/// <summary>
/// Encrypt data with ChaCha20 RFC 7539
/// </summary>
/// <param name="input">Input stream to encrypt</param>
/// <param name="output">Output stream</param>
/// <param name="key">Key</param>
/// <param name="nonce">Nonce</param>
/// <param name="notifyProgression">Notify progression method</param>
/// <param name="bufferSize">Buffer size</param>
public static void Encrypt(Stream input, Stream output, byte[] key, byte[] nonce, Action <int> notifyProgression = null, int bufferSize = 4096)
{
ChaCha7539Engine engine = new ChaCha7539Engine();
ParametersWithIV parameters = new ParametersWithIV(new KeyParameter(key, 0, key.Length), nonce, 0, nonce.Length);
engine.Init(true, parameters);
int bytesRead;
byte[] buffer = new byte[bufferSize];
byte[] enc = new byte[bufferSize];
do
{
bytesRead = input.Read(buffer, 0, bufferSize);
if (bytesRead > 0)
{
engine.ProcessBytes(buffer, 0, bytesRead, enc, 0);
output.Write(enc, 0, bytesRead);
if (notifyProgression != null)
{
notifyProgression(bytesRead);
}
}
} while (bytesRead == bufferSize);
}
public static int Decrypt(byte[] ciphertext, int offset, int len, byte[] additionalData, byte[] nonce, byte[] key, byte[] outBuffer)
{
var cipher = new ChaCha7539Engine();
var decryptKey = new KeyParameter(key);
cipher.Init(false, new ParametersWithIV(decryptKey, nonce));
byte[] firstBlock = BufferPool.GetBuffer(64);
KeyParameter macKey = GenerateRecordMacKey(cipher, firstBlock);
int plaintextLength = len - 16;
byte[] calculatedMac = BufferPool.GetBuffer(16);
CalculateRecordMac(macKey, additionalData, ciphertext, offset, plaintextLength, calculatedMac);
byte[] receivedMac = BufferPool.GetBuffer(16);
Array.Copy(ciphertext, offset + plaintextLength, receivedMac, 0, receivedMac.Length);
if (!Arrays.ConstantTimeAreEqual(calculatedMac, receivedMac))
{
BufferPool.ReturnBuffer(calculatedMac);
BufferPool.ReturnBuffer(receivedMac);
BufferPool.ReturnBuffer(firstBlock);
throw new TlsFatalAlert(AlertDescription.bad_record_mac);
}
BufferPool.ReturnBuffer(calculatedMac);
BufferPool.ReturnBuffer(receivedMac);
BufferPool.ReturnBuffer(firstBlock);
cipher.ProcessBytes(ciphertext, offset, plaintextLength, outBuffer, 0);
return(plaintextLength);
}
/// <exception cref="IOException"></exception>
public Chacha20Poly1305(TlsContext context)
{
if (!TlsUtilities.IsTlsV12(context))
{
throw new TlsFatalAlert(AlertDescription.internal_error);
}
this.context = context;
int cipherKeySize = 32;
// TODO SecurityParameters.fixed_iv_length
int fixed_iv_length = 12;
// TODO SecurityParameters.record_iv_length = 0
int key_block_size = (2 * cipherKeySize) + (2 * fixed_iv_length);
byte[] key_block = TlsUtilities.CalculateKeyBlock(context, key_block_size);
int offset = 0;
KeyParameter client_write_key = new KeyParameter(key_block, offset, cipherKeySize);
offset += cipherKeySize;
KeyParameter server_write_key = new KeyParameter(key_block, offset, cipherKeySize);
offset += cipherKeySize;
byte[] client_write_IV = Arrays.CopyOfRange(key_block, offset, offset + fixed_iv_length);
offset += fixed_iv_length;
