public static void TestShims() { using (var alg = new AesManaged()) { alg.BlockSize = 128; Assert.Equal(128, alg.BlockSize); var emptyIV = new byte[alg.BlockSize / 8]; alg.IV = emptyIV; Assert.Equal(emptyIV, alg.IV); alg.GenerateIV(); Assert.NotEqual(emptyIV, alg.IV); var emptyKey = new byte[alg.KeySize / 8]; alg.Key = emptyKey; Assert.Equal(emptyKey, alg.Key); alg.GenerateKey(); Assert.NotEqual(emptyKey, alg.Key); alg.KeySize = 128; Assert.Equal(128, alg.KeySize); alg.Mode = CipherMode.ECB; Assert.Equal(CipherMode.ECB, alg.Mode); alg.Padding = PaddingMode.PKCS7; Assert.Equal(PaddingMode.PKCS7, alg.Padding); } }
public static byte[] EncryptUseAes(this byte[] bytes, byte[] key, byte[] iv, CipherMode mode = CipherMode.CBC, PaddingMode padding = PaddingMode.PKCS7) { using (var aes = new AesManaged() { IV = iv, Key = key, Mode = mode, Padding = padding }) { return aes.Encrypt(bytes); } }
public static void EncryptDecryptKnownECB192() { byte[] plainTextBytes = new ASCIIEncoding().GetBytes("This is a sentence that is longer than a block, it ensures that multi-block functions work."); byte[] encryptedBytesExpected = new byte[] { 0xC9, 0x7F, 0xA5, 0x5B, 0xC3, 0x92, 0xDC, 0xA6, 0xE4, 0x9F, 0x2D, 0x1A, 0xEF, 0x7A, 0x27, 0x03, 0x04, 0x9C, 0xFB, 0x56, 0x63, 0x38, 0xAE, 0x4F, 0xDC, 0xF6, 0x36, 0x98, 0x28, 0x05, 0x32, 0xE9, 0xF2, 0x6E, 0xEC, 0x0C, 0x04, 0x9D, 0x12, 0x17, 0x18, 0x35, 0xD4, 0x29, 0xFC, 0x01, 0xB1, 0x20, 0xFA, 0x30, 0xAE, 0x00, 0x53, 0xD4, 0x26, 0x25, 0xA4, 0xFD, 0xD5, 0xE6, 0xED, 0x79, 0x35, 0x2A, 0xE2, 0xBB, 0x95, 0x0D, 0xEF, 0x09, 0xBB, 0x6D, 0xC5, 0xC4, 0xDB, 0x28, 0xC6, 0xF4, 0x31, 0x33, 0x9A, 0x90, 0x12, 0x36, 0x50, 0xA0, 0xB7, 0xD1, 0x35, 0xC4, 0xCE, 0x81, 0xE5, 0x2B, 0x85, 0x6B, }; byte[] aes192Key = new byte[] { 0xA6, 0x1E, 0xC7, 0x54, 0x37, 0x4D, 0x8C, 0xA5, 0xA4, 0xBB, 0x99, 0x50, 0x35, 0x4B, 0x30, 0x4D, 0x6C, 0xFE, 0x3B, 0x59, 0x65, 0xCB, 0x93, 0xE3, }; using (var alg = new AesManaged()) { // The CipherMode and KeySize are different than the default values; this ensures the type // forwards the state properly to Aes. alg.Mode = CipherMode.ECB; alg.Key = aes192Key; byte[] encryptedBytes = alg.Encrypt(plainTextBytes); Assert.Equal(encryptedBytesExpected, encryptedBytes); byte[] decryptedBytes = alg.Decrypt(encryptedBytes); Assert.Equal(plainTextBytes, decryptedBytes); } }
/// <summary> /// Simple Authentication (HMAC) then Decryption (AES) for a secrets UTF8 Message. /// </summary> /// <param name="encryptedMessage">The encrypted message.</param> /// <param name="cryptKey">The crypt key.</param> /// <param name="authKey">The auth key.</param> /// <param name="nonSecretPayloadLength">Length of the non secret payload.</param> /// <returns>Decrypted Message</returns> public static byte[] SimpleDecrypt(byte[] encryptedMessage, byte[] cryptKey, byte[] authKey, int nonSecretPayloadLength = 0) { //Basic Usage Error Checks if (cryptKey == null || cryptKey.Length != KeyBitSize / 8) { throw new ArgumentException(String.Format("CryptKey needs to be {0} bit!", KeyBitSize), "cryptKey"); } if (authKey == null || authKey.Length != KeyBitSize / 8) { throw new ArgumentException(String.Format("AuthKey needs to be {0} bit!", KeyBitSize), "authKey"); } if (encryptedMessage == null || encryptedMessage.Length == 0) { throw new ArgumentException("Encrypted Message Required!", "encryptedMessage"); } using (var hmac = new HMACSHA256(authKey)) { var sentTag = new byte[hmac.HashSize / 8]; //Calculate Tag var calcTag = hmac.ComputeHash(encryptedMessage, 0, encryptedMessage.Length - sentTag.Length); var ivLength = (BlockBitSize / 8); //if message length is to small just return null if (encryptedMessage.Length < sentTag.Length + nonSecretPayloadLength + ivLength) { return(null); } //Grab Sent Tag Array.Copy(encryptedMessage, encryptedMessage.Length - sentTag.Length, sentTag, 0, sentTag.Length); //Compare Tag with constant time comparison var compare = 0; for (var i = 0; i < sentTag.Length; i++) { compare |= sentTag[i] ^ calcTag[i]; } //if message doesn't authenticate return null if (compare != 0) { return(null); } using (var aes = new AesManaged { KeySize = KeyBitSize, BlockSize = BlockBitSize, Mode = CipherMode.CBC, Padding = PaddingMode.PKCS7 }) { //Grab IV from message var iv = new byte[ivLength]; Array.Copy(encryptedMessage, nonSecretPayloadLength, iv, 0, iv.Length); using (var decrypter = aes.CreateDecryptor(cryptKey, iv)) using (var plainTextStream = new MemoryStream()) { using (var decrypterStream = new CryptoStream(plainTextStream, decrypter, CryptoStreamMode.Write)) using (var binaryWriter = new BinaryWriter(decrypterStream)) { //Decrypt Cipher Text from Message binaryWriter.Write( encryptedMessage, nonSecretPayloadLength + iv.Length, encryptedMessage.Length - nonSecretPayloadLength - iv.Length - sentTag.Length ); } //Return Plain Text return(plainTextStream.ToArray()); } } } }
private void ProcessAll() { Dispatcher.Invoke(LogBox.Clear); Log( string.Format( "{0}{1}Start{1}{0}ExePath = {2}{0}Resources = {3}", Environment.NewLine, Line, _globalVariables.PathToExe, _globalVariables.PathToResources ) ); const int totalSteps = 3; _visualProgress.SetBarUsual(); _visualProgress.ShowBar(); _taskBarManager.SetProgress(0); _taskBarManager.SetUsualState(); void SetStep(int currentStep, string status) { int percentage = (currentStep - 1) * 100 / totalSteps; _visualProgress.SetBarValue(percentage); _visualProgress.SetLabelText(status); _taskBarManager.SetProgress(percentage); } #region Инициализация SetStep(1, MainResources.StepInitializing); _visualProgress.ShowIndeterminateLabel(); string sourceApkPath = ViewModel.CurrentApk.Value; bool alternativeSigning = _settings.AlternativeSigning; string popupText = ViewModel.PopupBoxText.Value; int messagesCount = ViewModel.MessagesCount.Value; bool needSave; bool needMessage; { bool onlySave = ViewModel.OnlySave.Value; bool savePlusMessage = ViewModel.SavePlusMess.Value; bool onlyMessage = ViewModel.OnlyMess.Value; needSave = onlySave || savePlusMessage; needMessage = (savePlusMessage || onlyMessage) && !string.IsNullOrEmpty(popupText) && messagesCount > 0; } BackupType backupType = ViewModel.BackupType.Value; ITempFileProvider tempFileProvider = _tempUtils.CreateTempFileProvider(); ITempFolderProvider tempFolderProvider = _tempUtils.CreateTempFolderProvider(); string resultApkPath = sourceApkPath.Remove(sourceApkPath.Length - Path.GetExtension(sourceApkPath).Length) + "_mod.apk"; string pathToSave = ViewModel.CurrentSave.Value; IApktool apktool = _apktoolProvider.Get(); IProcessDataHandler dataHandler = new ProcessDataCombinedHandler(data => Log(data)); #endregion #region Изменение apk using (var tempApk = ATempUtils.UseTempFile(tempFileProvider)) { LFile.Copy(sourceApkPath, tempApk.TempFile, true); #region Добавление данных SetStep(2, MainResources.StepAddingData); var aes = new AesManaged { KeySize = 128 }; aes.GenerateIV(); aes.GenerateKey(); bool backupFilesAdded = false; // adding local and external backup files if (needSave) { using (var internalDataBackup = ATempUtils.UseTempFile(tempFileProvider)) using (var externalDataBackup = ATempUtils.UseTempFile(tempFileProvider)) { ApkModifer.ParseBackup( pathToBackup: pathToSave, backupType: backupType, resultInternalDataPath: internalDataBackup.TempFile, resultExternalDataPath: externalDataBackup.TempFile, tempFolderProvider: tempFolderProvider ); string internalBackup = internalDataBackup.TempFile; string externalBackup = externalDataBackup.TempFile; var fileToAssetsName = new Dictionary <string, string> { { internalBackup, "data.save" }, { externalBackup, "extdata.save" } }; foreach (var(file, assetsName) in fileToAssetsName.Enumerate()) { if (!LFile.Exists(file) || FileUtils.FileLength(file) == 0) { continue; } using (var tempEncrypted = ATempUtils.UseTempFile(tempFileProvider)) { CommonUtils.EncryptFile( filePath: file, outputPath: tempEncrypted.TempFile, iv: aes.IV, key: aes.Key ); ApkModifer.AddFileToZip( zipPath: tempApk.TempFile, filePath: tempEncrypted.TempFile, pathInZip: "assets/" + assetsName, newEntryCompression: CompressionType.Store ); } backupFilesAdded = true; } } } // adding smali file for restoring if (backupFilesAdded || needMessage) { using (var decompiledFolder = ATempUtils.UseTempFolder(tempFolderProvider)) { apktool.Baksmali( apkPath: tempApk.TempFile, resultFolder: decompiledFolder.TempFolder, tempFolderProvider: tempFolderProvider, dataHandler: dataHandler ); var manifestPath = Path.Combine(decompiledFolder.TempFolder, "AndroidManifest.xml"); apktool.ExtractSimpleManifest( apkPath: tempApk.TempFile, resultManifestPath: manifestPath, tempFolderProvider: tempFolderProvider ); // have to have smali folders in the same directory as manifest // to find the main smali var manifest = new AndroidManifest(manifestPath); if (manifest.MainSmaliFile == null) { throw new Exception("main smali file not found"); } // using this instead of just pasting "folder/smali" as there can be // no smali folder sometimes (smali_1, etc) string smaliDir = manifest.MainSmaliPath.Substring(decompiledFolder.TempFolder.Length + 1); smaliDir = smaliDir.Substring(0, smaliDir.IndexOf(Path.DirectorySeparatorChar)); string saveGameDir = Path.Combine(decompiledFolder.TempFolder, smaliDir, "com", "savegame"); LDirectory.CreateDirectory(saveGameDir); CommonUtils.GenerateAndSaveSmali( filePath: Path.Combine(saveGameDir, "SavesRestoringPortable.smali"), iv: aes.IV, key: aes.Key, addSave: backupFilesAdded, message: needMessage ? popupText : string.Empty, messagesCount: needMessage ? messagesCount : 0 ); manifest.MainSmaliFile.AddTextToMethod(FileResources.MainSmaliCall); manifest.MainSmaliFile.Save(); using (var folderWithDexes = ATempUtils.UseTempFolder(tempFolderProvider)) { apktool.Smali( folderWithSmali: decompiledFolder.TempFolder, resultFolder: folderWithDexes.TempFolder, dataHandler: dataHandler ); string[] dexes = LDirectory.GetFiles(folderWithDexes.TempFolder, "*.dex"); ApkModifer.AddFilesToZip( zipPath: tempApk.TempFile, filePaths: dexes, pathsInZip: Array.ConvertAll(dexes, Path.GetFileName), newEntryCompression: CompressionType.Store ); } } } #endregion #region Подпись SetStep(3, MainResources.StepSigning); Log(Line); Log(MainResources.StepSigning); Log(Line); apktool.Sign( sourceApkPath: tempApk.TempFile, signedApkPath: resultApkPath, tempFileProvider: tempFileProvider, dataHandler: dataHandler, deleteMetaInf: !alternativeSigning ); #endregion } #endregion _visualProgress.HideIndeterminateLabel(); SetStep(4, MainResources.AllDone); Log(MainResources.AllDone); Log(string.Empty, false); Log($"{MainResources.Path_to_file} {resultApkPath}"); _globalVariables.LatestModdedApkPath = resultApkPath; if (_settings.Notifications) { _notificationManager.Show( title: MainResources.Information_Title, text: MainResources.ModificationCompletedContent ); } string dialogResult = MessBox.ShowDial( $"{MainResources.Path_to_file} {resultApkPath}", MainResources.Successful, MainResources.OK, MainResources.Open, MainResources.Install ); _visualProgress.HideBar(); _taskBarManager.SetNoneState(); if (dialogResult == MainResources.Open) { Process.Start("explorer.exe", $"/select,{resultApkPath}"); } else if (dialogResult == MainResources.Install) { Dispatcher.Invoke(() => _adbInstallWindowProvider.Get().ShowDialog()); } }
