private static void TestHybridWithIntegrityAndSignatures()
{
const string original = "Very secret and important information that must not fall in the hands of the enemy.";
var rsaParams = new RSAWithRSAParameterKey();
rsaParams.AssignNewKey();
var fullHybridEncryption = new FullHybridEncryption();
var digitalSignature = new DigitalSignatureFuncs();
digitalSignature.AssignNewKey();
try
{
var encryptedBlock = fullHybridEncryption.EncryptData(Encoding.UTF8.GetBytes(original), rsaParams, digitalSignature);
var decryptedBlock = fullHybridEncryption.DecryptData(encryptedBlock, rsaParams, digitalSignature);
Console.WriteLine($"Original Message: {original}");
Console.WriteLine($"Encrypted Block Data: {Convert.ToBase64String(encryptedBlock.EncryptedData)}");
Console.WriteLine($"Decrypted Block: {Convert.ToBase64String(decryptedBlock)}");
Console.WriteLine($"Decrypted Message: {Encoding.UTF8.GetString(decryptedBlock)}");
}
catch (CryptographicException ex)
{
Console.WriteLine($"Cryptographic Exception occured: {ex.Message}");
}
}
public EncryptedPacket EncryptData(byte[] original, RSAWithRSAParameterKey rsaParams, DigitalSignatureFuncs digitalSignature)
{
// Generate our session key
var sessionKey = _aes.GenerateRandomNumber(32);
// Create the encrypted packet and generate the IV
var encryptedPacket = new EncryptedPacket
{
IV = _aes.GenerateRandomNumber(16)
};
// Encrypt our data with AES
encryptedPacket.EncryptedData = _aes.Encrypt(original, sessionKey, encryptedPacket.IV);
// Encrypt the session key with RSA
encryptedPacket.EncryptedSessionKey = rsaParams.EncryptData(sessionKey);
// Calculate a HMAC
encryptedPacket.HMAC = HMac.ComputeHMACSha256(encryptedPacket.EncryptedData, sessionKey);
// Generate digital signature of packet to send
encryptedPacket.Signature = digitalSignature.SignData(encryptedPacket.HMAC);
return(encryptedPacket);
}
public static string DecryptData(EncryptedPacket encryptedPacket, RSAWithRSAParameterKey rsaParams)
{
var aes = new AesEncryption();
// Decrypt AES key with RSA and then decrypt data with AES.
var decryptedSessionKey = rsaParams.DecryptData(encryptedPacket.EncryptedSessionKey);
var decryptedData = aes.Decrypt(encryptedPacket.EncryptedData, decryptedSessionKey, encryptedPacket.Iv);
return(Encoding.UTF8.GetString(decryptedData));
}
public byte[] DecryptData(EncryptedPacket encryptedPacket, RSAWithRSAParameterKey rsaParams)
{
var decryptedSessionKey = rsaParams.DecryptData(encryptedPacket.EncryptedSessionKey);
var decryptedData = _aes.Decrypt(encryptedPacket.EncryptedData, decryptedSessionKey,
encryptedPacket.Iv, encryptedPacket.Tag, null);
return(decryptedData);
}
public byte[] DecryptData(EncryptedPacket encryptedPacket, RSAWithRSAParameterKey rsaParams)
{
// Decrypt AES Key with RSA.
var decryptedSessionKey = rsaParams.DecryptData(encryptedPacket.EncryptedSessionKey);
// Decrypt our data with AES using the decrypted session key.
var decryptedData = _aes.Decrypt(encryptedPacket.EncryptedData,
decryptedSessionKey, encryptedPacket.Iv);
return(decryptedData);
}
public static EncryptedPacket EncryptData(string original, RSAWithRSAParameterKey rsaParams)
{
var aes = new AesEncryption();
var sessionKey = RandomCryptography.Random.GenerateRandomNumber(32);
var encryptedPacket = new EncryptedPacket
{
Iv = RandomCryptography.Random.GenerateRandomNumber(16)
};
// Encrypt data with AES and AES key with RSA.
