public async Task DecryptAsync(Stream @in, Stream @out, ISymmetricKey symmetricKey, SymmetricAlgorithmType type)
{
if (@in == null) throw new ArgumentNullException(nameof(@in));
if (@out == null) throw new ArgumentNullException(nameof(@out));
if (symmetricKey == null) throw new ArgumentNullException(nameof(symmetricKey));
using (var rm = _symmetricAlgorithmFactory.Create(type))
using (var cs = new CryptoStream(@in, rm.CreateDecryptor(symmetricKey.Key, symmetricKey.IV), CryptoStreamMode.Read))
{
await cs.CopyToAsync(@out);
}
}
public async Task<bool> WasHashChanged()
{
try
{
using (var fileStream = _fileInfo.Open(FileMode.Open, FileAccess.Read, FileShare.ReadWrite))
using (var md5 = MD5.Create())
{
using (var crStream = new CryptoStream(fileStream, md5, CryptoStreamMode.Read))
await crStream.CopyToAsync(Stream.Null);
return !_hash.SequenceEqual(md5.Hash);
}
}
catch (Exception)
{
return true;
}
}
public async Task ECAsymmetricSigningAndEncryption()
{
var bob = new ECDsaCng(521);
var bobPublic = CngKey.Import(bob.Key.Export(CngKeyBlobFormat.EccPublicBlob), CngKeyBlobFormat.EccPublicBlob);
var alice = new ECDsaCng(521);
var alicePublic = CngKey.Import(alice.Key.Export(CngKeyBlobFormat.EccPublicBlob), CngKeyBlobFormat.EccPublicBlob);
// Bob formulates request.
var bobRequest = new MemoryStream();
var bobDH = ECDiffieHellman.Create();
{
byte[] bobPublicDH = bobDH.PublicKey.ToByteArray();
byte[] bobSignedDH = bob.SignData(bobPublicDH);
await bobRequest.WriteSizeAndBufferAsync(bobPublicDH, CancellationToken.None);
await bobRequest.WriteSizeAndBufferAsync(bobSignedDH, CancellationToken.None);
bobRequest.Position = 0;
}
// Alice reads request.
var aliceResponse = new MemoryStream();
byte[] aliceKeyMaterial;
var aliceDH = new ECDiffieHellmanCng();
{
byte[] bobPublicDH = await bobRequest.ReadSizeAndBufferAsync(CancellationToken.None);
byte[] bobSignedDH = await bobRequest.ReadSizeAndBufferAsync(CancellationToken.None);
var bobDsa = new ECDsaCng(bobPublic);
Assert.IsTrue(bobDsa.VerifyData(bobPublicDH, bobSignedDH));
var bobDHPK = ECDiffieHellmanCngPublicKey.FromByteArray(bobPublicDH, CngKeyBlobFormat.EccPublicBlob);
aliceKeyMaterial = aliceDH.DeriveKeyMaterial(bobDHPK);
await aliceResponse.WriteSizeAndBufferAsync(aliceDH.PublicKey.ToByteArray(), CancellationToken.None);
await aliceResponse.WriteSizeAndBufferAsync(alice.SignData(aliceDH.PublicKey.ToByteArray()), CancellationToken.None);
// Alice also adds a secret message.
using (var aes = SymmetricAlgorithm.Create())
{
using (var encryptor = aes.CreateEncryptor(aliceKeyMaterial, new byte[aes.BlockSize / 8]))
{
var cipherText = new MemoryStream();
using (var cryptoStream = new CryptoStream(cipherText, encryptor, CryptoStreamMode.Write))
{
cryptoStream.Write(new byte[] { 0x1, 0x3, 0x2 }, 0, 3);
cryptoStream.FlushFinalBlock();
cipherText.Position = 0;
await aliceResponse.WriteSizeAndStreamAsync(cipherText, CancellationToken.None);
}
}
}
aliceResponse.Position = 0;
}
// Bob reads response
byte[] bobKeyMaterial;
{
byte[] alicePublicDH = await aliceResponse.ReadSizeAndBufferAsync(CancellationToken.None);
byte[] aliceSignedDH = await aliceResponse.ReadSizeAndBufferAsync(CancellationToken.None);
var aliceDsa = new ECDsaCng(alicePublic);
Assert.IsTrue(aliceDsa.VerifyData(alicePublicDH, aliceSignedDH));
var aliceDHPK = ECDiffieHellmanCngPublicKey.FromByteArray(alicePublicDH, CngKeyBlobFormat.EccPublicBlob);
bobKeyMaterial = bobDH.DeriveKeyMaterial(aliceDHPK);
// And Bob reads Alice's secret message.
using (var aes = SymmetricAlgorithm.Create())
{
using (var decryptor = aes.CreateDecryptor(aliceKeyMaterial, new byte[aes.BlockSize / 8]))
{
var plaintext = new MemoryStream();
var substream = await aliceResponse.ReadSizeAndStreamAsync(CancellationToken.None);
using (var cryptoStream = new CryptoStream(substream, decryptor, CryptoStreamMode.Read))
{
await cryptoStream.CopyToAsync(plaintext);
plaintext.Position = 0;
byte[] secretMessage = new byte[1024];
int readBytes = plaintext.Read(secretMessage, 0, secretMessage.Length);
}
}
}
}
CollectionAssert.AreEqual(aliceKeyMaterial, bobKeyMaterial);
}
public async Task EncryptAsyncTest()
{
var rijndaelManaged = new RijndaelManaged();
_algFactory.Setup(x => x.Create(SymmetricAlgorithmType.Rijndael)).Returns(rijndaelManaged).Verifiable();
var inBytes = new byte[] {1, 2, 3, 4, 5};
var service = new SymmetricCryptoService(_algFactory.Object);
using (var msIn = new MemoryStream(inBytes))
using (var msOut = new MemoryStream())
using (var msDec = new MemoryStream())
{
await service.EncryptAsync(msIn, msOut, FullKey, SymmetricAlgorithmType.Rijndael);
var outBytes = msOut.ToArray();
CollectionAssert.AreNotEqual(inBytes, outBytes);
using (var rm = new RijndaelManaged())
using (var cs = new CryptoStream(new MemoryStream(outBytes), rm.CreateDecryptor(Key, IV), CryptoStreamMode.Read))
{
await cs.CopyToAsync(msDec);
}
CollectionAssert.AreEqual(inBytes, msDec.ToArray());
}
}
