public void TestFullEndToEndEncryptDecrypt() { string certPath = MasterCard.Core.Util.GetCurrenyAssemblyPath() + "\\Test\\certificate.p12"; X509Certificate2 cert = new X509Certificate2(certPath, "", X509KeyStorageFlags.Exportable); var publicKey = cert.GetRSAPublicKey() as RSACng; var privateKey = cert.GetRSAPrivateKey() as RSACng; String data = "*****@*****.**"; Tuple <byte[], byte[], byte[]> aesResult = CryptUtil.EncryptAES(Encoding.UTF8.GetBytes(data), 128, CipherMode.CBC, PaddingMode.PKCS7); byte[] ivBytes = aesResult.Item1; // 5) generate AES SecretKey byte[] secretKeyBytes = aesResult.Item2; // 6) encrypt payload byte[] encryptedDataBytes = aesResult.Item3; byte[] encryptedSecretKey = CryptUtil.EncrytptRSA(secretKeyBytes, publicKey, RSAEncryptionPadding.OaepSHA256); byte[] decryptedSecretKey = CryptUtil.DecryptRSA(encryptedSecretKey, privateKey, RSAEncryptionPadding.OaepSHA256); byte[] decryptedDataBytes = CryptUtil.DecryptAES(ivBytes, decryptedSecretKey, encryptedDataBytes, 128, CipherMode.CBC, PaddingMode.PKCS7); String dataOut = System.Text.Encoding.UTF8.GetString(decryptedDataBytes); Assert.AreEqual(data, dataOut); }
public Dictionary <String, Object> Decrypt(IDictionary <String, Object> map) { if (map.ContainsKey("token")) { // 1) extract the encryptedData from map IDictionary <String, Object> tokenMap = (IDictionary <String, Object>)map["token"]; if (tokenMap.ContainsKey("") && tokenMap.ContainsKey("")) { //need to read the key String encryptedKey = (String)tokenMap["encryptedKey"]; byte[] encryptedKeyByteArray = CryptUtil.HexDecode(encryptedKey); //need to decryt with RSA byte[] decryptedKeyByteArray = CryptUtil.DecryptRSA(encryptedKeyByteArray, this.privateKey); //need to read the iv String ivString = (String)tokenMap["iv"]; byte[] ivByteArray = CryptUtil.HexDecode(ivString); //need to decrypt the data String encryptedData = (String)tokenMap["encryptedData"]; byte[] encryptedDataByteArray = CryptUtil.HexDecode(encryptedData); byte[] decryptedDataArray = CryptUtil.DecryptAES(ivByteArray, decryptedKeyByteArray, encryptedDataByteArray); String decryptedDataString = System.Text.Encoding.UTF8.GetString(decryptedDataArray); // remove the field that are not required in the map foreach (String toHide in fieldsToHide) { tokenMap.Remove(toHide); } // add the decrypted data map to the token. Dictionary <String, Object> decryptedDataMap = (Dictionary <String, Object>)RequestMap.AsDictionary(decryptedDataString); foreach (KeyValuePair <String, Object> pair in decryptedDataMap) { tokenMap.Add(pair.Key, pair.Value); } } } return(new Dictionary <String, Object>(map)); }
public void TestEncryptDecryptRSA() { string certPath = MasterCard.Core.Util.GetCurrenyAssemblyPath() + "\\certificate.p12"; X509Certificate2 cert = new X509Certificate2(certPath, "", X509KeyStorageFlags.Exportable); var publicKey = cert.GetRSAPublicKey(); var privateKey = cert.GetRSAPrivateKey(); String data = "*****@*****.**"; byte[] encryptedData = CryptUtil.EncrytptRSA(Encoding.UTF8.GetBytes(data), publicKey); Assert.NotNull(encryptedData); byte[] decryptedData = CryptUtil.DecryptRSA(encryptedData, privateKey); String dataOut = System.Text.Encoding.UTF8.GetString(decryptedData); Assert.AreEqual(data, dataOut); }
