private static string Cipher(bool encrypt, byte[] key, byte[] data) { PaddedBufferedBlockCipher cipher = new PaddedBufferedBlockCipher(cipherEngine, padding); cipher.Init(encrypt, new KeyParameter(key)); int size = cipher.GetOutputSize(data.Length); byte[] result = new byte[size]; int position = cipher.ProcessBytes(data, 0, data.Length, result, 0); cipher.DoFinal(result, position); return encrypt ? BitConverter.ToString(result).Replace("-", String.Empty).ToLower() : encoding.GetString(result); }
/// <summary> /// Decrypt a hex-coded string using our MD5 or PBKDF2 generated key /// </summary> /// <param name="data">data string to be decrypted</param> /// <param name="key">decryption key</param> /// <param name="PBKDF2">flag to indicate we are using PBKDF2 to generate derived key</param> /// <returns>hex coded decrypted string</returns> public static string Decrypt(string data, string password, bool PBKDF2) { byte[] key; byte[] saltBytes = Authenticator.StringToByteArray(data.Substring(0, SALT_LENGTH * 2)); if (PBKDF2 == true) { // extract the salt from the data byte[] passwordBytes = Encoding.UTF8.GetBytes(password); // build our PBKDF2 key #if NETCF PBKDF2 kg = new PBKDF2(passwordBytes, saltbytes, 2000); #else Rfc2898DeriveBytes kg = new Rfc2898DeriveBytes(passwordBytes, saltBytes, PBKDF2_ITERATIONS); #endif key = kg.GetBytes(PBKDF2_KEYSIZE); } else { // extract the salt from the data byte[] passwordBytes = Encoding.UTF8.GetBytes(password); key = new byte[saltBytes.Length + passwordBytes.Length]; Array.Copy(saltBytes, key, saltBytes.Length); Array.Copy(passwordBytes, 0, key, saltBytes.Length, passwordBytes.Length); // build out combined key SHA256Managed md5 =new SHA256Managed(); key = md5.ComputeHash(key); } // extract the actual data to be decrypted byte[] inBytes = Authenticator.StringToByteArray(data.Substring(SALT_LENGTH * 2)); // get cipher BufferedBlockCipher cipher = new PaddedBufferedBlockCipher(new BlowfishEngine(), new ISO10126d2Padding()); cipher.Init(false, new KeyParameter(key)); // decrypt the data int osize = cipher.GetOutputSize(inBytes.Length); byte[] outBytes = new byte[osize]; try { int olen = cipher.ProcessBytes(inBytes, 0, inBytes.Length, outBytes, 0); olen += cipher.DoFinal(outBytes, olen); if (olen < osize) { byte[] t = new byte[olen]; Array.Copy(outBytes, 0, t, 0, olen); outBytes = t; } } catch (Exception) { // an exception is due to bad password throw new BadPasswordException(); } // return encoded string return Authenticator.ByteArrayToString(outBytes); }
/// <summary> /// Encrypt a string with a given key /// </summary> /// <param name="plain">data to encrypt - hex representation of byte array</param> /// <param name="key">key to use to encrypt</param> /// <returns>hex coded encrypted string</returns> public static string Encrypt(string plain, string password) { byte[] inBytes = Authenticator.StringToByteArray(plain); byte[] passwordBytes = Encoding.UTF8.GetBytes(password); // build a new salt RNGCryptoServiceProvider rg = new RNGCryptoServiceProvider(); byte[] saltbytes = new byte[SALT_LENGTH]; rg.GetBytes(saltbytes); string salt = Authenticator.ByteArrayToString(saltbytes); // build our PBKDF2 key #if NETCF PBKDF2 kg = new PBKDF2(passwordBytes, saltbytes, PBKDF2_ITERATIONS); #else Rfc2898DeriveBytes kg = new Rfc2898DeriveBytes(passwordBytes, saltbytes, PBKDF2_ITERATIONS); #endif byte[] key = kg.GetBytes(PBKDF2_KEYSIZE); // get our cipher BufferedBlockCipher cipher = new PaddedBufferedBlockCipher(new BlowfishEngine(), new ISO10126d2Padding()); cipher.Init(true, new KeyParameter(key)); // encrypt data int osize = cipher.GetOutputSize(inBytes.Length); byte[] outBytes = new byte[osize]; int olen = cipher.ProcessBytes(inBytes, 0, inBytes.Length, outBytes, 0); olen += cipher.DoFinal(outBytes, olen); if (olen < osize) { byte[] t = new byte[olen]; Array.Copy(outBytes, 0, t, 0, olen); outBytes = t; } // return encoded byte->hex string return salt + Authenticator.ByteArrayToString(outBytes); }
