder)); } } }
internal PkixBlockCipherBuilder(AlgorithmIdentifier algDetails, IBlockCipherBuilder <IParameters <Algorithm> > baseCipherBuilder) { this.algDetails = algDetails; this.baseBlockCipherBuilder = baseCipherBuilder; }