public byte[] DecryptToBytes(CipherString encyptedValue, SymmetricCryptoKey key = null) { if (key == null) { key = EncKey ?? Key; } if (key == null) { throw new ArgumentNullException(nameof(key)); } if (encyptedValue == null) { throw new ArgumentNullException(nameof(encyptedValue)); } if (encyptedValue.EncryptionType == EncryptionType.AesCbc128_HmacSha256_B64 && key.EncryptionType == EncryptionType.AesCbc256_B64) { // Old encrypt-then-mac scheme, swap out the key if (_legacyEtmKey == null) { _legacyEtmKey = new SymmetricCryptoKey(key.Key, EncryptionType.AesCbc128_HmacSha256_B64); } key = _legacyEtmKey; } return(Crypto.AesCbcDecrypt(encyptedValue, key)); }
public byte[] RsaDecryptToBytes(CipherString encyptedValue, byte[] privateKey) { if (privateKey == null) { privateKey = PrivateKey; } if (privateKey == null) { throw new ArgumentNullException(nameof(privateKey)); } IAsymmetricKeyAlgorithmProvider provider = null; switch (encyptedValue.EncryptionType) { case EncryptionType.Rsa2048_OaepSha256_B64: provider = WinRTCrypto.AsymmetricKeyAlgorithmProvider.OpenAlgorithm(AsymmetricAlgorithm.RsaOaepSha256); break; case EncryptionType.Rsa2048_OaepSha1_B64: provider = WinRTCrypto.AsymmetricKeyAlgorithmProvider.OpenAlgorithm(AsymmetricAlgorithm.RsaOaepSha1); break; default: throw new ArgumentException("EncryptionType unavailable."); } var cryptoKey = provider.ImportKeyPair(privateKey, CryptographicPrivateKeyBlobType.Pkcs8RawPrivateKeyInfo); var decryptedBytes = WinRTCrypto.CryptographicEngine.Decrypt(cryptoKey, encyptedValue.CipherTextBytes); return(decryptedBytes); }
public string Decrypt(CipherString encyptedValue) { try { if (Key == null) { throw new ArgumentNullException(nameof(Key)); } if (encyptedValue == null) { throw new ArgumentNullException(nameof(encyptedValue)); } if (encyptedValue.Mac != null) { var computedMac = ComputeMac(encyptedValue.CipherTextBytes, encyptedValue.InitializationVectorBytes); if (computedMac != encyptedValue.Mac) { throw new InvalidOperationException("MAC failed."); } } var provider = WinRTCrypto.SymmetricKeyAlgorithmProvider.OpenAlgorithm(SymmetricAlgorithm.AesCbcPkcs7); var cryptoKey = provider.CreateSymmetricKey(encyptedValue.Mac != null ? EncKey : Key); var decryptedBytes = WinRTCrypto.CryptographicEngine.Decrypt(cryptoKey, encyptedValue.CipherTextBytes, encyptedValue.InitializationVectorBytes); return(Encoding.UTF8.GetString(decryptedBytes, 0, decryptedBytes.Length).TrimEnd('\0')); } catch (Exception e) { Debug.WriteLine("Could not decrypt '{0}'. {1}", encyptedValue, e.Message); return("[error: cannot decrypt]"); } }
/// <summary> /// Decrypt text. /// </summary> /// <param name="text">Text that should be decrypted.</param> /// <param name="key"> /// Decryption key that is used in production. /// </param> /// <returns>Decrypted text.</returns> private String DecryptText(String text, String key) { CipherString cipherString; String decryptedText; String[] split; cipherString = new CipherString(); if (key.IsEmpty()) { return(cipherString.DecryptText(text)); } else { try { decryptedText = cipherString.DecryptText(text, key); split = decryptedText.Split(new[] { Settings.Default.ClientTokenDelimiter }); if (split.Length == 5) { return(decryptedText); } else { // Maybe old token is used. return(cipherString.DecryptText(text)); } } catch { // Maybe old token is used. return(cipherString.DecryptText(text)); } } }
