public void Dispose()
{
Engine.Dispose();
HashProvider.Dispose();
HashBytes = null;
_Password = null;
}
public string GetFileChecksum()
{
if (string.IsNullOrWhiteSpace(FilePath))
{
throw new ArgumentException("检验器校验目标文件路径为空");
}
FileStream file = new FileStream(FilePath, FileMode.Open);
try
{
SHA256 sha256 = new SHA256CryptoServiceProvider(); //创建SHA1对象
byte[] sha256Bytes = sha256.ComputeHash(file); //Hash运算
sha256.Dispose(); //释放当前实例使用的所有资源
file.Dispose();
string result = BitConverter.ToString(sha256Bytes); //将运算结果转为string类型
result = result.Replace("-", "");
return(result);
}
catch
{
throw new ArgumentException("校验器初始化失败,请尝试根据下面的步骤:\n" +
"1、单击“开始,运行”键入“gpedit.msc”,然后单击“确定”。\n" +
"2、依次展开“计算机配置”,展开“Windows设置”,展开“安全设置”,展开“本地策略”,然后单击“安全选项”\n" +
"3、在右窗格中, 双击“系统加密:”使用“FIPS 兼容的算法来加密,散列,和签名”,单击“禁用”,然后单击“确定”。");
}
}
public User Register(UserForRegistration userForRegistration)
{
if (userForRegistration == null)
{
return(null);
}
if (userForRegistration.Password == null || userAPI == null)
{
return(null);
}
var sha256 = new SHA256CryptoServiceProvider();
var hashedPassword = ConvertByteArrayToString(
sha256.ComputeHash(ConvertStringToByteArray(userForRegistration.Password)));
sha256.Dispose();
var user = userAPI.GetUserFromDatabase(userForRegistration.Name);
if (user != null)
{
return(null);
}
user = new User();
user.Name = userForRegistration.Name;
user.Password = hashedPassword;
user.FirstName = userForRegistration.FirstName;
user.LastName = userForRegistration.LastName;
userAPI.AddUser(user);
user.Password = null;
return(user);
}
private string HashPasswordLegacy(string salt, string password)
{
HashAlgorithm hashAlg = null;
string hashedPassword = null;
try
{
hashAlg = new SHA256CryptoServiceProvider();
var saltAndPassword = salt + password;
byte[] bytValue = System.Text.Encoding.UTF8.GetBytes(saltAndPassword);
byte[] bytHash = hashAlg.ComputeHash(bytValue);
hashedPassword = Convert.ToBase64String(bytHash);
}
catch (Exception e)
{
throw e;
}
finally
{
if (hashAlg != null)
{
hashAlg.Clear();
hashAlg.Dispose();
hashAlg = null;
}
}
return(hashedPassword);
}
private NewPassword HashPassword(NewPassword np)
{
HashAlgorithm hashAlg = null;
try
{
hashAlg = new SHA256CryptoServiceProvider();
byte[] bytValue = System.Text.Encoding.UTF8.GetBytes(np.GetSaltPassword());
byte[] bytHash = hashAlg.ComputeHash(bytValue);
np.SaltedHashedPassword = Convert.ToBase64String(bytHash);
}
catch (Exception e)
{
throw e;
}
finally
{
if (hashAlg != null)
{
hashAlg.Clear();
hashAlg.Dispose();
hashAlg = null;
}
}
return(np);
}
public void Dispose()
{
if (_cryptoProvider != null)
{
_cryptoProvider.Dispose();
}
}
public static string Encrypt(string plainText, string password)
{
Contract.Requires(!string.IsNullOrWhiteSpace(plainText));
Contract.Requires(!string.IsNullOrWhiteSpace(password));
Contract.Ensures(!string.IsNullOrWhiteSpace(Contract.Result <string>()));
var hashProvider = new SHA256CryptoServiceProvider();
var algorithm = new AesManaged
{
Key = hashProvider.ComputeHash(_utf8.GetBytes(password)),
Mode = CipherMode.ECB,
Padding = PaddingMode.PKCS7
};
try
{
using (var encryptor = algorithm.CreateEncryptor())
{
var abData = _utf8.GetBytes(plainText);
var abResult = encryptor.TransformFinalBlock(abData, 0, abData.Length);
var result = System.Convert.ToBase64String(abResult);
return(result);
}
}
finally
{
algorithm.Clear();
algorithm.Dispose();
hashProvider.Clear();
hashProvider.Dispose();
}
}
// Creates a new User
// email: has to match email format
// password: more than 2 caracters
// Returns -1 if password or email formats are invalid number or number of rows updated 0 or 1
public static void CreateUser(string email, string password)
{
string queryString = "INSERT INTO Users(Email, PasswordHash) VALUES (@email, @passwordHash)";
