private static void VerifyScope(MemoryProtectionScope scope) { if (((scope != MemoryProtectionScope.SameProcess) && (scope != MemoryProtectionScope.CrossProcess)) && (scope != MemoryProtectionScope.SameLogon)) { throw new ArgumentException(string.Format(CultureInfo.CurrentCulture, SecurityResources.GetResourceString("Arg_EnumIllegalVal"), new object[] { (int) scope })); } }
public static void Unprotect(byte[] encryptedData, MemoryProtectionScope scope) { if (encryptedData == null) { throw new ArgumentNullException("encryptedData"); } if (Environment.OSVersion.Platform == PlatformID.Win32Windows) { throw new NotSupportedException(SecurityResources.GetResourceString("NotSupported_PlatformRequiresNT")); } VerifyScope(scope); if ((encryptedData.Length == 0) || ((((long) encryptedData.Length) % 0x10L) != 0L)) { throw new CryptographicException(SecurityResources.GetResourceString("Cryptography_DpApi_InvalidMemoryLength")); } uint dwFlags = (uint) scope; try { int status = System.Security.Cryptography.CAPI.SystemFunction041(encryptedData, (uint) encryptedData.Length, dwFlags); if (status < 0) { throw new CryptographicException(System.Security.Cryptography.CAPI.CAPISafe.LsaNtStatusToWinError(status)); } } catch (EntryPointNotFoundException) { throw new NotSupportedException(SecurityResources.GetResourceString("NotSupported_PlatformRequiresNT")); } }
// FIXME [DataProtectionPermission (SecurityAction.Demand, UnprotectMemory = true)] public static void Unprotect (byte[] encryptedData, MemoryProtectionScope scope) { if (encryptedData == null) throw new ArgumentNullException ("encryptedData"); Check (encryptedData.Length, scope); try { uint flags = (uint) scope; uint length = (uint) encryptedData.Length; switch (impl) { case MemoryProtectionImplementation.Win32RtlEncryptMemory: int err = RtlDecryptMemory (encryptedData, length, flags); if (err < 0) { string msg = Locale.GetText ("Error. NTSTATUS = {0}.", err); throw new CryptographicException (msg); } break; case MemoryProtectionImplementation.Win32CryptoProtect: bool result = CryptUnprotectMemory (encryptedData, length, flags); if (!result) throw new CryptographicException (Marshal.GetLastWin32Error ()); break; default: throw new PlatformNotSupportedException (); } } catch { // Windows 2000 before SP3 will throw impl = MemoryProtectionImplementation.Unsupported; throw new PlatformNotSupportedException (); } }
public static string DPAPIDecryptText(byte[] nDataToDencrypt, MemoryProtectionScope nScope, byte Corrimiento) { if (nDataToDencrypt == null) return ""; try { var DataDecrypt = new byte[nDataToDencrypt.Length]; for (var i = 0; i < nDataToDencrypt.Length; i++) { var Resultado = (short)(nDataToDencrypt[i] - Corrimiento); DataDecrypt[i] = (byte)(Resultado < 0 ? Resultado + 255 : Resultado); } // Decrypt the data in memory. DPAPIDecryptInMemoryData(DataDecrypt, nScope); var Valor = DPAPIgetTextDencrypt(DataDecrypt); return Valor; } catch { return ""; } }
/// <summary> /// Encrypt a byte array /// </summary> /// <param name="Buffer">Buffer [byte[]]</param> internal static void EncryptProtectedMemory(byte[] Buffer, MemoryProtectionScope Scope) { if (Buffer == null) return; if (Buffer.Length < 1) return; ProtectedMemory.Protect(Buffer, Scope); }
private static void EncryptInMemoryData(byte[] buffer, MemoryProtectionScope scope) { if (buffer.Length <= 0) throw new ArgumentException("buffer"); if (buffer == null) throw new ArgumentNullException("buffer"); ProtectedMemory.Protect(buffer, scope); }
