public string Decode(string token, int?ttl = null) { var tokenBytes = token.FromBase62(); var headerBytes = new byte[HeaderBytes]; Buffer.BlockCopy(tokenBytes, 0, headerBytes, 0, HeaderBytes); var nonceBytes = new byte[NonceBytes]; Buffer.BlockCopy(headerBytes, VersionByte + TimestampBytes, nonceBytes, 0, NonceBytes); var cipherBytes = new byte[tokenBytes.Length - HeaderBytes]; Buffer.BlockCopy(tokenBytes, headerBytes.Length, cipherBytes, 0, cipherBytes.Length); var keyBytes = new byte[Snuffle.KEY_SIZE_IN_BYTES]; Buffer.BlockCopy(_key.ToCharArray(), 0, keyBytes, 0, _key.ToCharArray().Length); var aead = new ChaCha20Poly1305(keyBytes); var cipherText = aead.Decrypt(cipherBytes, null, nonceBytes); return(cipherText.GetString()); }
private void TestExceptions() { ChaCha20Poly1305 c = new ChaCha20Poly1305(); try { c = new ChaCha20Poly1305(new SipHash()); Fail("incorrect mac size not picked up"); } catch (ArgumentException e) { // expected } try { c.Init(false, new KeyParameter(new byte[32])); Fail("illegal argument not picked up"); } catch (ArgumentException e) { // expected } AeadTestUtilities.TestTampering(this, c, new AeadParameters(new KeyParameter(new byte[32]), 128, new byte[12])); byte[] P = Strings.ToByteArray("Hello world!"); byte[] buf = new byte[100]; c = new ChaCha20Poly1305(); AeadParameters aeadParameters = new AeadParameters(new KeyParameter(new byte[32]), 128, new byte[12]); c.Init(true, aeadParameters); c.ProcessBytes(P, 0, P.Length, buf, 0); c.DoFinal(buf, 0); try { c.DoFinal(buf, 0); Fail("no exception on reuse"); } catch (InvalidOperationException e) { IsTrue("wrong message", e.Message.Equals("ChaCha20Poly1305 cannot be reused for encryption")); } try { c.Init(true, aeadParameters); Fail("no exception on reuse"); } catch (ArgumentException e) { IsTrue("wrong message", e.Message.Equals("cannot reuse nonce for ChaCha20Poly1305 encryption")); } }
public void RandomNonceTest() { var rnd = new Random(); var key = new byte[Snuffle.KEY_SIZE_IN_BYTES]; rnd.NextBytes(key); var aead = new ChaCha20Poly1305(key); var message = new byte[0]; var aad = new byte[0]; var ciphertexts = new HashSet <string>(); var samples = 1 << 17; for (var i = 0; i < samples; i++) { var ct = aead.Encrypt(message, aad); var ctHex = CryptoBytes.ToHexStringLower(ct); Assert.IsFalse(ciphertexts.Contains(ctHex)); ciphertexts.Add(ctHex); } Assert.AreEqual(samples, ciphertexts.Count); }
private void RunTestCase( string testName, byte[] K, byte[] N, byte[] A, byte[] SA, byte[] P, byte[] C, byte[] T) { AeadParameters parameters = new AeadParameters(new KeyParameter(K), T.Length * 8, N, A); ChaCha20Poly1305 encCipher = InitCipher(true, parameters); ChaCha20Poly1305 decCipher = InitCipher(false, parameters); CheckTestCase(encCipher, decCipher, testName, SA, P, C, T); encCipher = InitCipher(true, parameters); CheckTestCase(encCipher, decCipher, testName + " (reused)", SA, P, C, T); // Key reuse AeadParameters keyReuseParams = AeadTestUtilities.ReuseKey(parameters); try { encCipher.Init(true, keyReuseParams); Fail("no exception"); } catch (ArgumentException e) { IsTrue("wrong message", "cannot reuse nonce for ChaCha20Poly1305 encryption".Equals(e.Message)); } }
public DNSCrypt(IOptionsMonitor <DNSCryptOptions> DNSCryptOptions) { Options = DNSCryptOptions; Random = new Random(); Client = new UdpClient { Client = { SendTimeout = Options.CurrentValue.Timeout, ReceiveTimeout = Options.CurrentValue.Timeout } }; Stamp = (DNSCryptStamp)Options.CurrentValue.Stamp.Value; IPEndPoint = IPEndPoint.Parse(Stamp.Address); var ClientCurve25519 = new Curve25519(); ClientPublicKey = ClientCurve25519.GetPublicKey(); ClientPrivateKey = ClientCurve25519.GetPrivateKey(); ChaCha20Poly1305 = new ChaCha20Poly1305(); IsInitialized = false; }
