Exemplo n.º 1
0
        public void AesAeadWithoutAdditionalDataTest()
        {
            var key = new byte[]
            {
                0x42, 0x90, 0xbc, 0xb1, 0x54, 0x17, 0x35, 0x31, 0xf3, 0x14, 0xaf,
                0x57, 0xf3, 0xbe, 0x3b, 0x50, 0x06, 0xda, 0x37, 0x1e, 0xce, 0x27,
                0x2a, 0xfa, 0x1b, 0x5d, 0xbd, 0xd1, 0x10, 0x0a, 0x10, 0x07
            };

            var nonce = new byte[]
            {
                0xcd, 0x7c, 0xf6, 0x7b, 0xe3, 0x9c, 0x79, 0x4a, 0x79, 0xc0, 0xd1, 0x10
            };

            var m = new byte[]
            {
                0x86, 0xd0, 0x99, 0x74, 0x84, 0x0b, 0xde, 0xd2, 0xa5, 0xca
            };

            if (SecretAeadAes.IsAvailable())
            {
                var encrypted = SecretAeadAes.Encrypt(m, nonce, key);
                var decrypted = SecretAeadAes.Decrypt(encrypted, nonce, key);
                CollectionAssert.AreEqual(m, decrypted);
            }
            else
            {
                Console.WriteLine("Missing AES support");
            }
        }
        public void SecretAeadEncryptWithBadAdditionalData()
        {
            var key = new byte[] {
                0x42, 0x90, 0xbc, 0xb1, 0x54, 0x17, 0x35, 0x31, 0xf3, 0x14, 0xaf,
                0x57, 0xf3, 0xbe, 0x3b, 0x50, 0x06, 0xda, 0x37, 0x1e, 0xce, 0x27,
                0x2a, 0xfa, 0x1b, 0x5d, 0xbd, 0xd1, 0x10, 0x0a, 0x10, 0x07
            };

            var nonce = new byte[] {
                0xcd, 0x7c, 0xf6, 0x7b, 0xe3, 0x9c, 0x79, 0x4a, 0x79, 0xc0, 0xd1, 0x10
            };

            var ad = new byte[] {
                0x87, 0xe2, 0x29, 0xd4, 0x50, 0x08, 0x45, 0xa0, 0x79, 0xc0,
                0x87, 0xe2, 0x29, 0xd4, 0x50, 0x08, 0x45, 0xa0, 0x79, 0xc0,
                0x87, 0xe2, 0x29, 0xd4, 0x50, 0x08, 0x45, 0xa0, 0x79, 0xc0
            };

            var m = new byte[] {
                0x86, 0xd0, 0x99, 0x74, 0x84, 0x0b, 0xde, 0xd2, 0xa5, 0xca
            };

            if (SecretAeadAes.IsAvailable())
            {
                Assert.Throws <AdditionalDataOutOfRangeException>(
                    () => SecretAeadAes.Encrypt(m, nonce, key, ad));
            }
            else
            {
                Assert.Warn("AES is not supported");
            }
        }
Exemplo n.º 3
0
 // Function to generate encryption key.
 public static void GenerateEncryptionKey(string masterPassword)
 {
     // Generate random 32 byte encryption key, 12 byte random nonce and 32 byte hash to use as key from master password.
     byte[] encryptionKey = SodiumCore.GetRandomBytes(32);
     byte[] nonce         = SecretAeadAes.GenerateNonce();
     byte[] key           = GenericHash.Hash(masterPassword, (byte[])null, 32);
     // Encrypt encryption key with master password.
     byte[] encryptedKey = SecretAeadAes.Encrypt(encryptionKey, nonce, key);
     // Store bytes in base64 encoding.
     File.WriteAllText(PIMUX_KEY, Convert.ToBase64String(encryptedKey));
     File.WriteAllText(PIMUX_KEY_NONCE, Convert.ToBase64String(nonce));
 }
Exemplo n.º 4
0
        // Function to change the master password.
        public static void ChangeMasterPassword(string oldMasterPassword, string newMasterPassword)
        {
            // Get current encryption key.
            byte[] key = GetKey(oldMasterPassword);

            // Re-encrypt key with new master password and store.
            byte[] nonce           = SecretAeadAes.GenerateNonce();
            byte[] keyToEncryptKey = GenericHash.Hash(newMasterPassword, (byte[])null, 32);
            byte[] encryptedKey    = SecretAeadAes.Encrypt(key, nonce, keyToEncryptKey);

            // Store bytes in base64 encoding.
            File.WriteAllText(PIMUX_KEY, Convert.ToBase64String(encryptedKey));
            File.WriteAllText(PIMUX_KEY_NONCE, Convert.ToBase64String(nonce));

            // Change authentication hash.
            string newArgonHash = ArgonHash(newMasterPassword);

            File.WriteAllText(PIMUX_AUTH, newArgonHash);

            //Hashes the key in to PIMUX_KEY
            File.WriteAllText(PIMUX_KEY, newArgonHash);
        }
Exemplo n.º 5
0
        // Function to encrypt the main store.
        public static void EncryptStoreFile(string masterPassword, string[] dataToEncrypt)
        {
            // Get required variables.
            byte[] nonce = GetNonce();
            byte[] key   = GetKey(masterPassword);

            // Clear main store.
            File.WriteAllText(PIMUX_STORE, "");

            // Encrypt each password entry.
            for (int i = 0; i < dataToEncrypt.Length; i++)
            {
                // Increment nonce so every password entry uses a different nonce.
                ByteOperation.Increment(ref nonce);
                byte[] byteDataToEnc = Encoding.ASCII.GetBytes(dataToEncrypt[i]);
                var    encrypted     = SecretAeadAes.Encrypt(byteDataToEnc, nonce, key);
                File.AppendAllText(PIMUX_STORE, Convert.ToBase64String(encrypted) + Environment.NewLine);
            }

            // Write nonce to file.
            File.WriteAllText(PIMUX_STORE_NONCE, Convert.ToBase64String(nonce));
        }