public void TestCreateSessions(string topDir, string subDir, string signed, string packer,
string sessionFilename, string ciphertextFilename)
{
var kspath = Util.TestDataPath(WRITE_DATA, topDir, subDir);
Directory.CreateDirectory(kspath);
ISessionKeyPacker keyPacker = null;
int? keySize = null;
KeyType keyType = null;
if (!String.IsNullOrWhiteSpace(packer))
{
keyPacker = new BsonSessionKeyPacker();
keySize = 256;
keyType = UnofficialKeyType.AesAead;
}
using (var encrypter = new Encrypter(Util.TestDataPath(WRITE_DATA, "rsa.public")))
using (var signer = String.IsNullOrWhiteSpace(signed)
? null
: new AttachedSigner(Util.TestDataPath(WRITE_DATA, "dsa")))
using (var session = new SessionCrypter(encrypter, signer, keySize, keyType, keyPacker))
{
var material = session.SessionMaterial;
var ciphertext = session.Encrypt(input);
File.WriteAllText(Path.Combine(kspath, sessionFilename), material);
File.WriteAllText(Path.Combine(kspath, ciphertextFilename), ciphertext);
}
}
/// <summary>
/// Initializes a new instance of the <see cref="SessionCrypter" /> class.
/// </summary>
/// <param name="keyEncrypter">The key encrypter.</param>
/// <param name="signer">The signer, optionally used to certify sender. (Equivialent to SignedSessionEncrypter)</param>
/// <param name="keySize">Size of the key.</param>
/// <param name="symmetricKeyType">Type of the symmetric key. (requires unofficial keypacker)</param>
/// <param name="keyPacker">The key packer.</param>
/// <exception cref="System.ArgumentException">Without a supplying a keypacker you may only use KeyType.AES;symmetricKeyType</exception>
public SessionCrypter(Encrypter keyEncrypter, AttachedSigner signer = null, int?keySize = null,
KeyType symmetricKeyType = null, ISessionKeyPacker keyPacker = null)
{
Workings initLazy()
{
var workings = new Workings();
symmetricKeyType = symmetricKeyType ?? KeyType.Aes;
if (keyPacker == null && symmetricKeyType != KeyType.Aes)
{
throw new ArgumentException("Without a supplying a keypacker you may only use KeyType.AES",
nameof(symmetricKeyType));
}
if (signer != null)
{
keyPacker = keyPacker ?? new NonceSignedSessionPacker();
}
keyPacker = keyPacker ?? new SimpleAesHmacSha1KeyPacker();
var key = Key.Generate(symmetricKeyType, keySize ?? symmetricKeyType.DefaultSize);
workings._keyset = new ImportedKeySet(key, KeyPurpose.DecryptAndEncrypt);
workings._crypter = new Crypter(workings._keyset);
workings._signer = signer;
byte[] packedKey;
var sessionPacker = keyPacker as IInteroperableSessionMaterialPacker;
if (sessionPacker == null)
{
packedKey = keyPacker.Pack(key, Config);
}
else
{
var nonceSession = new NonceSessionMaterial((AesKey)key);
packedKey = sessionPacker.PackMaterial(nonceSession, Config);
workings._nonce = nonceSession.Nonce.ToBytes();
}
workings._sessionMaterial = WebBase64.FromBytes(keyEncrypter.Encrypt(packedKey));
if (sessionPacker == null && workings._signer != null)
{
workings._sessionMaterial = WebBase64.FromBytes(workings._signer.Sign(workings._sessionMaterial.ToBytes()));
}
return(workings);
}
_working = new Lazy <Workings>(initLazy);
}
/// <summary>
/// Initializes a new instance of the <see cref="SessionCrypter" /> class.
/// </summary>
/// <param name="keyDecrypter">The key decrypter.</param>
/// <param name="sessionMaterial">The session material.</param>
/// <param name="verifier">The verifier, optionally used to certify sender. (Equivialent to SignedSessionDecrypter)</param>
/// <param name="keyPacker">The key packer.</param>
public SessionCrypter(Crypter keyDecrypter, WebBase64 sessionMaterial, AttachedVerifier verifier = null,
ISessionKeyPacker keyPacker = null)
{
Workings initLazy()
{
var workings = new Workings();
if (verifier != null)
{
keyPacker = keyPacker ?? new NonceSignedSessionPacker();
}
keyPacker = keyPacker ?? new SimpleAesHmacSha1KeyPacker();
var sessionMaterialBytes = sessionMaterial.ToBytes();
var sessionPacker = keyPacker as IInteroperableSessionMaterialPacker;
workings._verifier = verifier;
if (sessionPacker == null && workings._verifier != null)
{
sessionMaterialBytes = workings._verifier.VerifiedMessage(sessionMaterialBytes);
}
var packedBytes = keyDecrypter.Decrypt(sessionMaterialBytes);
Key key;
if (sessionPacker == null)
{
key = keyPacker.Unpack(packedBytes, Config);
}
else
{
var nonceSession = sessionPacker.UnpackMaterial(packedBytes, Config);
key = nonceSession.Key;
workings._nonce = nonceSession.Nonce.ToBytes();
}
workings._keyset = new ImportedKeySet(key, KeyPurpose.DecryptAndEncrypt);
workings._crypter = new Crypter(workings._keyset);
workings._sessionMaterial = sessionMaterial;
return(workings);
}
_working = new Lazy <Workings>(initLazy);
}
/// <summary>
/// Initializes a new instance of the <see cref="SessionCrypter" /> class.
