Пример #1
0
        public byte[] DecryptData(EncryptedPacket encryptedPacket, RSAWithRSAParameterKey rsaParams, 
                                  DigitalSignature digitalSignature)
        {            
            var decryptedSessionKey = rsaParams.DecryptData(encryptedPacket.EncryptedSessionKey);
            
            using (var hmac = new HMACSHA256(decryptedSessionKey))
            {                
                var hmacToCheck = hmac.ComputeHash(encryptedPacket.EncryptedData);
                
                if (!Compare(encryptedPacket.Hmac, hmacToCheck)){
                    throw new CryptographicException(
                        "HMAC for decryption does not match encrypted packet.");
                }
                
                if (!digitalSignature.VerifySignature(encryptedPacket.Hmac, 
                                                      encryptedPacket.Signature)){
                    throw new CryptographicException(
                        "Digital Signature can not be verified.");
                }
            }

            var decryptedData = _aes.Decrypt(encryptedPacket.EncryptedData, decryptedSessionKey, 
                                             encryptedPacket.Iv);

            return decryptedData;
        }
Пример #2
0
        public EncryptedPacket EncryptData(byte[] original, RSAWithRSAParameterKey rsaParams)
        {
            var sessionKey      = _aes.GenerateRandomNumber(32);
            var encryptedPacket = new EncryptedPacket {
                Iv = _aes.GenerateRandomNumber(16)
            };

            // Encrypt data with AES and AES Key with RSA
            encryptedPacket.EncryptedData       = _aes.Encrypt(original, sessionKey, encryptedPacket.Iv);
            encryptedPacket.EncryptedSessionKey = rsaParams.EncryptData(sessionKey);

            using (var hmac = new HMACSHA256(sessionKey))
            {
                encryptedPacket.Hmac = hmac.ComputeHash(encryptedPacket.EncryptedData);
            }

            return(encryptedPacket);
        }
Пример #3
0
        public byte[] DecryptData(EncryptedPacket encryptedPacket, RSAWithRSAParameterKey rsaParams)
        {
            // Decrypt AES Key with RSA and then decrypt data with AES.
            var decryptedSessionKey = rsaParams.DecryptData(encryptedPacket.EncryptedSessionKey);

            using (var hmac = new HMACSHA256(decryptedSessionKey))
            {
                var hmacToCheck = hmac.ComputeHash(encryptedPacket.EncryptedData);

                if (!Compare(encryptedPacket.Hmac, hmacToCheck))
                {
                    throw new CryptographicException("HMAC for decryption does not match encrypted packet.");
                }
            }

            var decryptedData = _aes.Decrypt(encryptedPacket.EncryptedData, decryptedSessionKey, encryptedPacket.Iv);

            return(decryptedData);
        }
Пример #4
0
        public EncryptedPacket EncryptData(byte[] original, RSAWithRSAParameterKey rsaParams, 
                                           DigitalSignature digitalSignature)
        {            
            var sessionKey = _aes.GenerateRandomNumber(32);
            
            var encryptedPacket = new EncryptedPacket { Iv = _aes.GenerateRandomNumber(16) };
                        
            encryptedPacket.EncryptedData = _aes.Encrypt(original, sessionKey, encryptedPacket.Iv);
            
            encryptedPacket.EncryptedSessionKey = rsaParams.EncryptData(sessionKey);          
            
            using (var hmac = new HMACSHA256(sessionKey))
            {
                encryptedPacket.Hmac = hmac.ComputeHash(encryptedPacket.EncryptedData);
            }
            
            encryptedPacket.Signature = digitalSignature.SignData(encryptedPacket.Hmac);

            return encryptedPacket;
        }