private static byte[] EncryptKeyData( byte[] rawKeyData, SymmetricKeyAlgorithmTag encAlgorithm, char[] passPhrase, ISecureRandom random, out S2k s2K, out byte[] iv) { IBufferedCipher c; try { var cName = PgpUtilities.GetSymmetricCipherName(encAlgorithm); c = CipherUtilities.GetCipher(cName + "/CFB/NoPadding"); } catch (Exception e) { throw new PgpException("Exception creating cipher", e); } var s2KIv = new byte[8]; random.NextBytes(s2KIv); s2K = new S2k(HashAlgorithmTag.Sha1, s2KIv, 0x60); var kp = PgpUtilities.MakeKeyFromPassPhrase(encAlgorithm, s2K, passPhrase); iv = new byte[c.GetBlockSize()]; random.NextBytes(iv); c.Init(true, new ParametersWithRandom(new ParametersWithIV(kp, iv), random)); return(c.DoFinal(rawKeyData)); }
/** * Method init * * @param forWrapping * @param param */ public void Init( bool forWrapping, ICipherParameters parameters) { this.forWrapping = forWrapping; this.engine = new CbcBlockCipher(new RC2Engine()); if (parameters is ParametersWithRandom) { ParametersWithRandom pWithR = (ParametersWithRandom)parameters; sr = pWithR.Random; parameters = pWithR.Parameters; } else { sr = new SecureRandom(); } if (parameters is ParametersWithIV) { if (!forWrapping) { throw new ArgumentException("You should not supply an IV for unwrapping"); } this.paramPlusIV = (ParametersWithIV)parameters; this.iv = this.paramPlusIV.GetIV(); this.parameters = this.paramPlusIV.Parameters; if (this.iv.Length != 8) { throw new ArgumentException("IV is not 8 octets"); } } else { this.parameters = parameters; if (this.forWrapping) { // Hm, we have no IV but we want to wrap ?!? // well, then we have to create our own IV. this.iv = new byte[8]; sr.NextBytes(iv); this.paramPlusIV = new ParametersWithIV(this.parameters, this.iv); } } }
public byte[] Wrap( byte[] inBytes, int inOff, int inLen) { if (!forWrapping) { throw new InvalidOperationException("not set for wrapping"); } engine.Init(true, param); int blockSize = engine.GetBlockSize(); byte[] cekBlock; if (inLen + 4 < blockSize * 2) { cekBlock = new byte[blockSize * 2]; } else { cekBlock = new byte[(inLen + 4) % blockSize == 0 ? inLen + 4 : ((inLen + 4) / blockSize + 1) * blockSize]; } cekBlock[0] = (byte)inLen; cekBlock[1] = (byte)~inBytes[inOff]; cekBlock[2] = (byte)~inBytes[inOff + 1]; cekBlock[3] = (byte)~inBytes[inOff + 2]; Array.Copy(inBytes, inOff, cekBlock, 4, inLen); rand.NextBytes(cekBlock, inLen + 4, cekBlock.Length - inLen - 4); for (int i = 0; i < cekBlock.Length; i += blockSize) { engine.ProcessBlock(cekBlock, i, cekBlock, i); } for (int i = 0; i < cekBlock.Length; i += blockSize) { engine.ProcessBlock(cekBlock, i, cekBlock, i); } return(cekBlock); }
private byte[] EncodeBlock(byte[] input, int inOff, int inLen) { if (inLen > GetInputBlockSize()) { throw new ArgumentException(@"input data too large", "inLen"); } var block = new byte[_engine.GetInputBlockSize()]; if (_forPrivateKey) { block[0] = 0x01; // type code 1 for (var i = 1; i != block.Length - inLen - 1; i++) { block[i] = (byte)0xFF; } } else { _random.NextBytes(block); // random fill block[0] = 0x02; // type code 2 // // a zero byte marks the end of the padding, so all // the pad bytes must be non-zero. // for (var i = 1; i != block.Length - inLen - 1; i++) { while (block[i] == 0) { block[i] = (byte)_random.NextInt(); } } } block[block.Length - inLen - 1] = 0x00; // mark the end of the padding Array.Copy(input, inOff, block, block.Length - inLen, inLen); return(_engine.ProcessBlock(block, 0, block.Length)); }
