/// <summary> /// Create a configuration for a stream cipher. /// </summary> /// <param name="cipher">Stream cipher to use.</param> /// <param name="keySize">Key size to use, in bits.</param> /// <returns>Stream cipher configuration DTO.</returns> public static CipherConfiguration CreateStreamCipherConfiguration(StreamCipher cipher, int?keySize = null) { var config = new CipherConfiguration { Type = CipherType.Stream }; int keySizeNonNull = keySize ?? Athena.Cryptography.StreamCiphers[cipher].DefaultKeySizeBits; if (keySize == null || Athena.Cryptography.StreamCiphers[cipher].AllowableKeySizesBits.Contains(keySizeNonNull)) { config.KeySizeBits = keySizeNonNull; } else { throw new CipherKeySizeException(cipher, keySizeNonNull); } config.CipherName = cipher.ToString(); if (Athena.Cryptography.StreamCiphers[cipher].DefaultNonceSizeBits != -1) { config.InitialisationVector = new byte[Athena.Cryptography.StreamCiphers[cipher].DefaultNonceSizeBits / 8]; StratCom.EntropySupplier.NextBytes(config.InitialisationVector); } return(config); }
/// <summary> /// Creates a Salsa20 derivative engine with a specific number of rounds. /// </summary> /// <param name="rounds">the number of rounds (must be an even number).</param> protected Salsa20Engine(StreamCipher cipherIdentity, int rounds) : base(cipherIdentity) { if (rounds <= 0 || (rounds & 1) != 0) { throw new ArgumentException("'rounds' must be a positive, even number"); } this.Rounds = rounds; }
// Stream ciphers /// <summary> /// Instantiates and returns an implementation of the requested symmetric stream cipher. /// </summary> /// <returns><see cref="StreamCipherEngine" /> object implementing the relevant cipher algorithm.</returns> public static StreamCipherEngine CreateStreamCipher(StreamCipher cipherEnum) { #if !DEBUG if (cipherEnum == StreamCipher.None) { throw new ArgumentException("Cipher set to none.", "cipherEnum", new InvalidOperationException("Cannot instantiate null stream cipher.")); } #endif return(EngineInstantiatorsStream[cipherEnum]()); }
private void btnEncryptDecryptStream_Click(object sender, RoutedEventArgs e) { try { _encryptedBitmap = StreamCipher.EncryptImage(_streamSourceFilePath, _streamKeyfilePath, Operation.XOR); SetWpfImageFromImage(_encryptedBitmap, imgDisplayStream); } catch (Exception ex) { throw ex; } }
public static EncryptedPrivateKeyInfo createEncryptedPrivateKeyInfo( String algorithm, char[] passPhrase, byte[] salt, int iterationCount, PrivateKeyInfo keyInfo) { if (!PBEUtil.isPBEAlgorithm(algorithm)) { throw new Exception("attempt to use non-PBE algorithm with PBE EncryptedPrivateKeyInfo generation"); } ASN1Encodable parameters = PBEUtil.generateAlgorithmParameters(algorithm, salt, iterationCount); CipherParameters keyParameters = PBEUtil.generateCipherParameters(algorithm, passPhrase, parameters); byte[] encoding = null; Object engine = PBEUtil.createEngine(algorithm); if (engine is BufferedBlockCipher) { BufferedBlockCipher cipher = (BufferedBlockCipher)engine; cipher.init(true, keyParameters); byte[] keyBytes = keyInfo.getEncoded(); int encLen = cipher.getOutputSize(keyBytes.Length); encoding = new byte[encLen]; int off = cipher.processBytes(keyBytes, 0, keyBytes.Length, encoding, 0); cipher.doFinal(encoding, off); } else if (engine is StreamCipher) { StreamCipher cipher = (StreamCipher)engine; cipher.init(true, keyParameters); byte[] keyBytes = keyInfo.getEncoded(); encoding = new byte[keyBytes.Length]; cipher.processBytes(keyBytes, 0, keyBytes.Length, encoding, 0); } return(new EncryptedPrivateKeyInfo(new AlgorithmIdentifier(PBEUtil.getObjectIdentifier(algorithm), parameters), encoding)); }