/// <summary> /// 加密内存中的数据. /// </summary> /// <param name="Buffer"></param> /// <param name="Scope"></param> public static void EncryptInMemoryData(byte[] Buffer, MemoryProtectionScope Scope) { if (Buffer.Length <= 0) throw new ArgumentException("Buffer"); if (Buffer == null) throw new ArgumentNullException("Buffer"); // Encrypt the data in memory. The result is stored in the same same array as the original data. ProtectedMemory.Protect(Buffer, Scope); }
public static void Unprotect (byte[] encryptedData, MemoryProtectionScope scope) { if (encryptedData == null) throw new ArgumentNullException ("encryptedData"); if (encryptedData.Length % 16 != 0) throw new CryptographicException ("not a multiple of 16 bytes"); // on Windows this is supported only under XP and later OS throw new PlatformNotSupportedException (); }
private static void DecryptInMemoryData(byte[] buffer, MemoryProtectionScope scope) { if (buffer.Length <= 0) throw new ArgumentException("Buffer"); if (buffer == null) throw new ArgumentNullException("Buffer"); // Decrypt the data in memory. The result is stored in the same same array as the original data. ProtectedMemory.Unprotect(buffer, scope); }
/// <summary> /// Decrypts a string /// </summary> /// <param name="Buffer">Encrypted buffer</param> /// <returns>Decrypted data [string]</returns> internal static string DecryptProtectedString(byte[] Buffer, MemoryProtectionScope Scope) { if (Buffer == null) return string.Empty; if (Buffer.Length < 1) return string.Empty; ProtectedMemory.Unprotect(Buffer, Scope); return Convert.ToBase64String(Buffer); }
// Protect a block of memory. public static void Protect (byte[] userData, MemoryProtectionScope scope) { if(userData == null) { throw new ArgumentNullException("userData"); } if((userData.Length % 16) != 0) { throw new CryptographicException(_("Crypto_MultOf16")); } ProtectedData.Protect(userData, null, scope, userData); }
public static void Protect(byte[] userData, MemoryProtectionScope scope) { byte bt = 5; unchecked { for(int i = 0; i < userData.Length; ++i) { userData[i] ^= bt; bt += 13; } } }
private InMemoryKey(byte[] preProtectedKey, int keyLength, MemoryProtectionScope scope) { if (!(preProtectedKey != null)) throw new ArgumentNullException("preProtectedKey"); if (!(preProtectedKey.Length > 0)) throw new ArgumentException("The key must not be empty"); if (!(keyLength > 0)) throw new ArgumentException("The key must not be empty"); this.keyLength = keyLength; this.isProtected = true; this.protectedKeyData = preProtectedKey; this.scope = scope; }
private void ProtectUnprotect (MemoryProtectionScope scope) { try { byte[] data = new byte [16]; ProtectedMemory.Protect (data, scope); Assert.IsFalse (IsEmpty (data), "Protect"); ProtectedMemory.Unprotect (data, scope); Assert.IsTrue (IsEmpty (data), "Unprotect"); } catch (PlatformNotSupportedException) { Assert.Ignore ("Only supported under Windows 2000 SP3 and later"); } }
public ProtectedMemoryContext(byte[] memory, MemoryProtectionScope scope) { this.memory = memory; this.scope = scope; if (counts.ContainsKey(memory)) { counts[memory]++; } else { counts.Add(memory, 1); ProtectedMemory.Unprotect(memory, scope); } }
private void ProtectUnprotect (MemoryProtectionScope scope) { byte[] data = new byte [16]; ProtectedMemory.Protect (data, scope); int total = 0; for (int i=0; i < 16; i++) total += data [i]; Assert.IsFalse ((total == 0), "Protect"); ProtectedMemory.Unprotect (data, scope); total = 0; for (int i=0; i < 16; i++) total += data [i]; Assert.IsTrue ((total == 0), "Unprotect"); }
