public EncryptedPacket EncryptData(byte[] original, RSAWithRSAParameterKey rsaParams, DigitalSignature digitalSignature) { var sessionKey = _aes.GenerateRandomNumber(32); var encryptedPacket = new EncryptedPacket { Iv = _aes.GenerateRandomNumber(12) }; (byte[] ciphereText, byte[] tag)encrypted = _aes.Encrypt(original, sessionKey, encryptedPacket.Iv, null); encryptedPacket.EncryptedData = encrypted.ciphereText; encryptedPacket.Tag = encrypted.tag; encryptedPacket.EncryptedSessionKey = rsaParams.EncryptData(sessionKey); using (var hmac = new HMACSHA256(sessionKey)) { var temp = hmac.ComputeHash(Combine(encryptedPacket.EncryptedData, encryptedPacket.Iv)); encryptedPacket.Hmac = hmac.ComputeHash(Combine(temp, encryptedPacket.Tag)); } encryptedPacket.Signature = digitalSignature.SignData(encryptedPacket.Hmac); return(encryptedPacket); }
public byte[] DecryptData(EncryptedPacket encryptedPacket, RSAWithRSAParameterKey rsaParams, DigitalSignature digitalSignature) { var decryptedSessionKey = rsaParams.DecryptData(encryptedPacket.EncryptedSessionKey); using (var hmac = new HMACSHA256(decryptedSessionKey)) { var hmacToCheck = hmac.ComputeHash(Combine(encryptedPacket.EncryptedData, encryptedPacket.Iv)); if (!Compare(encryptedPacket.Hmac, hmacToCheck)) { throw new CryptographicException( "HMAC for decryption does not match encrypted packet."); } } if (!digitalSignature.VerifySignature(encryptedPacket.Hmac, encryptedPacket.Signature)) { throw new CryptographicException( "Digital Signature can not be verified."); } var decryptedData = _aes.Decrypt(encryptedPacket.EncryptedData, decryptedSessionKey, encryptedPacket.Iv); return(decryptedData); }
public byte[] DecryptData(EncryptedPacket encryptedPacket, RSAWithRSAParameterKey rsaParams, DigitalSignature digitalSignature) { var decryptedSessionKey = rsaParams.DecryptData(encryptedPacket.EncryptedSessionKey); if (!digitalSignature.VerifySignature(encryptedPacket.Hmac, encryptedPacket.Signature)) { throw new CryptographicException( "Digital Signature can not be verified."); } var decryptedData = _aes.Decrypt(encryptedPacket.EncryptedData, decryptedSessionKey, encryptedPacket.Iv, encryptedPacket.Tag, null); return(decryptedData); }
public EncryptedPacket EncryptData(byte[] original, RSAWithRSAParameterKey rsaParams, DigitalSignature digitalSignature) { var sessionKey = _aes.GenerateRandomNumber(32); var encryptedPacket = new EncryptedPacket { Iv = _aes.GenerateRandomNumber(16) }; encryptedPacket.EncryptedData = _aes.Encrypt(original, sessionKey, encryptedPacket.Iv); encryptedPacket.EncryptedSessionKey = rsaParams.EncryptData(sessionKey); using (var hmac = new HMACSHA256(sessionKey)) { encryptedPacket.Hmac = hmac.ComputeHash(Combine(encryptedPacket.EncryptedData, encryptedPacket.Iv)); } encryptedPacket.Signature = digitalSignature.SignData(encryptedPacket.Hmac); return(encryptedPacket); }
static void Main() { const string original = "Very secret and important information that can not fall into the wrong hands."; var hybrid = new HybridEncryption(); var rsaParams = new RSAWithRSAParameterKey(); rsaParams.AssignNewKey(); var digitalSignature = new DigitalSignature(); digitalSignature.AssignNewKey(); Console.WriteLine("Hybrid Encryption with Integrity Check and Digital Signature Demonstration in .NET"); Console.WriteLine("----------------------------------------------------------------------------------"); Console.WriteLine(); try { var encryptedBlock = hybrid.EncryptData(Encoding.UTF8.GetBytes(original), rsaParams, digitalSignature); var decrpyted = hybrid.DecryptData(encryptedBlock, rsaParams, digitalSignature); Console.WriteLine("Original Message = " + original); Console.WriteLine(); Console.WriteLine("Message After Decryption = " + Encoding.UTF8.GetString(decrpyted)); } catch (CryptographicException ex) { Console.WriteLine("Error : " + ex.Message); } Console.ReadLine(); }