}//end decrpypt from bytes
/*
* verifyHMAC(byte[] key, byte[] storedHMAC, byte[] combinedData)
* Code here modified from: https://docs.microsoft.com/en-us/dotnet/api/
* system.security.cryptography.aes?view=netframework-4.8
* key : the encryption key
* storeHMAC : the parsed hmac from before to compare for hack
* combinedData : IV and encrypted data
* output: hacked : true or false
*/
public static bool verifyHMAC(byte[] key, byte[] storedHMAC, byte[] combinedData)
{
bool hacked = false;
// Initialize the keyed hash object.
byte[] computedHash = HMAC_Gen.HMAC_Signature(key, combinedData);
//loop through size of hash
for (int i = 0; i < storedHMAC.Length; i++)
{
if (computedHash[i] != storedHMAC[i])
{
hacked = true;
} //end if hacked
} //end loopp
if (hacked)
{
Console.WriteLine("Hash values differ! Signed file has been tampered with!\n");
return(false);
}//end if hacked
//must not be hacked
else
{
Console.WriteLine("Hash values agree -- no tampering occurred.\n");
return(true);
} //end not hacked
} //end VerifyFile
/*
* encrypt(byte[] dataToEncrypt, byte[] key, byte[] metaData, byte[] hmac_key, string signedFile)
* Code here modified from: https://docs.microsoft.com/en-us/dotnet/api/
* system.security.cryptography.aes?view=netframework-4.8
* key : the encryption key
* metadata : holds information about algorithm and iterations for decryption
* hmac_key : hmac key for creating a mac signature
* signedFile : location of the encrypted file at endstate
* output: []byte : dataStruct : [metadata][hmac][iv][encrypted data]
*/
public byte[] encrypt(byte[] dataToEncrypt, byte[] encryptedKey, byte[] metaData, byte[] HMAC_key, string signedFile)
{
//varaibles for enctrypted data and iv
byte[] encrypted = new byte[dataToEncrypt.Length];
byte[] IV;
//Use AES to create encryption
using (Aes aes_enc = Aes.Create())
{
aes_enc.Mode = CipherMode.CBC; //for CBC mode
if (encryptedKey.Length == 8)
{
aes_enc.BlockSize = 64;
}
aes_enc.BlockSize = 128;
aes_enc.Key = encryptedKey;
aes_enc.Padding = PaddingMode.PKCS7;
aes_enc.GenerateIV(); //for random IV
IV = aes_enc.IV;
//STUB LINE : FOR VERIFICATION AND GRADING ONLY TODO: DELETE
//Console.WriteLine("Original input IV {0}", Convert.ToBase64String(IV));
//use memory stream / crypto stream to encrypt data
var encryptor = aes_enc.CreateEncryptor(aes_enc.Key, aes_enc.IV);
using (var msEncrypt = new MemoryStream())
{
using (var csEncrypt = new CryptoStream(msEncrypt, encryptor, CryptoStreamMode.Write))
{
csEncrypt.Write(dataToEncrypt, 0, dataToEncrypt.Length);
csEncrypt.Close();
} //end cryptostream
encrypted = msEncrypt.ToArray();
} //end memory stream
} //end aes encrypt
//Combine IV and encrypted bytes to compute hash
var combinedIvEncrypted = new byte[IV.Length + encrypted.Length];
Array.Copy(IV, 0, combinedIvEncrypted, 0, IV.Length);
Array.Copy(encrypted, 0, combinedIvEncrypted, IV.Length, encrypted.Length);
//get the HMAC of the IV and encrypted data
byte[] mac = HMAC_Gen.HMAC_Signature(HMAC_key, combinedIvEncrypted);
this.hmacLength = mac.Length;
//TODO: STUB
//Console.WriteLine("Original output encryptedData {0}", Convert.ToBase64String(encrypted));
// Create data structure to hold metadata hmac iv and encrypted data
var dataStruct = new byte[metaData.Length + mac.Length + IV.Length + encrypted.Length];
Array.Copy(metaData, 0, dataStruct, 0, metaData.Length);
Array.Copy(mac, 0, dataStruct, metaData.Length, mac.Length);
Array.Copy(IV, 0, dataStruct, metaData.Length + mac.Length, IV.Length);
Array.Copy(encrypted, 0, dataStruct, metaData.Length + mac.Length + IV.Length, encrypted.Length);
this.metaDataLength = metaData.Length;
this.encryptedDataLength = encrypted.Length;
this.IVLength = IV.Length;
//TODO: STUB
// Console.WriteLine("Encrypted Structure Created:\nMetadata length {0} HMAC length {1} IV length {2} Encrytped Data length {3}\nEncrypted File with .enc located in root folder.", metaData.Length, mac.Length, IV.Length, encrypted.Length);
//Write encrypted structure to file
File.WriteAllBytes(signedFile, dataStruct);
// Return the encrypted bytes from the memory stream.
return(dataStruct);
} //end encrypt