public static byte[] EncryptPayload(String payloadPath, String outFile, String encryptionFile = "", byte[] IV = null, byte[] key = null, bool verbose = false, bool veryVerbose = false) { byte[] payload = File.ReadAllBytes(payloadPath); byte[] encryptedPayload = new byte[payload.Length]; using (AesManaged aesAlg = new AesManaged()) { if (IV == null) { IV = aesAlg.IV; } if (key == null) { key = aesAlg.Key; } aesAlg.Padding = PaddingMode.PKCS7; aesAlg.Mode = CipherMode.CBC; // Create an encryptor to perform the stream transform. ICryptoTransform encryptor = aesAlg.CreateEncryptor(key, IV); // Create the streams used for encryption. using (MemoryStream msEncrypt = new MemoryStream()) using (CryptoStream csEncrypt = new CryptoStream(msEncrypt, encryptor, CryptoStreamMode.Write)) { { //Write all data to the stream. csEncrypt.Write(payload, 0, payload.Length); csEncrypt.FlushFinalBlock(); encryptedPayload = msEncrypt.ToArray(); } } } if (!String.IsNullOrEmpty(outFile)) { using (System.IO.StreamWriter file = new System.IO.StreamWriter(outFile)) { file.WriteLine("===================CRYPTO============================="); file.WriteLine("IMPORTANT INFO, DO NOT LOSE!"); file.WriteLine("If you wanna test decryption, you can copy paste the hex (payload,iv,key) straight in cyberchef :)"); file.WriteLine("The KEY in ASCII is:{0}", Encoding.Default.GetString(key)); file.WriteLine("Key in HEX: {0}", BitConverter.ToString(key)); file.WriteLine("The IV in ASCII is: {0}", Encoding.Default.GetString(IV)); file.WriteLine("The IV (hex) is: {0}", BitConverter.ToString(IV)); file.WriteLine("We are using PKCS7"); file.WriteLine("Good luck operator!"); file.WriteLine("The encrypted Payload size is: {0} bytes long.", encryptedPayload.Length); //file.WriteLine("\n\n\nEncypted payload (in hex): \n"); //file.Write(BitConverter.ToString(encryptedPayload) + "\n"); file.Write("=======================================================\n\n\n"); file.Close(); } } if (verbose || veryVerbose) { Console.WriteLine("================================================"); Console.WriteLine("IMPORTANT INFO, DO NOT LOSE!"); //Console.WriteLine("The KEY in ASCII is:{0}", Encoding.Default.GetString(key)); Console.WriteLine("Key in HEX: {0}", BitConverter.ToString(key)); Console.WriteLine("We are using PKCS7"); // Console.WriteLine("The IV in ASCII is: {0}", Encoding.Default.GetString(IV)); Console.WriteLine("The IV (hex) is: {0}", BitConverter.ToString(IV)); Console.WriteLine("The encrypted Payload size is: {0} bytes long.", encryptedPayload.Length); if (veryVerbose) { Console.WriteLine("Payload in HEX:\n{0}", BitConverter.ToString(encryptedPayload)); } Console.WriteLine("Good luck operator!"); if (!String.IsNullOrEmpty(outFile)) { Console.WriteLine("This data is written to the following path: " + outFile); } Console.WriteLine("================================================"); } if (!String.IsNullOrEmpty(encryptionFile)) { using (StreamWriter file = new StreamWriter(encryptionFile)) { file.WriteLine(BitConverter.ToString(encryptedPayload)); } Console.WriteLine("Encrypted payload written to: {0}", encryptionFile); } return(encryptedPayload); }
public static void main(string[] args) { AesManaged aes = new AesManaged(); Console.WriteLine("AesManaged "); KeySizes[] ks = aes.LegalKeySizes; foreach (KeySizes k in ks) { Console.WriteLine("\tLegal min key size = " + k.MinSize); Console.WriteLine("\tLegal max key size = " + k.MaxSize); } ks = aes.LegalBlockSizes; foreach (KeySizes k in ks) { Console.WriteLine("\tLegal min block size = " + k.MinSize); Console.WriteLine("\tLegal max block size = " + k.MaxSize); } RijndaelManaged rij = new RijndaelManaged(); Console.WriteLine("RijndaelManaged "); ks = rij.LegalKeySizes; foreach (KeySizes k in ks) { Console.WriteLine("\tLegal min key size = " + k.MinSize); Console.WriteLine("\tLegal max key size = " + k.MaxSize); } ks = rij.LegalBlockSizes; foreach (KeySizes k in ks) { Console.WriteLine("\tLegal min block size = " + k.MinSize); Console.WriteLine("\tLegal max block size = " + k.MaxSize); } TripleDESCryptoServiceProvider tsp = new TripleDESCryptoServiceProvider(); Console.WriteLine("TripleDESCryptoServiceProvider "); ks = tsp.LegalKeySizes; foreach (KeySizes k in ks) { Console.WriteLine("\tLegal min key size = " + k.MinSize); Console.WriteLine("\tLegal max key size = " + k.MaxSize); } ks = tsp.LegalBlockSizes; foreach (KeySizes k in ks) { Console.WriteLine("\tLegal min block size = " + k.MinSize); Console.WriteLine("\tLegal max block size = " + k.MaxSize); } using (RijndaelManaged rijAlg = new RijndaelManaged()) { rijAlg.KeySize = 256; rijAlg.BlockSize = 256; rijAlg.GenerateKey(); rijAlg.GenerateIV(); Console.Out.WriteLine(rijAlg.KeySize + " " + rijAlg.BlockSize + " " + Convert.ToBase64String(rijAlg.IV, Base64FormattingOptions.None) + " " + Convert.ToBase64String(rijAlg.Key, Base64FormattingOptions.None)); } TripleDESCryptoServiceProvider des = new TripleDESCryptoServiceProvider(); des.KeySize = 192; des.BlockSize = 64; des.GenerateKey(); des.GenerateIV(); Console.Out.WriteLine(des.KeySize + " " + des.BlockSize + " " + Convert.ToBase64String(des.IV, Base64FormattingOptions.None) + " " + Convert.ToBase64String(des.Key, Base64FormattingOptions.None)); }
/// <summary> /// Simple Encryption(AES) then Authentication (HMAC) for a UTF8 Message. /// </summary> /// <param name="clearMessage">The secret message.</param> /// <param name="cryptKey">The crypt key.</param> /// <param name="nonEncryptedPayload">(Optional) Non-Secret Payload.</param> /// <returns> /// Encrypted Message /// </returns> /// <remarks> /// Adds overhead of (Optional-Payload + BlockSize(16) + Message-Padded-To-Blocksize + HMac-Tag(32)) * 1.33 Base64 /// </remarks> public static byte[] Encrypt(string clearMessage, byte[] cryptKey, byte[] nonEncryptedPayload) { var clearMessageBytes = Encoding.UTF8.GetBytes(clearMessage); //User Error Checks if (cryptKey == null || cryptKey.Length != KeyBitSize / 8) { throw new ArgumentException($"Key needs to be {KeyBitSize} bit!", nameof(cryptKey)); } if (clearMessageBytes == null || clearMessageBytes.Length < 1) { throw new ArgumentException("Secret Message Required!", nameof(clearMessageBytes)); } byte[] cipherText; byte[] iv; using (var aes = new AesManaged { KeySize = KeyBitSize, BlockSize = BlockBitSize, Mode = CipherMode.CBC, Padding = PaddingMode.PKCS7 }) { //Use random IV aes.GenerateIV(); iv = aes.IV; using (var encrypter = aes.CreateEncryptor(cryptKey, iv)) using (var cipherStream = new MemoryStream()) { using (var cryptoStream = new CryptoStream(cipherStream, encrypter, CryptoStreamMode.Write)) using (var binaryWriter = new BinaryWriter(cryptoStream)) { //Encrypt Data binaryWriter.Write(clearMessageBytes); } cipherText = cipherStream.ToArray(); } } //Assemble encrypted message and add authentication using (var encryptedStream = new MemoryStream()) { using (var binaryWriter = new BinaryWriter(encryptedStream)) { //Prepend non-secret payload if any binaryWriter.Write(nonEncryptedPayload); //Prepend IV binaryWriter.Write(iv); //Write Ciphertext binaryWriter.Write(cipherText); binaryWriter.Flush(); } return(encryptedStream.ToArray()); } }
public static void StartClient(string Username, string Password) { // Data buffer for incoming data. byte[] bytes = new byte[1024]; SymmetricAlgorithm aes = new AesManaged(); string up = Username + '\n' + HashesClass.computeHash(Password, "MD5"); // Connect to a remote device. try { // Establish the remote endpoint for the socket. // This example uses port 11000 on the local computer. IPHostEntry ipHostInfo = Dns.GetHostEntry(Dns.GetHostName()); IPAddress ipAddress = ipHostInfo.AddressList[0]; IPEndPoint remoteEP = new IPEndPoint(ipAddress, 11000); // Create a TCP/IP socket. Socket sender = new Socket(ipAddress.AddressFamily, SocketType.Stream, ProtocolType.Tcp); // Connect the socket to the remote endpoint. Catch any errors. try { sender.Connect(remoteEP); Console.WriteLine("Socket connected to {0}", sender.RemoteEndPoint.ToString()); // Encode the data string into a byte array. byte[] message = Encoding.ASCII.GetBytes(up); // Send the data through the socket. int bytesSent = sender.Send(message); Console.WriteLine(bytesSent); // Receive the response from the remote device. int bytesRec = sender.Receive(bytes); Console.WriteLine("Echoed test = {0}", Encoding.ASCII.GetString(bytes, 0, bytesRec)); // Release the socket. sender.Shutdown(SocketShutdown.Both); sender.Close(); } catch (ArgumentNullException ane) { Console.WriteLine("ArgumentNullException : {0}", ane.ToString()); } catch (SocketException se) { Console.WriteLine("SocketException : {0}", se.ToString()); } catch (Exception e) { Console.WriteLine("Unexpected exception : {0}", e.ToString()); } } catch (Exception e) { Console.WriteLine(e.ToString()); } }
// Encrypt a file using a public key. private static MemoryStream EncryptFile(byte[] unencryptedData, RSACryptoServiceProvider rsaPublicKey) { MemoryStream stream = null; using (AesManaged aesManaged = new AesManaged()) { // Create instance of AesManaged for // symetric encryption of the data. aesManaged.KeySize = 256; aesManaged.BlockSize = 128; aesManaged.Mode = CipherMode.CBC; using (ICryptoTransform transform = aesManaged.CreateEncryptor()) { RSAPKCS1KeyExchangeFormatter keyFormatter = new RSAPKCS1KeyExchangeFormatter(rsaPublicKey); byte[] keyEncrypted = keyFormatter.CreateKeyExchange(aesManaged.Key, aesManaged.GetType()); // Create byte arrays to contain // the length values of the key and IV. byte[] LenK = new byte[4]; byte[] LenIV = new byte[4]; int lKey = keyEncrypted.Length; LenK = BitConverter.GetBytes(lKey); int lIV = aesManaged.IV.Length; LenIV = BitConverter.GetBytes(lIV); // Write the following to the FileStream // for the encrypted file (outFs): // - length of the key // - length of the IV // - ecrypted key // - the IV // - the encrypted cipher content stream = new MemoryStream(); try { stream.Write(LenK, 0, 4); stream.Write(LenIV, 0, 4); stream.Write(keyEncrypted, 0, lKey); stream.Write(aesManaged.IV, 0, lIV); // Now write the cipher text using // a CryptoStream for encrypting. CryptoStream outStreamEncrypted = new CryptoStream(stream, transform, CryptoStreamMode.Write); try { // By encrypting a chunk at // a time, you can save memory // and accommodate large files. int count = 0; int offset = 0; // blockSizeBytes can be any arbitrary size. int blockSizeBytes = aesManaged.BlockSize / 8; do { if (offset + blockSizeBytes <= unencryptedData.Length) { count = blockSizeBytes; } else { count = unencryptedData.Length - offset; } outStreamEncrypted.Write(unencryptedData, offset, count); offset += count; }while (offset < unencryptedData.Length); outStreamEncrypted.FlushFinalBlock(); } catch (Exception ex) { Console.WriteLine("Error : {0}", ex.Message); } } catch (Exception ex) { Console.WriteLine("Error : {0}", ex.Message); } stream.Position = 0; } } return(stream); }
