/// <summary>
/// The tamper proof string decode.
/// </summary>
/// <param name="strValue">The string value.</param>
/// <param name="strKey">The string key.</param>
/// <returns>The <see cref="string" />.</returns>
/// <exception cref="ArgumentException">exception Argument Exception</exception>
private static string TamperProofStringDecode(string strValue, string strKey)
{
string strDataValue;
strValue = strValue.Trim();
strValue = strValue.Replace(" ", "+");
System.Security.Cryptography.MACTripleDES mac3Des = new System.Security.Cryptography.MACTripleDES();
System.Security.Cryptography.MD5CryptoServiceProvider md5 = new System.Security.Cryptography.MD5CryptoServiceProvider();
mac3Des.Key = md5.ComputeHash(System.Text.Encoding.UTF8.GetBytes(strKey));
try
{
strDataValue = System.Text.Encoding.UTF8.GetString(Convert.FromBase64String(strValue.Split(Convert.ToChar("-"))[0]));
var strCalcHash = System.Text.Encoding.UTF8.GetString(mac3Des.ComputeHash(System.Text.Encoding.UTF8.GetBytes(strDataValue)));
Console.Write(strCalcHash);
}
catch (Exception)
{
return(strValue);
}
return(strDataValue);
}
//Function to decode the string
//Throws an exception if the data is corrupt
static public string TamperProofStringDecode(string value, string key)
{
String dataValue = "";
String calcHash = "";
String storedHash = "";
System.Security.Cryptography.MACTripleDES mac3des = new System.Security.Cryptography.MACTripleDES();
System.Security.Cryptography.MD5CryptoServiceProvider md5 = new System.Security.Cryptography.MD5CryptoServiceProvider();
mac3des.Key = md5.ComputeHash(System.Text.Encoding.UTF8.GetBytes(key));
try
{
dataValue = System.Text.Encoding.UTF8.GetString(System.Convert.FromBase64String(value.Split(System.Convert.ToChar("-"))[0]));
storedHash = System.Text.Encoding.UTF8.GetString(System.Convert.FromBase64String(value.Split(System.Convert.ToChar("-"))[1]));
calcHash = System.Text.Encoding.UTF8.GetString(mac3des.ComputeHash(System.Text.Encoding.UTF8.GetBytes(dataValue)));
if (storedHash != calcHash)
{
//Data was corrupted
throw new ArgumentException("Hash value does not match");
//This error is immediately caught below
}
}
catch (System.Exception)
{
HttpContext.Current.Response.Clear();
HttpContext.Current.Response.Write("Invalid Url");
HttpContext.Current.Response.End();
}
return(dataValue);
}
//Function to encode the string
private string SecurityStringEncode(string value, string key)
{
var mac3des = new MACTripleDES();
var md5 = new MD5CryptoServiceProvider();
mac3des.Key = md5.ComputeHash(Encoding.UTF8.GetBytes(key));
return Convert.ToBase64String(Encoding.UTF8.GetBytes(value)) + '-' +
Convert.ToBase64String(mac3des.ComputeHash(Encoding.UTF8.GetBytes(value)));
}
public static string Encrypt(string value, string key)
{
MACTripleDES mac3des = new MACTripleDES();
MD5CryptoServiceProvider md5 = new MD5CryptoServiceProvider();
mac3des.Key = md5.ComputeHash(Encoding.UTF8.GetBytes(key));
return Convert.ToBase64String(Encoding.UTF8.GetBytes(value)) + '-' + Convert.ToBase64String(mac3des.ComputeHash(Encoding.UTF8.GetBytes(value)));
}
//////////////////////////////////////////////////////////////////////////////////////////////////////////////
// ----------------------------------------------- start ----------------------------------------------------
///////////// rates section for ammenties section, this includes all functions //////////////////////////////
// rates block here which controls the rates section in ammenites
// ////////////////////////////////////////////////////////////
///////////// rates section for ammenties section, this includes all functions //////////////////////////////
// ----------------------------------------------- end ----------------------------------------------------
//////////////////////////////////////////////////////////////////////////////////////////////////////////////
// decript of querystring method /////////////////////////////////////////////////////////////////////
public string Decrypt(string value, string key)
{
string dataValue = "";
string calcHash = "";