public async Task UploadSendFileAsync(SendFileUploadDataResponse uploadData, CipherString fileName, byte[] encryptedFileData) { try { switch (uploadData.FileUploadType) { case FileUploadType.Direct: await _bitwardenFileUploadService.Upload(fileName.EncryptedString, encryptedFileData, fd => _apiService.PostSendFileAsync(uploadData.SendResponse.Id, uploadData.SendResponse.File.Id, fd)); break; case FileUploadType.Azure: Func <Task <string> > renewalCallback = async() => { var response = await _apiService.RenewFileUploadUrlAsync(uploadData.SendResponse.Id, uploadData.SendResponse.File.Id); return(response.Url); }; await _azureFileUploadService.Upload(uploadData.Url, encryptedFileData, renewalCallback); break; default: throw new Exception("Unknown file upload type"); } } catch (Exception e) { await _apiService.DeleteSendAsync(uploadData.SendResponse.Id); throw e; } }
/// <summary> /// Connect to the database. /// </summary> protected override void Connect() { CipherString cipherString = new CipherString(); String connectionString; // Opens the database connection. switch (Environment.MachineName) { case "ARTSERVICE2-1": // New production web service server. connectionString = "ABAAAAAANAIMJNNPABBFNBBBIMHKAAMAEPMCJHOLABAAAAAAPGBJALGDDHDONKEGJOECJFBANDBBPEGFAEAAAAAAACAAAAAAAAAAADGGAAAAMAAAAAAABAAAAAAAKGACHEMILMBLCCOOAKFMLHIDPFEOBACDAAAAAAAAAEIAAAAAKAAAAAAABAAAAAAAHAKCNAAHOHAFNBKPKFPKOFKMJLCAOBFIMAAAAAAAJMIFACEBKHABCMADCGCIHCKECEJHFGLBEGJIBKNPBBFMHLNFDIBCKBNEKPCIFADAAELKIHKLHBEBLIKAIALAGIGJJEFDEPGOBPACPLFFELPDFJNHJOGMFKOFIAGJBJBIDKMMMJFAMKGPFNNKLCCEDJFFGAPCHADDPIIOGHMEFMDCCDMDGNIKILIHLOGDGIGNFGHJHLFPFFADBMPMJHEHJNMPDIOMPHMGBLCJIHOEJOOBMKMPILPGNEACFCKHDNNBPOOFPAANBDBCALDEHBFCOAPGKOOKGABCBEMCOAAOIFOGMKFCIHJPKNPFFOGCGFILBPNOHMKHIJDCFNDBOHMGMGGOELKALFLAJBLOAHEJMOHHLJDDKAJFBPEBAMCHFLCLBEAAAAAADNAKHPPEDAAELACKAGIKCHCBBPKNJIJKANGEIGBC"; break; case "ARTSERVICE2-2": // New production web service server. connectionString = "ABAAAAAANAIMJNNPABBFNBBBIMHKAAMAEPMCJHOLABAAAAAAPGBJALGDDHDONKEGJOECJFBANDBBPEGFAEAAAAAAACAAAAAAAAAAADGGAAAAMAAAAAAABAAAAAAABAAICOJBKOMNEAMOBDGPFJFCLNKHPNDOAAAAAAAAAEIAAAAAKAAAAAAABAAAAAAAOKMCMLEOHFMCDCECMNIKJHGILNGMKOPHMAAAAAAAIECPJDBECFIAPPOMKOIHKJJIGLKGJDCOKLNHGBNPHLCOKCPJCIJEBBJIAOMIBDKFHLALEJOIDMEFAEBPGPCFKDNFAPNFNKMLKBJLOCNPEMLJAEBIKKKHIJENNEMJMGCOOHFKGKOFFAGKOMCMHIMPAGFOADKAMAGHHFJLMJMDNIGEEHJBDCHJPDKKFAPJHFCHFHGKFKBDEPHMNNIJMJMGGGKNIFNOOHAIKFKDLOHBIFABNCNJHAJBHAGDNEBPGNLAEJBFFILPKHGCAEFCHOCLPAOOBIKJFLFFOPMEDAOOKCADEMBNAKGPGPOIJPLDKFOMIIFKJMDBEEAOHNDPJOLLALLLLKLBCAJBAEKPBELMBCIJGPEHBNNIBICBKOBNLJFIBEAAAAAAODICAJEKDHBHKCEPIIECOFPKKPEIHBCHECGIJLJL"; break; case "MONESES-DEV": // Test Web Server connectionString = "ABAAAAAANAIMJNNPABBFNBBBIMHKAAMAEPMCJHOLABAAAAAALAHBHOALDLJHIEECKMFJPMIIHMEAIDBJAEAAAAAAACAAAAAAAAAAADGGAAAAMAAAAAAABAAAAAAAIBNMFFHMGDOGHKMHKHIHKNOHGFOFMPHLAAAAAAAAAEIAAAAAKAAAAAAABAAAAAAAFANPKLDILDJABAHBMKFFGENNONPHFHENLAAAAAAAFOEALKOJHFMKMHPBMEALGLFBEJMHNBKCPBLPCMKJAGEHHNPPKGEOIDFNGCOPLPAEMAEFACNKOOPNLBCLKAKCLAHCEILGDNOLDLKMMBNIPMGILPFCHJFCOMFJBHAJGDNLEHMGJKJOBAFJOPEMBNOKBNBFHCFJIKMADKNIPIGMDJGABGEICPGCEMMCLGOLGCKODFHLJKPNCBPMICEILFLBAAPFIEMHPDNIPADNGOCELDIHNKKOCMMKMLABNEFIGPAKDOAIHPCOAIOONLKFFDLPFKFNHPHDBPBOPILIFLGIPOLJIMBFNIBHBOPNJLGEKJIEFMMBJFCIOBGANHCACMIPNAMPINJGAMHJBEAAAAAANPBPLFEMLBDKPDFOCAIGBAIAEEJMEHFFHOKEHAEH"; break; case "SILURUS2-1": // Production Web Server connectionString = "ABAAAAAANAIMJNNPABBFNBBBIMHKAAMAEPMCJHOLABAAAAAAIDGFKMFBDIMAPEELJPFDBGPLIAHNCJMKAEAAAAAAACAAAAAAAAAAADGGAAAAMAAAAAAABAAAAAAAMBCIAJLJABGCIILLNNFIGBMPHMDFCPDCAAAAAAAAAEIAAAAAKAAAAAAABAAAAAAADDAJJKLIMFILGAOIMBDMMFOOFAFDBFILMAAAAAAABJFLHJMFBBHMGELHAHCPDBBHJGJBMKHNHFHOIJLDEODMLMPOIFFMGMOJADBJGGLIGHEEEHJFAKJMNLOICEICAHABCHCHAGEDNFGGCFBGGPEAEGKEHCPMOPEEKHAFJIBBOPDOHELIMAOAJCGOBMHHLIDNJEACGLLFHHJFEOHGIFPOOFIOFJMINJEGIKGFIILBEIGNLOHJHCPDNLOAJNFAHOEMJABONIHFKMHAIKNMFLIGDMJDNFAOPCKFCLNCDKBGGDKKHGIIGDMFLJMELJAFBIHJAGGAJMABNCLDNDJPEFCPHDAKAGBIDOCAKCMBDHGFIMPLBKDLNKCAKCMKBEJDHGBGJKDHFKEMOGCCJIENNGLGIMDLANPDDOEKMKGCOPFHBEAAAAAAILPAOEKHONCNFGPCPPGGAFHAGADJFDCBNHIIJOPL"; break; case "SILURUS2-2": // Production Web Server connectionString = "ABAAAAAANAIMJNNPABBFNBBBIMHKAAMAEPMCJHOLABAAAAAAMLHPLFJBLJNKIBEPJGEAILJLHMPOLAAGAEAAAAAAACAAAAAAAAAAADGGAAAAMAAAAAAABAAAAAAAHNCMLBNNHFAFOHHLGCCNCFHCEEPPPJNDAAAAAAAAAEIAAAAAKAAAAAAABAAAAAAAOEMFCICFKPPGOAJMJOGFPEPADLHKFLGOLIAAAAAAIEKIMNPACEGIMMJNGIPIFACLIKJJLMJFLDEDCNPKEOBCMMHCJINEJGDEIFMCBGKMLCAOMENLECLMJEGMFGEPKKKDKBIEIMPHGMOHOENJBFIEIOGHBAKDPMECIGEPKLMDPMEHBOGOLJLOENEDOFBNBDMPJFPGFGGLCFOEJDDFEGGENLMMGKJEELACJNAKELKAHJKBMMGPOOEPFBCLAEHHAGPAINIGCOFNNMIABJHCFOKEHFCFFOJLHKMKGJLJKBLNDKBGDNALJPIOIKLHMPCLIHBDJDCDGGAJDNIMADDDIEHPFGOAEOOCEOCDHCLJMJCGIDFFIEBALIPOCDOKHPAPDOKFOBFKCIGIBPLJJNMOPLBHDGCDBEAAAAAAOPKBCBNBJBEKBLCOHALNDMJPBDMFOFLBFNGBDJHF"; break; case "SLU011837": // if (Configuration.InstallationType == InstallationType.Production) { connectionString = "ABAAAAAANAIMJNNPABBFNBBBIMHKAAMAEPMCJHOLABAAAAAALCPBDBGCIAFPEPEILEKMLLIKEOOJMJMKAEAAAAAAACAAAAAAAAAAADGGAAAAMAAAAAAABAAAAAAAHEEPHDHODIPODBJLICDPDKIJMODPBFNKAAAAAAAAAEIAAAAAKAAAAAAABAAAAAAAPENNDAGEMNPLIHICHBMCBLNIHOOMNJBGMAAAAAAAIGAHDICNKLDABAFKKLJKOACNJMPICHCCKFMGMHFEAAOAOAMMFLMPBHLALPAGMCLKFOJOABMJLFKJIAGBEINPEPNKAKGMLLFDNBJDFMFBKGFJLDOFOEPBHGPDENGHMIOKJPLFLAILGBBLEAOAOHOJPNAGDMNOMLDDAHMPDHBLJPNLMMCOBIGPCEGLFJAMLMLJCLCKHFLOGOFJLJEAJNKDOHLNDICFGOOBCOEIJKNBOMILHAAEDNNGKEJJBCCJJDJIMHFGMFEJGACCDMECMHPBIMGFMKFGPCMMGPKOKDDKMCPCFONBLMEHIHOEBLCMPPLHABOMMJLEPCEHFGHLHEFCDLPDENPJEEINABAGLGEIDEGGEINAAPLEJILPLKFCCKPKBEAAAAAAEGHMGELBKDMFJMDMLAIBJGBJOLJACPEOODCOKDAL"; } else { connectionString = "ABAAAAAANAIMJNNPABBFNBBBIMHKAAMAEPMCJHOLABAAAAAAFDGKFHMFDIIJOBEBLFPNAIHICEBDJLBPAEAAAAAAACAAAAAAAAAAADGGAAAAMAAAAAAABAAAAAAABHIODJIAGIMAGJNJLAIHAJFODJAEIJPGAAAAAAAAAEIAAAAAKAAAAAAABAAAAAAANOLIFKKBPIPAGOPCKNPNPGEDLPNHIILKLAAAAAAAALLAKOEIFINDFEFIDIOMHEHCBKFBIMGGPMKBPJOGJDNPLCMODCDMHBGIGMFBPCNOKDPFCLIJADKCEGLINMEELMFGEFJEHKBFOGJHFAGLGDEIAHEBCAHHHPOCOBEDMPLIAHEGFOOOHLEKBMECHCMEFFIHGDIEFJNIBAIFCJCMJKAPJFBIAINGDIFOKGJFEDIOEINBLFGFBKNCFKOMMPPGPGLCOGEDDBOHLOPOMIFDHDPCAADEJEMBMEOMOKNABADKFONNIGDGFEMEBNFHJCMOECNOICMAGMIMEMELKOMLABBHNIIIHKGPMIGIPBPPFNJOOLIENKGBAADNLPGHPMKMCJMFIJMIINCKBEAAAAAAADIKCHIKLOPBDEGKADPFLACFKOJFAODKPALDPOIG"; } break; case "SLU002760": // connectionString = "ABAAAAAANAIMJNNPABBFNBBBIMHKAAMAEPMCJHOLABAAAAAAOIKAMFPLIBLJKHEBKLMNEPHLFFHCEIBDAEAAAAAAACAAAAAAAAAAADGGAAAAMAAAAAAABAAAAAAADEOEBEEAHFHNKGPAJPLFCAPPCBCJMDCOAAAAAAAAAEIAAAAAKAAAAAAABAAAAAAAEJJOJALKECHPAJJGMHCGHOLBEHCPLPDKKAAAAAAALOLGEINDIEPBMPPGAOMLPJMLPKPAINNBBBEFDGMMFFENMIEMNOFDHJFIMCECKLCAEPFAADOBAGEPLDNMCALFIPACADEOIHJJNCBLDJCANBAPDFKMKDLKGMDLJPKELHMOJFGJIBFLIJFLCNKDIACKOPGMDPBEKGHCHBFGGADFGDIOANEIILJCHJOEBFGLNPAIOFPDCIHHFGMFGILPFEEHIIAJPKCKIDKHBKLNFHGOALBBEHEOKMDNLICLEJGDPOHILDLPIIDBGBAMBDKHPDFPMCBLPNKPAACNFOGLIJDMFDCCDPFFCHEDFGMENGDPILCABEAAAAAALEGLOIIKBKAONLAKBOOPPGKKBGBPHMMKOOBJNPEE"; break; case "MATLOU8470WW7": // connectionString = "ABAAAAAANAIMJNNPABBFNBBBIMHKAAMAEPMCJHOLABAAAAAALHCOFDGPCNONAMEDJDCIAMKCOKLCFBPFAEAAAAAAACAAAAAAAAAAADGGAAAAMAAAAAAABAAAAAAAONECNHJCJAJMFMCBOJMBHKELKPFGKHHLAAAAAAAAAEIAAAAAKAAAAAAABAAAAAAANGNIJFOALKLANLCFMKBCLHFHMCLELBNELIAAAAAADCDLBGMFLIOGLFGFKFDMDGOPNKNODOICGJJBBPOGKMBLDACPGEFOBFEBOAMCDLEBPALELOJOMMNMMJNJBLIKDGGILGAHCEGIBGMNHAOHAGGDPANOGLGIFNABCGLLNFAFPMDEDOPDBIJMKPGFACFMOIBPGOMCPAFDNAJDMPIBBCBFHOHJHNGGOIEDBOBCGHIEIMOAJPFOHGFCOCOKEILFKKLKEHEDLJEOPFLOBEGPIAMIIEBBEPADMOMBJBIONOLFKBKPJMOHCJNADFCNPPFDIKPBKEJFPNLDLALIHBAFDHLEOPLCGEDBHLCALHEIKMAOAIJDENMCFOIFLKNMMILIMGGHHAHKMHLEDBBPCGPIBDCGNLFEBEAAAAAAPKKGPDPPKEBLLPJMDNIALOMMNNJNGMBEOBIGFOMG"; break; default: throw new ApplicationException("Unknown web server " + Environment.MachineName); } Connection = new SqlConnection(cipherString.DecryptText(connectionString)); Connection.Open(); if (Connection.State != ConnectionState.Open) { throw new ApplicationException("Could not connect to database."); } }
public async Task <byte[]> DecryptToBytesAsync(CipherString cipherString, SymmetricCryptoKey key = null) { var iv = Convert.FromBase64String(cipherString.Iv); var data = Convert.FromBase64String(cipherString.Data); var mac = !string.IsNullOrWhiteSpace(cipherString.Mac) ? Convert.FromBase64String(cipherString.Mac) : null; return(await AesDecryptToBytesAsync(cipherString.EncryptionType, data, iv, mac, key)); }
public void Parse_handles_cipher_mode_0() { var cs = CipherString.Parse("0.aXZpdml2aXZpdml2aXZpdg==|Y2lwaGVydGV4dA=="); Assert.Equal(CipherMode.Aes256Cbc, cs.Mode); Assert.Equal(Iv, cs.Iv); Assert.Equal(Ciphertext, cs.Ciphertext); }
public void Parse_handles_default_three_piece_cipher_mode() { var cs = CipherString.Parse("aXZpdml2aXZpdml2aXZpdg==|Y2lwaGVydGV4dA==|bWFjIG1hYyBtYWMgbWFjIG1hYyBtYWMgbWFjIG1hYyA="); Assert.Equal(CipherMode.Aes128CbcHmacSha256, cs.Mode); Assert.Equal(Iv, cs.Iv); Assert.Equal(Ciphertext, cs.Ciphertext); Assert.Equal(Mac, cs.Mac); }
public void Parse_handles_cipher_mode_4() { var cs = CipherString.Parse($"4.{RsaCiphertextBase64}"); Assert.Equal(CipherMode.Rsa2048OaepSha1, cs.Mode); Assert.Empty(cs.Iv); Assert.Equal(RsaCiphertext, cs.Ciphertext); Assert.Empty(cs.Mac); }
public void ParseRsa_handles_modes_6_without_mac() { var cs = CipherString.ParseRsa($"6.{RsaCiphertextBase64}"); Assert.Equal(CipherMode.Rsa2048OaepSha1HmacSha256, cs.Mode); Assert.Empty(cs.Iv); Assert.Equal(RsaCiphertext, cs.Ciphertext); Assert.All(cs.Mac, x => Assert.Equal(0, x)); }
