public MonteCarloTest2(int Iterations, string Key, string Input, string Output)
{
this._key = Hex.Decode(Key);
this._input = Hex.Decode(Input);
this._output = Hex.Decode(Output);
this._engine = new AesFastEngine();
this._iterations = Iterations;
}
public MonteCarloTest2(int Iterations, string Key, string Input, string Output)
{
this._key = Hex.Decode(Key);
this._input = Hex.Decode(Input);
this._output = Hex.Decode(Output);
this._engine = new AesFastEngine();
this._iterations = Iterations;
}
/// <summary>Creates a new instance of AESCipher with CBC and no padding</summary>
/// <param name="forEncryption">
/// if true the cipher is initialised for
/// encryption, if false for decryption
/// </param>
/// <param name="key">the key to be used in the cipher</param>
public AESCipherCBCnoPad(bool forEncryption, byte[] key)
{
IBlockCipher aes = new AesFastEngine();
cbc = new CbcBlockCipher(aes);
KeyParameter kp = new KeyParameter(key);
cbc.Init(forEncryption, kp);
}
protected byte[] AES_CMAC(CBORObject alg, byte[] K)
{
int cbitKey;
int cbitTag;
IBlockCipher aes = new AesFastEngine();
CMac mac = new CMac(aes);
KeyParameter ContentKey;
// The requirements from spec
// IV is 128 bits of zeros
// key sizes are 128, 192 and 256 bits
// Authentication tag sizes are 64 and 128 bits
byte[] IV = new byte[128 / 8];
Debug.Assert(alg.Type == CBORType.TextString);
switch (alg.AsString())
{
case "AES-CMAC-128/64":
cbitKey = 128;
cbitTag = 64;
break;
case "AES-CMAC-256/64":
cbitKey = 256;
cbitTag = 64;
break;
default:
throw new Exception("Unrecognized algorithm");
}
if (K.Length != cbitKey / 8)
{
throw new CoseException("Key is incorrectly sized");
}
ContentKey = new KeyParameter(K);
// Build the text to be digested
mac.Init(ContentKey);
byte[] toDigest = BuildContentBytes();
byte[] C = new byte[128 / 8];
mac.BlockUpdate(toDigest, 0, toDigest.Length);
mac.DoFinal(C, 0);
byte[] rgbOut = new byte[cbitTag / 8];
Array.Copy(C, 0, rgbOut, 0, cbitTag / 8);
return(rgbOut);
}
/// <summary>Creates a new instance of AESCipher with CBC and no padding</summary>
/// <param name="forEncryption">
/// if true the cipher is initialised for
/// encryption, if false for decryption
/// </param>
/// <param name="key">the key to be used in the cipher</param>
/// <param name="initVector">initialization vector to be used in cipher</param>
public AESCipherCBCnoPad(bool forEncryption, byte[] key, byte[] initVector)
{
IBlockCipher aes = new AesFastEngine();
cbc = new CbcBlockCipher(aes);
KeyParameter kp = new KeyParameter(key);
ParametersWithIV piv = new ParametersWithIV(kp, initVector);
cbc.Init(forEncryption, piv);
}
/** Creates a new instance of AESCipher */
public AESCipher(bool forEncryption, byte[] key, byte[] iv)
{
IBlockCipher aes = new AesFastEngine();
IBlockCipher cbc = new CbcBlockCipher(aes);
bp = new PaddedBufferedBlockCipher(cbc);
KeyParameter kp = new KeyParameter(key);
ParametersWithIV piv = new ParametersWithIV(kp, iv);
bp.Init(forEncryption, piv);
}
public AesBenchmark()
{
#pragma warning disable 0618
var engine = new AesFastEngine();
#pragma warning restore 0618
bouncySlow = CipherUtilities.GetCipher("AES/ECB/NoPadding");
bouncySlow.Init(true, new KeyParameter(new byte[16]));
bouncyFast = new BufferedBlockCipher(engine);
bouncyFast.Init(true, new KeyParameter(new byte[16]));
}
private byte[] DecryptAesFast(byte[] Key, byte[] Data)
{
int blocks = Data.Length / 16;
byte[] outputData = new byte[Data.Length];
AesFastEngine transform = new AesFastEngine();
transform.Init(false, Key);
for (int i = 0; i < blocks; i++)
transform.ProcessBlock(Data, i * 16, outputData, i * 16);
return outputData;
}
private byte[] EncryptAesFast(byte[] Key, byte[] Data)
{
int blocks = Data.Length / 16;
byte[] outputData = new byte[Data.Length];
AesFastEngine transform = new AesFastEngine();
transform.Init(true, Key);
for (int i = 0; i < blocks; i++)
{
transform.ProcessBlock(Data, i * 16, outputData, i * 16);
}
return(outputData);
}
public static BufferedCipherBase GetCipher(string algorithm)
{
if (algorithm == null)
{
throw new ArgumentNullException("algorithm");
}
string algorithmUpper = algorithm.ToUpper(CultureInfo.InvariantCulture);
IBlockCipher blockCipher = null;
if (algorithmUpper == "AES/CTR/NOPADDING")
{
blockCipher = new AesFastEngine();
blockCipher = new SicBlockCipher(blockCipher);
BufferedCipherBase BCBblockCipher = new BufferedBlockCipher(blockCipher);
return(BCBblockCipher);
}
throw new Exception("Cipher " + algorithm + " not recognised.");
}
private void randomTest(
SecureRandom srng)
{
int DAT_LEN = srng.Next(1024);
byte[] nonce = new byte[NONCE_LEN];
byte[] authen = new byte[AUTHEN_LEN];
byte[] datIn = new byte[DAT_LEN];
byte[] key = new byte[16];
srng.NextBytes(nonce);
srng.NextBytes(authen);
srng.NextBytes(datIn);
srng.NextBytes(key);
AesFastEngine engine = new AesFastEngine();
KeyParameter sessKey = new KeyParameter(key);
EaxBlockCipher eaxCipher = new EaxBlockCipher(engine);
AeadParameters parameters = new AeadParameters(sessKey, MAC_LEN * 8, nonce, authen);
eaxCipher.Init(true, parameters);
byte[] intrDat = new byte[eaxCipher.GetOutputSize(datIn.Length)];
int outOff = eaxCipher.ProcessBytes(datIn, 0, DAT_LEN, intrDat, 0);
outOff += eaxCipher.DoFinal(intrDat, outOff);
eaxCipher.Init(false, parameters);
byte[] datOut = new byte[eaxCipher.GetOutputSize(outOff)];
int resultLen = eaxCipher.ProcessBytes(intrDat, 0, outOff, datOut, 0);
eaxCipher.DoFinal(datOut, resultLen);
if (!AreEqual(datIn, datOut))
{
Fail("EAX roundtrip failed to match");
}
}
/// <summary>
/// Creates a new instance of the mabi cipher
/// </summary>
/// <param name="forEncryption">True if the cipher will be used to encrypt data, false otherwise</param>
/// <param name="key">The key, in little endian form</param>
public MabiAesEngine(bool forEncryption, byte[] key)
{
_aesEngine = new AesFastEngine();
_aesEngine.Init(forEncryption, key);
}
public InsecureEncryptionAlgorithm()
{
// Rule will raise an issue for both S2278 and S5547 as they are activated by default in unit tests
// Noncompliant@+1 {{Use the recommended AES (Advanced Encryption Standard) instead.}}
using (var tripleDES = new MyTripleDESCryptoServiceProvider()) // Noncompliant {{Use a strong cipher algorithm.}}
// ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
{
//...
