public string Decrypt(string json, string password)
{
var jsonObj = JsonConvert.DeserializeObject <SjclJson>(json);
var v = jsonObj.V;
var adata = Convert.FromBase64String(jsonObj.AData);
var iv = Convert.FromBase64String(jsonObj.IV);
var salt = Convert.FromBase64String(jsonObj.Salt);
var ks = jsonObj.KS;
var ts = jsonObj.TS;
var iter = jsonObj.Iter;
var ct = Convert.FromBase64String(jsonObj.CT);
// var cipher = json.Cipher;
// var mode = json.Mode;
var key = GenKeyBytes(password, salt, ks, iter);
var nonSecretPayload = new byte[] { };
var cipher = new CcmBlockCipher(new AesFastEngine());
var parameters = new CcmParameters(
new KeyParameter(key), ts, iv.Take(13).ToArray(), nonSecretPayload);
cipher.Init(false, parameters);
var plainText = new byte[cipher.GetOutputSize(ct.Length)];
var len = cipher.ProcessBytes(ct, 0, ct.Length, plainText, 0);
cipher.DoFinal(plainText, len);
return(Encoding.UTF8.GetString(plainText));
}
public static string Decrypt(string password, string data)
{
SJCLBlob ctdata = JsonConvert.DeserializeObject <SJCLBlob>(data);
if (ctdata.Cipher != "aes" || ctdata.Mode != "ccm")
{
throw new InvalidOperationException("Unsupported cipher or mode.");
}
byte[] cipherText = DecodeBase64(ctdata.CipherText);
var derivedMacParameters = DeriveKey(password, ctdata);
var l = FindIVLen(cipherText.Length);
byte[] iv = new byte[l];
Array.Copy((Array)DecodeBase64(ctdata.IV), (Array)iv, (int)l);
var ccmparams = new CcmParameters(derivedMacParameters, ctdata.TagSize, iv, DecodeBase64(ctdata.AuthData));
var ccmMode = new CcmBlockCipher(new AesFastEngine());
ccmMode.Init(false, ccmparams);
var plainBytes = new byte[ccmMode.GetOutputSize(cipherText.Length)];
var res = ccmMode.ProcessBytes(cipherText, 0, cipherText.Length, plainBytes, 0);
ccmMode.DoFinal(plainBytes, res);
return(Encoding.UTF8.GetString(plainBytes));
}
public void Init(bool forEncryption, ICipherParameters parameters)
{
if (!(parameters is CcmParameters))
{
throw new ArgumentException("parameters need to be CCMParameters");
}
this.forEncryption = forEncryption;
this.parameters = (CcmParameters)parameters;
}
private static MemoryStream Encrypt(Stream source, string fileName, out string seed_encoded, out string ident)
{
// Randomly generate a new seed for upload
byte[] seed = new byte[16];
using (RNGCryptoServiceProvider rngCsp = new RNGCryptoServiceProvider())
{
rngCsp.GetBytes(seed);
}
seed_encoded = UrlBase64Encode(seed);
// Derive the parameters (key, IV, ident) from the seed
byte[] key, iv;
DeriveParams(seed, out key, out iv, out ident);
// Create a new String->String map for JSON blob, and define filename and metadata
Dictionary <string, string> metadataMap = new Dictionary <string, string>();
metadataMap["mime"] = Helpers.IsTextFile(fileName) ? "text/plain" : Helpers.GetMimeType(fileName);
metadataMap["name"] = fileName;
// Encode the metadata with UTF-16 and a double-null-byte terminator, and append data
// Unfortunately, the CCM cipher mode can't stream the encryption, and so we have to GetBytes() on the source.
