/// <summary> /// Creates an instance of SIFEncryption that uses the specified /// PasswordAlgorithm, keyName and key /// </summary> /// <param name="algorithm">The algorithm to use for encrypting or decrypting passwords</param> /// <param name="keyName">The name of the encryption key to use.</param> /// <param name="key">The encryption key to use. This parameter is ignored for /// SHA1 and MD5 because they are not keyed hash algorithms </param> /// <returns>An instance of the SifEncryption class for reading and writing passwords</returns> public static SifEncryption GetInstance( PasswordAlgorithm algorithm, string keyName, byte [] key ) { if (sCurrentInstance != null) { if (!sCurrentInstance.fDisposed && sCurrentInstance.Algorithm.Value.Equals(algorithm.Value) && (sCurrentInstance.KeyName == keyName || sCurrentInstance.Key == null)) { return(sCurrentInstance); } else { sCurrentInstance.Dispose(); sCurrentInstance = null; } } if (algorithm.ValueEquals("base64")) { sCurrentInstance = new SifClearTextEncryption(algorithm, keyName); } else if (algorithm.Value == PasswordAlgorithm.SHA1.Value) { sCurrentInstance = new SifHashEncryption(algorithm, keyName, new SHA1Managed()); } else if (algorithm.Value == PasswordAlgorithm.MD5.Value) { sCurrentInstance = new SifHashEncryption(algorithm, keyName, new MD5CryptoServiceProvider()); } else if (algorithm.Value == PasswordAlgorithm.DES.Value) { sCurrentInstance = new SifSymmetricEncryption (algorithm, keyName, new DESCryptoServiceProvider(), key); } else if (algorithm.Value == PasswordAlgorithm.TRIPLEDES.Value) { sCurrentInstance = new SifSymmetricEncryption (algorithm, keyName, new TripleDESCryptoServiceProvider(), key); } else if (algorithm.Value == PasswordAlgorithm.RC2.Value) { sCurrentInstance = new SifSymmetricEncryption (algorithm, keyName, new RC2CryptoServiceProvider(), key); } else { throw new AdkNotSupportedException (string.Format("Encryption algorithm {0} is not supported.", algorithm.Value)); } return(sCurrentInstance); }
/// <summary> /// Tests the SifEncryption Class using clear text encryption /// </summary> //[Test, Explicit] //public void TestRSAEncryption() //{ // // This test is not currently run with the full suite of tests because support for RSA encryption is // // not implemented in the ADK // SifEncryption encr = SifEncryption.GetInstance(PasswordAlgorithm.RSA, "SECRET_KEY_RSA", null); // AssertEncryption(encr, DEFAULT_ENCRYPTED_STRING); //} /// <summary> /// Asserts that the password is encrypted and decrypted properly and returns the AuthenticationInfo /// object that was produced in test for further assertions, if necessary /// </summary> /// <param name="encryptor"></param> /// <param name="passwordText"></param> /// <returns></returns> private AuthenticationInfo AssertEncryption(SifEncryption encryptor, string passwordText) { AuthenticationInfo returnValue = null; Authentication auth = CreateAuthentication(); AuthenticationInfo inf = auth.AuthenticationInfo; inf.PasswordList = new PasswordList(); inf.PasswordList.Add(new Password()); // Encrypt the password encryptor.WritePassword(inf.PasswordList.ItemAt(0), passwordText); // Write the object to and and read from xml to assure that the values are being persisted properly Authentication reparsedAuth = (Authentication) AdkObjectParseHelper.WriteParseAndReturn(auth, Adk.SifVersion); returnValue = reparsedAuth.AuthenticationInfo; SifEncryption decryptor = SifEncryption.GetInstance(PasswordAlgorithm.Wrap(returnValue.PasswordList.ItemAt(0).Algorithm), encryptor.KeyName, encryptor.Key); string decryptedValue = decryptor.ReadPassword(returnValue.PasswordList.ItemAt(0)); if (encryptor.IsHash) { // Assert that the decrypted value is the same as the AuthenticationInfoPassword's text value Assert.AreEqual(returnValue.PasswordList.ItemAt(0).TextValue, decryptedValue, "Hashed implementation of ReadPassword() should return the Base64 value"); // Assert that the hash is correct HashAlgorithm hasher = null; if (returnValue.PasswordList.ItemAt(0).Algorithm == PasswordAlgorithm.SHA1.Value) { hasher = new SHA1CryptoServiceProvider(); } else if (returnValue.PasswordList.ItemAt(0).Algorithm == PasswordAlgorithm.MD5.Value) { hasher = new MD5CryptoServiceProvider(); } byte[] preHashed = Encoding.UTF8.GetBytes(passwordText); byte[] hashed = hasher.ComputeHash(preHashed); string textHash = Convert.ToBase64String(hashed); ((IDisposable) hasher).Dispose(); Assert.AreEqual(textHash, decryptedValue, "Hash values do not match"); } else { Assert.AreEqual(passwordText, decryptedValue, "Decypted value differs from original value."); } return returnValue; }
/// <summary> /// Creates an instance of SIFEncryption that uses the specified /// PasswordAlgorithm, keyName and key /// </summary> /// <param name="algorithm">The algorithm to use for encrypting or decrypting passwords</param> /// <param name="keyName">The name of the encryption key to use.</param> /// <param name="key">The encryption key to use. This parameter is ignored for /// SHA1 and MD5 because they are not keyed hash algorithms </param> /// <returns>An instance of the SifEncryption class for reading and writing passwords</returns> public static SifEncryption GetInstance( PasswordAlgorithm algorithm, string keyName, byte [] key ) { if ( sCurrentInstance != null ) { if ( !sCurrentInstance.fDisposed && sCurrentInstance.Algorithm.Value.Equals( algorithm.Value ) && (sCurrentInstance.KeyName == keyName || sCurrentInstance.Key == null) ) { return sCurrentInstance; } else { sCurrentInstance.Dispose(); sCurrentInstance = null; } } if (algorithm.ValueEquals("base64")){ sCurrentInstance = new SifClearTextEncryption( algorithm, keyName ); } else if ( algorithm.Value == PasswordAlgorithm.SHA1.Value ) { sCurrentInstance = new SifHashEncryption( algorithm, keyName, new SHA1Managed() ); } else if ( algorithm.Value == PasswordAlgorithm.MD5.Value ) { sCurrentInstance = new SifHashEncryption( algorithm, keyName, new MD5CryptoServiceProvider() ); } else if ( algorithm.Value == PasswordAlgorithm.DES.Value ) { sCurrentInstance = new SifSymmetricEncryption ( algorithm, keyName, new DESCryptoServiceProvider(), key ); } else if ( algorithm.Value == PasswordAlgorithm.TRIPLEDES.Value ) { sCurrentInstance = new SifSymmetricEncryption ( algorithm, keyName, new TripleDESCryptoServiceProvider(), key ); } else if ( algorithm.Value == PasswordAlgorithm.RC2.Value ) { sCurrentInstance = new SifSymmetricEncryption ( algorithm, keyName, new RC2CryptoServiceProvider(), key ); } else { throw new AdkNotSupportedException ( string.Format( "Encryption algorithm {0} is not supported.", algorithm.Value ) ); } return sCurrentInstance; }