}
// Noncompliant@+1
using (var des = new DESCryptoServiceProvider()) // Noncompliant
{
//...
}
// Noncompliant@+1
using (TripleDES TripleDESalg = TripleDES.Create()) // Noncompliant
// ^^^^^^^^^^^^^^^^^^
{
}
// Noncompliant@+1
using (var des = DES.Create("fgdsgsdfgsd")) // Noncompliant
{
}
using (var aes = new AesCryptoServiceProvider())
{
//...
}
// Noncompliant@+1
using (var rc21 = new RC2CryptoServiceProvider()) // Noncompliant
{
}
// Noncompliant@+1
using (var rc22 = RC2.Create()) // Noncompliant
{
}
// Noncompliant@+1
SymmetricAlgorithm des1 = SymmetricAlgorithm.Create("DES"); // Noncompliant
// Noncompliant@+1
des1 = SymmetricAlgorithm.Create("TripleDES"); // Noncompliant
// Noncompliant@+1
des1 = SymmetricAlgorithm.Create("3DES"); // Noncompliant
// Noncompliant@+1
var rc2 = SymmetricAlgorithm.Create("RC2"); // Noncompliant
// Noncompliant@+1
var crypto = CryptoConfig.CreateFromName("DES"); // Noncompliant
// Noncompliant@+1
var aesFastEngine = new AesFastEngine(); // Noncompliant
// ^^^^^^^^^^^^^
var oid = CryptoConfig.MapNameToOID("DES"); // Compliant
var unknown = new Unknown(); // Compliant // Error [CS0246]
}
public static IBufferedCipher GetCipher(string algorithm)
{
//IL_0008: Unknown result type (might be due to invalid IL or missing references)
//IL_0469: Unknown result type (might be due to invalid IL or missing references)
//IL_0495: Unknown result type (might be due to invalid IL or missing references)
//IL_07f1: Unknown result type (might be due to invalid IL or missing references)
if (algorithm == null)
{
throw new ArgumentNullException("algorithm");
}
algorithm = Platform.ToUpperInvariant(algorithm);
string text = (string)algorithms.get_Item((object)algorithm);
if (text != null)
{
algorithm = text;
}
IBasicAgreement basicAgreement = null;
if (algorithm == "IES")
{
basicAgreement = new DHBasicAgreement();
}
else if (algorithm == "ECIES")
{
basicAgreement = new ECDHBasicAgreement();
}
if (basicAgreement != null)
{
return(new BufferedIesCipher(new IesEngine(basicAgreement, new Kdf2BytesGenerator(new Sha1Digest()), new HMac(new Sha1Digest()))));
}
if (Platform.StartsWith(algorithm, "PBE"))
{
if (Platform.EndsWith(algorithm, "-CBC"))
{
if (algorithm == "PBEWITHSHA1ANDDES-CBC")
{
return(new PaddedBufferedBlockCipher(new CbcBlockCipher(new DesEngine())));
}
if (algorithm == "PBEWITHSHA1ANDRC2-CBC")
{
return(new PaddedBufferedBlockCipher(new CbcBlockCipher(new RC2Engine())));
}
if (Strings.IsOneOf(algorithm, "PBEWITHSHAAND2-KEYTRIPLEDES-CBC", "PBEWITHSHAAND3-KEYTRIPLEDES-CBC"))
{
return(new PaddedBufferedBlockCipher(new CbcBlockCipher(new DesEdeEngine())));
}
if (Strings.IsOneOf(algorithm, "PBEWITHSHAAND128BITRC2-CBC", "PBEWITHSHAAND40BITRC2-CBC"))
{
return(new PaddedBufferedBlockCipher(new CbcBlockCipher(new RC2Engine())));
}
}
else if ((Platform.EndsWith(algorithm, "-BC") || Platform.EndsWith(algorithm, "-OPENSSL")) && Strings.IsOneOf(algorithm, "PBEWITHSHAAND128BITAES-CBC-BC", "PBEWITHSHAAND192BITAES-CBC-BC", "PBEWITHSHAAND256BITAES-CBC-BC", "PBEWITHSHA256AND128BITAES-CBC-BC", "PBEWITHSHA256AND192BITAES-CBC-BC", "PBEWITHSHA256AND256BITAES-CBC-BC", "PBEWITHMD5AND128BITAES-CBC-OPENSSL", "PBEWITHMD5AND192BITAES-CBC-OPENSSL", "PBEWITHMD5AND256BITAES-CBC-OPENSSL"))
{
return(new PaddedBufferedBlockCipher(new CbcBlockCipher(new AesFastEngine())));
}
}
string[] array = algorithm.Split(new char[1] {
'/'
});
IBlockCipher blockCipher = null;
IAsymmetricBlockCipher asymmetricBlockCipher = null;
IStreamCipher streamCipher = null;
string text2 = array[0];
string text3 = (string)algorithms.get_Item((object)text2);
if (text3 != null)
{
text2 = text3;
}
CipherAlgorithm cipherAlgorithm;
try
{
cipherAlgorithm = (CipherAlgorithm)Enums.GetEnumValue(typeof(CipherAlgorithm), text2);
}
catch (ArgumentException)
{
throw new SecurityUtilityException("Cipher " + algorithm + " not recognised.");
}
switch (cipherAlgorithm)
{
case CipherAlgorithm.AES:
blockCipher = new AesFastEngine();
break;
case CipherAlgorithm.ARC4:
streamCipher = new RC4Engine();
break;
case CipherAlgorithm.BLOWFISH:
blockCipher = new BlowfishEngine();
break;
case CipherAlgorithm.CAMELLIA:
blockCipher = new CamelliaEngine();
break;
case CipherAlgorithm.CAST5:
blockCipher = new Cast5Engine();
break;
case CipherAlgorithm.CAST6:
blockCipher = new Cast6Engine();
break;
case CipherAlgorithm.DES:
blockCipher = new DesEngine();
break;
case CipherAlgorithm.DESEDE:
blockCipher = new DesEdeEngine();
break;
case CipherAlgorithm.ELGAMAL:
asymmetricBlockCipher = new ElGamalEngine();
break;
case CipherAlgorithm.GOST28147:
blockCipher = new Gost28147Engine();
break;
case CipherAlgorithm.HC128:
streamCipher = new HC128Engine();
break;
case CipherAlgorithm.HC256:
streamCipher = new HC256Engine();
break;
case CipherAlgorithm.IDEA:
blockCipher = new IdeaEngine();
break;
case CipherAlgorithm.NOEKEON:
blockCipher = new NoekeonEngine();
break;
case CipherAlgorithm.PBEWITHSHAAND128BITRC4:
case CipherAlgorithm.PBEWITHSHAAND40BITRC4:
streamCipher = new RC4Engine();
break;
case CipherAlgorithm.RC2:
blockCipher = new RC2Engine();
break;
case CipherAlgorithm.RC5:
blockCipher = new RC532Engine();
break;
case CipherAlgorithm.RC5_64:
blockCipher = new RC564Engine();
break;
case CipherAlgorithm.RC6:
blockCipher = new RC6Engine();
break;
case CipherAlgorithm.RIJNDAEL:
blockCipher = new RijndaelEngine();
