public static void TestMasterIVWithWrongKeyEncryptingCrypto()
{
TypeMap.Register.Singleton <IRandomGenerator>(() => new FakeRandomGenerator());
IDerivedKey keyEncryptingKey = new V2DerivedKey(new Passphrase("secret"), new Salt(256), 100, 256);
V2KeyWrapHeaderBlock header = new V2KeyWrapHeaderBlock(new V2Aes256CryptoFactory(), keyEncryptingKey, 125);
header.SetDerivedKey(new V2Aes256CryptoFactory(), new V2DerivedKey(new Passphrase("another secret"), 256));
SymmetricIV iv = header.MasterIV;
Assert.That(iv, Is.Null);
}
public void TestLoadWithInvalidPassphrase()
{
Headers headers = new Headers();
V2Aes256CryptoFactory cryptoFactory = new V2Aes256CryptoFactory();
headers.HeaderBlocks.Add(new PreambleHeaderBlock());
headers.HeaderBlocks.Add(new VersionHeaderBlock(new byte[] { 4, 0, 2, 0, 0 }));
V2KeyWrapHeaderBlock originalKeyWrapBlock = new V2KeyWrapHeaderBlock(cryptoFactory, new V2DerivedKey(new Passphrase("RealKey"), 256), 10);
V2KeyWrapHeaderBlock headerKeyWrapBlock = new V2KeyWrapHeaderBlock(originalKeyWrapBlock.GetDataBlockBytes());
headers.HeaderBlocks.Add(headerKeyWrapBlock);
headers.HeaderBlocks.Add(new FileInfoEncryptedHeaderBlock(new byte[0]));
headers.HeaderBlocks.Add(new V2CompressionEncryptedHeaderBlock(new byte[1]));
headers.HeaderBlocks.Add(new V2UnicodeFileNameInfoEncryptedHeaderBlock(new byte[0]));
headers.HeaderBlocks.Add(new DataHeaderBlock());
IDerivedKey key;
key = cryptoFactory.RestoreDerivedKey(new Passphrase("WrongKey"), headerKeyWrapBlock.DerivationSalt, headerKeyWrapBlock.DerivationIterations);
headerKeyWrapBlock.SetDerivedKey(cryptoFactory, key);
V2DocumentHeaders documentHeaders = new V2DocumentHeaders(headerKeyWrapBlock);
Assert.That(documentHeaders.Load(headers), Is.False);
key = cryptoFactory.RestoreDerivedKey(new Passphrase("AnotherWrongKey"), headerKeyWrapBlock.DerivationSalt, headerKeyWrapBlock.DerivationIterations);
headerKeyWrapBlock.SetDerivedKey(cryptoFactory, key);
documentHeaders = new V2DocumentHeaders(headerKeyWrapBlock);
Assert.That(documentHeaders.Load(headers), Is.False);
key = cryptoFactory.RestoreDerivedKey(new Passphrase("RealKey"), headerKeyWrapBlock.DerivationSalt, headerKeyWrapBlock.DerivationIterations);
headerKeyWrapBlock.SetDerivedKey(cryptoFactory, key);
documentHeaders = new V2DocumentHeaders(headerKeyWrapBlock);
Assert.That(documentHeaders.Load(headers), Is.True);
}
public static void TestGetCryptoFromHeaders(CryptoImplementation cryptoImplementation)
{
SetupAssembly.AssemblySetupCrypto(cryptoImplementation);
Headers headers = new Headers();
V2DocumentHeaders documentHeaders = new V2DocumentHeaders(new EncryptionParameters(new V2Aes256CryptoFactory().CryptoId, new Passphrase("passphrase")), 10);
using (V2HmacStream <MemoryStream> stream = V2HmacStream.Create <MemoryStream>(new V2HmacCalculator(new SymmetricKey(new byte[0])), new MemoryStream()))
{
documentHeaders.WriteStartWithHmac(stream);
stream.Flush();
stream.Chained.Position = 0;
using (V2AxCryptReader reader = new V2AxCryptReader(new LookAheadStream(stream.Chained)))
{
while (reader.Read())
{
if (reader.CurrentItemType == AxCryptItemType.HeaderBlock)
{
headers.HeaderBlocks.Add(reader.CurrentHeaderBlock);
}
}
SymmetricKey dataEncryptingKey = documentHeaders.Headers.FindHeaderBlock <V2KeyWrapHeaderBlock>().MasterKey;
V2KeyWrapHeaderBlock keyWrap = headers.FindHeaderBlock <V2KeyWrapHeaderBlock>();
IDerivedKey key = new V2Aes256CryptoFactory().RestoreDerivedKey(new Passphrase("passphrase"), keyWrap.DerivationSalt, keyWrap.DerivationIterations);
keyWrap.SetDerivedKey(new V2Aes256CryptoFactory(), key);
Assert.That(dataEncryptingKey, Is.EqualTo(keyWrap.MasterKey));
key = new V2Aes256CryptoFactory().RestoreDerivedKey(new Passphrase("wrong"), keyWrap.DerivationSalt, keyWrap.DerivationIterations);
keyWrap.SetDerivedKey(new V2Aes256CryptoFactory(), key);
Assert.That(dataEncryptingKey, Is.Not.EqualTo(keyWrap.MasterKey));
}
}
}
/// <summary>
/// Loads an AxCrypt file from the specified reader. After this, the reader is positioned to
/// read encrypted data.
/// </summary>
/// <param name="passphrase">The passphrase.</param>
/// <param name="cryptoId">The crypto identifier.</param>
/// <param name="reader">The reader.</param>
/// <param name="headers">The headers.</param>
/// <returns>
/// True if the key was valid, false if it was wrong.
/// </returns>
private bool Load(Passphrase passphrase, Guid cryptoId, AxCryptReader reader, Headers headers)
{
ResetState();
if (cryptoId == new V1Aes128CryptoFactory().CryptoId)
{
return(PassphraseIsValid);
}
_reader = reader;
CryptoFactory = Resolve.CryptoFactory.Create(cryptoId);
V2KeyWrapHeaderBlock keyWrap = headers.FindHeaderBlock <V2KeyWrapHeaderBlock>();
IDerivedKey key = CryptoFactory.RestoreDerivedKey(passphrase, keyWrap.DerivationSalt, keyWrap.DerivationIterations);
keyWrap.SetDerivedKey(CryptoFactory, key);
DocumentHeaders = new V2DocumentHeaders(keyWrap);
PassphraseIsValid = DocumentHeaders.Load(headers);
Properties = EncryptedProperties.Create(this);
return(PassphraseIsValid);
}