Exemplo n.º 1
0
        /// <summary>
        /// This is an example of what a sender would do to securely transmit data
        /// using a hybrid encryption solution, (combining symmetric (AES) encryption
        /// with asymmetric encryption (RSA)).
        /// </summary>
        /// <param name="data">Data to be encrypted</param>
        /// <param name="publicKey">The public key, used to encrypt the session key used to encrypt the data.</param>
        /// <returns>Encrypted Packet of data that can be securely transferred</returns>
        public EncryptedPacket EncryptData(byte[] data, RSAWithRSAParameterKey publicKey, DigitalSignature digitalSignature)
        {
            var encryptedPacket = new EncryptedPacket();

            // Generate our unique 256 bits session key
            var sessionKey = _aes.GenerateRandomNumbers(32);

            // Generate the 128 bit Initialization Vector
            encryptedPacket.Iv = _aes.GenerateRandomNumbers(16);

            // Encrypt data using AES (symmetric encryption) session key and IV
            encryptedPacket.EncryptedData = _aes.Encrypt(data, sessionKey, encryptedPacket.Iv);

            // Encrypt the session key with the public RSA key
            encryptedPacket.EncryptedSessionKey = publicKey.EncryptData(sessionKey);

            // Generate a HMAC using the unique session key
            using (var hmac = new HMACSHA256(sessionKey))
            {
                encryptedPacket.Hmac = hmac.ComputeHash(encryptedPacket.EncryptedData);
            }

            // Use our private RSA key to sign the HASH value we are sending
            encryptedPacket.Signature = digitalSignature.SignData(encryptedPacket.Hmac);

            return(encryptedPacket);
        }
Exemplo n.º 2
0
        public byte[] DecryptData(EncryptedPacket encryptedPacket, RSAWithRSAParameterKey privateKey, DigitalSignature digitalSignature)
        {
            // Decrypt the unique 256 bits AES session key
            var sessionKey = privateKey.DecryptData(encryptedPacket.EncryptedSessionKey);

            // Validate the encrypted data is accurate
            using (var hmac = new HMACSHA256(sessionKey))
            {
                var hmacToCheck = hmac.ComputeHash(encryptedPacket.EncryptedData);
                if (!CompareBytes(encryptedPacket.Hmac, hmacToCheck))
                {
                    throw new CryptographicException("HMAC invalid, data is corrupted.");
                }

                if (!digitalSignature.VerifySignature(encryptedPacket.Hmac, encryptedPacket.Signature))
                {
                    throw new CryptographicException("Digital Signature can not be validated.");
                }
            }

            // Decrypt the data
            var data = _aes.Decrypt(encryptedPacket.EncryptedData, sessionKey, encryptedPacket.Iv);

            return(data);
        }
Exemplo n.º 3
0
        static void Main(string[] args)
        {
            const string originalData =
                "So, what if, instead of thinking about solving your whole life, you just think about " +
                "adding additional good things. One at a time. Just let your pile of good things grow!";

            var rsaParams = new RSAWithRSAParameterKey();

            rsaParams.AssignNewKey();
            var digitalSignature = new DigitalSignature();

            digitalSignature.AssignNewKey();

            var hybrid = new HybridEncryption();

            try
            {
                Console.WriteLine("Hybrid Encryption using in Memory keys");
                Console.WriteLine("--------------------------------------");
                Console.WriteLine("");
                Console.WriteLine($" original data  : {originalData}");

                var encryptedPacket = hybrid.EncryptData(Encoding.UTF8.GetBytes(originalData), rsaParams, digitalSignature);
                var decryptedData   = hybrid.DecryptData(encryptedPacket, rsaParams, digitalSignature);

                Console.WriteLine("");
                Console.WriteLine($" decrypted data : {Encoding.Default.GetString(decryptedData)}");
            }
            catch (Exception e)
            {
                Console.WriteLine(e.Message);
            }

            Console.WriteLine("");
        }