public BCEngine() { _blockCipher = new AesEngine(); _encoding = Encoding.UTF8; pkcs = new Pkcs7Padding(); _padding = pkcs; }
/// <summary> /// Encapsulates the specified links into a CCF container. /// </summary> /// <param name="name">The name of the package.</param> /// <param name="links">The links.</param> /// <returns> /// CCF container. /// </returns> public static byte[] CreateCCF(string name, string[] links) { var sb = new StringBuilder(); sb.Append("<?xml version=\"1.0\" encoding=\"utf-8\"?>"); sb.Append("<CryptLoad>"); sb.Append("<Package service=\"\" name=\"" + name + "\" url=\"Directlinks\">"); foreach (var link in links) { sb.Append("<Download Url=\"" + link + "\">"); sb.Append("<Url>" + link + "</Url>"); //sb.Append("<FileName></FileName>"); //sb.Append("<FileSize></FileSize>"); sb.Append("</Download>"); } sb.Append("</Package>"); sb.Append("</CryptLoad>"); var aes = new AesEngine(); var cbc = new CbcBlockCipher(aes); var pk7 = new Pkcs7Padding(); var pad = new PaddedBufferedBlockCipher(cbc, pk7); pad.Init(true, new ParametersWithIV(new KeyParameter(CCFKey), CCFIV)); return(pad.DoFinal(Encoding.UTF8.GetBytes(sb.ToString()))); }
internal static string AESDecryption(string cipher, string key, string salt, Pkcs7Padding padding) { BCEngine bcEngine = new BCEngine(new AesEngine(), Encoding.UTF8); bcEngine.SetPadding(padding); return(bcEngine.Decrypt(cipher, key)); }
public BCEngine(IBlockCipher blockCipher, Encoding encoding) { _blockCipher = blockCipher; //_encoding = encoding; _encoding = Encoding.ASCII; Pkcs7Padding pkcs = new Pkcs7Padding(); _padding = pkcs; }
public AesCbcCryptor(byte[] key, byte[] iv) { KeyParameter keyParam = new KeyParameter(key); this._parametersWithIv = new ParametersWithIV(keyParam, iv, 0, iv.Length); AesEngine engine = new AesEngine(); CbcBlockCipher blockCipher = new CbcBlockCipher(engine); IBlockCipherPadding padding = new Pkcs7Padding(); this._cipher = new BufferedBlockCipher(blockCipher); this._cipher.Init(false, this._parametersWithIv); }
public string Decrypt(ProtectedMemory key, string message) { Blake2bProtectedCryptoProvider blake2b = new Blake2bProtectedCryptoProvider(); using ProtectedMemory paddedKey = blake2b.ComputeHashProtected(key, 64); ExtractHeader(message, paddedKey, out byte[] iv, out byte[] buffer); using (ProtectedMemory aesKey = DeriveAesKey(paddedKey)) { AesState aesState = new AesState(aesKey, iv); aesState.AesCbcDecryptBuffer(ref buffer); } int contentLength = Pkcs7Padding.GetContentLength(buffer, 16); return(Encoding.UTF8.GetString(buffer, 0, contentLength)); }
/* * No idea... doesnt work.. cant seem to fix it.. * Lets not pretend i know what this does... * */ private static BufferedBlockCipher SetupBlockCipher(byte[] sharedKey, byte[] ivData, bool forEncryption) { // Setup cipher parameters with key and IV. var keyParam = new KeyParameter(sharedKey); var param = new ParametersWithIV(keyParam, ivData); // Setup AES cipher in CBC mode with PKCS7 padding. var padding = new Pkcs7Padding(); BufferedBlockCipher cipher = new PaddedBufferedBlockCipher(new CbcBlockCipher(new AesEngine()), padding); cipher.Reset(); cipher.Init(forEncryption, param); return(cipher); }
public override void PerformTest() { SecureRandom rand = new SecureRandom(new byte[20]); rand.SetSeed(DateTime.Now.Ticks); doTestPadding(new Pkcs7Padding(), rand, Hex.Decode("ffffff0505050505"), Hex.Decode("0000000004040404")); Pkcs7Padding padder = new Pkcs7Padding(); try { padder.PadCount(new byte[8]); Fail("invalid padding not detected"); } catch (InvalidCipherTextException e) { if (!"pad block corrupted".Equals(e.Message)) { Fail("wrong exception for corrupt padding: " + e); } } doTestPadding(new ISO10126d2Padding(), rand, null, null); doTestPadding(new X923Padding(), rand, null, null); doTestPadding(new TbcPadding(), rand, Hex.Decode("ffffff0000000000"), Hex.Decode("00000000ffffffff")); doTestPadding(new ZeroBytePadding(), rand, Hex.Decode("ffffff0000000000"), null); doTestPadding(new ISO7816d4Padding(), rand, Hex.Decode("ffffff8000000000"), Hex.Decode("0000000080000000")); }
public static byte[] DecryptByteArray(byte[] key, byte[] iv, byte[] encryptedData) { AesEngine engine = new AesEngine(); CbcBlockCipher blockCipher = new CbcBlockCipher(engine); //CBC IBlockCipherPadding padding = new Pkcs7Padding(); PaddedBufferedBlockCipher cipher = new PaddedBufferedBlockCipher(blockCipher, padding); KeyParameter keyParam = new KeyParameter(key); ParametersWithIV keyParamWithIV = new ParametersWithIV(keyParam, iv, 0, iv.Length); //Decrypt cipher.Init(false, keyParamWithIV); byte[] comparisonBytes = new byte[cipher.GetOutputSize(encryptedData.Length)]; int length = cipher.ProcessBytes(encryptedData, comparisonBytes, 0); cipher.DoFinal(comparisonBytes, length); //Do the final block return(comparisonBytes); }
