private static byte[] GetHash(string input, eHashType hash)
{
byte[] inputBytes = Encoding.ASCII.GetBytes(input);
switch (hash)
{
case eHashType.HMAC:
return(HMAC.Create().ComputeHash(inputBytes));
case eHashType.HMACMD5:
return(HMACMD5.Create().ComputeHash(inputBytes));
case eHashType.HMACSHA1:
return(HMACSHA1.Create().ComputeHash(inputBytes));
case eHashType.HMACSHA256:
return(HMACSHA256.Create().ComputeHash(inputBytes));
case eHashType.HMACSHA384:
return(HMACSHA384.Create().ComputeHash(inputBytes));
case eHashType.HMACSHA512:
return(HMACSHA512.Create().ComputeHash(inputBytes));
case eHashType.MACTripleDES:
return(MACTripleDES.Create().ComputeHash(inputBytes));
case eHashType.MD5:
return(MD5.Create().ComputeHash(inputBytes));
case eHashType.RIPEMD160:
return(RIPEMD160.Create().ComputeHash(inputBytes));
case eHashType.SHA1:
return(SHA1.Create().ComputeHash(inputBytes));
case eHashType.SHA256:
return(SHA256.Create().ComputeHash(inputBytes));
case eHashType.SHA384:
return(SHA384.Create().ComputeHash(inputBytes));
case eHashType.SHA512:
return(SHA512.Create().ComputeHash(inputBytes));
default:
return(inputBytes);
}
}
/// <summary>
/// Sets up all security stuff for encrypting content and checking integrity.
/// </summary>
/// <param name="password">The password.</param>
protected void SetupSecurityAlgorithms(string password)
{
lock (this)
{
if ((this.ZpaFeatureFlags & ZpaFeatureFlags.ElectronicCodebookEncryption) != 0 ||
(this.ZpaFeatureFlags & ZpaFeatureFlags.CipherBlockChainingEncryption) != 0)
{
// encryption
this.SymmetricAlgorithm = Rijndael.Create();
this.SymmetricAlgorithm.Key = ZeroProofAuthorizationUtility.GeneratePasswordBasedSequence("Key" + password, this.Salt, 32);
this.SymmetricAlgorithm.IV = ZeroProofAuthorizationUtility.GeneratePasswordBasedSequence("IV" + password, this.Salt, 16);
this.SymmetricAlgorithm.Mode = (this.ZpaFeatureFlags & ZpaFeatureFlags.ElectronicCodebookEncryption) != 0 ? CipherMode.ECB : CipherMode.CBC;
this._encryptor = this.SymmetricAlgorithm.CreateEncryptor();
this._decryptor = this.SymmetricAlgorithm.CreateDecryptor();
}
// and integrity checking
if ((this.ZpaFeatureFlags & ZpaFeatureFlags.Mac3DesCbcSigning) != 0)
{
this.KeyedHashAlgorithm = MACTripleDES.Create();
}
if ((this.ZpaFeatureFlags & ZpaFeatureFlags.HmacSha1Signing) != 0)
{
this.KeyedHashAlgorithm = HMACSHA1.Create();
}
if (this.KeyedHashAlgorithm != null)
{
this.KeyedHashAlgorithm.Key = ZeroProofAuthorizationUtility.GeneratePasswordBasedSequence("M3D" + password, this.Salt, 24);
}
// LOG:
BinaryLogWriter binaryLogWriter = GenuineLoggingServices.BinaryLogWriter;
if (binaryLogWriter != null && binaryLogWriter[LogCategory.Security] > 0)
{
binaryLogWriter.WriteEvent(LogCategory.Security, "SecuritySession_BaseZpaSession.SetupSecurityAlgorithms",
LogMessageType.SecuritySessionKey, null, null, this.Remote, null,
GenuineUtility.CurrentThreadId, Thread.CurrentThread.Name, this,
this.Name, -1,
0, 0, 0, string.Format("Zero Proof Authorization Flags: {0} Encryption: {1} Data Integrity: {2}", Enum.Format(typeof(ZpaFeatureFlags), this.ZpaFeatureFlags, "g"), this.SymmetricAlgorithm == null ? "No" : this.SymmetricAlgorithm.GetType().ToString(), this.KeyedHashAlgorithm == null ? "No" : this.KeyedHashAlgorithm.GetType().ToString()),
null, null, null,
"Security Session security information is initialized.");
}
}
}
///<summary>
/// Hash an input string and return the hash as
/// a 40 character hexadecimal string.
/// </summary>
public static string GetMACTripleDESHash(string input)
{
// Create a new instance of the MACTripleDESCryptoServiceProvider object.
KeyedHashAlgorithm macTripleDESHasher = MACTripleDES.Create();
// Convert the input string to a byte array and compute the hash.
byte[] data = macTripleDESHasher.ComputeHash(Encoding.Default.GetBytes(input));
// Create a new Stringbuilder to collect the bytes
// and create a string.
StringBuilder sBuilder = new StringBuilder();
// Loop through each byte of the hashed data
// and format each one as a hexadecimal string.
for (int i = 0; i < data.Length; i++)
{
sBuilder.Append(data[i].ToString("x2"));
}
// Return the hexadecimal string.
return(sBuilder.ToString());
}
/// <summary>ハッシュ(キー付き)サービスプロバイダの生成</summary>
/// <param name="ekha">ハッシュ(キー付き)サービスプロバイダの列挙型</param>
/// <returns>ハッシュ(キー付き)サービスプロバイダ</returns>
private static KeyedHashAlgorithm CreateKeyedHashAlgorithmServiceProvider(EnumKeyedHashAlgorithm ekha)
{
// ハッシュ(キー付き)サービスプロバイダ
KeyedHashAlgorithm kha = null;
if (ekha == EnumKeyedHashAlgorithm.Default)
{
// 既定の暗号化サービスプロバイダ
kha = KeyedHashAlgorithm.Create(); // devps(1703)
}
else if (ekha == EnumKeyedHashAlgorithm.HMACSHA1)
{
// HMACSHA1サービスプロバイダ
kha = HMACSHA1.Create(); // devps(1703)
}
else if (ekha == EnumKeyedHashAlgorithm.MACTripleDES)
{
// MACTripleDESサービスプロバイダ
kha = MACTripleDES.Create(); // devps(1703)
}
return(kha);
}
public HashAlgorithm CreateMACTripleDES() => MACTripleDES.Create();