/// <summary> /// Decrypt a hex-encoded string with a byte array key /// </summary> /// <param name="data">hex-encoded string</param> /// <param name="key">key for decryption</param> /// <returns>hex-encoded plain text</returns> public static string Decrypt(string data, byte[] key) { // the actual data to be decrypted byte[] inBytes = Authenticator.StringToByteArray(data); // get cipher BufferedBlockCipher cipher = new PaddedBufferedBlockCipher(new BlowfishEngine(), new ISO10126d2Padding()); cipher.Init(false, new KeyParameter(key)); // decrypt the data int osize = cipher.GetOutputSize(inBytes.Length); byte[] outBytes = new byte[osize]; try { int olen = cipher.ProcessBytes(inBytes, 0, inBytes.Length, outBytes, 0); olen += cipher.DoFinal(outBytes, olen); if (olen < osize) { byte[] t = new byte[olen]; Array.Copy(outBytes, 0, t, 0, olen); outBytes = t; } } catch (Exception) { // an exception is due to bad password throw new BadPasswordException(); } // return encoded string return Authenticator.ByteArrayToString(outBytes); }
/// <summary> /// Encrypt a string with a byte array key /// </summary> /// <param name="plain">data to encrypt - hex representation of byte array</param> /// <param name="passwordBytes">key to use to encrypt</param> /// <returns>hex coded encrypted string</returns> public static string Encrypt(string plain, byte[] key) { byte[] inBytes = Authenticator.StringToByteArray(plain); // get our cipher BufferedBlockCipher cipher = new PaddedBufferedBlockCipher(new BlowfishEngine(), new ISO10126d2Padding()); cipher.Init(true, new KeyParameter(key)); // encrypt data int osize = cipher.GetOutputSize(inBytes.Length); byte[] outBytes = new byte[osize]; int olen = cipher.ProcessBytes(inBytes, 0, inBytes.Length, outBytes, 0); olen += cipher.DoFinal(outBytes, olen); if (olen < osize) { byte[] t = new byte[olen]; Array.Copy(outBytes, 0, t, 0, olen); outBytes = t; } // return encoded byte->hex string return Authenticator.ByteArrayToString(outBytes); }
/// <summary> /// The encrypt. /// </summary> /// <param name="data"> /// The data. /// </param> /// <param name="key"> /// The key. /// </param> /// <returns> /// The <see cref="string"/>. /// </returns> private string Encrypt(string data, SecretKey key) { byte[] bytes = Encoding.UTF8.GetBytes(data); // Setup the DESede cipher engine, create a PaddedBufferedBlockCipher in CBC mode. byte[] keyBytes = key.GetBytes(); var cipher = new PaddedBufferedBlockCipher(new CbcBlockCipher(new DesEdeEngine())); // initialise the cipher with the key bytes, for encryption cipher.Init(true, new KeyParameter(keyBytes)); int inBlockSize = bytes.Length; int outBlockSize = cipher.GetOutputSize(inBlockSize); var inblock = bytes; var outblock = new byte[outBlockSize]; cipher.ProcessBytes(inblock, 0, inBlockSize, outblock, 0); cipher.DoFinal(outblock, 0); return Convert.ToBase64String(outblock); }
/// <summary> /// The decrypt. /// </summary> /// <param name="encrypted"> /// The encrypted. /// </param> /// <param name="key"> /// The key. /// </param> /// <returns> /// The <see cref="string"/>. /// </returns> private string Decrypt(string encrypted, SecretKey key) { byte[] bytes = Convert.FromBase64String(encrypted); byte[] keyBytes = key.GetBytes(); // initialise the cipher for decryption var cipher = new PaddedBufferedBlockCipher(new CbcBlockCipher(new DesEdeEngine())); cipher.Init(false, new KeyParameter(keyBytes)); int inBlockSize = bytes.Length; int outBlockSize = cipher.GetOutputSize(inBlockSize); var inblock = bytes; var outblock = new byte[outBlockSize]; cipher.ProcessBytes(inblock, 0, inBlockSize, outblock, 0); cipher.DoFinal(outblock, 0); var clear = this.ToUTF8String(outblock); return clear; }