public void DeriveKeyNodeTest() { Byte[] salt = SimpleRandomGenerator.QuickGetRandomBytes(16); Rfc2898DeriveBytesNode node = new Rfc2898DeriveBytesNode(new GraphIO <String>(String.Empty), new GraphIO <Int32>(32), new GraphIO <Byte[]>(salt), new GraphIO <Int32>(10000)); Byte[] key1 = null; Byte[] key2 = null; Object output = null; if (GraphBuilder.ExecuteIsolatedNode(node, node.Password, node.DervivedKey, "This is my passphrase!", out output)) { key1 = (Byte[])output; if (GraphBuilder.ExecuteIsolatedNode(node, node.Password, node.DervivedKey, "This is my passphrase!", out output)) { key2 = (Byte[])output; Assert.IsTrue(key1.SequenceEqual(key2)); } else { Assert.Fail(); } } else { Assert.Fail(); } }
public void AESEncryptEncodeDecodeDecryptNodeTest() { Byte[] salt = SimpleRandomGenerator.QuickGetRandomBytes(16); String password = "******"; String plainText = "Testing testing, 123."; GraphBuilder encryptGraph = new GraphBuilder(); GraphIO <String> passwordInput = new GraphIO <String>(plainText); GraphIO <Int32> keyLengthInput = new GraphIO <Int32>(32); GraphIO <Byte[]> saltInput = new GraphIO <Byte[]>(salt); Rfc2898DeriveBytesNode deriveEncryptKeyNode = new Rfc2898DeriveBytesNode(passwordInput, keyLengthInput, saltInput, new GraphIO <Int32>(10000)); AESEncryptNode encryptNode = new AESEncryptNode(new GraphIO <String>(plainText), new GraphIO <Byte[]>(null), deriveEncryptKeyNode.DervivedKey); Base64EncodeNode encodeNode = new Base64EncodeNode(encryptNode.EncryptedData); encryptGraph.AddNode("deriveNode", deriveEncryptKeyNode); encryptGraph.AddNode("encryptNode", encryptNode); encryptGraph.AddNode("encodeNode", encodeNode); encryptGraph.CreateRoute("encrypt", deriveEncryptKeyNode.Password, encodeNode.EncodedData, "deriveNode", new String[] { "deriveNode", "encryptNode", "encodeNode" }); Object output = null; if (encryptGraph.Process(true, "encrypt", password, out output)) { String encryptedEncoded = (String)output; GraphBuilder decryptGraph = new GraphBuilder(); GraphIO <String> encryptedEncodedInput = new GraphIO <String>(encryptedEncoded); Rfc2898DeriveBytesNode deriveDecryptKeyNode = new Rfc2898DeriveBytesNode(new GraphIO <String>(String.Empty), new GraphIO <Int32>(32), new GraphIO <Byte[]>(salt), new GraphIO <Int32>(10000)); Base64DecodeNode decodeNode = new Base64DecodeNode(encryptedEncodedInput); AESDecryptNode decryptNode = new AESDecryptNode(decodeNode.UnencodedData, new GraphIO <Byte[]>(null), deriveDecryptKeyNode.DervivedKey); decryptGraph.AddNode("deriveNode", deriveDecryptKeyNode); decryptGraph.AddNode("decodeNode", decodeNode); decryptGraph.AddNode("decryptNode", decryptNode); decryptGraph.CreateRoute("decrypt", deriveDecryptKeyNode.Password, decryptNode.UnencryptedData, "deriveNode", new String[] { "deriveNode", "decodeNode", "decryptNode" }); if (decryptGraph.Process(true, "decrypt", password, out output)) { String decodedDecrypted = (String)output; Assert.IsTrue(decodedDecrypted == plainText); } } }
public void EncryptDecryptSimpleStringTest() { string plainText = "Hello World!"; byte[] plainBytes = System.Text.Encoding.UTF8.GetBytes(plainText); byte[] iv = SimpleRandomGenerator.QuickGetRandomBytes(16); byte[] key = SimpleRandomGenerator.QuickGetRandomBytes(32); byte[] cipherBytes = AESUtility.EncryptBytes(plainBytes, key, iv); byte[] decryptedBytes = AESUtility.DecryptBytes(cipherBytes, key, iv); string decryptedPlainText = System.Text.Encoding.UTF8.GetString(decryptedBytes); Assert.AreEqual(plainText, decryptedPlainText); }
public Boolean Process() { Boolean retVal = false; try { _state = Common.NodeState.Processing; DLoggerManager.Instance.Logger.Log(DFramework.Logging.Interfaces.LoggerMessageType.VerboseHigh | DFramework.Logging.Interfaces.LoggerMessageType.Information | DFramework.Logging.Interfaces.LoggerMessageType.Sensitive, "Processing AESEncryptNode."); Boolean randomIV = false; if (IV.Value == null) { Byte[] iv = SimpleRandomGenerator.QuickGetRandomBytes(16); IV.SetValue(iv); randomIV = true; } Byte[] inBlock = UnicodeEncoding.Unicode.GetBytes((String)PlainText.Value); DLoggerManager.Instance.Logger.Log(DFramework.Logging.Interfaces.LoggerMessageType.VerboseHigh | DFramework.Logging.Interfaces.LoggerMessageType.Information | DFramework.Logging.Interfaces.LoggerMessageType.Sensitive, "Creating AES encryptor."); DLoggerManager.Instance.Logger.Log(DFramework.Logging.Interfaces.LoggerMessageType.VerboseHigh | DFramework.Logging.Interfaces.LoggerMessageType.Information | DFramework.Logging.Interfaces.LoggerMessageType.Sensitive, "Key = {0}.", ((Byte[])Key.Value).ToPrettyString()); DLoggerManager.Instance.Logger.Log(DFramework.Logging.Interfaces.LoggerMessageType.VerboseHigh | DFramework.Logging.Interfaces.LoggerMessageType.Information | DFramework.Logging.Interfaces.LoggerMessageType.Sensitive, "IV = {0}.", ((Byte[])IV.Value).ToPrettyString()); DLoggerManager.Instance.Logger.Log(DFramework.Logging.Interfaces.LoggerMessageType.VerboseHigh | DFramework.Logging.Interfaces.LoggerMessageType.Information | DFramework.Logging.Interfaces.LoggerMessageType.Sensitive, "Input = {0}.", inBlock.ToPrettyString()); Byte[] outBlock = AESUtility.EncryptBytes(inBlock, (Byte[])Key.Value, (Byte[])IV.Value); if (randomIV) { using (MemoryStream dataWithIV = new MemoryStream()) { dataWithIV.Write(IV.Value, 0, IV.Value.Length); dataWithIV.Write(outBlock, 0, outBlock.Length); dataWithIV.Flush(); _encryptedData.SetValue(dataWithIV.ToArray()); } } else { _encryptedData.SetValue(outBlock); } retVal = true; } finally { _state = Common.NodeState.Processed; if (retVal) { Processed?.Invoke(this, EventArgs.Empty); } } if (retVal) { if (_next != null && _next.Length > 0) { return(_next[0].Process()); } else { return(true); } } else { return(false); } }
public object Write( object data, string masterPassphrase, params KeyValuePair<string, string>[] parameters) { if (data.GetType() != typeof(Vault)) throw new ArgumentException("Data must be of type 'Vault'.", "data"); DLoggerManager.Instance.Logger.Log(DFramework.Logging.Interfaces.LoggerMessageType.VerboseHigh | DFramework.Logging.Interfaces.LoggerMessageType.Information, "Writing Vault to AES encrypted byte array."); Dictionary<string, string> parametersDict = parameters.ToDictionary(x => x.Key, x => x.Value); Vault dataVault = (Vault)data; JSONVaultSerialiser jsonSerialiser = new JSONVaultSerialiser(); JObject json = (JObject)jsonSerialiser.Write(dataVault, String.Empty, parameters); String jsonString = json.ToString(Newtonsoft.Json.Formatting.None, null); Byte[] salt = SimpleRandomGenerator.QuickGetRandomBytes(16); GraphBuilder decryptGraph = new GraphBuilder("AESEncryptedVaultSerialiser.Read"); GraphIO<String> unencryptedInput = new GraphIO<String>(jsonString); GraphIO<Byte[]> saltInput = new GraphIO<Byte[]>(salt); //create derive node here IGraphNode keyDerivationNode = null; if (parametersDict.ContainsKey("KeyDerivationFunction")) { string keyDerivationFunction = parametersDict["KeyDerivationFunction"]; switch (keyDerivationFunction) { case "PBKDF2": { int iterationCount = int.Parse(parametersDict["IterationCount"]); keyDerivationNode = new Rfc2898DeriveBytesNode(new GraphIO<String>(String.Empty), new GraphIO<Int32>(32), saltInput, new GraphIO<int>(iterationCount)); decryptGraph.AddNode("deriveNode", keyDerivationNode); break; } case "SCRYPT": { int iterationCount = int.Parse(parametersDict["IterationCount"]); int blockSize = int.Parse(parametersDict["BlockSize"]); int threadCount = int.Parse(parametersDict["ThreadCount"]); keyDerivationNode = new SCryptDeriveBytesNode(new GraphIO<String>(String.Empty), new GraphIO<Int32>(32), saltInput, new GraphIO<int>(iterationCount), new GraphIO<int>(blockSize), new GraphIO<int>(threadCount)); decryptGraph.AddNode("deriveNode", keyDerivationNode); break; } default: { throw new InvalidOperationException(String.Format("Unknown key derivation function '{0}'.", keyDerivationFunction)); } } } else { //default setup keyDerivationNode = new Rfc2898DeriveBytesNode(new GraphIO<String>(String.Empty), new GraphIO<Int32>(32), saltInput, new GraphIO<int>(10000)); decryptGraph.AddNode("deriveNode", keyDerivationNode); } AESEncryptNode encryptNode = new AESEncryptNode(unencryptedInput, new GraphIO<Byte[]>(null), keyDerivationNode.GetBytesIO("DerivedKey")); decryptGraph.AddNode("encryptNode", encryptNode); decryptGraph.CreateRoute("encrypt", keyDerivationNode.GetStringIO("Password"), encryptNode.EncryptedData, "deriveNode", new String[] { "deriveNode", "encryptNode" }); Object output = null; if (decryptGraph.Process(true, "encrypt", masterPassphrase, out output)) { byte[] encrypted = (byte[])output; byte[] encryptedWithSalt = encrypted.AppendBytes(salt); return (encryptedWithSalt); } else { throw new Exception("Failed to encrypt Vault."); } throw new NotImplementedException(); }