break;
case CipherAlgorithm.RSA:
asymmetricBlockCipher = new RsaBlindedEngine();
break;
case CipherAlgorithm.SALSA20:
streamCipher = new Salsa20Engine();
break;
case CipherAlgorithm.SEED:
blockCipher = new SeedEngine();
break;
case CipherAlgorithm.SERPENT:
blockCipher = new SerpentEngine();
break;
case CipherAlgorithm.SKIPJACK:
blockCipher = new SkipjackEngine();
break;
case CipherAlgorithm.TEA:
blockCipher = new TeaEngine();
break;
case CipherAlgorithm.THREEFISH_256:
blockCipher = new ThreefishEngine(256);
break;
case CipherAlgorithm.THREEFISH_512:
blockCipher = new ThreefishEngine(512);
break;
case CipherAlgorithm.THREEFISH_1024:
blockCipher = new ThreefishEngine(1024);
break;
case CipherAlgorithm.TNEPRES:
blockCipher = new TnepresEngine();
break;
case CipherAlgorithm.TWOFISH:
blockCipher = new TwofishEngine();
break;
case CipherAlgorithm.VMPC:
streamCipher = new VmpcEngine();
break;
case CipherAlgorithm.VMPC_KSA3:
streamCipher = new VmpcKsa3Engine();
break;
case CipherAlgorithm.XTEA:
blockCipher = new XteaEngine();
break;
default:
throw new SecurityUtilityException("Cipher " + algorithm + " not recognised.");
}
if (streamCipher != null)
{
if (array.Length > 1)
{
throw new ArgumentException("Modes and paddings not used for stream ciphers");
}
return(new BufferedStreamCipher(streamCipher));
}
bool flag = false;
bool flag2 = true;
IBlockCipherPadding blockCipherPadding = null;
IAeadBlockCipher aeadBlockCipher = null;
if (array.Length > 2)
{
if (streamCipher != null)
{
throw new ArgumentException("Paddings not used for stream ciphers");
}
string text4 = array[2];
CipherPadding cipherPadding;
if (text4 == "")
{
cipherPadding = CipherPadding.RAW;
}
else if (text4 == "X9.23PADDING")
{
cipherPadding = CipherPadding.X923PADDING;
}
else
{
try
{
cipherPadding = (CipherPadding)Enums.GetEnumValue(typeof(CipherPadding), text4);
}
catch (ArgumentException)
{
throw new SecurityUtilityException("Cipher " + algorithm + " not recognised.");
}
}
switch (cipherPadding)
{
case CipherPadding.NOPADDING:
flag2 = false;
break;
case CipherPadding.ISO10126PADDING:
case CipherPadding.ISO10126D2PADDING:
case CipherPadding.ISO10126_2PADDING:
blockCipherPadding = new ISO10126d2Padding();
break;
case CipherPadding.ISO7816_4PADDING:
case CipherPadding.ISO9797_1PADDING:
blockCipherPadding = new ISO7816d4Padding();
break;
case CipherPadding.ISO9796_1:
case CipherPadding.ISO9796_1PADDING:
asymmetricBlockCipher = new ISO9796d1Encoding(asymmetricBlockCipher);
break;
case CipherPadding.OAEP:
case CipherPadding.OAEPPADDING:
asymmetricBlockCipher = new OaepEncoding(asymmetricBlockCipher);
break;
case CipherPadding.OAEPWITHMD5ANDMGF1PADDING:
asymmetricBlockCipher = new OaepEncoding(asymmetricBlockCipher, new MD5Digest());
break;
case CipherPadding.OAEPWITHSHA1ANDMGF1PADDING:
case CipherPadding.OAEPWITHSHA_1ANDMGF1PADDING:
asymmetricBlockCipher = new OaepEncoding(asymmetricBlockCipher, new Sha1Digest());
break;
case CipherPadding.OAEPWITHSHA224ANDMGF1PADDING:
case CipherPadding.OAEPWITHSHA_224ANDMGF1PADDING:
asymmetricBlockCipher = new OaepEncoding(asymmetricBlockCipher, new Sha224Digest());
break;
case CipherPadding.OAEPWITHSHA256ANDMGF1PADDING:
case CipherPadding.OAEPWITHSHA_256ANDMGF1PADDING:
asymmetricBlockCipher = new OaepEncoding(asymmetricBlockCipher, new Sha256Digest());
break;
case CipherPadding.OAEPWITHSHA384ANDMGF1PADDING:
case CipherPadding.OAEPWITHSHA_384ANDMGF1PADDING:
asymmetricBlockCipher = new OaepEncoding(asymmetricBlockCipher, new Sha384Digest());
break;
case CipherPadding.OAEPWITHSHA512ANDMGF1PADDING:
case CipherPadding.OAEPWITHSHA_512ANDMGF1PADDING:
asymmetricBlockCipher = new OaepEncoding(asymmetricBlockCipher, new Sha512Digest());
break;
case CipherPadding.PKCS1:
case CipherPadding.PKCS1PADDING:
asymmetricBlockCipher = new Pkcs1Encoding(asymmetricBlockCipher);
break;
case CipherPadding.PKCS5:
case CipherPadding.PKCS5PADDING:
case CipherPadding.PKCS7:
case CipherPadding.PKCS7PADDING:
blockCipherPadding = new Pkcs7Padding();
break;
case CipherPadding.TBCPADDING:
blockCipherPadding = new TbcPadding();
break;
case CipherPadding.WITHCTS:
flag = true;
break;
case CipherPadding.X923PADDING:
blockCipherPadding = new X923Padding();
break;
case CipherPadding.ZEROBYTEPADDING:
blockCipherPadding = new ZeroBytePadding();
break;
default:
throw new SecurityUtilityException("Cipher " + algorithm + " not recognised.");
case CipherPadding.RAW:
break;
}
}
string text5 = "";
if (array.Length > 1)
{
text5 = array[1];
int digitIndex = GetDigitIndex(text5);
string text6 = ((digitIndex >= 0) ? text5.Substring(0, digitIndex) : text5);
try
{
switch ((text6 == "") ? CipherMode.NONE : ((CipherMode)Enums.GetEnumValue(typeof(CipherMode), text6)))
{
case CipherMode.CBC:
blockCipher = new CbcBlockCipher(blockCipher);
break;
case CipherMode.CCM:
aeadBlockCipher = new CcmBlockCipher(blockCipher);
break;
case CipherMode.CFB:
{
int bitBlockSize = ((digitIndex < 0) ? (8 * blockCipher.GetBlockSize()) : int.Parse(text5.Substring(digitIndex)));
blockCipher = new CfbBlockCipher(blockCipher, bitBlockSize);
break;
}
case CipherMode.CTR:
blockCipher = new SicBlockCipher(blockCipher);
break;
case CipherMode.CTS:
flag = true;
blockCipher = new CbcBlockCipher(blockCipher);
break;
case CipherMode.EAX:
aeadBlockCipher = new EaxBlockCipher(blockCipher);
break;
case CipherMode.GCM:
