public void AeadWithAdditionalDataTest()
{
var key = new byte[]
{
0x42, 0x90, 0xbc, 0xb1, 0x54, 0x17, 0x35, 0x31, 0xf3, 0x14, 0xaf,
0x57, 0xf3, 0xbe, 0x3b, 0x50, 0x06, 0xda, 0x37, 0x1e, 0xce, 0x27,
0x2a, 0xfa, 0x1b, 0x5d, 0xbd, 0xd1, 0x10, 0x0a, 0x10, 0x07
};
var nonce = new byte[]
{
0xcd, 0x7c, 0xf6, 0x7b, 0xe3, 0x9c, 0x79, 0x4a
};
var ad = new byte[]
{
0x87, 0xe2, 0x29, 0xd4, 0x50, 0x08, 0x45, 0xa0, 0x79, 0xc0
};
var m = new byte[]
{
0x86, 0xd0, 0x99, 0x74, 0x84, 0x0b, 0xde, 0xd2, 0xa5, 0xca
};
var encrypted = SecretAeadChaCha20Poly1305.Encrypt(m, nonce, key, ad);
var decrypted = SecretAeadChaCha20Poly1305.Decrypt(encrypted, nonce, key, ad);
CollectionAssert.AreEqual(m, decrypted);
}
/// <summary>
/// Decrypts a given cipher texts and checks if it corresponds to the associated data.
/// </summary>
/// <param name="cipherText">Base64 encoded encrypted bytes</param>
/// <param name="associatedDataString">max. 16 character long string (not secret)</param>
/// <param name="nonce">unique nonce used during encryption (not secret)</param>
/// <returns>decrypted as an UTF-8 encoded string</returns>
private string Decrypt(string cipherText, string associatedDataString, byte[] nonce)
{
byte[] cipherBytes = Convert.FromBase64String(cipherText);
byte[] adBytes = Encoding.UTF8.GetBytes(associatedDataString);
byte[] plainBytes = SecretAeadChaCha20Poly1305.Decrypt(cipherBytes, nonce, secretKey, adBytes);
return(Encoding.UTF8.GetString(plainBytes));
}
public void SecretAeadChaCha20Poly1305EncryptWithBadAdditionalData()
{
var key = new byte[] {
0x42, 0x90, 0xbc, 0xb1, 0x54, 0x17, 0x35, 0x31, 0xf3, 0x14, 0xaf,
0x57, 0xf3, 0xbe, 0x3b, 0x50, 0x06, 0xda, 0x37, 0x1e, 0xce, 0x27,
0x2a, 0xfa, 0x1b, 0x5d, 0xbd, 0xd1, 0x10, 0x0a, 0x10, 0x07
};
var nonce = new byte[] {
0xcd, 0x7c, 0xf6, 0x7b, 0xe3, 0x9c, 0x79, 0x4a
};
var ad = new byte[] {
0x87, 0xe2, 0x29, 0xd4, 0x50, 0x08, 0x45, 0xa0, 0x79, 0xc0,
0x87, 0xe2, 0x29, 0xd4, 0x50, 0x08, 0x45, 0xa0, 0x79, 0xc0,
0x87, 0xe2, 0x29, 0xd4, 0x50, 0x08, 0x45, 0xa0, 0x79, 0xc0
};
var m = new byte[] {
0x86, 0xd0, 0x99, 0x74, 0x84, 0x0b, 0xde, 0xd2, 0xa5, 0xca
};
Assert.Throws <AdditionalDataOutOfRangeException>(
() => SecretAeadChaCha20Poly1305.Encrypt(m, nonce, key, ad));
}
/// <summary>
/// Encrypt a Business Object
/// </summary>
/// <param name="plainObject">unencrypted Business Object</param>
/// <param name="associatedDataString">max. 16 character long string (not secret)</param>
/// <returns>an encrypted Business Object</returns>
public EncryptedObjectAEAD Encrypt(BusinessObject plainObject, string associatedDataString)
{
var plainText = JsonConvert.SerializeObject(plainObject, encryptionSerializerSettings);
var nonce = SecretAeadChaCha20Poly1305.GenerateNonce();
var cipherString = Encrypt(plainText, associatedDataString, nonce);
return(new EncryptedObjectAEAD(cipherString, associatedDataString, Convert.ToBase64String(nonce)));
}
/// <summary>
/// Encrypt a given plain text and add associated data.
/// </summary>
/// <param name="plainText">UTF-8 encoded string containing the plain text to be encrypted</param>
/// <param name="associatedDataString">max. 16 character long string (not secret)</param>
/// <param name="nonce">unique nonce; not secret but must never be used with the same private key before</param>
/// <returns>the encrypted data as Base64 encoded string</returns>
private string Encrypt(string plainText, string associatedDataString, byte[] nonce)
{
byte[] plainBytes = Encoding.UTF8.GetBytes(plainText);
byte[] adBytes = Encoding.UTF8.GetBytes(associatedDataString);
byte[] cipherBytes = SecretAeadChaCha20Poly1305.Encrypt(plainBytes, nonce, secretKey, adBytes);
string cipherString = Convert.ToBase64String(cipherBytes);
return(cipherString);
}
/// <summary>
/// Encrypt a given plain text and add associated data.
/// </summary>
/// <param name="plainText">UTF-8 encoded string containing the plain text to be encrypted</param>
/// <param name="associatedDataString">max. 16 character long string (not secret)</param>
/// <returns>Tuple of (cipherText, nonce); both as base64 encoded string</returns>
public (string, string) Encrypt(string plainText, string associatedDataString)
{
byte[] nonce = SecretAeadChaCha20Poly1305.GenerateNonce();
return(Encrypt(plainText, associatedDataString, nonce), Convert.ToBase64String(nonce));
}
