public static string GenerateEncryptedPassword(string password)
{
var timeString = DateTime.UtcNow.ToTimeStamp().ToString();
byte[] keyBytes = CryptographyConstants.Key.HexToBytes();
var key = new byte[32];
ThreadSafeRandom.NextBytes(key);
var iv = new byte[12];
var tag = new byte[16];
byte[] plainText = Encoding.UTF8.GetBytes(password);
var cipherText = new byte[plainText.Length];
using (var cipher = new AesGcm(key)) {
cipher.Encrypt(iv,
plainText,
cipherText,
tag,
Encoding.UTF8.GetBytes(timeString));
}
byte[] encryptedKey = SealedPublicKeyBox.Create(key, keyBytes);
byte[] bytesOfLen = BitConverter.GetBytes((short)encryptedKey.Length);
var info = new byte[] { 1, byte.Parse(CryptographyConstants.KeyId.ToString()) };
byte[] bytes = info.Concat(bytesOfLen).Concat(encryptedKey).Concat(tag).Concat(cipherText);
return
($"#PWD_INSTAGRAM_BROWSER:{CryptographyConstants.Version}:{timeString}:{Convert.ToBase64String(bytes)}");
}
public static void EncryptByteArray(ref byte[] byteArray)
{
try
{
if (Globals.MemoryEncryption == true && byteArray != null)
{
if (Constants.RunningOnMono == false)
{
// Windows
ProtectedMemory.Protect(byteArray, MemoryProtectionScope.SameProcess);
}
else if (Constants.RunningOnMono == true)
{
// Linux & macOS
byteArray = SealedPublicKeyBox.Create(byteArray, _keyPair.PublicKey);
}
}
}
catch (Exception ex) when(ExceptionFilters.MemoryEncryptionExceptions(ex))
{
Globals.MemoryEncryption = false;
Settings.SaveSettings();
Logging.LogException(ex.ToString(), Logging.Severity.Bug);
DisplayMessage.ErrorMessageBox(ex.GetType().Name, "Memory encryption has been disabled due to an exception. This is a bug - please report it.");
}
}
public async Task SetSecretAsync(string name, string value)
{
var owner = _owner;
var repo = _repo;
var publicKeyResponse = await _httpClient.GetAsync($"repos/{owner}/{repo}/actions/secrets/public-key");
var publicKeyJson = await publicKeyResponse.Content.ReadAsStringAsync();
var publicKeyModel = JToken.Parse(publicKeyJson);
var publicKey = Convert.FromBase64String(publicKeyModel.Value <string>("key"));
var publicKeyId = publicKeyModel.Value <string>("key_id");
var secretValue = System.Text.Encoding.UTF8.GetBytes(value);
var sealedPublicKeyBox = SealedPublicKeyBox.Create(secretValue, publicKey);
var sealedPublicKeyBoxEncoded = Convert.ToBase64String(sealedPublicKeyBox);
var updateContent =
new StringContent(
JToken.FromObject(new { encrypted_value = sealedPublicKeyBoxEncoded, key_id = publicKeyId })
.ToString(), System.Text.Encoding.UTF8, "applcation/json");
var updateResponse =
await _httpClient.PutAsync($"repos/{owner}/{repo}/actions/secrets/{name}",
updateContent);
updateResponse.EnsureSuccessStatusCode();
}
// This method will be called for each input received from the pipeline to this cmdlet; if no input is received, this method is not called
protected override void ProcessRecord()
{
byte[] byteArr = Encoding.UTF8.GetBytes(Text);
byte[] publicKey = Convert.FromBase64String(PublicKey);
byte[] sealedPublicKeyBox = SealedPublicKeyBox.Create(byteArr, publicKey);
WriteObject(Convert.ToBase64String(sealedPublicKeyBox));
}
public static string AnonymousRSAEncryption(string publicKey, string plainText)
{
var encodedPublicKey = Encoding.UTF8.GetBytes(publicKey);
var cipherText = SealedPublicKeyBox.Create(plainText, encodedPublicKey);
return(Encoding.UTF8.GetString(cipherText));
}
public static string AnonymousRSADecryption(string privateKey, string cipherText)
{
var encodedPrivateKey = Encoding.UTF8.GetBytes(privateKey);
var keyPair = PublicKeyBox.GenerateKeyPair(encodedPrivateKey);
var plainText = SealedPublicKeyBox.Open(cipherText, keyPair);
return(Encoding.UTF8.GetString(plainText));
}
// Decrypts data with receiver’s private key using Libsodium
public static string DecryptWithPrivateKey(string data, string privateKey)
{
var privateKeyConverted = PublicKeyAuth.ConvertEd25519SecretKeyToCurve25519SecretKey(Hex.Decode(privateKey));