byte[] server_write_IV = Arrays.CopyOfRange(key_block, offset, offset + fixed_iv_length);
offset += fixed_iv_length;
if (offset != key_block_size)
{
throw new TlsFatalAlert(AlertDescription.internal_error);
}
this.encryptCipher = new ChaCha7539Engine();
this.decryptCipher = new ChaCha7539Engine();
KeyParameter encryptKey, decryptKey;
if (context.IsServer)
{
encryptKey = server_write_key;
decryptKey = client_write_key;
this.encryptIV = server_write_IV;
this.decryptIV = client_write_IV;
}
else
{
encryptKey = client_write_key;
decryptKey = server_write_key;
this.encryptIV = client_write_IV;
this.decryptIV = server_write_IV;
}
this.encryptCipher.Init(true, new ParametersWithIV(encryptKey, encryptIV));
this.decryptCipher.Init(false, new ParametersWithIV(decryptKey, decryptIV));
}
static bool crypto_aead_chacha20poly1305_ietf_decrypt_detached(Memory <byte> m, ReadOnlyMemory <byte> c, ReadOnlyMemory <byte> mac, ReadOnlyMemory <byte> ad, ReadOnlyMemory <byte> npub, ReadOnlyMemory <byte> k)
{
var kk = k._AsSegment();
var nn = npub._AsSegment();
var cc = c._AsSegment();
var aa = ad._AsSegment();
var mm = m._AsSegment();
byte[] block0 = new byte[64];
ChaCha7539Engine ctx = new ChaCha7539Engine();
ctx.Init(true, new ParametersWithIV(new KeyParameter(kk.Array, kk.Offset, kk.Count), nn.Array, nn.Offset, nn.Count));
ctx.ProcessBytes(block0, 0, block0.Length, block0, 0);
Poly1305 state = new Poly1305();
state.Init(new KeyParameter(block0, 0, AeadChaCha20Poly1305KeySize));
state.BlockUpdate(aa.Array, aa.Offset, aa.Count);
if ((aa.Count % 16) != 0)
{
state.BlockUpdate(zero15, 0, 16 - (aa.Count % 16));
}
state.BlockUpdate(cc.Array, cc.Offset, cc.Count);
if ((cc.Count % 16) != 0)
{
state.BlockUpdate(zero15, 0, 16 - (cc.Count % 16));
}
byte[] slen = BitConverter.GetBytes((ulong)aa.Count);
if (Env.IsBigEndian)
{
Array.Reverse(slen);
}
state.BlockUpdate(slen, 0, slen.Length);
byte[] mlen = BitConverter.GetBytes((ulong)cc.Count);
if (Env.IsBigEndian)
{
Array.Reverse(mlen);
}
state.BlockUpdate(mlen, 0, mlen.Length);
byte[] computed_mac = new byte[AeadChaCha20Poly1305MacSize];
state.DoFinal(computed_mac, 0);
if (computed_mac.AsSpan().SequenceEqual(mac.Span) == false)
{
return(false);
}
ctx.ProcessBytes(cc.Array, cc.Offset, cc.Count, mm.Array, mm.Offset);
return(true);
}
/// <summary>
/// Decrypt data with ChaCha20 RFC 7539
/// </summary>
/// <param name="data">Data to decrypt</param>
/// <param name="key">Key</param>
/// <param name="nonce">Nonce</param>
/// <returns>Decrypted data</returns>
public static byte[] Decrypt(byte[] data, byte[] key, byte[] nonce)
{
byte[] dec = new byte[data.Length];
ChaCha7539Engine engine = new ChaCha7539Engine();
ParametersWithIV parameters = new ParametersWithIV(new KeyParameter(key, 0, key.Length), nonce, 0, nonce.Length);
engine.Init(false, parameters);
engine.ProcessBytes(data, 0, data.Length, dec, 0);
return(dec);
}
public ChaCha20Poly1305(IMac poly1305)
{
if (null == poly1305)
{
throw new ArgumentNullException("poly1305");
}
if (MacSize != poly1305.GetMacSize())
{
throw new ArgumentException("must be a 128-bit MAC", "poly1305");
}