using (SqlConnection connection = new SqlConnection(connectionString))
{
SqlCommand command = new SqlCommand(queryString, connection);
SHA256CryptoServiceProvider sha256 = new SHA256CryptoServiceProvider();
try
{
if (!Regex.IsMatch(email, @"[a-zA-Z0-9.!#$%&'*+/=?^_`{|}~-][email protected]") || password.Trim().Length < 3)
{
throw new InvalidUserFieldsException("User credentials format is incorrect, email must be [email protected] and password must have more than 2 caracters");
}
byte[] byteHash = sha256.ComputeHash(Encoding.UTF8.GetBytes(password));
string hashPassword = Convert.ToBase64String(byteHash);
command.Parameters.AddWithValue("email", email);
command.Parameters.AddWithValue("passwordHash", hashPassword);
connection.Open();
int rowsAffected = (int)command.ExecuteNonQuery();
connection.Close();
//return rowsAffected;
}
catch (InvalidUserFieldsException)
{
throw;
}
catch (Exception e)
{
throw new Exception(e.Message);
}
finally
{
if (connection.State == System.Data.ConnectionState.Open)
{
connection.Close();
}
if (command != null)
{
command.Dispose();
}
if (sha256 != null)
{
sha256.Dispose();
}
}
}
}
/// <summary>
/// RSA签名,默认SHA256
/// </summary>
/// <param name="privateKey">私钥</param>
/// <param name="HashbyteSignature"></param>
/// <param name="EncryptedSignatureData"></param>
/// <returns></returns>
public static bool Sign(string privateKey, byte[] HashbyteSignature, out byte[] EncryptedSignatureData)
{
System.Security.Cryptography.RSACryptoServiceProvider RSA = new System.Security.Cryptography.RSACryptoServiceProvider();
LoadPrivateKey(RSA, privateKey);
SHA256 sh = new SHA256CryptoServiceProvider();
EncryptedSignatureData = RSA.SignData(HashbyteSignature, sh);
sh.Dispose();
RSA.Dispose();
return(true);
}
private static bool VerifyChecksum(byte[] raw, XISFChecksumTypeEnum cksumType, string providedCksum)
{
string computedCksum;
SHA3Managed sha3;
using (MyStopWatch.Measure($"XISF Checksum = {cksumType}")) {
switch (cksumType)
{
case XISFChecksumTypeEnum.SHA1:
SHA1 sha1 = new SHA1CryptoServiceProvider();
computedCksum = GetStringFromHash(sha1.ComputeHash(raw));
sha1.Dispose();
break;
case XISFChecksumTypeEnum.SHA256:
SHA256 sha256 = new SHA256CryptoServiceProvider();
computedCksum = GetStringFromHash(sha256.ComputeHash(raw));
sha256.Dispose();
break;
case XISFChecksumTypeEnum.SHA512:
SHA512 sha512 = new SHA512CryptoServiceProvider();
computedCksum = GetStringFromHash(sha512.ComputeHash(raw));
sha512.Dispose();
break;
case XISFChecksumTypeEnum.SHA3_256:
sha3 = new SHA3Managed(256);
computedCksum = GetStringFromHash(sha3.ComputeHash(raw));
sha3.Dispose();
break;
case XISFChecksumTypeEnum.SHA3_512:
sha3 = new SHA3Managed(512);
computedCksum = GetStringFromHash(sha3.ComputeHash(raw));
sha3.Dispose();
break;
default:
return(false);
}
}
if (computedCksum.Equals(providedCksum))
{
return(true);
}
else
{
Logger.Error($"XISF: Invalid data block checksum! Expected: {providedCksum} Got: {computedCksum}");
return(false);
}
}
// ----------------------------------------------------<USERS>----------------------------------------------
// Verifys if user exists
// Returns true if user existes
// Returns false if user does not exist
public static bool UserExistsAndValid(string email, string password)
{
string queryString = "SELECT * FROM Users where Email = @email AND PasswordHash = @passwordHash";
using (SqlConnection connection = new SqlConnection(connectionString))
{
SqlCommand command = new SqlCommand(queryString, connection);
SHA256CryptoServiceProvider sha256 = new SHA256CryptoServiceProvider();
try
{
byte[] byteHash = sha256.ComputeHash(Encoding.UTF8.GetBytes(password));
string hashPassword = Convert.ToBase64String(byteHash);
command.Parameters.AddWithValue("email", email);
