private byte[] DecryptKey(byte[] contentBytes, string passphrase)
{
byte[] importKey = null;
if (passwordProtected)
{
byte[] passHash = CheckPassword(contentBytes, passphrase);
byte[] encryptedKey = new byte[contentBytes.Length - FlagLength - PassHashLength];
Buffer.BlockCopy(contentBytes, FlagLength + PassHashLength, encryptedKey, 0, encryptedKey.Length);
using (SymmetricAlgorithm algorithm = RijndaelManaged.Create())
{
SymmetricCryptographer crypto = new SymmetricCryptographer(algorithm, passHash);
importKey = crypto.Decrypt(encryptedKey);
}
}
else
{
importKey = new byte[contentBytes.Length - 1];
Buffer.BlockCopy(contentBytes, 1, importKey, 0, contentBytes.Length - FlagLength);
}
return(importKey);
}
/// <summary>
/// <para>Decrypts bytes with the initialized algorithm and key.</para>
/// </summary>
/// <param name="ciphertext"><para>The ciphertext in which you wish to decrypt.</para></param>
/// <returns><para>The resulting plaintext.</para></returns>
/// <remarks>
/// <para>If no encryption is defined, the bytes passed in are returned.</para>
/// </remarks>
public byte[] Decrypt(byte[] ciphertext)
{
if (encrypted)
{
SymmetricCryptographer crypt = new SymmetricCryptographer(keyAlgorithmPair.AlgorithmTypeName, keyAlgorithmPair.Key);
return(crypt.Decrypt(ciphertext));
}
return(ciphertext);
}
/// <summary>
/// <para>Encrypts bytes with the initialized algorithm and key.</para>
/// </summary>
/// <param name="plaintext"><para>The plaintext in which you wish to encrypt.</para></param>
/// <returns><para>The resulting ciphertext.</para></returns>
/// <remarks>
/// <para>If no encryption is defined, the bytes passed in are returned.</para>
/// </remarks>
public byte[] Encrypt(byte[] plaintext)
{
if (encrypted)
{
SymmetricCryptographer crypt = new SymmetricCryptographer(keyAlgorithmPair.AlgorithmTypeName, keyAlgorithmPair.Key);
return(crypt.Encrypt(plaintext));
}
return(plaintext);
}
/// <summary>
/// <para>Encrypts a secret using the configured <c>SymmetricAlgorithm</c>.</para>
/// </summary>
/// <param name="plaintext"><para>The input for which you want to encrypt.</para></param>
/// <returns><para>The resulting cipher text.</para></returns>
/// <seealso cref="ISymmetricCryptoProvider.Encrypt"/>
public byte[] Encrypt(byte[] plaintext)
{
ArgumentValidation.CheckForNullReference(plaintext, "plaintext");
ArgumentValidation.CheckForZeroBytes(plaintext, "plaintext");
byte[] output = null;
SymmetricAlgorithmProviderData data = GetSymmetricAlgorithmProviderDataFromCursor();
SymmetricCryptographer crypto = new SymmetricCryptographer(data.AlgorithmType, data.Key);
output = crypto.Encrypt(plaintext);
SecurityCryptoSymmetricEncryptionEvent.Fire(string.Empty);
return output;
}
private string EncryptKey(byte[] key, string passphrase)
{
byte[] output = null;
byte[] passphraseBytes = GetPassphraseBytes(passphrase);
using (SymmetricAlgorithm algorithm = RijndaelManaged.Create())
{
SymmetricCryptographer crypto = new SymmetricCryptographer(algorithm, passphraseBytes);
byte[] encryptedKey = crypto.Encrypt(key);
output = AppendPasswordHash(encryptedKey, passphraseBytes, PasswordProtectedFlag);
}
return(Convert.ToBase64String(output));
}
public void EncryptAndDecryptWithTypeUsingProtectedKey()
{
byte[] key = new byte[16];
CryptographyUtility.GetRandomBytes(key);
ProtectedKey protectedKey = ProtectedKey.CreateFromPlaintextKey(key, DataProtectionScope.LocalMachine);
SymmetricCryptographer symm = new SymmetricCryptographer(typeof(RijndaelManaged), protectedKey);
byte[] plainText = new byte[12];
CryptographyUtility.GetRandomBytes(plainText);
byte[] cipherText = symm.Encrypt(plainText);
