/// <summary> /// Validates the certificate supplied by the server, and also creates a symmetric encryption key /// </summary> /// <returns><c>true</c>, if certificate was validated, <c>false</c> otherwise.</returns> /// <param name="login">ProtoLogin containing certificate</param> public bool ValidateCertificateAndCreateKey(ProtoLogIn login, out byte[] key) { if (login == null || login.certificate == null) { key = null; return(false); } else { try { // Get certificate X509Certificate2 cert = new X509Certificate2(login.certificate); RSACryptoServiceProvider rsa = (RSACryptoServiceProvider)cert.PublicKey.Key; #if DEBUG if (this.key != null) { if (this.key.Length == 0) { alg = new NetAESEncryption(client); } else { alg = new NetAESEncryption(client, this.key, 0, this.key.Length); } key = rsa.Encrypt(this.key, false); } else { // If no key, do not use an encryption algorithm alg = null; key = null; } #else // Create a new symmetric key TripleDES des = TripleDESCryptoServiceProvider.Create(); des.GenerateKey(); // Encrypt key with server's public key this.key = des.Key; key = rsa.Encrypt(des.Key, false); // Initialise the algoitm alg = new NetAESEncryption(client, des.Key, 0, des.Key.Length); Console.WriteLine("CLIENT: my unencrypted key:"); foreach (var bite in des.Key) { Console.Write(bite.ToString()); } #endif // Validate certificate if (!cert.Verify()) { X509Chain CertificateChain = new X509Chain(); //If you do not provide revokation information, use the following line. CertificateChain.ChainPolicy.RevocationMode = X509RevocationMode.NoCheck; bool IsCertificateChainValid = CertificateChain.Build(cert); if (!IsCertificateChainValid) { for (int i = 0; i < CertificateChain.ChainStatus.Length; i++) { } // TODO change to false after testing return(true); } } // temporary certificate validation fix return(true); //return cert.Verify(); } catch (Exception e) { Console.Error.WriteLine("A problem occurred when parsing certificate from bytes: \n" + "type: " + e.GetType().FullName + "\n " + ", source: " + e.Source + "\n message: " + e.Message); key = null; return(true); } } }
/// <summary>対称アルゴリズム暗号化サービスプロバイダ生成</summary> /// <param name="esa">EnumSymmetricAlgorithm</param> /// <param name="cm">CipherMode</param> /// <param name="pm">PaddingMode</param> /// <returns>SymmetricAlgorithm</returns> private SymmetricAlgorithm CreateSymmetricAlgorithm(EnumSymmetricAlgorithm esa, CipherMode cm, PaddingMode pm) { #region Constructor SymmetricAlgorithm sa = null; #region Aes if (esa.HasFlag(EnumSymmetricAlgorithm.AES_CSP)) { // AesCryptoServiceProviderサービスプロバイダ sa = AesCryptoServiceProvider.Create(); // devps(1703) } else if (esa.HasFlag(EnumSymmetricAlgorithm.AES_M)) { // AesManagedサービスプロバイダ sa = AesManaged.Create(); // devps(1703) } #if NET45 || NET46 #else else if (esa.HasFlag(EnumSymmetricAlgorithm.AES_CNG)) { // AesCngサービスプロバイダ sa = AesCng.Create(); // devps(1703) } #endif #endregion #region TripleDES else if (esa.HasFlag(EnumSymmetricAlgorithm.TDES_CSP)) { // TripleDESCryptoServiceProviderサービスプロバイダ sa = TripleDESCryptoServiceProvider.Create(); // devps(1703) } #if