public void Encrypt_throws_on_invalid_key_length()
{
Assert.That(
() => AesGcm.Encrypt(key: new byte[13],
plaintext: new byte[16],
iv: new byte[12],
authData: new byte[0]),
ExceptionsTest.ThrowsInvalidOpeationWithMessage("key must"));
}
public void Decrypt_throws_on_invalid_iv_length()
{
Assert.That(
() => AesGcm.Decrypt(key: new byte[32],
ciphertext: new byte[16],
iv: new byte[13],
authData: new byte[0]),
ExceptionsTest.ThrowsInvalidOpeationWithMessage("iv must"));
}
private byte[] DecryptBuffer(byte[] encryptedInput, byte[] nonce, byte[] gcmtag, int keyinfo)
{
byte[] result = new byte[encryptedInput.Length];
using (var authenticatedAesCng = new AesGcm(keyinfo == 1 ? _key : _altKey)) {
authenticatedAesCng.Decrypt(nonce, encryptedInput, gcmtag, result);
}
return(result);
}
static (byte[] CipherText, byte[] Tag) EncryptGCM(string text, byte[] key, byte[] nonce, byte[] associatedData = null)
{
var byteText = Encoding.ASCII.GetBytes(text);
var tag = new byte[16];
var cipherText = new byte[byteText.Length];
using var gcm = new AesGcm(key);
gcm.Encrypt(nonce, byteText, cipherText, tag, associatedData);
return(cipherText, tag);
}
public void GHash_returns_hash(TestCase tc)
{
var hash = AesGcm.GHash(tc.HashKey,
tc.AuthData,
tc.AuthData.Length,
tc.Ciphertext,
tc.Ciphertext.Length);
Assert.Equal(tc.GHash, hash);
}
/// <inheritdoc />
public override void Encrypt(ReadOnlySpan <byte> plaintext, ReadOnlySpan <byte> nonce, ReadOnlySpan <byte> associatedData, Span <byte> ciphertext, Span <byte> authenticationTag)
{
if (_disposed)
{
ThrowHelper.ThrowObjectDisposedException(GetType());
}
using var aes = new AesGcm(_key.K);
aes.Encrypt(nonce, plaintext, ciphertext, authenticationTag, associatedData);
}
public void TryUsingAesGcm()
{
// Super bad crypto. Just here to demonstrate that it does not explode.
var key = new byte[16];
AesGcm gcm = new AesGcm(key);
byte[] plaintext = new byte[1], ciphertext = new byte[1];
byte[] nonce = new byte[12], tag = new byte[16];
gcm.Encrypt(nonce, plaintext, ciphertext, tag);
}
public static (byte[], byte[]) GCM_Encrypt(byte[] key, byte[] nonce, byte[] input, byte[] associatedData)
{
var tag = new byte[16];
var output = new byte[input.Length];
using var aesGcm = new AesGcm(key);
aesGcm.Encrypt(nonce, input, output, tag, associatedData);
return(output, tag);
}
public GcmAuthenticatedCryptographicTransform(byte[] key, TransformMode mode)
{
TransformMode = mode;
#if NETSTANDARD2_1_OR_GREATER || NETCOREAPP3_1_OR_GREATER
_gcm = new AesGcm(key);
#else
_gcm = new AesGcmWindows(key);
#endif
}
/// <summary>
/// Encrypts data using AES-GCM, then packages with the authentication code and nonce.
/// </summary>
/// <param name="plainblob">The plainblob to encrypt.</param>
/// <param name="overrideKey">An optional key to override the default key.</param>
/// <returns>The secure package.</returns>
public byte[] Encrypt(byte[] plainblob, byte[]?overrideKey = null)
{
var nonce = SecureRandomGenerator.GetBytes(NONCE_SIZE);
var cipherblob = new byte[plainblob.Length];
var tag = new byte[TAG_SIZE];
using var aes = new AesGcm(overrideKey ?? key);
aes.Encrypt(nonce, plainblob, cipherblob, tag);
return(nonce.Concat(tag).Concat(cipherblob).ToArray());
}
public void Decrypt_throws_on_modified_ciphertext()
{
foreach (var i in TestCases)
{
// Change the first byte of the ciphertext
var modified = Modified(i.CiphertextWithTag, 0);
Assert.That(() => AesGcm.Decrypt(i.Key, modified, i.Iv, i.AuthData),
ExceptionsTest.ThrowsInvalidOpeationWithMessage("auth tag"));
}
}
public MemoryStream Encrypt(MemoryStream unencryptedStream, bool leaveStreamOpen = false)
{
Guard.AgainstNullOrEmpty(unencryptedStream, nameof(unencryptedStream));
using var aes = new AesGcm(_key.Span);
var length = (int)unencryptedStream.Length;
(var buffer, var returnBuffer) = unencryptedStream.GetSafeBuffer(length);
// Slicing Version
// Rented arrays sizes are minimums, not guarantees.