public static byte[] DPAPIEncryptText(string nDataToEncrypt, MemoryProtectionScope nScope, byte Corrimiento) { // Create the original data to be encrypted (The data length should be a multiple of 16). byte[] toEncrypt = DPAPIgetBytesToEncrypt(nDataToEncrypt); // Encrypt the data in memory. DPAPIEncryptInMemoryData(toEncrypt, nScope); for (var i = 0; i < toEncrypt.Length; i++) { var Resultado = (short)(toEncrypt[i] + Corrimiento); toEncrypt[i] = (byte)(Resultado > 255 ? Resultado - 255 : Resultado); } return toEncrypt; }
// Protect a block of memory. internal static void Protect (byte[] userData, byte[] optionalEntropy, MemoryProtectionScope scope, byte[] output) { // Get the key to use. byte[] key = GetScopeKey(scope, optionalEntropy); // Encrypt the block of memory using AES. Rijndael alg = new RijndaelManaged(); alg.Mode = CipherMode.CFB; ICryptoTransform transform = alg.CreateEncryptor(key, null); transform.TransformBlock (userData, 0, userData.Length, output, 0); transform.Dispose(); alg.Clear(); Array.Clear(key, 0, key.Length); }
// Get the encryption key to use to protect memory for a scope. private static byte[] GetScopeKey(MemoryProtectionScope scope, byte[] salt) { String key; PasswordDeriveBytes derive; if(scope == MemoryProtectionScope.SameLogon) { key = Environment.UserName; } else { key = Environment.UserName + "/" + Environment.MachineName; } if(salt == null) { salt = new byte [16]; } derive = new PasswordDeriveBytes(key, salt); return derive.CryptDeriveKey("Rijndael", "SHA1", 16, null); }
/// <summary> /// Creates an instance of a protected key. /// </summary> /// <param name="key">Plaintext key data</param> public InMemoryKey(byte[] key) { if (!(key != null)) throw new ArgumentNullException("key"); if (!(key.Length > 0)) throw new ArgumentException("The key must not be empty"); this.keyLength = key.Length; int paddedKeyLength = (int)Math.Ceiling((decimal)key.Length / (decimal)16) * 16; this.protectedKeyData = new byte[paddedKeyLength]; Array.Copy(key, this.protectedKeyData, key.Length); if (IsPlatformSupported()) { this.scope = MemoryProtectionScope.SameProcess; ProtectedMemory.Protect(this.protectedKeyData, this.scope); this.isProtected = true; } }
public static byte[] Protect (byte[] userData, byte[] optionalEntropy, MemoryProtectionScope scope) { // Validate the parameters. if(userData == null) { throw new ArgumentNullException("userData"); } // Protect the data and return it. byte[] output = new byte [userData.Length]; Protect(userData, optionalEntropy, scope, output); return output; }
/// <summary> /// Encrypts a string /// </summary> /// <param name="Data">String to encrypt</param> /// <returns>Encrypted buffer [byte[]]</returns> internal static byte[] EncryptProtectedString(string Data, MemoryProtectionScope Scope) { if (string.IsNullOrEmpty(Data)) return null; byte[] buffer = Convert.FromBase64String(Data); ProtectedMemory.Protect(buffer, Scope); return buffer; }
internal static void Unprotect(byte[] m_pbData, MemoryProtectionScope sameProcess) { throw new NotImplementedException(); }
/// <summary> /// Unprotects data in memory that was protected. /// </summary> /// <param name="data">The byte array in memory to unencrypt.</param> /// <param name="scope">One of the enumeration values that specifies the scope of memory protection.</param> /// <returns>A byte array representing the decrypted data.</returns> public byte[] Unprotect(byte[] data, MemoryProtectionScope scope = MemoryProtectionScope.SameLogon) { ProtectedMemory.Unprotect(data, scope); return(data); }
