public void TestDecryptStream()
{
// Test vector (official ECB test vector #356)
var pbIV = new byte[16];
var pbTestKey = new byte[32];
var pbTestData = new byte[16];
var pbReferenceCT = new byte[16]
{
0x75, 0xD1, 0x1B, 0x0E, 0x3A, 0x68, 0xC4, 0x22,
0x3D, 0x88, 0xDB, 0xF0, 0x17, 0x97, 0x7D, 0xD7
};
pbTestData[0] = 0x04;
// Possible Mono Bug? This only works with size >= 48
var inStream = new MemoryStream(new byte[48]);
inStream.Write(pbReferenceCT, 0, pbReferenceCT.Length);
inStream.Position = 0;
var aes = new StandardAesEngine();
var outStream = aes.DecryptStream(inStream, pbTestKey, pbIV);
var outBytes = new BinaryReader(outStream).ReadBytes(16);
Assert.That(outBytes, Is.EqualTo(pbTestData));
}
public void TestEncryptStream()
{
/*var a = CryptoUtil.CreateAes();
* if (a.BlockSize != 128) // AES block size
* {
* //Debug.Assert(false);
* a.BlockSize = 128;
* }
*
* a.IV = _pbIv;
* a.KeySize = 256;
* a.Key = _pbTestKey;
* a.Mode = CipherMode.ECB;
* var iCrypt = a.CreateEncryptor();
*
* iCrypt.TransformBlock(_pbTestData, 0, 16, _pbTestData, 0);
*
* Assert.That(MemUtil.ArraysEqual(_pbTestData, _pbReferenceCt), Is.True);*/
using var outStream = new MemoryStream();
var aes = new StandardAesEngine();
using var inStream = aes.EncryptStream(outStream, _pbTestKey, _pbIv);
new BinaryWriter(inStream, Encoding.UTF8).Write(_pbTestData);
//Assert.That(outStream.Position, Is.EqualTo(16));
//outStream.Position = 0;
var outBytes = new BinaryReaderEx(outStream, Encoding.UTF8, string.Empty).ReadBytes(16);
Assert.That(MemUtil.ArraysEqual(outBytes, _pbReferenceCt), Is.True);
}
public void TestEncryptStream()
{
// Test vector (official ECB test vector #356)
var pbIV = new byte[16];
var pbTestKey = new byte[32];
var pbTestData = new byte[16];
var pbReferenceCT = new byte[16]
{
0x75, 0xD1, 0x1B, 0x0E, 0x3A, 0x68, 0xC4, 0x22,
0x3D, 0x88, 0xDB, 0xF0, 0x17, 0x97, 0x7D, 0xD7
};
pbTestData[0] = 0x04;
var outStream = new MemoryStream(new byte[16]);
var aes = new StandardAesEngine();
var inStream = aes.EncryptStream(outStream, pbTestKey, pbIV);
new BinaryWriter(inStream).Write(pbTestData);
Assert.That(outStream.Position, Is.EqualTo(16));
outStream.Position = 0;
var outBytes = new BinaryReader(outStream).ReadBytes(16);
Assert.That(outBytes, Is.EqualTo(pbReferenceCT));
}
private static ProtectedBinary DecryptSecret(byte[] encryptedSecret, ProtectedBinary key, byte[] iv)
{
using (var ms = new MemoryStream(encryptedSecret))
using (var decryptionStream = new StandardAesEngine().DecryptStream(ms, key.ReadData(), iv))
{
return(new ProtectedBinary(true, ReadToEnd(decryptionStream)));
}
}
private static byte[] EncryptSecret(ProtectedBinary secret, ProtectedBinary key, out byte[] iv)
{
iv = CryptoRandom.Instance.GetRandomBytes(16); // AES 256 uses 128bits blocks
using var ms = new MemoryStream();
using (var encryptionStream = new StandardAesEngine().EncryptStream(ms, key.ReadData(), iv))
{
MemUtil.Write(encryptionStream, secret.ReadData());
}
return(ms.ToArray());
}
public void TestDecryptStream()
{
// Possible Mono Bug? This only works with size >= 48
using var inStream = new MemoryStream(new byte[32]);
inStream.Write(_pbReferenceCt, 0, _pbReferenceCt.Length);
inStream.Position = 0;
var aes = new StandardAesEngine();
using var outStream = aes.DecryptStream(inStream, _pbTestKey, _pbIv);
var outBytes = new BinaryReaderEx(outStream, Encoding.UTF8, string.Empty).ReadBytes(16);
Assert.That(MemUtil.ArraysEqual(outBytes, _pbTestData), Is.True);
}
private bool DecryptSecret(byte[] yubiResp, ChallengeInfo inf, out byte[] secret)
{
secret = new byte[keyLenBytes];
if (inf.IV == null)
{
return(false);
}
if (inf.Verification == null)
{
return(false);
}
//use the response to decrypt the secret
SHA256 sha = SHA256Managed.Create();
byte[] key = sha.ComputeHash(yubiResp); // get a 256 bit key from the 160 bit hmac response
StandardAesEngine aes = new StandardAesEngine();
using (MemoryStream msDecrypt = new MemoryStream(inf.EncryptedSecret))
{
using (CryptoStream csDecrypt = (CryptoStream)aes.DecryptStream(msDecrypt, key, inf.IV))
{
csDecrypt.Read(secret, 0, secret.Length);
csDecrypt.Close();
}
msDecrypt.Close();
}
byte[] secretHash = sha.ComputeHash(secret);
for (int i = 0; i < secretHash.Length; i++)
{
if (secretHash[i] != inf.Verification[i])
{
//wrong response
Array.Clear(secret, 0, secret.Length);
return(false);
}
}
//return the secret
sha.Clear();
return(true);
}
/// <summary>
/// A method for generating encrypted ChallengeInfo to be saved. For security, this method should
/// be called every time you get a successful challenge-response pair from the Yubikey. Failure to
/// do so will permit password re-use attacks.
/// </summary>
/// <param name="secret">The un-encrypted secret</param>
/// <returns>A fully populated ChallengeInfo object ready to be saved</returns>
public ChallengeInfo Encrypt(byte[] secret)
{
//generate a random challenge for use next time
byte[] challenge = GenerateChallenge();
//generate the expected HMAC-SHA1 response for the challenge based on the secret
byte[] resp = GenerateResponse(challenge, secret);
//use the response to encrypt the secret
SHA256 sha = SHA256Managed.Create();
byte[] key = sha.ComputeHash(resp); // get a 256 bit key from the 160 bit hmac response
byte[] secretHash = sha.ComputeHash(secret);
StandardAesEngine aes = new StandardAesEngine();
const uint aesIVLenBytes = 16;
byte[] IV = CryptoRandom.Instance.GetRandomBytes(aesIVLenBytes);
byte[] encrypted;
using (MemoryStream msEncrypt = new MemoryStream())
{
using (CryptoStream csEncrypt = (CryptoStream)aes.EncryptStream(msEncrypt, key, IV))
{
csEncrypt.Write(secret, 0, secret.Length);
csEncrypt.Close();
}
encrypted = msEncrypt.ToArray();
msEncrypt.Close();
}
ChallengeInfo inf = new ChallengeInfo(encrypted, IV, challenge, secretHash, LT64);
sha.Clear();
return(inf);
}
