/// <summary>
        /// Borrowed from https://github.com/vadimkantorov/wemosetup/blob/master/wemosetup.py
        /// </summary>
        /// <param name="password"></param>
        /// <param name="metainfo"></param>
        /// <returns></returns>
        private string EncryptPassword(string password, string metainfo)
        {
            string[] metaInfoParts = metainfo.Split('|');
            string   keydata       = metaInfoParts[0].Substring(0, 6) + metaInfoParts[1] + metaInfoParts[0].Substring(6, 6);
            string   salt          = keydata.Substring(0, 8);
            string   iv            = keydata.Substring(0, 16);

            byte[] passwordAsBytes = Encoding.ASCII.GetBytes(Password);

            OpenSslPbeParametersGenerator keyGen = new OpenSslPbeParametersGenerator();

            keyGen.Init(Encoding.ASCII.GetBytes(keydata), Encoding.ASCII.GetBytes(salt));
            ICipherParameters cipherParams = keyGen.GenerateDerivedParameters("AES128", 128);

            AesEngine                 engine         = new AesEngine();
            CbcBlockCipher            blockCipher    = new CbcBlockCipher(engine);
            PaddedBufferedBlockCipher cipher         = new PaddedBufferedBlockCipher(blockCipher, new Pkcs7Padding());
            ParametersWithIV          keyParamWithIv = new ParametersWithIV(cipherParams, Encoding.ASCII.GetBytes(iv), 0, 16);

            cipher.Init(true, keyParamWithIv);
            byte[] outputBytes = new byte[cipher.GetOutputSize(passwordAsBytes.Length)];
            int    length      = cipher.ProcessBytes(passwordAsBytes, outputBytes, 0);

            cipher.DoFinal(outputBytes, length);
            return(Convert.ToBase64String(outputBytes));
        }
Esempio n. 2
0
            public override void PerformTest()
            {
                byte[] salt   = new byte[16];
                int    iCount = 100;

                for (int i = 0; i != salt.Length; i++)
                {
                    salt[i] = (byte)i;
                }

                PbeParametersGenerator pGen = new OpenSslPbeParametersGenerator();

                pGen.Init(
                    PbeParametersGenerator.Pkcs5PasswordToBytes(password),
                    salt,
                    iCount);

                ParametersWithIV parameters = (ParametersWithIV)
                                              pGen.GenerateDerivedParameters(baseAlgorithm, keySize, ivSize);

                KeyParameter encKey = (KeyParameter)parameters.Parameters;

                IBufferedCipher c;

                if (baseAlgorithm.Equals("RC4"))
                {
                    c = CipherUtilities.GetCipher(baseAlgorithm);

                    c.Init(true, encKey);
                }
                else
                {
                    c = CipherUtilities.GetCipher(baseAlgorithm + "/CBC/PKCS7Padding");

                    c.Init(true, parameters);
                }

                byte[] enc = c.DoFinal(salt);

                c = CipherUtilities.GetCipher(algorithm);

//					PBEKeySpec keySpec = new PBEKeySpec(password, salt, iCount);
//					SecretKeyFactory fact = SecretKeyFactory.getInstance(algorithm);
//
//					c.Init(false, fact.generateSecret(keySpec));

                Asn1Encodable algParams = PbeUtilities.GenerateAlgorithmParameters(
                    algorithm, salt, iCount);
                ICipherParameters cipherParams = PbeUtilities.GenerateCipherParameters(
                    algorithm, password, algParams);

                c.Init(false, cipherParams);

                byte[] dec = c.DoFinal(enc);

                if (!AreEqual(salt, dec))
                {
                    Fail("" + algorithm + "failed encryption/decryption test");
                }
            }
Esempio n. 3
0
        private static ICipherParameters GetCipherParameters(
            char[]          password,
            PemBaseAlg baseAlg,
            byte[]          salt)
        {
            string algorithm;
            int    keyBits;

            switch (baseAlg)
            {
            case PemBaseAlg.AES_128:                keyBits = 128;  algorithm = "AES128";   break;

            case PemBaseAlg.AES_192:                keyBits = 192;  algorithm = "AES192";   break;

            case PemBaseAlg.AES_256:                keyBits = 256;  algorithm = "AES256";   break;

            case PemBaseAlg.BF:                             keyBits = 128;  algorithm = "BLOWFISH"; break;

            case PemBaseAlg.DES:                    keyBits = 64;   algorithm = "DES";              break;

            case PemBaseAlg.DES_EDE:                keyBits = 128;  algorithm = "DESEDE";   break;

            case PemBaseAlg.DES_EDE3:               keyBits = 192;  algorithm = "DESEDE3";  break;

            case PemBaseAlg.RC2:                    keyBits = 128;  algorithm = "RC2";              break;

            case PemBaseAlg.RC2_40:                 keyBits = 40;   algorithm = "RC2";              break;