public void DecryptWhenNonceIsEmptyFails() { // Arrange, Act & Assert var aead = new ChaCha20Poly1305(new byte[Snuffle.KEY_SIZE_IN_BYTES]); Assert.Throws <CryptographicException>(() => aead.Decrypt(new byte[50], new byte[0], new byte[0]), EXCEPTION_MESSAGE_NONCE_LENGTH); }
public void EncryptDecryptLongMessagesWithNonceTest() { var rnd = new Random(); var dataSize = 16; while (dataSize <= (1 << 24)) { var plaintext = new byte[dataSize]; rnd.NextBytes(plaintext); var aad = new byte[dataSize / 3]; rnd.NextBytes(aad); var nonce = new byte[12]; rnd.NextBytes(nonce); var key = new byte[Snuffle.KEY_SIZE_IN_BYTES]; rnd.NextBytes(key); var aead = new ChaCha20Poly1305(key); var ciphertext = aead.Encrypt(plaintext, aad, nonce); var decrypted = aead.Decrypt(ciphertext, aad, nonce); //Assert.AreEqual(plaintext, decrypted); Assert.IsTrue(CryptoBytes.ConstantTimeEquals(plaintext, decrypted)); dataSize += 5 * dataSize / 11; } }
public void Decrypt(Tests.Vectors.Rfc8439TestVector test) { var aead = new ChaCha20Poly1305(test.Key); var plaintext = new byte[test.CipherText.Length]; aead.Decrypt(test.Nonce, test.CipherText, test.Tag, plaintext, test.Aad); }
public void DecryptWhenNonceLengthIsInvalidFails() { // Arrange, Act & Assert var aead = new ChaCha20Poly1305(new byte[Snuffle.KEY_SIZE_IN_BYTES]); Assert.Throws <CryptographicException>(() => aead.Decrypt(new byte[50], new byte[0], new byte[12 + TestHelpers.ReturnRandomPositiveNegative()]), EXCEPTION_MESSAGE_NONCE_LENGTH); }
private ChaCha20Poly1305 InitCipher(bool forEncryption, AeadParameters parameters) { ChaCha20Poly1305 c = new ChaCha20Poly1305(); c.Init(forEncryption, parameters); return(c); }
public void EncryptDecryptWithNonceTest() { var rnd = new Random(); var key = new byte[Snuffle.KEY_SIZE_IN_BYTES]; rnd.NextBytes(key); var aead = new ChaCha20Poly1305(key); for (var i = 0; i < 100; i++) { var message = new byte[100]; rnd.NextBytes(message); var aad = new byte[16]; rnd.NextBytes(aad); var nonce = new byte[12]; rnd.NextBytes(nonce); var ciphertext = aead.Encrypt(message, aad, nonce); var decrypted = aead.Decrypt(ciphertext, aad, nonce); //Assert.AreEqual(message, decrypted); Assert.IsTrue(CryptoBytes.ConstantTimeEquals(message, decrypted)); } }
private byte[] GenerateCipherStream(byte[] key, uint fillerSize) { byte[] zeroData = new byte[fillerSize]; var cipher = ChaCha20Poly1305.ChaCha20Encrypt(zeroData, key, Nonce); return(cipher); }
/// <summary>Method which encrypts a string using ChaCha20.</summary> private void Encrypt() { var enc = new ChaCha20Poly1305(Encoding.ASCII.GetBytes(Key)); EncryptedPassword = enc.Encrypt(Encoding.ASCII.GetBytes(HashedPassword)); EncryptedPasswordb64 = Convert.ToBase64String(EncryptedPassword); }
private byte[] EncryptOrDecrypt(bool forEncryption, byte[] data, byte[] key, byte[] nonce) { if (ExpectedKeySize != key.Length) { throw new CryptoException("Invalid key size"); } if (ExpectedNonceSize != nonce.Length) { throw new CryptoException("Invalid nonce size"); } // We do the X-part of XChaCha20 and then use the ChaCha20 from bouncy castle byte[] subkey = new byte[KeySizeBytes]; ChaCha20Base.HChaCha20(subkey, key, nonce); byte[] chaChaNonce = CreateChaChaNonce(nonce); ICipherParameters aeadParams = new AeadParameters( new KeyParameter(subkey), MacSizeBytes * 8, chaChaNonce, null); IAeadCipher chaCha20Poly1305 = new ChaCha20Poly1305(); chaCha20Poly1305.Init(forEncryption, aeadParams); byte[] result = new byte[chaCha20Poly1305.GetOutputSize(data.Length)]; int len = chaCha20Poly1305.ProcessBytes(data, 0, data.Length, result, 0); chaCha20Poly1305.DoFinal(result, len); return(result); }