aeadBlockCipher = new GcmBlockCipher(blockCipher);
break;
case CipherMode.GOFB:
blockCipher = new GOfbBlockCipher(blockCipher);
break;
case CipherMode.OCB:
aeadBlockCipher = new OcbBlockCipher(blockCipher, CreateBlockCipher(cipherAlgorithm));
break;
case CipherMode.OFB:
{
int blockSize = ((digitIndex < 0) ? (8 * blockCipher.GetBlockSize()) : int.Parse(text5.Substring(digitIndex)));
blockCipher = new OfbBlockCipher(blockCipher, blockSize);
break;
}
case CipherMode.OPENPGPCFB:
blockCipher = new OpenPgpCfbBlockCipher(blockCipher);
break;
case CipherMode.SIC:
if (blockCipher.GetBlockSize() < 16)
{
throw new ArgumentException("Warning: SIC-Mode can become a twotime-pad if the blocksize of the cipher is too small. Use a cipher with a block size of at least 128 bits (e.g. AES)");
}
blockCipher = new SicBlockCipher(blockCipher);
break;
default:
throw new SecurityUtilityException("Cipher " + algorithm + " not recognised.");
case CipherMode.ECB:
case CipherMode.NONE:
break;
}
}
catch (ArgumentException)
{
throw new SecurityUtilityException("Cipher " + algorithm + " not recognised.");
}
}
if (aeadBlockCipher != null)
{
if (flag)
{
throw new SecurityUtilityException("CTS mode not valid for AEAD ciphers.");
}
if (flag2 && array.Length > 2 && array[2] != "")
{
throw new SecurityUtilityException("Bad padding specified for AEAD cipher.");
}
return(new BufferedAeadBlockCipher(aeadBlockCipher));
}
if (blockCipher != null)
{
if (flag)
{
return(new CtsBlockCipher(blockCipher));
}
if (blockCipherPadding != null)
{
return(new PaddedBufferedBlockCipher(blockCipher, blockCipherPadding));
}
if (!flag2 || blockCipher.IsPartialBlockOkay)
{
return(new BufferedBlockCipher(blockCipher));
}
return(new PaddedBufferedBlockCipher(blockCipher));
}
if (asymmetricBlockCipher != null)
{
return(new BufferedAsymmetricBlockCipher(asymmetricBlockCipher));
}
throw new SecurityUtilityException("Cipher " + algorithm + " not recognised.");
}
protected byte[] AES_CBC_MAC(CBORObject alg, byte[] K)
{
int cbitKey;
int cbitTag;
// Defaults to PKCS#7
IBlockCipher aes = new AesFastEngine();
KeyParameter ContentKey;
// The requirements from spec
// IV is 128 bits of zeros
// key sizes are 128, 192 and 256 bits
// Authentication tag sizes are 64 and 128 bits
byte[] IV = new byte[128 / 8];
Debug.Assert(alg.Type == CBORType.Number);
switch ((AlgorithmValuesInt)alg.AsInt32())
{
case AlgorithmValuesInt.AES_CBC_MAC_128_64:
cbitKey = 128;
cbitTag = 64;
break;
case AlgorithmValuesInt.AES_CBC_MAC_256_64:
cbitKey = 256;
cbitTag = 64;
break;
case AlgorithmValuesInt.AES_CBC_MAC_128_128:
cbitKey = 128;
cbitTag = 128;
break;
case AlgorithmValuesInt.AES_CBC_MAC_256_128:
cbitKey = 256;
cbitTag = 128;
break;
default:
throw new Exception("Unrecognized algorithm");
}
IMac mac = new CbcBlockCipherMac(aes, cbitTag, null);
if (K.Length != cbitKey / 8)
{
throw new CoseException("Key is incorrectly sized");
}
ContentKey = new KeyParameter(K);
// Build the text to be digested
mac.Init(ContentKey);
byte[] toDigest = BuildContentBytes();
byte[] C = new byte[128 / 8];
mac.BlockUpdate(toDigest, 0, toDigest.Length);
mac.DoFinal(C, 0);
byte[] rgbResult = new byte[cbitTag / 8];
Array.Copy(C, 0, rgbResult, 0, cbitTag / 8);
return(rgbResult);
}
public static IBufferedCipher GetCipher(
string algorithm)
{
if (algorithm == null)
{
throw new ArgumentNullException("algorithm");
}
algorithm = algorithm.ToUpper(CultureInfo.InvariantCulture);
string aliased = (string)algorithms[algorithm];
if (aliased != null)
{
algorithm = aliased;
}
IBasicAgreement iesAgreement = null;
if (algorithm == "IES")
{
iesAgreement = new DHBasicAgreement();
}
else if (algorithm == "ECIES")
{
iesAgreement = new ECDHBasicAgreement();
}
if (iesAgreement != null)
{
return(new BufferedIesCipher(
new IesEngine(
iesAgreement,
new Kdf2BytesGenerator(
new Sha1Digest()),
new HMac(
new Sha1Digest()))));
}
if (algorithm.StartsWith("PBE"))
{
switch (algorithm)
{
case "PBEWITHSHAAND2-KEYTRIPLEDES-CBC":
case "PBEWITHSHAAND3-KEYTRIPLEDES-CBC":
return(new PaddedBufferedBlockCipher(
new CbcBlockCipher(new DesEdeEngine())));
case "PBEWITHSHAAND128BITRC2-CBC":
case "PBEWITHSHAAND40BITRC2-CBC":
return(new PaddedBufferedBlockCipher(
new CbcBlockCipher(new RC2Engine())));
case "PBEWITHSHAAND128BITAES-CBC-BC":
case "PBEWITHSHAAND192BITAES-CBC-BC":
case "PBEWITHSHAAND256BITAES-CBC-BC":
case "PBEWITHSHA256AND128BITAES-CBC-BC":
case "PBEWITHSHA256AND192BITAES-CBC-BC":
case "PBEWITHSHA256AND256BITAES-CBC-BC":
case "PBEWITHMD5AND128BITAES-CBC-OPENSSL":
case "PBEWITHMD5AND192BITAES-CBC-OPENSSL":
case "PBEWITHMD5AND256BITAES-CBC-OPENSSL":
return(new PaddedBufferedBlockCipher(
new CbcBlockCipher(new AesFastEngine())));
case "PBEWITHSHA1ANDDES-CBC":
return(new PaddedBufferedBlockCipher(
new CbcBlockCipher(new DesEngine())));
case "PBEWITHSHA1ANDRC2-CBC":
return(new PaddedBufferedBlockCipher(
new CbcBlockCipher(new RC2Engine())));
}
}
string[] parts = algorithm.Split('/');
IBlockCipher blockCipher = null;
IAsymmetricBlockCipher asymBlockCipher = null;
IStreamCipher streamCipher = null;
switch (parts[0])
{
case "AES":
blockCipher = new AesFastEngine();
break;
case "ARC4":
streamCipher = new RC4Engine();
break;
case "BLOWFISH":
blockCipher = new BlowfishEngine();
break;
case "CAMELLIA":
blockCipher = new CamelliaEngine();
break;
case "CAST5":
blockCipher = new Cast5Engine();