command.Parameters.AddWithValue("passwordHash", hashPassword);
connection.Open();
SqlDataReader reader = command.ExecuteReader();
if (reader.Read())
{
return((int)reader["Valid"] == 1 ? true : false);
}
reader.Close();
return(false);
}
catch (Exception)
{
return(false);
}
finally
{
if (connection.State == System.Data.ConnectionState.Open)
{
connection.Close();
}
if (command != null)
{
command.Dispose();
}
if (sha256 != null)
{
sha256.Dispose();
}
}
}
}
/// <summary>
/// Hash 值检查
/// </summary>
/// <param name="resFile">文件路径</param>
/// <param name="type">Hash 值的类型</param>
public CheckHash(string resFile, HashType type)
{
hashValue = string.Empty;
byte[] retVal = null;
FileStream file = new FileStream(resFile, FileMode.Open, FileAccess.Read, FileShare.ReadWrite);
switch (type)
{
case HashType.MD5:
MD5CryptoServiceProvider MD5Hash = new MD5CryptoServiceProvider();
retVal = MD5Hash.ComputeHash(file);
MD5Hash.Dispose();
break;
case HashType.SHA1:
SHA1CryptoServiceProvider SHA1Hash = new SHA1CryptoServiceProvider();
retVal = SHA1Hash.ComputeHash(file);
SHA1Hash.Dispose();
break;
case HashType.SHA256:
SHA256CryptoServiceProvider SHA256Hash = new SHA256CryptoServiceProvider();
retVal = SHA256Hash.ComputeHash(file);
SHA256Hash.Dispose();
break;
case HashType.SHA384:
SHA384CryptoServiceProvider SHA384Hash = new SHA384CryptoServiceProvider();
retVal = SHA384Hash.ComputeHash(file);
SHA384Hash.Dispose();
break;
case HashType.SHA512:
SHA512CryptoServiceProvider SHA512Hash = new SHA512CryptoServiceProvider();
retVal = SHA512Hash.ComputeHash(file);
SHA512Hash.Dispose();
break;
}
file.Close();
StringBuilder sb = new StringBuilder();
for (int i = 0; i < retVal.Length; i++)
{
sb.Append(retVal[i].ToString("x2"));
}
hashValue = sb.ToString();
}
public User Authenticate(UserForLogin userForLogin)
{
if (userForLogin == null)
{
return(null);
}
if (userForLogin.Password == null || userAPI == null)
{
return(null);
}
var sha256 = new SHA256CryptoServiceProvider();
var hashedPassword = ConvertByteArrayToString(
sha256.ComputeHash(ConvertStringToByteArray(userForLogin.Password)));
sha256.Dispose();
var user = userAPI.GetUserFromDatabase(userForLogin.Name);
if (user == null)
{
return(null);
}
if (user.Password != hashedPassword)
{
return(null);
}
var tokenHandler = new JwtSecurityTokenHandler();
var key = Encoding.ASCII.GetBytes(appSettings.Secret);
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(new Claim[]
{
new Claim(ClaimTypes.Name, user.Id.ToString())
}),
Expires = DateTime.UtcNow.AddDays(7),
SigningCredentials =
new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature)
};
var token = tokenHandler.CreateToken(tokenDescriptor);
user.Token = tokenHandler.WriteToken(token);
user.Password = null;
return(user);
}
public string GetFileChecksum()
{
if (string.IsNullOrWhiteSpace(FilePath))
{
throw new ArgumentException("检验器校验目标文件路径为空");
}
FileStream file = new FileStream(FilePath, FileMode.Open);
SHA256 sha256 = new SHA256CryptoServiceProvider(); //创建SHA1对象
byte[] sha256Bytes = sha256.ComputeHash(file); //Hash运算
sha256.Dispose(); //释放当前实例使用的所有资源
file.Dispose();
string result = BitConverter.ToString(sha256Bytes); //将运算结果转为string类型
result = result.Replace("-", "");
return(result);
}
private void ButtonTransformFinalBlock_Click(object sender, EventArgs e)
{
byte[] data = Encoding.UTF8.GetBytes(textBoxLastInputData.Text);
sha256.TransformFinalBlock(data, 0, data.Length);
textBoxHashBytes.Text = BitConverter.ToString(sha256.Hash);
if (textBoxHashBytes.Text != BitConverter.ToString(ComputeHashTest()))
{
MessageBox.Show("Error!");
}
else
{
MessageBox.Show("Hash identicos");
}
sha256.Dispose();
}
/// <summary>
/// Calculates an integer hash value based on the consistent identity hash of a string.