public void Parse_handles_cipher_mode_2() { var cs = CipherString.Parse("2.aXZpdml2aXZpdml2aXZpdg==|Y2lwaGVydGV4dA==|bWFjIG1hYyBtYWMgbWFjIG1hYyBtYWMgbWFjIG1hYyA="); Assert.Equal(CipherMode.Aes256CbcHmacSha256, cs.Mode); Assert.Equal(Iv, cs.Iv); Assert.Equal(Ciphertext, cs.Ciphertext); Assert.Equal(Mac, cs.Mac); }
public void ParseRsa_handles_modes_3() { var cs = CipherString.ParseRsa($"3.{RsaCiphertextBase64}"); Assert.Equal(CipherMode.Rsa2048OaepSha256, cs.Mode); Assert.Empty(cs.Iv); Assert.Equal(RsaCiphertext, cs.Ciphertext); Assert.Empty(cs.Mac); }
public void Decrypt_throws_on_mismatching_mac() { var key = "SLBgfXoityZsz4ZWvpEPULPZMYGH6vSqh3PXTe5DmyM=".Decode64(); var iv = "XZ2vMa5oFCcp7BUAfPowvA==".Decode64(); var ciphertext = "1/GDPwJWo+2Iacio0UkRfR0zXXUufGjMIxD+y/A/YfQPKKep69B0nfbueqZJ1nA1pv15qVounBVJLhetVMGW7mKSxdVtTYObe0Uiqm/C9/s=".Decode64(); var mac = "mismatching MAC, mismatching MAC".ToBytes(); var cs = new CipherString(mode: CipherMode.Aes256CbcHmacSha256, iv: iv, ciphertext: ciphertext, mac: mac); Exceptions.AssertThrowsCrypto(() => cs.Decrypt(key), "MAC doesn't match"); }
public void Properties_are_set() { var mode = CipherMode.Aes256CbcHmacSha256; var cs = new CipherString(mode, Iv, Ciphertext, Mac); Assert.Equal(mode, cs.Mode); Assert.Equal(Iv, cs.Iv); Assert.Equal(Ciphertext, cs.Ciphertext); Assert.Equal(Mac, cs.Mac); }
public static byte[] AesCbcDecrypt(CipherString encyptedValue, SymmetricCryptoKey key) { if (encyptedValue == null) { throw new ArgumentNullException(nameof(encyptedValue)); } return(AesCbcDecrypt(encyptedValue.EncryptionType, encyptedValue.CipherTextBytes, encyptedValue.InitializationVectorBytes, encyptedValue.MacBytes, key)); }
public void Decrypt_decrypts_ciphertext_without_mac() { var cs = new CipherString(mode: CipherMode.Aes256Cbc, iv: "YFuiAVZgOD2K+s6y8yaMOw==".Decode64(), ciphertext: "TZ1+if9ofqRKTatyUaOnfudletslMJ/RZyUwJuR/+aI=".Decode64(), mac: "".ToBytes()); var plaintext = cs.Decrypt("OfOUvVnQzB4v49sNh4+PdwIFb9Fr5+jVfWRTf+E2Ghg=".Decode64()); Assert.Equal("All your base are belong to us".ToBytes(), plaintext); }
public async Task <(Send send, CipherString encryptedFileData)> EncryptAsync(SendView model, byte[] fileData, string password, SymmetricCryptoKey key = null) { if (model.Key == null) { model.Key = _cryptoFunctionService.RandomBytes(16); model.CryptoKey = await _cryptoService.MakeSendKeyAsync(model.Key); } var send = new Send { Id = model.Id, Type = model.Type, Disabled = model.Disabled, MaxAccessCount = model.MaxAccessCount, Key = await _cryptoService.EncryptAsync(model.Key, key), Name = await _cryptoService.EncryptAsync(model.Name, model.CryptoKey), Notes = await _cryptoService.EncryptAsync(model.Notes, model.CryptoKey), }; CipherString encryptedFileData = null; if (password != null) { var passwordHash = await _cryptoFunctionService.Pbkdf2Async(password, model.Key, CryptoHashAlgorithm.Sha256, 100000); send.Password = Convert.ToBase64String(passwordHash); } switch (send.Type) { case SendType.Text: send.Text = new SendText { Text = await _cryptoService.EncryptAsync(model.Text.Text, model.CryptoKey), Hidden = model.Text.Hidden }; break; case SendType.File: send.File = new SendFile(); if (fileData != null) { send.File.FileName = await _cryptoService.EncryptAsync(model.File.FileName, model.CryptoKey); encryptedFileData = await _cryptoService.EncryptAsync(fileData, model.CryptoKey); } break; default: break; } return(send, encryptedFileData); }