public ProtectedMemory DecryptProtected(ProtectedMemory key, string message) { Blake2bProtectedCryptoProvider blake2b = new Blake2bProtectedCryptoProvider(); using ProtectedMemory paddedKey = blake2b.ComputeHashProtected(key, 64); ExtractHeader(message, paddedKey, out byte[] iv, out byte[] messageBytes); using ProtectedMemory protectedBuffer = ProtectedMemory.Allocate(messageBytes.Length); protectedBuffer.Write(messageBytes, 0, messageBytes.Length); using (ProtectedMemory aesKey = DeriveAesKey(paddedKey)) { AesState aesState = new AesState(aesKey, iv); aesState.AesCbcDecryptBuffer(protectedBuffer); } int contentLength = Pkcs7Padding.GetContentLength(protectedBuffer, 16); ProtectedMemory result = ProtectedMemory.Allocate(contentLength); protectedBuffer.CopyTo(0, result, 0, contentLength); return(result); }
static PaddedBufferedBlockCipher MakeCipher(CipherMode cipher, CipherPadding padding) { var engine = new T(); IBlockCipher blockCipher = null; IBlockCipherPadding blockPadding = null; switch (cipher) { case CipherMode.CBC: blockCipher = new CbcBlockCipher(engine); break; } switch (padding) { case CipherPadding.ISO10126d2: blockPadding = new ISO10126d2Padding(); break; case CipherPadding.ISO7816d4: blockPadding = new ISO7816d4Padding(); break; case CipherPadding.PKCS7: blockPadding = new Pkcs7Padding(); break; case CipherPadding.TBC: blockPadding = new TbcPadding(); break; case CipherPadding.X923: blockPadding = new X923Padding(); break; case CipherPadding.ZeroByte: blockPadding = new ZeroBytePadding(); break; } return(new PaddedBufferedBlockCipher(blockCipher, blockPadding)); }
/// <summary> /// Builds an IBlockCipherPadding /// </summary> /// <param name="padding">SymmetricBlockPadding enum, padding name</param> /// <returns>IBlockCipherPadding with loaded padding type, if padding is WITHCTS returns null</returns> private IBlockCipherPadding getPadding(SymmetricBlockPadding padding) { IBlockCipherPadding paddingCipher = null; switch (padding) { case SymmetricBlockPadding.NOPADDING: paddingCipher = null; break; case SymmetricBlockPadding.ISO7816D4PADDING: paddingCipher = new ISO7816d4Padding(); break; case SymmetricBlockPadding.ISO10126D2PADDING: paddingCipher = new ISO10126d2Padding(); break; case SymmetricBlockPadding.PKCS7PADDING: paddingCipher = new Pkcs7Padding(); break; case SymmetricBlockPadding.WITHCTS: break; case SymmetricBlockPadding.X923PADDING: paddingCipher = new X923Padding(); break; case SymmetricBlockPadding.ZEROBYTEPADDING: paddingCipher = new ZeroBytePadding(); break; default: this.error.setError("SB018", "Cipher " + padding + " not recognised."); break; } return(paddingCipher); }
public LoginProvider(string username, string plainTextPassword) { this.Username = username; // Password must be 8 bute aligned byte[] passwordByteArray = Encoding.ASCII.GetBytes(plainTextPassword); int paddingBytesRequired = 8 - (passwordByteArray.Length % 8); if (paddingBytesRequired > 0) { this.Password = new byte[passwordByteArray.Length + paddingBytesRequired]; Buffer.BlockCopy(passwordByteArray, 0, this.Password, 0, passwordByteArray.Length); // Password must be padded using PKCS5Padding - BouncyCastle provides a Pkcs7Padding class // PKCS5Padding is identical to Pkcs7Padding, providing you only pad to exactly 8 bytes Pkcs7Padding passwordPadder = new Pkcs7Padding(); passwordPadder.AddPadding(this.Password, passwordByteArray.Length); } else { this.Password = passwordByteArray; } }
private static PaddedBufferedBlockCipher CreateCipher(string encryptionMode, int segmentSize) { var engine = new RC6Engine(); var padding = new Pkcs7Padding(); IBlockCipher cipherWithoutPadding = null; switch (encryptionMode) { case "ECB": cipherWithoutPadding = engine; break; case "CBC": cipherWithoutPadding = new CbcBlockCipher(engine); break; case "CFB": cipherWithoutPadding = new CfbBlockCipher(engine, segmentSize); break; case "OFB": cipherWithoutPadding = new OfbBlockCipher(engine, segmentSize); break; } return new PaddedBufferedBlockCipher(cipherWithoutPadding, padding); }
private void AES_CBC_MAC_Decrypt(string alg, byte[] k) { KeyParameter key; int tLen; switch (alg) { case "A128CBC-HS256": tLen = 16; break; case "A192CBC-HS256": tLen = 24; break; case "A256CBC-HS256": tLen = 32; break; default: throw new JoseException("Internal error"); } KeyParameter macKey = new KeyParameter(k, 0, tLen); key = new KeyParameter(k, tLen, tLen); bool fError = false; // HMAC AAD // HMAC IV // HMAC ciphertext // HMAC 64bit int = cbit(AAD) byte[] rgbAl = new byte[8]; byte[] rgbAad = CreateAad(); int cbAad = rgbAad.Length * 8; for (int i = 7; i > 0; i--) { rgbAl[i] = (byte)(cbAad % 256); cbAad /= 256; if (cbAad == 0) { break; } } HMac hmac = new HMac(new Sha256Digest()); byte[] resBuf = new byte[hmac.GetMacSize()]; hmac.Init(macKey); hmac.BlockUpdate(rgbAad, 0, rgbAad.Length); hmac.BlockUpdate(_iv, 0, _iv.Length); hmac.BlockUpdate(_RgbEncrypted, 0, _RgbEncrypted.Length); hmac.BlockUpdate(rgbAl, 0, rgbAl.Length); hmac.DoFinal(resBuf, 0); if (tLen != _Tag.Length) { fError = true; } for (int i = 0; i < tLen; i++) { if (resBuf[i] != _Tag[i]) { fError = true; } } ICipherParameters parms = new ParametersWithIV(key, _iv); IBlockCipherPadding padding = new Pkcs7Padding(); BufferedBlockCipher cipher = new PaddedBufferedBlockCipher(new CbcBlockCipher(new AesEngine()), padding); cipher.Reset(); cipher.Init(false, parms); byte[] rgbOut = new byte[cipher.GetOutputSize(_RgbEncrypted.Length)]; int len = cipher.ProcessBytes(_RgbEncrypted, 0, _RgbEncrypted.Length, rgbOut, 0); len += cipher.DoFinal(rgbOut, len); payload = new byte[len]; if (fError) { throw new JoseException("Does not validate"); } Array.Copy(rgbOut, payload, len); }
