/// <summary>
/// 以ECC演算法加密資料
/// </summary>
/// <param name="originalData">原始資料</param>
/// <param name="anotherPubKey">解密者使用的公鑰資料</param>
/// <param name="derivation">The derivation parameter for the KDF function.</param>
/// <param name="encoding">The encoding parameter for the KDF function.</param>
public byte[] EncryptData(byte[] originalData, byte[] anotherPubKey, byte[] derivation, byte[] encoding)
{
if (_ecLocalKeyPair == null)
{
Debug.WriteLine(String.Format("[EncryptData] Local key pair not create."));
return(null);
}
byte[] ret = null;
//ECPublicKeyParameters = public key header(24byte) + another public key(key field size - 24byte,)
byte[] anoPubKeyInfoBytes = ArrayHelpers.ConcatArrays(this.PubKeyHeaderBytes, anotherPubKey);
ECPublicKeyParameters anoPubKeyParam = PublicKeyFactory.CreateKey(anoPubKeyInfoBytes) as ECPublicKeyParameters;
IesEngine ies = new IesEngine(
new ECDHBasicAgreement(),
new Kdf2BytesGenerator(new Sha256Digest()),
new HMac(new Sha256Digest()));
IesParameters iesParam = new IesParameters(derivation, encoding, 256);
try
{
ies.Init(true, _ecLocalKeyPair.Private, anoPubKeyParam, iesParam);
ret = ies.ProcessBlock(originalData, 0, originalData.Length);
}
catch (Exception e)
{
Debug.WriteLine(String.Format("[EncryptData] Init IES Enging fail:{0}", e.Message));
return(null);
}
return(ret);
}
/// <summary>
/// 解密函数
/// </summary>
/// <param name="privKey">椭圆曲线私钥</param>
/// <param name="pubRand">加密所用随机密钥对的公钥</param>
/// <param name="ciphertext">密文</param>
/// <returns>明文</returns>
public byte[] Decrypt(ECPrivateKeyParameters privKey, ECPublicKeyParameters pubRand, byte[] ciphertext)
{
IesEngine engine = IesEngineFactory();
engine.Init(false, privKey, pubRand, iesParam);
return(engine.ProcessBlock(ciphertext, 0, ciphertext.Length));
}
/// <summary>
/// 加密函数
/// </summary>
/// <param name="pubKey">椭圆曲线公钥</param>
/// <param name="privRand">一个随机密钥对的私钥</param>
/// <param name="message">明文</param>
/// <returns>密文</returns>
public byte[] Encrypt(ECPublicKeyParameters pubKey, ECPrivateKeyParameters privRand, byte[] message)
{
IesEngine engine = IesEngineFactory();
engine.Init(true, privRand, pubKey, iesParam);
return(engine.ProcessBlock(message, 0, message.Length));
}
//----------------------------------------------------------------------------------
public virtual void Init(
bool forEncryption,
ICipherParameters privParameters,
ICipherParameters pubParameters,
ICipherParameters iesParameters)
{
engine.Init(this.forEncryption = forEncryption, privParameters, pubParameters, iesParameters);
}
protected static IesEngine CreateCipherEngine(bool encrypt, ICipherParameters privParameters, ICipherParameters pubParameters)
{
var engine = new IesEngine(
new ECDHBasicAgreement(),
new Kdf2BytesGenerator(new Sha256Digest()),
new HMac(new Sha256Digest()),
new PaddedBufferedBlockCipher(new CbcBlockCipher(new AesFastEngine())));
var parameterSpec = new IesWithCipherParameters(derivation, encoding, 256, 256);
engine.Init(encrypt, privParameters, pubParameters, parameterSpec);
return(engine);
}
/// <summary>
///
/// </summary>
/// <param name="forEncryption"></param>
/// <param name="publicKeyBytes"></param>
/// <returns></returns>
protected IesEngine CreateIesEngine(bool forEncryption, byte[] publicKeyBytes)
{
// TODO ensure parameters are safe enough
IesEngine iesEngine = new IesEngine(new ECDHBasicAgreement(), new Kdf2BytesGenerator(new Sha1Digest()), new HMac(new Sha1Digest()));
byte[] d = new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 };
