public OpenSafeViewModel(
INavigationService navigationService,
ILanguageService languageService,
ISvgIconService svgIconService,
IThemeService themeService,
IBaseUrlService webviewBaseUrl,
IFeedbackService feedbackService,
ICryptoRandomService randomService,
ISettingsService settingsService,
IRepositoryStorageService repositoryService,
Navigation navigationTarget)
: base(navigationService, languageService, svgIconService, themeService, webviewBaseUrl)
{
_feedbackService = feedbackService ?? throw new ArgumentNullException(nameof(feedbackService));
_randomService = randomService;
_settingsService = settingsService;
_repositoryService = repositoryService;
_navigationTarget = navigationTarget;
_repositoryService.LoadRepositoryOrDefault(out NoteRepositoryModel noteRepository);
Model = noteRepository;
GoBackCommand = new RelayCommand(GoBack);
CancelCommand = new RelayCommand(Cancel);
OkCommand = new RelayCommand(Ok);
ResetSafeCommand = new RelayCommand(ResetSafe);
}
/// <summary>
/// Generates a new transfer code.
/// </summary>
/// <param name="length">Length of the code.</param>
/// <param name="randomSource">Cryptographically safe random generator.</param>
/// <returns>New transfer code.</returns>
public static string GenerateCode(int length, ICryptoRandomService randomSource)
{
StringBuilder sb = new StringBuilder();
int remainingLength = length;
do
{
int binaryLength = (int)Math.Floor((remainingLength * 3.0 / 4.0) + 1.0);
byte[] binaryString = randomSource.GetRandomBytes(binaryLength);
// We take advantage of the fast base64 encoding
string base64String = Convert.ToBase64String(binaryString).ToLowerInvariant();
foreach (char letter in base64String)
{
if (IsOfCorrectAlphabet(letter))
{
sb.Append(letter);
}
}
// If too many characters have been removed, we repeat the procedure
remainingLength = length - sb.Length;
}while (remainingLength > 0);
if (sb.Length > length)
{
sb.Remove(length, sb.Length - length);
}
return(sb.ToString());
}
public void GenerateRandomBase62StringGeneratesValidStrings()
{
ICryptoRandomService randomGenerator = CommonMocksAndStubs.CryptoRandomService();
// check if length always matches the required length
for (int length = 0; length < 300; length++)
{
string randomString = CryptoUtils.GenerateRandomBase62String(length, randomGenerator);
Assert.AreEqual(length, randomString.Length);
Assert.IsTrue(IsInBase62Alphabet(randomString));
}
}
public void CryptorWorksWithPassword()
{
ICryptoRandomService randomGenerator = CommonMocksAndStubs.CryptoRandomService();
ICryptor encryptor = new Cryptor("sugus", randomGenerator);
string message = "Der schnelle Fuchs stolpert über den faulen Hund.";
byte[] binaryMessage = CryptoUtils.StringToBytes(message);
SecureString password = CryptoUtils.StringToSecureString("Der schnelle Uhu fliegt über den faulen Hund.");
byte[] cipher = encryptor.Encrypt(binaryMessage, password, KeyDerivationCostType.Low, BouncyCastleTwofishGcm.CryptoAlgorithmName);
byte[] decryptedMessage = encryptor.Decrypt(cipher, password);
Assert.AreEqual(binaryMessage, decryptedMessage);
}
public void CryptorWorksWithKey()
{
ICryptoRandomService randomGenerator = CommonMocksAndStubs.CryptoRandomService();
ICryptor encryptor = new Cryptor("sugus", randomGenerator);
string message = "Der schnelle Fuchs stolpert über den faulen Hund.";
byte[] binaryMessage = CryptoUtils.StringToBytes(message);
byte[] key = randomGenerator.GetRandomBytes(32);
byte[] cipher = encryptor.Encrypt(binaryMessage, key, BouncyCastleTwofishGcm.CryptoAlgorithmName);
byte[] decryptedMessage = encryptor.Decrypt(cipher, key);
Assert.AreEqual(binaryMessage, decryptedMessage);
}
private void TestSymmetricEncryptionWithLongMessage(ISymmetricEncryptionAlgorithm encryptor)
{
ICryptoRandomService randomGenerator = CommonMocksAndStubs.CryptoRandomService();
byte[] key = randomGenerator.GetRandomBytes(encryptor.ExpectedKeySize);
byte[] nonce = randomGenerator.GetRandomBytes(encryptor.ExpectedNonceSize);
byte[] message = randomGenerator.GetRandomBytes(1523687);
byte[] cipher = encryptor.Encrypt(message, key, nonce);
Assert.AreNotEqual(message, cipher);
byte[] message2 = encryptor.Decrypt(cipher, key, nonce);
