예제 #1
0
        public string Decrypt(string encryptedBase64)
        {
            try
            {
                PayloadComponents components = this.unpackEncryptedBase64Data(encryptedBase64.Replace(@"\", @""));

                if (!this.hmacIsValid(components, Key))
                {
                    return("");
                }

                byte[] key = this.generateKey(components.salt, Key);

                byte[] plaintextBytes = new byte[0];

                switch (this.aesMode)
                {
                case AesMode.CTR:
                    // Yes, we are "encrypting" here.  CTR uses the same code in both directions.
                    plaintextBytes = this.encryptAesCtrLittleEndianNoPadding(components.ciphertext, key, components.iv);
                    break;

                case AesMode.CBC:
                    plaintextBytes = this.decryptAesCbcPkcs7(components.ciphertext, key, components.iv);
                    break;
                }
                return(Encoding.UTF8.GetString(plaintextBytes));
            }
            catch (Exception ex)
            {
                logger.Error("Decryption faild for - " + encryptedBase64);
                throw new CustomException("Decryption Failed", (int)ErrorCode.CRYPTOGRAPHICFAILED);
            }
        }
예제 #2
0
        protected byte[] assembleHeader(PayloadComponents components)
        {
            List <byte> headerBytes = new List <byte>();

            headerBytes.AddRange(components.schema);
            headerBytes.AddRange(components.options);
            headerBytes.AddRange(components.salt);
            headerBytes.AddRange(components.hmacSalt);
            headerBytes.AddRange(components.iv);

            return(headerBytes.ToArray());
        }
예제 #3
0
        private bool hmacIsValid(PayloadComponents components, string password)
        {
            byte[] generatedHmac = this.generateHmac(components, password);

            if (generatedHmac.Length != components.hmac.Length)
            {
                return(false);
            }

            for (int i = 0; i < components.hmac.Length; i++)
            {
                if (generatedHmac[i] != components.hmac[i])
                {
                    return(false);
                }
            }
            return(true);
        }
예제 #4
0
        protected byte[] generateHmac(PayloadComponents components, string password)
        {
            List <byte> hmacMessage = new List <byte>();

            if (this.hmac_includesHeader)
            {
                hmacMessage.AddRange(this.assembleHeader(components));
            }
            hmacMessage.AddRange(components.ciphertext);

            byte[] key = this.generateKey(components.hmacSalt, password);

            HMAC hmacAlgo = null;

            switch (this.hmac_algorithm)
            {
            case HmacAlgorithm.SHA1:
                hmacAlgo = new HMACSHA1(key);
                break;

            case HmacAlgorithm.SHA256:
                hmacAlgo = new HMACSHA256(key);
                break;
            }
            List <byte> hmac = new List <byte>();

            hmac.AddRange(hmacAlgo.ComputeHash(hmacMessage.ToArray()));

            if (this.hmac_includesPadding)
            {
                for (int i = hmac.Count; i < Cryptor.hmac_length; i++)
                {
                    hmac.Add(0x00);
                }
            }

            return(hmac.ToArray());
        }
예제 #5
0
        public string Encrypt(string plaintext, string password, Schema schemaVersion)
        {
            this.configureSettings(schemaVersion);

            byte[] plaintextBytes = TextEncoding.GetBytes(plaintext);

            PayloadComponents components = new PayloadComponents();

            components.schema   = new byte[] { (byte)schemaVersion };
            components.options  = new byte[] { (byte)this.options };
            components.salt     = this.generateRandomBytes(Cryptor.saltLength);
            components.hmacSalt = this.generateRandomBytes(Cryptor.saltLength);
            components.iv       = this.generateRandomBytes(Cryptor.ivLength);

            byte[] key = this.generateKey(components.salt, password);

            switch (this.aesMode)
            {
            case AesMode.CTR:
                components.ciphertext = this.encryptAesCtrLittleEndianNoPadding(plaintextBytes, key, components.iv);
                break;

            case AesMode.CBC:
                components.ciphertext = this.encryptAesCbcPkcs7(plaintextBytes, key, components.iv);
                break;
            }

            components.hmac = this.generateHmac(components, password);

            List <byte> binaryBytes = new List <byte>();

            binaryBytes.AddRange(this.assembleHeader(components));
            binaryBytes.AddRange(components.ciphertext);
            binaryBytes.AddRange(components.hmac);

            return(Convert.ToBase64String(binaryBytes.ToArray()));
        }