//non-standard public override byte[] EncryptValue(byte[] pBuff) { IBlockCipher ibc = AesFactory.GetAes(true); StreamCtx _aes = null; if (mode == CipherMode.CBC) { _aes = StreamCipher.MakeStreamCtx(ibc, key, iv, StreamCipher.Mode.CBC); } else { _aes = StreamCipher.MakeStreamCtx(ibc, key, iv, StreamCipher.Mode.ECB); } byte[] cBuff = StreamCipher.Encode(_aes, pBuff, StreamCipher.ENCRYPT); return(cBuff); }
public static PrivateKeyInfo createPrivateKeyInfo( char[] passPhrase, EncryptedPrivateKeyInfo encInfo) { CipherParameters keyParameters = PBEUtil.generateCipherParameters(encInfo.getEncryptionAlgorithm().getObjectId(), passPhrase, encInfo.getEncryptionAlgorithm().getParameters()); Object engine = PBEUtil.createEngine(encInfo.getEncryptionAlgorithm().getObjectId()); byte[] encoding = null; if (engine is BufferedBlockCipher) { BufferedBlockCipher cipher = (BufferedBlockCipher)engine; cipher.init(false, keyParameters); byte[] keyBytes = encInfo.getEncryptedData(); int encLen = cipher.getOutputSize(keyBytes.Length); encoding = new byte[encLen]; int off = cipher.processBytes(keyBytes, 0, keyBytes.Length, encoding, 0); cipher.doFinal(encoding, off); } else if (engine is StreamCipher) { StreamCipher cipher = (StreamCipher)engine; cipher.init(false, keyParameters); byte[] keyBytes = encInfo.getEncryptedData(); encoding = new byte[keyBytes.Length]; cipher.processBytes(keyBytes, 0, keyBytes.Length, encoding, 0); } ASN1InputStream aIn = new ASN1InputStream(new MemoryStream(encoding)); return(PrivateKeyInfo.getInstance(aIn.readObject())); }
ASN1Sequence decryptData( AlgorithmIdentifier algId, byte[] data, char[] password) { PKCS12PBEParams pbeParams = PKCS12PBEParams.getInstance(algId.getParameters()); CipherParameters keyParameters = PBEUtil.generateCipherParameters(algId.getObjectId(), password, pbeParams); byte[] encoding = null; Object engine = PBEUtil.createEngine(algId.getObjectId()); if (engine is BufferedBlockCipher) { BufferedBlockCipher cipher = (BufferedBlockCipher)engine; cipher.init(false, keyParameters); int encLen = cipher.getOutputSize(data.Length); encoding = new byte[encLen]; int off = cipher.processBytes(data, 0, data.Length, encoding, 0); cipher.doFinal(encoding, off); } else if (engine is StreamCipher) { StreamCipher cipher = (StreamCipher)engine; cipher.init(false, keyParameters); encoding = new byte[data.Length]; cipher.processBytes(data, 0, data.Length, encoding, 0); } ASN1InputStream bIn = new ASN1InputStream(new MemoryStream(encoding)); return((ASN1Sequence)bIn.readObject()); }
private void btnComputeBO_Click(object sender, RoutedEventArgs e) { try { if ((bool)rbBitwiseAnd.IsChecked) { _encryptedBitmap = StreamCipher.EncryptImage(_bitwisePic1FilePath, _bitwisePic2FilePath, Operation.AND); } else if ((bool)rbBitwiseOR.IsChecked) { _encryptedBitmap = StreamCipher.EncryptImage(_bitwisePic1FilePath, _bitwisePic2FilePath, Operation.OR); } else if ((bool)rbBitwiseXOR.IsChecked) { _encryptedBitmap = StreamCipher.EncryptImage(_bitwisePic1FilePath, _bitwisePic2FilePath, Operation.XOR); } SetWpfImageFromImage(_encryptedBitmap, imgBitwiseDisplay); } catch (Exception ex) { throw ex; } }
