public string Encrypt(string plainString)
{
var plainBytes = BytesHelper.GetUTF8StringBytes(plainString);
var secureHeadAndBytes = Encrypt(plainBytes);
return(secureHeadAndBytes != null?Convert.ToBase64String(secureHeadAndBytes) : null);
}
//class
private static byte[] SaltString(string data, string salt, uint saltIterations, uint bytesCount)
{
byte[] saltedBytes = null;
Rfc2898DeriveBytes deriveBytes = null;
try
{
deriveBytes = new Rfc2898DeriveBytes(data, BytesHelper.GetUTF8StringBytes(salt), (int)saltIterations);
saltedBytes = deriveBytes.GetBytes((int)bytesCount);
}
catch (Exception)
{
saltedBytes = null;
}
finally
{
if (deriveBytes is IDisposable &&
deriveBytes != null)
{
((IDisposable)deriveBytes).Dispose();
deriveBytes = null;
}
}
return(saltedBytes);
}
public SaltedBytesCache(
SecureHead secureHead,
SecurePassword securePassword)
{
if (secureHead == null)
{
throw new ArgumentException("secureHead should NOT be null.");
}
if (securePassword == null)
{
throw new ArgumentException("securePassword should NOT be null.");
}
byte[] saltedPasswordBytes = GetSaltedPassowrdBytes(secureHead, securePassword);
if (BytesHelper.IsNullOrEmptyArray(saltedPasswordBytes) == true)
{
throw new ArgumentException("saltedPasswordBytes should NOT be null.");
}
byte[] saltedInitialVectorBytes = GetSaltedInitialVectorBytes(secureHead);
if (BytesHelper.IsNullOrEmptyArray(saltedInitialVectorBytes) == true)
{
throw new ArgumentException("saltedInitialVectorBytes should NOT be null.");
}
SecureHead = secureHead;
SaltedPasswordBytes = saltedPasswordBytes;
SaltedInitiaVectorBytes = saltedInitialVectorBytes;
}
public string Decrypt(string secureString)
{
string result = null;
try
{
byte[] secureBytes = Convert.FromBase64String(secureString);
uint saltBytesCount = 0;
uint initiaVectorBytesCount = 0;
SecureHead.DecodeByteCounts(secureBytes, 0, out saltBytesCount, out initiaVectorBytesCount);
SecureHead secureHead = SecureHead.Decode(
secureBytes,
2 * sizeof(uint),
saltBytesCount,
initiaVectorBytesCount);
byte[] plainBytes = Decrypt(secureBytes, secureHead.TotalBytesCount, secureHead.SecureBytesCount, secureHead);
if (plainBytes != null)
{
result = BytesHelper.GetUTF8String(plainBytes, 0, (uint)plainBytes.Length);
}
}
catch (Exception e)
{
//ignore all exceptions according to requirements
}
return(result);
}
private void CleanupSaltedBytesCache(SaltedBytesCache saltedBytesCache)
{
if (saltedBytesCache != null)
{
BytesHelper.RemoveArray(saltedBytesCache.SaltedPasswordBytes);
BytesHelper.RemoveArray(saltedBytesCache.SaltedInitiaVectorBytes);
}
}
public byte[] Decrypt(byte[] secureBytes, uint offset, uint count, SecureHead secureHead)
{
string error = null;
byte[] bytes = null;
if (isDisposed == true)
{
error = "security manager has been disposed.";
}
if (BytesHelper.IsNullOrEmptyArray(secureBytes) == true)
{
error = "secureBytes array should NOT be null or empty.";
}
if (Config.IsValid == false)
{
error = "Config is not valid.";
}
if (secureHead == null)
{
error = "secureHead should NOT be null.";
}
if (error == null)
{
try
{
SaltedBytesCache decryptionCache = GetDecryptionSaltedBytesCache(secureHead);
bytes = AesDecrypt(
secureBytes,
offset,
count,
decryptionCache.SaltedPasswordBytes,
decryptionCache.SaltedInitiaVectorBytes);
}
catch (Exception e)
{
#if DEBUG
Env.Instance.ShowMessage($"decrypt exception desc={e.Message} stack trace={e.StackTrace}");
#endif
}
}
else
{
#if DEBUG
Env.Instance.ShowMessage(error);
#endif
}
return(bytes);
}
//class
public static void DecodeByteCounts(byte[] bytes, uint offset, out uint saltBytesCount, out uint initiaVectorBytesCount)
{
if (BytesHelper.IsNullOrEmptyArray(bytes) == true ||
bytes.Length - offset < 2 * sizeof(uint))
{
throw new ArgumentException(
string.Format("bytes array should have {0} bytes at least.",
2 * sizeof(uint)));
}
saltBytesCount = BytesHelper.GetUInt32(bytes, offset);
initiaVectorBytesCount = BytesHelper.GetUInt32(bytes, offset + sizeof(uint));
}
public static SecureHead Decode(byte[] bytes, uint offset, uint saltBytesCount, uint initiaVectorBytesCount)
{
uint totalBytesCount = GetPart2BytesCount() + saltBytesCount + initiaVectorBytesCount;
if (BytesHelper.IsNullOrEmptyArray(bytes) == true ||
bytes.Length - offset < totalBytesCount)
{
throw new ArgumentException(
string.Format("bytes array should have {0} bytes at least.",
totalBytesCount));
}
//part 2 (4 uints):
uint beginIndex = offset;
uint length = sizeof(uint);