string storedHash = "";
MACTripleDES mac3des = new MACTripleDES();
MD5CryptoServiceProvider md5 = new MD5CryptoServiceProvider();
mac3des.Key = md5.ComputeHash(Encoding.UTF8.GetBytes(key));
try
{
dataValue = Encoding.UTF8.GetString(Convert.FromBase64String(value.Split('-')[0]));
storedHash = Encoding.UTF8.GetString(Convert.FromBase64String(value.Split('-')[1]));
calcHash = Encoding.UTF8.GetString(mac3des.ComputeHash(Encoding.UTF8.GetBytes(dataValue)));
if (storedHash != calcHash)
{
//Data was corrupted
//throw new ArgumentException("Hash value does not match");
//This error is immediately caught below
OvationTabs.Visible = false;
OvationMultiPage.Visible = false;
RFPqueryError.Visible = true;
}
}
catch (Exception ex)
{
//dataValue = "0";
//throw new ArgumentException("Invalid query string");
OvationTabs.Visible = false;
OvationMultiPage.Visible = false;
RFPqueryError.Visible = true;
}
return dataValue;
}
// Function to decode the string
// Throws an exception if the data is corrupt
private static string TamperProofStringDecode(string value, string key)
{
string dataValue = string.Empty;
string calcHash = string.Empty;
string storedHash = string.Empty;
string strKey = null;
MACTripleDES mac3des = new MACTripleDES();
MD5CryptoServiceProvider md5 = new MD5CryptoServiceProvider();
mac3des.Key = md5.ComputeHash(System.Text.Encoding.UTF8.GetBytes(key));
try
{
dataValue = System.Text.Encoding.UTF8.GetString(Convert.FromBase64String(value.Split('-')[0]));
strKey = value.Split('-')[1];
strKey = DecodeHexString(strKey);
storedHash = System.Text.Encoding.UTF8.GetString(Convert.FromBase64String(strKey));
calcHash = System.Text.Encoding.UTF8.GetString(mac3des.ComputeHash(System.Text.Encoding.UTF8.GetBytes(dataValue)));
if (storedHash != calcHash)
{
// Data was corrupted
// This error is immediately caught below
throw new ArgumentException("Hash value does not match");
}
}
catch
{
throw new ArgumentException(Convert.ToString((Convert.ToString("Invalid TamperProofString stored hash = ") + storedHash) + " calchash = ") + calcHash);
}
// Cleanup
mac3des.Clear();
md5.Clear();
return dataValue;
}
//Function to encode the string
static public string TamperProofStringEncode(string value, string key)
{
System.Security.Cryptography.MACTripleDES mac3des = new System.Security.Cryptography.MACTripleDES();
System.Security.Cryptography.MD5CryptoServiceProvider md5 = new System.Security.Cryptography.MD5CryptoServiceProvider();
mac3des.Key = md5.ComputeHash(System.Text.Encoding.UTF8.GetBytes(key));
return(System.Convert.ToBase64String(System.Text.Encoding.UTF8.GetBytes(value)) + System.Convert.ToChar("-") + System.Convert.ToBase64String(mac3des.ComputeHash(System.Text.Encoding.UTF8.GetBytes(value))));
}
// - Test constructor #3 (string, byte[])
// - Test ComputeHash (stream);
public void CheckC (string testName, byte[] key, byte[] data, byte[] result)
{
algo = new MACTripleDES ("TripleDES", key);
algo.Key = key;
MemoryStream ms = new MemoryStream (data);
byte[] hmac = algo.ComputeHash (ms);
AssertEquals (testName + "c1", result, hmac);
AssertEquals (testName + "c2", result, algo.Hash);
}
// - Test constructor #2 (byte[])
// - Test ComputeHash (byte[], int, int);
public void CheckB (string testName, byte[] key, byte[] data, byte[] result)
{
algo = new MACTripleDES (key);
byte[] hmac = algo.ComputeHash (data, 0, data.Length);
AssertEquals (testName + "b1", result, hmac);
AssertEquals (testName + "b2", result, algo.Hash);
}
// - Test constructor #1 ()
// - Test ComputeHash (byte[]);
public void CheckA (string testName, byte[] key, byte[] data, byte[] result)
{
algo = new MACTripleDES ();
algo.Key = key;
byte[] hmac = algo.ComputeHash (data);
AssertEquals (testName + "a1", result, hmac);
AssertEquals (testName + "a2", result, algo.Hash);
}
public void ObjectDisposed ()
{
byte[] key = CombineKeys (key1, key2, key3);
algo = new MACTripleDES (key);
algo.Clear ();
algo.ComputeHash (new byte[1]);
}
public static bool Test(Session session)
{
bool bRes = true;
byte[] plaintext = new byte[16];