public CipherKeySizeException(StreamCipher cipherEnum, int requestedSizeBits) : this(cipherEnum.ToString(), requestedSizeBits, Athena.Cryptography.StreamCiphers[cipherEnum].AllowableKeySizesBits.ToList()) { }
/// <summary> /// Instantiate a new stream cipher engine. /// </summary> /// <param name="cipherIdentity">Identity of the stream cipher.</param> protected StreamCipherEngine(StreamCipher cipherIdentity) { CipherIdentity = cipherIdentity; Key = null; Nonce = null; }
public IStreamCipher GetStreamCipher(StreamCipher cipher) { return StreamCipherBuilders[cipher].Build(); }
private async void WorkAsync() { IsNoActionRunning = false; try { #region Checks //Check whether file id is int if (!int.TryParse(ChosenFileId, out int FileId)) { IsCompleted = false; StateText = "Wrong File id!"; return; } //Check whether file id is correct if ((FileId >= FilesLoaded.Count()) || (FileId < 0)) { IsCompleted = false; StateText = "Wrong File id!"; return; } string FilePath = string.Empty; //Load file path foreach (var item in FilesLoaded) { if (item.Id == FileId) { FilePath = item.FileRealName; break; } } //if file id points to empty record if (string.IsNullOrWhiteSpace(FilePath)) { IsCompleted = false; StateText = "File id is wrong."; return; } // if file was deleted after loading if (!File.Exists(FilePath)) { IsCompleted = false; StateText = "File doesnt exist."; return; } #endregion Enum.TryParse <KeyGenerators>(ChosenKeyGenerator, out var chosenKeyGenerationMethod); var keyGeneratorInstance = new KeyGeneratorsFactory().NewKeyGenerator(chosenKeyGenerationMethod); var cipher = new StreamCipher(); cipher.Initialize(keyGeneratorInstance); if (IsAutoGeneratingKeys) { var generatedKey = RandomNumbersGenerator.GenerateBinaryString(LFSR.DefaultHighestPower); GeneratedKey = $"Your generated key is : {generatedKey}"; await cipher.Encrypt(FilePath, generatedKey, progress); } else { await cipher.Encrypt(FilePath, InitialState, progress); } StateText = "Action completed."; IsCompleted = true; } catch (ArgumentException ex) { StateText = ex.Message; IsCompleted = false; } catch (OutOfMemoryException ex) { StateText = ex.Message; IsCompleted = false; } finally { IsNoActionRunning = true; } }
protected override void OnReceive(byte[] data) { Packet packet = Encryptor == null?Packet.FromBytes(data) : Packet.FromBytes(Encryptor.Parse(data)); if (packet == null) { Disconnect(Frame.kClosingReason.ProtocolError, "Packet received was not legal."); return; } if (packet.Id != (int)kInterMasterId.KeyExchange && Encryptor == null) { Disconnect(Frame.kClosingReason.ProtocolError, "You must exchange keys before performing any other operations."); return; } // TODO rate limiting by ip switch ((kInterMasterId)packet.Id) { case kInterMasterId.KeyExchange: Key.ParseResponsePacket(packet); if (!Key.Succeeded) { Disconnect(Frame.kClosingReason.ProtocolError, "Could not exchange keys."); return; } Encryptor = new StreamCipher(Key.PrivateKey); break; case kInterMasterId.LoginAttempt: if (packet.RegionCount != 3 || !packet.CheckRegionsMaxLength(0, 16, 255) || !packet.CheckRegionLengths(2, 2)) { break; } Session session; using (var db = new ScapeDb()) { User user; if ((user = db.Users.FirstOrDefault(x => x.Username == packet[0])) == null) { SendEncrypted(new