public static void Properties() { var a = new ChaCha20Poly1305(); Assert.Equal(32, a.KeySize); Assert.Equal(12, a.NonceSize); Assert.Equal(16, a.TagSize); }
public void DecryptWithNonceWhenCiphertextIsTooShortFails() { // Arrange & Act var aead = new ChaCha20Poly1305(new byte[Snuffle.KEY_SIZE_IN_BYTES]); // Assert Assert.Throws <CryptographicException>(() => aead.Decrypt(new byte[27], new byte[1], new byte[1])); }
//Can we change the ChaCha20Poly1305 input to some kind of ICrypto interface or action with 'Encrypt' and 'Decrypt'? private void Pack(IBufferWriter <byte> output, CryptoDtoHeaderDto header, ChaCha20Poly1305 crypto, ReadOnlySpan <byte> dtoNameBuffer, ReadOnlySpan <byte> dtoBuffer) { lock (bufferLock) { headerBuffer.Clear(); MessagePackSerializer.Serialize(headerBuffer, header); ReadOnlySpan <byte> headerBytes = headerBuffer.WrittenSpan; ushort headerLength = (ushort)headerBytes.Length; BinaryPrimitives.WriteUInt16LittleEndian(headerLengthBytes, headerLength); ushort dtoNameLength = (ushort)dtoNameBuffer.Length; BinaryPrimitives.WriteUInt16LittleEndian(dtoNameLengthBytes, dtoNameLength); ushort dtoLength = (ushort)dtoBuffer.Length; BinaryPrimitives.WriteUInt16LittleEndian(dtoLengthBytes, dtoLength); switch (header.Mode) { case CryptoDtoMode.ChaCha20Poly1305: { int adLength = 2 + headerLength; int aeLength = 2 + dtoNameLength + 2 + dtoLength; // Copy data into associated data buffer adBuffer.Clear(); adBuffer.Write(headerLengthBytes); adBuffer.Write(headerBytes); // Copy data into authenticated encryption buffer aeBuffer.Clear(); aeBuffer.Write(dtoNameLengthBytes); aeBuffer.Write(dtoNameBuffer); aeBuffer.Write(dtoLengthBytes); aeBuffer.Write(dtoBuffer); Span <byte> nonceSpan = new Span <byte>(nonceBytes); BinaryPrimitives.WriteUInt64LittleEndian(nonceSpan.Slice(4), header.Sequence); var adSpan = adBuffer.WrittenSpan; var aeSpan = aeBuffer.WrittenSpan; var cipherTextSpan = cipherText.Span.Slice(0, aeLength); cipherTextSpan.Clear(); Span <byte> tagSpan = tagBuffer; tagSpan.Clear(); crypto.Encrypt(nonceSpan, aeSpan, cipherTextSpan, tagSpan, adSpan); output.Write(adSpan); output.Write(cipherTextSpan); output.Write(tagSpan); break; } default: throw new CryptographicException("Mode not recognised"); } } }
public void ModifiedCiphertextFails() { var rnd = new Random(); var key = new byte[Snuffle.KEY_SIZE_IN_BYTES]; rnd.NextBytes(key); var aad = new byte[16]; rnd.NextBytes(aad); var message = new byte[32]; rnd.NextBytes(message); var aead = new ChaCha20Poly1305(key); var ciphertext = aead.Encrypt(message, aad); // Flipping bits for (var b = 0; b < ciphertext.Length; b++) { for (var bit = 0; bit < 8; bit++) { var modified = new byte[ciphertext.Length]; Array.Copy(ciphertext, modified, ciphertext.Length); modified[b] ^= (byte)(1 << bit); Assert.Throws <CryptographicException>(() => aead.Decrypt(modified, aad), SnufflePoly1305.AEAD_EXCEPTION_INVALID_TAG); } } // Truncate the message for (var length = 0; length < ciphertext.Length; length++) { var modified = new byte[length]; Array.Copy(ciphertext, modified, length); Assert.Throws <CryptographicException>(() => aead.Decrypt(modified, aad), SnufflePoly1305.AEAD_EXCEPTION_INVALID_TAG); } // Modify AAD for (var b = 0; b < aad.Length; b++) { for (var bit = 0; bit < 8; bit++) { var modified = new byte[aad.Length]; Array.Copy(aad, modified, aad.Length); modified[b] ^= (byte)(1 << bit); Assert.Throws <CryptographicException>(() => aead.Decrypt(modified, aad), SnufflePoly1305.AEAD_EXCEPTION_INVALID_TAG); } } }