public static void Unprotect (byte[] encryptedData, MemoryProtectionScope scope) { if (encryptedData == null) throw new ArgumentNullException("encryptedData"); if (Environment.OSVersion.Platform == PlatformID.Win32Windows) throw new NotSupportedException(SecurityResources.GetResourceString("NotSupported_PlatformRequiresNT")); VerifyScope(scope); // The RtlEncryptMemory and RtlDecryptMemory functions are available on WinXP and publicly published // in the ntsecapi.h header file as of Windows Server 2003. // The Rtl functions accept data in 8 byte increments, but we don't want applications to be able to make use of this, // or else they're liable to break when the user upgrades. if ((encryptedData.Length == 0) || (encryptedData.Length % CAPI.CRYPTPROTECTMEMORY_BLOCK_SIZE != 0)) throw new CryptographicException(SecurityResources.GetResourceString("Cryptography_DpApi_InvalidMemoryLength")); uint dwFlags = (uint) scope; try { // RtlDecryptMemory return an NTSTATUS int status = CAPI.SystemFunction041(encryptedData, (uint) encryptedData.Length, dwFlags); if (status < 0) // non-negative numbers indicate success throw new CryptographicException(CAPI.CAPISafe.LsaNtStatusToWinError(status)); } catch (EntryPointNotFoundException) { throw new NotSupportedException(SecurityResources.GetResourceString("NotSupported_PlatformRequiresNT")); } }
public static byte[] Unprotect(byte[] userData, MemoryProtectionScope scope) { throw new NotImplementedException(); }
public ProtectedMemoryContext(byte[] memory, MemoryProtectionScope scope) { this.memory = memory; this.scope = scope; ProtectedMemory.Unprotect(memory, scope); }
public static void Unprotect(byte[] data, MemoryProtectionScope scope) { }
public static void Protect(byte[] data, MemoryProtectionScope scope) { CryptoUtil.ProtectData(data, null, DataProtectionScope.CurrentUser); }
public static void Unprotect(byte[] data, MemoryProtectionScope scope) { }
public static void Unprotect(byte[] data, MemoryProtectionScope scope) { ProtectedData.Unprotect(data, null, DataProtectionScope.CurrentUser); }
private static void Check (int size, MemoryProtectionScope scope) { if (size % BlockSize != 0) { string msg = Locale.GetText ("Not a multiple of {0} bytes.", BlockSize); throw new CryptographicException (msg); } if ((scope < MemoryProtectionScope.SameProcess) || (scope > MemoryProtectionScope.SameLogon)) { string msg = Locale.GetText ("Invalid enum value for '{0}'.", "MemoryProtectionScope"); throw new ArgumentException (msg, "scope"); } switch (impl) { case MemoryProtectionImplementation.Unknown: Detect (); break; case MemoryProtectionImplementation.Unsupported: throw new PlatformNotSupportedException (); } }
/// <summary> /// Creates an instance of the protected key from a byte array that has already been protected using the ProtectedMemory.Protect method call. /// </summary> /// <param name="preProtectedKey">Pre-protected key data</param> /// <param name="keyLength">The length of the plaintext key (protected memory may need to be padded)</param> /// <param name="scope">The memory protection scope that was used to protect the memory</param> /// <returns>A protected key instance from the provided key</returns> public static InMemoryKey CreateProtectedKeyFromPreProtectedMemory(byte[] preProtectedKey, int keyLength, MemoryProtectionScope scope) { return new InMemoryKey(preProtectedKey, keyLength, scope); }
// Methods public static void Protect(byte[] userData, MemoryProtectionScope scope) { }
// Methods public static void Protect(byte[] userData, MemoryProtectionScope scope) { }
public static void Unprotect(byte[] encryptedData, MemoryProtectionScope scope) { Protect(encryptedData, scope); }
public static void Unprotect(byte[] encryptedData, MemoryProtectionScope scope) { Protect(encryptedData, scope); }