/// <summary> /// Encrypt bytes from the stream using a string password. /// </summary> public static MemoryStream EncryptWithPassword(Stream stream, string password, byte[] nonSecretPayload = null) { byte[] payload; int payloadIndex; if (nonSecretPayload == null) { payload = BufferCache.Get(SaltBitSize * 2); payloadIndex = 0; } else { payload = BufferCache.Get((SaltBitSize * 2) + nonSecretPayload.Length); Array.Copy(nonSecretPayload, payload, nonSecretPayload.Length); payloadIndex = nonSecretPayload.Length; } byte[] cryptKey; byte[] authKey; //Use Random Salt to prevent pre-generated weak password attacks. using (var generator = new Rfc2898DeriveBytes(password, SaltBitSize, Iterations)) { var salt = generator.Salt; // generate the cryptography key cryptKey = generator.GetBytes(KeyBitSize); // copy the salt Array.Copy(salt, 0, payload, payloadIndex, salt.Length); payloadIndex += salt.Length; } //Deriving separate key, might be less efficient than using HKDF, //but now compatible with RNEncryptor which had a very similar wireformat and requires less code than HKDF. using (var generator = new Rfc2898DeriveBytes(password, SaltBitSize, Iterations)) { var salt = generator.Salt; // generate the auth key authKey = generator.GetBytes(KeyBitSize); // create the rest of the non-secret payload Array.Copy(salt, 0, payload, payloadIndex, salt.Length); payloadIndex += salt.Length; } byte[] iv; byte[] buffer = BufferCache.Get(); using (var aes = new AesManaged { Key = cryptKey, BlockSize = BlockBitSize, Mode = CipherMode.CBC, Padding = PaddingMode.Zeros }) { // use random IV aes.GenerateIV(); iv = aes.IV; using (var encrypter = aes.CreateEncryptor()) using (var cipherStream = new MemoryStream()) using (var cryptoStream = new CryptoStream(cipherStream, encrypter, CryptoStreamMode.Write)) { // read from the stream int count = stream.Read(buffer, 0, Global.BufferSizeLocal); // while the buffer is filled while (count == Global.BufferSizeLocal) { // write to the crypto stream cryptoStream.Write(buffer, 0, count); // read from the stream count = stream.Read(buffer, 0, Global.BufferSizeLocal); } // write the final buffer cryptoStream.Write(buffer, 0, count); // flush the encryped stream cryptoStream.Flush(); cipherStream.Position = 0; // assemble encrypted message and add authentication var encryptedStream = new MemoryStream(); // prepend payload encryptedStream.Write(payload, 0, payloadIndex); // prepend IV encryptedStream.Write(iv, 0, iv.Length); // read from the stream count = cipherStream.Read(buffer, 0, Global.BufferSizeLocal); while (count == Global.BufferSizeLocal) { // write to the crypto stream encryptedStream.Write(buffer, 0, count); // read from the stream count = cipherStream.Read(buffer, 0, Global.BufferSizeLocal); } // write the final buffer encryptedStream.Write(buffer, 0, count); BufferCache.Set(buffer); // authenticate all data by postpending a hash of all data encryptedStream.Position = payloadIndex + iv.Length; using (var hmac = new HMACSHA256(authKey)) { // calculate a hash of the entire stream excluding the payload and iv // that can be used to authenticate the received data byte[] tag = hmac.ComputeHash(encryptedStream); // write the tag to the end of the encrypted stream encryptedStream.Write(tag, 0, tag.Length); } // reset the stream position encryptedStream.Position = 0; // return the complete, encrypted stream return(encryptedStream); } } }
private async void button2_Click(object sender, EventArgs e) { try { textBox7.Text = GetRandomAlphanumericString(32); SqlConnection con = new SqlConnection("Data Source=DESKTOP-VDKS12B\\VS;Initial Catalog=SeDaSc;Integrated Security=True"); string getki = " SELECT userkey FROM [SeDaSc].[dbo].[access_rights_read] WHERE read_name = '" + comboBox2.Text + "' and group_id='" + comboBox3.Text + "'"; SqlCommand re1 = new SqlCommand(getki, con); con.Open(); SqlDataReader obj1 = re1.ExecuteReader(); if (!(obj1.HasRows)) { MessageBox.Show("There is no Read Access for the Current User ", "Secure Data Sharing in Cloud", MessageBoxButtons.OKCancel, MessageBoxIcon.Information, MessageBoxDefaultButton.Button1); } else { while (obj1.Read()) { textBox8.Text = obj1["userkey"].ToString(); } } con.Close(); string getkiwri = " SELECT userkey FROM [SeDaSc].[dbo].[access_rights_write] WHERE write_name = '" + comboBox2.Text + "' and group_id='" + comboBox3.Text + "'"; re1 = new SqlCommand(getkiwri, con); con.Open(); obj1 = re1.ExecuteReader(); if (!(obj1.HasRows)) { MessageBox.Show("There is no Write Access for the Current User ", "Secure Data Sharing in Cloud", MessageBoxButtons.OKCancel, MessageBoxIcon.Information, MessageBoxDefaultButton.Button1); textBox9.Enabled = false; } else { while (obj1.Read()) { textBox8.Text = obj1["userkey"].ToString(); } textBox9.Enabled = true; } con.Close(); FirebaseResponse response = await client.GetTaskAsync("Users/" + comboBox3.Text); Data results = response.ResultAs <Data>(); if (results.cipher != null) { textBox6.Text = results.cipher; } else { MessageBox.Show("There is no Data for the Current User ", "Secure Data Sharing in Cloud", MessageBoxButtons.OKCancel, MessageBoxIcon.Information, MessageBoxDefaultButton.Button1); } StringBuilder sb = new StringBuilder(); StringBuilder xv = new StringBuilder(); foreach (char c in textBox5.Text.ToCharArray()) { sb.Append(Convert.ToString(c, 2).PadLeft(8, '0')); } foreach (char c in textBox8.Text.ToCharArray()) { xv.Append(Convert.ToString(c, 2).PadLeft(8, '0')); } string binkey = sb.ToString(); string binkey2 = xv.ToString(); string userkey = ""; for (int i = 0; i < binkey.Length; i++) { char x; char y = binkey[i]; char z = binkey2[i]; x = (char)(binkey[i] ^ binkey2[i]); if (x == '\0') { x = '0'; } else { x = '1'; } userkey += x; } string temp = userkey; List <Byte> byteList = new List <Byte>(); for (int i = 0; i < userkey.Length; i += 8) { byteList.Add(Convert.ToByte(userkey.Substring(i, 8), 2)); } AesManaged aes = new AesManaged(); textBox7.Text = Encoding.ASCII.GetString(byteList.ToArray()); string ciphers = textBox6.Text; byte[] bytes = Encoding.UTF8.GetBytes(ciphers); textBox9.Text = results.file.ToString(); } catch (Exception ex) { MessageBox.Show(ex.ToString()); } }
private byte[] MakeSecret() { byte[] secret = new byte[16]; new Random().NextBytes(secret); aes = new AesManaged(); aes.Key = secret; aes.IV = secret; return secret; }
public static void VerifyDefaults() { using (var alg = new AesManaged()) { Assert.Equal(128, alg.BlockSize); Assert.Equal(256, alg.KeySize); Assert.Equal(CipherMode.CBC, alg.Mode); Assert.Equal(PaddingMode.PKCS7, alg.Padding); } }
static void Main(string[] args) { if (args == null || args.Length < 1 || (args[0].ToLower() != "e" && args[0].ToLower() != "d")) { Console.Error.WriteLine("Usage:"); Console.Error.WriteLine(" To encrypt: AesCrypt.exe e <file path>"); Console.Error.WriteLine(" To decrypt: AesCrypt.exe d <file path> <iv> <key>"); return; } if (args[0].ToLower() == "e") { // ENCRYPTION if (args.Length < 2) { Console.Error.WriteLine("Usage: AesCrypt.exe e <file path>"); } string fileToEncrypt = args[1]; FileInfo inpFile = new FileInfo(fileToEncrypt); if (!inpFile.Exists) { Console.Error.WriteLine("File does not exist"); return; } byte[] fileName = Encoding.UTF8.GetBytes(inpFile.FullName); string rootDir = Path.GetDirectoryName(fileToEncrypt); string randomName = Guid.NewGuid().ToString("N"); string tempName = Path.Combine(rootDir, randomName); string finalHash; if (File.Exists(tempName)) { Console.Error.WriteLine("ERROR: temporary file exists, wtf how does that even happen"); return; } using (FileStream inp = File.Open(fileToEncrypt, FileMode.Open, FileAccess.Read, FileShare.Read)) using (FileStream oup = File.Create(tempName)) using (AesManaged enc = new AesManaged()) { enc.KeySize = 256; enc.Mode = CipherMode.CBC; enc.GenerateIV(); enc.GenerateKey(); SHA512Managed originalHash = new SHA512Managed(); originalHash.Initialize(); SHA512Managed cryptedHash = new SHA512Managed(); using (CryptoStream hashStream = new CryptoStream(oup, cryptedHash, CryptoStreamMode.Write)) using (CryptoStream cs = new CryptoStream(hashStream, enc.CreateEncryptor(), CryptoStreamMode.Write)) { // crypted file structure: {name length x2}{full file name}{data length x8}{data}{sha512 hash of data x64} byte[] lenFileName = BitConverter.GetBytes((ushort)fileName.Length); cs.Write(lenFileName, 0, lenFileName.Length); cs.Write(fileName, 0, fileName.Length); byte[] fileSizeBits = BitConverter.GetBytes(inpFile.Length); cs.Write(fileSizeBits, 0, fileSizeBits.Length); byte[] data = new byte[64 * 1024]; int bytesRead; long bytesHashed = 0; do { // pull data from original file bytesRead = inp.Read(data, 0, data.Length); // send it to crypted stream cs.Write(data, 0, bytesRead); // also hash it for decryption verification purposes bytesHashed += originalHash.TransformBlock(data, 0, bytesRead, data, 0); } while (bytesRead > 0); // write original hash into crypted file so we can verify it after decryption originalHash.TransformFinalBlock(data, 0, 0); cs.Write(originalHash.Hash, 0, originalHash.Hash.Length); } finalHash = Base32.ToBase32String(cryptedHash.Hash); string iv = Convert.ToBase64String(enc.IV); string key = Convert.ToBase64String(enc.Key); Console.Out.WriteLine("{0} {1} {2}", finalHash, iv, key); } File.Move(tempName, Path.Combine(rootDir, finalHash)); } else { // DECRYPTION if (args.Length < 4) { Console.Error.WriteLine("Usage: AesCrypt.exe d <file path> <iv> <key>"); return; } FileInfo encFile = new FileInfo(args[1]); if (!encFile.Exists) { Console.Error.WriteLine("File does not exist"); return; } byte[] iv = Convert.FromBase64String(args[2]); if (iv == null || iv.Length < 1) { Console.Error.WriteLine("ERROR: invalid iv"); return; } byte[] key = Convert.FromBase64String(args[3]); if (key == null || key.Length < 1) { Console.Error.WriteLine("ERROR: invalid key"); return; } using (FileStream inp = encFile.OpenRead()) using (AesManaged aes = new AesManaged()) { aes.KeySize = 256; aes.Mode = CipherMode.CBC; aes.IV = iv; aes.Key = key; using (CryptoStream cs = new CryptoStream(inp, aes.CreateDecryptor(), CryptoStreamMode.Read)) { // crypted file structure: {name length x4}{full file name}{data length x8}{data}{sha512 hash of data x64} byte[] nameLengthBits = new byte[2]; if (cs.Read(nameLengthBits, 0, 2) != 2) { Console.Error.WriteLine("ERROR: Failed reading file name size"); return; } ushort nameLength = BitConverter.ToUInt16(nameLengthBits, 0); byte[] originalName = new byte[nameLength]; if (cs.Read(originalName, 0, nameLength) != nameLength) { Console.Error.WriteLine("ERROR: Failed reading file name"); return; } string fileName = Encoding.UTF8.GetString(originalName); byte[] dataLengthBits = new byte[8]; if (cs.Read(dataLengthBits, 0, dataLengthBits.Length) != dataLengthBits.Length) { Console.Error.WriteLine("ERROR: Failed reading data length"); return; } long dataLength = BitConverter.ToInt64(dataLengthBits, 0); string outputFileName = Path.Combine(Directory.GetCurrentDirectory(), Path.GetFileName(fileName)); if (File.Exists(outputFileName)) { Console.Error.WriteLine("ERROR: '{0}' already exists, exiting", outputFileName); return; } Console.Out.WriteLine("Decrypting what was originally called '{0}' ({1:N0} bytes)", fileName, dataLength); byte[] decryptedHash; long totalRead = 0; using (FileStream outputStream = new FileStream(outputFileName, FileMode.CreateNew, FileAccess.Write, FileShare.Read)) using (SHA512Managed hasher = new SHA512Managed()) { byte[] buffer = new byte[ReadBufferSize]; long bytesRemaining = dataLength; while (bytesRemaining > 0) { int readingThisRound = ReadBufferSize < bytesRemaining ? ReadBufferSize : (int)bytesRemaining; int bytesRead = cs.Read(buffer, 0, readingThisRound); totalRead += bytesRead; // dump decrypted data to file outputStream.Write(buffer, 0, bytesRead); // run it through the grinder for verification later int hashProgress = hasher.TransformBlock(buffer, 0, bytesRead, buffer, 0); Debug.Assert(hashProgress == bytesRead, "Hash calculation out of whack with file IO, wtf is going on"); bytesRemaining -= bytesRead; } hasher.TransformFinalBlock(buffer, 0, 0); decryptedHash = hasher.Hash; } byte[] originalHashBits = new byte[64]; if (cs.Read(originalHashBits, 0, originalHashBits.Length) != originalHashBits.Length) { Console.Error.WriteLine("ERROR: Failed reading verification hash, encrypted file is corrupted!"); return; } if (originalHashBits.SequenceEqual(decryptedHash)) { Console.Out.WriteLine("Successfully decrypted '{0}'", outputFileName); } else { Console.Out.WriteLine("Decryption FAIL"); } } } } }
