/// <summary>
/// Test the DigestStream class implementation
/// <para>Throws an Exception on failure</</para>
/// </summary>
public static void StreamDigestTest()
{
byte[] data;
MemoryStream instrm;
MemoryStream outstrm = new MemoryStream();
using (KeyGenerator kg = new KeyGenerator())
data = kg.GetBytes(512);
// data to digest
instrm = new MemoryStream(data);
byte[] code1;
byte[] code2;
using (DigestStream sd = new DigestStream(Digests.Keccak512))
{
sd.Initialize(instrm);
code1 = sd.ComputeHash();
}
using (Keccak512 kc = new Keccak512())
code2 = kc.ComputeHash(data);
// compare the hash codes
if (!Evaluate.AreEqual(code1, code2))
{
throw new Exception();
}
}
/// <summary>
/// Computes a unique identifier for this bytecode instance.
/// </summary>
/// <returns>ObjectId.</returns>
public ObjectId ComputeId()
{
var effectBytecode = this;
// We should most of the time have stages, unless someone is calling this method on a new EffectBytecode
if (effectBytecode.Stages != null)
{
effectBytecode = (EffectBytecode)MemberwiseClone();
effectBytecode.Stages = (ShaderBytecode[])effectBytecode.Stages.Clone();
// Because ShaderBytecode.Data can vary, we are calculating the bytecodeId only with the ShaderBytecode.Id.
for (int i = 0; i < effectBytecode.Stages.Length; i++)
{
var newStage = effectBytecode.Stages[i].Clone();
effectBytecode.Stages[i] = newStage;
newStage.Data = null;
}
}
// Not optimized: Pre-calculate bytecodeId in order to avoid writing to same storage
ObjectId newBytecodeId;
var memStream = new MemoryStream();
using (var stream = new DigestStream(memStream))
{
effectBytecode.WriteTo(stream);
newBytecodeId = stream.CurrentHash;
}
return(newBytecodeId);
}
/// <summary>Note: This can only be called after the message has been read.</summary>
/// <returns>True, if the message verifies, false otherwise</returns>
public bool Verify()
{
if (!IsIntegrityProtected())
{
throw new PgpException("data not integrity protected.");
}
DigestStream dIn = (DigestStream)encStream;
//
// make sure we are at the end.
//
while (encStream.ReadByte() >= 0)
{
// do nothing
}
//
// process the MDC packet
//
byte[] lookAhead = truncStream.GetLookAhead();
IDigest hash = dIn.ReadDigest();
hash.BlockUpdate(lookAhead, 0, 2);
byte[] digest = DigestUtilities.DoFinal(hash);
byte[] streamDigest = new byte[digest.Length];
Array.Copy(lookAhead, 2, streamDigest, 0, streamDigest.Length);
return(Arrays.ConstantTimeAreEqual(digest, streamDigest));
}
internal ObjectId ComputeCommandHash(IPrepareContext prepareContext)
{
var stream = new DigestStream(Stream.Null);
ComputeCommandHash(stream, prepareContext);
return(stream.CurrentHash);
}
/// <summary>
/// Computes the hash of the <see cref="NavigationSettings.Groups"/> field
/// </summary>
public static ObjectId ComputeGroupsHash(this NavigationSettings settings)
{
using (DigestStream stream = new DigestStream(Stream.Null))
{
BinarySerializationWriter writer = new BinarySerializationWriter(stream);
writer.Write(settings.Groups);
return(stream.CurrentHash);
}
}
public unsafe void TestDigestStream()
{
string s1 = "abc";
string s2 = "abcdefghijklmnopqrstuvwxyz";
string s3 = "abcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyz123456789";
ObjectId xenkoHash;
ObjectId dotNetHash;
using (var ds = new DigestStream(new MemoryStream()))
{
ds.Write(Encoding.ASCII.GetBytes(s1), 0, s1.Length);
xenkoHash = ds.CurrentHash;
}
using (var hashAlgorithm = new System.Security.Cryptography.SHA1Managed())
{
dotNetHash = new ObjectId(hashAlgorithm.ComputeHash(Encoding.ASCII.GetBytes(s1)));
}
Assert.Equal(dotNetHash, xenkoHash);
using (var ds = new DigestStream(new MemoryStream()))
{
ds.Write(Encoding.ASCII.GetBytes(s2), 0, s2.Length);
xenkoHash = ds.CurrentHash;
}
using (var hashAlgorithm = new System.Security.Cryptography.SHA1Managed())
{
dotNetHash = new ObjectId(hashAlgorithm.ComputeHash(Encoding.ASCII.GetBytes(s2)));
}
Assert.Equal(dotNetHash, xenkoHash);
using (var ds = new DigestStream(new MemoryStream()))
{
ds.Write(Encoding.ASCII.GetBytes(s3), 0, s3.Length);
xenkoHash = ds.CurrentHash;
}
using (var hashAlgorithm = new System.Security.Cryptography.SHA1Managed())
{
dotNetHash = new ObjectId(hashAlgorithm.ComputeHash(Encoding.ASCII.GetBytes(s3)));
}
Assert.Equal(dotNetHash, xenkoHash);
using (var ds = new DigestStream(new MemoryStream()))
{
ds.Write(Encoding.ASCII.GetBytes(s1), 0, s1.Length);
ds.Write(Encoding.ASCII.GetBytes(s2), 0, s2.Length);
ds.Write(Encoding.ASCII.GetBytes(s3), 0, s3.Length);
xenkoHash = ds.CurrentHash;
}
using (var hashAlgorithm = new System.Security.Cryptography.SHA1Managed())
{