NET45 || NET46 #else else if (esa.HasFlag(EnumSymmetricAlgorithm.TDES_CNG)) { // TripleDESCngサービスプロバイダ sa = TripleDESCng.Create(); // devps(1703) } #endif #endregion #region Others else if (esa.HasFlag(EnumSymmetricAlgorithm.DES_CSP)) { // DESCryptoServiceProviderサービスプロバイダ sa = DESCryptoServiceProvider.Create(); // devps(1703) } else if (esa.HasFlag(EnumSymmetricAlgorithm.RC2_CSP)) { // RC2CryptoServiceProviderサービスプロバイダ sa = RC2CryptoServiceProvider.Create(); // devps(1703) } else if (esa.HasFlag(EnumSymmetricAlgorithm.Rijndael_M)) { // RijndaelManagedサービスプロバイダ sa = RijndaelManaged.Create(); // devps(1703) } #endregion else { throw new ArgumentException( PublicExceptionMessage.ARGUMENT_INCORRECT, "EnumSymmetricAlgorithm esa"); } #endregion #region Options // cmが設定されている場合。 if (cm != 0) { sa.Mode = cm; } // pmが設定されている場合。 if (pm != 0) { sa.Padding = pm; } #endregion return(sa); }
//public static string GenerateOTPCode() //{ // Random random = new Random(); // return new string(Enumerable.Repeat(SingleSignOnSettings.CharactersOfOTPCode, SingleSignOnSettings.NumberCharactersOfOTPCode) // .Select(s => s[random.Next(s.Length)]).ToArray()); //} public static string TripleDESEncrypt(string key, string data) { data = data.Trim(); byte[] keydata = Encoding.ASCII.GetBytes(key); string md5String = BitConverter.ToString(new MD5CryptoServiceProvider().ComputeHash(keydata)).Replace("-", "").ToLower(); byte[] tripleDesKey = Encoding.ASCII.GetBytes(md5String.Substring(0, 24)); TripleDES tripdes = TripleDESCryptoServiceProvider.Create(); tripdes.Mode = CipherMode.ECB; tripdes.Key = tripleDesKey; tripdes.GenerateIV(); MemoryStream ms = new MemoryStream(); CryptoStream encStream = new CryptoStream(ms, tripdes.CreateEncryptor(), CryptoStreamMode.Write); encStream.Write(Encoding.ASCII.GetBytes(data), 0, Encoding.ASCII.GetByteCount(data)); encStream.FlushFinalBlock(); byte[] cryptoByte = ms.ToArray(); ms.Close(); encStream.Close(); return(Convert.ToBase64String(cryptoByte, 0, cryptoByte.GetLength(0)).Trim()); }
private void btDecode_Click(object sender, RoutedEventArgs e) { Passphrase pass = new Passphrase(); pass.Owner = this; pass.ShowDialog(); byte[] decrypted; using (FileStream fileStream = File.OpenRead(file)) { decrypted = new byte[fileStream.Length]; fileStream.Read(decrypted, 0, decrypted.Length); } SymmetricAlgorithm sa; CipherMode mode; PaddingMode padding = PaddingMode.None; byte[] keyT = Encoding.UTF8.GetBytes(pass.pbPass.Password); SHA256 sha256 = new SHA256Cng(); keyT = sha256.ComputeHash(keyT); int n = 0; if (rbDeAES.IsChecked == true) { sa = AesCryptoServiceProvider.Create(); n = 32; } else { sa = TripleDESCryptoServiceProvider.Create(); n = 24; } byte[] key = new byte[n]; Array.Copy(keyT, key, n); byte[] iv = new byte[8]; if (n == 24) { iv = new byte[8]; } else { iv = new byte[16]; } if (rbEnCBC.IsChecked == true) { mode = CipherMode.CBC; } else { if (rbEnCFB.IsEnabled) { mode = CipherMode.CFB; } else { mode = CipherMode.CTS; } } byte[] entrophy = sha256.ComputeHash(Encoding.UTF8.GetBytes(pass.pbPass.Password)); //File.ReadAllBytes(@"D:\OSU\ЗПиД\ЗПиД6\Энтропия.txt");//113 