Assert.AreEqual(message, message2);
}
public ShowCloudStorageAccountStep(
int stepId,
IStoryBoard storyBoard,
INavigationService navigationService,
INativeBrowserService nativeBrowserService,
ICryptoRandomService randomSource,
ICloudStorageClientFactory cloudStorageClientFactory)
: base(stepId, storyBoard)
{
_navigationService = navigationService;
_nativeBrowserService = nativeBrowserService;
_randomSource = randomSource;
_cloudStorageClientFactory = cloudStorageClientFactory;
}
public void CompressAndDecompressReturnsOriginalData()
{
ICryptoRandomService randomGenerator = CommonMocksAndStubs.CryptoRandomService();
int byteCount = 1;
while (byteCount < 1000)
{
byte[] data = randomGenerator.GetRandomBytes(byteCount);
byte[] compressedData = CompressUtils.Compress(data);
byte[] decompressedData = CompressUtils.Decompress(compressedData);
Assert.AreEqual(data, decompressedData);
byteCount = byteCount * 2;
}
}
private void TestSymmetricEncryptionWithShortMessage(ISymmetricEncryptionAlgorithm encryptor)
{
ICryptoRandomService randomGenerator = CommonMocksAndStubs.CryptoRandomService();
byte[] key = randomGenerator.GetRandomBytes(encryptor.ExpectedKeySize);
byte[] nonce = randomGenerator.GetRandomBytes(encryptor.ExpectedNonceSize);
string message = "Dies ist ein kurzer Text";
byte[] binaryMessage = CryptoUtils.StringToBytes(message);
byte[] cipher = encryptor.Encrypt(binaryMessage, key, nonce);
Assert.AreNotEqual(binaryMessage, cipher);
string message2 = CryptoUtils.BytesToString(encryptor.Decrypt(cipher, key, nonce));
Assert.AreEqual(message, message2);
}
/// <inheritdoc/>
public StoreMergedRepositoryAndQuitStep(
Enum stepId,
IStoryBoard storyBoard,
Guid noteId,
PullPushDirection direction,
ILanguageService languageService,
IFeedbackService feedbackService,
ISettingsService settingsService,
ICryptoRandomService randomService,
IRepositoryStorageService repositoryStorageService,
ICloudStorageClientFactory cloudStorageClientFactory)
: base(stepId, storyBoard, languageService, feedbackService, settingsService, randomService, repositoryStorageService, cloudStorageClientFactory)
{
_noteId = noteId;
_direction = direction;
}
public void UnknownAlgorithmThrows()
{
ICryptoRandomService randomGenerator = CommonMocksAndStubs.CryptoRandomService();
ICryptor encryptor = new Cryptor("sugus", randomGenerator);
byte[] binaryMessage = new byte[] { 88 };
SecureString password = CryptoUtils.StringToSecureString("unittestpwd");
Assert.Throws <CryptoException>(delegate
{
byte[] cipher = encryptor.Encrypt(
binaryMessage,
password,
KeyDerivationCostType.Low,
"InvalidAlgorithmName");
});
}
public void EnsureCompatibilityToLibsodiumXChaCha20()
{
// Ensure that a once stored cipher can always be decrypted even after changes in the liberary.
// This cypher was created with libsodium.
string base64Cipher = "q8w/Zotsi3ZJp2eaAnFmMiAGgko+N2TkNgunS5+bDRNqrBBoN+XMQPSt7ojO4ODMP3Rf3aoYMNeJFL2/ZqK3AngIuQ==";
byte[] cipher = CryptoUtils.Base64StringToBytes(base64Cipher);
ISymmetricEncryptionAlgorithm decryptor = new BouncyCastleXChaCha20();
ICryptoRandomService randomGenerator = CommonMocksAndStubs.CryptoRandomService(88);
byte[] key = randomGenerator.GetRandomBytes(decryptor.ExpectedKeySize);
byte[] nonce = randomGenerator.GetRandomBytes(decryptor.ExpectedNonceSize);
string decryptedMessage = CryptoUtils.BytesToString(decryptor.Decrypt(cipher, key, nonce));
Assert.AreEqual("The brown fox jumps over the lazy 🐢🖐🏿 doc.", decryptedMessage);
}
public StoreMergedRepositoryAndQuitStep(
int stepId,
IStoryBoard storyBoard,
ILanguageService languageService,
IFeedbackService feedbackService,
ISettingsService settingsService,
ICryptoRandomService randomService,
IRepositoryStorageService repositoryStorageService,
ICloudStorageClientFactory cloudStorageClientFactory)
: base(stepId, storyBoard)
{
_languageService = languageService;
_feedbackService = feedbackService;
_settingsService = settingsService;
_cryptoRandomService = randomService;
_repositoryStorageService = repositoryStorageService;
_cloudStorageClientFactory = cloudStorageClientFactory;
}
public void ObfuscationCanBeReversed()
{
SecureString obfuscationKey = CryptoUtils.StringToSecureString("A very strong passphrase...");