dotNetHash = new ObjectId(hashAlgorithm.ComputeHash(Encoding.ASCII.GetBytes(s1 + s2 + s3)));
}
Assert.Equal(dotNetHash, xenkoHash);
}
internal Stream DoGetDataStream(byte[] rawPassPhrase, bool clearPassPhrase)
{
try
{
SymmetricKeyAlgorithmTag symmetricKeyAlgorithmTag = keyData.EncAlgorithm;
KeyParameter parameters = PgpUtilities.DoMakeKeyFromPassPhrase(symmetricKeyAlgorithmTag, keyData.S2k, rawPassPhrase, clearPassPhrase);
byte[] secKeyData = keyData.GetSecKeyData();
if (secKeyData != null && secKeyData.Length > 0)
{
IBufferedCipher cipher = CipherUtilities.GetCipher(PgpUtilities.GetSymmetricCipherName(symmetricKeyAlgorithmTag) + "/CFB/NoPadding");
cipher.Init(forEncryption: false, new ParametersWithIV(parameters, new byte[cipher.GetBlockSize()]));
byte[] array = cipher.DoFinal(secKeyData);
symmetricKeyAlgorithmTag = (SymmetricKeyAlgorithmTag)array[0];
parameters = ParameterUtilities.CreateKeyParameter(PgpUtilities.GetSymmetricCipherName(symmetricKeyAlgorithmTag), array, 1, array.Length - 1);
}
IBufferedCipher bufferedCipher = CreateStreamCipher(symmetricKeyAlgorithmTag);
byte[] array2 = new byte[bufferedCipher.GetBlockSize()];
bufferedCipher.Init(forEncryption: false, new ParametersWithIV(parameters, array2));
encStream = BcpgInputStream.Wrap(new CipherStream(encData.GetInputStream(), bufferedCipher, null));
if (encData is SymmetricEncIntegrityPacket)
{
truncStream = new TruncatedStream(encStream);
string digestName = PgpUtilities.GetDigestName(HashAlgorithmTag.Sha1);
IDigest digest = DigestUtilities.GetDigest(digestName);
encStream = new DigestStream(truncStream, digest, null);
}
if (Streams.ReadFully(encStream, array2, 0, array2.Length) < array2.Length)
{
throw new EndOfStreamException("unexpected end of stream.");
}
int num = encStream.ReadByte();
int num2 = encStream.ReadByte();
if (num < 0 || num2 < 0)
{
throw new EndOfStreamException("unexpected end of stream.");
}
bool flag = array2[array2.Length - 2] == (byte)num && array2[array2.Length - 1] == (byte)num2;
bool flag2 = num == 0 && num2 == 0;
if (!flag && !flag2)
{
throw new PgpDataValidationException("quick check failed.");
}
return(encStream);
}
catch (PgpException ex)
{
throw ex;
}
catch (Exception exception)
{
throw new PgpException("Exception creating cipher", exception);
}
}
private static ThumbnailData GetFolderThumbnail(IDispatcherService dispatcher)
{
using (var ds = new DigestStream(new MemoryStream()))
{
var bytes = Resources.Images.folder;
ds.Write(bytes, 0, bytes.Length);
var objectId = ds.CurrentHash;
var data = new ThumbnailData(objectId, new MemoryStream(bytes));
data.PrepareForPresentation(dispatcher).Forget();
return(data);
}
}
private byte[] HashTest2(string FileName)
{
using (FileStream inStream = new FileStream(FileName, FileMode.Open))
{
using (DigestStream dgst = new DigestStream(new SHA512()))
{
dgst.Initialize(inStream);
// linear processing
dgst.IsConcurrent = false;
return(dgst.ComputeHash());
}
}
}
private byte[] HashTest1(string FileName)
{
using (FileStream inStream = new FileStream(FileName, FileMode.Open))
{
using (DigestStream dgst = new DigestStream(new SHA512()))
{
dgst.Initialize(inStream);
// run concurrent mode
dgst.IsConcurrent = true;
return(dgst.ComputeHash());
}
}
}
/// <summary>
/// Generates a Guid unique to this name
/// </summary>
/// <param name="name">the name to turn into a Guid</param>
/// <returns>A unique Guid for the given name</returns>
public static Guid DeviceNameToGuid(string name)
{
MemoryStream stream = new MemoryStream();
DigestStream writer = new DigestStream(stream);
{
BinarySerializationWriter serializer = new HashSerializationWriter(writer);
serializer.Write(typeof(IInputDevice).GetHashCode());
serializer.Write(name);
}
return(writer.CurrentHash.ToGuid());
}
private static byte[] ComputeHash(object document)
{
var sha = new Sha256Digest();
var stream = new DigestStream(new MemoryStream(), null, sha);
using (var writer = new StreamWriter(stream))
{
string mementoToString = JsonConvert.SerializeObject(document);
writer.Write(mementoToString);
}
byte[] buffer = new byte[sha.GetDigestSize()];
sha.DoFinal(buffer, 0);
return(buffer);
}
public CmsTypedStream GetSignedContent()
{
if (_signedContent == null)
{
return(null);
}
Stream stream = _signedContent.ContentStream;
foreach (IDigest value in _digests.Values)
{
stream = new DigestStream(stream, value, null);
}
return(new CmsTypedStream(_signedContent.ContentType, stream));
}
public CmsTypedStream GetSignedContent()
{
if (this._signedContent == null)
{
return(null);
}
Stream stream = this._signedContent.ContentStream;
foreach (IDigest readDigest in this._digests.Values)
{
stream = new DigestStream(stream, readDigest, null);