/// </summary>
/// <param name="keyEncrypter">The key encrypter.</param>
/// <param name="signer">The signer, optionally used to certify sender. (Equivialent to SignedSessionEncrypter)</param>
/// <param name="keySize">Size of the key.</param>
/// <param name="symmetricKeyType">Type of the symmetric key. (requires unofficial keypacker)</param>
/// <param name="keyPacker">The key packer.</param>
/// <exception cref="System.ArgumentException">Without a supplying a keypacker you may only use KeyType.AES;symmetricKeyType</exception>
public SessionCrypter(Encrypter keyEncrypter, AttachedSigner signer = null, int?keySize = null,
KeyType symmetricKeyType = null, ISessionKeyPacker keyPacker = null)
{
symmetricKeyType = symmetricKeyType ?? KeyType.Aes;
if (keyPacker == null && symmetricKeyType != KeyType.Aes)
{
throw new ArgumentException("Without a supplying a keypacker you may only use KeyType.AES",
"symmetricKeyType");
}
if (signer != null)
{
keyPacker = keyPacker ?? new NonceSignedSessionPacker();
}
keyPacker = keyPacker ?? new SimpleAesHmacSha1KeyPacker();
var key = Key.Generate(symmetricKeyType, keySize ?? symmetricKeyType.DefaultSize);
_keyset = new ImportedKeySet(key, KeyPurpose.DecryptAndEncrypt);
_crypter = new Crypter(_keyset);
_signer = signer;
byte[] packedKey;
var sessionPacker = keyPacker as IInteroperableSessionMaterialPacker;
if (sessionPacker == null)
{
packedKey = keyPacker.Pack(key);
}
else
{
var nonceSession = new NonceSessionMaterial((AesKey)key);
packedKey = sessionPacker.PackMaterial(nonceSession);
_nonce = nonceSession.Nonce.ToBytes();
}
_sessionMaterial = WebBase64.FromBytes(keyEncrypter.Encrypt(packedKey));
if (sessionPacker == null && _signer != null)
{
_sessionMaterial = WebBase64.FromBytes(_signer.Sign(_sessionMaterial.ToBytes()));
}
}
/// <summary>
/// Initializes a new instance of the <see cref="SessionCrypter" /> class.
/// </summary>
/// <param name="keyDecrypter">The key decrypter.</param>
/// <param name="sessionMaterial">The session material.</param>
/// <param name="verifier">The verifier, optionally used to certify sender. (Equivialent to SignedSessionDecrypter)</param>
/// <param name="keyPacker">The key packer.</param>
public SessionCrypter(Crypter keyDecrypter, WebBase64 sessionMaterial, AttachedVerifier verifier = null,
ISessionKeyPacker keyPacker = null)
{
if (verifier != null)
{
keyPacker = keyPacker ?? new NonceSignedSessionPacker();
}
keyPacker = keyPacker ?? new SimpleAesHmacSha1KeyPacker();
var sessionMaterialBytes = sessionMaterial.ToBytes();
var sessionPacker = keyPacker as IInteroperableSessionMaterialPacker;
_verifier = verifier;
if (sessionPacker == null && _verifier != null)
{
sessionMaterialBytes = _verifier.VerifiedMessage(sessionMaterialBytes);
}
var packedBytes = keyDecrypter.Decrypt(sessionMaterialBytes);
Key key;
if (sessionPacker == null)
{
key = keyPacker.Unpack(packedBytes);
}
else
{
var nonceSession = sessionPacker.UnpackMaterial(packedBytes);
key = nonceSession.Key;
_nonce = nonceSession.Nonce.ToBytes();
}
_keyset = new ImportedKeySet(key, KeyPurpose.DecryptAndEncrypt);
_crypter = new Crypter(_keyset);
_sessionMaterial = sessionMaterial;
}