byte[] e = new byte[] { 8, 7, 6, 5, 4, 3, 2, 1 };
IesParameters parameters = new IesParameters(d, e, 64);
ECPublicKeyParameters publicKey = new ECPublicKeyParameters(X9.Curve.DecodePoint(publicKeyBytes), EcSpec);
iesEngine.Init(forEncryption, KeyPair.Private, (AsymmetricKeyParameter)publicKey, parameters);
return(iesEngine);
}
public static string DecryptElliptical(this string data, string publicKey, string myPrivateKey)
{
var d = new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 };
var e = new byte[] { 8, 7, 6, 5, 4, 3, 2, 1 };
var p = new IesWithCipherParameters(d, e, 64, 128);
IesEngine e2 = new IesEngine(
new ECDHBasicAgreement(),
new Kdf2BytesGenerator(new Sha1Digest()),
new HMac(new Sha256Digest()), // #1
new PaddedBufferedBlockCipher(new CbcBlockCipher(new AesEngine()))); // #6
e2.Init(false, ConvertPrivateToParameters(myPrivateKey), ConvertPublicToParameters(publicKey), p);
var bytes = Convert.FromBase64String(data);
return(Encoding.UTF8.GetString(e2.ProcessBlock(bytes, 0, bytes.Length)));
}
public static string EncryptElliptical(this string data, string publicKey, string myPrivateKey)
{
IesEngine e1 = new IesEngine(
new ECDHBasicAgreement(),
new Kdf2BytesGenerator(new Sha1Digest()),
new HMac(new Sha256Digest()), // #1
new PaddedBufferedBlockCipher(new CbcBlockCipher(new AesEngine()))); // #6
var d = new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 };
var e = new byte[] { 8, 7, 6, 5, 4, 3, 2, 1 };
var p = new IesWithCipherParameters(d, e, 64, 128);
//IesWithCipherParameters parameterSpec = new IesWithCipherParameters(null, null, 256, 256);
e1.Init(true, ConvertPrivateToParameters(myPrivateKey), ConvertPublicToParameters(publicKey), p);
byte[] bytes = Encoding.UTF8.GetBytes(data);
return(Convert.ToBase64String(e1.ProcessBlock(bytes, 0, bytes.Length)));
////BufferedIesCipher c1 = new BufferedIesCipher(e1);
////c1.engineSetMode("DHAES");
////c1.Init(true, keyParameters);
////var ciphertext = c1.DoFinal(Encoding.UTF8.GetBytes(@"test"));
//IesEngine e2 = new IesEngine(
// new ECDHBasicAgreement(),
// new Kdf2BytesGenerator(new Sha1Digest()),
// new HMac(new Sha256Digest()), // #1
// new PaddedBufferedBlockCipher(new CbcBlockCipher(new AesEngine()))); // #6
//e2.Init(false, privateParameters, publicParameters, p);
//var result = e2.ProcessBlock(ct, 0, ct.Length);
//var text = Encoding.UTF8.GetString(result);
////IesParameterSpec parameterSpec = new IESParameterSpec(null, null, macKeySize, cipherKeySize);
////byte[] pubaddr = new byte[65];
////byte[] Y = dd.Y.ToBigInteger().ToByteArray();
////Array.Copy(Y, 0, pubaddr, 64 - Y.Length + 1, Y.Length);
////byte[] X = dd.X.ToBigInteger().ToByteArray();
////Array.Copy(X, 0, pubaddr, 32 - X.Length + 1, X.Length);
////pubaddr[0] = 4;
//return null;
}
private void StaticTest()
{
FpCurve curve = new FpCurve(
new BigInteger("6277101735386680763835789423207666416083908700390324961279"), // q
new BigInteger("fffffffffffffffffffffffffffffffefffffffffffffffc", 16), // a
new BigInteger("64210519e59c80e70fa7e9ab72243049feb8deecc146b9b1", 16)); // b
ECDomainParameters parameters = new ECDomainParameters(
curve,
curve.DecodePoint(Hex.Decode("03188da80eb03090f67cbf20eb43a18800f4ff0afd82ff1012")), // G
new BigInteger("6277101735386680763835789423176059013767194773182842284081")); // n
ECPrivateKeyParameters priKey = new ECPrivateKeyParameters(
"ECDH",
new BigInteger("651056770906015076056810763456358567190100156695615665659"), // d
parameters);
ECPublicKeyParameters pubKey = new ECPublicKeyParameters(
"ECDH",