}
return(new CmsTypedStream(this._signedContent.ContentType, stream));
}
/// <summary>
/// Computes the command hash. If an error occurred, the hash is <see cref="ObjectId.Empty"/>
/// </summary>
/// <param name="prepareContext">The prepare context.</param>
/// <returns>Hash of the command.</returns>
internal ObjectId ComputeCommandHash(IPrepareContext prepareContext)
{
var stream = new DigestStream(Stream.Null);
try
{
ComputeCommandHash(stream, prepareContext);
return(stream.CurrentHash);
}
catch (Exception ex)
{
prepareContext.Logger.Error($"Unexpected error while computing the command hash for [{GetType().Name}].", ex);
}
return(ObjectId.Empty);
}
public CmsTypedStream GetSignedContent()
{
if (_signedContent == null)
{
return(null);
}
Stream digStream = _signedContent.ContentStream;
foreach (IDigest digest in _digests.Values)
{
digStream = new DigestStream(digStream, digest, null);
}
return(new CmsTypedStream(_signedContent.ContentType, digStream));
}
private AsicePackageEntry CreateEntry(Stream contentStream, AsicePackageEntry entry)
{
var fileName = entry.FileName ?? throw new ArgumentNullException(nameof(entry), "File name must be provided");
var dataStream = contentStream ?? throw new ArgumentNullException(nameof(contentStream));
var zipEntry = Archive.CreateEntry(fileName);
using (var zipStream = zipEntry.Open())
using (var digestStream = new DigestStream(zipStream, null, MessageDigestAlgorithm.Digest))
{
dataStream.CopyTo(digestStream);
dataStream.Flush();
entry.Digest = new DigestContainer(DigestUtilities.DoFinal(digestStream.WriteDigest()), MessageDigestAlgorithm);
}
return(entry);
}
public ObjectId ComputeFileHash(string filePath)
{
var inputVersionKey = new FileVersionKey(filePath);
storage.LoadNewValues();
// Perform a lock per file as it can be expensive to compute
// them at the same time (for large file)
object versionLock;
lock (locks)
{
if (!locks.TryGetValue(inputVersionKey, out versionLock))
{
versionLock = new object();
locks.Add(inputVersionKey, versionLock);
}
}
var hash = ObjectId.Empty;
lock (versionLock)
{
if (!storage.TryGetValue(inputVersionKey, out hash))
{
// TODO: we might want to allow retries, timeout, etc. since file processed here are files currently being edited by user
try
{
using (var fileStream = File.OpenRead(filePath))
using (var stream = new DigestStream(Stream.Null))
{
fileStream.CopyTo(stream);
hash = stream.CurrentHash;
}
}
catch (Exception ex)
{
log.Debug("Cannot calculate hash for file [{0}]", ex, filePath);
}
storage[inputVersionKey] = hash;
}
}
return(hash);
}
/// <summary>
/// Computes a unique Id for this asset used to store intermediate / build cache data
/// </summary>
/// <returns>The object id for asset intermediate data</returns>
private ObjectId ComputeAssetIntermediateDataId()
{
var stream = new DigestStream(Stream.Null);
var writer = new BinarySerializationWriter(stream);
writer.Context.SerializerSelector = SerializerSelector.AssetWithReuse;
writer.Write(CommandCacheVersion);
// Write binary format version
writer.Write(DataSerializer.BinaryFormatVersion);
// Compute assembly hash
ComputeAssemblyHash(writer);
// Write asset Id
writer.Write(asset.Id);
return(stream.CurrentHash);
}
private bool HashTest3()
{
byte[] data = new CSPPrng().GetBytes(33033);
byte[] hash1;
byte[] hash2;
using (DigestStream dgt1 = new DigestStream(new SHA512()))
{
dgt1.Initialize(new MemoryStream(data));
// run concurrent mode
dgt1.IsConcurrent = true;
hash1 = dgt1.ComputeHash();
}
using (SHA512 dgt2 = new SHA512())
hash2 = dgt2.ComputeHash(data);
return(Evaluate.AreEqual(hash1, hash2));
}
public bool Verify()
{
if (!IsIntegrityProtected())
{
throw new PgpException("data not integrity protected.");
}
DigestStream digestStream = (DigestStream)encStream;
while (encStream.ReadByte() >= 0)
{
}
byte[] lookAhead = truncStream.GetLookAhead();
IDigest digest = digestStream.ReadDigest();
digest.BlockUpdate(lookAhead, 0, 2);
byte[] array = DigestUtilities.DoFinal(digest);
byte[] array2 = new byte[array.Length];
Array.Copy(lookAhead, 2, array2, 0, array2.Length);
return(Arrays.ConstantTimeAreEqual(array, array2));
}
/**
* generate a signed object that for a CMS Signed Data
* object using the given provider - if encapsulate is true a copy
* of the message will be included in the signature. The content type
* is set according to the OID represented by the string signedContentType.
* @param out stream the CMS object is to be written to.
* @param signedContentType OID for data to be signed.
* @param encapsulate true if data should be encapsulated.
* @param dataOutputStream output stream to copy the data being signed to.