// We do limit the source to 50MB however
byte[] data = Encoding.BigEndianUnicode.GetBytes(JsonConvert.SerializeObject(metadataMap)).Concat(new byte[] { 0, 0 }).Concat(source.GetBytes()).ToArray();
// Calculate the length of the CCM IV and copy it over
long ccmIVLen = FindIVLen(data.Length);
byte[] ccmIV = new byte[ccmIVLen];
Array.Copy(iv, ccmIV, ccmIVLen);
// Set up the encryption parameters
KeyParameter keyParam = new KeyParameter(key);
CcmParameters ccmParams = new CcmParameters(keyParam, MacSize, ccmIV, new byte[0]);
CcmBlockCipher ccmMode = new CcmBlockCipher(new AesFastEngine());
ccmMode.Init(true, ccmParams);
// Perform the encryption
byte[] encBytes = new byte[ccmMode.GetOutputSize(data.Length)];
int res = ccmMode.ProcessBytes(data, 0, data.Length, encBytes, 0);
ccmMode.DoFinal(encBytes, res);
return(new MemoryStream(encBytes));
}
public string Encrypt(string plainText, string password)
{
var v = 1;
var iter = 10000;
var ks = 256;
var ts = 64;
// var mode = "ccm";
// var cipher = "aes";
var plainTextBytes = Encoding.UTF8.GetBytes(plainText);
var adata = new byte[0];
var iv = new byte[16];
var salt = new byte[8];
_random.GetBytes(iv);
_random.GetBytes(salt);
var key = GenKeyBytes(password, salt, ks, iter);
var nonSecretPayload = new byte[] { };
var cipher = new CcmBlockCipher(new AesFastEngine());
var parameters = new CcmParameters(
new KeyParameter(key), ts, iv.Take(13).ToArray(), nonSecretPayload);
cipher.Init(true, parameters);
var cipherText = new byte[cipher.GetOutputSize(plainTextBytes.Length)];
var len = cipher.ProcessBytes(plainTextBytes, 0, plainTextBytes.Length, cipherText, 0);
cipher.DoFinal(cipherText, len);
return(JsonConvert.SerializeObject(new SjclJson
{
IV = Convert.ToBase64String(iv),
V = v,
Iter = iter,
KS = ks,
TS = ts,
Mode = "ccm",
Cipher = "aes",
AData = Convert.ToBase64String(adata),
Salt = Convert.ToBase64String(salt),
CT = Convert.ToBase64String(cipherText),
}));
}
public static string Encrypt(string password, string data)
{
RNGCryptoServiceProvider rngCsp = new RNGCryptoServiceProvider();
byte[] salt = new byte[8];
rngCsp.GetBytes(salt);
byte[] iv = new byte[16];
rngCsp.GetBytes(iv);
SJCLBlob ctdata = new SJCLBlob()
{
Mode = "ccm",
Cipher = "aes",
AuthData = "",
Iterations = 2000,
KeySize = 256,
TagSize = 64,
Salt = Convert.ToBase64String(salt),
IV = Convert.ToBase64String(iv),
V = 1
};
var key = DeriveKey(password, ctdata);
byte[] rawdata = Encoding.UTF8.GetBytes(data);
var l = FindIVLen(rawdata.Length);
byte[] civ = new byte[l];
Array.Copy((Array)iv, (Array)civ, (int)l);
var ccmparams = new CcmParameters(key, ctdata.TagSize, civ, DecodeBase64(ctdata.AuthData));
var ccmMode = new CcmBlockCipher(new AesFastEngine());
ccmMode.Init(true, ccmparams);
var encBytes = new byte[ccmMode.GetOutputSize(rawdata.Length)];
var res = ccmMode.ProcessBytes(rawdata, 0, rawdata.Length, encBytes, 0);
ccmMode.DoFinal(encBytes, res);
ctdata.CipherText = Convert.ToBase64String(encBytes);
return(JsonConvert.SerializeObject(ctdata));
}
public string Encrypt(string data)
{
SecureRandom random = new SecureRandom();
// Generate 256-bits AES key
byte[] aesKey = new byte[32];
random.NextBytes(aesKey);
// Generate Initialization Vector
byte[] IV = new byte[12];
random.NextBytes(IV);
// Apply RSA/None/PKCS1Padding encryption to the AES key
byte[] encyptedAESKey = rsaCipher.DoFinal(aesKey);
// Apply AES/CCM/NoPadding encryption to the data