this.mChacha20 = new ChaCha7539Engine();
this.mPoly1305 = poly1305;
}
public Chacha20Poly1305(TlsContext context)
{
KeyParameter parameter3;
KeyParameter parameter4;
if (!TlsUtilities.IsTlsV12(context))
{
throw new TlsFatalAlert(80);
}
this.context = context;
int keyLen = 0x20;
int num2 = 12;
int size = (2 * keyLen) + (2 * num2);
byte[] key = TlsUtilities.CalculateKeyBlock(context, size);
int keyOff = 0;
KeyParameter parameter = new KeyParameter(key, keyOff, keyLen);
keyOff += keyLen;
KeyParameter parameter2 = new KeyParameter(key, keyOff, keyLen);
keyOff += keyLen;
byte[] buffer2 = Arrays.CopyOfRange(key, keyOff, keyOff + num2);
keyOff += num2;
byte[] buffer3 = Arrays.CopyOfRange(key, keyOff, keyOff + num2);
keyOff += num2;
if (keyOff != size)
{
throw new TlsFatalAlert(80);
}
this.encryptCipher = new ChaCha7539Engine();
this.decryptCipher = new ChaCha7539Engine();
if (context.IsServer)
{
parameter3 = parameter2;
parameter4 = parameter;
this.encryptIV = buffer3;
this.decryptIV = buffer2;
}
else
{
parameter3 = parameter;
parameter4 = parameter2;
this.encryptIV = buffer2;
this.decryptIV = buffer3;
}
this.encryptCipher.Init(true, new ParametersWithIV(parameter3, this.encryptIV));
this.decryptCipher.Init(false, new ParametersWithIV(parameter4, this.decryptIV));
}
public static int Encrypt(byte[] plaintext, int offset, int len, byte[] additionalData, byte[] nonce, byte[] key, byte[] outBuffer)
{
lock (mutex) {
if (cipher == null)
{
cipher = new ChaCha7539Engine();
}
else
{
cipher.Reset();
}
if (_encryptKey == null)
{
_encryptKey = new KeyParameter(key);
}
else
{
_encryptKey.Reset();
_encryptKey.SetKey(key);
}
if (_temp_Params == null)
{
_temp_Params = new ParametersWithIV(_encryptKey, nonce);
}
else
{
_temp_Params.Reset();
_temp_Params.Set(_encryptKey, nonce);
}
cipher.Init(true, _temp_Params);
byte[] firstBlock = BufferPool.GetBuffer(64);
KeyParameter macKey = GenerateRecordMacKey(cipher, firstBlock);
cipher.ProcessBytes(plaintext, offset, len, outBuffer, 0);
byte[] mac = BufferPool.GetBuffer(16);
int macsize = CalculateRecordMac(macKey, additionalData, outBuffer, 0, len, mac);
Array.Copy(mac, 0, outBuffer, len, macsize);
BufferPool.ReturnBuffer(mac);
BufferPool.ReturnBuffer(firstBlock);
return(len + 16);
}
}
public static byte[] ChaCha20Encrypt(byte[] plainText, byte[] key, byte[] nonce, bool skipFirst64Byte = false)
{
var engine = new ChaCha7539Engine();
engine.Init(true, new ParametersWithIV(new KeyParameter(key), nonce));
var cipherText = new byte[plainText.Length];
if (skipFirst64Byte)
{
engine.ProcessBytes(new byte[64], 0, 64, new byte[64], 0);
}
engine.ProcessBytes(plainText, 0, plainText.Length, cipherText, 0);
return(cipherText);
}
private byte[] EncryptOrDecrypt(bool isEncrypt, byte[] input, byte[] key, byte[] nonce, bool skip1Block)
{
var eng = new ChaCha7539Engine();
var keyParam = new ParametersWithIV(new KeyParameter(key), nonce);
eng.Init(isEncrypt, keyParam);
var output = new byte[input.Length];
if (skip1Block)
{
var dummy = new byte[64];
eng.ProcessBytes(new byte[64], 0, 64, dummy, 0);
}
eng.ProcessBytes(input, 0, input.Length, output, 0);