*/
public Stream Open(
Stream outStream,
string signedContentType,
bool encapsulate,
Stream dataOutputStream)
{
if (outStream == null)
{
throw new ArgumentNullException("outStream");
}
if (!outStream.CanWrite)
{
throw new ArgumentException("Expected writeable stream", "outStream");
}
if (dataOutputStream != null && !dataOutputStream.CanWrite)
{
throw new ArgumentException("Expected writeable stream", "dataOutputStream");
}
_messageDigestsLocked = true;
//
// ContentInfo
//
BerSequenceGenerator sGen = new BerSequenceGenerator(outStream);
sGen.AddObject(CmsObjectIdentifiers.SignedData);
//
// Signed Data
//
BerSequenceGenerator sigGen = new BerSequenceGenerator(
sGen.GetRawOutputStream(), 0, true);
sigGen.AddObject(CalculateVersion(signedContentType));
Asn1EncodableVector digestAlgs = new Asn1EncodableVector();
foreach (string digestOid in _messageDigestOids)
{
digestAlgs.Add(
new AlgorithmIdentifier(new DerObjectIdentifier(digestOid), DerNull.Instance));
}
{
byte[] tmp = new DerSet(digestAlgs).GetEncoded();
sigGen.GetRawOutputStream().Write(tmp, 0, tmp.Length);
}
BerSequenceGenerator eiGen = new BerSequenceGenerator(sigGen.GetRawOutputStream());
eiGen.AddObject(new DerObjectIdentifier(signedContentType));
Stream digStream;
if (encapsulate)
{
BerOctetStringGenerator octGen = new BerOctetStringGenerator(
eiGen.GetRawOutputStream(), 0, true);
digStream = octGen.GetOctetOutputStream(_bufferSize);
if (dataOutputStream != null)
{
digStream = new TeeOutputStream(dataOutputStream, digStream);
}
}
else
{
if (dataOutputStream != null)
{
digStream = dataOutputStream;
}
else
{
digStream = new NullOutputStream();
}
}
foreach (IDigest d in _messageDigests.Values)
{
digStream = new DigestStream(digStream, null, d);
}
return(new CmsSignedDataOutputStream(this, digStream, signedContentType, sGen, sigGen, eiGen));
}
/// <summary>Return the decrypted data stream for the packet.</summary>
public Stream GetDataStream(
PgpPrivateKey privKey)
{
IBufferedCipher c1 = GetKeyCipher(keyData.Algorithm);
try
{
c1.Init(false, privKey.Key);
}
catch (InvalidKeyException e)
{
throw new PgpException("error setting asymmetric cipher", e);
}
BigInteger[] keyD = keyData.GetEncSessionKey();
if (keyData.Algorithm == PublicKeyAlgorithmTag.RsaEncrypt ||
keyData.Algorithm == PublicKeyAlgorithmTag.RsaGeneral)
{
byte[] bi = keyD[0].ToByteArray();
if (bi[0] == 0)
{
c1.ProcessBytes(bi, 1, bi.Length - 1);
}
else
{
c1.ProcessBytes(bi, 0, bi.Length);
}
}
else
{
ElGamalPrivateKeyParameters k = (ElGamalPrivateKeyParameters)privKey.Key;
int size = (k.Parameters.P.BitLength + 7) / 8;
byte[] bi = keyD[0].ToByteArray();
int diff = bi.Length - size;
if (diff >= 0)
{
c1.ProcessBytes(bi, diff, size);
}
else
{
byte[] zeros = new byte[-diff];
c1.ProcessBytes(zeros);
c1.ProcessBytes(bi);
}
bi = keyD[1].ToByteArray();
diff = bi.Length - size;
if (diff >= 0)
{
c1.ProcessBytes(bi, diff, size);
}
else
{
byte[] zeros = new byte[-diff];
c1.ProcessBytes(zeros);
c1.ProcessBytes(bi);
}
}
byte[] plain;
try
{
plain = c1.DoFinal();
}
catch (Exception e)
{
throw new PgpException("exception decrypting secret key", e);
}
if (!ConfirmCheckSum(plain))
{
throw new PgpKeyValidationException("key checksum failed");
}
IBufferedCipher c2;
string cipherName = PgpUtilities.GetSymmetricCipherName((SymmetricKeyAlgorithmTag)plain[0]);
string cName = cipherName;
try
{
if (encData is SymmetricEncIntegrityPacket)
{
cName += "/CFB/NoPadding";
}
else
{
cName += "/OpenPGPCFB/NoPadding";
}
c2 = CipherUtilities.GetCipher(cName);
}
// catch (NoSuchProviderException e)
catch (PgpException e)
{
throw e;
}
catch (Exception e)
{
throw new PgpException("exception creating cipher", e);
}
if (c2 == null)
{
return(encData.GetInputStream());
}
try
{
byte[] keyBytes = new byte[plain.Length - 3];
Array.Copy(plain, 1, keyBytes, 0, keyBytes.Length);
KeyParameter key = ParameterUtilities.CreateKeyParameter(
cipherName, keyBytes);
byte[] iv = new byte[c2.GetBlockSize()];
c2.Init(false, new ParametersWithIV(key, iv));
encStream = BcpgInputStream.Wrap(new CipherStream(encData.GetInputStream(), c2, null));
if (encData is SymmetricEncIntegrityPacket)
{
truncStream = new TruncatedStream(encStream);
encStream = new DigestStream(truncStream,
DigestUtilities.GetDigest(PgpUtilities.GetDigestName(HashAlgorithmTag.Sha1)), null);
}
for (int i = 0; i != iv.Length; i++)
{
int ch = encStream.ReadByte();
if (ch < 0)
{
throw new EndOfStreamException("unexpected end of stream.");
}
iv[i] = (byte)ch;
}
int v1 = encStream.ReadByte();
int v2 = encStream.ReadByte();
if (v1 < 0 || v2 < 0)
{
throw new EndOfStreamException("unexpected end of stream.");
}
// Note: the oracle attack on the "quick check" bytes is deemed
// a security risk for typical public key encryption usages,
// therefore we do not perform the check.
