/// <summary>
/// Dencrypt the string with Shared secret
/// </summary>
/// <param name="emessage">Message to decrypt</param>
/// <param name="bobAddress">Receiver Neblio Address</param>
/// <param name="key">Shared secret key</param>
/// <returns></returns>
public static async Task <(bool, string)> DecryptStringWithSharedSecretWithKey(string emessage, string bobAddress, string key)
{
if (string.IsNullOrEmpty(emessage))
{
return(false, "Message cannot be empty or null.");
}
if (string.IsNullOrEmpty(bobAddress))
{
return(false, "Partner Address cannot be empty or null.");
}
if (string.IsNullOrEmpty(key))
{
return(false, "Input secret cannot null.");
}
try
{
var mesage = SymetricProvider.DecryptString(key, emessage);
return(true, mesage);
}
catch (Exception ex)
{
Console.WriteLine("Cannot decrypt message. " + ex.Message);
return(false, "Cannot decrypt message. " + ex.Message);
}
}
/// <summary>
/// This is confusing, sorry will be renamed soon
/// It returns decrypted key if the pass is loaded.
/// If the pass is not loaded you need to provide pass
/// If you want encrypted form of the key select returnEncrypted=true
/// </summary>
/// <param name="password">fill if the pass is not loaded and you need decrypted key</param>
/// <param name="returnEncrypted">set true for return enrcypted form of key</param>
/// <returns></returns>
public string GetEncryptedKey(string password = "", bool returnEncrypted = false)
{
if (returnEncrypted)
{
return(_key);
}
if (passwordLoaded && string.IsNullOrEmpty(password))
{
password = loadedPassword;
}
if (!passwordLoaded && string.IsNullOrEmpty(password))
{
return(null);
}
if (!string.IsNullOrEmpty(password))
{
return(SymetricProvider.DecryptString(password, _key));
}
else
{
if (!IsEncrypted)
{
return(_key);
}
else
{
return(null);
}
}
}
/// <summary>
/// Decrypt the bytes with Shared secret
/// </summary>
/// <param name="ebytes">Array of the bytes to decrypt</param>
/// <param name="bobAddress">Receiver Neblio Address</param>
/// <param name="secret">Neblio Private Key of the Sender in the form of BitcoinSecret</param>
/// <param name="sharedkey">Shared key from some previous call</param>
/// <returns></returns>
public static async Task <(bool, byte[])> DecryptBytesWithSharedSecret(byte[] ebytes, string bobAddress, BitcoinSecret secret, string sharedkey = "")
{
if (ebytes == null || ebytes.Length == 0)
{
throw new Exception("Input cannot be empty or null.");
}
if (string.IsNullOrEmpty(bobAddress))
{
throw new Exception("Partner Address cannot be empty or null.");
}
if (secret == null)
{
throw new Exception("Input secret cannot null.");
}
(bool, string)key = (false, "");
if (string.IsNullOrEmpty(sharedkey))
{
key = await GetSharedSecret(bobAddress, secret);
if (!key.Item1)
{
return(false, null);
}
}
else
{
key = (true, sharedkey);
}
try
{
var bytes = SymetricProvider.DecryptBytes(key.Item2, ebytes);
return(true, bytes);
}
catch (Exception ex)
{
Console.WriteLine("Cannot decrypt bytes. " + ex.Message);
return(false, null);
}
}
/// <summary>
/// Decrypt the string with Shared secret
/// </summary>
/// <param name="emessage">Message to decrypt</param>
/// <param name="bobAddress">Receiver Neblio Address</param>
/// <param name="secret">Neblio Private Key in form of the BitcoinSecret</param>
/// <param name="sharedkey">Shared key from some previous call</param>
/// <returns></returns>
public static async Task <(bool, string)> DecryptStringWithSharedSecret(string emessage, string bobAddress, BitcoinSecret secret, string sharedkey = "")
{
if (string.IsNullOrEmpty(emessage))
{
return(false, "Message cannot be empty or null.");
}
if (string.IsNullOrEmpty(bobAddress))
{
return(false, "Partner Address cannot be empty or null.");
}
if (secret == null)
{
return(false, "Input secret cannot null.");