// Need to perform extra work managing slices to keep the byte sizes correct but the memory allocations are lower by 200%
var encryptedBytes = _pool.Rent(length);
var tag = _pool.Rent(AesGcm.TagByteSizes.MaxSize); // MaxSize = 16
var nonce = _pool.Rent(AesGcm.NonceByteSizes.MaxSize); // MaxSize = 12
_rng.GetBytes(nonce, 0, AesGcm.NonceByteSizes.MaxSize);
aes.Encrypt(
nonce.AsSpan().Slice(0, AesGcm.NonceByteSizes.MaxSize),
buffer.Slice(0, length),
encryptedBytes.AsSpan().Slice(0, length),
tag.AsSpan().Slice(0, AesGcm.TagByteSizes.MaxSize));
// Prefix ciphertext with nonce and tag, since they are fixed length and it will simplify decryption.
// Our pattern: Nonce Tag Cipher
// Other patterns people use: Nonce Cipher Tag // couldn't find a solid source.
var encryptedStream = new MemoryStream(new byte[AesGcm.NonceByteSizes.MaxSize + AesGcm.TagByteSizes.MaxSize + length]);
using (var binaryWriter = new BinaryWriter(encryptedStream, Encoding.UTF8, true))
{
binaryWriter.Write(nonce, 0, AesGcm.NonceByteSizes.MaxSize);
binaryWriter.Write(tag, 0, AesGcm.TagByteSizes.MaxSize);
binaryWriter.Write(encryptedBytes, 0, length);
}
if (returnBuffer)
{
_pool.Return(buffer.Array);
}
_pool.Return(encryptedBytes);
_pool.Return(tag);
_pool.Return(nonce);
encryptedStream.Seek(0, SeekOrigin.Begin);
if (!leaveStreamOpen)
{
unencryptedStream.Close();
}
return(encryptedStream);
}
public byte[] Decrypt(byte[] cipherText, byte[] key, byte[] nonce, byte[] tag, byte[] associatedData)
{
byte[] decryptedData = new byte[cipherText.Length];
using (AesGcm aesGcm = new AesGcm(key))
{
aesGcm.Decrypt(nonce, cipherText, tag, decryptedData, associatedData);
}
return(decryptedData);
}
public static byte[] AesGcmDecrypt(this byte[] input, byte[] key, byte[] nonce, byte[] tag)
{
byte[] decryptedText = new byte[input.Length];
using (var aes = new AesGcm(key))
{
aes.Decrypt(nonce, input, tag, decryptedText);
}
return(decryptedText);
}
public static byte[] DecryptAesGcm(byte[] key, byte[] nonce, byte[] ciphertext, byte[] tag)
{
//複号後の値を格納する配列を準備
byte[] plain = new byte[ciphertext.Length];
using (var cipher = new AesGcm(key))
{
cipher.Decrypt(nonce, ciphertext, tag, plain);
}
return(plain);
}
static string aesGcmEncryptToBase64(byte[] key, string data) {
byte[] plaintext = Encoding.UTF8.GetBytes(data);
byte[] gcmTag = new byte[16];
byte[] nonce = GenerateRandomNonce();
byte[] cipherText = new byte[plaintext.Length];
byte[] associatedData = new byte[0];
using (var cipher = new AesGcm(key)) {
cipher.Encrypt(nonce, plaintext, cipherText, gcmTag, associatedData);
return Base64Encoding(nonce) + ":" + Base64Encoding(cipherText) + ":" + Base64Encoding(gcmTag);
}
}
public static (byte[], byte[]) AesGcmEncrypt(this byte[] input, byte[] key, byte[] nonce)
{
byte[] tag = new byte[16];
byte[] encryptedText = new byte[input.Length];
using (var aes = new AesGcm(key))
{
aes.Encrypt(nonce, input, encryptedText, tag);
}
return(encryptedText, tag);
}
public AesGcmSymmetricCipher(byte[] key)
{
_aes = new AesGcm(key);
var aes = new AesManaged();
aes.Key = key;
aes.Mode = CipherMode.CBC;
aes.Padding = PaddingMode.Zeros;
aes.IV = new byte[16];
_decryptor = aes.CreateDecryptor();
_encryptor = aes.CreateEncryptor();
}
public void Compliant()
{
GcmBlockCipher blockCipher = new GcmBlockCipher(new AesEngine()); // Compliant
var aesGcm = new AesGcm(key); // Compliant
RSACryptoServiceProvider RSA1 = new RSACryptoServiceProvider();
encryptedData = RSA1.Encrypt(data, true); // Compliant
RSA1.TryEncrypt(data, encryptedData, RSAEncryptionPadding.OaepSHA512, out byteWritten); // Compliant
encryptedData = RSA1.Encrypt(data, RSAEncryptionPadding.OaepSHA1); // Compliant