public void EncryptWithADTestWithoutPlainTextMacTest() { String key = "e68f69b7f096d7917245f5e5cf8ae1595febe4d4644333c99f9c4a1282031c9f"; String additionalData = "9e0e7de8bb75554f21db034633de04be41a2b8a18da7a319a03c803bf02b396c"; String expectedCipherResult = "0df6086551151f58b8afe6c195782c6a"; Nonce nonce = new Nonce(); (byte[] actualCipherText, byte[] mac) = ChaCha20Poly1305.EncryptWithAdditionalData(key.HexToByteArray(), nonce.GetBytes(), additionalData.HexToByteArray(), new byte[0]); Assert.Equal(new byte[0], actualCipherText); Assert.Equal(expectedCipherResult, mac.ToHex()); }
private static byte[] Pack(string channelTag, CryptoDtoMode mode, ReadOnlySpan <byte> transmitKey, ulong sequenceToBeSent, byte[] dtoNameBuffer, byte[] dtoBuffer) { CryptoDtoHeaderDto header = new CryptoDtoHeaderDto { ChannelTag = channelTag, Sequence = sequenceToBeSent, Mode = mode }; var headerBuffer = MessagePackSerializer.Serialize(header); ushort headerLength = (ushort)headerBuffer.Length; ushort dtoNameLength = (ushort)dtoNameBuffer.Length; ushort dtoLength = (ushort)dtoBuffer.Length; switch (header.Mode) { case CryptoDtoMode.ChaCha20Poly1305: { int aePayloadLength = 2 + dtoNameLength + 2 + dtoLength; var aePayloadBuffer = new byte[aePayloadLength]; Array.Copy(BitConverter.GetBytes(dtoNameLength), 0, aePayloadBuffer, 0, 2); Array.Copy(dtoNameBuffer, 0, aePayloadBuffer, 2, dtoNameLength); Array.Copy(BitConverter.GetBytes(dtoLength), 0, aePayloadBuffer, 2 + dtoNameLength, 2); Array.Copy(dtoBuffer, 0, aePayloadBuffer, 2 + dtoNameLength + 2, dtoLength); int adPayloadLength = 2 + headerLength; var adPayloadBuffer = new byte[adPayloadLength]; Array.Copy(BitConverter.GetBytes(headerLength), 0, adPayloadBuffer, 0, 2); Array.Copy(headerBuffer, 0, adPayloadBuffer, 2, headerLength); Span <byte> nonceBuffer = stackalloc byte[Aead.NonceSize]; BinaryPrimitives.WriteUInt64LittleEndian(nonceBuffer.Slice(4), header.Sequence); var aead = new ChaCha20Poly1305(transmitKey.ToArray()); byte[] aeadPayload = aead.Encrypt(aePayloadBuffer, adPayloadBuffer, nonceBuffer); int aeadPayloadLength = aeadPayload.Length; byte[] packetBuffer = new byte[2 + headerLength + aeadPayloadLength]; Array.Copy(BitConverter.GetBytes(headerLength), 0, packetBuffer, 0, 2); Array.Copy(headerBuffer, 0, packetBuffer, 2, headerLength); Array.Copy(aeadPayload, 0, packetBuffer, 2 + headerLength, aeadPayloadLength); return(packetBuffer); } default: throw new CryptographicException("Mode not recognised"); } }
private static byte[] XChaCha20Poly1305(bool isEncryption, byte[] key, byte[] nonce, byte[] message, byte[] aad = null) { if (key.Length != 32) { throw new ArgumentException("Key must be 32 bytes", nameof(key)); } if (nonce.Length != 24) { throw new ArgumentException("Nonce must be 24 bytes", nameof(nonce)); } // subkey (hchacha20(key, nonce[0:15])) var subkey = HChaCha20.CreateSubkey(key, nonce); // TODO: parse nonce bytes to pass through here instead // nonce (chacha20_nonce = "\x00\x00\x00\x00" + nonce[16:23]) var chaChaNonce = new byte[12]; Array.Copy(new byte[] { 0, 0, 0, 0 }, chaChaNonce, 4); Array.Copy(nonce, 