public void TokenNullError() { String token; CipherString cipherString; WebClientToken clientToken; cipherString = new CipherString(); token = cipherString.EncryptText(null); clientToken = new WebClientToken(token, WebServiceData.WebServiceManager.Key); clientToken.CheckData(); }
public void TokenFormatError() { String token; CipherString cipherString; WebClientToken clientToken; token = "Hej hopp i lingon skogen!"; cipherString = new CipherString(); token = cipherString.EncryptText(token); clientToken = new WebClientToken(token, WebServiceData.WebServiceManager.Key); clientToken.CheckData(); }
/// <summary> /// Connect to the database. /// </summary> protected override void Connect() { CipherString cipherString = new CipherString(); String connectionString; // Opens the database connection. switch (Environment.MachineName) { case "ARTSERVICE2-1": // New production web service server. connectionString = ""; break; case "ARTSERVICE2-2": // New production web service server. connectionString = ""; break; case "MONESES-DEV": // Test Web Server connectionString = null; break; case "SILURUS2-1": // Production Web Server connectionString = null; break; case "SILURUS2-2": // Production Web Server connectionString = null; break; case "SLU011837": // connectionString = null; break; case "SLU002760": // connectionString = null; break; case "MATLOU8470WW7": // connectionString = "ABAAAAAANAIMJNNPABBFNBBBIMHKAAMAEPMCJHOLABAAAAAALHCOFDGPCNONAMEDJDCIAMKCOKLCFBPFAEAAAAAAACAAAAAAAAAAADGGAAAAMAAAAAAABAAAAAAAEDBGDMLGFLOPKPONFABCBPANHFHOGMLKAAAAAAAAAEIAAAAAKAAAAAAABAAAAAAADOKBKGOMDLNGPMKHNBCJEDALIHOGOEFAKAAAAAAALHIJIIJNHBKHKEMHJGCCLCINLPLJBLLKCCJMDECOBLFOGFHBEBNPLECLEBDPINEGNAEPBKKAIAILOFAMIGOKIPDPILJEDAHKIBDHHBKGBAJDONFCKNANEGOELBNINKDOEFBAJFOKMLDFFDHFEEOFLLBGLNJMDAFBOIGFGHNMIMBMEJDAKEAJNHPKMHGPGIJGBKFJNBEDADKGMLIJFOJAEBEJHEEOEGEHJBIBNGBBFEMEJJGPFOAMLPOKMOCLJNIKALANOODJDJEDHJOKGADKIBMEMOEMHILAHCGMDDLHDBOLNJHENNKBBIKBDJFDHNGHBEAAAAAAKNEIEKBCKGNAIIENEDKDLOMJCBALMPLFEHMEDLGH"; break; default: throw new ApplicationException("Unknown web server " + Environment.MachineName); } Connection = new SqlConnection(cipherString.DecryptText(connectionString)); Connection.Open(); if (Connection.State != ConnectionState.Open) { throw new ApplicationException("Could not connect to database."); } }
/// <summary> /// Returns the detcrypted token. /// </summary> /// <returns> /// A string containing the Token. /// </returns> private static string GetDecryptedToken() { CipherString cipherString; String token; // Valid to 2017-10-31. Label = PublicTicket04. // Steps to make when next token should be collected. // 1 Log in to https://miljodata.slu.se/mvm/LogOn with your UserService account. // 2 Creat a new token with button "Aktivera och visa publika tickets". // 3 Encrypt token on servers and your own computer and update encrypted token in this method. // 4 Update valid