/// <summary> Generate a signature for the message we've been loaded with using /// the key we were initialised with. /// </summary> public virtual byte[] GenerateSignature() { _contentDigest1.DoFinal(_mDash, _mDash.Length - _hLen - _sLen); if (_sLen != 0) { _random.NextBytes(_salt); _salt.CopyTo(_mDash, _mDash.Length - _sLen); } var h = new byte[_hLen]; _contentDigest2.BlockUpdate(_mDash, 0, _mDash.Length); _contentDigest2.DoFinal(h, 0); _block[_block.Length - _sLen - 1 - _hLen - 1] = (byte)(0x01); _salt.CopyTo(_block, _block.Length - _sLen - _hLen - 1); byte[] dbMask = MaskGeneratorFunction1(h, 0, h.Length, _block.Length - _hLen - 1); for (int i = 0; i != dbMask.Length; i++) { _block[i] ^= dbMask[i]; } _block[0] &= (byte)((0xff >> ((_block.Length * 8) - _emBits))); h.CopyTo(_block, _block.Length - _hLen - 1); _block[_block.Length - 1] = _trailer; byte[] b = _cipher.ProcessBlock(_block, 0, _block.Length); ClearBlock(_block); return(b); }
private static byte[] EncryptKeyData( byte[] rawKeyData, SymmetricKeyAlgorithmTag encAlgorithm, char[] passPhrase, ISecureRandom random, out S2k s2K, out byte[] iv) { IBufferedCipher c; try { var cName = PgpUtilities.GetSymmetricCipherName(encAlgorithm); c = CipherUtilities.GetCipher(cName + "/CFB/NoPadding"); } catch (Exception e) { throw new PgpException("Exception creating cipher", e); } var s2KIv = new byte[8]; random.NextBytes(s2KIv); s2K = new S2k(HashAlgorithmTag.Sha1, s2KIv, 0x60); var kp = PgpUtilities.MakeKeyFromPassPhrase(encAlgorithm, s2K, passPhrase); iv = new byte[c.GetBlockSize()]; random.NextBytes(iv); c.Init(true, new ParametersWithRandom(new ParametersWithIV(kp, iv), random)); return c.DoFinal(rawKeyData); }
/// <summary> Generate a signature for the loaded message using the key we were /// initialised with. /// </summary> public byte[] GenerateSignature() { int digSize = digest.GetDigestSize(); byte[] m2Hash = new byte[digSize]; digest.DoFinal(m2Hash, 0); byte[] C = new byte[8]; LtoOSP(messageLength * 8, C); digest.BlockUpdate(C, 0, C.Length); digest.BlockUpdate(mBuf, 0, messageLength); digest.BlockUpdate(m2Hash, 0, m2Hash.Length); byte[] salt; if (standardSalt != null) { salt = standardSalt; } else { salt = new byte[saltLength]; random.NextBytes(salt); } digest.BlockUpdate(salt, 0, salt.Length); byte[] hash = new byte[digest.GetDigestSize()]; digest.DoFinal(hash, 0); int tLength = 2; if (trailer == TrailerImplicit) { tLength = 1; } int off = block.Length - messageLength - salt.Length - hLen - tLength - 1; block[off] = (byte)(0x01); Array.Copy(mBuf, 0, block, off + 1, messageLength); Array.Copy(salt, 0, block, off + 1 + messageLength, salt.Length); byte[] dbMask = MaskGeneratorFunction1(hash, 0, hash.Length, block.Length - hLen - tLength); for (int i = 0; i != dbMask.Length; i++) { block[i] ^= dbMask[i]; } Array.Copy(hash, 0, block, block.Length - hLen - tLength, hLen); if (trailer == TrailerImplicit) { block[block.Length - 1] = (byte)TrailerImplicit; } else { block[block.Length - 2] = (byte)((uint)trailer >> 8); block[block.Length - 1] = (byte)trailer; } block[0] &= (byte)(0x7f); byte[] b = cipher.ProcessBlock(block, 0, block.Length); ClearBlock(mBuf); ClearBlock(block); messageLength = 0; return(b); }