/// </summary>
/// <param name="text">The string to hash.</param>
/// <returns>An integer hash for the string.</returns>
public static int CalculateIdHash(string text)
{
SHA256 sha = new SHA256CryptoServiceProvider(); // This is one implementation of the abstract class SHA1.
int hash = 0;
try
{
byte[] data = Encoding.Unicode.GetBytes(text);
byte[] result = sha.ComputeHash(data);
for (int i = 0; i < result.Length; i += 4)
{
int tmp = (result[i] << 24) | (result[i + 1] << 16) | (result[i + 2] << 8) | (result[i + 3]);
hash = hash ^ tmp;
}
}
finally
{
sha.Dispose();
}
return(hash);
}
public static string Decrypt(string encryptedData, string password = null)
{
if (string.IsNullOrEmpty(password))
{
password = GetPassword();
Contract.Assert(!string.IsNullOrEmpty(password), "No password in AppSettings found or no password specified");
}
var hashProvider = new SHA256CryptoServiceProvider();
var algorithm = new AesCryptoServiceProvider
{
Key = hashProvider.ComputeHash(_utf8.GetBytes(password)),
Mode = CipherMode.ECB,
Padding = PaddingMode.PKCS7
};
string result;
try
{
var abEncryptedData = System.Convert.FromBase64String(encryptedData);
using (var decryptor = algorithm.CreateDecryptor())
{
var abResult = decryptor.TransformFinalBlock(abEncryptedData, 0, abEncryptedData.Length);
result = _utf8.GetString(abResult);
}
}
catch (Exception)
{
result = encryptedData;
}
finally
{
algorithm.Clear();
algorithm.Dispose();
hashProvider.Clear();
hashProvider.Dispose();
}
return(result);
}
public static string Decrypt(string encryptedData, string password)
{
Contract.Requires(!string.IsNullOrWhiteSpace(encryptedData));
Contract.Requires(!string.IsNullOrWhiteSpace(password));
Contract.Ensures(!string.IsNullOrWhiteSpace(Contract.Result <string>()));
var hashProvider = new SHA256CryptoServiceProvider();
var algorithm = new AesCryptoServiceProvider
{
Key = hashProvider.ComputeHash(_utf8.GetBytes(password)),
Mode = CipherMode.ECB,
Padding = PaddingMode.PKCS7
};
string result;
try
{
var abEncryptedData = System.Convert.FromBase64String(encryptedData);
using (var decryptor = algorithm.CreateDecryptor())
{
var abResult = decryptor.TransformFinalBlock(abEncryptedData, 0, abEncryptedData.Length);
result = _utf8.GetString(abResult);
}
}
catch (Exception)
{
result = encryptedData;
}
finally
{
algorithm.Clear();
algorithm.Dispose();
hashProvider.Clear();
hashProvider.Dispose();
}
return(result);
}
public void Dispose()
{
_sha1.Dispose();
}
/// <summary>
/// Convert the ushort array to a byte arraay, compressing with the requested algorithm if required
/// </summary>
/// <param name="data"></param>
/// <returns>Uncompressed or compressed byte array</returns>
private byte[] PrepareArray(ushort[] data)
{
byte[] outArray;
/*
* Convert the ushort[] into a byte[]
* From here onwards we deal in byte arrays only
*/
byte[] byteArray = new byte[data.Length * ShuffleItemSize];
Buffer.BlockCopy(data, 0, byteArray, 0, data.Length * ShuffleItemSize);
/*
* Compress the data block as configured.
