protected void encryptBtn_Click(object sender, EventArgs e)
{
//get the users data and pin code input
String pass = passText.Text;
String passname = passName.Text;
String pin = pinText.Text;
//server side input validation
if (passname.Length < 1)
{
Label2.ForeColor = System.Drawing.Color.Red;
Label2.Text = "Please Enter a Password Name";
return;
}
if (pass.Length < 1)
{
Label2.ForeColor = System.Drawing.Color.Red;
Label2.Text = "Please Enter a Password";
return;
}
if (pin.Length < 1)
{
Label2.ForeColor = System.Drawing.Color.Red;
Label2.Text = "Please Enter a Pin Code";
return;
}
//hash the user inputted pincode
String key = Bouncy.Hash(pin);
//get instance of AESCipher internal class
AESCipher AESCipher = new AESCipher();
//generate a 16 byte random IV
byte[] ivBytes = AESCipher.GenerateRandomIV(16);
//convert IV to string
String iv = Convert.ToBase64String(ivBytes);
//encrypt the password using the pin code and the IV
String encrypted = AESCipher.encrypt(pass, key, iv);
Debug.WriteLine("encrypted text..................................." + encrypted);
//set the encrypted password and hashed pin code on screen
passText.Text = encrypted;
pinText.Text = key;
}
public void TestAESCipher()
{
AESCipher aesCipher = new AESCipher();
byte[] key = aesCipher.Key;
Assert.AreEqual(32, key.Length);
byte[] iv = aesCipher.IV;
// AES block size is 16 bytes
Assert.AreEqual(16, iv.Length);
Console.WriteLine("AES Key: " + Convert.ToBase64String(key));
Console.WriteLine("AES IV: " + Convert.ToBase64String(iv));
string cleartext = "<?xml version=\"1.0\" encoding=\"utf-8\"?><FolaighMethodCall><methodName>methodOne</methodName><arg0>arg0</arg0><arg1>arg1</arg1></FolaighMethodCall>";
byte[] encryptedText = aesCipher.encrypt(cleartext);
Console.WriteLine("Encrypted text:" + Convert.ToBase64String(encryptedText));
aesCipher = new AESCipher(key, iv);
string decryptedText = aesCipher.decrypt(encryptedText);
Assert.AreEqual(cleartext, decryptedText);
Console.WriteLine("Decrypted Text: <" + decryptedText + ">");
}
public void TestSecureTransport()
{
String methodName = "methodOne";
String arg0 = "arg0";
String arg1 = "arg1";
TestWebServiceProxy testProxy = new TestWebServiceProxy();
ITransportProxy proxy = testProxy;
FolaighKeyStore keyStore = new FolaighKeyStore(KEYSTORE, "bird8top".ToCharArray());
RSACipher encryptorVerifier = new RSACipher(
keyStore,
"countyKey",
false);
RSACipher signerDecryptor = new RSACipher(
keyStore,
"stateKey",
true);
SecureTransport transport = new SecureTransport(
proxy,
encryptorVerifier,
signerDecryptor);
// Test for the proxy method
String message = "message";
String signature = "signature";
String aesKey = "key";
String iv = "iv";
String senderAlias = "alias";
String retval = proxy.send(message, signature, aesKey, iv, senderAlias);
String returnVal = transport.send(methodName, new String[] { arg0, arg1 });
// First, just check to see if something got to the proxy.
Assert.IsNotNull(returnVal);
Assert.IsNotNull(testProxy.m_aesKey);
Assert.IsNotNull(testProxy.m_iv);
Assert.IsNotNull(testProxy.m_message);
Assert.IsNotNull(testProxy.m_senderAlias);
Assert.IsNotNull(testProxy.m_signature);
Console.WriteLine("Encrypted AES Key:" + testProxy.m_aesKey);
Console.WriteLine("Encrypted IV:" + testProxy.m_iv);
Console.WriteLine("Encrypted Message:" + testProxy.m_message);
Console.WriteLine("Sender Alias:" + testProxy.m_senderAlias);
Console.WriteLine("Signature:" + testProxy.m_signature);
// Decrypt the AES Key
RSACipher testDecryptor = new RSACipher(
keyStore,
"countyKey",
true);
byte[] testKey = testDecryptor.decrypt(Convert.FromBase64String(testProxy.m_aesKey));
byte[] testIV = testDecryptor.decrypt(Convert.FromBase64String(testProxy.m_iv));
Console.WriteLine("Decrypted Key:" + Convert.ToBase64String(testKey));
Console.WriteLine("Decrypted IV:" + Convert.ToBase64String(testIV));
AESCipher cipher = new AESCipher(testKey, testIV);
// Independently encrypt the message and make sure they're the same
MethodInfo mInfo = new MethodInfo(methodName, new String[] { arg0, arg1 });
String xml = mInfo.encode();
String testEncryptedMessage = Convert.ToBase64String(cipher.encrypt(xml));
Assert.AreEqual(xml, cipher.decrypt(Convert.FromBase64String(testEncryptedMessage)));
Assert.AreEqual(testEncryptedMessage, testProxy.m_message);
string decryptedMessage = cipher.decrypt(Convert.FromBase64String(testProxy.m_message));
string expectedMessage = expectedMethodInfo.encode();
Assert.AreEqual(expectedMessage, decryptedMessage);
}