/// <summary> /// Decrypt with password. The stream must be navigatable. /// </summary> public static Stream DecryptWithPassword(Stream stream, string password, int nonSecretPayloadLength = 0) { const int ivLength = BlockBitSize / 8; var cryptSalt = new byte[SaltBitSize]; var authSalt = new byte[SaltBitSize]; var streamStartPosition = stream.Position; // grab Salt from Non-Secret Payload if (nonSecretPayloadLength != 0) { stream.Position = streamStartPosition + nonSecretPayloadLength; } stream.Read(cryptSalt, 0, SaltBitSize); stream.Read(authSalt, 0, SaltBitSize); // grab IV from message var iv = new byte[ivLength]; stream.Read(iv, 0, ivLength); byte[] cryptKey; byte[] authKey; // generate crypt key using (var generator = new Rfc2898DeriveBytes(password, cryptSalt, Iterations)) { cryptKey = generator.GetBytes(KeyBitSize); } // generate auth key using (var generator = new Rfc2898DeriveBytes(password, authSalt, Iterations)) { authKey = generator.GetBytes(KeyBitSize); } using (var hmac = new HMACSHA256(authKey)) { int sentTagLength = hmac.HashSize / 8; // if message length is to small just return null if (stream.Length - streamStartPosition < sentTagLength + nonSecretPayloadLength + ivLength) { throw new CryptographicException("Insufficient bytes in stream."); } // get the number of encrypted bytes that constitute the message int count = (int)(stream.Length - streamStartPosition - sentTagLength - nonSecretPayloadLength - ivLength - SaltBitSize - SaltBitSize); byte[] tagContent = BufferCache.Get(count); // read the bytes required for the tag hash count = stream.Read(tagContent, 0, count); // calculate the tag hash byte[] calcTag = hmac.ComputeHash(tagContent, 0, count); // read sent tag stream.Read(tagContent, 0, sentTagLength); // compare tag with constant time comparison var compare = 0; for (var i = 0; i < sentTagLength; ++i) { compare |= tagContent[i] ^ calcTag[i]; } BufferCache.Set(tagContent); // if message doesn't authenticate, throw if (compare != 0) { throw new CryptographicException("Data hash was not correct."); } using (var aes = new AesManaged { Key = cryptKey, IV = iv, BlockSize = BlockBitSize, Mode = CipherMode.CBC, Padding = PaddingMode.Zeros }) { // create a memory stream for the decrypted bytes var decrypted = new MemoryStream(); using (var decrypter = aes.CreateDecryptor()) { var decrypterStream = new CryptoStream(decrypted, decrypter, CryptoStreamMode.Write); byte[] buffer = BufferCache.Get(); // move to the start of the encrypted data stream.Position = streamStartPosition + nonSecretPayloadLength + SaltBitSize + SaltBitSize + ivLength; // determine the bytes to be written to the decrypter stream int remaining = (int)(stream.Length - stream.Position - sentTagLength); // read the first buffer from the stream count = stream.Read(buffer, 0, remaining > Global.BufferSizeLocal ? Global.BufferSizeLocal : remaining); // while the buffer is full while (count == Global.BufferSizeLocal) { // decrement the remaining bytes remaining -= count; // write the buffer decrypterStream.Write(buffer, 0, count); // read a new buffer count = stream.Read(buffer, 0, Global.BufferSizeLocal); } // if the stream ended prematurely, throw if (count != remaining) { throw new EndOfStreamException(); } // write final buffer decrypterStream.Write(buffer, 0, count); BufferCache.Set(buffer); // flush the decryption stream decrypterStream.FlushFinalBlock(); // set the decrpted memory stream position decrypted.Position = 0; // return the decrypted stream return(decrypted); } } } }
private async static Task File(string inFile, string outFile, RSACryptoServiceProvider key) { using (AesManaged aesManaged = new AesManaged()) { // Create instance of AesManaged for // symetric encryption of the data. aesManaged.KeySize = 256; aesManaged.BlockSize = 128; aesManaged.Mode = CipherMode.CBC; using (ICryptoTransform transform = aesManaged.CreateEncryptor()) { RSAPKCS1KeyExchangeFormatter keyFormatter = new RSAPKCS1KeyExchangeFormatter(key); byte[] keyEncrypted = keyFormatter.CreateKeyExchange(aesManaged.Key, aesManaged.GetType()); // Create byte arrays to contain // the length values of the key and IV. byte[] LenK = new byte[4]; byte[] LenIV = new byte[4]; int lKey = keyEncrypted.Length; LenK = BitConverter.GetBytes(lKey); int lIV = aesManaged.IV.Length; LenIV = BitConverter.GetBytes(lIV); // Write the following to the FileStream // for the encrypted file (outFs): // - length of the key // - length of the IV // - ecrypted key // - the IV // - the encrypted cipher content using (FileStream outFs = new FileStream(outFile, FileMode.Create)) { await outFs.WriteAsync(LenK, 0, 4); await outFs.WriteAsync(LenIV, 0, 4); await outFs.WriteAsync(keyEncrypted, 0, lKey); await outFs.WriteAsync(aesManaged.IV, 0, lIV); // Now write the cipher text using // a CryptoStream for encrypting. using (CryptoStream outStreamEncrypted = new CryptoStream(outFs, transform, CryptoStreamMode.Write)) { // By encrypting a chunk at // a time, you can save memory // and accommodate large files. int count = 0; int offset = 0; // blockSizeBytes can be any arbitrary size. int blockSizeBytes = aesManaged.BlockSize / 8; byte[] data = new byte[blockSizeBytes]; int bytesRead = 0; using (FileStream inFs = new FileStream(inFile, FileMode.Open)) { do { count = await inFs.ReadAsync(data, 0, blockSizeBytes); offset += count; await outStreamEncrypted.WriteAsync(data, 0, count); bytesRead += blockSizeBytes; }while (count > 0); } } } } } }
internal AesDecryptionResult DecryptWithMemoryStream(byte[] encryptedData, byte[] key = null, byte[] IV = null, CipherMode cipherMode = CipherMode.CBC, PaddingMode paddingMode = PaddingMode.PKCS7) { if (encryptedData == null || encryptedData.Length == 0) { return(new AesDecryptionResult() { Success = false, Message = MessageStrings.Decryption_InputRequired }); } _key = key ?? _key; _IV = IV ?? _IV; if (_key == null) { return(new AesDecryptionResult() { Success = false, Message = MessageStrings.Decryption_NullKeyError }); } if (_IV == null) { return(new AesDecryptionResult() { Success = false, Message = MessageStrings.Decryption_NullIVError }); } byte[] decryptedData = null; try { using (var aesManaged = new AesManaged()) { if (aesManaged.ValidKeySize((_key.Length * 8))) { aesManaged.Key = _key; } else { return(new AesDecryptionResult() { Success = false, Message = $"{MessageStrings.Common_InvalidKeySizeError} ({(_key.Length * 8)})." }); } aesManaged.IV = _IV; aesManaged.Mode = cipherMode; aesManaged.Padding = paddingMode; using (var decryptor = aesManaged.CreateDecryptor(_key, _IV)) { using (var ms = new MemoryStream()) { using (var cs = new CryptoStream(ms, decryptor, CryptoStreamMode.Write)) { using (var bw = new BinaryWriter(cs)) { bw.Write(encryptedData); } } decryptedData = ms.ToArray(); } } } } catch (Exception ex) { return(new AesDecryptionResult() { Success = false, Message = $"{MessageStrings.Decryption_ExceptionError}\n{ex.ToString()}" }); } return(new AesDecryptionResult() { Success = true, Message = MessageStrings.Decryption_DecryptSuccess, DecryptedDataBytes = decryptedData, DecryptedDataString = System.Text.Encoding.UTF8.GetString(decryptedData), Key = _key, IV = _IV, AesCipherMode = (AesCipherMode)cipherMode, PaddingMode = paddingMode }); }
/// <summary> /// Encrypts a JSON representation of a UserData object using AES128-CBC with a 16-bit SHA1 salted hash key. /// Returns a Base64 String containing the encrypted JSON pre-pended with the initialization vector (IV) used in the encryption. /// </summary> /// <param name="user_data">The UserData object to be encrypted.</param> /// <returns></returns> protected static string EncryptData(UserData user_data) { // Using byte arrays instead of strings byte[] encrypted; byte[] saltedHash; byte[] bIV = new byte[16]; // 16-byte initialization vector as a byte array. byte[] bJsonUserData; /* Uncomment to enable decrypting for debugging/testing byte[] decrypted = null; */ // Encode the user_data object into a JSON string JavaScriptSerializer s = new JavaScriptSerializer(); string json_data = s.Serialize(user_data); bJsonUserData = Encoding.ASCII.GetBytes(json_data); // Generate a random initialization vector RNGCryptoServiceProvider rng = new RNGCryptoServiceProvider(); rng.GetBytes(bIV); // Use an AesManaged object to do the encryption using (AesManaged aesAlg = new AesManaged()) { aesAlg.IV = bIV; aesAlg.KeySize = 128; // Create the 16-byte salted hash SHA1 sha1 = SHA1.Create(); saltedHash = sha1.ComputeHash(Encoding.ASCII.GetBytes(api_key + site_key), 0, (api_key + site_key).Length); // Trim saltedHash to 16 bytes. Array.Resize(ref saltedHash, 16); // Use salted has as the AES key. aesAlg.Key = saltedHash; // Encrypt using the AES Managed object ICryptoTransform encryptor = aesAlg.CreateEncryptor(); using (MemoryStream msEncrypt = new MemoryStream()) { using (CryptoStream csEncrypt = new CryptoStream(msEncrypt, encryptor, CryptoStreamMode.Write)) { csEncrypt.Write(bJsonUserData, 0, bJsonUserData.Length); csEncrypt.FlushFinalBlock(); } encrypted = msEncrypt.ToArray(); } /* * Uncomment to enable decrypting for debugging/testing * // Decrypt using AES Managed object ICryptoTransform decryptor = aesAlg.CreateDecryptor(); using (MemoryStream msDecrypt = new MemoryStream()) { using (CryptoStream csDecrypt = new CryptoStream(msDecrypt, decryptor, CryptoStreamMode.Write)) { csDecrypt.Write(encrypted, 0, encrypted.Length); csDecrypt.FlushFinalBlock(); } decrypted = msDecrypt.ToArray(); } string decryptedString = Encoding.ASCII.GetString(decrypted); */ } // Pre-pend the encrypted data with the IV. byte[] ivPlusEncrypted = bIV.Concat(encrypted).ToArray(); // Return the Base64-encoded encrypted data string encryptedBase64 = Convert.ToBase64String(ivPlusEncrypted, Base64FormattingOptions.None); return encryptedBase64; }
