public void TestWriteWithHmac() { V2DocumentHeaders headers = new V2DocumentHeaders(new EncryptionParameters(new V2Aes256CryptoFactory().CryptoId, new Passphrase("v2passzz")), 20); byte[] output; V2HmacCalculator hmacCalculator = new V2HmacCalculator(new SymmetricKey(headers.GetHmacKey())); using (V2HmacStream <MemoryStream> hmacStream = V2HmacStream.Create <MemoryStream>(hmacCalculator, new MemoryStream())) { headers.WriteStartWithHmac(hmacStream); headers.WriteEndWithHmac(hmacCalculator, hmacStream, 0, 0); hmacStream.Flush(); output = hmacStream.Chained.ToArray(); } byte[] hmacBytesFromHeaders = new byte[V2Hmac.RequiredLength]; Array.Copy(output, output.Length - V2Hmac.RequiredLength, hmacBytesFromHeaders, 0, V2Hmac.RequiredLength); V2Hmac hmacFromHeaders = new V2Hmac(hmacBytesFromHeaders); byte[] dataToHmac = new byte[output.Length - (V2Hmac.RequiredLength + 5)]; Array.Copy(output, 0, dataToHmac, 0, dataToHmac.Length); HMACSHA512 hmac = new HMACSHA512(headers.GetHmacKey()); hmac.TransformFinalBlock(dataToHmac, 0, dataToHmac.Length); V2Hmac hmacFromCalculation = new V2Hmac(hmac.Hash); Assert.That(hmacFromHeaders, Is.EqualTo(hmacFromCalculation)); }
public bool Load(Headers headers) { if (headers == null) { throw new ArgumentNullException("headers"); } headers.EnsureFileFormatVersion(4, 4); if (!IsMasterKeyKnown(headers)) { return(false); } HmacCalculator = new V2HmacCalculator(new SymmetricKey(GetHmacKey())); using (Stream hmacStream = V2HmacStream.Create(HmacCalculator)) { AxCrypt1Guid.Write(hmacStream); foreach (HeaderBlock header in headers.HeaderBlocks) { header.Write(hmacStream); } } SetDataEncryptingCryptoForEncryptedHeaderBlocks(headers.HeaderBlocks); _headers = headers; return(true); }
public static void TestCapabilities() { using (V2HmacStream <Stream> stream = V2HmacStream.Create(new V2HmacCalculator(new SymmetricKey(new byte[512])))) { Assert.That(stream.CanRead, Is.False); Assert.That(stream.CanSeek, Is.False); Assert.That(stream.CanWrite, Is.True); } }
public static void TestDispose() { using (V2HmacStream <Stream> stream = V2HmacStream.Create(new V2HmacCalculator(new SymmetricKey(new byte[512])))) { stream.Dispose(); Assert.DoesNotThrow(() => stream.Dispose()); Assert.Throws <ObjectDisposedException>(() => stream.Write(new byte[1], 0, 1)); } }
private Stream CreateEncryptedDataStream() { if (_reader.CurrentItemType != AxCryptItemType.Data) { throw new InvalidOperationException("An attempt was made to create an encrypted data stream when the reader is not positioned at the data."); } _reader.SetStartOfData(); return(V2AxCryptDataStream.Create(_reader, V2HmacStream.Create(DocumentHeaders.HmacCalculator))); }
public static void TestPosition() { using (V2HmacStream <Stream> stream = V2HmacStream.Create(new V2HmacCalculator(new SymmetricKey(new byte[512])))) { Assert.That(stream.Position, Is.EqualTo(0)); stream.Write(new byte[1], 0, 1); Assert.That(stream.Position, Is.EqualTo(1)); Assert.That(stream.Length, Is.EqualTo(1)); } }
public static void TestNotSupportedMethods() { using (V2HmacStream <Stream> stream = V2HmacStream.Create(new V2HmacCalculator(new SymmetricKey(new byte[512])))) { Assert.Throws <NotSupportedException>(() => stream.Read(new byte[1], 0, 1)); Assert.Throws <NotSupportedException>(() => stream.Seek(0, SeekOrigin.Begin)); Assert.Throws <NotSupportedException>(() => stream.SetLength(0)); Assert.Throws <NotSupportedException>(() => stream.Position = 0); } }