public static IBufferedCipher GetCipher(string algorithm) { //IL_0008: Unknown result type (might be due to invalid IL or missing references) //IL_0469: Unknown result type (might be due to invalid IL or missing references) //IL_0495: Unknown result type (might be due to invalid IL or missing references) //IL_07f1: Unknown result type (might be due to invalid IL or missing references) if (algorithm == null) { throw new ArgumentNullException("algorithm"); } algorithm = Platform.ToUpperInvariant(algorithm); string text = (string)algorithms.get_Item((object)algorithm); if (text != null) { algorithm = text; } IBasicAgreement basicAgreement = null; if (algorithm == "IES") { basicAgreement = new DHBasicAgreement(); } else if (algorithm == "ECIES") { basicAgreement = new ECDHBasicAgreement(); } if (basicAgreement != null) { return(new BufferedIesCipher(new IesEngine(basicAgreement, new Kdf2BytesGenerator(new Sha1Digest()), new HMac(new Sha1Digest())))); } if (Platform.StartsWith(algorithm, "PBE")) { if (Platform.EndsWith(algorithm, "-CBC")) { if (algorithm == "PBEWITHSHA1ANDDES-CBC") { return(new PaddedBufferedBlockCipher(new CbcBlockCipher(new DesEngine()))); } if (algorithm == "PBEWITHSHA1ANDRC2-CBC") { return(new PaddedBufferedBlockCipher(new CbcBlockCipher(new RC2Engine()))); } if (Strings.IsOneOf(algorithm, "PBEWITHSHAAND2-KEYTRIPLEDES-CBC", "PBEWITHSHAAND3-KEYTRIPLEDES-CBC")) { return(new PaddedBufferedBlockCipher(new CbcBlockCipher(new DesEdeEngine()))); } if (Strings.IsOneOf(algorithm, "PBEWITHSHAAND128BITRC2-CBC", "PBEWITHSHAAND40BITRC2-CBC")) { return(new PaddedBufferedBlockCipher(new CbcBlockCipher(new RC2Engine()))); } } else if ((Platform.EndsWith(algorithm, "-BC") || Platform.EndsWith(algorithm, "-OPENSSL")) && Strings.IsOneOf(algorithm, "PBEWITHSHAAND128BITAES-CBC-BC", "PBEWITHSHAAND192BITAES-CBC-BC", "PBEWITHSHAAND256BITAES-CBC-BC", "PBEWITHSHA256AND128BITAES-CBC-BC", "PBEWITHSHA256AND192BITAES-CBC-BC", "PBEWITHSHA256AND256BITAES-CBC-BC", "PBEWITHMD5AND128BITAES-CBC-OPENSSL", "PBEWITHMD5AND192BITAES-CBC-OPENSSL", "PBEWITHMD5AND256BITAES-CBC-OPENSSL")) { return(new PaddedBufferedBlockCipher(new CbcBlockCipher(new AesFastEngine()))); } } string[] array = algorithm.Split(new char[1] { '/' }); IBlockCipher blockCipher = null; IAsymmetricBlockCipher asymmetricBlockCipher = null; IStreamCipher streamCipher = null; string text2 = array[0]; string text3 = (string)algorithms.get_Item((object)text2); if (text3 != null) { text2 = text3; } CipherAlgorithm cipherAlgorithm; try { cipherAlgorithm = (CipherAlgorithm)Enums.GetEnumValue(typeof(CipherAlgorithm), text2); } catch (ArgumentException) { throw new SecurityUtilityException("Cipher " + algorithm + " not recognised."); } switch (cipherAlgorithm) { case CipherAlgorithm.AES: blockCipher = new AesFastEngine(); break; case CipherAlgorithm.ARC4: streamCipher = new RC4Engine(); break; case CipherAlgorithm.BLOWFISH: blockCipher = new BlowfishEngine(); break; case CipherAlgorithm.CAMELLIA: blockCipher = new CamelliaEngine(); break; case CipherAlgorithm.CAST5: blockCipher = new Cast5Engine(); break; case CipherAlgorithm.CAST6: blockCipher = new Cast6Engine(); break; case CipherAlgorithm.DES: blockCipher = new DesEngine(); break; case CipherAlgorithm.DESEDE: blockCipher = new DesEdeEngine(); break; case CipherAlgorithm.ELGAMAL: asymmetricBlockCipher = new ElGamalEngine(); break; case CipherAlgorithm.GOST28147: blockCipher = new Gost28147Engine(); break; case CipherAlgorithm.HC128: streamCipher = new HC128Engine(); break; case CipherAlgorithm.HC256: streamCipher = new HC256Engine(); break; case CipherAlgorithm.IDEA: blockCipher = new IdeaEngine(); break; case CipherAlgorithm.NOEKEON: blockCipher = new NoekeonEngine(); break; case CipherAlgorithm.PBEWITHSHAAND128BITRC4: case CipherAlgorithm.PBEWITHSHAAND40BITRC4: streamCipher = new RC4Engine(); break; case CipherAlgorithm.RC2: blockCipher = new RC2Engine(); break; case CipherAlgorithm.RC5: blockCipher = new RC532Engine(); break; case CipherAlgorithm.RC5_64: blockCipher = new RC564Engine(); break; case CipherAlgorithm.RC6: blockCipher = new RC6Engine(); break; case CipherAlgorithm.RIJNDAEL: blockCipher = new RijndaelEngine(); break; case CipherAlgorithm.RSA: asymmetricBlockCipher = new RsaBlindedEngine(); break; case CipherAlgorithm.SALSA20: streamCipher = new Salsa20Engine(); break; case CipherAlgorithm.SEED: blockCipher = new SeedEngine(); break; case CipherAlgorithm.SERPENT: blockCipher = new SerpentEngine(); break; case CipherAlgorithm.SKIPJACK: blockCipher = new SkipjackEngine(); break; case CipherAlgorithm.TEA: blockCipher = new TeaEngine(); break; case CipherAlgorithm.THREEFISH_256: blockCipher = new ThreefishEngine(256); break; case CipherAlgorithm.THREEFISH_512: blockCipher = new ThreefishEngine(512); break; case CipherAlgorithm.THREEFISH_1024: blockCipher = new ThreefishEngine(1024); break; case CipherAlgorithm.TNEPRES: blockCipher = new