static void Main() { const string original = "Very secret and important information that can not fall into the wrong hands."; var hybrid = new HybridEncryption(); var rsaParams = new RSAWithRSAParameterKey(); rsaParams.AssignNewKey(); Console.WriteLine("Hybrid Encryption with Integrity Check Demonstration in .NET"); Console.WriteLine("------------------------------------------------------------"); Console.WriteLine(); try { var encryptedBlock = hybrid.EncryptData(Encoding.UTF8.GetBytes(original), rsaParams); var decrpyted = hybrid.DecryptData(encryptedBlock, rsaParams); Console.WriteLine("Original Message = " + original); Console.WriteLine(); Console.WriteLine("Message After Decryption = " + Encoding.UTF8.GetString(decrpyted)); } catch (CryptographicException ex) { Console.WriteLine("Error : " + ex.Message); } Console.ReadLine(); }
public EncryptedPacket EncryptData(byte[] original, RSAWithRSAParameterKey rsaParams) { var sessionKey = _aes.GenerateRandomNumber(32); var encryptedPacket = new EncryptedPacket { Iv = _aes.GenerateRandomNumber(16) }; // Encrypt data with AES and AES Key with RSA encryptedPacket.EncryptedData = _aes.Encrypt(original, sessionKey, encryptedPacket.Iv); encryptedPacket.EncryptedSessionKey = rsaParams.EncryptData(sessionKey); using (var hmac = new HMACSHA256(sessionKey)) { encryptedPacket.Hmac = hmac.ComputeHash(Combine(encryptedPacket.EncryptedData, encryptedPacket.Iv)); } return(encryptedPacket); }
public byte[] DecryptData(EncryptedPacket encryptedPacket, RSAWithRSAParameterKey rsaParams) { // Decrypt AES Key with RSA and then decrypt data with AES. var decryptedSessionKey = rsaParams.DecryptData(encryptedPacket.EncryptedSessionKey); using (var hmac = new HMACSHA256(decryptedSessionKey)) { var hmacToCheck = hmac.ComputeHash(Combine(encryptedPacket.EncryptedData, encryptedPacket.Iv)); if (!Compare(encryptedPacket.Hmac, hmacToCheck)) { throw new CryptographicException("HMAC for decryption does not match encrypted packet."); } } var decryptedData = _aes.Decrypt(encryptedPacket.EncryptedData, decryptedSessionKey, encryptedPacket.Iv); return(decryptedData); }
static void Main() { //The example provided is not good since we only have one public/private key pair var data = "Hello, World!"; var rsaKey = new RSAWithRSAParameterKey(); rsaKey.AssignNewKey(); var aliceHybridEncryption = new HybridEncryption(); var encryptedData = aliceHybridEncryption.EncryptData(Encoding.UTF8.GetBytes(data), rsaKey); //Data is transmitted Console.WriteLine("Encrypted Data: " + Convert.ToBase64String(encryptedData.EncryptedData)); Console.WriteLine("Encrypted Session Key: " + Convert.ToBase64String(encryptedData.EncryptedSessionKey)); Console.WriteLine("Initialization Vector: " + Convert.ToBase64String(encryptedData.Iv)); Console.WriteLine("Hmac: " + Convert.ToBase64String(encryptedData.Hmac)); var bobHybridEncryption = new HybridEncryption(); var decryptedData = bobHybridEncryption.DecryptData(encryptedData, rsaKey); Console.WriteLine(Encoding.UTF8.GetString(decryptedData)); Console.WriteLine(); Console.WriteLine("Tamper data"); encryptedData.EncryptedData[encryptedData.EncryptedData.Length - 1] = 0; try { decryptedData = bobHybridEncryption.DecryptData(encryptedData, rsaKey); Console.WriteLine(Encoding.UTF8.GetString(decryptedData)); } catch (CryptographicException ex) { Console.WriteLine("Data has been changed during transmission"); Console.WriteLine(ex.Message); } }