return(output);
}
public static int Encrypt(byte[] plaintext, int offset, int len, byte[] additionalData, byte[] nonce, byte[] key, byte[] outBuffer)
{
var cipher = new ChaCha7539Engine();
var encryptKey = new KeyParameter(key);
cipher.Init(true, new ParametersWithIV(encryptKey, nonce));
byte[] firstBlock = BufferPool.GetBuffer(64);
KeyParameter macKey = GenerateRecordMacKey(cipher, firstBlock);
cipher.ProcessBytes(plaintext, offset, len, outBuffer, 0);
byte[] mac = BufferPool.GetBuffer(16);
int macsize = CalculateRecordMac(macKey, additionalData, outBuffer, 0, len, mac);
Array.Copy(mac, 0, outBuffer, len, macsize);
BufferPool.ReturnBuffer(mac);
BufferPool.ReturnBuffer(firstBlock);
return(len + 16);
}
public static IBufferedCipher GetCipher(
string algorithm)
{
if (algorithm == null)
{
throw new ArgumentNullException("algorithm");
}
algorithm = Platform.ToUpperInvariant(algorithm);
{
string aliased = (string)algorithms[algorithm];
if (aliased != null)
{
algorithm = aliased;
}
}
IBasicAgreement iesAgreement = null;
if (algorithm == "IES")
{
iesAgreement = new DHBasicAgreement();
}
else if (algorithm == "ECIES")
{
iesAgreement = new ECDHBasicAgreement();
}
if (iesAgreement != null)
{
return(new BufferedIesCipher(
new IesEngine(
iesAgreement,
new Kdf2BytesGenerator(
new Sha1Digest()),
new HMac(
new Sha1Digest()))));
}
if (Platform.StartsWith(algorithm, "PBE"))
{
if (Platform.EndsWith(algorithm, "-CBC"))
{
if (algorithm == "PBEWITHSHA1ANDDES-CBC")
{
return(new PaddedBufferedBlockCipher(
new CbcBlockCipher(new DesEngine())));
}
else if (algorithm == "PBEWITHSHA1ANDRC2-CBC")
{
return(new PaddedBufferedBlockCipher(
new CbcBlockCipher(new RC2Engine())));
}
else if (Strings.IsOneOf(algorithm,
"PBEWITHSHAAND2-KEYTRIPLEDES-CBC", "PBEWITHSHAAND3-KEYTRIPLEDES-CBC"))
{
return(new PaddedBufferedBlockCipher(
new CbcBlockCipher(new DesEdeEngine())));
}
else if (Strings.IsOneOf(algorithm,
"PBEWITHSHAAND128BITRC2-CBC", "PBEWITHSHAAND40BITRC2-CBC"))
{
return(new PaddedBufferedBlockCipher(
new CbcBlockCipher(new RC2Engine())));
}
}
else if (Platform.EndsWith(algorithm, "-BC") || Platform.EndsWith(algorithm, "-OPENSSL"))
{
if (Strings.IsOneOf(algorithm,
"PBEWITHSHAAND128BITAES-CBC-BC",
"PBEWITHSHAAND192BITAES-CBC-BC",
"PBEWITHSHAAND256BITAES-CBC-BC",
"PBEWITHSHA256AND128BITAES-CBC-BC",
"PBEWITHSHA256AND192BITAES-CBC-BC",
"PBEWITHSHA256AND256BITAES-CBC-BC",
"PBEWITHMD5AND128BITAES-CBC-OPENSSL",
"PBEWITHMD5AND192BITAES-CBC-OPENSSL",
"PBEWITHMD5AND256BITAES-CBC-OPENSSL"))
{
return(new PaddedBufferedBlockCipher(
new CbcBlockCipher(new AesEngine())));
}
}
}
string[] parts = algorithm.Split('/');
IAeadCipher aeadCipher = null;
IBlockCipher blockCipher = null;
IAsymmetricBlockCipher asymBlockCipher = null;
IStreamCipher streamCipher = null;
string algorithmName = parts[0];
{
string aliased = (string)algorithms[algorithmName];
if (aliased != null)
{
algorithmName = aliased;
}
}
CipherAlgorithm cipherAlgorithm;
try
{
cipherAlgorithm = (CipherAlgorithm)Enums.GetEnumValue(typeof(CipherAlgorithm), algorithmName);
}
catch (ArgumentException)
{