curve.DecodePoint(Hex.Decode("0262b12d60690cdcf330babab6e69763b471f994dd702d16a5")), // Q
parameters);
AsymmetricCipherKeyPair p1 = new AsymmetricCipherKeyPair(pubKey, priKey);
AsymmetricCipherKeyPair p2 = new AsymmetricCipherKeyPair(pubKey, priKey);
//
// stream test
//
IesEngine i1 = new IesEngine(
new ECDHBasicAgreement(),
new Kdf2BytesGenerator(new Sha1Digest()),
new HMac(new Sha1Digest()));
IesEngine i2 = new IesEngine(
new ECDHBasicAgreement(),
new Kdf2BytesGenerator(new Sha1Digest()),
new HMac(new Sha1Digest()));
byte[] d = new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 };
byte[] e = new byte[] { 8, 7, 6, 5, 4, 3, 2, 1 };
IesParameters p = new IesParameters(d, e, 64);
i1.Init(true, p1.Private, p2.Public, p);
i2.Init(false, p2.Private, p1.Public, p);
byte[] message = Hex.Decode("1234567890abcdef");
byte[] out1 = i1.ProcessBlock(message, 0, message.Length);
if (!AreEqual(out1, Hex.Decode("2442ae1fbf90dd9c06b0dcc3b27e69bd11c9aee4ad4cfc9e50eceb44")))
{
Fail("stream cipher test failed on enc");
}
byte[] out2 = i2.ProcessBlock(out1, 0, out1.Length);
if (!AreEqual(out2, message))
{
Fail("stream cipher test failed");
}
//
// twofish with CBC
//
BufferedBlockCipher c1 = new PaddedBufferedBlockCipher(
new CbcBlockCipher(new TwofishEngine()));
BufferedBlockCipher c2 = new PaddedBufferedBlockCipher(
new CbcBlockCipher(new TwofishEngine()));
i1 = new IesEngine(
new ECDHBasicAgreement(),
new Kdf2BytesGenerator(new Sha1Digest()),
new HMac(new Sha1Digest()),
c1);
i2 = new IesEngine(
new ECDHBasicAgreement(),
new Kdf2BytesGenerator(new Sha1Digest()),
new HMac(new Sha1Digest()),
c2);
d = new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 };
e = new byte[] { 8, 7, 6, 5, 4, 3, 2, 1 };
p = new IesWithCipherParameters(d, e, 64, 128);
i1.Init(true, p1.Private, p2.Public, p);
i2.Init(false, p2.Private, p1.Public, p);
message = Hex.Decode("1234567890abcdef");
out1 = i1.ProcessBlock(message, 0, message.Length);
if (!AreEqual(out1, Hex.Decode("2ea288651e21576215f2424bbb3f68816e282e3931b44bd1c429ebdb5f1b290cf1b13309")))
{
Fail("twofish cipher test failed on enc");
}
out2 = i2.ProcessBlock(out1, 0, out1.Length);
if (!AreEqual(out2, message))
{
Fail("twofish cipher test failed");
}
}
private void DoTest(
AsymmetricCipherKeyPair p1,
AsymmetricCipherKeyPair p2)
{
//
// stream test
//
IesEngine i1 = new IesEngine(
new ECDHBasicAgreement(),
new Kdf2BytesGenerator(new Sha1Digest()),
new HMac(new Sha1Digest()));
IesEngine i2 = new IesEngine(
new ECDHBasicAgreement(),
new Kdf2BytesGenerator(new Sha1Digest()),
new HMac(new Sha1Digest()));
byte[] d = new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 };
byte[] e = new byte[] { 8, 7, 6, 5, 4, 3, 2, 1 };
IesParameters p = new IesParameters(d, e, 64);
i1.Init(true, p1.Private, p2.Public, p);
i2.Init(false, p2.Private, p1.Public, p);
byte[] message = Hex.Decode("1234567890abcdef");
byte[] out1 = i1.ProcessBlock(message, 0, message.Length);
byte[] out2 = i2.ProcessBlock(out1, 0, out1.Length);
if (!AreEqual(out2, message))
{
Fail("stream cipher test failed");
}
//
// twofish with CBC
//
BufferedBlockCipher c1 = new PaddedBufferedBlockCipher(
new CbcBlockCipher(new TwofishEngine()));
BufferedBlockCipher c2 = new PaddedBufferedBlockCipher(
new CbcBlockCipher(new TwofishEngine()));
i1 = new IesEngine(
new ECDHBasicAgreement(),
new Kdf2BytesGenerator(new Sha1Digest()),
new HMac(new Sha1Digest()),
c1);
i2 = new IesEngine(
new ECDHBasicAgreement(),
new Kdf2BytesGenerator(new Sha1Digest()),
new HMac(new Sha1Digest()),
c2);
d = new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 };