*/
using (MyStopWatch.Measure($"XISF Compression = {CompressionType}")) {
if (CompressionType == XISFCompressionTypeEnum.LZ4)
{
if (ByteShuffling)
{
CompressionName = "lz4+sh";
byteArray = Shuffle(byteArray, ShuffleItemSize);
}
else
{
CompressionName = "lz4";
}
byte[] tmpArray = new byte[LZ4Codec.MaximumOutputSize(byteArray.Length)];
int compressedSize = LZ4Codec.Encode(byteArray, 0, byteArray.Length, tmpArray, 0, tmpArray.Length, LZ4Level.L00_FAST);
outArray = new byte[compressedSize];
Array.Copy(tmpArray, outArray, outArray.Length);
tmpArray = null;
}
else if (CompressionType == XISFCompressionTypeEnum.LZ4HC)
{
if (ByteShuffling)
{
CompressionName = "lz4hc+sh";
byteArray = Shuffle(byteArray, ShuffleItemSize);
}
else
{
CompressionName = "lz4hc";
}
byte[] tmpArray = new byte[LZ4Codec.MaximumOutputSize(byteArray.Length)];
int compressedSize = LZ4Codec.Encode(byteArray, 0, byteArray.Length, tmpArray, 0, tmpArray.Length, LZ4Level.L06_HC);
outArray = new byte[compressedSize];
Array.Copy(tmpArray, outArray, outArray.Length);
tmpArray = null;
}
else if (CompressionType == XISFCompressionTypeEnum.ZLIB)
{
if (ByteShuffling)
{
CompressionName = "zlib+sh";
byteArray = Shuffle(byteArray, ShuffleItemSize);
}
else
{
CompressionName = "zlib";
}
outArray = ZlibStream.CompressBuffer(byteArray);
}
else
{
outArray = new byte[byteArray.Length];
Array.Copy(byteArray, outArray, outArray.Length);
CompressionName = null;
}
}
// Revert to the original data array in case the compression is bigger than uncompressed
if (outArray.Length > byteArray.Length)
{
if (ByteShuffling)
{
//As the original array is shuffled it needs to be unshuffled again - this scenario should be highly unlikely anyways
outArray = Unshuffle(byteArray, ShuffleItemSize);
}
else
{
outArray = byteArray;
}
CompressionType = XISFCompressionTypeEnum.NONE;
Logger.Debug("XISF output array is larger after compression. Image will be prepared uncompressed instead.");
}
if (CompressionType != XISFCompressionTypeEnum.NONE)
{
double percentChanged = (1 - ((double)outArray.Length / (double)byteArray.Length)) * 100;
Logger.Debug($"XISF: {CompressionType} compressed {byteArray.Length} bytes to {outArray.Length} bytes ({percentChanged.ToString("#.##")}%)");
}
/*
* Checksum the data block as configured.
* If the data block is compressed, we always checksum the compressed form, not the uncompressed form.