}
(bool, string)key = (false, "");
if (string.IsNullOrEmpty(sharedkey))
{
key = await GetSharedSecret(bobAddress, secret);
if (!key.Item1)
{
return(key);
}
}
else
{
key = (true, sharedkey);
}
try
{
var mesage = SymetricProvider.DecryptString(key.Item2, emessage);
return(true, mesage);
}
catch (Exception ex)
{
Console.WriteLine("Cannot decrypt message. " + ex.Message);
return(false, "Cannot decrypt message. " + ex.Message);
}
}
/// <summary>
///
/// </summary>
/// <param name="message"></param>
/// <param name="key"></param>
/// <returns></returns>
/// <exception cref="ArgumentNullException"></exception>
public static byte[] EncryptBytesWithPublicKey(byte[] message, PubKey key)
{
if (message is null)
{
throw new ArgumentNullException(nameof(message));
}
var ephemeral = new Key();
var sharedKey = NBitcoin.Crypto.Hashes.SHA512(key.GetSharedPubkey(ephemeral).ToBytes());
var iv = sharedKey.SafeSubarray(0, 16);
var encryptionKey = sharedKey.SafeSubarray(16, 16);
var hashingKey = sharedKey.SafeSubarray(32);
//var aes = new AesBuilder().SetKey(encryptionKey).SetIv(iv).IsUsedForEncryption(true).Build();
//var cipherText = aes.Process(message, 0, message.Length);
var cipherText = SymetricProvider.EncryptBytes(encryptionKey, message, iv);
var ephemeralPubkeyBytes = ephemeral.PubKey.ToBytes();
var encrypted = Encoders.ASCII.DecodeData("BIE1").Concat(ephemeralPubkeyBytes, cipherText);
var hashMAC = HMACSHA256(hashingKey, encrypted);
return(encrypted.Concat(hashMAC));
}
/// <summary>
///
/// </summary>
/// <param name="encrypted"></param>
/// <param name="privateKey"></param>
/// <returns></returns>
/// <exception cref="ArgumentNullException"></exception>
/// <exception cref="ArgumentException"></exception>
public static byte[] DecryptBytesWithPrivateKey(byte[] encrypted, Key privateKey)
{
if (encrypted is null)
{
throw new ArgumentNullException(nameof(encrypted));
}
if (encrypted.Length < 85)
{
throw new ArgumentException("Encrypted text is invalid, it should be length >= 85.");
}
var magic = encrypted.SafeSubarray(0, 4);
var ephemeralPubkeyBytes = encrypted.SafeSubarray(4, 33);
var cipherText = encrypted.SafeSubarray(37, encrypted.Length - 32 - 37);
var mac = encrypted.SafeSubarray(encrypted.Length - 32);
if (!Utils.ArrayEqual(magic, Encoders.ASCII.DecodeData("BIE1")))
{
throw new ArgumentException("Encrypted text is invalid, Invalid magic number.");
}
var ephemeralPubkey = new PubKey(ephemeralPubkeyBytes);
var sharedKey = NBitcoin.Crypto.Hashes.SHA512(ephemeralPubkey.GetSharedPubkey(privateKey).ToBytes());
var iv = sharedKey.SafeSubarray(0, 16);
var encryptionKey = sharedKey.SafeSubarray(16, 16);
var hashingKey = sharedKey.SafeSubarray(32);
var hashMAC = HMACSHA256(hashingKey, encrypted.SafeSubarray(0, encrypted.Length - 32));
if (!Utils.ArrayEqual(mac, hashMAC))
{
throw new ArgumentException("Encrypted text is invalid, Invalid mac.");
}
var message = SymetricProvider.DecryptBytes(encryptionKey, cipherText, iv);
return(message);
}
/// <summary>
/// Load the key and password.
/// Same logic as constructor of this class
/// </summary>
/// <param name="key"></param>
/// <param name="password"></param>
/// <param name="fromDb"></param>
/// <returns></returns>
public async Task <bool> LoadNewKey(string key, string password = "", bool fromDb = false)
{
if (string.IsNullOrEmpty(key))
{
return(false);
}
if (fromDb)
{
_key = key;
return(true);
}
if (!string.IsNullOrEmpty(password))
{
loadedPassword = password;
passwordLoaded = true;
_key = SymetricProvider.EncryptString(password, key);
IsEncrypted = true;
return(true);
}
else
{
_key = key;
IsEncrypted = false;
if (!string.IsNullOrEmpty(password))
{
loadedPassword = string.Empty;
}
else
{
loadedPassword = password;
}
passwordLoaded = true;
return(true);
}
}