throw new SecurityUtilityException("Cipher " + algorithm + " not recognised.");
}
switch (cipherAlgorithm)
{
case CipherAlgorithm.AES:
blockCipher = new AesEngine();
break;
case CipherAlgorithm.ARC4:
streamCipher = new RC4Engine();
break;
case CipherAlgorithm.BLOWFISH:
blockCipher = new BlowfishEngine();
break;
case CipherAlgorithm.CAMELLIA:
blockCipher = new CamelliaEngine();
break;
case CipherAlgorithm.CAST5:
blockCipher = new Cast5Engine();
break;
case CipherAlgorithm.CAST6:
blockCipher = new Cast6Engine();
break;
case CipherAlgorithm.CHACHA:
streamCipher = new ChaChaEngine();
break;
case CipherAlgorithm.CHACHA20_POLY1305:
aeadCipher = new ChaCha20Poly1305();
break;
case CipherAlgorithm.CHACHA7539:
streamCipher = new ChaCha7539Engine();
break;
case CipherAlgorithm.DES:
blockCipher = new DesEngine();
break;
case CipherAlgorithm.DESEDE:
blockCipher = new DesEdeEngine();
break;
case CipherAlgorithm.ELGAMAL:
asymBlockCipher = new ElGamalEngine();
break;
case CipherAlgorithm.GOST28147:
blockCipher = new Gost28147Engine();
break;
case CipherAlgorithm.HC128:
streamCipher = new HC128Engine();
break;
case CipherAlgorithm.HC256:
streamCipher = new HC256Engine();
break;
case CipherAlgorithm.IDEA:
blockCipher = new IdeaEngine();
break;
case CipherAlgorithm.NOEKEON:
blockCipher = new NoekeonEngine();
break;
case CipherAlgorithm.PBEWITHSHAAND128BITRC4:
case CipherAlgorithm.PBEWITHSHAAND40BITRC4:
streamCipher = new RC4Engine();
break;
case CipherAlgorithm.RC2:
blockCipher = new RC2Engine();
break;
case CipherAlgorithm.RC5:
blockCipher = new RC532Engine();
break;
case CipherAlgorithm.RC5_64:
blockCipher = new RC564Engine();
break;
case CipherAlgorithm.RC6:
blockCipher = new RC6Engine();
break;
case CipherAlgorithm.RIJNDAEL:
blockCipher = new RijndaelEngine();
break;
case CipherAlgorithm.RSA:
asymBlockCipher = new RsaBlindedEngine();
break;
case CipherAlgorithm.SALSA20:
streamCipher = new Salsa20Engine();
break;
case CipherAlgorithm.SEED:
blockCipher = new SeedEngine();
break;
case CipherAlgorithm.SERPENT:
blockCipher = new SerpentEngine();
break;
case CipherAlgorithm.SKIPJACK:
blockCipher = new SkipjackEngine();
break;
case CipherAlgorithm.SM4:
blockCipher = new SM4Engine();
break;
case CipherAlgorithm.TEA:
blockCipher = new TeaEngine();
break;
case CipherAlgorithm.THREEFISH_256:
blockCipher = new ThreefishEngine(ThreefishEngine.BLOCKSIZE_256);
break;
case CipherAlgorithm.THREEFISH_512:
blockCipher = new ThreefishEngine(ThreefishEngine.BLOCKSIZE_512);
break;
case CipherAlgorithm.THREEFISH_1024:
blockCipher = new ThreefishEngine(ThreefishEngine.BLOCKSIZE_1024);
break;
case CipherAlgorithm.TNEPRES:
blockCipher = new TnepresEngine();
break;
case CipherAlgorithm.TWOFISH:
blockCipher = new TwofishEngine();
break;
case CipherAlgorithm.VMPC:
streamCipher = new VmpcEngine();
break;
case CipherAlgorithm.VMPC_KSA3:
streamCipher = new VmpcKsa3Engine();
break;
case CipherAlgorithm.XTEA:
blockCipher = new XteaEngine();
break;
default:
throw new SecurityUtilityException("Cipher " + algorithm + " not recognised.");
}
if (aeadCipher != null)
{
if (parts.Length > 1)