183 // SHA256 sha256 = new SHA256Cng(); // entrophy = sha256.ComputeHash(entrophy); using (FileStream fstream = File.OpenRead(@"D:\OSU\ЗПиД\ЗПиД6\Пароль.txt")) { byte[] keyTemp = new byte[fstream.Length]; fstream.Read(keyTemp, 0, keyTemp.Length); key = ProtectedData.Unprotect(keyTemp, entrophy, DataProtectionScope.CurrentUser); // keyT = Decrypt(temp, sa, key, iv, mode, padding); } //Array.Copy(keyT, key, n); byte[] decr = Decrypt(decrypted, sa, key, iv, mode, padding); string result = Encoding.UTF8.GetString(decr); File.WriteAllText(@"C:\Users\Nastya\Desktop\Университет\ЗПиД\ЗПиД6\Результат.txt", result, Encoding.UTF8); MessageBox.Show("Выполнено!"); tbDeOpenDialog.Text = ""; }
private void Encode_Click(object sender, RoutedEventArgs e) { Passphrase pass = new Passphrase(); pass.Owner = this; pass.ShowDialog(); SymmetricAlgorithm sa; byte[] iv = new byte[8]; CipherMode mode; PaddingMode padding = PaddingMode.Zeros; int n = 0; if (rbEnAES.IsChecked == true) { sa = AesCryptoServiceProvider.Create(); n = 32; } else { sa = TripleDESCryptoServiceProvider.Create(); n = 24; } if (n == 32) { iv = new byte[16]; } byte[] key = new byte[n]; if (rbEnCBC.IsChecked == true) { mode = CipherMode.CBC; } else { if (rbEnCFB.IsChecked == true) { mode = CipherMode.CFB; } else { mode = CipherMode.CTS; } } byte[] entrophy = new byte[32]; /* RNGCryptoServiceProvider rng = new RNGCryptoServiceProvider(); * rng.GetBytes(entrophy);*/ SHA256 sha256 = new SHA256Cng(); entrophy = sha256.ComputeHash(Encoding.UTF8.GetBytes(pass.pbPass.Password));//114 174 3 byte[] salt = Encoding.UTF8.GetBytes("saltsaltsalt"); // File.WriteAllBytes(@"D:\OSU\ЗПиД\ЗПиД6\Энтропия.txt", entrophy); if (rbGeneration.IsChecked == true) { Rfc2898DeriveBytes pbkdf2 = new Rfc2898DeriveBytes(pass.pbPass.Password, salt, 10000); key = pbkdf2.GetBytes(n); } else { Rfc2898DeriveBytes pbkdf2 = new Rfc2898DeriveBytes(pbKeyPhrase.Password, salt, 10000); key = pbkdf2.GetBytes(n); } byte[] encrypted = Encrypt(dataText, sa, key, iv, mode, padding); using ( FileStream fs = new FileStream(@"D:\OSU\ЗПиД\ЗПиД6\Шифр.txt", FileMode.Create)) { fs.Write(encrypted, 0, encrypted.Length); } byte[] keyTemp = Encoding.UTF8.GetBytes(pass.pbPass.Password); // SHA256 sha256 = new SHA256Managed(); keyTemp = sha256.ComputeHash(keyTemp); byte[] keyForkey = new byte[n]; Array.Copy(keyTemp, keyForkey, n); // byte[] en = Encrypt(key, sa, keyForkey, iv, mode, padding); byte[] en = ProtectedData.Protect(key, entrophy, DataProtectionScope.CurrentUser); using ( FileStream fs_key = new FileStream(@"D:\OSU\ЗПиД\ЗПиД6\Пароль.txt", FileMode.Create)) { fs_key.Write(en, 0, en.Length); } MessageBox.Show("Выполнено!"); tbEnOpenDialog.Text = ""; rbGeneration.IsChecked = true; pbKeyPhrase.Password = ""; rbGeneration_Checked(sender, e); }
public static string Decrypt(string text, byte[] key, byte[] iv) { try { return(UTF8Encoding.UTF8.GetString(Transform(Convert.FromBase64String(text), TripleDESCryptoServiceProvider.Create().CreateDecryptor(key, iv)))); } catch (Exception) { return("¡Error...!"); } }