TnepresEngine(); break; case CipherAlgorithm.TWOFISH: blockCipher = new TwofishEngine(); break; case CipherAlgorithm.VMPC: streamCipher = new VmpcEngine(); break; case CipherAlgorithm.VMPC_KSA3: streamCipher = new VmpcKsa3Engine(); break; case CipherAlgorithm.XTEA: blockCipher = new XteaEngine(); break; default: throw new SecurityUtilityException("Cipher " + algorithm + " not recognised."); } if (streamCipher != null) { if (array.Length > 1) { throw new ArgumentException("Modes and paddings not used for stream ciphers"); } return(new BufferedStreamCipher(streamCipher)); } bool flag = false; bool flag2 = true; IBlockCipherPadding blockCipherPadding = null; IAeadBlockCipher aeadBlockCipher = null; if (array.Length > 2) { if (streamCipher != null) { throw new ArgumentException("Paddings not used for stream ciphers"); } string text4 = array[2]; CipherPadding cipherPadding; if (text4 == "") { cipherPadding = CipherPadding.RAW; } else if (text4 == "X9.23PADDING") { cipherPadding = CipherPadding.X923PADDING; } else { try { cipherPadding = (CipherPadding)Enums.GetEnumValue(typeof(CipherPadding), text4); } catch (ArgumentException) { throw new SecurityUtilityException("Cipher " + algorithm + " not recognised."); } } switch (cipherPadding) { case CipherPadding.NOPADDING: flag2 = false; break; case CipherPadding.ISO10126PADDING: case CipherPadding.ISO10126D2PADDING: case CipherPadding.ISO10126_2PADDING: blockCipherPadding = new ISO10126d2Padding(); break; case CipherPadding.ISO7816_4PADDING: case CipherPadding.ISO9797_1PADDING: blockCipherPadding = new ISO7816d4Padding(); break; case CipherPadding.ISO9796_1: case CipherPadding.ISO9796_1PADDING: asymmetricBlockCipher = new ISO9796d1Encoding(asymmetricBlockCipher); break; case CipherPadding.OAEP: case CipherPadding.OAEPPADDING: asymmetricBlockCipher = new OaepEncoding(asymmetricBlockCipher); break; case CipherPadding.OAEPWITHMD5ANDMGF1PADDING: asymmetricBlockCipher = new OaepEncoding(asymmetricBlockCipher, new MD5Digest()); break; case CipherPadding.OAEPWITHSHA1ANDMGF1PADDING: case CipherPadding.OAEPWITHSHA_1ANDMGF1PADDING: asymmetricBlockCipher = new OaepEncoding(asymmetricBlockCipher, new Sha1Digest()); break; case CipherPadding.OAEPWITHSHA224ANDMGF1PADDING: case CipherPadding.OAEPWITHSHA_224ANDMGF1PADDING: asymmetricBlockCipher = new OaepEncoding(asymmetricBlockCipher, new Sha224Digest()); break; case CipherPadding.OAEPWITHSHA256ANDMGF1PADDING: case CipherPadding.OAEPWITHSHA_256ANDMGF1PADDING: asymmetricBlockCipher = new OaepEncoding(asymmetricBlockCipher, new Sha256Digest()); break; case CipherPadding.OAEPWITHSHA384ANDMGF1PADDING: case CipherPadding.OAEPWITHSHA_384ANDMGF1PADDING: asymmetricBlockCipher = new OaepEncoding(asymmetricBlockCipher, new Sha384Digest()); break; case CipherPadding.OAEPWITHSHA512ANDMGF1PADDING: case CipherPadding.OAEPWITHSHA_512ANDMGF1PADDING: asymmetricBlockCipher = new OaepEncoding(asymmetricBlockCipher, new Sha512Digest()); break; case CipherPadding.PKCS1: case CipherPadding.PKCS1PADDING: asymmetricBlockCipher = new Pkcs1Encoding(asymmetricBlockCipher); break; case CipherPadding.PKCS5: case CipherPadding.PKCS5PADDING: case CipherPadding.PKCS7: case CipherPadding.PKCS7PADDING: blockCipherPadding = new Pkcs7Padding(); break; case CipherPadding.TBCPADDING: blockCipherPadding = new TbcPadding(); break; case CipherPadding.WITHCTS: flag = true; break; case CipherPadding.X923PADDING: blockCipherPadding = new X923Padding(); break; case CipherPadding.ZEROBYTEPADDING: blockCipherPadding = new ZeroBytePadding(); break; default: throw new SecurityUtilityException("Cipher " + algorithm + " not recognised."); case CipherPadding.RAW: break; } } string text5 = ""; if (array.Length > 1) { text5 = array[1]; int digitIndex = GetDigitIndex(text5); string text6 = ((digitIndex >= 0) ? text5.Substring(0, digitIndex) : text5); try { switch ((text6 == "") ? CipherMode.NONE : ((CipherMode)Enums.GetEnumValue(typeof(CipherMode), text6))) { case CipherMode.CBC: blockCipher = new CbcBlockCipher(blockCipher); break; case CipherMode.CCM: aeadBlockCipher = new CcmBlockCipher(blockCipher); break; case CipherMode.CFB: { int bitBlockSize = ((digitIndex < 0) ? (8 * blockCipher.GetBlockSize()) : int.Parse(text5.Substring(digitIndex))); blockCipher = new CfbBlockCipher(blockCipher, bitBlockSize); break; } case CipherMode.CTR: blockCipher = new SicBlockCipher(blockCipher); break; case CipherMode.CTS: flag = true; blockCipher = new CbcBlockCipher(blockCipher); break; case CipherMode.EAX: aeadBlockCipher = new EaxBlockCipher(blockCipher); break; case CipherMode.GCM: aeadBlockCipher = new GcmBlockCipher(blockCipher); break; case CipherMode.GOFB: blockCipher = new GOfbBlockCipher(blockCipher); break; case CipherMode.OCB: aeadBlockCipher = new OcbBlockCipher(blockCipher, CreateBlockCipher(cipherAlgorithm)); break; case CipherMode.OFB: { int blockSize = ((digitIndex < 0) ? (8 * blockCipher.GetBlockSize()) : int.Parse(text5.Substring(digitIndex))); blockCipher = new OfbBlockCipher(blockCipher, blockSize); break; } case CipherMode.OPENPGPCFB: blockCipher = new OpenPgpCfbBlockCipher(blockCipher); break; case CipherMode.SIC: if (blockCipher.GetBlockSize() < 16) { throw new ArgumentException("Warning: SIC-Mode can become a twotime-pad if the blocksize of the cipher is too small. Use a cipher with a block size of at least 128 bits (e.g. AES)"); } blockCipher = new SicBlockCipher(blockCipher); break; default: throw new SecurityUtilityException("Cipher " + algorithm + " not recognised."); case CipherMode.ECB: case CipherMode.NONE: break; } } catch (ArgumentException) { throw new SecurityUtilityException("Cipher " + algorithm + " not recognised."); } } if (aeadBlockCipher != null) { if (flag) { throw new SecurityUtilityException("CTS mode not valid for AEAD ciphers."); } if (flag2 && array.Length > 2 && array[2] != "") { throw new SecurityUtilityException("Bad padding specified for AEAD cipher."); } return(new BufferedAeadBlockCipher(aeadBlockCipher)); } if (blockCipher != null) { if (flag) { return(new CtsBlockCipher(blockCipher)); } if (blockCipherPadding != null) { return(new PaddedBufferedBlockCipher(blockCipher, blockCipherPadding)); } if (!flag2 || blockCipher.IsPartialBlockOkay) { return(new BufferedBlockCipher(blockCipher)); } return(new PaddedBufferedBlockCipher(blockCipher)); } if (asymmetricBlockCipher != null) { return(new BufferedAsymmetricBlockCipher(asymmetricBlockCipher)); } throw new SecurityUtilityException("Cipher " + algorithm + " not recognised."); }
public static IBufferedCipher GetCipher( string algorithm) { if (algorithm == null) { throw new ArgumentNullException("algorithm"); } algorithm = Platform.ToUpperInvariant(algorithm); { string aliased = (string)algorithms[algorithm]; if (aliased != null) { algorithm = aliased; } } IBasicAgreement iesAgreement = null; if (algorithm == "IES") { iesAgreement = new DHBasicAgreement(); } else if (algorithm == "ECIES") { iesAgreement = new ECDHBasicAgreement(); } if (iesAgreement != null) { return(new BufferedIesCipher( new IesEngine( iesAgreement, new Kdf2BytesGenerator( new Sha1Digest()), new HMac( new Sha1Digest())))); } if (Platform.StartsWith(algorithm, "PBE")) { if (Platform.EndsWith(algorithm, "-CBC")) { if (algorithm == "PBEWITHSHA1ANDDES-CBC") { return(new PaddedBufferedBlockCipher( new CbcBlockCipher(new DesEngine()))); } else if (algorithm == "PBEWITHSHA1ANDRC2-CBC") { return(new PaddedBufferedBlockCipher( new CbcBlockCipher(new RC2Engine()))); } else if (Strings.IsOneOf(algorithm, "PBEWITHSHAAND2-KEYTRIPLEDES-CBC", "PBEWITHSHAAND3-KEYTRIPLEDES-CBC")) { return(new PaddedBufferedBlockCipher( new CbcBlockCipher(new DesEdeEngine()))); } else if (Strings.IsOneOf(algorithm, "PBEWITHSHAAND128BITRC2-CBC", "PBEWITHSHAAND40BITRC2-CBC")) { return(new PaddedBufferedBlockCipher( new CbcBlockCipher(new RC2Engine()))); } } else if (Platform.EndsWith(algorithm, "-BC") || Platform.EndsWith(algorithm, "-OPENSSL")) { if (Strings.IsOneOf(algorithm, "PBEWITHSHAAND128BITAES-CBC-BC", "PBEWITHSHAAND192BITAES-CBC-BC", "PBEWITHSHAAND256BITAES-CBC-BC", "PBEWITHSHA256AND128BITAES-CBC-BC", "PBEWITHSHA256AND192BITAES-CBC-BC", "PBEWITHSHA256AND256BITAES-CBC-BC", "PBEWITHMD5AND128BITAES-CBC-OPENSSL", "PBEWITHMD5AND192BITAES-CBC-OPENSSL", "PBEWITHMD5AND256BITAES-CBC-OPENSSL")) { return(new PaddedBufferedBlockCipher( new CbcBlockCipher(new AesFastEngine()))); } } } string[] parts = algorithm.Split('/'); IBlockCipher blockCipher = null; IAsymmetricBlockCipher asymBlockCipher = null; IStreamCipher streamCipher = null; string algorithmName = parts[0]; { string aliased = (string)algorithms[algorithmName]; if (aliased != null) { algorithmName = aliased; } } CipherAlgorithm cipherAlgorithm; try { cipherAlgorithm = (CipherAlgorithm)Enums.GetEnumValue(typeof(CipherAlgorithm), algorithmName); } catch (ArgumentException) { throw new SecurityUtilityException("Cipher " + algorithm + " not recognised."); } switch (cipherAlgorithm) { case CipherAlgorithm.AES: blockCipher = new AesFastEngine(); break; case CipherAlgorithm.ARC4: streamCipher = new RC4Engine(); break; case CipherAlgorithm.BLOWFISH: blockCipher = new BlowfishEngine(); break; case CipherAlgorithm.CAMELLIA: blockCipher = new CamelliaEngine(); break; case CipherAlgorithm.CAST5: blockCipher = new Cast5Engine(); break; case CipherAlgorithm.CAST6: blockCipher = new Cast6Engine(); break; case CipherAlgorithm.DES: blockCipher = new DesEngine(); break; case CipherAlgorithm.DESEDE: blockCipher = new DesEdeEngine(); break; case CipherAlgorithm.ELGAMAL: asymBlockCipher = new ElGamalEngine(); break; case CipherAlgorithm.GOST28147: blockCipher = new Gost28147Engine(); break; case CipherAlgorithm.HC128: streamCipher = new HC128Engine(); break; case CipherAlgorithm.HC256: streamCipher = new HC256Engine(); break; case CipherAlgorithm.IDEA: blockCipher = new IdeaEngine(); break; case CipherAlgorithm.NOEKEON: blockCipher = new NoekeonEngine(); break; case CipherAlgorithm.PBEWITHSHAAND128BITRC4: case CipherAlgorithm.PBEWITHSHAAND40BITRC4: streamCipher = new RC4Engine(); break; case CipherAlgorithm.RC2: blockCipher = new RC2Engine(); break; case CipherAlgorithm.RC5: blockCipher = new RC532Engine(); break; case CipherAlgorithm.RC5_64: blockCipher = new RC564Engine(); break; case CipherAlgorithm.RC6: blockCipher = new RC6Engine(); break; case CipherAlgorithm.RIJNDAEL: blockCipher = new RijndaelEngine(); break; case CipherAlgorithm.RSA: asymBlockCipher = new RsaBlindedEngine(); break; case CipherAlgorithm.SALSA20: streamCipher = new Salsa20Engine(); break; case CipherAlgorithm.SEED: blockCipher = new SeedEngine(); break; case CipherAlgorithm.SERPENT: blockCipher = new SerpentEngine(); break; case CipherAlgorithm.SKIPJACK: blockCipher = new SkipjackEngine(); break; case CipherAlgorithm.TEA: blockCipher = new TeaEngine(); break; case CipherAlgorithm.THREEFISH_256: blockCipher = new ThreefishEngine(ThreefishEngine.BLOCKSIZE_256); break; case CipherAlgorithm.THREEFISH_512: blockCipher = new ThreefishEngine(ThreefishEngine.BLOCKSIZE_512); break; case CipherAlgorithm.THREEFISH_1024: blockCipher = new ThreefishEngine(ThreefishEngine.BLOCKSIZE_1024); break; case CipherAlgorithm.TNEPRES: blockCipher = new TnepresEngine(); break; case CipherAlgorithm.TWOFISH: blockCipher = new TwofishEngine(); break; case CipherAlgorithm.VMPC: streamCipher = new VmpcEngine(); break; case CipherAlgorithm.VMPC_KSA3: streamCipher = new VmpcKsa3Engine(); break; case CipherAlgorithm.XTEA: blockCipher = new XteaEngine(); break; default: throw new SecurityUtilityException("Cipher " + algorithm + " not recognised."); } if (streamCipher != null) { if (parts.Length > 1) { throw new ArgumentException("Modes and paddings not used for stream ciphers"); } return(new BufferedStreamCipher(streamCipher)); } bool cts = false; bool padded = true; IBlockCipherPadding padding = null; IAeadBlockCipher aeadBlockCipher = null; if (parts.Length > 2) { if (streamCipher != null) { throw new ArgumentException("Paddings not used for stream ciphers"); } string paddingName = parts[2]; CipherPadding cipherPadding; if (paddingName == "") { cipherPadding = CipherPadding.RAW; } else if (paddingName == "X9.23PADDING") { cipherPadding = CipherPadding.X923PADDING; } else { try { cipherPadding = (CipherPadding)Enums.GetEnumValue(typeof(CipherPadding), paddingName); } catch (ArgumentException) { throw new SecurityUtilityException("Cipher " + algorithm + " not recognised."); } } switch (cipherPadding) { case CipherPadding.NOPADDING: padded = false; break; case CipherPadding.RAW: break; case CipherPadding.ISO10126PADDING: case CipherPadding.ISO10126D2PADDING: case CipherPadding.ISO10126_2PADDING: padding = new ISO10126d2Padding(); break; case CipherPadding.ISO7816_4PADDING: case CipherPadding.ISO9797_1PADDING: padding = new ISO7816d4Padding(); break; case CipherPadding.ISO9796_1: case CipherPadding.ISO9796_1PADDING: asymBlockCipher = new ISO9796d1Encoding(asymBlockCipher); break; case CipherPadding.OAEP: case CipherPadding.OAEPPADDING: asymBlockCipher = new OaepEncoding(asymBlockCipher); break; case CipherPadding.OAEPWITHMD5ANDMGF1PADDING: asymBlockCipher = new OaepEncoding(asymBlockCipher, new MD5Digest()); break; case CipherPadding.OAEPWITHSHA1ANDMGF1PADDING: case CipherPadding.OAEPWITHSHA_1ANDMGF1PADDING: asymBlockCipher = new OaepEncoding(asymBlockCipher, new Sha1Digest()); break; case CipherPadding.OAEPWITHSHA224ANDMGF1PADDING: case CipherPadding.OAEPWITHSHA_224ANDMGF1PADDING: asymBlockCipher = new OaepEncoding(asymBlockCipher, new Sha224Digest()); break; case CipherPadding.OAEPWITHSHA256ANDMGF1PADDING: case CipherPadding.OAEPWITHSHA_256ANDMGF1PADDING: asymBlockCipher = new OaepEncoding(asymBlockCipher, new Sha256Digest()); break; case CipherPadding.OAEPWITHSHA384ANDMGF1PADDING: case CipherPadding.OAEPWITHSHA_384ANDMGF1PADDING: asymBlockCipher = new OaepEncoding(asymBlockCipher, new Sha384Digest()); break; case CipherPadding.OAEPWITHSHA512ANDMGF1PADDING: case CipherPadding.OAEPWITHSHA_512ANDMGF1PADDING: asymBlockCipher = new OaepEncoding(asymBlockCipher, new Sha512Digest()); break; case CipherPadding.PKCS1: case CipherPadding.PKCS1PADDING: asymBlockCipher = new Pkcs1Encoding(asymBlockCipher); break; case CipherPadding.PKCS5: case CipherPadding.PKCS5PADDING: case CipherPadding.PKCS7: case CipherPadding.PKCS7PADDING: padding = new Pkcs7Padding(); break; case CipherPadding.TBCPADDING: padding = new TbcPadding(); break; case CipherPadding.WITHCTS: cts = true; break; case CipherPadding.X923PADDING: padding = new X923Padding(); break; case CipherPadding.ZEROBYTEPADDING: padding = new ZeroBytePadding(); break; default: throw new SecurityUtilityException("Cipher " + algorithm + " not recognised."); } } string mode = ""; if (parts.Length > 1) { mode = parts[1]; int di = GetDigitIndex(mode); string modeName = di >= 0 ? mode.Substring(0, di) : mode; try { CipherMode cipherMode = modeName == "" ? CipherMode.NONE : (CipherMode)Enums.GetEnumValue(typeof(CipherMode), modeName); switch (cipherMode) { case CipherMode.ECB: case CipherMode.NONE: break; case CipherMode.CBC: blockCipher = new CbcBlockCipher(blockCipher); break; case CipherMode.CCM: aeadBlockCipher = new CcmBlockCipher(blockCipher); break; case CipherMode.CFB: { int bits = (di < 0) ? 