byte[] cipherText = System.Text.Encoding.UTF8.GetBytes(data);
var ccmParameters = new CcmParameters(new KeyParameter(aesKey), 64, IV, new byte[] { });
aesCipher = new CcmBlockCipher(new AesFastEngine());
aesCipher.Init(true, ccmParameters);
var encrypted = new byte[aesCipher.GetOutputSize(cipherText.Length)];
var res = aesCipher.ProcessBytes(cipherText, 0, cipherText.Length, encrypted, 0);
aesCipher.DoFinal(encrypted, res);
// Merge 'IV' and 'encrypted' to 'result'
byte[] result = new byte[IV.Length + encrypted.Length];
System.Buffer.BlockCopy(IV, 0, result, 0, IV.Length);
System.Buffer.BlockCopy(encrypted, 0, result, IV.Length, encrypted.Length);
// Return encrypted data
return(Prefix + Version + Separator + System.Convert.ToBase64String(encyptedAESKey) + Separator + System.Convert.ToBase64String(result));
}
internal static IParameters <Algorithm> GetCipherParameters(AlgorithmIdentifier encScheme)
{
DerObjectIdentifier encSchemeAlg = encScheme.Algorithm;
if (encSchemeAlg.On(NistObjectIdentifiers.Aes))
{
if (encSchemeAlg.Equals(NistObjectIdentifiers.IdAes128Ecb) || encSchemeAlg.Equals(NistObjectIdentifiers.IdAes192Ecb) || encSchemeAlg.Equals(NistObjectIdentifiers.IdAes256Ecb))
{
return(FipsAes.Ecb);
}
if (encSchemeAlg.Equals(NistObjectIdentifiers.IdAes128Cbc) || encSchemeAlg.Equals(NistObjectIdentifiers.IdAes192Cbc) || encSchemeAlg.Equals(NistObjectIdentifiers.IdAes256Cbc))
{
byte[] iv = DerOctetString.GetInstance(encScheme.Parameters).GetOctets();
return(FipsAes.Cbc.WithIV(iv));
}
if (encSchemeAlg.Equals(NistObjectIdentifiers.IdAes128Cfb) || encSchemeAlg.Equals(NistObjectIdentifiers.IdAes192Cfb) || encSchemeAlg.Equals(NistObjectIdentifiers.IdAes256Cfb))
{
byte[] iv = DerOctetString.GetInstance(encScheme.Parameters).GetOctets();
return(FipsAes.Cfb128.WithIV(iv));
}
if (encSchemeAlg.Equals(NistObjectIdentifiers.IdAes128Ofb) || encSchemeAlg.Equals(NistObjectIdentifiers.IdAes192Ofb) || encSchemeAlg.Equals(NistObjectIdentifiers.IdAes256Ofb))
{
byte[] iv = DerOctetString.GetInstance(encScheme.Parameters).GetOctets();
return(FipsAes.Ofb.WithIV(iv));
}
if (encSchemeAlg.Equals(NistObjectIdentifiers.IdAes128Ccm) || encSchemeAlg.Equals(NistObjectIdentifiers.IdAes192Ccm) || encSchemeAlg.Equals(NistObjectIdentifiers.IdAes256Ccm))
{
CcmParameters authParams = CcmParameters.GetInstance(encScheme.Parameters);
return(FipsAes.Ccm.WithIV(authParams.GetNonce()).WithMacSize(authParams.IcvLen * 8));
}
if (encSchemeAlg.Equals(NistObjectIdentifiers.IdAes128Gcm) || encSchemeAlg.Equals(NistObjectIdentifiers.IdAes192Gcm) || encSchemeAlg.Equals(NistObjectIdentifiers.IdAes256Gcm))
{
GcmParameters authParams = GcmParameters.GetInstance(encScheme.Parameters);
return(FipsAes.Ccm.WithIV(authParams.GetNonce()).WithMacSize(authParams.IcvLen * 8));
}
}
if (encSchemeAlg.Equals(NttObjectIdentifiers.IdCamellia128Cbc) || encSchemeAlg.Equals(NttObjectIdentifiers.IdCamellia192Cbc) || encSchemeAlg.Equals(NttObjectIdentifiers.IdCamellia256Cbc))
{
byte[] iv = DerOctetString.GetInstance(encScheme.Parameters).GetOctets();
return(Camellia.Cbc.WithIV(iv));
}
if (encSchemeAlg.Equals(PkcsObjectIdentifiers.DesEde3Cbc))
{
byte[] iv = DerOctetString.GetInstance(encScheme.Parameters).GetOctets();
return(FipsTripleDes.Cbc.WithIV(iv));
}
if (encSchemeAlg.Equals(KisaObjectIdentifiers.IdSeedCbc))
{
byte[] iv = DerOctetString.GetInstance(encScheme.Parameters).GetOctets();
return(Seed.Cbc.WithIV(iv));
}
throw new ArgumentException("cannot match algorithm");
}