ICryptoRandomService randomGenerator = CommonMocksAndStubs.CryptoRandomService();
byte[] binaryMessage = randomGenerator.GetRandomBytes(100);
var obfuscatedMessage = CryptoUtils.Obfuscate(binaryMessage, obfuscationKey, randomGenerator);
var deobfuscatedMessage = CryptoUtils.Deobfuscate(obfuscatedMessage, obfuscationKey);
Assert.AreEqual(binaryMessage, deobfuscatedMessage);
string plaintextMessage = "welcome home";
string obfuscatedMessageText = CryptoUtils.Obfuscate(plaintextMessage, obfuscationKey, randomGenerator);
string deobfuscatedMessageText = CryptoUtils.Deobfuscate(obfuscatedMessageText, obfuscationKey);
Assert.AreEqual(plaintextMessage, deobfuscatedMessageText);
}
public void TestSymmetricEncryptionOfEmptyStringWithCompression()
{
ICryptoRandomService randomGenerator = CommonMocksAndStubs.CryptoRandomService(88);
ICryptor encryptor = new Cryptor("sugus", randomGenerator);
byte[] binaryMessage = CryptoUtils.StringToBytes(string.Empty);
SecureString password = CryptoUtils.StringToSecureString("Der schnelle Uhu fliegt über den faulen Hund.");
byte[] cipher = encryptor.Encrypt(
binaryMessage,
password,
KeyDerivationCostType.Low,
BouncyCastleTwofishGcm.CryptoAlgorithmName,
Pbkdf2.CryptoKdfName,
Cryptor.CompressionGzip);
byte[] decryptedMessage = encryptor.Decrypt(cipher, password);
Assert.AreEqual(binaryMessage, decryptedMessage);
}
public void CryptoPbkdf2()
{
const int KeyLength = 42;
IKeyDerivationFunction kdf = new Pbkdf2();
ICryptoRandomService randomGenerator = CommonMocksAndStubs.CryptoRandomService();
byte[] salt = randomGenerator.GetRandomBytes(kdf.ExpectedSaltSizeBytes);
int cost = kdf.RecommendedCost(KeyDerivationCostType.Low);
SecureString password = CryptoUtils.StringToSecureString("Das ist kein gutes Passwort");
byte[] key = kdf.DeriveKeyFromPassword(password, KeyLength, salt, cost);
Assert.AreEqual(KeyLength, key.Length);
// Same parameters must result in the same output
byte[] key2 = kdf.DeriveKeyFromPassword(password, KeyLength, salt, cost);
Assert.AreEqual(key, key2);
}
/// <summary>
/// Initializes a new instance of the <see cref="DropboxCloudStorageServiceUwp"/> class.
/// </summary>
public DropboxCloudStorageServiceUwp(ICryptoRandomService randomSource)
: base(new CloudStorageAccount {
CloudType = CloudStorageType.Dropbox
}, null, randomSource)
{
}
/// <summary>
/// Initializes a new instance of the <see cref="DataProtectionService"/> class.
/// </summary>
public DataProtectionService(Context applicationContext, ICryptoRandomService randomService)
{
_applicationContext = applicationContext;
_randomService = randomService;
}
/// <summary>
/// Generates a new transfer code.
/// </summary>
/// <param name="randomSource">Cryptographically safe random generator.</param>
/// <returns>New transfer code.</returns>
public static string GenerateCode(ICryptoRandomService randomSource)
{
return(GenerateCode(CodeLength, randomSource));
}
internal static byte[] EncryptRepository(NoteRepositoryModel repository, string transferCode, ICryptoRandomService randomService, string encryptionAlgorithm)
{
byte[] binaryRepository = XmlUtils.SerializeToXmlBytes(repository);
EncryptorDecryptor encryptor = new EncryptorDecryptor("SilentNotes");
// The key derivation cost is set to low, because we can be sure that the transferCode
// is a very strong password, and to not overload slow mobile devices.
return(encryptor.Encrypt(binaryRepository, transferCode, Crypto.KeyDerivation.KeyDerivationCostType.Low, randomService, encryptionAlgorithm));
}
internal static byte[] EncryptRepository(NoteRepositoryModel repository, string transferCode, ICryptoRandomService randomService, string encryptionAlgorithm)
{
byte[] binaryRepository = XmlUtils.SerializeToXmlBytes(repository);
ICryptor encryptor = new Cryptor("SilentNotes", randomService);
// The key derivation cost is set to low, because we can be sure that the transferCode
// is a very strong password, and to not overload slow mobile devices.
return(encryptor.Encrypt(
binaryRepository,
CryptoUtils.StringToSecureString(transferCode),
KeyDerivationCostType.Low,
encryptionAlgorithm,
Pbkdf2.CryptoKdfName,
Cryptor.CompressionGzip));
}
