public void StreamEncryptionDecryptBadNonce()
{
StreamEncryption.Decrypt(
Utilities.HexToBinary("c7b7f04c00e14b02dd56c78c"),
Encoding.UTF8.GetBytes("ABCDEFGHIJKLMNOPQRSTUVW"),
Encoding.UTF8.GetBytes("12345678901234567890123456789012"));
}
public void XSalsa20Test()
{
var key = StreamEncryption.GenerateKey();
var nonce = StreamEncryption.GenerateNonce();
string message = "Hello, World!";
var cipherText = StreamEncryption.Encrypt(message, nonce, key);
var decrypted = StreamEncryption.Decrypt(cipherText, nonce, key);
Assert.AreEqual(message, System.Text.Encoding.UTF8.GetString(decrypted));
byte[] byteMessage = System.Text.Encoding.UTF8.GetBytes(message);
cipherText = StreamEncryption.Encrypt(byteMessage, nonce, key);
decrypted = StreamEncryption.Decrypt(cipherText, nonce, key);
Assert.AreEqual(Convert.ToBase64String(byteMessage), Convert.ToBase64String(decrypted));
cipherText = StreamEncryption.EncryptXSalsa20(message, nonce, key);
decrypted = StreamEncryption.DecryptXSalsa20(cipherText, nonce, key);
Assert.AreEqual(message, System.Text.Encoding.UTF8.GetString(decrypted));
byteMessage = System.Text.Encoding.UTF8.GetBytes(message);
cipherText = StreamEncryption.EncryptXSalsa20(byteMessage, nonce, key);
decrypted = StreamEncryption.DecryptXSalsa20(cipherText, nonce, key);
Assert.AreEqual(Convert.ToBase64String(byteMessage), Convert.ToBase64String(decrypted));
}
public void OpenSecretBox()
{
const string EXPECTED = "Adam Caudill";
var actual = Encoding.UTF8.GetString(StreamEncryption.Decrypt(
Utilities.HexToBinary("c7b7f04c00e14b02dd56c78c"),
Encoding.UTF8.GetBytes("ABCDEFGHIJKLMNOPQRSTUVWX"),
Encoding.UTF8.GetBytes("12345678901234567890123456789012")));
Assert.AreEqual(EXPECTED, actual);
}
public void StreamEncryptionDecryptBadNonce()
{
Assert.Throws <NonceOutOfRangeException>(() =>
{
StreamEncryption.Decrypt(
Utilities.HexToBinary("c7b7f04c00e14b02dd56c78c"),
Encoding.UTF8.GetBytes("ABCDEFGHIJKLMNOPQRSTUVW"),
Encoding.UTF8.GetBytes("12345678901234567890123456789012"));
});
}
private static byte[] DecryptFileBytes(byte[] fileBytes, byte[] nonce, byte[] key)
{
byte[] decryptedBytes = new byte[fileBytes.Length];
if (Globals.EncryptionAlgorithm == (int)Cipher.XChaCha20)
{
decryptedBytes = StreamEncryption.DecryptXChaCha20(fileBytes, nonce, key);
}
else if (Globals.EncryptionAlgorithm == (int)Cipher.XSalsa20)
{
decryptedBytes = StreamEncryption.Decrypt(fileBytes, nonce, key);
}
return(decryptedBytes);
}
/// <summary>
/// Decrypts the Identity Master Key (IMK) for for the given <paramref name="identityUniqueId"/>
/// using the provided <paramref name="quickPass"/> and returns it. If <c>null</c> is passed for
/// <paramref name="identityUniqueId"/>, the decrypted IML for the current identity will be returned.
/// </summary>
/// <param name="quickPass">The QuickPass (first x characters from the identity's master password
/// which was used to encrypt the IMK when setting the QuickPass entry for the identity.</param>
/// <param name="identityUniqueId">The hex representation of the identity's unique id (block 0),
/// or <c>null</c> if you want to decrypt the current identity's IMK.</param>
/// <param name="progress">An object implementing the IProgress interface for tracking the operation's progress (optional).</param>
/// <param name="progressText">A string representing a text descrition for the progress indicator (optional).</param>
/// <returns>The decrypted block 1 keys (IMK, ILK) for the given <paramref name="identityUniqueId"/>, or
/// <c>null</c> if no such QuickPass entry exists.</returns>
public async Task <QuickPassDecryptedKeys> GetQuickPassDecryptedImk(string quickPass, string identityUniqueId = null,
IProgress <KeyValuePair <int, string> > progress = null, string progressText = null)
{
QuickPassItem qpi = null;
if (identityUniqueId == null)
{
if (_identityManager.CurrentIdentity == null)
{
return(null);
}
identityUniqueId = _identityManager.CurrentIdentity?.Block0?.UniqueIdentifier?.ToHex();
}
if (identityUniqueId == null)
{
Log.Error("Could not resolve current identity in {MethodName}, throwing Exception!",
nameof(GetQuickPassDecryptedImk));
throw new InvalidOperationException("Cannot return QuickPass-decrypted IMK without an identity!");
}
lock (_dataSyncObj)
{
if (!_quickPassItems.ContainsKey(identityUniqueId))
{
Log.Warning("No identity found for id {IdentityUniqueId} in {MethodName}",
identityUniqueId, nameof(GetQuickPassDecryptedImk));
return(null);
}
qpi = _quickPassItems[identityUniqueId];
}
byte[] key = await SQRL.EnScryptCT(quickPass, qpi.ScryptRandomSalt, (int)Math.Pow(2, 9),
qpi.ScryptIterationCount, progress, progressText);
byte[] decryptedImk = StreamEncryption.Decrypt(qpi.EncryptedImk, qpi.Nonce, key);
byte[] decryptedIlk = StreamEncryption.Decrypt(qpi.EncryptedIlk, qpi.Nonce, key);
Log.Information("QuickPass retrieved for identity {IdentityUniqueId}",
identityUniqueId);
return(new QuickPassDecryptedKeys(decryptedImk, decryptedIlk));
}