{
throw new ArgumentException("Modes and paddings cannot be applied to AEAD ciphers");
}
return(new BufferedAeadCipher(aeadCipher));
}
if (streamCipher != null)
{
if (parts.Length > 1)
{
throw new ArgumentException("Modes and paddings not used for stream ciphers");
}
return(new BufferedStreamCipher(streamCipher));
}
bool cts = false;
bool padded = true;
IBlockCipherPadding padding = null;
IAeadBlockCipher aeadBlockCipher = null;
if (parts.Length > 2)
{
if (streamCipher != null)
{
throw new ArgumentException("Paddings not used for stream ciphers");
}
string paddingName = parts[2];
CipherPadding cipherPadding;
if (paddingName == "")
{
cipherPadding = CipherPadding.RAW;
}
else if (paddingName == "X9.23PADDING")
{
cipherPadding = CipherPadding.X923PADDING;
}
else
{
try
{
cipherPadding = (CipherPadding)Enums.GetEnumValue(typeof(CipherPadding), paddingName);
}
catch (ArgumentException)
{
throw new SecurityUtilityException("Cipher " + algorithm + " not recognised.");
}
}
switch (cipherPadding)
{
case CipherPadding.NOPADDING:
padded = false;
break;
case CipherPadding.RAW:
break;
case CipherPadding.ISO10126PADDING:
case CipherPadding.ISO10126D2PADDING:
case CipherPadding.ISO10126_2PADDING:
padding = new ISO10126d2Padding();
break;
case CipherPadding.ISO7816_4PADDING:
case CipherPadding.ISO9797_1PADDING:
padding = new ISO7816d4Padding();
break;
case CipherPadding.ISO9796_1:
case CipherPadding.ISO9796_1PADDING:
asymBlockCipher = new ISO9796d1Encoding(asymBlockCipher);
break;
case CipherPadding.OAEP:
case CipherPadding.OAEPPADDING:
asymBlockCipher = new OaepEncoding(asymBlockCipher);
break;
case CipherPadding.OAEPWITHMD5ANDMGF1PADDING:
asymBlockCipher = new OaepEncoding(asymBlockCipher, new MD5Digest());
break;
case CipherPadding.OAEPWITHSHA1ANDMGF1PADDING:
case CipherPadding.OAEPWITHSHA_1ANDMGF1PADDING:
asymBlockCipher = new OaepEncoding(asymBlockCipher, new Sha1Digest());
break;
case CipherPadding.OAEPWITHSHA224ANDMGF1PADDING:
case CipherPadding.OAEPWITHSHA_224ANDMGF1PADDING:
asymBlockCipher = new OaepEncoding(asymBlockCipher, new Sha224Digest());
break;
case CipherPadding.OAEPWITHSHA256ANDMGF1PADDING:
case CipherPadding.OAEPWITHSHA_256ANDMGF1PADDING:
asymBlockCipher = new OaepEncoding(asymBlockCipher, new Sha256Digest());
break;
case CipherPadding.OAEPWITHSHA384ANDMGF1PADDING:
case CipherPadding.OAEPWITHSHA_384ANDMGF1PADDING:
asymBlockCipher = new OaepEncoding(asymBlockCipher, new Sha384Digest());
break;
case CipherPadding.OAEPWITHSHA512ANDMGF1PADDING:
case CipherPadding.OAEPWITHSHA_512ANDMGF1PADDING:
asymBlockCipher = new OaepEncoding(asymBlockCipher, new Sha512Digest());
break;
case CipherPadding.PKCS1:
case CipherPadding.PKCS1PADDING:
asymBlockCipher = new Pkcs1Encoding(asymBlockCipher);
break;
case CipherPadding.PKCS5:
case CipherPadding.PKCS5PADDING:
case CipherPadding.PKCS7:
case CipherPadding.PKCS7PADDING:
padding = new Pkcs7Padding();
break;
case CipherPadding.TBCPADDING:
padding = new TbcPadding();
break;
case CipherPadding.WITHCTS:
cts = true;
break;
case CipherPadding.X923PADDING:
padding = new X923Padding();
break;
