internal void EncryptAndSign(byte[] inputNullable, int id, EncryptedFieldIds fieldId, out byte[] encrypted, out byte[] hmac) { if (inputNullable == null) { encrypted = null; hmac = null; return; } if (inputNullable.Length > 65535) { throw new ArgumentException(nameof(inputNullable)); } GetIVandKeys(id, fieldId, out var iv, out var aesKey, out var hmacKey); // encode length of input and add padding, to make it good for AES BinaryProcedures.CreateBinaryWriter(out var ms, out var w); w.Write((ushort)inputNullable.Length); w.Write(inputNullable); var bytesInLastBlock = (int)ms.Position % CryptoLibraries.AesBlockSize; if (bytesInLastBlock != 0) { var bytesRemainingTillFullAesBlock = CryptoLibraries.AesBlockSize - bytesInLastBlock; w.Write(_cryptoLibrary.GetRandomBytes(bytesRemainingTillFullAesBlock)); } var inputWithPadding = ms.ToArray(); encrypted = new byte[inputWithPadding.Length]; _cryptoLibrary.ProcessAesCbcBlocks(true, aesKey, iv, inputWithPadding, encrypted); hmac = _cryptoLibrary.GetSha256HMAC(hmacKey, encrypted); }
/// <param name="ack1SdIsReady"> /// =true for SD in ACK2 /// =false for SD in ACK1 (since the SessionDescription is not initialized yet) /// </param> internal byte[] Encrypt(ICryptoLibrary cryptoLibrary, InviteRequestPacket req, InviteAck1Packet ack1, InviteSession session, bool ack1SdIsReady ) { BinaryProcedures.CreateBinaryWriter(out var ms, out var w); w.Write(Flags); UserCertificate.Encode(w, false); BinaryProcedures.EncodeIPEndPoint(w, DirectChannelEndPoint); NatBehaviour.Encode(w); DirectChannelToken32.Encode(w); w.Write((byte)SessionType); UserCertificateSignature.Encode(w); var bytesInLastBlock = (int)ms.Position % CryptoLibraries.AesBlockSize; if (bytesInLastBlock != 0) { var bytesRemainingTillFullAesBlock = CryptoLibraries.AesBlockSize - bytesInLastBlock; w.Write(cryptoLibrary.GetRandomBytes(bytesRemainingTillFullAesBlock)); } var plainTextSdData = ms.ToArray(); var encryptedSdData = new byte[plainTextSdData.Length]; #region key, iv BinaryProcedures.CreateBinaryWriter(out var ms2, out var w2); req.GetSharedSignedFields(w2); ack1.GetSharedSignedFields(w2, ack1SdIsReady); var iv = cryptoLibrary.GetHashSHA256(ms2.ToArray()).Take(16).ToArray(); ms2.Write(session.SharedInviteAckDhSecret, 0, session.SharedInviteAckDhSecret.Length); var aesKey = cryptoLibrary.GetHashSHA256(ms2.ToArray()); // here SHA256 is used as KDF, together with common fields from packets, including both ECDH public keys and timestamp #endregion cryptoLibrary.ProcessAesCbcBlocks(true, aesKey, iv, plainTextSdData, encryptedSdData); return(encryptedSdData); }
public static Ike1Invitation CreateNew(ICryptoLibrary cryptoLibrary, RegistrationId registrationId) { return(new Ike1Invitation { ContactInvitationToken = cryptoLibrary.GetRandomBytes(InviteRequestPacket.ContactInvitationTokenSize), InvitationInitiatorRegistrationId = registrationId }); }
internal static byte[] EncodePlainTextMessageWithPadding_plainTextUtf8_256(ICryptoLibrary cryptoLibrary, string messageText) { var messageTextData = Encoding.UTF8.GetBytes(messageText); if (messageTextData.Length > 255) { throw new ArgumentException(); } BinaryProcedures.CreateBinaryWriter(out var ms, out var w); w.Write((byte)EncodedDataType.plainTextUtf8_256); w.Write((byte)messageTextData.Length); w.Write(messageTextData); // add padding with random data var bytesInLastBlock = (int)ms.Position % CryptoLibraries.AesBlockSize; if (bytesInLastBlock != 0) { var bytesRemainingTillFullAesBlock = CryptoLibraries.AesBlockSize - bytesInLastBlock; w.Write(cryptoLibrary.GetRandomBytes(bytesRemainingTillFullAesBlock)); } return(ms.ToArray()); }
internal static byte[] EncodeIke1DataWithPadding(ICryptoLibrary cryptoLibrary, Ike1Data ike1Data) { BinaryProcedures.CreateBinaryWriter(out var ms, out var w); byte flags = 0; w.Write(flags); ike1Data.UserId.Encode(w); w.Write((byte)ike1Data.RegistrationIds.Length); foreach (var localRegistrationId in ike1Data.RegistrationIds) { localRegistrationId.Encode(w); } // add padding with random data var bytesInLastBlock = (int)ms.Position % CryptoLibraries.AesBlockSize; if (bytesInLastBlock != 0) { var bytesRemainingTillFullAesBlock = CryptoLibraries.AesBlockSize - bytesInLastBlock; w.Write(cryptoLibrary.GetRandomBytes(bytesRemainingTillFullAesBlock)); } return(ms.ToArray()); }