/// <summary> /// Encrypt a stream with a given set of headers and write to an output stream. The caller is responsible for consistency and completeness /// of the headers. Headers that are not known until encryption and compression are added here. /// </summary> /// <param name="outputDocumentHeaders"></param> /// <param name="inputStream"></param> /// <param name="outputStream"></param> public void EncryptTo(Stream inputStream, Stream outputStream, AxCryptOptions options) { if (inputStream == null) { throw new ArgumentNullException("inputStream"); } if (outputStream == null) { throw new ArgumentNullException("outputStream"); } if (options.HasMask(AxCryptOptions.EncryptWithCompression) && options.HasMask(AxCryptOptions.EncryptWithoutCompression)) { throw new ArgumentException("Invalid options, cannot specify both with and without compression."); } if (!options.HasMask(AxCryptOptions.EncryptWithCompression) && !options.HasMask(AxCryptOptions.EncryptWithoutCompression)) { throw new ArgumentException("Invalid options, must specify either with or without compression."); } DocumentHeaders.IsCompressed = options.HasMask(AxCryptOptions.EncryptWithCompression); V2HmacCalculator hmacCalculator = new V2HmacCalculator(new SymmetricKey(DocumentHeaders.GetHmacKey())); V2HmacStream <Stream> outputHmacStream = V2HmacStream.Create(hmacCalculator, outputStream); CryptoStreamBase encryptingStream = New <CryptoStreamBase>().Initialize(V2AxCryptDataStream.Create(outputHmacStream), DocumentHeaders.DataCrypto().EncryptingTransform(), CryptoStreamMode.Write); DocumentHeaders.WriteStartWithHmac(outputHmacStream); if (DocumentHeaders.IsCompressed) { using (ZOutputStream deflatingStream = new ZOutputStream(encryptingStream, -1)) { deflatingStream.FlushMode = JZlib.Z_SYNC_FLUSH; inputStream.CopyTo(deflatingStream); deflatingStream.FlushMode = JZlib.Z_FINISH; deflatingStream.Finish(); _plaintextLength = deflatingStream.TotalIn; _compressedPlaintextLength = deflatingStream.TotalOut; encryptingStream.FinalFlush(); DocumentHeaders.WriteEndWithHmac(hmacCalculator, outputHmacStream, _plaintextLength, _compressedPlaintextLength); } } else { try { _compressedPlaintextLength = _plaintextLength = StreamExtensions.CopyTo(inputStream, encryptingStream); encryptingStream.FinalFlush(); DocumentHeaders.WriteEndWithHmac(hmacCalculator, outputHmacStream, _plaintextLength, _compressedPlaintextLength); } finally { encryptingStream.Dispose(); } } }
public static void TestConstructorNullArgument() { V2HmacCalculator nullCalculator = null; Stream nullStream = null; Stream stream = null; Assert.Throws <ArgumentNullException>(() => stream = V2HmacStream.Create(nullCalculator)); Assert.That(stream, Is.Null); Assert.Throws <ArgumentNullException>(() => stream = V2HmacStream.Create(new V2HmacCalculator(SymmetricKey.Zero128), nullStream)); Assert.That(stream, Is.Null); }
public static async Task TestGetTwoAsymmetricCryptosFromHeaders(CryptoImplementation cryptoImplementation) { SetupAssembly.AssemblySetupCrypto(cryptoImplementation); Headers headers = new Headers(); EncryptionParameters parameters = new EncryptionParameters(new V2Aes256CryptoFactory().CryptoId, new Passphrase("secrets")); IAsymmetricPublicKey publicKey1 = New <IAsymmetricFactory>().CreatePublicKey(Resources.PublicKey1); IAsymmetricPublicKey publicKey2 = New <IAsymmetricFactory>().CreatePublicKey(Resources.PublicKey2); await parameters.AddAsync(new UserPublicKey[] { new UserPublicKey(EmailAddress.Parse("*****@*****.**"), publicKey1), new UserPublicKey(EmailAddress.Parse("*****@*****.**"), publicKey2), }); V2DocumentHeaders documentHeaders = new V2DocumentHeaders(parameters, 10); using (V2HmacStream <MemoryStream> stream = V2HmacStream.Create <MemoryStream>(new V2HmacCalculator(new SymmetricKey(new byte[0])), new MemoryStream())) { documentHeaders.WriteStartWithHmac(stream); stream.Flush(); stream.Chained.Position = 0; using (V2AxCryptReader reader = new V2AxCryptReader(new LookAheadStream(stream.Chained))) { while (reader.Read()) { if (reader.CurrentItemType == AxCryptItemType.HeaderBlock) { headers.HeaderBlocks.Add(reader.CurrentHeaderBlock); } } SymmetricKey dataEncryptingKey = documentHeaders.Headers.FindHeaderBlock <V2KeyWrapHeaderBlock>().MasterKey; IEnumerable <V2AsymmetricKeyWrapHeaderBlock> readerAsymmetricKeys = headers.HeaderBlocks.OfType <V2AsymmetricKeyWrapHeaderBlock>(); Assert.That(readerAsymmetricKeys.Count(), Is.EqualTo(2), "There should be two asymmetric keys in the headers."); V2AsymmetricKeyWrapHeaderBlock asymmetricKey1 = readerAsymmetricKeys.First(); IAsymmetricPrivateKey privateKey1 = New <IAsymmetricFactory>().CreatePrivateKey(Resources.PrivateKey1); asymmetricKey1.SetPrivateKey(new V2Aes256CryptoFactory(), privateKey1); Assert.That(dataEncryptingKey, Is.EqualTo(asymmetricKey1.Crypto(0).Key), "The asymmetric wrapped key should be the one in the ICrypto instance."); IAsymmetricPrivateKey privateKey2 = New <IAsymmetricFactory>().CreatePrivateKey(Resources.PrivateKey2); asymmetricKey1.SetPrivateKey(new V2Aes256CryptoFactory(), privateKey2); Assert.That(asymmetricKey1.Crypto(0), Is.Null, "The ICrypto instance should be null, since the private key was wrong."); V2AsymmetricKeyWrapHeaderBlock asymmetricKey2 = readerAsymmetricKeys.Last(); asymmetricKey2.SetPrivateKey(new V2Aes256CryptoFactory(), privateKey2); Assert.That(dataEncryptingKey, Is.EqualTo(asymmetricKey2.Crypto(0).Key), "The asymmetric wrapped key should be the one in the ICrypto instance."); asymmetricKey2.SetPrivateKey(new V2Aes256CryptoFactory(), privateKey1); Assert.That(asymmetricKey2.Crypto(0), Is.Null, "The ICrypto instance should be null, since the private key was wrong."); } } }
public void Trailers(AxCryptReaderBase axCryptReader) { _headers.Trailers(axCryptReader); using (Stream hmacStream = V2HmacStream.Create(HmacCalculator)) { foreach (HeaderBlock header in _headers.TrailerBlocks) { if (header.HeaderBlockType == HeaderBlockType.V2Hmac) { continue; } header.Write(hmacStream); } } }
public static void Rfc4231TestCase6() { byte[] key = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa aaaaaa".FromHex(); byte[] data = "54657374205573696e67204c61726765 72205468616e20426c6f636b2d53697a 65204b6579202d2048617368204b6579 204669727374".FromHex(); byte[] hmac_sha_512 = "80b24263c7c1a3ebb71493c1dd7be8b4 9b46d1f41b4aeec1121b013783f8f352 6b56d037e05f2598bd0fd2215d6a1e52 95e64f73f63f0aec8b915a985d786598".FromHex(); byte[] result; using (V2HmacStream <Stream> stream = V2HmacStream.Create(new V2HmacCalculator(new SymmetricKey(key)))) { stream.Write(data, 0, data.Length); result = stream.Hmac.GetBytes(); } Assert.That(result, Is.EquivalentTo(hmac_sha_512)); }
public static void Rfc4231TestCase4() { byte[] key = "0102030405060708090a0b0c0d0e0f10 111213141516171819".FromHex(); byte[] data = "cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd cdcd".FromHex(); byte[] hmac_sha_512 = "b0ba465637458c6990e5a8c5f61d4af7 e576d97ff94b872de76f8050361ee3db a91ca5c11aa25eb4d679275cc5788063 a5f19741120c4f2de2adebeb10a298dd".FromHex(); byte[] result; using (V2HmacStream <Stream> stream = V2HmacStream.Create(new V2HmacCalculator(new SymmetricKey(key)))) { stream.Write(data, 0, data.Length); result = stream.Hmac.GetBytes(); } Assert.That(result, Is.EquivalentTo(hmac_sha_512)); }
public static void Rfc4231TestCase3() { byte[] key = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa".FromHex(); byte[] data = "dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd".FromHex(); byte[] hmac_sha_512 = "fa73b0089d56a284efb0f0756c890be9b1b5dbdd8ee81a3655f83e33b2279d39bf3e848279a722c806b485a47e67c807b946a337bee8942674278859e13292fb".FromHex(); byte[] result; using (V2HmacStream <Stream> stream = V2HmacStream.Create(new V2HmacCalculator(new SymmetricKey(key)))) { stream.Write(data, 0, data.Length); result = stream.Hmac.GetBytes(); } Assert.That(result, Is.EquivalentTo(hmac_sha_512)); }