for (int i = 0; i < plaintext.Length - 5; i++) plaintext[i] = (byte)i;
for (int i = plaintext.Length - 5; i < plaintext.Length; i++) plaintext[i] = (byte)0;
byte[] plaintext1 = new byte[plaintext.Length - 5];
for (int i = 0; i < plaintext1.Length; i++) plaintext1[i] = (byte)i;
SymmetricAlgorithm td = new TripleDESCryptoServiceProvider(session);
td.Padding = PaddingMode.None;
td.IV = new byte[8];
ICryptoTransform sse = td.CreateEncryptor();
//MemoryStream ms = new MemoryStream(plaintext);
ICryptoTransform ct = td.CreateEncryptor();
//CryptoStream cs1 = new CryptoStream(ms, sse, CryptoStreamMode.Write);
//cs1.Write(plaintext, 0, plaintext.Length);
//cs1.FlushFinalBlock();
//Log.Comment(ms.Position);
//byte[] ciphertext = ms.ToArray();
//cs1.Close();
byte[] ciphertext = ct.TransformFinalBlock(plaintext, 0, plaintext.Length);
ct.Dispose();
Log.Comment("CipherText:");
PrintByteArray(ciphertext);
td.Padding = PaddingMode.Zeros;
ICryptoTransform sse1 = td.CreateEncryptor();
//MemoryStream ms1 = new MemoryStream();
//CryptoStream cs2 = new CryptoStream(ms1, sse1, CryptoStreamMode.Write);
//cs2.Write(plaintext1, 0, plaintext1.Length);
cs2.FlushFinalBlock();
Log.Comment(ms1.Position);
byte[] ciphertext1 = ms1.ToArray();
cs2.Close();
Log.Comment("CipherText #2:");
PrintByteArray(ciphertext1);
if (!Compare(ciphertext, ciphertext1))
{
bRes = false;
Log.Comment("WRONG: ciphertexts are different. Probably padding problems.");
}
MACTripleDES mtd = new MACTripleDES(td.Key);
byte[] hash = mtd.ComputeHash(plaintext1);
Log.Comment("Hash:");
PrintByteArray(hash);
byte[] subciphertext = new byte[8];
Array.Copy(ciphertext, ciphertext.Length - 8, subciphertext, 0, 8);
if (!Compare(subciphertext, hash))
{
Log.Comment("WRONG: MAC3DES result is different from the last block of ciphertext!");
bRes = false;
}
return bRes;
}
private static string TamperProofStringEncode(string value, string key)
{
System.Security.Cryptography.MACTripleDES mac3des = new System.Security.Cryptography.MACTripleDES();
System.Security.Cryptography.MD5CryptoServiceProvider md5 = new System.Security.Cryptography.MD5CryptoServiceProvider();
mac3des.Key = md5.ComputeHash(System.Text.Encoding.UTF8.GetBytes(key));
return System.Convert.ToBase64String(System.Text.Encoding.UTF8.GetBytes(value)) + System.Convert.ToChar("-") + System.Convert.ToBase64String(mac3des.ComputeHash(System.Text.Encoding.UTF8.GetBytes(value)));
}
private static string TamperProofStringDecode(string value, string key)
{
String dataValue = "";
String calcHash = "";
String storedHash = "";
System.Security.Cryptography.MACTripleDES mac3des = new System.Security.Cryptography.MACTripleDES();
System.Security.Cryptography.MD5CryptoServiceProvider md5 = new System.Security.Cryptography.MD5CryptoServiceProvider();
mac3des.Key = md5.ComputeHash(System.Text.Encoding.UTF8.GetBytes(key));
try
{
dataValue = System.Text.Encoding.UTF8.GetString(System.Convert.FromBase64String(value.Split(System.Convert.ToChar("-"))[0]));
storedHash = System.Text.Encoding.UTF8.GetString(System.Convert.FromBase64String(value.Split(System.Convert.ToChar("-"))[1]));
calcHash = System.Text.Encoding.UTF8.GetString(mac3des.ComputeHash(System.Text.Encoding.UTF8.GetBytes(dataValue)));
if (storedHash != calcHash)
{
throw new ArgumentException("Hash value does not match");
}
}
catch (System.Exception)
{
throw new ArgumentException("Invalid TamperProofString");
}
return dataValue;
}
// Function to encode the string
private static string TamperProofStringEncode(string value, string Key)
{
string strKey = null;
MACTripleDES mac3des = new MACTripleDES();
MD5CryptoServiceProvider md5 = new MD5CryptoServiceProvider();
mac3des.Key = md5.ComputeHash(System.Text.Encoding.UTF8.GetBytes(Key));
strKey = Convert.ToBase64String(mac3des.ComputeHash(System.Text.Encoding.UTF8.GetBytes(value)));
// convert key to hex because we can't have goofy characters in the query string
strKey = EncodeHexString(strKey);
// Cleanup
mac3des.Clear();
md5.Clear();
return Convert.ToString(Convert.ToBase64String(System.Text.Encoding.UTF8.GetBytes(value)) + '-') + strKey;
}