// bool repeatCheckPassed =
// iv[iv.Length - 2] == (byte)v1
// && iv[iv.Length - 1] == (byte)v2;
//
// // Note: some versions of PGP appear to produce 0 for the extra
// // bytes rather than repeating the two previous bytes
// bool zeroesCheckPassed =
// v1 == 0
// && v2 == 0;
//
// if (!repeatCheckPassed && !zeroesCheckPassed)
// {
// throw new PgpDataValidationException("quick check failed.");
// }
return(encStream);
}
catch (PgpException e)
{
throw e;
}
catch (Exception e)
{
throw new PgpException("Exception starting decryption", e);
}
}
/// <summary>
/// <p>
/// If buffer is non null stream assumed to be partial, otherwise the length will be used
/// to output a fixed length packet.
/// </p>
/// <p>
/// The stream created can be closed off by either calling Close()
/// on the stream or Close() on the generator. Closing the returned
/// stream does not close off the Stream parameter <c>outStr</c>.
/// </p>
/// </summary>
private Stream Open(Stream outStr, long length, byte[] buffer)
{
if (_cOut != null)
{
throw new InvalidOperationException("generator already in open state");
}
if (_methods.Count == 0)
{
throw new InvalidOperationException("No encryption methods specified");
}
if (outStr == null)
{
throw new ArgumentNullException("outStr");
}
_pOut = new BcpgOutputStream(outStr);
KeyParameter key;
if (_methods.Count == 1)
{
var pbeMethod = _methods[0] as PbeMethod;
if (pbeMethod != null)
{
key = pbeMethod.GetKey();
}
else
{
var pubMethod = (PubMethod)_methods[0];
key = PgpUtilities.MakeRandomKey(_defAlgorithm, _rand);
var sessionInfo = CreateSessionInfo(_defAlgorithm, key);
try
{
pubMethod.AddSessionInfo(sessionInfo, _rand);
}
catch (Exception e)
{
throw new PgpException("exception encrypting session key", e);
}
}
_pOut.WritePacket((ContainedPacket)_methods[0]);
}
else // multiple methods
{
key = PgpUtilities.MakeRandomKey(_defAlgorithm, _rand);
var sessionInfo = CreateSessionInfo(_defAlgorithm, key);
for (var i = 0; i != _methods.Count; i++)
{
var m = (EncMethod)_methods[i];
try
{
m.AddSessionInfo(sessionInfo, _rand);
}
catch (Exception e)
{
throw new PgpException("exception encrypting session key", e);
}
_pOut.WritePacket(m);
}
}
var cName = PgpUtilities.GetSymmetricCipherName(_defAlgorithm);
if (cName == null)
{
throw new PgpException("null cipher specified");
}
try
{
if (_withIntegrityPacket)
{
cName += "/CFB/NoPadding";
}
else
{
cName += "/OpenPGPCFB/NoPadding";
}
_c = CipherUtilities.GetCipher(cName);
// TODO Confirm the IV should be all zero bytes (not inLineIv - see below)
var iv = new byte[_c.GetBlockSize()];
_c.Init(true, new ParametersWithRandom(new ParametersWithIV(key, iv), _rand));
if (buffer == null)
{
//
// we have to Add block size + 2 for the Generated IV and + 1 + 22 if integrity protected
//
if (_withIntegrityPacket)
{
_pOut = new BcpgOutputStream(outStr, PacketTag.SymmetricEncryptedIntegrityProtected,
length + _c.GetBlockSize() + 2 + 1 + 22);
_pOut.WriteByte(1); // version number
}
else
{
_pOut = new BcpgOutputStream(outStr, PacketTag.SymmetricKeyEncrypted,
length + _c.GetBlockSize() + 2, _oldFormat);
}
}
else
{
if (_withIntegrityPacket)
{
_pOut = new BcpgOutputStream(outStr, PacketTag.SymmetricEncryptedIntegrityProtected, buffer);
_pOut.WriteByte(1); // version number
}
else
{
_pOut = new BcpgOutputStream(outStr, PacketTag.SymmetricKeyEncrypted, buffer);
}
}
var blockSize = _c.GetBlockSize();
var inLineIv = new byte[blockSize + 2];
_rand.NextBytes(inLineIv, 0, blockSize);
Array.Copy(inLineIv, inLineIv.Length - 4, inLineIv, inLineIv.Length - 2, 2);
Stream myOut = _cOut = new CipherStream(_pOut, null, _c);
if (_withIntegrityPacket)
{
var digestName = PgpUtilities.GetDigestName(HashAlgorithmTag.Sha1);
var digest = DigestUtilities.GetDigest(digestName);
myOut = _digestOut = new DigestStream(myOut, null, digest);
}
myOut.Write(inLineIv, 0, inLineIv.Length);
return(new WrappedGeneratorStream(this, myOut));