8 * blockCipher.GetBlockSize() : int.Parse(mode.Substring(di)); blockCipher = new CfbBlockCipher(blockCipher, bits); break; } case CipherMode.CTR: blockCipher = new SicBlockCipher(blockCipher); break; case CipherMode.CTS: cts = true; blockCipher = new CbcBlockCipher(blockCipher); break; case CipherMode.EAX: aeadBlockCipher = new EaxBlockCipher(blockCipher); break; case CipherMode.GCM: aeadBlockCipher = new GcmBlockCipher(blockCipher); break; case CipherMode.GOFB: blockCipher = new GOfbBlockCipher(blockCipher); break; case CipherMode.OCB: aeadBlockCipher = new OcbBlockCipher(blockCipher, CreateBlockCipher(cipherAlgorithm)); break; case CipherMode.OFB: { int bits = (di < 0) ? 8 * blockCipher.GetBlockSize() : int.Parse(mode.Substring(di)); blockCipher = new OfbBlockCipher(blockCipher, bits); break; } case CipherMode.OPENPGPCFB: blockCipher = new OpenPgpCfbBlockCipher(blockCipher); break; case CipherMode.SIC: if (blockCipher.GetBlockSize() < 16) { throw new ArgumentException("Warning: SIC-Mode can become a twotime-pad if the blocksize of the cipher is too small. Use a cipher with a block size of at least 128 bits (e.g. AES)"); } blockCipher = new SicBlockCipher(blockCipher); break; default: throw new SecurityUtilityException("Cipher " + algorithm + " not recognised."); } } catch (ArgumentException) { throw new SecurityUtilityException("Cipher " + algorithm + " not recognised."); } } if (aeadBlockCipher != null) { if (cts) { throw new SecurityUtilityException("CTS mode not valid for AEAD ciphers."); } if (padded && parts.Length > 2 && parts[2] != "") { throw new SecurityUtilityException("Bad padding specified for AEAD cipher."); } return(new BufferedAeadBlockCipher(aeadBlockCipher)); } if (blockCipher != null) { if (cts) { return(new CtsBlockCipher(blockCipher)); } if (padding != null) { return(new PaddedBufferedBlockCipher(blockCipher, padding)); } if (!padded || blockCipher.IsPartialBlockOkay) { return(new BufferedBlockCipher(blockCipher)); } return(new PaddedBufferedBlockCipher(blockCipher)); } if (asymBlockCipher != null) { return(new BufferedAsymmetricBlockCipher(asymBlockCipher)); } throw new SecurityUtilityException("Cipher " + algorithm + " not recognised."); }
public static IBufferedCipher GetCipher( string algorithm) { if (algorithm == null) { throw new ArgumentNullException("algorithm"); } algorithm = algorithm.ToUpper(CultureInfo.InvariantCulture); string aliased = (string)algorithms[algorithm]; if (aliased != null) { algorithm = aliased; } IBasicAgreement iesAgreement = null; if (algorithm == "IES") { iesAgreement = new DHBasicAgreement(); } else if (algorithm == "ECIES") { iesAgreement = new ECDHBasicAgreement(); } if (iesAgreement != null) { return(new BufferedIesCipher( new IesEngine( iesAgreement, new Kdf2BytesGenerator( new Sha1Digest()), new HMac( new Sha1Digest())))); } if (algorithm.StartsWith("PBE")) { switch (algorithm) { case "PBEWITHSHAAND2-KEYTRIPLEDES-CBC": case "PBEWITHSHAAND3-KEYTRIPLEDES-CBC": return(new PaddedBufferedBlockCipher( new CbcBlockCipher(new DesEdeEngine()))); case "PBEWITHSHAAND128BITRC2-CBC": case "PBEWITHSHAAND40BITRC2-CBC": return(new PaddedBufferedBlockCipher( new CbcBlockCipher(new RC2Engine()))); case "PBEWITHSHAAND128BITAES-CBC-BC": case "PBEWITHSHAAND192BITAES-CBC-BC": case "PBEWITHSHAAND256BITAES-CBC-BC": case "PBEWITHSHA256AND128BITAES-CBC-BC": case "PBEWITHSHA256AND192BITAES-CBC-BC": case "PBEWITHSHA256AND256BITAES-CBC-BC": case "PBEWITHMD5AND128BITAES-CBC-OPENSSL": case "PBEWITHMD5AND192BITAES-CBC-OPENSSL": case "PBEWITHMD5AND256BITAES-CBC-OPENSSL": return(new PaddedBufferedBlockCipher( new CbcBlockCipher(new AesFastEngine()))); case "PBEWITHSHA1ANDDES-CBC": return(new PaddedBufferedBlockCipher( new CbcBlockCipher(new DesEngine()))); case "PBEWITHSHA1ANDRC2-CBC": return(new PaddedBufferedBlockCipher( new CbcBlockCipher(new RC2Engine()))); } } string[] parts = algorithm.Split('/'); IBlockCipher blockCipher = null; IAsymmetricBlockCipher asymBlockCipher = null; IStreamCipher streamCipher = null; switch (parts[0]) { case "AES": blockCipher = new AesFastEngine(); break; case "ARC4": streamCipher = new RC4Engine(); break; case "BLOWFISH": blockCipher = new BlowfishEngine(); break; case "CAMELLIA": blockCipher = new CamelliaEngine(); break; case "CAST5": blockCipher = new Cast5Engine(); break; case "CAST6": blockCipher = new Cast6Engine(); break; case "DES": blockCipher = new DesEngine(); break; case "DESEDE": blockCipher = new DesEdeEngine(); break; case "ELGAMAL": asymBlockCipher = new ElGamalEngine(); break; case "GOST28147": blockCipher = new Gost28147Engine(); break; case "HC128": streamCipher = new HC128Engine(); break; case "HC256": streamCipher = new HC256Engine(); break; #if INCLUDE_IDEA case "IDEA": blockCipher = new IdeaEngine(); break; #endif case "NOEKEON": blockCipher = new NoekeonEngine(); break; case "PBEWITHSHAAND128BITRC4": case "PBEWITHSHAAND40BITRC4": streamCipher = new RC4Engine(); break; case "RC2": blockCipher = new RC2Engine(); break; case "RC5": blockCipher = new RC532Engine(); break; case "RC5-64": blockCipher = new RC564Engine(); break; case "RC6": blockCipher = new RC6Engine(); break; case "RIJNDAEL": blockCipher = new RijndaelEngine(); break; case "RSA": asymBlockCipher = new RsaBlindedEngine(); break; case "SALSA20": streamCipher = new Salsa20Engine(); break; case "SEED": blockCipher = new SeedEngine(); break; case "SERPENT": blockCipher = new SerpentEngine(); break; case "SKIPJACK": blockCipher = new SkipjackEngine(); break; case "TEA": blockCipher = new TeaEngine(); break; case "TWOFISH": blockCipher = new TwofishEngine(); break; case "VMPC": streamCipher = new VmpcEngine(); break; case "VMPC-KSA3": streamCipher = new VmpcKsa3Engine(); break; case "XTEA": blockCipher = new XteaEngine(); break; default: throw new SecurityUtilityException("Cipher " + algorithm + " not recognised."); } if (streamCipher != null) { if (parts.Length > 1) { throw new ArgumentException("Modes and paddings not used for stream ciphers"); } return(new BufferedStreamCipher(streamCipher)); } bool cts = false; bool padded = true; IBlockCipherPadding padding = null; IAeadBlockCipher aeadBlockCipher = null; if (parts.Length > 2) { if (streamCipher != null) { throw new ArgumentException("Paddings not used for stream ciphers"); } switch (parts[2]) { case "NOPADDING": padded = false; break; case "": case "RAW": break; case "ISO10126PADDING": case "ISO10126D2PADDING": case "ISO10126-2PADDING": padding = new ISO10126d2Padding(); break; case "ISO7816-4PADDING": case "ISO9797-1PADDING": padding = new ISO7816d4Padding(); break; case "ISO9796-1": case "ISO9796-1PADDING": asymBlockCipher = new ISO9796d1Encoding(asymBlockCipher); break; case "OAEP": case "OAEPPADDING": asymBlockCipher = new OaepEncoding(asymBlockCipher); break; case "OAEPWITHMD5ANDMGF1PADDING": asymBlockCipher = new OaepEncoding(asymBlockCipher, new MD5Digest()); break; case "OAEPWITHSHA1ANDMGF1PADDING": case "OAEPWITHSHA-1ANDMGF1PADDING": asymBlockCipher = new OaepEncoding(asymBlockCipher, new Sha1Digest()); break; case "OAEPWITHSHA224ANDMGF1PADDING": case "OAEPWITHSHA-224ANDMGF1PADDING": asymBlockCipher = new OaepEncoding(asymBlockCipher, new Sha224Digest()); break; case "OAEPWITHSHA256ANDMGF1PADDING": case "OAEPWITHSHA-256ANDMGF1PADDING": asymBlockCipher = new OaepEncoding(asymBlockCipher, new Sha256Digest()); break; case "OAEPWITHSHA384ANDMGF1PADDING": case "OAEPWITHSHA-384ANDMGF1PADDING": asymBlockCipher = new OaepEncoding(asymBlockCipher, new Sha384Digest()); break; case "OAEPWITHSHA512ANDMGF1PADDING": case "OAEPWITHSHA-512ANDMGF1PADDING": asymBlockCipher = new OaepEncoding(asymBlockCipher, new Sha512Digest()); break; case "PKCS1": case "PKCS1PADDING": asymBlockCipher = new Pkcs1Encoding(asymBlockCipher); break; case "PKCS5": case "PKCS5PADDING": case "PKCS7": case "PKCS7PADDING": padding = new Pkcs7Padding(); break; case "TBCPADDING": padding = new TbcPadding(); break; case "WITHCTS": cts = true; break; case "X9.23PADDING": case "X923PADDING": padding = new X923Padding(); break; case "ZEROBYTEPADDING": padding = new ZeroBytePadding(); break; default: throw new SecurityUtilityException("Cipher " + algorithm + " not recognised."); } } string mode = ""; if (parts.Length > 1) { mode = parts[1]; int di = GetDigitIndex(mode); string modeName = di >= 0 ? mode.Substring(0, di) : mode; switch (modeName) { case "": case "ECB": case "NONE": break; case "CBC": blockCipher = new CbcBlockCipher(blockCipher); break; case "CCM": aeadBlockCipher = new CcmBlockCipher(blockCipher); break; case "CFB": { int bits = (di < 0) ? 8 * blockCipher.GetBlockSize() : int.Parse(mode.Substring(di)); blockCipher = new CfbBlockCipher(blockCipher, bits); break; } case "CTR": blockCipher = new SicBlockCipher(blockCipher); break; case "CTS": cts = true; blockCipher = new CbcBlockCipher(blockCipher); break; case "EAX": aeadBlockCipher = new EaxBlockCipher(blockCipher); break; case "GCM": aeadBlockCipher = new GcmBlockCipher(blockCipher); break; case "GOFB": blockCipher = new GOfbBlockCipher(blockCipher); break; case "OFB": { int bits = (di < 0) ? 8 * blockCipher.GetBlockSize() : int.Parse(mode.Substring(di)); blockCipher = new OfbBlockCipher(blockCipher, bits); break; } case "OPENPGPCFB": blockCipher = new OpenPgpCfbBlockCipher(blockCipher); break; case "SIC": if (blockCipher.GetBlockSize() < 16) { throw new ArgumentException("Warning: SIC-Mode can become a twotime-pad if the blocksize of the cipher is too small. Use a cipher with a block size of at least 128 bits (e.g. AES)"); } blockCipher = new SicBlockCipher(blockCipher); break; default: throw new SecurityUtilityException("Cipher " + algorithm + " not recognised."); } } if (aeadBlockCipher != null) { if (cts) { throw new SecurityUtilityException("CTS mode not valid for AEAD ciphers."); } if (padded && parts.Length > 2 && parts[2] != "") { throw new SecurityUtilityException("Bad padding specified for AEAD cipher."); } return(new BufferedAeadBlockCipher(aeadBlockCipher)); } if (blockCipher != null) { if (cts) { return(new CtsBlockCipher(blockCipher)); } if (padding != null) { return(new PaddedBufferedBlockCipher(blockCipher, padding)); } if (!padded || blockCipher.IsPartialBlockOkay) { return(new BufferedBlockCipher(blockCipher)); } return(new PaddedBufferedBlockCipher(blockCipher)); } if (asymBlockCipher != null) { return(new BufferedAsymmetricBlockCipher(asymBlockCipher)); } throw new SecurityUtilityException("Cipher " + algorithm + " not recognised."); }