Assert.IsFalse(CryptographyUtility.CompareBytes(cipherText, plainText));
byte[] decryptedText = symm.Decrypt(cipherText);
Assert.IsTrue(CryptographyUtility.CompareBytes(plainText, decryptedText));
}
public void EncryptAndDecryptWithType()
{
string alg = typeof(RijndaelManaged).AssemblyQualifiedName;
byte[] key = new byte[16];
CryptographyUtility.GetRandomBytes(key);
SymmetricCryptographer symm = new SymmetricCryptographer(alg, key);
byte[] plainText = new byte[12];
CryptographyUtility.GetRandomBytes(plainText);
byte[] cipherText = symm.Encrypt(plainText);
Assert.IsFalse(CryptographyUtility.CompareBytes(cipherText, plainText));
byte[] decryptedText = symm.Decrypt(cipherText);
Assert.IsTrue(CryptographyUtility.CompareBytes(plainText, decryptedText));
}
public void EncryptAndDecryptWithAlgorithm()
{
SymmetricAlgorithm alg = RijndaelManaged.Create();
byte[] key = new byte[16];
CryptographyUtility.GetRandomBytes(key);
SymmetricCryptographer symm = new SymmetricCryptographer(alg, key);
byte[] plainText = new byte[12];
CryptographyUtility.GetRandomBytes(plainText);
byte[] cipherText = symm.Encrypt(plainText);
Assert.IsFalse(CryptographyUtility.CompareBytes(cipherText, plainText));
byte[] decryptedText = symm.Decrypt(cipherText);
Assert.IsTrue(CryptographyUtility.CompareBytes(plainText, decryptedText));
}
public void EncryptAndDecryptWithType()
{
string alg = typeof(RijndaelManaged).AssemblyQualifiedName;
byte[] key = new byte[16];
CryptographyUtility.GetRandomBytes(key);
SymmetricCryptographer symm = new SymmetricCryptographer(alg, key);
byte[] plainText = new byte[12];
CryptographyUtility.GetRandomBytes(plainText);
byte[] cipherText = symm.Encrypt(plainText);
Assert.IsFalse(CryptographyUtility.CompareBytes(cipherText, plainText));
byte[] decryptedText = symm.Decrypt(cipherText);
Assert.IsTrue(CryptographyUtility.CompareBytes(plainText, decryptedText));
}
public void EncryptAndDecryptWithAlgorithm()
{
SymmetricAlgorithm alg = RijndaelManaged.Create();
byte[] key = new byte[16];
CryptographyUtility.GetRandomBytes(key);
SymmetricCryptographer symm = new SymmetricCryptographer(alg, key);
byte[] plainText = new byte[12];
CryptographyUtility.GetRandomBytes(plainText);
byte[] cipherText = symm.Encrypt(plainText);
Assert.IsFalse(CryptographyUtility.CompareBytes(cipherText, plainText));
byte[] decryptedText = symm.Decrypt(cipherText);
Assert.IsTrue(CryptographyUtility.CompareBytes(plainText, decryptedText));
}
public void ExportKeyWithPassword()
{
string passphrase = "password123";
this.utility.Export(this.key, Destination, passphrase);
string contents = GetFileContents(Destination);
byte[] contentBytes = Convert.FromBase64String(contents);
Assert.AreEqual(ImportExportUtility.PasswordProtectedFlag, contentBytes[0], "assert first byte is plain text flag");
byte[] encryptedKey = new byte[64];
Buffer.BlockCopy(contentBytes, 33, encryptedKey, 0, 64); // 33 = flag(1) + pw hash(32)
byte[] cryptoKey = GetPassphraseBytes(passphrase);
SymmetricAlgorithm algorithm = RijndaelManaged.Create();
SymmetricCryptographer crypto = new SymmetricCryptographer(algorithm, cryptoKey);
byte[] decryptedKey = crypto.Decrypt(encryptedKey);
Assert.IsTrue(CryptographyUtility.CompareBytes(this.key, decryptedKey), "key contents");
}
public void ConstructingWithNullTypeThrows()
{
SymmetricCryptographer symm = new SymmetricCryptographer(null, null);
}
public void ConstructingWithBadTypeThrows()
{
SymmetricCryptographer symm = new SymmetricCryptographer(typeof(object), null);
}
public void ConstructingWithNullTypeThrows()
{
SymmetricCryptographer symm = new SymmetricCryptographer((Type)null, (ProtectedKey)null);
}