encryptedPacket.EncryptedData = aes.Encrypt(Encoding.UTF8.GetBytes(original), sessionKey, encryptedPacket.Iv);
encryptedPacket.EncryptedSessionKey = rsaParams.EncryptData(sessionKey);
return(encryptedPacket);
}
private static void TestRSAWithRSAParameterKey()
{
var rsaParams = new RSAWithRSAParameterKey();
const string original = "Text to encrypt";
rsaParams.AssignNewKey();
var encryptedRSAParams = rsaParams.EncryptData(Encoding.UTF8.GetBytes(original));
var decryptedRSAParams = rsaParams.DecryptData(encryptedRSAParams);
Console.WriteLine($"Original Text: {original}");
Console.WriteLine($"Encrypted RSA Params: {Convert.ToBase64String(encryptedRSAParams)}");
Console.WriteLine($"Decrypted RSA Params: {Convert.ToBase64String(decryptedRSAParams)}");
Console.WriteLine($"Decrypted Text: {Encoding.Default.GetString(decryptedRSAParams)}");
}
public byte[] DecryptData(EncryptedPacket encryptedPacket, RSAWithRSAParameterKey rsaParams)
{
// Decrypt AES Key with RSA
var decryptedSessionKey = rsaParams.DecryptData(encryptedPacket.EncryptedSessionKey);
// Integrity Check
var hmacToCheck = HMac.ComputeHMACSha256(encryptedPacket.EncryptedData, decryptedSessionKey);
if (!Compare(encryptedPacket.HMAC, hmacToCheck))
{
throw new CryptographicException("HMAC for decryption does not match encrypted package HMAC code received. This means the message has been tampered with.");
}
// Decrypt our data with AES using the decryptedSessionKey
return(_aes.Decrypt(encryptedPacket.EncryptedData, decryptedSessionKey, encryptedPacket.IV));
}
public EncryptedPacket EncryptData(byte[] original, RSAWithRSAParameterKey rsaParams)
{
var sessionKey = _aes.GenerateRandomNumber(32);
var encryptedPacket = new EncryptedPacket {
Iv = _aes.GenerateRandomNumber(12)
};
(byte[] ciphereText, byte[] tag)encrypted = _aes.Encrypt(original, sessionKey, encryptedPacket.Iv, null);
encryptedPacket.EncryptedData = encrypted.ciphereText;
encryptedPacket.Tag = encrypted.tag;
encryptedPacket.EncryptedSessionKey = rsaParams.EncryptData(sessionKey);
return(encryptedPacket);
}
public EncryptedPacket EncryptData(byte[] original, RSAWithRSAParameterKey rsaParams)
{
// Generate our session key.
var sessionKey = _aes.GenerateRandomNumber(32);
// Create the encrypted packet and generate the IV.
var encryptedPacket = new EncryptedPacket {
Iv = _aes.GenerateRandomNumber(16)
};
// Encrypt our data with AES.
encryptedPacket.EncryptedData = _aes.Encrypt(original, sessionKey, encryptedPacket.Iv);
// Encrypt the session key with RSA
encryptedPacket.EncryptedSessionKey = rsaParams.EncryptData(sessionKey);
return(encryptedPacket);
}
private static void TestHybrid()
{
const string original = "Very secret and important information that must not fall in the hands of the enemy.";
var rsaParams = new RSAWithRSAParameterKey();
rsaParams.AssignNewKey();
var hybrid = new HybridEncryption();
var encryptedBlock = hybrid.EncryptData(Encoding.UTF8.GetBytes(original), rsaParams);
var decryptedBlock = hybrid.DecryptData(encryptedBlock, rsaParams);
Console.WriteLine($"Original Message: {original}");
Console.WriteLine($"Encrypted Block Data: {Convert.ToBase64String(encryptedBlock.EncryptedData)}");
Console.WriteLine($"Decrypted Block: {Convert.ToBase64String(decryptedBlock)}");
Console.WriteLine($"Decrypted Message: {Encoding.UTF8.GetString(decryptedBlock)}");
}
public static string DecryptData(EncryptedPacket encryptedPacket, RSAWithRSAParameterKey rsaParams)
{
var aes = new AesEncryption();
// Decrypt AES key with RSA and then decrypt data with AES.