e = new byte[] { 8, 7, 6, 5, 4, 3, 2, 1 };
p = new IesWithCipherParameters(d, e, 64, 128);
i1.Init(true, p1.Private, p2.Public, p);
i2.Init(false, p2.Private, p1.Public, p);
message = Hex.Decode("1234567890abcdef");
out1 = i1.ProcessBlock(message, 0, message.Length);
out2 = i2.ProcessBlock(out1, 0, out1.Length);
if (!AreEqual(out2, message))
{
Fail("twofish cipher test failed");
}
}
private void StaticTest()
{
BigInteger n = new BigInteger("6277101735386680763835789423176059013767194773182842284081");
FpCurve curve = new FpCurve(
new BigInteger("6277101735386680763835789423207666416083908700390324961279"), // q
new BigInteger("fffffffffffffffffffffffffffffffefffffffffffffffc", 16), // a
new BigInteger("64210519e59c80e70fa7e9ab72243049feb8deecc146b9b1", 16), // b
n, BigInteger.One);
ECDomainParameters parameters = new ECDomainParameters(
curve,
curve.DecodePoint(Hex.Decode("03188da80eb03090f67cbf20eb43a18800f4ff0afd82ff1012")), // G
n, BigInteger.One);
ECPrivateKeyParameters priKey = new ECPrivateKeyParameters(
"ECDH",
new BigInteger("651056770906015076056810763456358567190100156695615665659"), // d
parameters);
ECPublicKeyParameters pubKey = new ECPublicKeyParameters(
"ECDH",
curve.DecodePoint(Hex.Decode("0262b12d60690cdcf330babab6e69763b471f994dd702d16a5")), // Q
parameters);
AsymmetricCipherKeyPair p1 = new AsymmetricCipherKeyPair(pubKey, priKey);
AsymmetricCipherKeyPair p2 = new AsymmetricCipherKeyPair(pubKey, priKey);
//
// stream test
//
IesEngine i1 = new IesEngine(
new ECDHBasicAgreement(),
new Kdf2BytesGenerator(new Sha1Digest()),
new HMac(new Sha1Digest()));
IesEngine i2 = new IesEngine(
new ECDHBasicAgreement(),
new Kdf2BytesGenerator(new Sha1Digest()),
new HMac(new Sha1Digest()));
byte[] d = new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 };
byte[] e = new byte[] { 8, 7, 6, 5, 4, 3, 2, 1 };
IesParameters p = new IesParameters(d, e, 64);
i1.Init(true, p1.Private, p2.Public, p);
i2.Init(false, p2.Private, p1.Public, p);
byte[] message = Hex.Decode("1234567890abcdef");
byte[] out1 = i1.ProcessBlock(message, 0, message.Length);
if (!AreEqual(out1, Hex.Decode("468d89877e8238802403ec4cb6b329faeccfa6f3a730f2cdb3c0a8e8")))
{
Fail("stream cipher test failed on enc");
}
byte[] out2 = i2.ProcessBlock(out1, 0, out1.Length);
if (!AreEqual(out2, message))
{
Fail("stream cipher test failed");
}
//
// twofish with CBC
//
BufferedBlockCipher c1 = new PaddedBufferedBlockCipher(
new CbcBlockCipher(new TwofishEngine()));
BufferedBlockCipher c2 = new PaddedBufferedBlockCipher(
new CbcBlockCipher(new TwofishEngine()));
i1 = new IesEngine(
new ECDHBasicAgreement(),
new Kdf2BytesGenerator(new Sha1Digest()),
new HMac(new Sha1Digest()),
c1);
i2 = new IesEngine(
new ECDHBasicAgreement(),
new Kdf2BytesGenerator(new Sha1Digest()),
new HMac(new Sha1Digest()),
c2);
d = new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 };
e = new byte[] { 8, 7, 6, 5, 4, 3, 2, 1 };
p = new IesWithCipherParameters(d, e, 64, 128);
i1.Init(true, p1.Private, p2.Public, p);
i2.Init(false, p2.Private, p1.Public, p);
message = Hex.Decode("1234567890abcdef");
out1 = i1.ProcessBlock(message, 0, message.Length);
if (!AreEqual(out1, Hex.Decode("b8a06ea5c2b9df28b58a0a90a734cde8c9c02903e5c220021fe4417410d1e53a32a71696")))
{
Fail("twofish cipher test failed on enc");
}
out2 = i2.ProcessBlock(out1, 0, out1.Length);
if (!AreEqual(out2, message))
{
Fail("twofish cipher test failed");
}
}
public override void Init(bool forEncryption, ICipherParameters parameters)
{
_engine.Init(forEncryption, parameters);
}