}
catch (Exception e)
{
throw new PgpException("Exception creating cipher", e);
}
}
/// <summary>Return the decrypted input stream, using the passed in passphrase.</summary>
public Stream GetDataStream(
char[] passPhrase)
{
IBufferedCipher c;
try
{
SymmetricKeyAlgorithmTag alg = keyData.EncAlgorithm;
string cName = PgpUtilities.GetSymmetricCipherName(alg);
if (encData is SymmetricEncIntegrityPacket)
{
cName += "/CFB/NoPadding";
}
else
{
cName += "/OpenPGPCFB/NoPadding";
}
c = CipherUtilities.GetCipher(cName);
}
catch (PgpException e)
{
throw e;
}
catch (Exception e)
{
throw new PgpException("exception creating cipher", e);
}
if (c != null)
{
try
{
KeyParameter key = PgpUtilities.MakeKeyFromPassPhrase(
keyData.EncAlgorithm, keyData.S2k, passPhrase);
byte[] iv = new byte[c.GetBlockSize()];
c.Init(false, new ParametersWithIV(key, iv));
encStream = BcpgInputStream.Wrap(new CipherStream(encData.GetInputStream(), c, null));
if (encData is SymmetricEncIntegrityPacket)
{
truncStream = new TruncatedStream(encStream);
string digestName = PgpUtilities.GetDigestName(HashAlgorithmTag.Sha1);
IDigest digest = DigestUtilities.GetDigest(digestName);
encStream = new DigestStream(truncStream, digest, null);
}
for (int i = 0; i != iv.Length; i++)
{
int ch = encStream.ReadByte();
if (ch < 0)
{
throw new EndOfStreamException("unexpected end of stream.");
}
iv[i] = (byte)ch;
}
int v1 = encStream.ReadByte();
int v2 = encStream.ReadByte();
if (v1 < 0 || v2 < 0)
{
throw new EndOfStreamException("unexpected end of stream.");
}
// Note: the oracle attack on the "quick check" bytes is not deemed
// a security risk for PBE (see PgpPublicKeyEncryptedData)
bool repeatCheckPassed =
iv[iv.Length - 2] == (byte)v1 &&
iv[iv.Length - 1] == (byte)v2;
// Note: some versions of PGP appear to produce 0 for the extra
// bytes rather than repeating the two previous bytes
bool zeroesCheckPassed =
v1 == 0 &&
v2 == 0;
if (!repeatCheckPassed && !zeroesCheckPassed)
{
throw new PgpDataValidationException("quick check failed.");
}
return(encStream);
}
catch (PgpException e)
{
throw e;
}
catch (Exception e)
{
throw new PgpException("Exception creating cipher", e);
}
}
else
{
return(encData.GetInputStream());
}
}
/// <summary>Return the decrypted data stream for the packet.</summary>
public Stream GetDataStream(
PgpPrivateKey privKey)
{
byte[] plain = fetchSymmetricKeyData(privKey);
IBufferedCipher c2;
string cipherName = PgpUtilities.GetSymmetricCipherName((SymmetricKeyAlgorithmTag)plain[0]);
string cName = cipherName;
try
{
if (encData is SymmetricEncIntegrityPacket)
{
cName += "/CFB/NoPadding";
}
else
{
cName += "/OpenPGPCFB/NoPadding";
}
c2 = CipherUtilities.GetCipher(cName);
}
catch (PgpException e)
{
throw e;
}
catch (Exception e)
{
throw new PgpException("exception creating cipher", e);
}
if (c2 == null)
{
return(encData.GetInputStream());
}
try
{
KeyParameter key = ParameterUtilities.CreateKeyParameter(
cipherName, plain, 1, plain.Length - 3);
byte[] iv = new byte[c2.GetBlockSize()];
c2.Init(false, new ParametersWithIV(key, iv));
encStream = BcpgInputStream.Wrap(new CipherStream(encData.GetInputStream(), c2, null));
if (encData is SymmetricEncIntegrityPacket)
{
truncStream = new TruncatedStream(encStream);
string digestName = PgpUtilities.GetDigestName(HashAlgorithmTag.Sha1);
IDigest digest = DigestUtilities.GetDigest(digestName);
encStream = new DigestStream(truncStream, digest, null);
}
if (Streams.ReadFully(encStream, iv, 0, iv.Length) < iv.Length)
{
throw new EndOfStreamException("unexpected end of stream.");
}
int v1 = encStream.ReadByte();
int v2 = encStream.ReadByte();
if (v1 < 0 || v2 < 0)
{
throw new EndOfStreamException("unexpected end of stream.");
}
// Note: the oracle attack on the "quick check" bytes is deemed
// a security risk for typical public key encryption usages,
// therefore we do not perform the check.