Packet(kInterMasterId.LoginAttempt, Convert.ToByte(false), "User does not exist.")); break; } if (packet[1].Str.Trim() == "" || !packet[1].Str.CheckPassword(user.Password)) { SendEncrypted(new Packet(kInterMasterId.LoginAttempt, Convert.ToByte(false), "Password is incorrect.")); break; } if (user.Session?.DeltaLastPing.TotalMinutes < 3) { SendEncrypted(new Packet(kInterMasterId.LoginAttempt, Convert.ToByte(false), "You are already logged in. Log out or try again shortly.")); break; } ushort serverId = packet[2].Raw.UnpackUInt16(); if (!MasterServerList.HasId(serverId)) { SendEncrypted(new Packet(kInterMasterId.LoginAttempt, Convert.ToByte(false), "The world you have specified is offline.")); break; } if (user.Session?.DeltaLastPing.TotalMinutes >= 3) { db.Entry(user.Session).State = EntityState.Deleted; db.SaveChanges(); } db.Sessions.Add(session = new Session { Id = user.Id, Secret = RNG.NextBytes(16), ServerId = serverId, LastPing = DateTime.UtcNow }); db.SaveChanges(); } var server = MasterServerList.Get((ushort)session.ServerId); SendEncrypted(new Packet(kInterMasterId.LoginAttempt, Convert.ToByte(true), session.Secret, server.Address.ToString(), server.Port.Pack())); break; case kInterMasterId.RegistrationAttempt: if (packet.RegionCount != 3 || !packet.CheckAllMaxLength(0xFF)) { break; } if (!packet[0].Raw.IsAsciiString()) { SendEncrypted(new Packet(kInterMasterId.RegistrationAttempt, Convert.ToByte(false), "Your username cannot contain unicode characters.")); break; } string username = packet[0].Str.Trim(), password = packet[1].Str.Trim(), email = packet[2].Str.Trim(); if (username.Length > 16 || !UsernameRegex.IsMatch(username)) { SendEncrypted(new Packet(kInterMasterId.RegistrationAttempt, Convert.ToByte(false), "The username is max 16 characters and can only be letters, numbers, and underscores.")); break; } if (!EmailRegex.IsMatch(email)) { SendEncrypted(new Packet(kInterMasterId.RegistrationAttempt, Convert.ToByte(false), "The email address is malformed.")); break; } using (var db = new ScapeDb()) { if (db.Users.FirstOrDefault(x => x.Username == username) != null) { SendEncrypted(new Packet(kInterMasterId.RegistrationAttempt, Convert.ToByte(false), "This username is already in use.")); break; } if (db.Users.FirstOrDefault(x => x.Email == email) != null) { SendEncrypted(new Packet(kInterMasterId.RegistrationAttempt, Convert.ToByte(false), "This email address is already in use.")); break; } // TODO email activation db.Users.Add(new User { Username = username, Password = password.HashPassword(), Email = email, Joined = DateTime.UtcNow }); db.SaveChanges(); } SendEncrypted(new Packet(kInterMasterId.RegistrationAttempt, Convert.ToByte(true), "Registration was successful.")); break; case kInterMasterId.ServerListing: SendEncrypted(MasterServerList.ReportPacket); break; default: Disconnect(Frame.kClosingReason.ProtocolError, "Packet ID could not be understood at this time."); break; } Console.WriteLine($"{Id} says {data.GetString()}"); }
/// <summary> /// Stream cipher to be used e.g. Salsa20, HC-128, etc. /// </summary> public void SetStreamCipher(StreamCipher value) { Configuration.CipherName = value.ToString(); }
protected StreamCipherTestBase(StreamCipher cipher) { Cipher = cipher; }
