/// <summary>
/// Decrypt the encryptedTuple.
/// </summary>
/// <param name="context">Your Android Context, likely your Activity or Service</param>
/// <param name="alias">Alias is the name you are using for the key, use sensible name</param>
/// <param name="encryptedTuple">Encrypted tuple.</param>
public static string Decrypt(Context context, string alias, EncryptedTuple encryptedTuple)
{
var confidentialKeyWrapper = new SecretKeyWrapper(context, alias);
var secretKeys = confidentialKeyWrapper.CheckMacAndDecrypt(encryptedTuple.EncryptedSymmetricKey);
return(AesCbcWithIntegrity.DecryptString(new AesCbcWithIntegrity.CipherTextIvMac(encryptedTuple.EncryptedText), secretKeys));
}
/// <summary>
/// Encrypt the specified clearText.
/// </summary>
/// <param name="context">Your Android Context, likely your Activity or Service</param>
/// <param name="alias">Alias is the name you are using for the key, use sensible name</param>
/// <param name="clearText">The content you want to encrypt</param>
public static EncryptedTuple Encrypt(Context context, string alias, string clearText)
{
var secretKeys = AesCbcWithIntegrity.GenerateKey();
var confidentialKeyWrapper = new SecretKeyWrapper(context, alias);
var encryptedSymmetricKey = confidentialKeyWrapper.EncryptedThenMac(secretKeys);
var encryptedBundle = AesCbcWithIntegrity.Encrypt(Encoding.UTF8.GetBytes(clearText), secretKeys);
return(new EncryptedTuple(encryptedBundle.ToString(), encryptedSymmetricKey));
}
public void TestSecretKeyWrapperRoundTrip()
{
var secretKeyWrapper = new SecretKeyWrapper(context, UnitTestAlias);
var secretKeys = AesCbcWithIntegrity.GenerateKey();
var wrappedKey = secretKeyWrapper.EncryptedThenMac(secretKeys);
Assert.False(AesCbcWithIntegrity.KeyString(secretKeys) == wrappedKey);
var unwrappedKey = secretKeyWrapper.CheckMacAndDecrypt(wrappedKey);
Assert.True(AesCbcWithIntegrity.KeyString(secretKeys) == AesCbcWithIntegrity.KeyString(unwrappedKey));
}
public string EncryptedThenMac(AesCbcWithIntegrity.SecretKeys keys)
{
cipher.Init(CipherMode.EncryptMode, pair.Public);
var cipherText = cipher.DoFinal(Encoding.UTF8.GetBytes(AesCbcWithIntegrity.KeyString(keys)));
Signature s = Signature.GetInstance(HmacAlgorithm);
s.InitSign(pair.Private);
s.Update(cipherText);
byte [] signature = s.Sign();
return(string.Format("{0}:{1}", Convert.ToBase64String(signature), Convert.ToBase64String(cipherText)));
}
public void TestAesCbcWithIntegrityRoundTrip()
{
var privateKey = AesCbcWithIntegrity.GenerateKey();
var mySecretText = "This is my secret";
var mySecretBytes = Encoding.UTF8.GetBytes(mySecretText);
var cipherText = AesCbcWithIntegrity.Encrypt(mySecretBytes, privateKey);
Assert.False(AesCbcWithIntegrity.ConstantTimeEq(mySecretBytes, cipherText.GetCipherText()));
var decryptedBytes = AesCbcWithIntegrity.Decrypt(cipherText, privateKey);
var decryptedText = Encoding.UTF8.GetString(decryptedBytes);
Assert.True(mySecretText == decryptedText,
string.Format("Expect {0} but got {1}", mySecretText, decryptedText));
}
public AesCbcWithIntegrity.SecretKeys CheckMacAndDecrypt(string encryptedForm)
{
string [] separators = { ":" };
var stuffs = encryptedForm.Split(separators, StringSplitOptions.None);
var signature = Convert.FromBase64String(stuffs [0]);
var blob = Convert.FromBase64String(stuffs[1]);
// prevent padding oracle attack
Signature s = Signature.GetInstance(HmacAlgorithm);
s.InitVerify(cert.PublicKey);
s.Update(blob);
if (!s.Verify(signature))
{
throw new GeneralSecurityException("bad mac");
}
cipher.Init(CipherMode.DecryptMode, pair.Private);
var decrypted = cipher.DoFinal(blob);
return(AesCbcWithIntegrity.Keys(Encoding.UTF8.GetString(decrypted)));
}
