public static byte[] HybridDecrypt
(
X509Certificate2 decryptorPrivateKeyPfx
, Secret data
)
{
X509Certificate2 encryptorPublicKeyCer = null;
try
{
RSACryptoServiceProvider decryptorPrivateKeyPfxProvider = decryptorPrivateKeyPfx.PrivateKey as RSACryptoServiceProvider;
encryptorPublicKeyCer = new X509Certificate2(data.EncryptorPublicKeyCerRawData);
RSACryptoServiceProvider encryptorPublicKeyCerProvider = encryptorPublicKeyCer.PublicKey.Key as RSACryptoServiceProvider;
return HybridDecrypt
(
decryptorPrivateKeyPfxProvider
, encryptorPublicKeyCerProvider
, data
);
}
catch
{
return null;
}
finally
{
if (encryptorPublicKeyCer != null)
{
encryptorPublicKeyCer.Reset();
}
}
}
public static byte[] HybridDecrypt
(
RSACryptoServiceProvider decryptorPrivateKeyPfxProvider
, RSACryptoServiceProvider encryptorPublicKeyCerProvider
, Secret data
)
{
byte[] buffer = null;
HashAlgorithm hashAlgorithm;
if (data.SignHashMode == HashSignatureMode.SHA1)
{
hashAlgorithm = new SHA1CryptoServiceProvider();
}
else //(hashSignatureMode == HashSignatureMode.MD5)
{
hashAlgorithm = new MD5CryptoServiceProvider();
}
using (MemoryStream stream = new MemoryStream())
{
buffer = data.EncryptorSharedEncryptedOnceIV;
stream.Write(buffer, 0, buffer.Length);
buffer = data.EncryptorSharedEncryptedOnceKey;
stream.Write(buffer, 0, buffer.Length);
buffer = data.EncryptedData;
stream.Position = 0;
buffer = hashAlgorithm.ComputeHash(stream);
stream.Close();
}
//X509Certificate2 encryptorPublicKeyCer = new X509Certificate2(data.EncryptorPublicKeyCerRawData);
//RSACryptoServiceProvider encryptorPublicKeyCerProvider = encryptorPublicKeyCer.PublicKey.Key as RSACryptoServiceProvider;
if (encryptorPublicKeyCerProvider.VerifyHash
(
buffer
, Enum.GetName
(
data.SignHashMode.GetType()
, data.SignHashMode
)
, data.EncryptorHashSignature
)
)
{
//decryptorPrivateKeyPfxProvider = decryptorPrivateKeyPfx.PrivateKey as RSACryptoServiceProvider;
using (TripleDESCryptoServiceProvider des = new TripleDESCryptoServiceProvider())
{
buffer = data.EncryptorSharedEncryptedOnceIV;
buffer = decryptorPrivateKeyPfxProvider.Decrypt(buffer, data.DoOAEPadding);
des.IV = buffer;
buffer = data.EncryptorSharedEncryptedOnceKey;
buffer = decryptorPrivateKeyPfxProvider.Decrypt(buffer, data.DoOAEPadding);
des.Key = buffer;
buffer = data.EncryptedData;
buffer = des.CreateDecryptor().TransformFinalBlock(buffer, 0, buffer.Length);
}
}
else
{
buffer = null;
}
return buffer;
}
public static Secret HybridEncrypt
(
RSACryptoServiceProvider encryptorPrivateKeyPfxProvider
, X509Certificate2 encryptorPublicKeyCer
, RSACryptoServiceProvider decryptorPublicKeyCerProvider
, HashSignatureMode signHashMode
, bool DoOAEPadding
, byte[] data
)
{
Secret secret = new Secret();
using (TripleDESCryptoServiceProvider provider = new TripleDESCryptoServiceProvider())
{
provider.GenerateIV();
secret.EncryptorSharedEncryptedOnceIV = provider.IV;
provider.GenerateKey();
secret.EncryptorSharedEncryptedOnceKey = provider.Key;