to date in this method. cipherString = new CipherString(); switch (Environment.MachineName) { case "ARTFAKTA-DEV": // Team Species Fact test server. token = null; break; case "ARTSERVICE2-1": // New production web service server. token = "ABAAAAAANAIMJNNPABBFNBBBIMHKAAMAEPMCJHOLABAAAAAAHLKGBDFBDBPKCEEOKLLJKALLMDFDELLAAEAAAAAAACAAAAAAAAAAADGGAAAAMAAAAAAABAAAAAAALIDFJIDFKFIIDCACAKKABPLPBENILFPOAAAAAAAAAEIAAAAAKAAAAAAABAAAAAAAHKBCGGOJDAODLEHICGHNNNNPENCGKIGEBIAAAAAACFJEEBIKIKNJJAPAAFGBDMJEIKCINCHOMMMCGCCIIEPNLHIMBEAAAAAAKIJEHEABGDEJDKFKEFGOLHMCCDDMBJCKNJKDAHFJ"; break; case "ARTSERVICE2-2": // New production web service server. token = "ABAAAAAANAIMJNNPABBFNBBBIMHKAAMAEPMCJHOLABAAAAAAJGEOCNEDAFICHHEFLFLMCEBIEGIHNGNCAEAAAAAAACAAAAAAAAAAADGGAAAAMAAAAAAABAAAAAAAEIFDHKJAHPFCBHAIIGLIMBICIGCINBOCAAAAAAAAAEIAAAAAKAAAAAAABAAAAAAALMHPCECEPANLPFIBLIJHBCDLKGPABAPDBIAAAAAALIBPBDHGCJOPHMHFKMFDCCLFCPOILHBPECPAKIDMPKLFEPLEBEAAAAAAJBMJHBOJEIGFBOOMBMAOPBICOHDMJGOIMLGBDHHA"; break; case "MONESES-ST": // System test server. token = null; break; case "TFSBUILD": // Build Server token = null; break; case "SLU011837": // token = "ABAAAAAANAIMJNNPABBFNBBBIMHKAAMAEPMCJHOLABAAAAAAFDGKFHMFDIIJOBEBLFPNAIHICEBDJLBPAEAAAAAAACAAAAAAAAAAADGGAAAAMAAAAAAABAAAAAAAJJNIIHIACKMLFGFDGFPBFJNBNFFKNIDBAAAAAAAAAEIAAAAAKAAAAAAABAAAAAAAKGAOGIFCDIDBIMAKGBBAKLOPGMNKHCCEBIAAAAAAEHOJPBOJFGFHGLAJAEDHODEHHNBOMCOAJBMHLLFJLKHJINKDBEAAAAAABOOLIECCMBJBKOGMNCNHCELGKKEABAICKIMABMBF"; break; case "SLU004994": // token = null; break; case "SLW-DEV": // Team Two Blueberries test server. token = "ABAAAAAANAIMJNNPABBFNBBBIMHKAAMAEPMCJHOLABAAAAAAHDCGMMMLDMCPKPEMKILLNDOBEOLFBAJJAEAAAAAAACAAAAAAAAAAADGGAAAAMAAAAAAABAAAAAAAAIJKOMFGLDNCEGINNHHGFCBMJBPFONDNAAAAAAAAAEIAAAAAKAAAAAAABAAAAAAAJBDBIHHKDAEJJPFENMFGGEOMGNBBCLELBIAAAAAADICKGNBMEBONAPDPJKCIEMEAJBDCLKGGOGNIAFOBHPPDBPEABEAAAAAAMMLJOHMLMGOCNCIMBGPOMLIPOLAEDEKACJNIHMMO"; break; default: throw new ApplicationException("Unknown web server " + Environment.MachineName); } return(cipherString.DecryptText(token)); }
public string Decrypt(CipherString encyptedValue, SymmetricCryptoKey key = null) { try { var bytes = DecryptToBytes(encyptedValue, key); return(Encoding.UTF8.GetString(bytes, 0, bytes.Length).TrimEnd('\0')); } catch (Exception e) { Debug.WriteLine("Could not decrypt '{0}'. {1}", encyptedValue, e.Message); return("[error: cannot decrypt]"); } }
public void SetPrivateKey(CipherString privateKeyEnc) { if (privateKeyEnc != null) { _settings.AddOrUpdateValue(PrivateKeyKey, privateKeyEnc.EncryptedString); } else if (_settings.Contains(PrivateKeyKey)) { _settings.Remove(PrivateKeyKey); } _privateKey = null; }
public void SetEncKey(CipherString encKeyEnc) { if (encKeyEnc != null) { _settings.AddOrUpdateValue(EncKeyKey, encKeyEnc.EncryptedString); } else if (_settings.Contains(EncKeyKey)) { _settings.Remove(EncKeyKey); } _encKey = null; }
