/// <summary>
/// Read the protected string and return it protected with a sequence
/// of bytes generated by a random stream. The object's data will be
/// invisible in process memory only if the object has been initialized
/// using a <c>XorredBuffer</c>. If no <c>XorredBuffer</c> has been used
/// or the string has been read once already (in plain-text), the
/// operation won't be secure and the protected string will be visible
/// in process memory.
/// </summary>
/// <param name="crsRandomSource">Random number source.</param>
/// <returns>Protected string.</returns>
/// <exception cref="System.ArgumentNullException">Thrown if the input
/// parameter is <c>null</c>.</exception>
public byte[] ReadXorredString(CryptoRandomStream crsRandomSource)
{
Debug.Assert(crsRandomSource != null); if(crsRandomSource == null) throw new ArgumentNullException("crsRandomSource");
if(m_xbEncrypted != null)
{
uint uLen = m_xbEncrypted.Length;
byte[] randomPad = crsRandomSource.GetRandomBytes(uLen);
return m_xbEncrypted.ChangeKey(randomPad);
}
else // Not using XorredBuffer
{
byte[] pbData = ReadUtf8();
uint uLen = (uint)pbData.Length;
byte[] randomPad = crsRandomSource.GetRandomBytes(uLen);
Debug.Assert(randomPad.Length == uLen);
for(uint i = 0; i < uLen; ++i)
pbData[i] ^= randomPad[i];
return pbData;
}
}
private static int BenchTime(CrsAlgorithm cra, int nRounds, int nDataSize)
{
byte[] pbKey = new byte[4] { 0x00, 0x01, 0x02, 0x03 };
int nStart = Environment.TickCount;
for(int i = 0; i < nRounds; ++i)
{
CryptoRandomStream c = new CryptoRandomStream(cra, pbKey);
c.GetRandomBytes((uint)nDataSize);
}
int nEnd = Environment.TickCount;
return (nEnd - nStart);
}
private static ProtectedString PatternGenerate(string strPattern,
bool bReturnProtected, byte[] pbAdditionalEntropy)
{
LinkedList <char> vGenerated = new LinkedList <char>();
CryptoRandomStream crs = CreateCryptoStream(pbAdditionalEntropy);
byte[] pbRandom = crs.GetRandomBytes(1024);
int nRandomPos = 0;
StringBuilder sb = new StringBuilder();
for (char chAdd = '~'; chAdd < 255; ++chAdd)
{
sb.Append(chAdd);
}
string strCharSetHighANSI = sb.ToString();
strPattern = PasswordGenerator.ExpandPattern(strPattern);
CharStream csStream = new CharStream(strPattern);
char ch = csStream.ReadChar();
while (ch != char.MinValue)
{
string strCurrentCharSet = string.Empty;
switch (ch)
{
case '\\':
ch = csStream.ReadChar();
if (ch == char.MinValue) // Backslash at the end
{
vGenerated.AddLast('\\');
break;
}
vGenerated.AddLast(ch);
break;
case 'a': strCurrentCharSet = CharSetLower + CharSetNumeric; break;
case 'A': strCurrentCharSet = CharSetLower + CharSetUpper +
CharSetNumeric; break;
case '\u00C2': strCurrentCharSet = CharSetUpper + CharSetNumeric; break;
case 'c': strCurrentCharSet = CharSetLowerConsonants; break;
case 'C': strCurrentCharSet = CharSetLowerConsonants +
CharSetUpperConsonants; break;
case '\u0108': strCurrentCharSet = CharSetUpperConsonants; break;
case 'd': strCurrentCharSet = CharSetNumeric; break; // Digit
case 'h': strCurrentCharSet = CharSetHexLower; break;
case 'H': strCurrentCharSet = CharSetHexUpper; break;
case 'l': strCurrentCharSet = CharSetLower; break;
case 'L': strCurrentCharSet = CharSetLower + CharSetUpper; break;
