Esempio n. 1
0
        public void ReferenceData(
            string nonce,
            string associatedData,
            string plainText,
            string cipherText,
            string tag)
        {
            var aesOcb = new AesOcb(Convert.FromHexString("000102030405060708090A0B0C0D0E0F"));

            byte[] plainTextBytes  = Convert.FromHexString(plainText);
            byte[] cipherTextBytes = new byte[plainTextBytes.Length];
            byte[] tagBytes        = new byte[16];

            aesOcb.Encrypt(
                Convert.FromHexString(nonce),
                plainTextBytes,
                cipherTextBytes,
                tagBytes,
                Convert.FromHexString(associatedData));

            Assert.AreEqual(cipherText, Convert.ToHexString(cipherTextBytes));
            Assert.AreEqual(tag, Convert.ToHexString(tagBytes));

            cipherTextBytes = Convert.FromHexString(cipherText);
            plainTextBytes  = new byte[cipherTextBytes.Length];
            aesOcb.Decrypt(
                Convert.FromHexString(nonce),
                cipherTextBytes,
                Convert.FromHexString(tag),
                plainTextBytes,
                Convert.FromHexString(associatedData));

            Assert.AreEqual(plainText, Convert.ToHexString(plainTextBytes));
        }
Esempio n. 2
0
        private static byte[] GetDValue(SXprReader reader, KeyPacket publicKey, byte[] rawPassPhrase, string curveName)
        {
            string type;

            reader.SkipOpenParenthesis();

            string protection;
            string?protectedAt = null;
            S2k    s2k;

            byte[] iv;
            byte[] secKeyData;

            type = reader.ReadString();
            if (type.Equals("protected", StringComparison.Ordinal))
            {
                protection = reader.ReadString();

                reader.SkipOpenParenthesis();

                s2k = reader.ParseS2k();

                iv = reader.ReadBytes();

                reader.SkipCloseParenthesis();

                secKeyData = reader.ReadBytes();

                reader.SkipCloseParenthesis();

                reader.SkipOpenParenthesis();

                if (reader.ReadString().Equals("protected-at", StringComparison.Ordinal))
                {
                    protectedAt = reader.ReadString();
                }
            }
            else
            {
                throw new PgpException("protected block not found");
            }

            byte[] data;

            switch (protection)
            {
            case "openpgp-s2k3-sha1-aes256-cbc":
            case "openpgp-s2k3-sha1-aes-cbc":
                PgpSymmetricKeyAlgorithm symmAlg =
                    protection.Equals("openpgp-s2k3-sha1-aes256-cbc", StringComparison.Ordinal) ?
                    PgpSymmetricKeyAlgorithm.Aes256 :
                    PgpSymmetricKeyAlgorithm.Aes128;
                using (var c = PgpUtilities.GetSymmetricAlgorithm(symmAlg))
                {
                    var keyBytes = new byte[c.KeySize / 8];
                    S2kBasedEncryption.MakeKey(rawPassPhrase, PgpHashAlgorithm.Sha1, s2k.GetIV(), s2k.IterationCount, keyBytes);
                    c.Key  = keyBytes;
                    c.IV   = iv;
                    c.Mode = CipherMode.CBC;
                    using var decryptor = new ZeroPaddedCryptoTransform(c.CreateDecryptor());
                    data = decryptor.TransformFinalBlock(secKeyData, 0, secKeyData.Length);
                    // TODO: check SHA-1 hash.
                }
                break;

            case "openpgp-s2k3-ocb-aes":
            {
                MemoryStream aad = new MemoryStream();
                WriteSExprPublicKey(new SXprWriter(aad), publicKey, curveName, protectedAt);
                var keyBytes = new byte[16];
                S2kBasedEncryption.MakeKey(rawPassPhrase, PgpHashAlgorithm.Sha1, s2k.GetIV(), s2k.IterationCount, keyBytes);
                using var aesOcb = new AesOcb(keyBytes);
                data             = new byte[secKeyData.Length - 16];
                aesOcb.Decrypt(iv, secKeyData.AsSpan(0, secKeyData.Length - 16), secKeyData.AsSpan(secKeyData.Length - 16), data, aad.ToArray());
            }
            break;

            case "openpgp-native":
            default:
                throw new PgpException(protection + " key format is not supported yet");
            }

            //
            // parse the secret key S-expr
            //
            Stream keyIn = new MemoryStream(data, false);

            reader = new SXprReader(keyIn);
            reader.SkipOpenParenthesis();
            reader.SkipOpenParenthesis();
            reader.SkipOpenParenthesis();
            String name = reader.ReadString();

            return(reader.ReadBytes());
        }