private static PbeParametersGenerator MakePbeGenerator(string type, IDigest digest, byte[] key, byte[] salt, int iterationCount)
{
//IL_0066: Unknown result type (might be due to invalid IL or missing references)
PbeParametersGenerator pbeParametersGenerator;
if (type.Equals("Pkcs5S1"))
{
pbeParametersGenerator = new Pkcs5S1ParametersGenerator(digest);
}
else if (type.Equals("Pkcs5S2"))
{
pbeParametersGenerator = new Pkcs5S2ParametersGenerator();
}
else if (type.Equals("Pkcs12"))
{
pbeParametersGenerator = new Pkcs12ParametersGenerator(digest);
}
else
{
if (!type.Equals("OpenSsl"))
{
throw new ArgumentException("Unknown PBE type: " + type, "type");
}
pbeParametersGenerator = new OpenSslPbeParametersGenerator();
}
pbeParametersGenerator.Init(key, salt, iterationCount);
return(pbeParametersGenerator);
}
/// <summary>
/// Borrowed from https://github.com/vadimkantorov/wemosetup/blob/master/wemosetup.py
/// </summary>
/// <param name="password"></param>
/// <param name="metainfo"></param>
/// <returns></returns>
private string EncryptPassword(string password, string metainfo)
{
string[] metaInfoParts = metainfo.Split('|');
string keydata = metaInfoParts[0].Substring(0, 6) + metaInfoParts[1] + metaInfoParts[0].Substring(6, 6);
string salt = keydata.Substring(0, 8);
string iv = keydata.Substring(0, 16);
byte[] passwordAsBytes = Encoding.ASCII.GetBytes(Password);
OpenSslPbeParametersGenerator keyGen = new OpenSslPbeParametersGenerator();
keyGen.Init(Encoding.ASCII.GetBytes(keydata), Encoding.ASCII.GetBytes(salt));
ICipherParameters cipherParams = keyGen.GenerateDerivedParameters("AES128", 128);
AesEngine engine = new AesEngine();
CbcBlockCipher blockCipher = new CbcBlockCipher(engine);
PaddedBufferedBlockCipher cipher = new PaddedBufferedBlockCipher(blockCipher, new Pkcs7Padding());
ParametersWithIV keyParamWithIv = new ParametersWithIV(cipherParams, Encoding.ASCII.GetBytes(iv), 0, 16);
cipher.Init(true, keyParamWithIv);
byte[] outputBytes = new byte[cipher.GetOutputSize(passwordAsBytes.Length)];
int length = cipher.ProcessBytes(passwordAsBytes, outputBytes, 0);
cipher.DoFinal(outputBytes, length);
return(Convert.ToBase64String(outputBytes));
}
public override void PerformTest()
{
byte[] salt = new byte[16];
int iCount = 100;
for (int i = 0; i != salt.Length; i++)
{
salt[i] = (byte)i;
}
PbeParametersGenerator pGen = new OpenSslPbeParametersGenerator();
pGen.Init(
PbeParametersGenerator.Pkcs5PasswordToBytes(password),
salt,
iCount);
ParametersWithIV parameters = (ParametersWithIV)
pGen.GenerateDerivedParameters(baseAlgorithm, keySize, ivSize);
KeyParameter encKey = (KeyParameter)parameters.Parameters;
IBufferedCipher c;
if (baseAlgorithm.Equals("RC4"))
{
c = CipherUtilities.GetCipher(baseAlgorithm);
c.Init(true, encKey);
}
else
{
c = CipherUtilities.GetCipher(baseAlgorithm + "/CBC/PKCS7Padding");
c.Init(true, parameters);
}
byte[] enc = c.DoFinal(salt);
c = CipherUtilities.GetCipher(algorithm);
// PBEKeySpec keySpec = new PBEKeySpec(password, salt, iCount);
// SecretKeyFactory fact = SecretKeyFactory.getInstance(algorithm);
//
// c.Init(false, fact.generateSecret(keySpec));
Asn1Encodable algParams = PbeUtilities.GenerateAlgorithmParameters(