// bool repeatCheckPassed =
// iv[iv.Length - 2] == (byte)v1
// && iv[iv.Length - 1] == (byte)v2;
//
// // Note: some versions of PGP appear to produce 0 for the extra
// // bytes rather than repeating the two previous bytes
// bool zeroesCheckPassed =
// v1 == 0
// && v2 == 0;
//
// if (!repeatCheckPassed && !zeroesCheckPassed)
// {
// throw new PgpDataValidationException("quick check failed.");
// }
return(encStream);
}
catch (PgpException e)
{
throw e;
}
catch (Exception e)
{
throw new PgpException("Exception starting decryption", e);
}
}
private void UpgradeNavigationMeshGroups(IEnumerable <PackageLoadingAssetFile> navigationMeshAssets, PackageLoadingAssetFile gameSettingsAsset)
{
// Collect all unique groups from all navigation mesh assets
Dictionary <ObjectId, YamlMappingNode> agentSettings = new Dictionary <ObjectId, YamlMappingNode>();
foreach (var navigationMeshAsset in navigationMeshAssets)
{
using (var navigationMesh = navigationMeshAsset.AsYamlAsset())
{
HashSet <ObjectId> selectedGroups = new HashSet <ObjectId>();
foreach (var setting in navigationMesh.DynamicRootNode.NavigationMeshAgentSettings)
{
var currentAgentSettings = setting.Value;
using (DigestStream digestStream = new DigestStream(Stream.Null))
{
BinarySerializationWriter writer = new BinarySerializationWriter(digestStream);
writer.Write((float)currentAgentSettings.Height);
writer.Write((float)currentAgentSettings.Radius);
writer.Write((float)currentAgentSettings.MaxClimb);
writer.Write((float)currentAgentSettings.MaxSlope.Radians);
if (!agentSettings.ContainsKey(digestStream.CurrentHash))
{
agentSettings.Add(digestStream.CurrentHash, currentAgentSettings.Node);
}
selectedGroups.Add(digestStream.CurrentHash);
}
}
// Replace agent settings with group reference on the navigation mesh
navigationMesh.DynamicRootNode.NavigationMeshAgentSettings = DynamicYamlEmpty.Default;
dynamic selectedGroupsMapping = navigationMesh.DynamicRootNode.SelectedGroups = new DynamicYamlMapping(new YamlMappingNode());
foreach (var selectedGroup in selectedGroups)
{
selectedGroupsMapping.AddChild(Guid.NewGuid().ToString("N"), selectedGroup.ToGuid().ToString("D"));
}
}
}
// Add them to the game settings
int groupIndex = 0;
using (var gameSettings = gameSettingsAsset.AsYamlAsset())
{
var defaults = gameSettings.DynamicRootNode.Defaults;
foreach (var setting in defaults)
{
if (setting.Node.Tag == "!Xenko.Navigation.NavigationSettings,Xenko.Navigation")
{
var groups = setting.Groups as DynamicYamlArray;
foreach (var groupToAdd in agentSettings)
{
dynamic newGroup = new DynamicYamlMapping(new YamlMappingNode());
newGroup.Id = groupToAdd.Key.ToGuid().ToString("D");
newGroup.Name = $"Group {groupIndex++}";
newGroup.AgentSettings = groupToAdd.Value;
groups.Add(newGroup);
}
}
}
}
}
/**
* generate a signed object that for a CMS Signed Data
* object - if encapsulate is true a copy
* of the message will be included in the signature. The content type
* is set according to the OID represented by the string signedContentType.
*/
public Stream Open(
Stream outStream,
string signedContentType,
bool encapsulate)
{
//
// ContentInfo
//
BerSequenceGenerator sGen = new BerSequenceGenerator(outStream);
sGen.AddObject(CmsObjectIdentifiers.SignedData);
//
// Signed Data
//
BerSequenceGenerator sigGen = new BerSequenceGenerator(
sGen.GetRawOutputStream(), 0, true);
sigGen.AddObject(CalculateVersion(signedContentType));
Asn1EncodableVector digestAlgs = new Asn1EncodableVector();
//
// add the precalculated SignerInfo digest algorithms.
//
foreach (SignerInformation signer in _signers)
{
digestAlgs.Add(FixAlgID(signer.DigestAlgorithmID));
}
//
// add the new digests
//
foreach (SignerInf signer in _signerInfs)
{
digestAlgs.Add(FixAlgID(signer.DigestAlgorithmID));
}
{
byte[] tmp = new DerSet(digestAlgs).GetEncoded();
sigGen.GetRawOutputStream().Write(tmp, 0, tmp.Length);
}
BerSequenceGenerator eiGen = new BerSequenceGenerator(sigGen.GetRawOutputStream());
eiGen.AddObject(new DerObjectIdentifier(signedContentType));
Stream digStream;
if (encapsulate)
{
BerOctetStringGenerator octGen = new BerOctetStringGenerator(
eiGen.GetRawOutputStream(), 0, true);
if (_bufferSize != 0)
{
digStream = octGen.GetOctetOutputStream(new byte[_bufferSize]);
}
else
{
digStream = octGen.GetOctetOutputStream();
}
}
else
{
digStream = new NullOutputStream();
}
foreach (IDigest d in _messageDigests)
{
digStream = new DigestStream(digStream, null, d);
}
return(new CmsSignedDataOutputStream(this, digStream, signedContentType, sGen, sigGen, eiGen));
}
/// <summary>Return the decrypted input stream, using the passed in passphrase.</summary>
public Stream GetDataStream(char[] passPhrase)
{
try
{
var keyAlgorithm = _keyData.EncAlgorithm;
var key = PgpUtilities.MakeKeyFromPassPhrase(
keyAlgorithm, _keyData.S2K, passPhrase);
var secKeyData = _keyData.GetSecKeyData();
if (secKeyData != null && secKeyData.Length > 0)
{
var keyCipher = CipherUtilities.GetCipher(
PgpUtilities.GetSymmetricCipherName(keyAlgorithm) + "/CFB/NoPadding");
keyCipher.Init(false,
new ParametersWithIV(key, new byte[keyCipher.GetBlockSize()]));
var keyBytes = keyCipher.DoFinal(secKeyData);