var decryptedSessionKey = rsaParams.DecryptData(encryptedPacket.EncryptedSessionKey);
using (var hmac = new HMACSHA256(decryptedSessionKey))
{
var hmacToCheck = hmac.ComputeHash(encryptedPacket.EncryptedData);
if (!CompareArrays.Compare(encryptedPacket.Hmac, hmacToCheck))
{
throw new CryptographicException("HMAC for decryption does not match encrypted packet.");
}
}
var decryptedData = aes.Decrypt(encryptedPacket.EncryptedData, decryptedSessionKey, encryptedPacket.Iv);
return(Encoding.UTF8.GetString(decryptedData));
}
static void Main()
{
//const string original = "Very secret and important information that can not fall into the wrong hands.";
//string original = new String('0', 127);
string original = "abcdefghijklmnopqrstuvwxyz1234567890abcdefghijklmnopqrstuvwxyz1234567890abcdefghijklmnopqrstuvwxyz1234567890abcdefghijklmnopqrs";
original = GenerateRandomText();
//string original = "abcdefghijklmnopqrstuvwxyz1234567890abcdefghijklmnopqrstuvwxyz1234567890abcdefghijklmnopqrstuvwxyz1234567890abcdefghijklmnopqrstuvwxyz1234567890";
//string original = "Lorem ipsum dolor sit amet, consectetur adipiscing elit. Nam non dictum diam. Donec feugiat libero sed arcu interdum consectetur vitae amet.";
//string original = @"?=??Y@쳘?{?? &긳 ? v ? ";
var hybrid = new HybridEncryption();
var rsaParams = new RSAWithRSAParameterKey();
rsaParams.ImportKeys();
var digitalSignature = new DigitalSignature();
digitalSignature.AssignNewKey();
Console.WriteLine("Hybrid Encryption with Integrity Check Demonstration in .NET");
Console.WriteLine("------------------------------------------------------------");
Console.WriteLine();
try
{
var originalData = Encoding.UTF8.GetBytes(original);
byte[] compressedBytes = Compress(originalData);
byte[] decompressedBytes = Decompress(compressedBytes);
var encryptedBlock = hybrid.EncryptData(
originalData, rsaParams, digitalSignature);
var decrpyted = hybrid.DecryptData(encryptedBlock, rsaParams, digitalSignature);
//byte[] gzippedBytes = GetGZippedBytes(encryptedBlock.EncryptedData);
//byte[] ungzippedBytes = GetUnGZippedBytes(gzippedBytes);
byte[] gzippedBytes = Compress(encryptedBlock.EncryptedData);
byte[] ungzippedBytes = Decompress(gzippedBytes);
Console.WriteLine("Original Message = " + original);
Console.WriteLine("Original Message Length: {0}", original.Length);
Console.WriteLine("Compressed Original Message = " + Convert.ToBase64String(compressedBytes));
Console.WriteLine("Compressed Original Message Length: {0}", compressedBytes.Length);
Console.WriteLine("DeCompressed Original Message = " + Convert.ToBase64String(decompressedBytes));
Console.WriteLine("DeCompressed Original Message Length: {0}", decompressedBytes.Length);
Console.WriteLine("Encrypted Data: {0}", Convert.ToBase64String(encryptedBlock.EncryptedData));
Console.WriteLine("Encrypted Data Size: {0}", encryptedBlock.EncryptedData.Length);
Console.WriteLine("GZipped Encrypted Data: {0}", Convert.ToBase64String(gzippedBytes));
Console.WriteLine("GZipped Encrypted Data Size: {0}", gzippedBytes.Length);
Console.WriteLine("UnGZipped Encrypted Data: {0}", Convert.ToBase64String(ungzippedBytes));
Console.WriteLine("UnGZipped Encrypted Data Size: {0}", ungzippedBytes.Length);
Console.WriteLine();
Console.WriteLine("Message After Decryption = " + Encoding.UTF8.GetString(decrpyted));
}
catch (CryptographicException ex)
{
Console.WriteLine("Error : " + ex.Message);
}
Console.ReadLine();
}