uint saltIterations = BytesHelper.GetUInt32(bytes, beginIndex);
beginIndex += length;
length = sizeof(uint);
uint saltedInitiaVectorBytesCount = BytesHelper.GetUInt32(bytes, beginIndex);
beginIndex += length;
length = sizeof(uint);
uint saltedPasswordBytesCount = BytesHelper.GetUInt32(bytes, beginIndex);
beginIndex += length;
length = sizeof(uint);
uint secureDataBytes = BytesHelper.GetUInt32(bytes, beginIndex);
//part 3 (2 byte arraries):
beginIndex += length;
length = saltBytesCount;
string salt = BytesHelper.GetUTF8String(bytes, beginIndex, length);
beginIndex += length;
length = initiaVectorBytesCount;
string initiaVector = BytesHelper.GetUTF8String(bytes, beginIndex, length);
return(new SecureHead(
salt,
initiaVector,
saltIterations,
saltedInitiaVectorBytesCount,
saltedPasswordBytesCount,
secureDataBytes));
}
//instance
public SecureHead(
string salt,
string initiaVector,
uint saltIterations,
uint saltedInitiaVectorBytesCount,
uint saltedPasswordBytesCount,
uint secureBytesCount)
{
if (string.IsNullOrEmpty(initiaVector) == true)
{
throw new ArgumentException("initiaVector should NOT be null or empty.");
}
if (string.IsNullOrEmpty(salt) == true)
{
throw new ArgumentException("salt should NOT be null or empty.");
}
if (saltIterations == 0)
{
throw new ArgumentException("saltIterations should NOT zero.");
}
if (saltedInitiaVectorBytesCount == 0)
{
throw new ArgumentException("saltedInitiaVectorBytesCount should NOT zero.");
}
if (saltedPasswordBytesCount == 0)
{
throw new ArgumentException("saltedPasswordBytesCount should NOT zero.");
}
saltBytes = BytesHelper.GetUTF8StringBytes(salt);
initiaVectorBytes = BytesHelper.GetUTF8StringBytes(initiaVector);
SaltBytesCount = (saltBytes != null) ? (uint)saltBytes.Length : 0;
InitiaVectorBytesCount = (initiaVectorBytes != null) ? (uint)initiaVectorBytes.Length : 0;
Salt = salt;
InitiaVector = initiaVector;
SaltIterations = saltIterations;
SaltedInitialVectorBytesCount = saltedInitiaVectorBytesCount;
SaltedPasswordBytesCount = saltedPasswordBytesCount;
SecureBytesCount = secureBytesCount;
TotalBytesCount = (uint)(GetPart1BytesCount() + GetPart2BytesCount() + SaltBytesCount + InitiaVectorBytesCount);
}
private byte[] EncryptPlainBytes(byte[] plainBytes, uint offset, uint count)
{
if (isDisposed == true)
{
throw new ArgumentException("security manager has been disposed.");
}
if (BytesHelper.IsNullOrEmptyArray(plainBytes) == true)
{
throw new ArgumentException("plainBytes array should NOT be null or empty.");
}
if (Config.IsValid == false)
{
throw new ArgumentException("Config is not valid.");
}
if (encryptionCache == null)
{
encryptionCache = new SaltedBytesCache(
new SecureHead(
Config.Salt,
Config.InitiaVector,
Config.SaltIterations,
Config.SaltedInitialVectorBytesCount,
Config.SaltedPasswordBytesCount,
0),
Config.Password);
}
if (encryptionCache == null)
{
throw new ArgumentException("encryptionCache array should NOT be null.");
}
return(AesEncrypt(
plainBytes,
offset,
count,
encryptionCache.SaltedPasswordBytes,
encryptionCache.SaltedInitiaVectorBytes));
}
public byte[] Encode()
{
byte[] bytes = new byte[TotalBytesCount];
//part 1 (2 units):
//SaltedBytesCount+InitiaVectorBytesCount
uint beginIndex = 0;
uint length = sizeof(uint);
Array.Copy(BytesHelper.GetUInt32Bytes(SaltBytesCount), 0, bytes, beginIndex, length);
beginIndex += length;
length = sizeof(uint);
Array.Copy(BytesHelper.GetUInt32Bytes(InitiaVectorBytesCount), 0, bytes, beginIndex, length);
//part 2 (4 units):
//+SaltIterations +SaltedInitialVectorBytesCount+SaltedPasswordBytesCount+SecureBytesCount
beginIndex += length;
length = sizeof(uint);
Array.Copy(BytesHelper.GetUInt32Bytes(SaltIterations), 0, bytes, beginIndex, length);
beginIndex += length;
length = sizeof(uint);
Array.Copy(BytesHelper.GetUInt32Bytes(SaltedInitialVectorBytesCount), 0, bytes, beginIndex, length);
beginIndex += length;
length = sizeof(uint);
Array.Copy(BytesHelper.GetUInt32Bytes(SaltedPasswordBytesCount), 0, bytes, beginIndex, length);
beginIndex += length;
length = sizeof(uint);
Array.Copy(BytesHelper.GetUInt32Bytes(SecureBytesCount), 0, bytes, beginIndex, length);
//part 3 (2 byte arraies):
//saltBytes+initiaVectorBytes
beginIndex += length;
length = SaltBytesCount;
Array.Copy(saltBytes, 0, bytes, beginIndex, length);
beginIndex += length;
length = InitiaVectorBytesCount;
Array.Copy(initiaVectorBytes, 0, bytes, beginIndex, length);
return(bytes);
}