16, chaChaNonce, 4, 8); // chacha20_encrypt(subkey, chacha20_nonce, plaintext, blk_ctr) var outputLength = message.Length; if (isEncryption) { outputLength += 16; } else { outputLength -= 16; } var output = new byte[outputLength]; var keyMaterial = new KeyParameter(subkey); var parameters = new ParametersWithIV(keyMaterial, chaChaNonce); var chaCha20Poly1305 = new ChaCha20Poly1305(); chaCha20Poly1305.Init(isEncryption, parameters); // if aditional data present if (aad != null) { chaCha20Poly1305.ProcessAadBytes(aad, 0, aad.Length); } var len = chaCha20Poly1305.ProcessBytes(message, 0, message.Length, output, 0); chaCha20Poly1305.DoFinal(output, len); return(output); }
public static void EncryptDecryptNullTag() { byte[] key = "fde37f01fe9ca260f432e0ed98b3e0bb23895ca1ca1ce2cfcaaca2ccc98889d7".HexToByteArray(); byte[] nonce = new byte[NonceSizeInBytes]; byte[] plaintext = new byte[0]; byte[] ciphertext = new byte[0]; using (var chaChaPoly = new ChaCha20Poly1305(key)) { Assert.Throws <ArgumentNullException>(() => chaChaPoly.Encrypt(nonce, plaintext, ciphertext, (byte[])null)); Assert.Throws <ArgumentNullException>(() => chaChaPoly.Decrypt(nonce, ciphertext, (byte[])null, plaintext)); } }
internal Deserializer(CryptoDtoChannelStore channelStore, ReadOnlySpan <byte> bytes, bool ignoreSequence) { sequenceValid = false; headerLength = Unsafe.ReadUnaligned <ushort>(ref MemoryMarshal.GetReference(bytes)); //.NET Standard 2.0 doesn't have BitConverter.ToUInt16(Span<T>) if (bytes.Length < (2 + headerLength)) { throw new CryptographicException("Not enough bytes to process packet."); } ReadOnlySpan <byte> headerDataBuffer = bytes.Slice(2, headerLength); header = MessagePackSerializer.Deserialize <CryptoDtoHeaderDto>(headerDataBuffer.ToArray()); ReadOnlySpan <byte> receiveKey = channelStore.GetReceiveKey(header.ChannelTag, header.Mode); //This will throw exception if channel tag isn't in the store switch (header.Mode) { case CryptoDtoMode.ChaCha20Poly1305: { int aeLength = bytes.Length - (2 + headerLength); ReadOnlySpan <byte> aePayloadBuffer = bytes.Slice(2 + headerLength, aeLength); ReadOnlySpan <byte> adBuffer = bytes.Slice(0, 2 + headerLength); Span <byte> nonceBuffer = stackalloc byte[Aead.NonceSize]; BinaryPrimitives.WriteUInt64LittleEndian(nonceBuffer.Slice(4), header.Sequence); var aead = new ChaCha20Poly1305(receiveKey.ToArray()); ReadOnlySpan <byte> decryptedPayload = aead.Decrypt(aePayloadBuffer.ToArray(), adBuffer.ToArray(), nonceBuffer); if (ignoreSequence) { sequenceValid = channelStore.IsReceivedSequenceAllowed(header.ChannelTag, header.Sequence); } else { channelStore.CheckReceivedSequence(header.ChannelTag, header.Sequence); //The packet has passed MAC, so now check if it's being duplicated or replayed sequenceValid = true; } dtoNameLength = Unsafe.ReadUnaligned <ushort>(ref MemoryMarshal.GetReference(decryptedPayload)); //.NET Standard 2.0 doesn't have BitConverter.ToUInt16(Span<T>) dtoNameBuffer = decryptedPayload.Slice(2, dtoNameLength); dataLength = Unsafe.ReadUnaligned <ushort>(ref MemoryMarshal.GetReference(decryptedPayload.Slice(2 + dtoNameLength, 2))); //.NET Standard 2.0 doesn't have BitConverter.ToUInt16(Span<T>) dataBuffer = decryptedPayload.Slice(2 + dtoNameLength + 2, dataLength); break; } default: throw new CryptographicException("Mode not recognised"); } }