var publicKey = Hex.Decode(GetPublicKeyFromPrivate(privateKey));
var publicKeyConverted = PublicKeyAuth.ConvertEd25519PublicKeyToCurve25519PublicKey(publicKey);
return(Encoding.UTF8.GetString(SealedPublicKeyBox.Open(Hex.Decode(data), privateKeyConverted, publicKeyConverted)));
}
static string SealedCryptoboxDecryptionToBase64(byte[] privateKey, string ciphertextReceivedBase64)
{
byte[] ciphertext = Base64Decoding(ciphertextReceivedBase64);
KeyPair keypair = PublicKeyBox.GenerateKeyPair(privateKey);
var decrypted = SealedPublicKeyBox.Open(ciphertext, keypair);
return(System.Text.Encoding.UTF8.GetString(decrypted, 0, decrypted.Length));
}
public static byte[] Encrypt(string json, string callbackEncryption)
{
if (!TryExtractEncryptionKey(callbackEncryption, out var key))
{
throw new ArgumentException("Can not extract encryption key");
}
return(SealedPublicKeyBox.Create(Encoding.UTF8.GetBytes(json), key));
}
/// <summary>
/// Seal box.
/// </summary>
/// <returns>The seal.</returns>
/// <param name="message">Message.</param>
/// <param name="pk">Pk.</param>
public static byte[] BoxSeal(string message, byte[] pk)
{
Guard.Argument(message, nameof(message)).NotNull().NotEmpty();
Guard.Argument(pk, nameof(pk)).NotNull().MaxCount(32);
var encrypted = SealedPublicKeyBox.Create(Encoding.UTF8.GetBytes(message), pk);
return(encrypted);
}
public static string OpenBoxSeal(byte[] cypher, KeyPair keyPair)
{
Guard.Argument(cypher, nameof(cypher)).NotNull();
Guard.Argument(keyPair, nameof(keyPair)).NotNull();
var decrypted = SealedPublicKeyBox.Open(cypher, keyPair);
return(Encoding.UTF8.GetString(decrypted));
}
public void CreateAndOpenSealedBoxWithKeyPairTest()
{
byte[] message = System.Text.Encoding.UTF8.GetBytes("Hello, World!");
var keyPair = PublicKeyBox.GenerateKeyPair();
var encrypted = SealedPublicKeyBox.Create(message, keyPair.Public);
var decrypted = SealedPublicKeyBox.Open(encrypted, keyPair);
Assert.AreEqual(message.ToString(), decrypted.ToString());
}
public void CreateAndOpenSealedBoxWithKeyPairTest()
{
const string message = "Adam Caudill";
var recipientKeypair = PublicKeyBox.GenerateKeyPair();
var encrypted = SealedPublicKeyBox.Create(message, recipientKeypair);
var decrypted = SealedPublicKeyBox.Open(encrypted, recipientKeypair);
Assert.AreEqual(message, Encoding.UTF8.GetString(decrypted));
}
private static char[] EncryptPassword(byte[] plaintext, byte[] publicKey)
{
try
{
byte[] ciphertext = SealedPublicKeyBox.Create(plaintext, publicKey);
return(Convert.ToBase64String(ciphertext).ToCharArray());
}
catch (Exception ex) when(ExceptionFilters.PasswordSharingExceptions(ex))
{
Logging.LogException(ex.ToString(), Logging.Severity.Low);
GetErrorMessage(ex);
return(Array.Empty <char>());
}
}
private static char[] DecryptPassword(byte[] ciphertext, byte[] privateKey)
{
try
{
using var keyPair = PublicKeyBox.GenerateKeyPair(privateKey);
byte[] plaintext = SealedPublicKeyBox.Open(ciphertext, keyPair);
return(Encoding.UTF8.GetChars(plaintext));
}
catch (Exception ex) when(ExceptionFilters.PasswordSharingExceptions(ex))
{
Logging.LogException(ex.ToString(), Logging.Severity.Low);
GetErrorMessage(ex);
return(Array.Empty <char>());
}
}
public static void DecryptByteArray(ref byte[] byteArray)
{
try
{
if (Globals.MemoryEncryption == true && byteArray != null)
{
byteArray = SealedPublicKeyBox.Open(byteArray, _keyPair);
}
}
catch (Exception ex) when(ExceptionFilters.MemoryEncryptionExceptions(ex))
{
Logging.LogException(ex.ToString(), Logging.Severity.Bug);
DisplayMessage.Error(ex.GetType().Name, "Memory decryption failed. This is a bug - please report it.");
}
}
public static string OpenBoxSeal(byte[] cipher, KeyPair keyPair)
{
if (cipher == null)
{
throw new ArgumentNullException(nameof(cipher));
}
if (keyPair == null)
{
throw new ArgumentNullException(nameof(keyPair));
}
var decrypted = SealedPublicKeyBox.Open(cipher, keyPair);
return(Encoding.UTF8.GetString(decrypted));
}
/// <summary>
/// Seal box.