break;
case "CAST6":
blockCipher = new Cast6Engine();
break;
case "DES":
blockCipher = new DesEngine();
break;
case "DESEDE":
blockCipher = new DesEdeEngine();
break;
case "ELGAMAL":
asymBlockCipher = new ElGamalEngine();
break;
case "GOST28147":
blockCipher = new Gost28147Engine();
break;
case "HC128":
streamCipher = new HC128Engine();
break;
case "HC256":
streamCipher = new HC256Engine();
break;
#if INCLUDE_IDEA
case "IDEA":
blockCipher = new IdeaEngine();
break;
#endif
case "NOEKEON":
blockCipher = new NoekeonEngine();
break;
case "PBEWITHSHAAND128BITRC4":
case "PBEWITHSHAAND40BITRC4":
streamCipher = new RC4Engine();
break;
case "RC2":
blockCipher = new RC2Engine();
break;
case "RC5":
blockCipher = new RC532Engine();
break;
case "RC5-64":
blockCipher = new RC564Engine();
break;
case "RC6":
blockCipher = new RC6Engine();
break;
case "RIJNDAEL":
blockCipher = new RijndaelEngine();
break;
case "RSA":
asymBlockCipher = new RsaBlindedEngine();
break;
case "SALSA20":
streamCipher = new Salsa20Engine();
break;
case "SEED":
blockCipher = new SeedEngine();
break;
case "SERPENT":
blockCipher = new SerpentEngine();
break;
case "SKIPJACK":
blockCipher = new SkipjackEngine();
break;
case "TEA":
blockCipher = new TeaEngine();
break;
case "TWOFISH":
blockCipher = new TwofishEngine();
break;
case "VMPC":
streamCipher = new VmpcEngine();
break;
case "VMPC-KSA3":
streamCipher = new VmpcKsa3Engine();
break;
case "XTEA":
blockCipher = new XteaEngine();
break;
default:
throw new SecurityUtilityException("Cipher " + algorithm + " not recognised.");
}
if (streamCipher != null)
{
if (parts.Length > 1)
{
throw new ArgumentException("Modes and paddings not used for stream ciphers");
}
return(new BufferedStreamCipher(streamCipher));
}
bool cts = false;
bool padded = true;
IBlockCipherPadding padding = null;
IAeadBlockCipher aeadBlockCipher = null;
if (parts.Length > 2)
{
if (streamCipher != null)
{
throw new ArgumentException("Paddings not used for stream ciphers");
}
switch (parts[2])
{
case "NOPADDING":
padded = false;
break;
case "":
case "RAW":
break;
case "ISO10126PADDING":
case "ISO10126D2PADDING":
case "ISO10126-2PADDING":
padding = new ISO10126d2Padding();
break;
case "ISO7816-4PADDING":
case "ISO9797-1PADDING":
padding = new ISO7816d4Padding();
break;
case "ISO9796-1":
case "ISO9796-1PADDING":
asymBlockCipher = new ISO9796d1Encoding(asymBlockCipher);
break;
case "OAEP":
case "OAEPPADDING":
asymBlockCipher = new OaepEncoding(asymBlockCipher);
break;
case "OAEPWITHMD5ANDMGF1PADDING":
asymBlockCipher = new OaepEncoding(asymBlockCipher, new MD5Digest());
break;
case "OAEPWITHSHA1ANDMGF1PADDING":
case "OAEPWITHSHA-1ANDMGF1PADDING":
asymBlockCipher = new OaepEncoding(asymBlockCipher, new Sha1Digest());
break;
case "OAEPWITHSHA224ANDMGF1PADDING":
case "OAEPWITHSHA-224ANDMGF1PADDING":
asymBlockCipher = new OaepEncoding(asymBlockCipher, new Sha224Digest());
break;
case "OAEPWITHSHA256ANDMGF1PADDING":
case "OAEPWITHSHA-256ANDMGF1PADDING":
asymBlockCipher = new OaepEncoding(asymBlockCipher, new Sha256Digest());
break;
case "OAEPWITHSHA384ANDMGF1PADDING":
case "OAEPWITHSHA-384ANDMGF1PADDING":
asymBlockCipher = new OaepEncoding(asymBlockCipher, new Sha384Digest());
break;
case "OAEPWITHSHA512ANDMGF1PADDING":
case "OAEPWITHSHA-512ANDMGF1PADDING":
asymBlockCipher = new OaepEncoding(asymBlockCipher, new Sha512Digest());
break;
case "PKCS1":
case "PKCS1PADDING":
asymBlockCipher = new Pkcs1Encoding(asymBlockCipher);
break;
case "PKCS5":
case "PKCS5PADDING":
case "PKCS7":
case "PKCS7PADDING":
// NB: Padding defaults to Pkcs7Padding already
break;
case "TBCPADDING":
padding = new TbcPadding();
break;
case "WITHCTS":
cts = true;
break;
case "X9.23PADDING":
case "X923PADDING":
padding = new X923Padding();
break;
case "ZEROBYTEPADDING":
padding = new ZeroBytePadding();
break;
default:
throw new SecurityUtilityException("Cipher " + algorithm + " not recognised.");
}
}
string mode = "";
if (parts.Length > 1)
{
mode = parts[1];
int di = GetDigitIndex(mode);
string modeName = di >= 0 ? mode.Substring(0, di) : mode;
switch (modeName)
{
case "":
case "ECB":
case "NONE":
break;
case "CBC":
blockCipher = new CbcBlockCipher(blockCipher);
break;
case "CCM":
aeadBlockCipher = new CcmBlockCipher(blockCipher);
break;
case "CFB":
{
int bits = (di < 0)
? 8 * blockCipher.GetBlockSize()
: int.Parse(mode.Substring(di));
blockCipher = new CfbBlockCipher(blockCipher, bits);
break;
}
case "CTR":
blockCipher = new SicBlockCipher(blockCipher);
break;
case "CTS":
cts = true;
blockCipher = new CbcBlockCipher(blockCipher);
break;
case "EAX":
aeadBlockCipher = new EaxBlockCipher(blockCipher);
break;
case "GCM":
aeadBlockCipher = new GcmBlockCipher(blockCipher);
break;
case "GOFB":
blockCipher = new GOfbBlockCipher(blockCipher);
break;
case "OFB":
{
int bits = (di < 0)
? 8 * blockCipher.GetBlockSize()
: int.Parse(mode.Substring(di));
blockCipher = new OfbBlockCipher(blockCipher, bits);
break;
}
case "OPENPGPCFB":
blockCipher = new OpenPgpCfbBlockCipher(blockCipher);
break;
case "SIC":
if (blockCipher.GetBlockSize() < 16)
{
throw new ArgumentException("Warning: SIC-Mode can become a twotime-pad if the blocksize of the cipher is too small. Use a cipher with a block size of at least 128 bits (e.g. AES)");
}
blockCipher = new SicBlockCipher(blockCipher);
break;
default:
throw new SecurityUtilityException("Cipher " + algorithm + " not recognised.");
}
}
if (aeadBlockCipher != null)
{
if (cts)
{
throw new SecurityUtilityException("CTS mode not valid for AEAD ciphers.");
}
if (padded && parts.Length > 1 && parts[2] != "")
{
throw new SecurityUtilityException("Bad padding specified for AEAD cipher.");
}
return(new BufferedAeadBlockCipher(aeadBlockCipher));
}
if (blockCipher != null)
{
if (cts)
{
return(new CtsBlockCipher(blockCipher));
}
if (!padded || blockCipher.IsPartialBlockOkay)
{
return(new BufferedBlockCipher(blockCipher));
}
if (padding != null)
{
return(new PaddedBufferedBlockCipher(blockCipher, padding));
}
return(new PaddedBufferedBlockCipher(blockCipher));
}
if (asymBlockCipher != null)
{
return(new BufferedAsymmetricBlockCipher(asymBlockCipher));
}
throw new SecurityUtilityException("Cipher " + algorithm + " not recognised.");
}
public override void PerformTest()
{
IBlockCipher cipher = new AesFastEngine();
IMac mac = new CMac(cipher, 128);
//128 bytes key
KeyParameter key = new KeyParameter(keyBytes128);
// 0 bytes message - 128 bytes key
mac.Init(key);
mac.BlockUpdate(input0, 0, input0.Length);
byte[] outBytes = new byte[16];
mac.DoFinal(outBytes, 0);
if (!AreEqual(outBytes, output_k128_m0))
{
Fail("Failed - expected "
+ Hex.ToHexString(output_k128_m0) + " got "
+ Hex.ToHexString(outBytes));
}
// 16 bytes message - 128 bytes key
mac.Init(key);
mac.BlockUpdate(input16, 0, input16.Length);
outBytes = new byte[16];
mac.DoFinal(outBytes, 0);
if (!AreEqual(outBytes, output_k128_m16))
{
Fail("Failed - expected "
+ Hex.ToHexString(output_k128_m16) + " got "
+ Hex.ToHexString(outBytes));
}
// 40 bytes message - 128 bytes key
mac.Init(key);
mac.BlockUpdate(input40, 0, input40.Length);
outBytes = new byte[16];
mac.DoFinal(outBytes, 0);
if (!AreEqual(outBytes, output_k128_m40))
{
Fail("Failed - expected "
+ Hex.ToHexString(output_k128_m40) + " got "
+ Hex.ToHexString(outBytes));
}
// 64 bytes message - 128 bytes key
mac.Init(key);
mac.BlockUpdate(input64, 0, input64.Length);
outBytes = new byte[16];
mac.DoFinal(outBytes, 0);
if (!AreEqual(outBytes, output_k128_m64))
{
Fail("Failed - expected "
+ Hex.ToHexString(output_k128_m64) + " got "
+ Hex.ToHexString(outBytes));
}
//192 bytes key
key = new KeyParameter(keyBytes192);
// 0 bytes message - 192 bytes key
mac.Init(key);
mac.BlockUpdate(input0, 0, input0.Length);
outBytes = new byte[16];
mac.DoFinal(outBytes, 0);
if (!AreEqual(outBytes, output_k192_m0))
{
Fail("Failed - expected "
+ Hex.ToHexString(output_k192_m0) + " got "
+ Hex.ToHexString(outBytes));
}
// 16 bytes message - 192 bytes key
mac.Init(key);
mac.BlockUpdate(input16, 0, input16.Length);
outBytes = new byte[16];
mac.DoFinal(outBytes, 0);
if (!AreEqual(outBytes, output_k192_m16))
{
Fail("Failed - expected "
+ Hex.ToHexString(output_k192_m16) + " got "
+ Hex.ToHexString(outBytes));
}
// 40 bytes message - 192 bytes key
mac.Init(key);
mac.BlockUpdate(input40, 0, input40.Length);
outBytes = new byte[16];
mac.DoFinal(outBytes, 0);
if (!AreEqual(outBytes, output_k192_m40))
{
Fail("Failed - expected "
+ Hex.ToHexString(output_k192_m40) + " got "
+ Hex.ToHexString(outBytes));
}
// 64 bytes message - 192 bytes key
mac.Init(key);
mac.BlockUpdate(input64, 0, input64.Length);
outBytes = new byte[16];
mac.DoFinal(outBytes, 0);
if (!AreEqual(outBytes, output_k192_m64))
{
Fail("Failed - expected "
+ Hex.ToHexString(output_k192_m64) + " got "
+ Hex.ToHexString(outBytes));
}
//256 bytes key
key = new KeyParameter(keyBytes256);
// 0 bytes message - 256 bytes key
mac.Init(key);
mac.BlockUpdate(input0, 0, input0.Length);
outBytes = new byte[16];
mac.DoFinal(outBytes, 0);
if (!AreEqual(outBytes, output_k256_m0))
{
Fail("Failed - expected "
+ Hex.ToHexString(output_k256_m0) + " got "
+ Hex.ToHexString(outBytes));
}
// 16 bytes message - 256 bytes key
mac.Init(key);
mac.BlockUpdate(input16, 0, input16.Length);
outBytes = new byte[16];
mac.DoFinal(outBytes, 0);
if (!AreEqual(outBytes, output_k256_m16))
{
Fail("Failed - expected "
+ Hex.ToHexString(output_k256_m16) + " got "
+ Hex.ToHexString(outBytes));
}
// 40 bytes message - 256 bytes key
mac.Init(key);
mac.BlockUpdate(input40, 0, input40.Length);
outBytes = new byte[16];
mac.DoFinal(outBytes, 0);
if (!AreEqual(outBytes, output_k256_m40))
{
Fail("Failed - expected "
+ Hex.ToHexString(output_k256_m40) + " got "
+ Hex.ToHexString(outBytes));
}
// 64 bytes message - 256 bytes key
mac.Init(key);
mac.BlockUpdate(input64, 0, input64.Length);
outBytes = new byte[16];
mac.DoFinal(outBytes, 0);
if (!AreEqual(outBytes, output_k256_m64))
{
Fail("Failed - expected "
+ Hex.ToHexString(output_k256_m64) + " got "
+ Hex.ToHexString(outBytes));
}
}
public static IBufferedCipher GetCipher(
string algorithm)
{
if (algorithm == null)
{
throw new ArgumentNullException("algorithm");
}
algorithm = Platform.ToUpperInvariant(algorithm);
{
string aliased = (string)algorithms[algorithm];
if (aliased != null)
{
algorithm = aliased;
}
}
IBasicAgreement iesAgreement = null;
if (algorithm == "IES")
{
iesAgreement = new DHBasicAgreement();
}
else if (algorithm == "ECIES")
{
iesAgreement = new ECDHBasicAgreement();
}
if (iesAgreement != null)
{
return(new BufferedIesCipher(
new IesEngine(
iesAgreement,
new Kdf2BytesGenerator(
new Sha1Digest()),
new HMac(
new Sha1Digest()))));
}
if (Platform.StartsWith(algorithm, "PBE"))