internal AesEncryptionResult EncryptWithFileStream(string sourceFilePath, string encryptedFilePath, byte[] key = null, byte[] IV = null, CipherMode cipherMode = CipherMode.CBC, PaddingMode paddingMode = PaddingMode.PKCS7, bool deleteSourceFile = false, int kBbufferSize = 4) { if (!File.Exists(sourceFilePath)) { return(new AesEncryptionResult() { Success = false, //Message = $"{MessageStrings.Common_FileNotFound} \"{sourceFilePath}\"." Message = $"{MessageStrings.Common_FileNotFound} \"{sourceFilePath}\"." }); } if (string.IsNullOrWhiteSpace(encryptedFilePath)) { return(new AesEncryptionResult() { Success = false, Message = MessageStrings.Encryption_EncryptedFilePathError }); } var destinationDirectory = Path.GetDirectoryName(encryptedFilePath); if (!Directory.Exists(destinationDirectory)) { return(new AesEncryptionResult() { Success = false, Message = $"{MessageStrings.Encryption_DestinationDirectoryNotFound} \"{destinationDirectory}\"." }); } _key = key ?? _key; _IV = IV ?? _IV; var pathsEqual = encryptedFilePath.Equals(sourceFilePath, StringComparison.InvariantCultureIgnoreCase); try { using (var aesManaged = new AesManaged()) { if (_key == null) { aesManaged.GenerateKey(); _key = aesManaged.Key; } else { if (aesManaged.ValidKeySize((_key.Length * 8))) { aesManaged.Key = _key; } else { return(new AesEncryptionResult() { Success = false, Message = $"{MessageStrings.Common_InvalidKeySizeError} ({(_key.Length * 8)})." }); } } if (_IV == null || _IV.Length == 0) { aesManaged.GenerateIV(); _IV = aesManaged.IV; } else { aesManaged.IV = _IV; } aesManaged.Mode = cipherMode; aesManaged.Padding = paddingMode; using (var encryptor = aesManaged.CreateEncryptor(_key, _IV)) { using (var sourceFs = File.Open(sourceFilePath, FileMode.Open, FileAccess.Read, FileShare.Read)) { using (var encryptedFs = File.Open((pathsEqual ? encryptedFilePath + "_tmpcrypt" : encryptedFilePath), FileMode.Create, FileAccess.Write, FileShare.None)) { using (var cs = new CryptoStream(encryptedFs, encryptor, CryptoStreamMode.Write)) { //plain.CopyTo(cs); var buffer = new byte[kBbufferSize * 1024]; int read; var percentageDone = 0; while ((read = sourceFs.Read(buffer, 0, buffer.Length)) > 0) { cs.Write(buffer, 0, read); var tmpPercentageDone = (int)(sourceFs.Position * 100 / sourceFs.Length); if (tmpPercentageDone != percentageDone) { percentageDone = tmpPercentageDone; RaiseOnEncryptionProgress(percentageDone, (percentageDone != 100 ? $"Encrypting ({percentageDone}%)..." : $"Encrypted ({percentageDone}%).")); } } } } } } } if (pathsEqual) { CommonMethods.ClearFileAttributes(sourceFilePath); // set "Normal" FileAttributes to avoid erros while trying to delete the file below File.Delete(sourceFilePath); File.Move(encryptedFilePath + "_tmpcrypt", encryptedFilePath); } if (deleteSourceFile && !pathsEqual) { CommonMethods.ClearFileAttributes(sourceFilePath); // set "Normal" FileAttributes to avoid erros while trying to delete the file below File.Delete(sourceFilePath); } //var message = $"File \"{sourceFilePath}\" successfully encrypted to \"{encryptedFilePath}\"."; var message = string.Format(MessageStrings.Encryption_FileEncryptSuccess, sourceFilePath, encryptedFilePath); message += (deleteSourceFile && !pathsEqual ? $"\n{string.Format(MessageStrings.Encryption_FileDeleted, sourceFilePath)}" : ""); return(new AesEncryptionResult() { Success = true, Message = message, Key = _key, IV = _IV, AesCipherMode = (AesCipherMode)cipherMode, PaddingMode = paddingMode }); } catch (Exception ex) { return(new AesEncryptionResult() { Success = false, Message = $"{MessageStrings.Encryption_ExceptionError}\n{ex.ToString()}" }); } }
private static void TryECMA376() { byte[] salt = new byte[] { 0x30, 0x3A, 0x39, 0x9E, 0x02, 0xB6, 0x66, 0x71, 0xA9, 0xEA, 0xDB, 0x17, 0x0C, 0xA6, 0xDF, 0x24 }; byte[] pwd = Encoding.Unicode.GetBytes("123"); byte[] tmp = H(salt, pwd); for (int i = 0; i < 50000; i++) { byte[] tmpI = BitConverter.GetBytes(i); tmp = H(tmpI, tmp); } tmp = H(tmp, BitConverter.GetBytes(0)); SHA1Managed sha = new SHA1Managed(); byte[] XorBuff = new byte[64]; for (int i = 0; i < XorBuff.Length; i++) { XorBuff[i] = 0x36; } for (int i = 0; i < tmp.Length; i++) { XorBuff[i] ^= tmp[i]; } tmp = sha.ComputeHash(XorBuff); byte[] key = new byte[16]; Array.Copy(tmp, key, 16); byte[] pwdVerifier = new byte[] { 0x0A, 0x3A, 0xD5, 0x44, 0x17, 0xAB, 0x9B, 0x26, 0xA7, 0xFC, 0x65, 0xFE, 0x2F, 0x77, 0xDD, 0xA0 }; byte[] pwdVerifierHash = new byte[] { 0x29, 0x0E, 0x48, 0xC6, 0x26, 0xA8, 0x72, 0x3B, 0xA2, 0xCF, 0x3F, 0x6A, 0x9B, 0x3A, 0x94, 0xB8, 0x59, 0x7A, 0x8E, 0xCE, 0xB5, 0x55, 0xE9, 0x15, 0x06, 0x89, 0xCD, 0x9C, 0xDA, 0x6C, 0x39, 0x31 }; AesManaged aes = new AesManaged(); aes.Mode = CipherMode.ECB; aes.KeySize = 128; aes.Key = key; aes.Padding = PaddingMode.None; ICryptoTransform ict = aes.CreateDecryptor(); ICryptoTransform ict2 = aes.CreateDecryptor(); byte[] pwdVerifierDec; byte[] pwdVerifierHashDec; pwdVerifierDec = ict.TransformFinalBlock(pwdVerifier, 0, pwdVerifier.Length); pwdVerifierHashDec = ict.TransformFinalBlock(pwdVerifierHash, 0, pwdVerifierHash.Length); //pwdVerifierDec = new byte[16]; //pwdVerifierHashDec = new byte[32]; //ict.TransformBlock(pwdVerifier, 0, pwdVerifier.Length, pwdVerifierDec, 0); //ict2.TransformBlock(pwdVerifierHash, 0, 32, pwdVerifierHashDec, 0); //ict2.TransformBlock(pwdVerifierHash, 16, 16, pwdVerifierHashDec, 16); pwdVerifierDec = sha.ComputeHash(pwdVerifierDec); for (int i = 0; i < pwdVerifierDec.Length; i++) { if (pwdVerifierDec[i] != pwdVerifierHashDec[i]) { Console.WriteLine("Oh, NO!!!!!!!!!!!!!!!"); return; } } Console.WriteLine("Yahooooooooooooo~~~~~"); FileStream fs = File.OpenRead("C:\\Users\\Administrator\\Desktop\\加密\\EncryptedPackage"); byte[] encPak = new byte[fs.Length]; fs.Read(encPak, 0, encPak.Length); byte[] decPak = new byte[fs.Length]; fs.Close(); decPak = ict2.TransformFinalBlock(encPak, 8, encPak.Length - 8); FileStream fso = File.Create("C:\\Users\\Administrator\\Desktop\\加密\\yeah.zip"); fso.Write(decPak, 0, decPak.Length); fso.Close(); }
internal AesDecryptionResult DecryptWithFileStream(string encryptedFilePath, string decryptedFilePath, byte[] key, byte[] IV, CipherMode cipherMode = CipherMode.CBC, PaddingMode paddingMode = PaddingMode.PKCS7, bool deleteEncryptedFile = false, int kBbufferSize = 4, long startPosition = 0, long endPosition = 0) { if (!File.Exists(encryptedFilePath)) { return(new AesDecryptionResult() { Success = false, Message = $"{MessageStrings.Decryption_EncryptedFileNotFound} \"{encryptedFilePath}\"." }); } if (string.IsNullOrWhiteSpace(decryptedFilePath)) { return(new AesDecryptionResult() { Success = false, Message = MessageStrings.Decryption_DecryptedFilePathError }); } var destinationDirectory = Path.GetDirectoryName(decryptedFilePath); if (!Directory.Exists(destinationDirectory)) { return(new AesDecryptionResult() { Success = false, Message = $"{MessageStrings.Encryption_DestinationDirectoryNotFound} \"{destinationDirectory}\"." }); } _key = key ?? _key; _IV = IV ?? _IV; if (_key == null) { return(new AesDecryptionResult() { Success = false, Message = MessageStrings.Decryption_NullKeyError }); } if (_IV == null) { return(new AesDecryptionResult() { Success = false, Message = MessageStrings.Decryption_NullIVError }); } if (endPosition < startPosition) { return(new AesDecryptionResult() { Success = false, Message = string.Format(MessageStrings.Decryption_EndPositionLessThanStartError, endPosition, startPosition) }); } var pathsEqual = decryptedFilePath.Equals(encryptedFilePath, StringComparison.InvariantCultureIgnoreCase); try { using (var aesManaged = new AesManaged()) { aesManaged.Key = _key; aesManaged.IV = _IV; aesManaged.Mode = cipherMode; aesManaged.Padding = paddingMode; using (var decryptedFs = File.Open((pathsEqual ? decryptedFilePath + "_tmpdecrypt" : decryptedFilePath), FileMode.Create, FileAccess.Write, FileShare.None)) { using (var encryptedFs = File.Open(encryptedFilePath, FileMode.Open, FileAccess.Read, FileShare.Read)) { encryptedFs.Position = startPosition; using (var decryptor = aesManaged.CreateDecryptor(_key, _IV)) { using (var cs = new CryptoStream(decryptedFs, decryptor, CryptoStreamMode.Write)) { //encrypted.CopyTo(cs); var buffer = new byte[kBbufferSize * 1024]; var totalBytesToRead = ((endPosition == 0 ? encryptedFs.Length : endPosition) - startPosition); var totalBytesNotRead = totalBytesToRead; long totalBytesRead = 0; var percentageDone = 0; while (totalBytesNotRead > 0) { var bytesRead = encryptedFs.Read(buffer, 0, (int)Math.Min(buffer.Length, totalBytesNotRead)); if (bytesRead > 0) { cs.Write(buffer, 0, bytesRead); totalBytesRead += bytesRead; totalBytesNotRead -= bytesRead; var tmpPercentageDone = (int)(totalBytesRead * 100 / totalBytesToRead); if (tmpPercentageDone != percentageDone) { percentageDone = tmpPercentageDone; RaiseOnDecryptionProgress(percentageDone, (percentageDone != 100 ? $"Decrypting ({percentageDone}%)..." : $"Decrypted ({percentageDone}%).")); } } } } } } } } if (pathsEqual) { CommonMethods.ClearFileAttributes(encryptedFilePath); // set "Normal" FileAttributes to avoid erros while trying to delete the file below File.Delete(encryptedFilePath); File.Move(decryptedFilePath + "_tmpdecrypt", decryptedFilePath); } if (deleteEncryptedFile && !pathsEqual) { CommonMethods.ClearFileAttributes(encryptedFilePath); // set "Normal" FileAttributes to avoid erros while trying to delete the file below File.Delete(encryptedFilePath); } var message = string.Format(MessageStrings.Decryption_FileDecryptSuccess, encryptedFilePath, decryptedFilePath); message += (deleteEncryptedFile && !pathsEqual ? $"\n{string.Format(MessageStrings.Encryption_FileDeleted, encryptedFilePath)}" : ""); return(new AesDecryptionResult() { Success = true, Message = message, Key = _key, IV = _IV, AesCipherMode = (AesCipherMode)cipherMode, PaddingMode = paddingMode }); } catch (Exception ex) { return(new AesDecryptionResult() { Success = false, Message = $"{MessageStrings.Decryption_ExceptionError}\n{ex.ToString()}" }); } }
