private static byte[] Decrypt(AesSettings aesSettings, byte[] input)
{
// Generate a decryptor from the existing key bytes and initialization
// vector. Key size will be defined based on the number of key bytes.
var symmetricKey = new RijndaelManaged {
Mode = CipherMode.CBC
};
using (var decryptor = symmetricKey.CreateDecryptor(aesSettings.KeyBytes, aesSettings.InitVectorBytes))
{
using (var memoryStream = new MemoryStream(input, 0, input.Length))
{
using (var cryptoStream = new CryptoStream(memoryStream, decryptor, CryptoStreamMode.Read))
{
// Since at this point we don't know what the size of decrypted data
// will be, allocate the buffer long enough to hold the source bytes.
// The source bytes will never be longer than the decrypted bytes.
var decryptedBytes = new byte[input.Length];
var decryptedByteCount = cryptoStream.Read(decryptedBytes, 0, decryptedBytes.Length);
var result = new byte[decryptedByteCount];
Array.Copy(decryptedBytes, result, decryptedByteCount);
return(result);
}
}
}
}
public Crypto()
{
var thumbprint = ConfigLoader.Get <CryptographicServiceThumbprintConfig>().ThumbPrint;
_enabled = !string.IsNullOrWhiteSpace(thumbprint);
if (!_enabled)
{
return;
}
var cert = GetCertificate(thumbprint);
var config = ConfigLoader.Get <CryptographicServiceConfig>();
var dict = new Dictionary <string, string>(StringComparer.InvariantCultureIgnoreCase)
{
{ "key", config.AesKey },
{ "initVector", config.AesInitVector },
{ "salt", config.AesSalt }
};
dict.Keys.ToList().ForEach(key => { dict[key] = Decrypt(cert, dict[key]); });
_aesSettings = new AesSettings(dict["key"], dict["initVector"], dict["salt"]);
}
public IEncryptorFactory CreateFactory(EncryptModeEnum mode, byte[] aad = null)
{
var settings = AesSettings.GetEnumerator();
switch (mode)
{
case EncryptModeEnum.ECB:
return(new EcbEncryptorFactory(settings.FirstOrDefault(s => EncryptModeEnum.ECB.Equals(s.Mode))));
case EncryptModeEnum.CBC:
return(new CbcEncryptorFactory(settings.FirstOrDefault(s => EncryptModeEnum.CBC.Equals(s.Mode))));
case EncryptModeEnum.CTR:
return(new CtrEncryptorFactory(settings.FirstOrDefault(s => EncryptModeEnum.CTR.Equals(s.Mode))));
case EncryptModeEnum.GCM:
return(new GcmEncryptorFactory(settings.FirstOrDefault(s => EncryptModeEnum.GCM.Equals(s.Mode)), aad));
default:
throw new ArgumentOutOfRangeException($"Invalid Mode {mode}");
}
}
private static byte[] Encrypt(AesSettings aesSettings, byte[] input)
{
// Generate a decryptor from the existing key bytes and initialization
// vector. Key size will be defined based on the number of key bytes.
var symmetricKey = new RijndaelManaged {
Mode = CipherMode.CBC
};
using (var encryptor = symmetricKey.CreateEncryptor(aesSettings.KeyBytes, aesSettings.InitVectorBytes))
{
using (var memoryStream = new MemoryStream())
{
using (var cryptoStream = new CryptoStream(memoryStream, encryptor, CryptoStreamMode.Write))
{
cryptoStream.Write(input, 0, input.Length);
cryptoStream.FlushFinalBlock();
var encryptedBytes = memoryStream.ToArray();
return(encryptedBytes);
}
}
}
}
public Crypto()
{
var thumbprint = ConfigLoader.Get<CryptographicServiceThumbprintConfig>().ThumbPrint;
_enabled = !string.IsNullOrWhiteSpace(thumbprint);
if (!_enabled)
return;
var cert = GetCertificate(thumbprint);
var config = ConfigLoader.Get<CryptographicServiceConfig>();
var dict = new Dictionary<string, string>(StringComparer.InvariantCultureIgnoreCase)
{
{"key", config.AesKey},
{"initVector", config.AesInitVector},
{"salt", config.AesSalt}
};
dict.Keys.ToList().ForEach(key => { dict[key] = Decrypt(cert, dict[key]); });
_aesSettings = new AesSettings(dict["key"], dict["initVector"], dict["salt"]);
}
public CtrEncryptorFactory(AesSettings settings)
{
Settings = settings;
}
private static byte[] Decrypt(AesSettings aesSettings, byte[] input)
{
// Generate a decryptor from the existing key bytes and initialization
// vector. Key size will be defined based on the number of key bytes.
var symmetricKey = new RijndaelManaged {Mode = CipherMode.CBC};
using (var decryptor = symmetricKey.CreateDecryptor(aesSettings.KeyBytes, aesSettings.InitVectorBytes))
{
using (var memoryStream = new MemoryStream(input, 0, input.Length))
{
using (var cryptoStream = new CryptoStream(memoryStream, decryptor, CryptoStreamMode.Read))
{
// Since at this point we don't know what the size of decrypted data
// will be, allocate the buffer long enough to hold the source bytes.
// The source bytes will never be longer than the decrypted bytes.
var decryptedBytes = new byte[input.Length];
var decryptedByteCount = cryptoStream.Read(decryptedBytes, 0, decryptedBytes.Length);
var result = new byte[decryptedByteCount];
Array.Copy(decryptedBytes, result, decryptedByteCount);
return result;
}
}
}
}
private static byte[] Encrypt(AesSettings aesSettings, byte[] input)
{
// Generate a decryptor from the existing key bytes and initialization
// vector. Key size will be defined based on the number of key bytes.
var symmetricKey = new RijndaelManaged {Mode = CipherMode.CBC};
using (var encryptor = symmetricKey.CreateEncryptor(aesSettings.KeyBytes, aesSettings.InitVectorBytes))
{
using (var memoryStream = new MemoryStream())
{
using (var cryptoStream = new CryptoStream(memoryStream, encryptor, CryptoStreamMode.Write))
{
cryptoStream.Write(input, 0, input.Length);
cryptoStream.FlushFinalBlock();
var encryptedBytes = memoryStream.ToArray();
return encryptedBytes;
}
}
}
}
public GcmEncryptorFactory(AesSettings settings, byte[] aad)
{
Settings = settings;
Aad = aad;
}