}
static string DecryptStringFromBytesAsync(byte[] ciphertext, string context, byte[] mac, byte[] key, byte[] iv)
{
var decrypted = new byte[ciphertext.Length];
var associatedData = Encoding.UTF8.GetBytes(context);
using (var aes = new AesGcm(key))
{
aes.Decrypt(iv, ciphertext, mac, decrypted, associatedData);
}
return(Encoding.UTF8.GetString(decrypted));
}
static string aesGcmDecryptFromBase64(byte[] key, string data) {
string decryptedtext;
byte[] associatedData = new byte[0];
String[] parts = data.Split(':');
byte[] ciphertext = Base64Decoding(parts[1]);
byte[] decryptedData = new byte[ciphertext.Length];
using (var cipher = new AesGcm(key)) {
cipher.Decrypt(Base64Decoding(parts[0]), ciphertext, Base64Decoding(parts[2]), decryptedData, associatedData);
decryptedtext = Encoding.UTF8.GetString(decryptedData, 0, decryptedData.Length);
return decryptedtext;
}
}
public static void Decrypt(byte[] key
, byte[] nonce, byte[] tag
, byte[] ciphertext)
{
byte[] decryptedData = new byte[ciphertext.Length];
using (AesGcm aes = new AesGcm(key))
aes.Decrypt(nonce, ciphertext, tag, decryptedData);
string decryptedText = Encoding.UTF8.GetString(decryptedData);
Console.WriteLine(decryptedText);
}
public byte[] Encrypt(byte[] toEncrypt, byte[] associatedData = null)
{
byte[] tag = new byte[this.keySize];
byte[] nonce = new byte[this.nonceSize];
byte[] cipherText = new byte[toEncrypt.Length];
using (var cipher = new AesGcm(this._key))
{
cipher.Encrypt(nonce, toEncrypt, cipherText, tag, associatedData);
return(Concat(tag, Concat(nonce, cipherText)));
}
}
static void GCM_Encrypt(byte[] nonce, byte[] plaintext, byte[] ciphertext, byte[] tag, byte[] associatedData)
{
using (var gcm = new AesGcm(key))
{
gcm.Encrypt(
nonce,
plaintext,
ciphertext,
tag,
associatedData);
}
}
protected void Cleanup()
{
AesGcm aes = null;
while (_cipherPool.Count > 0)
{
while (!_cipherPool.TryPop(out aes))
{
}
aes.Dispose();
}
}
public void GHash_returns_hash()
{
foreach (var i in TestCases)
{
var hash = AesGcm.GHash(i.HashKey,
i.AuthData,
i.AuthData.Length,
i.Ciphertext,
i.Ciphertext.Length);
Assert.That(hash, Is.EqualTo(i.GHash));
}
}
public void Initialize(byte[] key)
{
if (IsInitialized)
{
throw new InvalidOperationException("PacketCrypt already initialized!");
}
_serverEncrypt = new AesGcm(key);
_clientDecrypt = new AesGcm(key);
IsInitialized = true;
}
static string aesGcmDecrypt(byte[] key, byte[] nonce, byte[] ciphertext, byte[] gcmTag)
{
string decryptedtext;
byte[] associatedData = new byte[0];
byte[] decryptedData = new byte[ciphertext.Length];
using (var cipher = new AesGcm(key)) {
cipher.Decrypt(nonce, ciphertext, gcmTag, decryptedData, associatedData);
decryptedtext = Encoding.UTF8.GetString(decryptedData, 0, decryptedData.Length);
return(decryptedtext);
}
}
public static void EncryptDecryptNullTag()
{
byte[] key = "d5a194ed90cfe08abecd4691997ceb2c".HexToByteArray();
byte[] nonce = new byte[12];
byte[] plaintext = new byte[0];
byte[] ciphertext = new byte[0];
using (var aesGcm = new AesGcm(key))
{
Assert.Throws <ArgumentNullException>(() => aesGcm.Encrypt(nonce, plaintext, ciphertext, (byte[])null));
Assert.Throws <ArgumentNullException>(() => aesGcm.Decrypt(nonce, ciphertext, (byte[])null, plaintext));
}
}
public static byte[] AES256Encrypt(this byte[] plainData, byte[] key, byte[] nonce, byte[] associatedData = null)
{
if (nonce.Length != 12)
{
throw new ArgumentOutOfRangeException(nameof(nonce));
}
var cipherBytes = new byte[plainData.Length];
var tag = new byte[16];
using var cipher = new AesGcm(key);
cipher.Encrypt(nonce, plainData, cipherBytes, tag, associatedData);
return(Concat(nonce, cipherBytes, tag));
}