//public byte[] ImageToByte(var img) //{ // ImageConverter converter = new ImageConverter(); // return (byte[])converter.ConvertTo(img, typeof(byte[])); //} protected void Button1_Click(object sender, EventArgs e) { //txtArt.Text = "49/02/657/17"; //txtLabNum.Text = "1011805939"; //txtArtSiteCode.Text = "159"; //ARTNumber:49/02/657/17#LabNumber:1011805939#FacilityARTCode:159# QrCodeEncodingOptions options = new QrCodeEncodingOptions(); options = new QrCodeEncodingOptions { DisableECI = true, CharacterSet = "UTF-8", Width = 250, Height = 250, }; var writer = new BarcodeWriter(); writer.Format = BarcodeFormat.QR_CODE; writer.Options = options; if (String.IsNullOrWhiteSpace(txtArt.Text) || String.IsNullOrEmpty(txtArt.Text)) { Image1.ImageUrl = null; //MessageBox.Show("Text not found", "Oops!", MessageBoxButtons.OK, MessageBoxIcon.Error); } else { string str = string.Format("ARTNumber:{0}#LabNumber:{1}#FacilityARTCode:{2}", txtArt.Text.Trim(), txtLabNum.Text.Trim(), txtArtSiteCode.Text.Trim()); //Ssymmetric encrypt //str = EncryptText(Encoding.UTF8.GetBytes(Encoding.UTF8.GetBytes(publicKey), str).ToString(); //str = Crypto.RSA.Encrypt(str, publicKey, publicKey.Length); //Symmetric SymmetricAlgorithm aes = new AesManaged(); //aes.Key = System.Text.Encoding.ASCII.GetBytes("LHrp5lJWt9LjIfpfDX1ppojT8lA4t0eS"); aes.Key = System.Text.Encoding.ASCII.GetBytes("4WDbnOXpNiyzFcOOx0qpMftfeYS1xAxa"); //str = EncryptText(aes, str).ToString(); //string decryptedText = DecryptData(aes, Encoding.ASCII.GetBytes(str)); var qr = new ZXing.BarcodeWriter(); qr.Options = options; qr.Format = ZXing.BarcodeFormat.QR_CODE; var result = new Bitmap(qr.Write(str)); ImageConverter converter = new ImageConverter(); byte[] arr = (byte[])converter.ConvertTo(result, typeof(byte[])); Image1.ImageUrl = "data:image/png;base64," + Convert.ToBase64String(arr); //Image = (Image)result; //txtArt.Text = txtLabNum.Text = txtArtSiteCode.Text = string.Empty; } #region Symmetric //// Create a new instance of the AES algorithm //SymmetricAlgorithm aes = new AesManaged(); //byte[] key = aes.Key; // Key propery contains the key of the aes algorithm you can create your own //Console.WriteLine("Enter your message here to encrypt:"); //string message = Console.ReadLine(); //// Call the encryptText method to encrypt the a string and save the result to a file //EncryptText(aes, message, "encryptedData.dat"); //// Call the decryptData method to get the encrypted text from the file and print it ////Console.WriteLine("Decrypted message: {0}", DecryptData(aes, "encryptedData.dat")); //#endregion //#region Asymmetric //RSACryptoServiceProvider rsa = new RSACryptoServiceProvider(); //// Get the public keyy //string publicKey = rsa.ToXmlString(false); // false to get the public key //string privateKey = rsa.ToXmlString(true); // true to get the private key //// Call the encryptText method //EncryptText(publicKey, "Hello from C# Corner", "encryptedData.dat"); // Call the decryptData method and print the result on the screen //Console.WriteLine("Decrypted message: {0}", DecryptData(privateKey, "encryptedData.dat")); #endregion #region Asymmetric // Create an instance of the RSA algorithm class RSACryptoServiceProvider rsa = new RSACryptoServiceProvider(); // Get the public key //string publicKey = rsa.ToXmlString(false); // false to get the public key //string privateKey = rsa.ToXmlString(true); // true to get the private key //string publicKey = "<RSAKeyValue><Modulus>sDW7Ll/LHrp5lJWt9LjIfpfDX1ppojTelErotud4sAafaMg0pA4t0eSvE2+XTu83+tgHKDDUfc483DkGxfEoR1AJNs9utiHiKcRIN/YBk8suxQNJvpUg6oYrqtf5EYkC8+DzfbzAo7BCk7aGkElyNfefDu6oGSbiDZ4KE6RE+CU=</Modulus><Exponent>AQAB</Exponent></RSAKeyValue>"; //string privateKey = "<RSAKeyValue><Modulus>sDW7Ll/LHrp5lJWt9LjIfpfDX1ppojTelErotud4sAafaMg0pA4t0eSvE2+XTu83+tgHKDDUfc483DkGxfEoR1AJNs9utiHiKcRIN/YBk8suxQNJvpUg6oYrqtf5EYkC8+DzfbzAo7BCk7aGkElyNfefDu6oGSbiDZ4KE6RE+CU=</Modulus><Exponent>AQAB</Exponent><P>4WDbnOXpNiyzFcOOx0qpMftfeYS1xAxarINJMXbepvbVKlvhZqJrbw/6TMLXAQhWxokTt1cH3SCKs/szwWc/9w==</P><Q>yCawUnlmATg4orOjs2FF6zHxTTv06FsCv14TpyvkYdzSzzPpNVFULXyUFiraQ+ehH3oUW9BKEXCQdq5CO9j5ww==</Q><DP>SwxUtM8+NCL4U1P2NFihNJqO9UkCudCfVPi2o7kAdTqWSu+jg+iru6TnZS4wKBDdzGiS3yck4DZY2YvZdRpriw==</DP><DQ>My3hbFVqhelQYho5Q8cdz9RHdY5dQ4TyIOj3cYnBrlx+80i820tekPsICtsOUMrL4nae+hM6vVbhOde5TABhbQ==</DQ><InverseQ>cNSU9f4ifrUKMRih3G8ZDwQSfjj9b9zNZuwWRDq4rAOTOac+2gb36yGAu4lzMkRm+kIH4KONJXhhkTx2bno1qg==</InverseQ><D>jEBIGxIt9uhPix9T1TwagQBEhinNeEkCfB/feG1mlxy+VsU7ePS8LZsKarrgQPiQovy9PZUYHIZB1LsjE/vtpPpxrNMoDy9GvlLjbKyNL0U8bQsdxBXxUkkBqXE5fcPzYUPsDBBoZIT31OeD/sZ07/hOEYLWzjqZ21BQL0tXsEU=</D></RSAKeyValue>"; // Call the encryptText method //byte[] encryptedData = EncryptText(publicKey, "Hello from C# Corner"); //string decryptedData = DecryptData(privateKey, encryptedData); // Call the decryptData method and print the result on the screen //Console.WriteLine("Decrypted message: {0}", DecryptData(privateKey, "encryptedData.dat")); #endregion }
internal AesEncryptionResult EncryptWithMemoryStream(byte[] sourceData, byte[] key = null, byte[] IV = null, CipherMode cipherMode = CipherMode.CBC, PaddingMode paddingMode = PaddingMode.PKCS7) { if (sourceData == null || sourceData.Length == 0) { return(new AesEncryptionResult() { Success = false, Message = MessageStrings.Encryption_InputRequired }); } _key = key ?? _key; _IV = IV ?? _IV; byte[] encryptedData = null; try { using (var aesManaged = new AesManaged()) { if (_key == null) { aesManaged.GenerateKey(); _key = aesManaged.Key; } else { if (aesManaged.ValidKeySize((_key.Length * 8))) { aesManaged.Key = _key; } else { return(new AesEncryptionResult() { Success = false, Message = $"{MessageStrings.Common_InvalidKeySizeError} ({(_key.Length * 8)})." }); } } if (_IV == null) { aesManaged.GenerateIV(); _IV = aesManaged.IV; } else { aesManaged.IV = _IV; } aesManaged.Mode = cipherMode; aesManaged.Padding = paddingMode; using (var encryptor = aesManaged.CreateEncryptor(_key, _IV)) { using (var ms = new MemoryStream()) { using (var cs = new CryptoStream(ms, encryptor, CryptoStreamMode.Write)) { using (var bw = new BinaryWriter(cs)) { bw.Write(sourceData); } } encryptedData = ms.ToArray(); } } } } catch (Exception ex) { return(new AesEncryptionResult() { Success = false, Message = $"{MessageStrings.Encryption_ExceptionError}\n{ex.ToString()}" }); } return(new AesEncryptionResult() { Success = true, Message = MessageStrings.Encryption_EncryptSuccess, EncryptedDataBytes = encryptedData, EncryptedDataBase64String = Convert.ToBase64String(encryptedData), Key = _key, IV = _IV, AesCipherMode = (AesCipherMode)cipherMode, PaddingMode = paddingMode }); }
public EncrptHandler() { this.aesM = new AesManaged(); }
public void CBC_Allowed() { using (var aes = new AesManaged()) { aes.Mode = CipherMode.CBC; } }
/// <summary>対称アルゴリズム暗号化サービスプロバイダ生成</summary> /// <param name="esa">EnumSymmetricAlgorithm</param> /// <param name="cm">CipherMode</param> /// <param name="pm">PaddingMode</param> /// <returns>SymmetricAlgorithm</returns> private SymmetricAlgorithm CreateSymmetricAlgorithm(EnumSymmetricAlgorithm esa, CipherMode cm, PaddingMode pm) { #region Constructor SymmetricAlgorithm sa = null; #region Aes if (esa.HasFlag(EnumSymmetricAlgorithm.AES_CSP)) { // AesCryptoServiceProviderサービスプロバイダ sa = AesCryptoServiceProvider.Create(); // devps(1703) } else if (esa.HasFlag(EnumSymmetricAlgorithm.AES_M)) { // AesManagedサービスプロバイダ sa = AesManaged.Create(); // devps(1703) } #if NET45 || NET46 #else else if (esa.HasFlag(EnumSymmetricAlgorithm.AES_CNG)) { // AesCngサービスプロバイダ sa = AesCng.Create(); // devps(1703) } #endif #endregion #region TripleDES else if (esa.HasFlag(EnumSymmetricAlgorithm.TDES_CSP)) { // TripleDESCryptoServiceProviderサービスプロバイダ sa = TripleDESCryptoServiceProvider.Create(); // devps(1703) } #if NET45 || NET46 #else else if (esa.HasFlag(EnumSymmetricAlgorithm.TDES_CNG)) { // TripleDESCngサービスプロバイダ sa = TripleDESCng.Create(); // devps(1703) } #endif #endregion #region Others else if (esa.HasFlag(EnumSymmetricAlgorithm.DES_CSP)) { // DESCryptoServiceProviderサービスプロバイダ sa = DESCryptoServiceProvider.Create(); // devps(1703) } else if (esa.HasFlag(EnumSymmetricAlgorithm.RC2_CSP)) { // RC2CryptoServiceProviderサービスプロバイダ sa = RC2CryptoServiceProvider.Create(); // devps(1703) } else if (esa.HasFlag(EnumSymmetricAlgorithm.Rijndael_M)) { // RijndaelManagedサービスプロバイダ sa = RijndaelManaged.Create(); // devps(1703) } #endregion else { throw new ArgumentException( PublicExceptionMessage.ARGUMENT_INCORRECT, "EnumSymmetricAlgorithm esa"); } #endregion #region Options // cmが設定されている場合。 if (cm != 0) { sa.Mode = cm; } // pmが設定されている場合。 if (pm != 0) { sa.Padding = pm; } #endregion return(sa); }
public void ECB_Allowed() { using (var aes = new AesManaged()) { aes.Mode = CipherMode.ECB; } }
/// <summary> /// Simple Encryption(AES) then Authentication (HMAC) for a UTF8 Message. /// </summary> /// <param name="secretMessage">The secret message.</param> /// <param name="cryptKey">The crypt key.</param> /// <param name="authKey">The auth key.</param> /// <param name="nonSecretPayload">(Optional) Non-Secret Payload.</param> /// <returns> /// Encrypted Message /// </returns> /// <remarks> /// Adds overhead of (Optional-Payload + BlockSize(16) + Message-Padded-To-Blocksize + HMac-Tag(32)) * 1.33 Base64 /// </remarks> public static byte[] SimpleEncrypt(byte[] secretMessage, byte[] cryptKey, byte[] authKey, byte[] nonSecretPayload = null) { //User Error Checks if (cryptKey == null || cryptKey.Length != KeyBitSize / 8) { throw new ArgumentException(String.Format("Key needs to be {0} bit!", KeyBitSize), "cryptKey"); } if (authKey == null || authKey.Length != KeyBitSize / 8) { throw new ArgumentException(String.Format("Key needs to be {0} bit!", KeyBitSize), "authKey"); } if (secretMessage == null || secretMessage.Length < 1) { throw new ArgumentException("Secret Message Required!", "secretMessage"); } //non-secret payload optional nonSecretPayload = nonSecretPayload ?? new byte[] { }; byte[] cipherText; byte[] iv; using (var aes = new AesManaged { KeySize = KeyBitSize, BlockSize = BlockBitSize, Mode = CipherMode.CBC, Padding = PaddingMode.PKCS7 }) { //Use random IV aes.GenerateIV(); iv = aes.IV; using (var encrypter = aes.CreateEncryptor(cryptKey, iv)) using (var cipherStream = new MemoryStream()) { using (var cryptoStream = new CryptoStream(cipherStream, encrypter, CryptoStreamMode.Write)) using (var binaryWriter = new BinaryWriter(cryptoStream)) { //Encrypt Data binaryWriter.Write(secretMessage); } cipherText = cipherStream.ToArray(); } } //Assemble encrypted message and add authentication using (var hmac = new HMACSHA256(authKey)) using (var encryptedStream = new MemoryStream()) { using (var binaryWriter = new BinaryWriter(encryptedStream)) { //Prepend non-secret payload if any binaryWriter.Write(nonSecretPayload); //Prepend IV binaryWriter.Write(iv); //Write Ciphertext binaryWriter.Write(cipherText); binaryWriter.Flush(); //Authenticate all data var tag = hmac.ComputeHash(encryptedStream.ToArray()); //Postpend tag binaryWriter.Write(tag); } return(encryptedStream.ToArray()); } }
