private byte[] EncryptCookieData(byte[] cookieBlob, int length, Sha1HashProvider hasher = null) { using (var aesProvider = Aes.Create()) { aesProvider.Key = _DecryptionKeyBlob; aesProvider.BlockSize = 128; aesProvider.GenerateIV(); aesProvider.IV = new byte[aesProvider.IV.Length]; aesProvider.Mode = CipherMode.CBC; var decryptor = aesProvider.CreateEncryptor(); using (var ms = new MemoryStream()) { using (var cs = new CryptoStream(ms, decryptor, CryptoStreamMode.Write)) { bool createIv = true; bool useRandomIv = true; bool sign = false; if (createIv) { int ivLength = RoundupNumBitsToNumBytes(aesProvider.KeySize); byte[] iv = null; if (hasher != null) { iv = hasher.GetIVHash(cookieBlob, ivLength); } else if (useRandomIv) { iv = new byte[ivLength]; RandomNumberGenerator.GetBytes(iv); } // first write the iv. cs.Write(iv, 0, iv.Length); } // then write ticket data. cs.Write(cookieBlob, 0, cookieBlob.Length); cs.FlushFinalBlock(); byte[] paddedData = ms.ToArray(); if (sign) { throw new NotImplementedException(); // append signature to encrypted bytes. } return(paddedData); } } } }
private byte[] Decrypt(byte[] cookieBlob, Sha1HashProvider hasher, bool isHashAppended) { if (hasher == null) { throw new ArgumentNullException("hasher"); } if (isHashAppended) { // need to check the hash signature, and strip it off the end of the byte array. cookieBlob = hasher.CheckHashAndRemove(cookieBlob); if (cookieBlob == null) { // signature verification failed throw new Exception(); } } // Now decrypt the encrypted cookie data. using (var aesProvider = Aes.Create()) { aesProvider.Key = _DecryptionKeyBlob; aesProvider.BlockSize = 128; aesProvider.GenerateIV(); aesProvider.IV = new byte[aesProvider.IV.Length]; aesProvider.Mode = CipherMode.CBC; using (var ms = new MemoryStream()) { using (var decryptor = aesProvider.CreateDecryptor()) { using (var cs = new CryptoStream(ms, decryptor, CryptoStreamMode.Write)) { cs.Write(cookieBlob, 0, cookieBlob.Length); cs.FlushFinalBlock(); byte[] paddedData = ms.ToArray(); // The data contains some random bytes prepended at the start. Remove them. int ivLength = RoundupNumBitsToNumBytes(aesProvider.KeySize); int dataLength = paddedData.Length - ivLength; if (dataLength < 0) { throw new Exception(); } byte[] decryptedData = new byte[dataLength]; Buffer.BlockCopy(paddedData, ivLength, decryptedData, 0, dataLength); return(decryptedData); } } } } }
private void Initialize(byte[] decryptionKey, byte[] validationKey) { _DecryptionKeyBlob = decryptionKey; _hasher = new Sha1HashProvider(validationKey); }