case CipherPadding.ZEROBYTEPADDING:
padding = new ZeroBytePadding();
break;
default:
throw new SecurityUtilityException("Cipher " + algorithm + " not recognised.");
}
}
string mode = "";
if (parts.Length > 1)
{
mode = parts[1];
int di = GetDigitIndex(mode);
string modeName = di >= 0 ? mode.Substring(0, di) : mode;
try
{
CipherMode cipherMode = modeName == ""
? CipherMode.NONE
: (CipherMode)Enums.GetEnumValue(typeof(CipherMode), modeName);
switch (cipherMode)
{
case CipherMode.ECB:
case CipherMode.NONE:
break;
case CipherMode.CBC:
blockCipher = new CbcBlockCipher(blockCipher);
break;
case CipherMode.CCM:
aeadBlockCipher = new CcmBlockCipher(blockCipher);
break;
case CipherMode.CFB:
{
int bits = (di < 0)
? 8 * blockCipher.GetBlockSize()
: int.Parse(mode.Substring(di));
blockCipher = new CfbBlockCipher(blockCipher, bits);
break;
}
case CipherMode.CTR:
blockCipher = new SicBlockCipher(blockCipher);
break;
case CipherMode.CTS:
cts = true;
blockCipher = new CbcBlockCipher(blockCipher);
break;
case CipherMode.EAX:
aeadBlockCipher = new EaxBlockCipher(blockCipher);
break;
case CipherMode.GCM:
aeadBlockCipher = new GcmBlockCipher(blockCipher);
break;
case CipherMode.GOFB:
blockCipher = new GOfbBlockCipher(blockCipher);
break;
case CipherMode.OCB:
aeadBlockCipher = new OcbBlockCipher(blockCipher, CreateBlockCipher(cipherAlgorithm));
break;
case CipherMode.OFB:
{
int bits = (di < 0)
? 8 * blockCipher.GetBlockSize()
: int.Parse(mode.Substring(di));
blockCipher = new OfbBlockCipher(blockCipher, bits);
break;
}
case CipherMode.OPENPGPCFB:
blockCipher = new OpenPgpCfbBlockCipher(blockCipher);
break;
case CipherMode.SIC:
if (blockCipher.GetBlockSize() < 16)
{
throw new ArgumentException("Warning: SIC-Mode can become a twotime-pad if the blocksize of the cipher is too small. Use a cipher with a block size of at least 128 bits (e.g. AES)");
}
blockCipher = new SicBlockCipher(blockCipher);
break;
default:
throw new SecurityUtilityException("Cipher " + algorithm + " not recognised.");
}
}
catch (ArgumentException)
{
throw new SecurityUtilityException("Cipher " + algorithm + " not recognised.");
}
}
if (aeadBlockCipher != null)
{
if (cts)
{
throw new SecurityUtilityException("CTS mode not valid for AEAD ciphers.");
}
if (padded && parts.Length > 2 && parts[2] != "")
{
throw new SecurityUtilityException("Bad padding specified for AEAD cipher.");
}
return(new BufferedAeadBlockCipher(aeadBlockCipher));
}
if (blockCipher != null)
{
if (cts)
{
return(new CtsBlockCipher(blockCipher));
}
if (padding != null)
{
return(new PaddedBufferedBlockCipher(blockCipher, padding));
}
if (!padded || blockCipher.IsPartialBlockOkay)
{
return(new BufferedBlockCipher(blockCipher));
}
return(new PaddedBufferedBlockCipher(blockCipher));
}
if (asymBlockCipher != null)
{
return(new BufferedAsymmetricBlockCipher(asymBlockCipher));
}
throw new SecurityUtilityException("Cipher " + algorithm + " not recognised.");
}
public BcChaCha20Crypto(byte[] key, byte[] iv) : base(key, iv)
{
_engine = new ChaCha7539Engine();
_engine.Init(default, new ParametersWithIV(new KeyParameter(key), iv));