public static void PlaintextAndCiphertextSizeDiffer(int ptLen, int ctLen) { byte[] key = new byte[KeySizeInBytes]; byte[] nonce = new byte[NonceSizeInBytes]; byte[] plaintext = new byte[ptLen]; byte[] ciphertext = new byte[ctLen]; byte[] tag = new byte[TagSizeInBytes]; using (var chaChaPoly = new ChaCha20Poly1305(key)) { Assert.Throws <ArgumentException>(() => chaChaPoly.Encrypt(nonce, plaintext, ciphertext, tag)); Assert.Throws <ArgumentException>(() => chaChaPoly.Decrypt(nonce, ciphertext, tag, plaintext)); } }
public byte[] ReadMessageData(byte[] messageData) { (byte[] decryptedMessage, _) = ChaCha20Poly1305.DecryptWithAdditionalData(_transportState.ReceiveDecryptionKey, _transportState.ReceiveNonce.GetBytes(), new byte[0], messageData); _transportState.ReceiveNonce.Increment(); if (_transportState.ReceiveNonce.Value == 1000) { _transportState.RotateReceiveKey(); } return(decryptedMessage.SubArray(0, messageData.Length - 16)); }
public void EncryptWithADTestWithPlainText() { String key = "908b166535c01a935cf1e130a5fe895ab4e6f3ef8855d87e9b7581c4ab663ddc"; String additionalData = "90578e247e98674e661013da3c5c1ca6a8c8f48c90b485c0dfa1494e23d56d72"; String plaintext = "034f355bdcb7cc0af728ef3cceb9615d90684bb5b2ca5f859ab0f0b704075871aa"; String expectedCipherResult = "b9e3a702e93e3a9948c2ed6e5fd7590a6e1c3a0344cfc9d5b57357049aa22355361aa02e55a8fc28fef5bd6d71ad0c3822"; Nonce nonce = new Nonce(); nonce.Increment(); (byte[] actualCipherText, byte[] mac) = ChaCha20Poly1305.EncryptWithAdditionalData(key.HexToByteArray(), nonce.GetBytes(), additionalData.HexToByteArray(), plaintext.HexToByteArray()); Assert.Equal(expectedCipherResult, actualCipherText.ToHex() + mac.ToHex()); }
public static void Rfc8439Tests(AEADTest testCase) { using (var chaChaPoly = new ChaCha20Poly1305(testCase.Key)) { byte[] ciphertext = new byte[testCase.Plaintext.Length]; byte[] tag = new byte[testCase.Tag.Length]; chaChaPoly.Encrypt(testCase.Nonce, testCase.Plaintext, ciphertext, tag, testCase.AssociatedData); Assert.Equal(testCase.Ciphertext, ciphertext); Assert.Equal(testCase.Tag, tag); byte[] plaintext = new byte[testCase.Plaintext.Length]; chaChaPoly.Decrypt(testCase.Nonce, ciphertext, tag, plaintext, testCase.AssociatedData); Assert.Equal(testCase.Plaintext, plaintext); } }
/// <summary>Method which verifies that a supplied plain-text password matches the encrypted password.</summary> public bool Verify(string plaintext) { if (EncryptedPasswordb64 == null) { throw new Exception("You must have an encrypted password to verify against"); } // Unpack the Encrypted Password var base10 = Convert.FromBase64String(EncryptedPasswordb64); var dec = new ChaCha20Poly1305(Encoding.ASCII.GetBytes(Key)); var decryptedBytes = dec.Decrypt(base10); var decryptedString = Encoding.ASCII.GetString(decryptedBytes); return(PasswordHash.ArgonHashStringVerify(decryptedString, plaintext)); }
public static void InvalidTagSize(int tagSize) { int dataLength = 30; byte[] plaintext = Enumerable.Range(1, dataLength).Select((x) => (byte)x).ToArray(); byte[] ciphertext = new byte[dataLength]; byte[] key = RandomNumberGenerator.GetBytes(KeySizeInBytes); byte[] nonce = RandomNumberGenerator.GetBytes(NonceSizeInBytes); byte[] tag = new byte[tagSize]; using (var chaChaPoly = new ChaCha20Poly1305(key)) { Assert.Throws <ArgumentException>("tag", () => chaChaPoly.Encrypt(nonce, plaintext, ciphertext, tag)); } }
public void Setup() { key = new byte[Snuffle.KEY_SIZE_IN_BYTES]; rnd.NextBytes(key); message = new byte[Size]; rnd.NextBytes(message); aad = new byte[16]; rnd.NextBytes(aad); nonce = new byte[12]; rnd.NextBytes(nonce); aead = new ChaCha20Poly1305(key); }