public IDictionary <string, object> Decrypt(IDictionary <string, object> map) { if (map.ContainsKey("token")) { IDictionary <string, object> dictionary = (IDictionary <string, object>)map["token"]; if (dictionary.ContainsKey("") && dictionary.ContainsKey("")) { byte[] encryptionKey = CryptUtil.DecryptRSA(CryptUtil.HexDecode((string)dictionary["encryptedKey"]), this.privateKey); byte[] arg_8F_0 = CryptUtil.HexDecode((string)dictionary["iv"]); byte[] encryptedData = CryptUtil.HexDecode((string)dictionary["encryptedData"]); byte[] bytes = CryptUtil.DecryptAES(arg_8F_0, encryptionKey, encryptedData); string @string = Encoding.UTF8.GetString(bytes); foreach (string current in this.fieldsToHide) { dictionary.Remove(current); } foreach (KeyValuePair <string, object> current2 in ((Dictionary <string, object>)RequestMap.AsDictionary(@string))) { dictionary.Add(current2.Key, current2.Value); } } } return(map); }
public IDictionary <String, Object> Decrypt(IDictionary <String, Object> map) { SmartMap smartMap = new SmartMap(map); foreach (String fieldToDecrypt in configuration.FieldsToDecrypt) { if (smartMap.ContainsKey(fieldToDecrypt)) { String baseKey = ""; if (fieldToDecrypt.IndexOf(".") > 0) { baseKey = fieldToDecrypt.Substring(0, fieldToDecrypt.LastIndexOf(".")); baseKey += "."; } //need to read the key String encryptedKey = (String)smartMap.Get(baseKey + configuration.EncryptedKeyFiledName); smartMap.Remove(baseKey + configuration.EncryptedKeyFiledName); byte[] encryptedKeyByteArray = CryptUtil.Decode(encryptedKey, configuration.DataEncoding); //need to decryt with RSA byte[] secretKeyBytes = null; if (smartMap.ContainsKey(baseKey + configuration.OaepHashingAlgorithmFieldName)) { string oaepHashingAlgorithm = (String)smartMap.Get(baseKey + configuration.OaepHashingAlgorithmFieldName); oaepHashingAlgorithm = oaepHashingAlgorithm.Replace("SHA", "SHA-"); RSAEncryptionPadding customEncryptionPadding = configuration.OaepEncryptionPadding; if (oaepHashingAlgorithm.Equals("SHA-256")) { customEncryptionPadding = RSAEncryptionPadding.OaepSHA256; } else if (oaepHashingAlgorithm.Equals("SHA-512")) { customEncryptionPadding = RSAEncryptionPadding.OaepSHA512; } secretKeyBytes = CryptUtil.DecryptRSA(encryptedKeyByteArray, this.privateKey, customEncryptionPadding); } else { secretKeyBytes = CryptUtil.DecryptRSA(encryptedKeyByteArray, this.privateKey, configuration.OaepEncryptionPadding); } //need to read the iv String ivString = (String)smartMap.Get(baseKey + configuration.IvFieldName); smartMap.Remove(baseKey + configuration.IvFieldName); byte[] ivByteArray = CryptUtil.Decode(ivString.ToString(), configuration.DataEncoding); // remove the field that are not required in the map if (smartMap.ContainsKey(configuration.PublicKeyFingerprintFiledName)) { smartMap.Remove(configuration.PublicKeyFingerprintFiledName); } //need to decrypt the data String encryptedData = (String)smartMap.Get(baseKey + configuration.EncryptedDataFieldName); smartMap.Remove(baseKey + configuration.EncryptedDataFieldName); byte[] encryptedDataByteArray = CryptUtil.Decode(encryptedData, configuration.DataEncoding); byte[] decryptedDataByteArray = CryptUtil.DecryptAES(ivByteArray, secretKeyBytes, encryptedDataByteArray, configuration.SymmetricKeysize, configuration.SymmetricMode, configuration.SymmetricPadding); String decryptedDataString = System.Text.Encoding.UTF8.GetString(decryptedDataByteArray); if (decryptedDataString.StartsWith("{")) { Dictionary <String, Object> decryptedDataMap = JsonConvert.DeserializeObject <Dictionary <String, Object> >(decryptedDataString); foreach (KeyValuePair <String, Object> entry in decryptedDataMap) { smartMap.Add(baseKey + configuration.EncryptedDataFieldName + "." + entry.Key, entry.Value); } } else { smartMap.Add(baseKey + configuration.EncryptedDataFieldName, decryptedDataString); } break; } } return(smartMap); }