public ActionResult Index(SymmetricModel model)
{
if (model.Action == "encrypt")
{
var plainTextAsBytes = Encoding.Unicode.GetBytes(model.PlainText);
var cryptoProvider = new AesCryptoServiceProvider();
byte[] masterKey;
if (!string.IsNullOrWhiteSpace(model.Key))
{
if (!string.IsNullOrWhiteSpace(model.IV))
{
cryptoProvider.Key = Convert.FromBase64String(model.Key);
cryptoProvider.IV = Convert.FromBase64String(model.IV);
}
else
{
throw new Exception("If you provide a key or IV you must provide both.");
}
}
else if (!string.IsNullOrEmpty(model.IV))
{
throw new Exception("If you provide a key or IV you must provide both.");
}
masterKey = cryptoProvider.Key;
var encryptionKey = DeriveKey("encryption", masterKey, cryptoProvider.KeySize / 8);
var signingKey = DeriveKey("signature", masterKey, 64);
ICryptoTransform cryptoTransform =
cryptoProvider.CreateEncryptor(encryptionKey, cryptoProvider.IV);
var outputStream = new MemoryStream();
var cryptoStream = new CryptoStream(
outputStream,
cryptoTransform,
CryptoStreamMode.Write);
cryptoStream.Write(plainTextAsBytes, 0, plainTextAsBytes.Length);
cryptoStream.FlushFinalBlock();
byte[] cipherTextAsBytes = outputStream.ToArray();
var signingAlgorithm = new HMACSHA256(signingKey);
var signature = signingAlgorithm.ComputeHash(cipherTextAsBytes);
model.PlainText = string.Empty;
model.CipherText = Convert.ToBase64String(cipherTextAsBytes);
model.Key = Convert.ToBase64String(masterKey);
model.IV = Convert.ToBase64String(cryptoProvider.IV);
model.Signature = Convert.ToBase64String(signature);
}
else if (model.Action == "decrypt")
{
var cipherTextAsBytes = Convert.FromBase64String(model.CipherText);
var cryptoProvider = new AesCryptoServiceProvider();
byte[] masterKey;
cryptoProvider.Key = Convert.FromBase64String(model.Key);
cryptoProvider.IV = Convert.FromBase64String(model.IV);
masterKey = cryptoProvider.Key;
var encryptionKey = DeriveKey("encryption", masterKey, cryptoProvider.KeySize / 8);
var signingKey = DeriveKey("signature", masterKey, 64);
var signingAlgorithm = new HMACSHA256(signingKey);
var signature = signingAlgorithm.ComputeHash(cipherTextAsBytes);
if (!HashCompare(signature, Convert.FromBase64String(model.Signature)))
{
throw new Exception("Invalid Signature.");
}
ICryptoTransform cryptoTransform =
cryptoProvider.CreateDecryptor(encryptionKey, cryptoProvider.IV);
var outputStream = new MemoryStream();
var cryptoStream = new CryptoStream(
outputStream,
cryptoTransform,
CryptoStreamMode.Write);
cryptoStream.Write(cipherTextAsBytes, 0, cipherTextAsBytes.Length);
cryptoStream.FlushFinalBlock();
byte[] plainTextAsBytes = outputStream.ToArray();
model.PlainText = Encoding.Unicode.GetString(plainTextAsBytes);
model.CipherText = string.Empty;
}
ModelState.Clear();
return View(model);
}
public ActionResult Index(SymmetricModel model)
{
if (model.Action == "encrypt")
{
var plainTextAsBytes = Encoding.Unicode.GetBytes(model.PlainText);
var cryptoProvider = new AesCryptoServiceProvider();
byte[] masterKey;
if (!string.IsNullOrWhiteSpace(model.Key))
{
if (!string.IsNullOrWhiteSpace(model.IV))
{
cryptoProvider.Key = Convert.FromBase64String(model.Key);
cryptoProvider.IV = Convert.FromBase64String(model.IV);
}
else
{
throw new Exception("If you provide a key or IV you must provide both.");
}
}
else if (!string.IsNullOrEmpty(model.IV))
{
throw new Exception("If you provide a key or IV you must provide both.");
}
masterKey = cryptoProvider.Key;
var encryptionKey = DeriveKey("encryption", masterKey, cryptoProvider.KeySize / 8);
var signingKey = DeriveKey("signature", masterKey, 64);
ICryptoTransform cryptoTransform =
cryptoProvider.CreateEncryptor(encryptionKey, cryptoProvider.IV);
var outputStream = new MemoryStream();
var cryptoStream = new CryptoStream(
outputStream,
cryptoTransform,
CryptoStreamMode.Write);
cryptoStream.Write(plainTextAsBytes, 0, plainTextAsBytes.Length);
cryptoStream.FlushFinalBlock();
byte[] cipherTextAsBytes = outputStream.ToArray();
var signingAlgorithm = new HMACSHA256(signingKey);
var signature = signingAlgorithm.ComputeHash(cipherTextAsBytes);
model.PlainText = string.Empty;
model.CipherText = Convert.ToBase64String(cipherTextAsBytes);
model.Key = Convert.ToBase64String(masterKey);
model.IV = Convert.ToBase64String(cryptoProvider.IV);
model.Signature = Convert.ToBase64String(signature);
}
else if (model.Action == "decrypt")
{
var cipherTextAsBytes = Convert.FromBase64String(model.CipherText);
var cryptoProvider = new AesCryptoServiceProvider();
byte[] masterKey;
cryptoProvider.Key = Convert.FromBase64String(model.Key);
cryptoProvider.IV = Convert.FromBase64String(model.IV);
masterKey = cryptoProvider.Key;
var encryptionKey = DeriveKey("encryption", masterKey, cryptoProvider.KeySize / 8);
var signingKey = DeriveKey("signature", masterKey, 64);
var signingAlgorithm = new HMACSHA256(signingKey);
var signature = signingAlgorithm.ComputeHash(cipherTextAsBytes);
if (!HashCompare(signature, Convert.FromBase64String(model.Signature)))
{
throw new Exception("Invalid Signature.");
}
ICryptoTransform cryptoTransform =
cryptoProvider.CreateDecryptor(encryptionKey, cryptoProvider.IV);
var outputStream = new MemoryStream();
var cryptoStream = new CryptoStream(
outputStream,
cryptoTransform,
CryptoStreamMode.Write);
cryptoStream.Write(cipherTextAsBytes, 0, cipherTextAsBytes.Length);
cryptoStream.FlushFinalBlock();
byte[] plainTextAsBytes = outputStream.ToArray();
model.PlainText = Encoding.Unicode.GetString(plainTextAsBytes);
model.CipherText = string.Empty;
}
ModelState.Clear();
return(View(model));
}