*/
using (MyStopWatch.Measure($"XISF Checksum = {ChecksumType}")) {
SHA3Managed sha3;
switch (ChecksumType)
{
case XISFChecksumTypeEnum.SHA1:
SHA1 sha1 = new SHA1CryptoServiceProvider();
Checksum = GetStringFromHash(sha1.ComputeHash(outArray));
ChecksumName = "sha-1";
sha1.Dispose();
break;
case XISFChecksumTypeEnum.SHA256:
SHA256 sha256 = new SHA256CryptoServiceProvider();
Checksum = GetStringFromHash(sha256.ComputeHash(outArray));
ChecksumName = "sha-256";
sha256.Dispose();
break;
case XISFChecksumTypeEnum.SHA512:
SHA512 sha512 = new SHA512CryptoServiceProvider();
Checksum = GetStringFromHash(sha512.ComputeHash(outArray));
ChecksumName = "sha-512";
sha512.Dispose();
break;
case XISFChecksumTypeEnum.SHA3_256:
sha3 = new SHA3Managed(256);
Checksum = GetStringFromHash(sha3.ComputeHash(outArray));
ChecksumName = "sha3-256";
sha3.Dispose();
break;
case XISFChecksumTypeEnum.SHA3_512:
sha3 = new SHA3Managed(512);
Checksum = GetStringFromHash(sha3.ComputeHash(outArray));
ChecksumName = "sha3-512";
sha3.Dispose();
break;
case XISFChecksumTypeEnum.NONE:
default:
Checksum = null;
ChecksumName = null;
break;
}
}
return(outArray);
}
static void Main(string[] args)
{
IPEndPoint listenEndPoint;
TcpListener listener = null;
TcpClient client = null;
NetworkStream networkStream = null;
ProtocolSI protocol = null;
RSACryptoServiceProvider rsaClient = null;
RSACryptoServiceProvider rsaServer = null;
AesCryptoServiceProvider aes = null;
SymmetricsSI symmetricsSI = null;
SHA256CryptoServiceProvider sha256 = null;
try
{
Console.WriteLine($"** SERVER: Practical Exam on {DateTime.Today.ToLongDateString()} **");
listenEndPoint = new IPEndPoint(IPAddress.Any, 10000);
listener = new TcpListener(listenEndPoint);
Console.Write("Waiting for client... ");
listener.Start();
client = listener.AcceptTcpClient();
networkStream = client.GetStream();
Console.WriteLine("OK.");
protocol = new ProtocolSI();
byte[] ack = protocol.Make(ProtocolSICmdType.ACK);
rsaServer = new RSACryptoServiceProvider();
rsaClient = new RSACryptoServiceProvider();
aes = new AesCryptoServiceProvider();
Console.Write("Reading Public Key... ");
networkStream.Read(protocol.Buffer, 0, protocol.Buffer.Length);
Console.WriteLine("OK.");
String clientPublicKey = protocol.GetStringFromData();
byte[] packet = protocol.Make(ProtocolSICmdType.PUBLIC_KEY, rsaServer.ToXmlString(false));
Console.WriteLine("Sending Public Key... OK.");
networkStream.Write(packet, 0, packet.Length);
Console.Write("Reading Secret Key... ");
networkStream.Read(protocol.Buffer, 0, protocol.Buffer.Length);
byte[] encryptedSymKey = protocol.GetData();
aes.Key = rsaServer.Decrypt(encryptedSymKey, true);
Console.WriteLine("OK.");
networkStream.Write(ack, 0, ack.Length);
Console.Write("Reading IV...");
networkStream.Read(protocol.Buffer, 0, protocol.Buffer.Length);
aes.IV = protocol.GetData();
Console.WriteLine("OK.");
networkStream.Write(ack, 0, ack.Length);
symmetricsSI = new SymmetricsSI(aes);
Console.Write("Reading File Data... ");
networkStream.Read(protocol.Buffer, 0, protocol.Buffer.Length);
Console.WriteLine("OK.");
byte[] data = symmetricsSI.Decrypt(protocol.GetData());
sha256 = new SHA256CryptoServiceProvider();
byte[] signature = rsaServer.SignData(data, sha256);
Console.WriteLine("Sending Signature... OK.");
packet = protocol.Make(ProtocolSICmdType.DATA, symmetricsSI.Encrypt(signature));
networkStream.Write(packet, 0, packet.Length);
}
catch (Exception ex)
{
Console.WriteLine($"Error: {ex.ToString()}");
}
finally
{
if (sha256 != null)
{
sha256.Dispose();
}
if (aes != null)
{
aes.Dispose();
}
if (rsaClient != null)
{
rsaClient.Dispose();
}
if (rsaServer != null)
{
rsaServer.Dispose();
}
if (networkStream != null)
{
networkStream.Dispose();
}
if (client != null)
{
client.Close();
}
if (listener != null)
{
listener.Stop();
}
Console.WriteLine("CLIENT should verify the digital signature.");
}
Console.Write("End: Press a key...");
Console.ReadKey();
} // main