public static void Rfc4231TestCase2() { byte[] key = "4a656665".FromHex(); byte[] data = "7768617420646f2079612077616e7420666f72206e6f7468696e673f".FromHex(); byte[] hmac_sha_512 = "164b7a7bfcf819e2e395fbe73b56e0a387bd64222e831fd610270cd7ea2505549758bf75c05a994a6d034f65f8f0e6fdcaeab1a34d4a6b4b636e070a38bce737".FromHex(); byte[] result; using (V2HmacStream <Stream> stream = V2HmacStream.Create(new V2HmacCalculator(new SymmetricKey(key)))) { stream.Write(data, 0, data.Length); result = stream.Hmac.GetBytes(); } Assert.That(result, Is.EquivalentTo(hmac_sha_512)); }
public static void Rfc4231TestCase1() { byte[] key = "0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b".FromHex(); byte[] data = "4869205468657265".FromHex(); byte[] hmac_sha_512 = "87aa7cdea5ef619d4ff0b4241a1d6cb02379f4e2ce4ec2787ad0b30545e17cdedaa833b7d6b8a702038b274eaea3f4e4be9d914eeb61f1702e696c203a126854".FromHex(); byte[] result; using (V2HmacStream <Stream> stream = V2HmacStream.Create(new V2HmacCalculator(new SymmetricKey(key)))) { stream.Write(data, 0, data.Length); result = stream.Hmac.GetBytes(); } Assert.That(result, Is.EquivalentTo(hmac_sha_512)); }
public static void Rfc4231TestCase7() { byte[] key = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa aaaaaa".FromHex(); byte[] data = "54686973206973206120746573742075 73696e672061206c6172676572207468 616e20626c6f636b2d73697a65206b65 7920616e642061206c61726765722074 68616e20626c6f636b2d73697a652064 6174612e20546865206b6579206e6565 647320746f2062652068617368656420 6265666f7265206265696e6720757365 642062792074686520484d414320616c 676f726974686d2e".FromHex(); byte[] hmac_sha_512 = "e37b6a775dc87dbaa4dfa9f96e5e3ffd debd71f8867289865df5a32d20cdc944 b6022cac3c4982b10d5eeb55c3e4de15 134676fb6de0446065c97440fa8c6a58".FromHex(); byte[] result; using (V2HmacStream <Stream> stream = V2HmacStream.Create(new V2HmacCalculator(new SymmetricKey(key)))) { stream.Write(data, 0, data.Length); result = stream.Hmac.GetBytes(); } Assert.That(result, Is.EquivalentTo(hmac_sha_512)); }
public static void Rfc4231TestCase5() { byte[] key = "0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c 0c0c0c0c".FromHex(); byte[] data = "546573742057697468205472756e6361 74696f6e".FromHex(); byte[] hmac_sha_512 = "415fad6271580a531d4179bc891d87a6".FromHex(); byte[] result; using (V2HmacStream <Stream> stream = V2HmacStream.Create(new V2HmacCalculator(new SymmetricKey(key)))) { stream.Write(data, 0, data.Length); result = new byte[16]; Array.Copy(stream.Hmac.GetBytes(), 0, result, 0, 16); } Assert.That(result, Is.EquivalentTo(hmac_sha_512)); }
public static void TestGetCryptoFromHeaders(CryptoImplementation cryptoImplementation) { SetupAssembly.AssemblySetupCrypto(cryptoImplementation); Headers headers = new Headers(); V2DocumentHeaders documentHeaders = new V2DocumentHeaders(new EncryptionParameters(new V2Aes256CryptoFactory().CryptoId, new Passphrase("passphrase")), 10); using (V2HmacStream <MemoryStream> stream = V2HmacStream.Create <MemoryStream>(new V2HmacCalculator(new SymmetricKey(new byte[0])), new MemoryStream())) { documentHeaders.WriteStartWithHmac(stream); stream.Flush(); stream.Chained.Position = 0; using (V2AxCryptReader reader = new V2AxCryptReader(new LookAheadStream(stream.Chained))) { while (reader.Read()) { if (reader.CurrentItemType == AxCryptItemType.HeaderBlock) { headers.HeaderBlocks.Add(reader.CurrentHeaderBlock); } } SymmetricKey dataEncryptingKey = documentHeaders.Headers.FindHeaderBlock <V2KeyWrapHeaderBlock>().MasterKey; V2KeyWrapHeaderBlock keyWrap = headers.FindHeaderBlock <V2KeyWrapHeaderBlock>(); IDerivedKey key = new V2Aes256CryptoFactory().RestoreDerivedKey(new Passphrase("passphrase"), keyWrap.DerivationSalt, keyWrap.DerivationIterations); keyWrap.SetDerivedKey(new V2Aes256CryptoFactory(), key); Assert.That(dataEncryptingKey, Is.EqualTo(keyWrap.MasterKey)); key = new V2Aes256CryptoFactory().RestoreDerivedKey(new Passphrase("wrong"), keyWrap.DerivationSalt, keyWrap.DerivationIterations); keyWrap.SetDerivedKey(new V2Aes256CryptoFactory(), key); Assert.That(dataEncryptingKey, Is.Not.EqualTo(keyWrap.MasterKey)); } } }