public void Decrypt_decrypts_ciphertext_with_expanded_key() { var key = "SLBgfXoityZsz4ZWvpEPULPZMYGH6vSqh3PXTe5DmyM=".Decode64(); var iv = "XZ2vMa5oFCcp7BUAfPowvA==".Decode64(); var ciphertext = "1/GDPwJWo+2Iacio0UkRfR0zXXUufGjMIxD+y/A/YfQPKKep69B0nfbueqZJ1nA1pv15qVounBVJLhetVMGW7mKSxdVtTYObe0Uiqm/C9/s=".Decode64(); var mac = "ZLZcTYFq4o1tBSYkGUbQEIj64/rAE8sAVmfzpOhPTNM=".Decode64(); var expected = "7Zo+OWHAKzu+Ovxisz38Na4en13SnoKHPxFngLUgLiHzSZCWbq42Mohdr6wInwcsWbbezoVaS2vwZlSlB6G7Mg==".Decode64(); var cs = new CipherString(mode: CipherMode.Aes256CbcHmacSha256, iv: iv, ciphertext: ciphertext, mac: mac); var plaintext = cs.Decrypt(key); Assert.Equal(expected, plaintext); }
public byte[] DecryptToBytes(CipherString encyptedValue, SymmetricCryptoKey key = null) { if (key == null) { key = Key; } if (key == null) { throw new ArgumentNullException(nameof(key)); } if (encyptedValue == null) { throw new ArgumentNullException(nameof(encyptedValue)); } if (encyptedValue.EncryptionType == Enums.EncryptionType.AesCbc128_HmacSha256_B64 && key.EncryptionType == Enums.EncryptionType.AesCbc256_B64) { // Old encrypt-then-mac scheme, swap out the key if (_legacyEtmKey == null) { _legacyEtmKey = new SymmetricCryptoKey(key.Key, Enums.EncryptionType.AesCbc128_HmacSha256_B64); } key = _legacyEtmKey; } if (encyptedValue.EncryptionType != key.EncryptionType) { throw new ArgumentException("encType unavailable."); } if (key.MacKey != null && !string.IsNullOrWhiteSpace(encyptedValue.Mac)) { var computedMac = ComputeMac(encyptedValue.CipherTextBytes, encyptedValue.InitializationVectorBytes, key.MacKey); if (computedMac != encyptedValue.Mac) { throw new InvalidOperationException("MAC failed."); } } var provider = WinRTCrypto.SymmetricKeyAlgorithmProvider.OpenAlgorithm(SymmetricAlgorithm.AesCbcPkcs7); var cryptoKey = provider.CreateSymmetricKey(key.EncKey); var decryptedBytes = WinRTCrypto.CryptographicEngine.Decrypt(cryptoKey, encyptedValue.CipherTextBytes, encyptedValue.InitializationVectorBytes); return(decryptedBytes); }
/// <summary> /// Encrypt text. /// </summary> /// <param name="text">Text that should be encrypted.</param> /// <param name="key"> /// Encryption key that is used in production. /// </param> /// <returns>Encrypted text.</returns> private String EncryptText(String text, String key) { CipherString cipherString; cipherString = new CipherString(); if (key.IsEmpty()) { return(cipherString.EncryptText(text)); } else { return(cipherString.EncryptText(text, key)); } }
public void ConstructorClientIPAddressError() { CipherString cipherString; String token; token = TEST_USER_NAME + Settings.Default.ClientTokenDelimitor + ApplicationIdentifier + Settings.Default.ClientTokenDelimitor + 42 + Settings.Default.ClientTokenDelimitor + "127.127.127.127" + Settings.Default.ClientTokenDelimitor + WebServiceData.WebServiceManager.Name; cipherString = new CipherString(); token = cipherString.EncryptText(token); new WebServiceContext(token); }
public async Task <SymmetricCryptoKey> MakeKeyFromPinAsync(string pin, string salt, KdfType kdf, int kdfIterations) { var pinProtectedKey = await _storageService.GetAsync <string>(Constants.PinProtectedKey); if (pinProtectedKey == null) { throw new Exception("No PIN protected key found."); } var protectedKeyCs = new CipherString(pinProtectedKey); var pinKey = await MakePinKeyAysnc(pin, salt, kdf, kdfIterations); var decKey = await DecryptToBytesAsync(protectedKeyCs, pinKey); return(new SymmetricCryptoKey(decKey)); }