algorithm, salt, iCount);
ICipherParameters cipherParams = PbeUtilities.GenerateCipherParameters(
algorithm, password, algParams);
c.Init(false, cipherParams);
byte[] dec = c.DoFinal(enc);
if (!AreEqual(salt, dec))
{
Fail("" + algorithm + "failed encryption/decryption test");
}
}
static PbeParametersGenerator MakePbeGenerator(
string type,
IDigest digest,
byte[] key,
byte[] salt,
int iterationCount)
{
PbeParametersGenerator generator;
if (type.Equals(Pkcs5S1))
{
generator = new Pkcs5S1ParametersGenerator(digest);
}
else if (type.Equals(Pkcs5S2))
{
generator = new Pkcs5S2ParametersGenerator();
}
else if (type.Equals(Pkcs12))
{
generator = new Pkcs12ParametersGenerator(digest);
}
else if (type.Equals(OpenSsl))
{
generator = new OpenSslPbeParametersGenerator();
}
else
{
throw new ArgumentException("Unknown PBE type: " + type, "type");
}
generator.Init(key, salt, iterationCount);
return(generator);
}
private static PbeParametersGenerator MakePbeGenerator(string type, IDigest digest, byte[] key, byte[] salt, int iterationCount)
{
PbeParametersGenerator pbeParametersGenerator;
if (type.Equals("Pkcs5S1"))
{
pbeParametersGenerator = new Pkcs5S1ParametersGenerator(digest);
}
else if (type.Equals("Pkcs5S2"))
{
pbeParametersGenerator = new Pkcs5S2ParametersGenerator();
}
else if (type.Equals("Pkcs12"))
{
pbeParametersGenerator = new Pkcs12ParametersGenerator(digest);
}
else
{
if (!type.Equals("OpenSsl"))
{
throw new ArgumentException("Unknown PBE type: " + type, "type");
}
pbeParametersGenerator = new OpenSslPbeParametersGenerator();
}
pbeParametersGenerator.Init(key, salt, iterationCount);
return(pbeParametersGenerator);
}
public IPasswordBasedDeriver <OpenSslParameters> Build()
{
Utils.ApprovedModeCheck("OpenSSL PBE", ALGORITHM_OPENSSL);
OpenSslParameters parameters = new OpenSslParameters(converter, password, salt);
OpenSslPbeParametersGenerator gen = new OpenSslPbeParametersGenerator();
gen.Init(parameters.Password, parameters.Salt, 1);
return(new PasswordBasedDeriver <OpenSslParameters>(parameters, gen));
}
private static ICipherParameters GetCipherParameters(
char[] password,
PemBaseAlg baseAlg,
byte[] salt)
{
string algorithm;
int keyBits;
switch (baseAlg)
{
case PemBaseAlg.AES_128: keyBits = 128; algorithm = "AES128"; break;
case PemBaseAlg.AES_192: keyBits = 192; algorithm = "AES192"; break;
case PemBaseAlg.AES_256: keyBits = 256; algorithm = "AES256"; break;
case PemBaseAlg.BF: keyBits = 128; algorithm = "BLOWFISH"; break;
case PemBaseAlg.DES: keyBits = 64; algorithm = "DES"; break;
case PemBaseAlg.DES_EDE: keyBits = 128; algorithm = "DESEDE"; break;
case PemBaseAlg.DES_EDE3: keyBits = 192; algorithm = "DESEDE3"; break;
case PemBaseAlg.RC2: keyBits = 128; algorithm = "RC2"; break;
case PemBaseAlg.RC2_40: keyBits = 40; algorithm = "RC2"; break;
case PemBaseAlg.RC2_64: keyBits = 64; algorithm = "RC2"; break;
default:
return(null);
}
OpenSslPbeParametersGenerator pGen = new OpenSslPbeParametersGenerator();
pGen.Init(PbeParametersGenerator.Pkcs5PasswordToBytes(password), salt);
return(pGen.GenerateDerivedParameters(algorithm, keyBits));
}
private static ICipherParameters GetCipherParameters(
char[] password,
string baseAlg,
byte[] salt)
{