secret.EncryptedData = provider.CreateEncryptor().TransformFinalBlock(data, 0, data.Length);
}
secret.EncryptorSharedEncryptedOnceIV = decryptorPublicKeyCerProvider.Encrypt(secret.EncryptorSharedEncryptedOnceIV, DoOAEPadding);
secret.EncryptorSharedEncryptedOnceKey = decryptorPublicKeyCerProvider.Encrypt(secret.EncryptorSharedEncryptedOnceKey, DoOAEPadding);
HashAlgorithm hashAlgorithm;
if (signHashMode == HashSignatureMode.SHA1)
{
hashAlgorithm = new SHA1CryptoServiceProvider();
}
else //(hashSignatureMode == HashSignatureMode.MD5)
{
hashAlgorithm = new MD5CryptoServiceProvider();
}
MemoryStream stream = new MemoryStream();
byte[] buffer = secret.EncryptorSharedEncryptedOnceIV;
stream.Write(buffer, 0, buffer.Length);
buffer = secret.EncryptorSharedEncryptedOnceKey;
stream.Write(buffer, 0, buffer.Length);
buffer = secret.EncryptedData;
stream.Position = 0;
buffer = hashAlgorithm.ComputeHash(stream);
stream.Close();
stream.Dispose();
secret.EncryptorHashSignature = encryptorPrivateKeyPfxProvider.SignHash
(
buffer
, Enum.GetName
(
signHashMode.GetType()
, signHashMode
)
);
secret.EncryptorPublicKeyCerRawData = encryptorPublicKeyCer.RawData;
secret.SignHashMode = signHashMode;
secret.DoOAEPadding = DoOAEPadding;
return secret;
}
public static byte[] HybridDecrypt
(
RSACryptoServiceProvider decryptorPrivateKeyPfxProvider
, RSACryptoServiceProvider encryptorPublicKeyCerProvider
, Secret data
)
{
byte[] buffer = null;
HashAlgorithm hashAlgorithm;
if (data.SignHashMode == HashSignatureMode.SHA1)
{
hashAlgorithm = new SHA1CryptoServiceProvider();
}
else //(hashSignatureMode == HashSignatureMode.MD5)
{
hashAlgorithm = new MD5CryptoServiceProvider();
}
using (MemoryStream stream = new MemoryStream())
{
buffer = data.EncryptorSharedEncryptedOnceIV;
stream.Write(buffer, 0, buffer.Length);
buffer = data.EncryptorSharedEncryptedOnceKey;
stream.Write(buffer, 0, buffer.Length);
buffer = data.EncryptedData;
stream.Position = 0;
buffer = hashAlgorithm.ComputeHash(stream);
stream.Close();
}
//X509Certificate2 encryptorPublicKeyCer = new X509Certificate2(data.EncryptorPublicKeyCerRawData);
//RSACryptoServiceProvider encryptorPublicKeyCerProvider = encryptorPublicKeyCer.PublicKey.Key as RSACryptoServiceProvider;
if (encryptorPublicKeyCerProvider.VerifyHash
(
buffer
, Enum.GetName
(
data.SignHashMode.GetType()
, data.SignHashMode
)
, data.EncryptorHashSignature
)
)
{
//decryptorPrivateKeyPfxProvider = decryptorPrivateKeyPfx.PrivateKey as RSACryptoServiceProvider;
using (TripleDESCryptoServiceProvider des = new TripleDESCryptoServiceProvider())
{
buffer = data.EncryptorSharedEncryptedOnceIV;
buffer = decryptorPrivateKeyPfxProvider.Decrypt(buffer, data.DoOAEPadding);
des.IV = buffer;
buffer = data.EncryptorSharedEncryptedOnceKey;
buffer = decryptorPrivateKeyPfxProvider.Decrypt(buffer, data.DoOAEPadding);
des.Key = buffer;
buffer = data.EncryptedData;
buffer = des.CreateDecryptor().TransformFinalBlock(buffer, 0, buffer.Length);
}
}
else
{
buffer = null;
}
return(buffer);
}
