public EncryptedPacket EncryptData(byte[] original, RSAWithRSAParameterKey rsaParams, DigitalSignatureFuncs digitalSignature)
{
// Generate our session key
var sessionKey = _aes.GenerateRandomNumber(32);
// Create the encrypted packet and generate the IV
var encryptedPacket = new EncryptedPacket
{
IV = _aes.GenerateRandomNumber(16)
};
// Encrypt our data with AES
encryptedPacket.EncryptedData = _aes.Encrypt(original, sessionKey, encryptedPacket.IV);
// Encrypt the session key with RSA
encryptedPacket.EncryptedSessionKey = rsaParams.EncryptData(sessionKey);
// Calculate a HMAC
encryptedPacket.HMAC = HMac.ComputeHMACSha256(encryptedPacket.EncryptedData, sessionKey);
// Generate digital signature of packet to send
encryptedPacket.Signature = digitalSignature.SignData(encryptedPacket.HMAC);
return(encryptedPacket);
}
public byte[] DecryptData(EncryptedPacket encryptedPacket, RSAWithRSAParameterKey rsaParams)
{
// Decrypt AES Key with RSA
var decryptedSessionKey = rsaParams.DecryptData(encryptedPacket.EncryptedSessionKey);
// Integrity Check
var hmacToCheck = HMac.ComputeHMACSha256(encryptedPacket.EncryptedData, decryptedSessionKey);
if (!Compare(encryptedPacket.HMAC, hmacToCheck))
{
throw new CryptographicException("HMAC for decryption does not match encrypted package HMAC code received. This means the message has been tampered with.");
}
// Decrypt our data with AES using the decryptedSessionKey
return(_aes.Decrypt(encryptedPacket.EncryptedData, decryptedSessionKey, encryptedPacket.IV));
}
private static void TestHMACAPI()
{
const string originalMessage = "Original message to hash";
const string originalMessage2 = "Or1ginal message to hash";
Console.WriteLine($"Original Message 1: {originalMessage}");
Console.WriteLine($"Original Message 2: {originalMessage2}");
Console.WriteLine();
var key = HMac.GenerateKey();
var hmacMd5Message = HMac.ComputeHMACMD5(Encoding.UTF8.GetBytes(originalMessage), key);
var hmacMd5Message2 = HMac.ComputeHMACMD5(Encoding.UTF8.GetBytes(originalMessage2), key);
var hmacSha1Message = HMac.ComputeHMACSha1(Encoding.UTF8.GetBytes(originalMessage), key);
var hmacSha1Message2 = HMac.ComputeHMACSha1(Encoding.UTF8.GetBytes(originalMessage2), key);
var hmacSha256Message = HMac.ComputeHMACSha256(Encoding.UTF8.GetBytes(originalMessage), key);
var hmacSha256Message2 = HMac.ComputeHMACSha256(Encoding.UTF8.GetBytes(originalMessage2), key);
var hmacSha512Message = HMac.ComputeHMACSha512(Encoding.UTF8.GetBytes(originalMessage), key);
var hmacSha512Message2 = HMac.ComputeHMACSha512(Encoding.UTF8.GetBytes(originalMessage2), key);
Console.WriteLine();
Console.WriteLine($"MD5 HMAC Message 1: {Convert.ToBase64String(hmacMd5Message)}");
Console.WriteLine($"MD5 HMAC Message 2: {Convert.ToBase64String(hmacMd5Message2)}");
Console.WriteLine();
Console.WriteLine();
Console.WriteLine($"SHA1 HMAC Message 1: {Convert.ToBase64String(hmacSha1Message)}");
Console.WriteLine($"SHA1 HMAC Message 2: {Convert.ToBase64String(hmacSha1Message2)}");
Console.WriteLine();
Console.WriteLine();
Console.WriteLine($"SHA256 HMAC Message 1: {Convert.ToBase64String(hmacSha256Message)}");
Console.WriteLine($"SHA256 HMAC Message 2: {Convert.ToBase64String(hmacSha256Message2)}");
Console.WriteLine();
Console.WriteLine();
Console.WriteLine($"SHA512 HMAC Message 1: {Convert.ToBase64String(hmacSha512Message)}");
Console.WriteLine($"SHA512 HMAC Message 2: {Convert.ToBase64String(hmacSha512Message2)}");
Console.WriteLine();
}