keyAlgorithm = (SymmetricKeyAlgorithmTag)keyBytes[0];
key = ParameterUtilities.CreateKeyParameter(
PgpUtilities.GetSymmetricCipherName(keyAlgorithm),
keyBytes, 1, keyBytes.Length - 1);
}
var c = CreateStreamCipher(keyAlgorithm);
var iv = new byte[c.GetBlockSize()];
c.Init(false, new ParametersWithIV(key, iv));
EncStream = BcpgInputStream.Wrap(new CipherStream(EncData.GetInputStream(), c, null));
if (EncData is SymmetricEncIntegrityPacket)
{
TruncStream = new TruncatedStream(EncStream);
var digestName = PgpUtilities.GetDigestName(HashAlgorithmTag.Sha1);
var digest = DigestUtilities.GetDigest(digestName);
EncStream = new DigestStream(TruncStream, digest, null);
}
if (Streams.ReadFully(EncStream, iv, 0, iv.Length) < iv.Length)
{
throw new EndOfStreamException("unexpected end of stream.");
}
var v1 = EncStream.ReadByte();
var v2 = EncStream.ReadByte();
if (v1 < 0 || v2 < 0)
{
throw new EndOfStreamException("unexpected end of stream.");
}
// Note: the oracle attack on the "quick check" bytes is not deemed
// a security risk for PBE (see PgpPublicKeyEncryptedData)
var repeatCheckPassed =
iv[iv.Length - 2] == (byte)v1 &&
iv[iv.Length - 1] == (byte)v2;
// Note: some versions of PGP appear to produce 0 for the extra
// bytes rather than repeating the two previous bytes
var zeroesCheckPassed = v1 == 0 && v2 == 0;
if (!repeatCheckPassed && !zeroesCheckPassed)
{
throw new PgpDataValidationException("quick check failed.");
}
return(EncStream);
}
catch (PgpException)
{
throw;
}
catch (Exception e)
{
throw new PgpException("Exception creating cipher", e);
}
}
private Stream Open(Stream outStr, long length, byte[] buffer)
{
//IL_000d: Unknown result type (might be due to invalid IL or missing references)
//IL_0025: Unknown result type (might be due to invalid IL or missing references)
//IL_0033: Unknown result type (might be due to invalid IL or missing references)
if (cOut != null)
{
throw new InvalidOperationException("generator already in open state");
}
if (((global::System.Collections.ICollection)methods).get_Count() == 0)
{
throw new InvalidOperationException("No encryption methods specified");
}
if (outStr == null)
{
throw new ArgumentNullException("outStr");
}
pOut = new BcpgOutputStream(outStr);
KeyParameter keyParameter;
if (((global::System.Collections.ICollection)methods).get_Count() == 1)
{
if (methods.get_Item(0) is PbeMethod)
{
PbeMethod pbeMethod = (PbeMethod)methods.get_Item(0);
keyParameter = pbeMethod.GetKey();
}
else
{
keyParameter = PgpUtilities.MakeRandomKey(defAlgorithm, rand);
byte[] si = CreateSessionInfo(defAlgorithm, keyParameter);
PubMethod pubMethod = (PubMethod)methods.get_Item(0);
try
{
pubMethod.AddSessionInfo(si, rand);
}
catch (global::System.Exception exception)
{
throw new PgpException("exception encrypting session key", exception);
}
}
pOut.WritePacket((ContainedPacket)methods.get_Item(0));
}
else
{
keyParameter = PgpUtilities.MakeRandomKey(defAlgorithm, rand);
byte[] si2 = CreateSessionInfo(defAlgorithm, keyParameter);
for (int i = 0; i != ((global::System.Collections.ICollection)methods).get_Count(); i++)
{
EncMethod encMethod = (EncMethod)methods.get_Item(i);
try
{
encMethod.AddSessionInfo(si2, rand);
}
catch (global::System.Exception exception2)
{
throw new PgpException("exception encrypting session key", exception2);
}
pOut.WritePacket(encMethod);
}
}
string symmetricCipherName = PgpUtilities.GetSymmetricCipherName(defAlgorithm);
if (symmetricCipherName == null)
{
throw new PgpException("null cipher specified");
}
try
{
symmetricCipherName = ((!withIntegrityPacket) ? (symmetricCipherName + "/OpenPGPCFB/NoPadding") : (symmetricCipherName + "/CFB/NoPadding"));
c = CipherUtilities.GetCipher(symmetricCipherName);
byte[] iv = new byte[c.GetBlockSize()];
c.Init(forEncryption: true, new ParametersWithRandom(new ParametersWithIV(keyParameter, iv), rand));
if (buffer == null)
{
if (withIntegrityPacket)
{
pOut = new BcpgOutputStream(outStr, PacketTag.SymmetricEncryptedIntegrityProtected, length + c.GetBlockSize() + 2 + 1 + 22);
((Stream)pOut).WriteByte((byte)1);
}
else
{
pOut = new BcpgOutputStream(outStr, PacketTag.SymmetricKeyEncrypted, length + c.GetBlockSize() + 2, oldFormat);
}
}
else if (withIntegrityPacket)
{
pOut = new BcpgOutputStream(outStr, PacketTag.SymmetricEncryptedIntegrityProtected, buffer);
((Stream)pOut).WriteByte((byte)1);
}
else
{
pOut = new BcpgOutputStream(outStr, PacketTag.SymmetricKeyEncrypted, buffer);
}
int blockSize = c.GetBlockSize();
byte[] array = new byte[blockSize + 2];
rand.NextBytes(array, 0, blockSize);
global::System.Array.Copy((global::System.Array)array, array.Length - 4, (global::System.Array)array, array.Length - 2, 2);
Stream val = (Stream)(object)(cOut = new CipherStream((Stream)(object)pOut, null, c));
if (withIntegrityPacket)
{
string digestName = PgpUtilities.GetDigestName(HashAlgorithmTag.Sha1);
IDigest digest = DigestUtilities.GetDigest(digestName);
val = (Stream)(object)(digestOut = new DigestStream(val, null, digest));
}
val.Write(array, 0, array.Length);
return((Stream)(object)new WrappedGeneratorStream(this, val));
}
catch (global::System.Exception exception3)
{
throw new PgpException("Exception creating cipher", exception3);
}
}