/// </summary>
/// <returns>The seal.</returns>
/// <param name="message">Message.</param>
/// <param name="pk">Pk.</param>
public static byte[] BoxSeal(string message, byte[] pk)
{
if (string.IsNullOrEmpty(message))
{
throw new ArgumentException("message", nameof(message));
}
if (pk == null)
{
throw new ArgumentNullException(nameof(pk));
}
var encrypted = SealedPublicKeyBox.Create(Encoding.UTF8.GetBytes(message), pk);
return(encrypted);
}
public void CreateAndOpenSealedBoxTest()
{
String message = "Hello, World!";
byte[] byteMessage = System.Text.Encoding.UTF8.GetBytes(message);
var keyPair = PublicKeyBox.GenerateKeyPair();
var encrypted = SealedPublicKeyBox.Create(byteMessage, keyPair.Public);
var decrypted = SealedPublicKeyBox.Open(encrypted, keyPair.Secret, keyPair.Public);
Assert.AreEqual(byteMessage.ToString(), decrypted.ToString());
var newEncrypted = SealedPublicKeyBox.Create(message, keyPair.Public);
var newDecrypted = SealedPublicKeyBox.Open(newEncrypted, keyPair.Secret, keyPair.Public);
Assert.AreEqual(decrypted.ToString(), newDecrypted.ToString());
}
public static void EncryptByteArray(ref byte[] byteArray)
{
try
{
if (Globals.MemoryEncryption == true && byteArray != null)
{
byteArray = SealedPublicKeyBox.Create(byteArray, _keyPair.PublicKey);
}
}
catch (Exception ex) when(ExceptionFilters.MemoryEncryptionExceptions(ex))
{
Globals.MemoryEncryption = false;
KryptorSettings.SaveSettings();
Logging.LogException(ex.ToString(), Logging.Severity.Bug);
DisplayMessage.Error(ex.GetType().Name, "Memory encryption has been disabled due to an exception. This is a bug - please report it.");
}
}
public static void DecryptByteArray(ref byte[] byteArray)
{
try
{
if (Globals.MemoryEncryption == true && byteArray != null)
{
if (Constants.RunningOnMono == false)
{
// Windows
ProtectedMemory.Unprotect(byteArray, MemoryProtectionScope.SameProcess);
}
else if (Constants.RunningOnMono == true)
{
// Linux & macOS
byteArray = SealedPublicKeyBox.Open(byteArray, _keyPair);
}
}
}
catch (Exception ex) when(ExceptionFilters.MemoryEncryptionExceptions(ex))
{
Logging.LogException(ex.ToString(), Logging.Severity.Bug);
DisplayMessage.ErrorMessageBox(ex.GetType().Name, "Memory decryption failed. This is a bug - please report it.");
}
}
static string SealedCryptoboxEncryptionToBase64(byte[] publicKey, string plaintext)
{
var ciphertext = SealedPublicKeyBox.Create(plaintext, publicKey);
return(Base64Encoding(ciphertext));
}
// Encrypts data with receiver’s public key using Libsodium
public static string EncryptWithPublicKey(string data, string publicKey)
{
var publicKeyConverted = PublicKeyAuth.ConvertEd25519PublicKeyToCurve25519PublicKey(Hex.Decode(publicKey));
return(Hex.ToHexString(SealedPublicKeyBox.Create(Encoding.UTF8.GetBytes(data), publicKeyConverted)));
}
public static string Decrypt(byte[] encrypted, KeyPair keyPair)
{
return(Encoding.UTF8.GetString(SealedPublicKeyBox.Open(encrypted, keyPair)));
}