case '\u013D': strCurrentCharSet = CharSetUpper; break;
case 'p': strCurrentCharSet = CharSetPunctuation; break;
case 'v': strCurrentCharSet = CharSetLowerVowel; break;
case 'V': strCurrentCharSet = CharSetLowerVowel +
CharSetUpperVowel; break;
case '\u0177': strCurrentCharSet = CharSetUpperVowel; break;
case 'x': strCurrentCharSet = strCharSetHighANSI; break;
default: vGenerated.AddLast(ch); break;
}
if (strCurrentCharSet.Length > 0)
{
while (true)
{
byte bt = pbRandom[nRandomPos];
++nRandomPos;
if (nRandomPos == pbRandom.Length)
{
pbRandom = crs.GetRandomBytes(1024);
nRandomPos = 0;
}
if (bt < (byte)strCurrentCharSet.Length)
{
vGenerated.AddLast(strCurrentCharSet[(int)bt]);
break;
}
}
}
ch = csStream.ReadChar();
}
char[] vArray = new char[vGenerated.Count];
vGenerated.CopyTo(vArray, 0);
UTF8Encoding utf8 = new UTF8Encoding();
ProtectedString ps = new ProtectedString(bReturnProtected, utf8.GetBytes(vArray));
Array.Clear(vArray, 0, vArray.Length);
vGenerated.Clear();
return(ps);
}
/// <summary>
/// Read the protected string and return it protected with a sequence
/// of bytes generated by a random stream.
/// </summary>
/// <param name="crsRandomSource">Random number source.</param>
/// <returns>Protected string.</returns>
public byte[] ReadXorredString(CryptoRandomStream crsRandomSource)
{
Debug.Assert(crsRandomSource != null); if(crsRandomSource == null) throw new ArgumentNullException("crsRandomSource");
byte[] pbData = ReadUtf8();
uint uLen = (uint)pbData.Length;
byte[] randomPad = crsRandomSource.GetRandomBytes(uLen);
Debug.Assert(randomPad.Length == pbData.Length);
for(uint i = 0; i < uLen; ++i)
pbData[i] ^= randomPad[i];
return pbData;
}
private static ProtectedString CustomCharSetGenerate(CustomCharSet charSet, uint uPasswordLength,
bool bReturnProtected, byte[] pbAdditionalEntropy)
{
Debug.Assert(charSet != null); if (charSet == null)
{
throw new ArgumentNullException();
}
if (charSet.UCount == 0)
{
return(new ProtectedString(false, string.Empty));
}
if (uPasswordLength == 0)
{
return(new ProtectedString(false, string.Empty));
}
CryptoRandomStream crs = CreateCryptoStream(pbAdditionalEntropy);
UTF8Encoding utf8 = new UTF8Encoding();
uint uGeneratedCount = 0, uNewCharIndex, uRandomPos = 0;
byte[] pbRandom = crs.GetRandomBytes(1024);
bool b16BitIndex = (charSet.UCount > 256);
char[] vGenerated = new char[uPasswordLength];
Array.Clear(vGenerated, 0, vGenerated.Length);
while (uGeneratedCount < uPasswordLength)
{
uNewCharIndex = pbRandom[uRandomPos];
++uRandomPos;
if (b16BitIndex)
{
uNewCharIndex *= 256;
uNewCharIndex += pbRandom[uRandomPos];
++uRandomPos;
}
if (uRandomPos >= (uint)pbRandom.Length)
{
pbRandom = CryptoRandom.GetRandomBytes(1024);
uRandomPos = 0;
}
if (uNewCharIndex < charSet.UCount)
{
vGenerated[uGeneratedCount] = charSet[uNewCharIndex];
++uGeneratedCount;
}
}
if (Array.IndexOf <char>(vGenerated, char.MinValue) >= 0)
{
Debug.Assert(false);
throw new System.Security.SecurityException();
}
byte[] pbUTF8 = utf8.GetBytes(vGenerated);
ProtectedString ps = new ProtectedString(bReturnProtected, pbUTF8);
Array.Clear(pbUTF8, 0, pbUTF8.Length);
Array.Clear(vGenerated, 0, vGenerated.Length);
return(ps);
}
