public EncryptedPacket EncryptData(byte[] original, RSAWithRSAParameterKey rsaParams, DigitalSignatureFuncs digitalSignature) { // Generate our session key var sessionKey = _aes.GenerateRandomNumber(32); // Create the encrypted packet and generate the IV var encryptedPacket = new EncryptedPacket { IV = _aes.GenerateRandomNumber(16) }; // Encrypt our data with AES encryptedPacket.EncryptedData = _aes.Encrypt(original, sessionKey, encryptedPacket.IV); // Encrypt the session key with RSA encryptedPacket.EncryptedSessionKey = rsaParams.EncryptData(sessionKey); // Calculate a HMAC encryptedPacket.HMAC = HMac.ComputeHMACSha256(encryptedPacket.EncryptedData, sessionKey); // Generate digital signature of packet to send encryptedPacket.Signature = digitalSignature.SignData(encryptedPacket.HMAC); return(encryptedPacket); }
public byte[] DecryptData(EncryptedPacket encryptedPacket, RSAWithRSAParameterKey rsaParams) { // Decrypt AES Key with RSA var decryptedSessionKey = rsaParams.DecryptData(encryptedPacket.EncryptedSessionKey); // Integrity Check var hmacToCheck = HMac.ComputeHMACSha256(encryptedPacket.EncryptedData, decryptedSessionKey); if (!Compare(encryptedPacket.HMAC, hmacToCheck)) { throw new CryptographicException("HMAC for decryption does not match encrypted package HMAC code received. This means the message has been tampered with."); } // Decrypt our data with AES using the decryptedSessionKey return(_aes.Decrypt(encryptedPacket.EncryptedData, decryptedSessionKey, encryptedPacket.IV)); }
private static void TestHMACAPI() { const string originalMessage = "Original message to hash"; const string originalMessage2 = "Or1ginal message to hash"; Console.WriteLine($"Original Message 1: {originalMessage}"); Console.WriteLine($"Original Message 2: {originalMessage2}"); Console.WriteLine(); var key = HMac.GenerateKey(); var hmacMd5Message = HMac.ComputeHMACMD5(Encoding.UTF8.GetBytes(originalMessage), key); var hmacMd5Message2 = HMac.ComputeHMACMD5(Encoding.UTF8.GetBytes(originalMessage2), key); var hmacSha1Message = HMac.ComputeHMACSha1(Encoding.UTF8.GetBytes(originalMessage), key); var hmacSha1Message2 = HMac.ComputeHMACSha1(Encoding.UTF8.GetBytes(originalMessage2), key); var hmacSha256Message = HMac.ComputeHMACSha256(Encoding.UTF8.GetBytes(originalMessage), key); var hmacSha256Message2 = HMac.ComputeHMACSha256(Encoding.UTF8.GetBytes(originalMessage2), key); var hmacSha512Message = HMac.ComputeHMACSha512(Encoding.UTF8.GetBytes(originalMessage), key); var hmacSha512Message2 = HMac.ComputeHMACSha512(Encoding.UTF8.GetBytes(originalMessage2), key); Console.WriteLine(); Console.WriteLine($"MD5 HMAC Message 1: {Convert.ToBase64String(hmacMd5Message)}"); Console.WriteLine($"MD5 HMAC Message 2: {Convert.ToBase64String(hmacMd5Message2)}"); Console.WriteLine(); Console.WriteLine(); Console.WriteLine($"SHA1 HMAC Message 1: {Convert.ToBase64String(hmacSha1Message)}"); Console.WriteLine($"SHA1 HMAC Message 2: {Convert.ToBase64String(hmacSha1Message2)}"); Console.WriteLine(); Console.WriteLine(); Console.WriteLine($"SHA256 HMAC Message 1: {Convert.ToBase64String(hmacSha256Message)}"); Console.WriteLine($"SHA256 HMAC Message 2: {Convert.ToBase64String(hmacSha256Message2)}"); Console.WriteLine(); Console.WriteLine(); Console.WriteLine($"SHA512 HMAC Message 1: {Convert.ToBase64String(hmacSha512Message)}"); Console.WriteLine($"SHA512 HMAC Message 2: {Convert.ToBase64String(hmacSha512Message2)}"); Console.WriteLine(); }