private async Task <Packet> ProcessPacket(byte[] data) { string str = Encoding.UTF8.GetString(data); if (Regex.IsMatch(str, "^GET")) { requestHeader = new RequestHeader(str); requestHeader.resource = requestHeader.resource.Replace("/csf-websocket-url", ""); Logger.Info($"Requesting resource: {requestHeader.resource}"); string ip1 = tcpclient.Client.RemoteEndPoint.ToString(); string[] ip_parts = ip1.Split("."); Logger.Info($"IP: {ip1}"); Logger.Debug($"Recieved header: {str}"); if (ip_parts[0] != "172" && ip_parts[0] != "127") { ResponseHeader respheader = new ResponseHeader { responseCode = HttpCodes.OK }; await Send(respheader); await Send("Hello World!"); stillOk = false; } else if (requestHeader.parameters.ContainsKey("Sec-WebSocket-Key")) { ResponseHeader respheader = new ResponseHeader { responseCode = HttpCodes.SwitchingProtocols }; respheader.parameters["Server"] = "CSF-Websocket"; respheader.parameters["Connection"] = "Upgrade"; respheader.parameters["Upgrade"] = "websocket"; respheader.parameters["Sec-WebSocket-Accept"] = GenerateSecWebSocketKey(requestHeader.parameters["Sec-WebSocket-Key"]); try { if (requestHeader.parameters.ContainsKey("Sec-WebSocket-Extensions")) { Logger.Info($"Supported extensions: {requestHeader.parameters["Sec-WebSocket-Extensions"]}"); Chiper = StreamCipher.Factory(requestHeader.parameters["Sec-WebSocket-Extensions"]); } else { Chiper = StreamCipher.Factory("permessage-deflate"); } if (requestHeader.parameters.ContainsKey("Sec-WebSocket-Protocol")) { string[] options = requestHeader.parameters["Sec-WebSocket-Protocol"].Split(","); foreach (string option_raw in options) { string option = option_raw.Trim(); if (option.Contains("csf-socket-")) { respheader.parameters["Sec-WebSocket-Protocol"] = option; } } } await Send(respheader); await SendHello(); } catch (UnsupportedExtension) { ResponseHeader invext = new ResponseHeader { responseCode = HttpCodes.NotAcceptable }; await Send(invext); await Send("The requested websokcet extension is not supported"); stillOk = false; } } else { ResponseHeader respheader = new ResponseHeader { responseCode = HttpCodes.UpgradeRequired }; await Send(respheader); await Send("This is not a website! Upgrade your connection to WebSocket"); stillOk = false; } } else { WsPacket WebSocketPacket = Chiper.Decode(data); OpCode opcode = WebSocketPacket.GetOpCode(); if (opcode == OpCode.TextFrame) { string pstr = WebSocketPacket.GetPayload(); try { Packet p = new Packet(pstr); PacketType type = p.GetPacketType(); if (type == PacketType.Heartbeat) { HeartBeatNow(); Packet ack = new Packet(PacketType.HeartbeatACK); await Send(ack); return(null); } else if (type == PacketType.Reconnect) { Reconnect rp = p.GetPacketData <Reconnect>(); if (UsedSessions.Contains(rp.session_id)) { this.session = rp.session_id; await SendHello(); } else { Packet invsess = new Packet(PacketType.InvalidSession); await Send(invsess); stillOk = false; } return(null); } else if (type == PacketType.Identify) { identity = p.GetPacketData <Identity>(); } else { if (identity == null) { stillOk = false; return(null); } } return(p); } catch (Exception e) { Logger.Error($"Packet conversion error: {e.Message}"); Logger.Error($"Receied data: {string.Join(" ", data)}"); Logger.Error($"Decoded: {pstr}"); Logger.Error($"{e.StackTrace}"); } } else if (opcode == OpCode.Ping) { Logger.Debug("Ping Pong"); WsPacket pong = new WsPacket(OpCode.Pong); await Send(pong); } } return(null); }