string algorithm;
int keyBits;
switch (baseAlg)
{
case "AES-128": keyBits = 128; algorithm = "AES128"; break;
case "AES-192": keyBits = 192; algorithm = "AES192"; break;
case "AES-256": keyBits = 256; algorithm = "AES256"; break;
case "BF": keyBits = 128; algorithm = "BLOWFISH"; break;
case "DES": keyBits = 64; algorithm = "DES"; break;
case "DES-EDE": keyBits = 128; algorithm = "DESEDE"; break;
case "DES-EDE3": keyBits = 192; algorithm = "DESEDE3"; break;
case "RC2": keyBits = 128; algorithm = "RC2"; break;
case "RC2-40": keyBits = 40; algorithm = "RC2"; break;
case "RC2-64": keyBits = 64; algorithm = "RC2"; break;
default:
return(null);
}
OpenSslPbeParametersGenerator pGen = new OpenSslPbeParametersGenerator();
pGen.Init(PbeParametersGenerator.Pkcs5PasswordToBytes(password), salt);
return(pGen.GenerateDerivedParameters(algorithm, keyBits));
}
/**
* create the secret key needed for this object, fetching the password
*/
private ICipherParameters GetKey(
string algorithm,
int keyLength,
byte[] salt)
{
if (pFinder == null)
{
throw new InvalidOperationException("No password finder specified, but a password is required");
}
char[] password = pFinder.GetPassword();
if (password == null)
{
throw new IOException("Password is null, but a password is required");
}
OpenSslPbeParametersGenerator pGen = new OpenSslPbeParametersGenerator();
pGen.Init(PbeParametersGenerator.Pkcs5PasswordToBytes(password), salt);
return(pGen.GenerateDerivedParameters(keyLength * 8));
}
public void WriteObject(
object obj,
string algorithm,
char[] password,
SecureRandom random)
{
if (obj == null)
{
throw new ArgumentNullException("obj");
}
if (algorithm == null)
{
throw new ArgumentNullException("algorithm");
}
if (password == null)
{
throw new ArgumentNullException("password");
}
if (random == null)
{
throw new ArgumentNullException("random");
}
byte[] keyData = null;
if (obj is RsaPrivateCrtKeyParameters)
{
RsaPrivateCrtKeyParameters k = (RsaPrivateCrtKeyParameters)obj;
keyData = PrivateKeyInfoFactory.CreatePrivateKeyInfo(k).PrivateKey.GetEncoded();
}
else
{
// TODO Support other types?
throw new ArgumentException("Object type not supported: " + obj.GetType().FullName, "obj");
}
byte[] salt = new byte[8];
random.NextBytes(salt);
OpenSslPbeParametersGenerator pGen = new OpenSslPbeParametersGenerator();
pGen.Init(PbeParametersGenerator.Pkcs5PasswordToBytes(password), salt);
ICipherParameters secretKey = null;
if (algorithm.ToUpper(CultureInfo.InvariantCulture).Equals("DESEDE"))
{
// generate key
int keyLength = 24;
secretKey = pGen.GenerateDerivedParameters(keyLength * 8);
}
else
{
throw new IOException("unknown algorithm in WriteObject");
}
byte[] encData = null;
// cipher
try
{
IBufferedCipher c = CipherUtilities.GetCipher("DESede/CBC/PKCS5Padding");
c.Init(true, new ParametersWithIV(secretKey, salt));
encData = c.DoFinal(keyData);
}
catch (Exception e)
{
throw new IOException("exception using cipher: " + e.ToString());
}
// write the data
string type = "RSA PRIVATE KEY";
WriteHeader(type);
writer.WriteLine("Proc-Type: 4,ENCRYPTED");
writer.Write("DEK-Info: DES-EDE3-CBC,");
WriteHexEncoded(salt);
writer.WriteLine();
WriteBase64Encoded(encData);
WriteFooter(type);
}