public void ImportFile() { extensions = new string[] { "ced" }; var filePath = FileBrowser.OpenSingleFile("Open case file", Application.persistentDataPath, extensions); if (string.IsNullOrWhiteSpace(filePath)) { GlobalData.fileName = "[Import] Canceled"; Debug.Log("[Import] Canceled"); Cursor.visible = false; return; } XmlDocument xmlDoc = new XmlDocument(); try { string s = File.ReadAllText(filePath); print(s); xmlDoc.LoadXml(s); //This loads the locally saved file } catch (Exception) { string text = ""; AesManaged aes = new AesManaged(); ICryptoTransform decrypt = aes.CreateDecryptor(Encoding.UTF8.GetBytes(GlobalData.encryptionKey), Encoding.UTF8.GetBytes(GlobalData.encryptionIV)); using (FileStream fs = new FileStream(filePath, FileMode.Open)) { using (CryptoStream cs = new CryptoStream(fs, decrypt, CryptoStreamMode.Read)) { using (StreamReader sr = new StreamReader(cs)) { text = sr.ReadToEnd(); } } } //xmlDoc.LoadXml(DecryptStringFromBytes_Aes(GetBytesFromHex(s))); try { xmlDoc.LoadXml(text); } catch (XmlException xmlError) { Debug.LogWarning(xmlError.Message); return; } } XmlDocument subXmlDoc = new XmlDocument(); subXmlDoc.LoadXml(xmlDoc.DocumentElement.ChildNodes[0].OuterXml); string menuText = subXmlDoc.GetElementsByTagName("menu")[0].InnerText; string[] menuSplit = menuText.Split(new string[] { "--" }, StringSplitOptions.None); menuSplit[0] = GlobalData.accountId.ToString(); menuSplit[1] = "[CHECKFORDUPLICATE]" + menuSplit[1]; bool addCase = true; if (File.Exists(GameObject.Find("GaudyBG").GetComponent <ServerControls>().GetLocalSavesFolderPath() + menuSplit[1])) { addCase = false; } //Change the record number to avoid local conflicts or maybe remove that check for the menu menuText = string.Join("--", menuSplit); MenuCase m = new MenuCase(menuSplit); string savePathNoExtension = GameObject.Find("GaudyBG").GetComponent <ServerControls>().GetLocalSavesFolderPath() + m.filename.Remove(m.filename.Length - ".ced".Length); //Save local menu preview File.WriteAllText(savePathNoExtension + " menu.txt", menuText); //Save .ced File.WriteAllBytes(savePathNoExtension + ".ced", EncryptStringToBytes_Aes(xmlDoc.DocumentElement.ChildNodes[1].OuterXml)); //Save .cei File.WriteAllBytes(savePathNoExtension + ".cei", EncryptStringToBytes_Aes(xmlDoc.DocumentElement.ChildNodes[2].OuterXml)); if (addCase) { GameObject.Find("GaudyBG").GetComponent <ServerControls>().AddCase(m, true); } else { GameObject.Find("GaudyBG").GetComponent <LoginManager>().ShowMessage("Reimported case"); } }
public void PreAuthenticate(IRequest req, IResponse res) { if (req.OperationName != null && IgnoreForOperationTypes.Contains(req.OperationName)) { return; } var bearerToken = req.GetBearerToken() ?? req.GetCookieValue(Keywords.TokenCookie); if (bearerToken != null) { var parts = bearerToken.Split('.'); if (parts.Length == 3) { if (RequireSecureConnection && !req.IsSecureConnection) { throw HttpError.Forbidden(ErrorMessages.JwtRequiresSecureConnection); } var header = parts[0]; var payload = parts[1]; var signatureBytes = parts[2].FromBase64UrlSafe(); var headerJson = header.FromBase64UrlSafe().FromUtf8Bytes(); var payloadBytes = payload.FromBase64UrlSafe(); var headerData = headerJson.FromJson <Dictionary <string, string> >(); var bytesToSign = string.Concat(header, ".", payload).ToUtf8Bytes(); var algorithm = headerData["alg"]; //Potential Security Risk for relying on user-specified algorithm: https://auth0.com/blog/2015/03/31/critical-vulnerabilities-in-json-web-token-libraries/ if (RequireHashAlgorithm && algorithm != HashAlgorithm) { throw new NotSupportedException("Invalid algoritm '{0}', expected '{1}'".Fmt(algorithm, HashAlgorithm)); } if (!VerifyPayload(algorithm, bytesToSign, signatureBytes)) { return; } var payloadJson = payloadBytes.FromUtf8Bytes(); var jwtPayload = JsonObject.Parse(payloadJson); var session = CreateSessionFromPayload(req, jwtPayload); req.Items[Keywords.Session] = session; } else if (parts.Length == 5) //Encrypted JWE Token { if (RequireSecureConnection && !req.IsSecureConnection) { throw HttpError.Forbidden(ErrorMessages.JwtRequiresSecureConnection); } if (PrivateKey == null || PublicKey == null) { throw new NotSupportedException("PrivateKey is required to DecryptPayload"); } var jweHeaderBase64Url = parts[0]; var jweEncKeyBase64Url = parts[1]; var ivBase64Url = parts[2]; var cipherTextBase64Url = parts[3]; var tagBase64Url = parts[4]; var sentTag = tagBase64Url.FromBase64UrlSafe(); var aadBytes = (jweHeaderBase64Url + "." + jweEncKeyBase64Url).ToUtf8Bytes(); var iv = ivBase64Url.FromBase64UrlSafe(); var cipherText = cipherTextBase64Url.FromBase64UrlSafe(); var jweEncKey = jweEncKeyBase64Url.FromBase64UrlSafe(); var cryptAuthKeys256 = RsaUtils.Decrypt(jweEncKey, PrivateKey.Value, UseRsaKeyLength); var authKey = new byte[128 / 8]; var cryptKey = new byte[128 / 8]; Buffer.BlockCopy(cryptAuthKeys256, 0, authKey, 0, authKey.Length); Buffer.BlockCopy(cryptAuthKeys256, authKey.Length, cryptKey, 0, cryptKey.Length); using (var hmac = new HMACSHA256(authKey)) using (var encryptedStream = new MemoryStream()) { using (var writer = new BinaryWriter(encryptedStream)) { writer.Write(aadBytes); writer.Write(iv); writer.Write(cipherText); writer.Flush(); var calcTag = hmac.ComputeHash(encryptedStream.ToArray()); if (!calcTag.EquivalentTo(sentTag)) { return; } } } JsonObject jwtPayload; using (var aes = new AesManaged { KeySize = 128, BlockSize = 128, Mode = CipherMode.CBC, Padding = PaddingMode.PKCS7 }) using (var decryptor = aes.CreateDecryptor(cryptKey, iv)) using (var ms = MemoryStreamFactory.GetStream(cipherText)) using (var cryptStream = new CryptoStream(ms, decryptor, CryptoStreamMode.Read)) { var jwtPayloadBytes = cryptStream.ReadFully(); jwtPayload = JsonObject.Parse(jwtPayloadBytes.FromUtf8Bytes()); } var session = CreateSessionFromPayload(req, jwtPayload); req.Items[Keywords.Session] = session; } } }
/// <summary> /// Initializes the Security Manager by attempting to decrypt the keyFile /// </summary> /// <param name="keyFileLocation">Location of the keyFile</param> /// <param name="key">supplied encryption key (Base64) given at program start</param> /// <param name="iv">supplied encryption iv (Base64) given at program start</param> /// <param name="userFileLocation">Location of the userFile encrypted by keyFile</param> /// <param name="emailUserFileLocation">Location of the userFile for the email sender, also encrypted by keyFile</param> /// <exception cref="DecryptionException">Throws if @keyFileLocation cannot be decrypted</exception> /// <exception cref="IOException">Throws if @keyFileLocation cannot be read</exception> public SecurityManager(string keyFileLocation, string key, string iv, string userFileLocation, string emailUserFileLocation) { if (key == null || iv == null || keyFileLocation == null || userFileLocation == null || emailUserFileLocation == null) { throw new ArgumentNullException(); } if (!File.Exists(keyFileLocation)) { throw new FileNotFoundException("keyFile not found"); } if (!File.Exists(userFileLocation)) { throw new FileNotFoundException("userFile not found"); } if (!isValidLength(key) || !isValidLength(iv)) { throw new ArgumentException("Either Key or IV is an improper length"); } string keyFileENC = keyFileENC = File.ReadAllText(keyFileLocation); //Encrypted base64 string[] keyLines = null; var aes = new AesManaged(); try { //Try to decrypt keyFile aes.Key = Convert.FromBase64String(key); aes.IV = Convert.FromBase64String(iv); aes.Padding = PaddingMode.Zeros; aes.Mode = CipherMode.CBC; var decryptor = aes.CreateDecryptor(); var cipher = Convert.FromBase64String(keyFileENC); string plaintext = encoder.GetString(decryptor.TransformFinalBlock(cipher, 0, cipher.Length)); keyLines = plaintext.Split('\n'); plaintext = null; } catch { throw new DecryptionException(); } if (keyLines != null) { if (isValidKeyFile(keyLines)) { for (int i = 0; i < keyLines.Length; i++) { if (i == 0 || i == keyLines.Length - 1) { continue; } string[] keyValuePair = keyLines[i].Split('='); if (keyValuePair[0] == "iv") { string fixIv = string.Empty; for (int x = 1; x < keyValuePair.Length; x++) { if (keyValuePair[x] == "") { fixIv = fixIv + '='; } else { fixIv = fixIv + keyValuePair[x]; } } this.iv = fixIv; } if (keyValuePair[0] == "key") { string fixKey = String.Empty; for (int x = 1; x < keyValuePair.Length; x++) { if (keyValuePair[x] == "") { fixKey = fixKey + '='; } else { fixKey = fixKey + keyValuePair[1]; } } this.key = fixKey; } } } else { throw new Exception("Either Decrypted an invalid keyfile or supplied key/iv is wrong"); } keyLines = null; //Destroy aes.IV = Convert.FromBase64String(this.iv); aes.Key = Convert.FromBase64String(this.key); this.aes = aes; //store AES Object this.aes.IV = Convert.FromBase64String(this.iv); this.aes.Key = Convert.FromBase64String(this.key); //Create UserManager with supplied userFileLocation and decrypted keyFile string[] userLines; try { string userFileENC = File.ReadAllText(userFileLocation); var decryptor = this.aes.CreateDecryptor(); var cipher = Convert.FromBase64String(userFileENC); string plaintext = encoder.GetString(decryptor.TransformFinalBlock(cipher, 0, cipher.Length)); userLines = plaintext.Split('\n'); plaintext = null; userFileENC = null; } catch { throw new DecryptionException(); } try { int securityValue = -1; User defaultUser = User.parseUserFile(userLines, out securityValue); this.userManager = new UserManager(defaultUser, securityValue, this); keyLines = null; /*User defaultUser = new User(name, pass, email, out securityValue); * this.userManager = new UserManager(defaultUser, securityValue, this);*/ } catch { throw new Exception("Either Decrypted an invalid userFile or keyFile contains incorrect key/iv"); } /*if (isValidUserFile(userLines)) { * string name = null, email = null, pass = null; * foreach (string line in userLines) { * string[] split = line.Split('='); * if (split[0].Trim() == "username") { * name = split[1].Trim(); * } * else if (split[0].Trim() == "email") { * email = split[1].Trim(); * } * else if (split[0].Trim() == "pass") { * pass = split[1].Trim(); * } * } * int securityValue = 0; * User defaultUser = new User(name, pass, email, out securityValue); * this.userManager = new UserManager(defaultUser, securityValue, this); * * //Try and destroy any remaining data * name = null; * email = null; * pass = null; * securityValue = int.MinValue; * keyLines = null; * keyFileENC = null; * } * else { * throw new Exception("Either Decrypted an invalid userFile or keyFile contains incorrect key/iv"); * }*/ //Create the mailer Object //read userFile string[] emailLines; try { string emailENC = File.ReadAllText(emailUserFileLocation); var decryptor = this.aes.CreateDecryptor(); var cipher = Convert.FromBase64String(emailENC); string plaintext = encoder.GetString(decryptor.TransformFinalBlock(cipher, 0, cipher.Length)); emailLines = plaintext.Split('\n'); plaintext = null; emailENC = null; } catch { throw new DecryptionException(); } int mailSecValue = -1; User mailUser = User.parseUserFile(emailLines, out mailSecValue); /*if (isValidUserFile(emailLines)) { * string name = null, email = null, pass = null; * foreach (string line in userLines) { * string[] split = line.Split('='); * if (split[0].Trim() == "username") { * name = split[1].Trim(); * } * else if (split[0].Trim() == "email") { * email = split[1].Trim(); * } * else if (split[0].Trim() == "pass") { * pass = split[1].Trim(); * } * } * int securityValue = 0; * User defaultUser = new User(name, pass, email, out securityValue); * this.userManager = new UserManager(defaultUser, securityValue, this); * * //Try and destroy any remaining data * name = null; * email = null; * pass = null; * securityValue = int.MinValue; * keyLines = null; * keyFileENC = null; * }*/ //destroy sensitive info emailLines = null; this.mailer = new Mailer(mailUser, mailSecValue); } else { throw new DecryptionException(); } }
