Exemple #1
0
		private Stream EncryptStream(Stream s, ICipherEngine iCipher,
			byte[] pbKey, int cbIV, bool bEncrypt)
		{
			byte[] pbIV = (m_pbEncryptionIV ?? MemUtil.EmptyByteArray);
			if(pbIV.Length != cbIV)
			{
				Debug.Assert(false);
				throw new Exception(KLRes.FileCorrupted);
			}

			if(bEncrypt)
				return iCipher.EncryptStream(s, pbKey, pbIV);
			return iCipher.DecryptStream(s, pbKey, pbIV);
		}
Exemple #2
0
        private Stream AttachStreamDecryptor(Stream s)
        {
            MemoryStream ms = new MemoryStream();

            Debug.Assert(m_pbMasterSeed.Length == 32);
            if (m_pbMasterSeed.Length != 32)
            {
                throw new FormatException(KLRes.MasterSeedLengthInvalid);
            }
            ms.Write(m_pbMasterSeed, 0, 32);

            byte[] pKey32 = m_pwDatabase.MasterKey.GenerateKey32(m_pbTransformSeed,
                                                                 m_pwDatabase.KeyEncryptionRounds).ReadData();
            if ((pKey32 == null) || (pKey32.Length != 32))
            {
                throw new SecurityException(KLRes.InvalidCompositeKey);
            }
            ms.Write(pKey32, 0, 32);

#if KeePass2PCL
            var sha256 = WinRTCrypto.HashAlgorithmProvider.OpenAlgorithm(HashAlgorithm.Sha256);
            var aesKey = sha256.HashData(ms.ToArray());
#else
            SHA256Managed sha256 = new SHA256Managed();
            byte[]        aesKey = sha256.ComputeHash(ms.ToArray());
#endif

            ms.Dispose();
            Array.Clear(pKey32, 0, 32);

            if ((aesKey == null) || (aesKey.Length != 32))
            {
                throw new SecurityException(KLRes.FinalKeyCreationFailed);
            }

            ICipherEngine iEngine = CipherPool.GlobalPool.GetCipher(m_pwDatabase.DataCipherUuid);
            if (iEngine == null)
            {
                throw new SecurityException(KLRes.FileUnknownCipher);
            }
            return(iEngine.DecryptStream(s, aesKey, m_pbEncryptionIV));
        }
Exemple #3
0
 public byte[] Decrypt(ProtectedBinary encodedData, ProtectedBinary password)
 {
     byte[] rawData     = encodedData.ReadData();
     byte[] rawPassword = password.ReadData();
     try
     {
         using (var stream = new MemoryStream(rawData))
             using (var decryptingStream = _cipherEngine.DecryptStream(stream, rawPassword, _encryptionIV))
                 using (var reader = new MemoryStream())
                 {
                     decryptingStream.CopyTo(reader);
                     return(reader.ToArray());
                 }
     }
     finally
     {
         MemUtil.ZeroByteArray(rawData);
         MemUtil.ZeroByteArray(rawPassword);
     }
 }
Exemple #4
0
        /// <summary>
        /// The attach stream decryptor.
        /// </summary>
        /// <param name="s">
        /// The s.
        /// </param>
        /// <returns>
        /// The <see cref="Stream"/>.
        /// </returns>
        /// <exception cref="FormatException">
        /// </exception>
        /// <exception cref="SecurityException">
        /// </exception>
        private Stream AttachStreamDecryptor(Stream s, CancellationToken token)
        {
            MemoryStream ms = new MemoryStream();

            Debug.Assert(this.m_pbMasterSeed.Length == 32);
            if (this.m_pbMasterSeed.Length != 32)
            {
                throw new FormatException(KLRes.MasterSeedLengthInvalid);
            }

            ms.Write(this.m_pbMasterSeed, 0, 32);

            byte[] pKey32 = this.m_pwDatabase.MasterKey.GenerateKey32(this.m_pbTransformSeed, this.m_pwDatabase.KeyEncryptionRounds, token).ReadData();
            if ((pKey32 == null) || (pKey32.Length != 32))
            {
                throw new SecurityException(KLRes.InvalidCompositeKey);
            }

            ms.Write(pKey32, 0, 32);

            var sha256 = HashAlgorithmProvider.OpenAlgorithm(HashAlgorithmNames.Sha256);

            byte[] aesKey = sha256.HashData(ms.ToArray().AsBuffer()).ToArray();

            ms.Dispose();
            Array.Clear(pKey32, 0, 32);

            if ((aesKey == null) || (aesKey.Length != 32))
            {
                throw new SecurityException(KLRes.FinalKeyCreationFailed);
            }

            ICipherEngine iEngine = CipherPool.GlobalPool.GetCipher(this.m_pwDatabase.DataCipherUuid);

            if (iEngine == null)
            {
                throw new SecurityException(KLRes.FileUnknownCipher);
            }

            return(iEngine.DecryptStream(s, aesKey, this.m_pbEncryptionIV));
        }
Exemple #5
0
        private Stream AttachStreamDecryptor(Stream s)
        {
            MemoryStream ms = new MemoryStream();

            Debug.Assert(m_pbMasterSeed.Length == 32);
            if (m_pbMasterSeed.Length != 32)
            {
                throw new FormatException(KLRes.MasterSeedLengthInvalid);
            }
            ms.Write(m_pbMasterSeed, 0, 32);

            byte[] pKey32 = m_pwDatabase.MasterKey.GenerateKey32(m_pbTransformSeed,
                                                                 m_pwDatabase.KeyEncryptionRounds).ReadData();
            if ((pKey32 == null) || (pKey32.Length != 32))
            {
                throw new SecurityException(KLRes.InvalidCompositeKey);
            }
            ms.Write(pKey32, 0, 32);

            byte[] aesKey = Crypto.SHA256.ComputeHash(ms.ToArray());

            ms.Close();
            Array.Clear(pKey32, 0, 32);

            if ((aesKey == null) || (aesKey.Length != 32))
            {
                throw new SecurityException(KLRes.FinalKeyCreationFailed);
            }

            ICipherEngine iEngine = CipherPool.GlobalPool.GetCipher(m_pwDatabase.DataCipherUuid);

            if (iEngine == null)
            {
                throw new SecurityException(KLRes.FileUnknownCipher);
            }
            return(iEngine.DecryptStream(s, aesKey, m_pbEncryptionIV));
        }