public byte[] DecryptData(EncryptedPacket encryptedPacket, RSAWithRSAParameterKey rsaParams, DigitalSignature digitalSignature) { var decryptedSessionKey = rsaParams.DecryptData(encryptedPacket.EncryptedSessionKey); using (var hmac = new HMACSHA256(decryptedSessionKey)) { var hmacToCheck = hmac.ComputeHash(encryptedPacket.EncryptedData); if (!Compare(encryptedPacket.Hmac, hmacToCheck)){ throw new CryptographicException( "HMAC for decryption does not match encrypted packet."); } if (!digitalSignature.VerifySignature(encryptedPacket.Hmac, encryptedPacket.Signature)){ throw new CryptographicException( "Digital Signature can not be verified."); } } var decryptedData = _aes.Decrypt(encryptedPacket.EncryptedData, decryptedSessionKey, encryptedPacket.Iv); return decryptedData; }
public EncryptedPacket EncryptData(byte[] original, RSAWithRSAParameterKey rsaParams) { var sessionKey = _aes.GenerateRandomNumber(32); var encryptedPacket = new EncryptedPacket { Iv = _aes.GenerateRandomNumber(16) }; // Encrypt data with AES and AES Key with RSA encryptedPacket.EncryptedData = _aes.Encrypt(original, sessionKey, encryptedPacket.Iv); encryptedPacket.EncryptedSessionKey = rsaParams.EncryptData(sessionKey); using (var hmac = new HMACSHA256(sessionKey)) { encryptedPacket.Hmac = hmac.ComputeHash(encryptedPacket.EncryptedData); } return(encryptedPacket); }
public byte[] DecryptData(EncryptedPacket encryptedPacket, RSAWithRSAParameterKey rsaParams) { // Decrypt AES Key with RSA and then decrypt data with AES. var decryptedSessionKey = rsaParams.DecryptData(encryptedPacket.EncryptedSessionKey); using (var hmac = new HMACSHA256(decryptedSessionKey)) { var hmacToCheck = hmac.ComputeHash(encryptedPacket.EncryptedData); if (!Compare(encryptedPacket.Hmac, hmacToCheck)) { throw new CryptographicException("HMAC for decryption does not match encrypted packet."); } } var decryptedData = _aes.Decrypt(encryptedPacket.EncryptedData, decryptedSessionKey, encryptedPacket.Iv); return(decryptedData); }
public EncryptedPacket EncryptData(byte[] original, RSAWithRSAParameterKey rsaParams, DigitalSignature digitalSignature) { var sessionKey = _aes.GenerateRandomNumber(32); var encryptedPacket = new EncryptedPacket { Iv = _aes.GenerateRandomNumber(16) }; encryptedPacket.EncryptedData = _aes.Encrypt(original, sessionKey, encryptedPacket.Iv); encryptedPacket.EncryptedSessionKey = rsaParams.EncryptData(sessionKey); using (var hmac = new HMACSHA256(sessionKey)) { encryptedPacket.Hmac = hmac.ComputeHash(encryptedPacket.EncryptedData); } encryptedPacket.Signature = digitalSignature.SignData(encryptedPacket.Hmac); return encryptedPacket; }