            case PemBaseAlg.RC2_64:                 keyBits = 64;   algorithm = "RC2";              break;

            default:
                return(null);
            }

            OpenSslPbeParametersGenerator pGen = new OpenSslPbeParametersGenerator();

            pGen.Init(PbeParametersGenerator.Pkcs5PasswordToBytes(password), salt);

            return(pGen.GenerateDerivedParameters(algorithm, keyBits));
        }
Esempio n. 4
0
        private static ICipherParameters GetCipherParameters(
            char[]  password,
            string baseAlg,
            byte[]  salt)
        {
            string algorithm;
            int    keyBits;

            switch (baseAlg)
            {
            case "AES-128":         keyBits = 128;  algorithm = "AES128";   break;

            case "AES-192":         keyBits = 192;  algorithm = "AES192";   break;

            case "AES-256":         keyBits = 256;  algorithm = "AES256";   break;

            case "BF":                      keyBits = 128;  algorithm = "BLOWFISH"; break;

            case "DES":                     keyBits = 64;   algorithm = "DES";              break;

            case "DES-EDE":         keyBits = 128;  algorithm = "DESEDE";   break;

            case "DES-EDE3":        keyBits = 192;  algorithm = "DESEDE3";  break;

            case "RC2":                     keyBits = 128;  algorithm = "RC2";              break;

            case "RC2-40":          keyBits = 40;   algorithm = "RC2";              break;

            case "RC2-64":          keyBits = 64;   algorithm = "RC2";              break;

            default:
                return(null);
            }

            OpenSslPbeParametersGenerator pGen = new OpenSslPbeParametersGenerator();

            pGen.Init(PbeParametersGenerator.Pkcs5PasswordToBytes(password), salt);

            return(pGen.GenerateDerivedParameters(algorithm, keyBits));
        }
Esempio n. 5
0
        /**
         * create the secret key needed for this object, fetching the password
         */
        private ICipherParameters GetKey(
            string algorithm,
            int keyLength,
            byte[]  salt)
        {
            if (pFinder == null)
            {
                throw new InvalidOperationException("No password finder specified, but a password is required");
            }

            char[] password = pFinder.GetPassword();

            if (password == null)
            {
                throw new IOException("Password is null, but a password is required");
            }

            OpenSslPbeParametersGenerator pGen = new OpenSslPbeParametersGenerator();

            pGen.Init(PbeParametersGenerator.Pkcs5PasswordToBytes(password), salt);

            return(pGen.GenerateDerivedParameters(keyLength * 8));
        }
Esempio n. 6
0
        public void WriteObject(
            object obj,
            string algorithm,
            char[]                  password,
            SecureRandom random)
        {
            if (obj == null)
            {
                throw new ArgumentNullException("obj");
            }
            if (algorithm == null)
            {
                throw new ArgumentNullException("algorithm");
            }
            if (password == null)
            {
                throw new ArgumentNullException("password");
            }
            if (random == null)
            {
                throw new ArgumentNullException("random");
            }


            byte[] keyData = null;

            if (obj is RsaPrivateCrtKeyParameters)
            {
                RsaPrivateCrtKeyParameters k = (RsaPrivateCrtKeyParameters)obj;

                keyData = PrivateKeyInfoFactory.CreatePrivateKeyInfo(k).PrivateKey.GetEncoded();
            }
            else
            {
                // TODO Support other types?
                throw new ArgumentException("Object type not supported: " + obj.GetType().FullName, "obj");
            }


            byte[] salt = new byte[8];
            random.NextBytes(salt);

            OpenSslPbeParametersGenerator pGen = new OpenSslPbeParametersGenerator();

            pGen.Init(PbeParametersGenerator.Pkcs5PasswordToBytes(password), salt);

            ICipherParameters secretKey = null;

            if (algorithm.ToUpper(CultureInfo.InvariantCulture).Equals("DESEDE"))
            {
                // generate key
                int keyLength = 24;
                secretKey = pGen.GenerateDerivedParameters(keyLength * 8);
            }
            else
            {
                throw new IOException("unknown algorithm in WriteObject");
            }


            byte[] encData = null;

            // cipher
            try
            {
                IBufferedCipher c = CipherUtilities.GetCipher("DESede/CBC/PKCS5Padding");
                c.Init(true, new ParametersWithIV(secretKey, salt));

                encData = c.DoFinal(keyData);
            }
            catch (Exception e)
            {
                throw new IOException("exception using cipher: " + e.ToString());
            }

            // write the data
            string type = "RSA PRIVATE KEY";

            WriteHeader(type);
            writer.WriteLine("Proc-Type: 4,ENCRYPTED");
            writer.Write("DEK-Info: DES-EDE3-CBC,");
            WriteHexEncoded(salt);
            writer.WriteLine();
            WriteBase64Encoded(encData);
            WriteFooter(type);
        }