/// <summary>
/// Creates an instance of SIFEncryption that uses the specified
/// PasswordAlgorithm, keyName and key
/// </summary>
/// <param name="algorithm">The algorithm to use for encrypting or decrypting passwords</param>
/// <param name="keyName">The name of the encryption key to use.</param>
/// <param name="key">The encryption key to use. This parameter is ignored for
/// SHA1 and MD5 because they are not keyed hash algorithms </param>
/// <returns>An instance of the SifEncryption class for reading and writing passwords</returns>
public static SifEncryption GetInstance(
PasswordAlgorithm algorithm,
string keyName,
byte [] key
)
{
if (sCurrentInstance != null)
{
if (!sCurrentInstance.fDisposed &&
sCurrentInstance.Algorithm.Value.Equals(algorithm.Value) &&
(sCurrentInstance.KeyName == keyName || sCurrentInstance.Key == null))
{
return(sCurrentInstance);
}
else
{
sCurrentInstance.Dispose();
sCurrentInstance = null;
}
}
if (algorithm.ValueEquals("base64"))
{
sCurrentInstance = new SifClearTextEncryption(algorithm, keyName);
}
else if (algorithm.Value == PasswordAlgorithm.SHA1.Value)
{
sCurrentInstance = new SifHashEncryption(algorithm, keyName, new SHA1Managed());
}
else if (algorithm.Value == PasswordAlgorithm.MD5.Value)
{
sCurrentInstance =
new SifHashEncryption(algorithm, keyName, new MD5CryptoServiceProvider());
}
else if (algorithm.Value == PasswordAlgorithm.DES.Value)
{
sCurrentInstance =
new SifSymmetricEncryption
(algorithm, keyName, new DESCryptoServiceProvider(), key);
}
else if (algorithm.Value == PasswordAlgorithm.TRIPLEDES.Value)
{
sCurrentInstance =
new SifSymmetricEncryption
(algorithm, keyName, new TripleDESCryptoServiceProvider(), key);
}
else if (algorithm.Value == PasswordAlgorithm.RC2.Value)
{
sCurrentInstance =
new SifSymmetricEncryption
(algorithm, keyName, new RC2CryptoServiceProvider(), key);
}
else
{
throw new AdkNotSupportedException
(string.Format("Encryption algorithm {0} is not supported.", algorithm.Value));
}
return(sCurrentInstance);
}
/// <summary>
/// Tests the SifEncryption Class using clear text encryption
/// </summary>
//[Test, Explicit]
//public void TestRSAEncryption()
//{
// // This test is not currently run with the full suite of tests because support for RSA encryption is
// // not implemented in the ADK
// SifEncryption encr = SifEncryption.GetInstance(PasswordAlgorithm.RSA, "SECRET_KEY_RSA", null);
// AssertEncryption(encr, DEFAULT_ENCRYPTED_STRING);
//}
/// <summary>
/// Asserts that the password is encrypted and decrypted properly and returns the AuthenticationInfo
/// object that was produced in test for further assertions, if necessary
/// </summary>
/// <param name="encryptor"></param>
/// <param name="passwordText"></param>
/// <returns></returns>
private AuthenticationInfo AssertEncryption(SifEncryption encryptor, string passwordText)
{
AuthenticationInfo returnValue = null;
Authentication auth = CreateAuthentication();
AuthenticationInfo inf = auth.AuthenticationInfo;
inf.PasswordList = new PasswordList();
inf.PasswordList.Add(new Password());
// Encrypt the password
encryptor.WritePassword(inf.PasswordList.ItemAt(0), passwordText);
// Write the object to and and read from xml to assure that the values are being persisted properly
Authentication reparsedAuth =
(Authentication) AdkObjectParseHelper.WriteParseAndReturn(auth, Adk.SifVersion);
returnValue = reparsedAuth.AuthenticationInfo;
SifEncryption decryptor =
SifEncryption.GetInstance(PasswordAlgorithm.Wrap(returnValue.PasswordList.ItemAt(0).Algorithm),
encryptor.KeyName, encryptor.Key);
string decryptedValue = decryptor.ReadPassword(returnValue.PasswordList.ItemAt(0));
if (encryptor.IsHash)
{
// Assert that the decrypted value is the same as the AuthenticationInfoPassword's text value
Assert.AreEqual(returnValue.PasswordList.ItemAt(0).TextValue, decryptedValue,
"Hashed implementation of ReadPassword() should return the Base64 value");
// Assert that the hash is correct
HashAlgorithm hasher = null;
if (returnValue.PasswordList.ItemAt(0).Algorithm == PasswordAlgorithm.SHA1.Value)
{
hasher = new SHA1CryptoServiceProvider();
}
else if (returnValue.PasswordList.ItemAt(0).Algorithm == PasswordAlgorithm.MD5.Value)
{
hasher = new MD5CryptoServiceProvider();
}
byte[] preHashed = Encoding.UTF8.GetBytes(passwordText);
byte[] hashed = hasher.ComputeHash(preHashed);
string textHash = Convert.ToBase64String(hashed);
((IDisposable) hasher).Dispose();
Assert.AreEqual(textHash, decryptedValue, "Hash values do not match");
}
else
{
Assert.AreEqual(passwordText, decryptedValue, "Decypted value differs from original value.");
}
return returnValue;
}
/// <summary>
/// Creates an instance of SIFEncryption that uses the specified
/// PasswordAlgorithm, keyName and key
/// </summary>
/// <param name="algorithm">The algorithm to use for encrypting or decrypting passwords</param>
/// <param name="keyName">The name of the encryption key to use.</param>
/// <param name="key">The encryption key to use. This parameter is ignored for
/// SHA1 and MD5 because they are not keyed hash algorithms </param>
/// <returns>An instance of the SifEncryption class for reading and writing passwords</returns>
public static SifEncryption GetInstance(
PasswordAlgorithm algorithm,
string keyName,
byte [] key
)
{
if ( sCurrentInstance != null ) {
if ( !sCurrentInstance.fDisposed &&
sCurrentInstance.Algorithm.Value.Equals( algorithm.Value ) &&
(sCurrentInstance.KeyName == keyName || sCurrentInstance.Key == null) ) {
return sCurrentInstance;
}
else {
sCurrentInstance.Dispose();
sCurrentInstance = null;
}
}
if (algorithm.ValueEquals("base64")){
sCurrentInstance = new SifClearTextEncryption( algorithm, keyName );
}
else if ( algorithm.Value == PasswordAlgorithm.SHA1.Value ) {
sCurrentInstance = new SifHashEncryption( algorithm, keyName, new SHA1Managed() );
}
else if ( algorithm.Value == PasswordAlgorithm.MD5.Value ) {
sCurrentInstance =
new SifHashEncryption( algorithm, keyName, new MD5CryptoServiceProvider() );
}
else if ( algorithm.Value == PasswordAlgorithm.DES.Value ) {
sCurrentInstance =
new SifSymmetricEncryption
( algorithm, keyName, new DESCryptoServiceProvider(), key );
}
else if ( algorithm.Value == PasswordAlgorithm.TRIPLEDES.Value ) {
sCurrentInstance =
new SifSymmetricEncryption
( algorithm, keyName, new TripleDESCryptoServiceProvider(), key );
}
else if ( algorithm.Value == PasswordAlgorithm.RC2.Value ) {
sCurrentInstance =
new SifSymmetricEncryption
( algorithm, keyName, new RC2CryptoServiceProvider(), key );
}
else {
throw new AdkNotSupportedException
( string.Format( "Encryption algorithm {0} is not supported.", algorithm.Value ) );
}
return sCurrentInstance;
}