{
if (Platform.EndsWith(algorithm, "-CBC"))
{
if (algorithm == "PBEWITHSHA1ANDDES-CBC")
{
return(new PaddedBufferedBlockCipher(
new CbcBlockCipher(new DesEngine())));
}
else if (algorithm == "PBEWITHSHA1ANDRC2-CBC")
{
return(new PaddedBufferedBlockCipher(
new CbcBlockCipher(new RC2Engine())));
}
else if (Strings.IsOneOf(algorithm,
"PBEWITHSHAAND2-KEYTRIPLEDES-CBC", "PBEWITHSHAAND3-KEYTRIPLEDES-CBC"))
{
return(new PaddedBufferedBlockCipher(
new CbcBlockCipher(new DesEdeEngine())));
}
else if (Strings.IsOneOf(algorithm,
"PBEWITHSHAAND128BITRC2-CBC", "PBEWITHSHAAND40BITRC2-CBC"))
{
return(new PaddedBufferedBlockCipher(
new CbcBlockCipher(new RC2Engine())));
}
}
else if (Platform.EndsWith(algorithm, "-BC") || Platform.EndsWith(algorithm, "-OPENSSL"))
{
if (Strings.IsOneOf(algorithm,
"PBEWITHSHAAND128BITAES-CBC-BC",
"PBEWITHSHAAND192BITAES-CBC-BC",
"PBEWITHSHAAND256BITAES-CBC-BC",
"PBEWITHSHA256AND128BITAES-CBC-BC",
"PBEWITHSHA256AND192BITAES-CBC-BC",
"PBEWITHSHA256AND256BITAES-CBC-BC",
"PBEWITHMD5AND128BITAES-CBC-OPENSSL",
"PBEWITHMD5AND192BITAES-CBC-OPENSSL",
"PBEWITHMD5AND256BITAES-CBC-OPENSSL"))
{
return(new PaddedBufferedBlockCipher(
new CbcBlockCipher(new AesFastEngine())));
}
}
}
string[] parts = algorithm.Split('/');
IBlockCipher blockCipher = null;
IAsymmetricBlockCipher asymBlockCipher = null;
IStreamCipher streamCipher = null;
string algorithmName = parts[0];
{
string aliased = (string)algorithms[algorithmName];
if (aliased != null)
{
algorithmName = aliased;
}
}
CipherAlgorithm cipherAlgorithm;
try
{
cipherAlgorithm = (CipherAlgorithm)Enums.GetEnumValue(typeof(CipherAlgorithm), algorithmName);
}
catch (ArgumentException)
{
throw new SecurityUtilityException("Cipher " + algorithm + " not recognised.");
}
switch (cipherAlgorithm)
{
case CipherAlgorithm.AES:
blockCipher = new AesFastEngine();
break;
case CipherAlgorithm.ARC4:
streamCipher = new RC4Engine();
break;
case CipherAlgorithm.BLOWFISH:
blockCipher = new BlowfishEngine();
break;
case CipherAlgorithm.CAMELLIA:
blockCipher = new CamelliaEngine();
break;
case CipherAlgorithm.CAST5:
blockCipher = new Cast5Engine();
break;
case CipherAlgorithm.CAST6:
blockCipher = new Cast6Engine();
break;
case CipherAlgorithm.DES:
blockCipher = new DesEngine();
break;
case CipherAlgorithm.DESEDE:
blockCipher = new DesEdeEngine();
break;
case CipherAlgorithm.ELGAMAL:
asymBlockCipher = new ElGamalEngine();
break;
case CipherAlgorithm.GOST28147:
blockCipher = new Gost28147Engine();
break;
case CipherAlgorithm.HC128:
streamCipher = new HC128Engine();
break;
case CipherAlgorithm.HC256:
streamCipher = new HC256Engine();
break;
case CipherAlgorithm.IDEA:
blockCipher = new IdeaEngine();
break;
case CipherAlgorithm.NOEKEON:
blockCipher = new NoekeonEngine();
break;
case CipherAlgorithm.PBEWITHSHAAND128BITRC4:
case CipherAlgorithm.PBEWITHSHAAND40BITRC4:
streamCipher = new RC4Engine();
break;
case CipherAlgorithm.RC2:
blockCipher = new RC2Engine();
break;
case CipherAlgorithm.RC5:
blockCipher = new RC532Engine();
break;
case CipherAlgorithm.RC5_64:
blockCipher = new RC564Engine();
break;
case CipherAlgorithm.RC6:
blockCipher = new RC6Engine();
break;
case CipherAlgorithm.RIJNDAEL:
blockCipher = new RijndaelEngine();
break;
case CipherAlgorithm.RSA:
asymBlockCipher = new RsaBlindedEngine();
break;
case CipherAlgorithm.SALSA20:
streamCipher = new Salsa20Engine();
break;
case CipherAlgorithm.SEED:
blockCipher = new SeedEngine();
break;
case CipherAlgorithm.SERPENT:
blockCipher = new SerpentEngine();
break;
case CipherAlgorithm.SKIPJACK:
blockCipher = new SkipjackEngine();
break;
case CipherAlgorithm.TEA:
blockCipher = new TeaEngine();
break;
case CipherAlgorithm.THREEFISH_256:
blockCipher = new ThreefishEngine(ThreefishEngine.BLOCKSIZE_256);
break;
case CipherAlgorithm.THREEFISH_512:
blockCipher = new ThreefishEngine(ThreefishEngine.BLOCKSIZE_512);
break;
case CipherAlgorithm.THREEFISH_1024:
blockCipher = new ThreefishEngine(ThreefishEngine.BLOCKSIZE_1024);
break;
case CipherAlgorithm.TNEPRES:
blockCipher = new TnepresEngine();
break;
case CipherAlgorithm.TWOFISH:
blockCipher = new TwofishEngine();
break;
case CipherAlgorithm.VMPC:
streamCipher = new VmpcEngine();
break;
case CipherAlgorithm.VMPC_KSA3:
streamCipher = new VmpcKsa3Engine();
break;
case CipherAlgorithm.XTEA:
blockCipher = new XteaEngine();
break;
default:
throw new SecurityUtilityException("Cipher " + algorithm + " not recognised.");
}
if (streamCipher != null)
{
if (parts.Length > 1)
{
throw new ArgumentException("Modes and paddings not used for stream ciphers");
}
return(new BufferedStreamCipher(streamCipher));
}
bool cts = false;
bool padded = true;
IBlockCipherPadding padding = null;
IAeadBlockCipher aeadBlockCipher = null;
if (parts.Length > 2)
{
if (streamCipher != null)
{
throw new ArgumentException("Paddings not used for stream ciphers");
}
string paddingName = parts[2];
CipherPadding cipherPadding;
if (paddingName == "")
{
cipherPadding = CipherPadding.RAW;
}
else if (paddingName == "X9.23PADDING")
{
cipherPadding = CipherPadding.X923PADDING;
}
else
{
try
{
cipherPadding = (CipherPadding)Enums.GetEnumValue(typeof(CipherPadding), paddingName);
}
catch (ArgumentException)
{
throw new SecurityUtilityException("Cipher " + algorithm + " not recognised.");
}
}
switch (cipherPadding)
{
case CipherPadding.NOPADDING:
padded = false;
break;
case CipherPadding.RAW:
break;
case CipherPadding.ISO10126PADDING:
case CipherPadding.ISO10126D2PADDING:
case CipherPadding.ISO10126_2PADDING:
padding = new ISO10126d2Padding();
break;
case CipherPadding.ISO7816_4PADDING:
case CipherPadding.ISO9797_1PADDING:
padding = new ISO7816d4Padding();
break;
case CipherPadding.ISO9796_1:
case CipherPadding.ISO9796_1PADDING:
asymBlockCipher = new ISO9796d1Encoding(asymBlockCipher);
break;
case CipherPadding.OAEP:
case CipherPadding.OAEPPADDING:
asymBlockCipher = new OaepEncoding(asymBlockCipher);
break;
case CipherPadding.OAEPWITHMD5ANDMGF1PADDING:
asymBlockCipher = new OaepEncoding(asymBlockCipher, new MD5Digest());
break;
case CipherPadding.OAEPWITHSHA1ANDMGF1PADDING:
case CipherPadding.OAEPWITHSHA_1ANDMGF1PADDING:
asymBlockCipher = new OaepEncoding(asymBlockCipher, new Sha1Digest());
break;
case CipherPadding.OAEPWITHSHA224ANDMGF1PADDING:
case CipherPadding.OAEPWITHSHA_224ANDMGF1PADDING:
asymBlockCipher = new OaepEncoding(asymBlockCipher, new Sha224Digest());
break;
case CipherPadding.OAEPWITHSHA256ANDMGF1PADDING:
case CipherPadding.OAEPWITHSHA_256ANDMGF1PADDING:
asymBlockCipher = new OaepEncoding(asymBlockCipher, new Sha256Digest());
break;
case CipherPadding.OAEPWITHSHA384ANDMGF1PADDING:
case CipherPadding.OAEPWITHSHA_384ANDMGF1PADDING:
asymBlockCipher = new OaepEncoding(asymBlockCipher, new Sha384Digest());
break;
case CipherPadding.OAEPWITHSHA512ANDMGF1PADDING:
case CipherPadding.OAEPWITHSHA_512ANDMGF1PADDING:
asymBlockCipher = new OaepEncoding(asymBlockCipher, new Sha512Digest());
break;
case CipherPadding.PKCS1:
case CipherPadding.PKCS1PADDING:
asymBlockCipher = new Pkcs1Encoding(asymBlockCipher);
break;
case CipherPadding.PKCS5:
case CipherPadding.PKCS5PADDING:
case CipherPadding.PKCS7:
case CipherPadding.PKCS7PADDING:
padding = new Pkcs7Padding();
break;
case CipherPadding.TBCPADDING:
padding = new TbcPadding();
break;
case CipherPadding.WITHCTS:
cts = true;
break;
case CipherPadding.X923PADDING:
padding = new X923Padding();
break;
case CipherPadding.ZEROBYTEPADDING:
padding = new ZeroBytePadding();
break;
default:
throw new SecurityUtilityException("Cipher " + algorithm + " not recognised.");
}
}
string mode = "";
if (parts.Length > 1)
{
mode = parts[1];
int di = GetDigitIndex(mode);
string modeName = di >= 0 ? mode.Substring(0, di) : mode;
try
{
CipherMode cipherMode = modeName == ""
? CipherMode.NONE
: (CipherMode)Enums.GetEnumValue(typeof(CipherMode), modeName);
switch (cipherMode)
{
case CipherMode.ECB:
case CipherMode.NONE:
break;
case CipherMode.CBC:
blockCipher = new CbcBlockCipher(blockCipher);
break;
case CipherMode.CCM:
aeadBlockCipher = new CcmBlockCipher(blockCipher);
break;
case CipherMode.CFB:
{
int bits = (di < 0)
? 8 * blockCipher.GetBlockSize()
: int.Parse(mode.Substring(di));
blockCipher = new CfbBlockCipher(blockCipher, bits);
break;
}
case CipherMode.CTR:
blockCipher = new SicBlockCipher(blockCipher);
break;
case CipherMode.CTS:
cts = true;
blockCipher = new CbcBlockCipher(blockCipher);
break;
case CipherMode.EAX:
aeadBlockCipher = new EaxBlockCipher(blockCipher);
break;
case CipherMode.GCM:
aeadBlockCipher = new GcmBlockCipher(blockCipher);
break;
case CipherMode.GOFB:
blockCipher = new GOfbBlockCipher(blockCipher);
break;
case CipherMode.OCB:
aeadBlockCipher = new OcbBlockCipher(blockCipher, CreateBlockCipher(cipherAlgorithm));
break;
case CipherMode.OFB:
{
int bits = (di < 0)
? 8 * blockCipher.GetBlockSize()
: int.Parse(mode.Substring(di));
blockCipher = new OfbBlockCipher(blockCipher, bits);
break;
}
case CipherMode.OPENPGPCFB:
blockCipher = new OpenPgpCfbBlockCipher(blockCipher);
break;
case CipherMode.SIC:
if (blockCipher.GetBlockSize() < 16)
{
throw new ArgumentException("Warning: SIC-Mode can become a twotime-pad if the blocksize of the cipher is too small. Use a cipher with a block size of at least 128 bits (e.g. AES)");
}
blockCipher = new SicBlockCipher(blockCipher);
break;
default:
throw new SecurityUtilityException("Cipher " + algorithm + " not recognised.");
}
}
catch (ArgumentException)
{
throw new SecurityUtilityException("Cipher " + algorithm + " not recognised.");
}
}
if (aeadBlockCipher != null)
{
if (cts)
{
throw new SecurityUtilityException("CTS mode not valid for AEAD ciphers.");
}
if (padded && parts.Length > 2 && parts[2] != "")
{
throw new SecurityUtilityException("Bad padding specified for AEAD cipher.");
}
return(new BufferedAeadBlockCipher(aeadBlockCipher));
}
if (blockCipher != null)
{
if (cts)
{
return(new CtsBlockCipher(blockCipher));
}
if (padding != null)
{
return(new PaddedBufferedBlockCipher(blockCipher, padding));
}
if (!padded || blockCipher.IsPartialBlockOkay)
{
return(new BufferedBlockCipher(blockCipher));
}
return(new PaddedBufferedBlockCipher(blockCipher));
}
if (asymBlockCipher != null)
{
return(new BufferedAsymmetricBlockCipher(asymBlockCipher));
}
throw new SecurityUtilityException("Cipher " + algorithm + " not recognised.");
}
/// <summary>
/// Creates a new instance of the mabi cipher
/// </summary>
/// <param name="forEncryption">True if the cipher will be used to encrypt data, false otherwise</param>
/// <param name="key">The key, in little endian form</param>
public MabiAesEngine(bool forEncryption, byte[] key)
{
_aesEngine = new AesFastEngine();
_aesEngine.Init(forEncryption, key);
}