static void Main(string[] args) { #if !DEBUG if (args.Length < 1) { Console.WriteLine("FARC Pack"); Console.WriteLine("========="); Console.WriteLine("Packer/unpacker for .FARC files.\n"); Console.WriteLine("Usage:"); Console.WriteLine(" FarcPack [options] [source] [destination]"); Console.WriteLine(" Source can be either FARC or directory."); Console.WriteLine(" Destination can be left empty.\n"); Console.WriteLine("Options:"); Console.WriteLine(" -a, -alignment Set alignment for output FARC."); Console.WriteLine(" 16 by default.\n"); Console.WriteLine(" -c, --compress Compress files in output FARC."); Console.WriteLine(" Disabled by default."); Console.ReadLine(); return; } #endif string sourcePath = null; string destinationPath = null; bool compress = false; uint alignment = 16; for (int i = 0; i < args.Length; i++) { string arg = args[i]; Func <string, string, bool> compare = (a, b) => arg.Equals(a, StringComparison.OrdinalIgnoreCase) || arg.Equals(b, StringComparison.OrdinalIgnoreCase); alignment = compare("-a", "-alignment") ? uint.Parse(args[++i]) : alignment; compress = compare("-c", "-compress") || compress; if (sourcePath == null && !compare("-c", "-compress") && !compare("-a", "-alignment")) { sourcePath = arg; } else if (destinationPath == null && !compare("-c", "-compress") && !compare("-a", "-alignment")) { destinationPath = arg; } } #if DEBUG sourcePath = @"C:\Users\waelw.WAELS-PC\Desktop\farc\vr_cmn"; #endif if (sourcePath == null) { throw new ArgumentException("You must provide a source.", nameof(sourcePath)); } var serial = new BinarySerializer(); if (sourcePath.EndsWith(".farc", StringComparison.OrdinalIgnoreCase)) { destinationPath = destinationPath ?? Path.ChangeExtension(sourcePath, null); #if USE_NEW var archive = new FarcArchiveBin(); using (var file = File.Open(sourcePath, FileMode.Open)) { archive = serial.Deserialize <FarcArchiveBin>(file); archive.Unpack(destinationPath); } #else var archive = new FarcArchive(); archive.Load(sourcePath); using (Stream source = File.OpenRead(sourcePath)) { foreach (var entry in archive) { using (Stream entrySource = new SubStream(source, entry.Position, entry.Length)) using (Stream destination = File.Create(Path.Combine(destinationPath, entry.FileName))) { if (archive.IsEncrypted) { using (AesManaged aes = new AesManaged { KeySize = 128, Key = FarcArchive.FarcEncryptionKeyBytes, BlockSize = 128, Mode = CipherMode.ECB, Padding = PaddingMode.Zeros, IV = new byte[16], }) using (CryptoStream cryptoStream = new CryptoStream( entrySource, aes.CreateDecryptor(), CryptoStreamMode.Read)) { if (archive.IsCompressed && entry.Length != entry.CompressedLength) { using (GZipStream gzipStream = new GZipStream(cryptoStream, CompressionMode.Decompress)) { gzipStream.CopyTo(destination); } } else { cryptoStream.CopyTo(destination); } } } else if (archive.IsCompressed && entry.Length != entry.CompressedLength) { using (GZipStream gzipStream = new GZipStream(entrySource, CompressionMode.Decompress)) { gzipStream.CopyTo(destination); } } else { entrySource.CopyTo(destination); } } } } #endif } else if (File.GetAttributes(sourcePath).HasFlag(FileAttributes.Directory)) { #if USE_NEW var archive = new FarcArchiveBin(); archive.Alignment = (int)alignment; #else var archive = new FarcArchive(); archive.Alignment = alignment; #endif archive.IsCompressed = compress; #if DEBUG archive.Alignment = 64; #endif destinationPath = destinationPath ?? sourcePath + ".farc"; foreach (string fileName in Directory.GetFiles(sourcePath)) { #if USE_NEW archive.Add(new FarcEntryBin(fileName)); #else archive.Add(new FarcEntry { FileName = Path.GetFileName(fileName), FilePath = new FileInfo(fileName) }); #endif } #if USE_NEW archive.Flush(); using (var save = File.Create(destinationPath)) { serial.Serialize(save, archive); } #else archive.Save(destinationPath); #endif } }
/// <summary> /// 文字列を複合化します。 /// </summary> /// <param name="data">複合化する文字列</param> /// <param name="password">パスワード</param> /// <returns>複合化した文字列</returns> /// <exception cref="ArgumentException">複合化する文字が空 or 先頭にsaltとIVが含まれていない or 複合化に失敗</exception> public static string DecryptString(string data, string password) { // 入力チェック (空チェック) if (String.IsNullOrWhiteSpace(data)) { throw new ArgumentException("複合化する文字が空です。"); } // 複合化する文字をbyte配列に変換する。 var bytes = System.Convert.FromBase64String(data); // 入力チェック (レングスチェック) if (bytes.Length < 16 * 2) { throw new ArgumentException("複合化する文字はアルゴリズムの条件を満たしていません。"); } // 引数のデータからsaltとIV、複合化する文字列を取得する。 var salt = bytes.Take(16).ToArray(); var IV = bytes.Skip(16).Take(16).ToArray(); var byteData = bytes.Skip(16 * 2).ToArray(); // 複合に用いるICryptoTransformを生成するブロック using (AesManaged aes = new AesManaged()) { aes.BlockSize = 128; // BlockSize = 16bytes aes.KeySize = 128; // KeySize = 16bytes aes.Mode = CipherMode.CBC; // CBC mode aes.Padding = PaddingMode.PKCS7; // Padding mode is "PKCS7". //入力されたパスワードをベースに擬似乱数を新たに生成 Rfc2898DeriveBytes deriveBytes = new Rfc2898DeriveBytes(password, salt); // 生成した擬似乱数から16バイト切り出したデータをパスワードにする byte[] bufferKey = deriveBytes.GetBytes(16); // AESにキーとIVを設定する。 aes.Key = bufferKey; aes.IV = IV; // 複合処理用インスタンスを生成し、文字列を複合化する using (ICryptoTransform decryptor = aes.CreateDecryptor(aes.Key, aes.IV)) { // byte配列を暗号化→文字列に変換して返却 string decryptString = null; try { decryptString = System.Text.Encoding.UTF8.GetString(decryptor.TransformFinalBlock(byteData, 0, byteData.Length)); } catch (Exception ex) { // 複合化で例外が発生する→パスワードが異なる。 throw new ArgumentException("パスワードが違います。", ex); } // saltとIV、複合化した文字を取得する。 var decryptSalt = String.Concat(decryptString.Take(24)); var decryptIV = String.Concat(decryptString.Skip(24).Take(24)); var decryptData = String.Concat(decryptString.Skip(24 * 2)); // 入力チェック (複合化した文字内に含まれるsaltとIVが生のsaltとIVと一致しない) if (!salt.SequenceEqual(System.Convert.FromBase64String(decryptSalt)) || !IV.SequenceEqual(System.Convert.FromBase64String(decryptIV))) { throw new ArgumentException("パスワードが違います。"); } // 結果を返却 return(decryptData); } } }
static void Main(string[] args) { if (args.Length >= 2) { try { var file_bytes = File.ReadAllBytes(args[1]); switch (args[0]) { case "hash_sha512": var hash_file = HashAlgorithmSHA512.HashArray(file_bytes); File.WriteAllBytes(args[0] + "_file", hash_file); break; case "aes": if (args.Length == 4) { var key_bytes = File.ReadAllBytes(args[2]); var iv_bytes = File.ReadAllBytes(args[3]); var decr_by_aes_file = SymmetricAlgorithmAES.DecryptData(file_bytes, key_bytes, iv_bytes); File.WriteAllBytes(args[0] + "_file", decr_by_aes_file); } else { using (var myAes = new AesManaged()) { myAes.GenerateKey(); myAes.GenerateIV(); var encr_by_aes_file = SymmetricAlgorithmAES.EncryptData(file_bytes, myAes.Key, myAes.IV); File.WriteAllBytes(args[0] + "_file", encr_by_aes_file); File.WriteAllBytes(args[0] + "_key", myAes.Key); File.WriteAllBytes(args[0] + "_iv", myAes.IV); } } break; case "rsa": if (args.Length == 3) { string xml_string = File.ReadLines(args[2]).Skip(0).First(); var decr_by_rsa_file = AsymmetricAlgorithmRSA.DecryptData(file_bytes, xml_string); File.WriteAllBytes(args[0] + "_file", decr_by_rsa_file); } else { using (var RSA = new RSACryptoServiceProvider()) { string xml_string = RSA.ToXmlString(true); var encr_by_rsa_file = AsymmetricAlgorithmRSA.EncryptData(file_bytes, xml_string); File.WriteAllBytes(args[0] + "_file", encr_by_rsa_file); File.WriteAllText(args[0] + "_xml_string", xml_string); } } break; default: break; } } catch (IOException e) { Console.WriteLine("Error: File not found", e); } } }
/// <summary> /// Use this constructor to perform encryption/decryption with custom options. /// See AESCryptOptions documentation for details. /// </summary> /// <param name="passPhrase"> /// Passphrase (in string format) from which a pseudo-random password will be derived. The derived password will be used to generate the encryption key. /// </param> /// <param name="initVector"> /// Initialization vector (IV). This value is required to encrypt the first block of plaintext data. IV must be exactly 16 ASCII characters long. /// </param> /// <param name="options"> /// A set of customized (or default) options to use for the encryption/decryption: see AESCryptOptions documentation for details. /// </param> public AESCrypt(string passPhrase, string initVector, AESCryptOptions options) { // store the options object locally. this.Options = options; // Checks for the correct (or null) size of cryptographic key. if (Options.FixedKeySize.HasValue && Options.FixedKeySize != 128 && Options.FixedKeySize != 192 && Options.FixedKeySize != 256) { throw new NotSupportedException("ERROR: options.FixedKeySize must be NULL (for auto-detect) or have a value of 128, 192 or 256"); } // Initialization vector converted to a byte array. byte[] initVectorBytes = null; // Salt used for password hashing (to generate the key, not during // encryption) converted to a byte array. byte[] saltValueBytes = null; // Get bytes of initialization vector. if (initVector == null) { initVectorBytes = new byte[0]; } else { initVectorBytes = Encoding.UTF8.GetBytes(initVector); } // Gets the KeySize int keySize = (Options.FixedKeySize.HasValue) ? Options.FixedKeySize.Value : GetAESKeySize(passPhrase); // Get bytes of password (hashing it or not) byte[] keyBytes = null; if (Options.PasswordHash == AESPasswordHash.None) { // Convert passPhrase to a byte array keyBytes = System.Text.Encoding.UTF8.GetBytes(passPhrase); } else { // Get bytes of password hash salt if (Options.PasswordHashSalt == null) { saltValueBytes = new byte[0]; } else { saltValueBytes = Encoding.UTF8.GetBytes(options.PasswordHashSalt); } // Generate password, which will be used to derive the key. PasswordDeriveBytes password = new PasswordDeriveBytes( passPhrase, saltValueBytes, Options.PasswordHash.ToString().ToUpper().Replace("-", ""), Options.PasswordHashIterations); // Convert key to a byte array adjusting the size from bits to bytes. keyBytes = password.GetBytes(keySize / 8); } // Initialize AES key object. AesManaged symmetricKey = new AesManaged(); // Sets the padding mode symmetricKey.Padding = Options.PaddingMode; // Use the unsafe ECB cypher mode (not recommended) if no IV has been provided, otherwise use the more secure CBC mode. symmetricKey.Mode = (initVectorBytes.Length == 0) ? CipherMode.ECB : CipherMode.CBC; // Create the encryptor and decryptor objects, which we will use for cryptographic operations. encryptor = symmetricKey.CreateEncryptor(keyBytes, initVectorBytes); decryptor = symmetricKey.CreateDecryptor(keyBytes, initVectorBytes); }
public Aes128CounterMode(byte[] counter) { if (counter == null) throw new ArgumentNullException("counter"); if (counter.Length != 16) throw new ArgumentException(String.Format("Counter size must be same as block size (actual: {0}, expected: {1})", counter.Length, 16)); _aes = new AesManaged { Mode = CipherMode.ECB, Padding = PaddingMode.None }; _counter = counter; }
public void SetSecret( byte[] buffer ) { aes = new AesManaged(); aes.Key = buffer; aes.IV = buffer; }