Exemple #1
0
        static void Main(string[] args)
        {
            Console.WriteLine("\n --- RSA.ALGORITHM ---\n");

            RsaAlgorithm rsa = new RsaAlgorithm();

            RsaPublicKey  publicKey  = rsa.GetPublicKeyEN();
            RsaPrivateKey privateKey = rsa.GetPrivateKeyDN();

            Console.WriteLine($" * Private key: {privateKey.D}, {privateKey.N}");
            Console.WriteLine($" * Public key: {publicKey.E}, {publicKey.N}");

            int input;

            do
            {
                Console.Write("\n - Enter for encrypt/decrypt (1 - 10000): ");
                input = int.Parse(Console.ReadLine() ?? string.Empty);
            } while (input < 1 || input > 10000);

            int encrypt = rsa.EncryptMessage(input);
            int decrypt = rsa.DecryptMessage(encrypt);

            Console.WriteLine($"\n * Encrypt: {encrypt}");
            Console.WriteLine($" * Decrypt: {decrypt}");

            Console.Write("\n --- Press <ENTER>: ");
            Console.ReadLine();
        }
Exemple #2
0
        /// <summary>
        /// Parsing encrypted FEK data from <see cref="byte"/>[].
        /// </summary>
        /// <param name="fekEncrypted">Encrypted FEK data.</param>
        /// <param name="privateKey">Users private RSA key used for decryption of encrypted FEK data.</param>
        public void ParseFek(byte[] fekEncrypted, RSAParameters privateKey)
        {
            var fekData = new RsaAlgorithm(privateKey).Decrypt(fekEncrypted);               // decryption of FEK data (Key length + Key)

            var keyLength = BitConverter.ToInt16(fekData, 0);                               // parse Key length

            Key = new byte[keyLength];
            Buffer.BlockCopy(fekData, 2, Key, 0, Key.Length);                               // parse Key byte[]
        }
        /// <summary>
        /// Second part of 2FA.
        /// </summary>
        /// <param name="user">User information.</param>
        /// <param name="certificate">User <see cref="X509Certificate2"/> public certificate in raw form.</param>
        /// <param name="usersDb">Enigma's user database.</param>
        /// <param name="crlListPath">Path on FS to CRL directory.</param>
        /// <param name="caTrustListPath">Path on FS to CA trust list.</param>
        public void LoginPartTwo(User user, byte[] certificate, UserDatabase usersDb, string crlListPath, string caTrustListPath)
        {
            var userCert = new X509Certificate2(certificate);
            var publicKeyFromCertificate = ((RSACryptoServiceProvider)userCert.PublicKey.Key).ExportParameters(false);

            // compare user public RSA key from x509 public certificate with a public RSA key that was stored when user first registered
            if (!RsaAlgorithm.CompareKeys(publicKeyFromCertificate, RsaAlgorithm.ExportParametersFromXmlString(user.PublicKey, false)))
            {
                throw new Exception("Wrong certificate used.");
            }
            // if wrong file is loaded instead of the x509 public certificate in PEM format
            if (userCert == null)
            {
                throw new Exception("Certificate error.");
            }

            // update user last login time and reset atttemp count
            usersDb.UpdateLoginTime(user, DateTime.Now.ToString("dddd, MMM dd yyyy, hh:mm:ss"));

            // reset login attempt if necessary
            if (user.LoginAttempt != 0)
            {
                usersDb.ResetLoginAttempts(user);
            }

            //if (CertificateValidator.VerifyCertificate(userCert, out var errorMsg, false) == false)
            //{
            //    throw new Exception(errorMsg);
            //}

            // Check if the certificate has been revoked and set Revoked value if necessary.
            if (CertificateValidator.VerifyCertificateRevocationStatus(userCert, crlListPath, caTrustListPath))
            {
                usersDb.SetCertificateRevokeStatus(user);
                //throw new Exception("Certificate has been revoked.");
            }
        }
        public static RSAParameters GetPrivateKey(byte[] encryptedPrivateKey, string password)
        {
            var keyRaw = DecryptTheUserKey(encryptedPrivateKey, password);

            return(RsaAlgorithm.ExportParametersFromPemKey(Encoding.ASCII.GetString(keyRaw), true));
        }
        //public void LoginPartTwo(string privateKeyPath, string password, UserInformation user)
        //{
        //    this.privateKeyPath = privateKeyPath;

        //    // decrypt the raw key file and create keyRaw
        //    var keyRaw = DecryptTheUserKey(File.ReadAllBytes(this.privateKeyPath), password);

        //    var privateParameters = new KeyFileParser(keyRaw).GetParameters();
        //    var publicKeyProvider = (RSACryptoServiceProvider)user.Certificate.PublicKey.Key;

        //    if (!RsaAlgorithm.CompareKeys(publicKeyProvider.ExportParameters(false), privateParameters))
        //    {
        //        throw new Exception("The given private key does not match this user's certificate.");
        //    }
        //}

        /// <summary>
        /// Gets users private RSA key from encryped user's key.
        /// </summary>
        /// <param name="encryptedPrivateKeyPath">Path to the user's encrypted RSA key haystack.</param>
        /// <param name="password">Users private RSA key password.</param>
        /// <returns>Users private RSA key.</returns>
        public RSAParameters GetPrivateKey(string encryptedPrivateKeyPath, string password)
        {
            var keyRaw = DecryptTheUserKey(File.ReadAllBytes(encryptedPrivateKeyPath), password);

            return(RsaAlgorithm.ExportParametersFromPemKey(Encoding.ASCII.GetString(keyRaw), true));
        }