/// <summary> /// Read the protected string and return it protected with a sequence /// of bytes generated by a random stream. The object's data will be /// invisible in process memory only if the object has been initialized /// using a <c>XorredBuffer</c>. If no <c>XorredBuffer</c> has been used /// or the string has been read once already (in plain-text), the /// operation won't be secure and the protected string will be visible /// in process memory. /// </summary> /// <param name="crsRandomSource">Random number source.</param> /// <returns>Protected string.</returns> /// <exception cref="System.ArgumentNullException">Thrown if the input /// parameter is <c>null</c>.</exception> public byte[] ReadXorredString(CryptoRandomStream crsRandomSource) { Debug.Assert(crsRandomSource != null); if(crsRandomSource == null) throw new ArgumentNullException("crsRandomSource"); if(m_xbEncrypted != null) { uint uLen = m_xbEncrypted.Length; byte[] randomPad = crsRandomSource.GetRandomBytes(uLen); return m_xbEncrypted.ChangeKey(randomPad); } else // Not using XorredBuffer { byte[] pbData = ReadUtf8(); uint uLen = (uint)pbData.Length; byte[] randomPad = crsRandomSource.GetRandomBytes(uLen); Debug.Assert(randomPad.Length == uLen); for(uint i = 0; i < uLen; ++i) pbData[i] ^= randomPad[i]; return pbData; } }
private static int BenchTime(CrsAlgorithm cra, int nRounds, int nDataSize) { byte[] pbKey = new byte[4] { 0x00, 0x01, 0x02, 0x03 }; int nStart = Environment.TickCount; for(int i = 0; i < nRounds; ++i) { CryptoRandomStream c = new CryptoRandomStream(cra, pbKey); c.GetRandomBytes((uint)nDataSize); } int nEnd = Environment.TickCount; return (nEnd - nStart); }
private static ProtectedString PatternGenerate(string strPattern, bool bReturnProtected, byte[] pbAdditionalEntropy) { LinkedList <char> vGenerated = new LinkedList <char>(); CryptoRandomStream crs = CreateCryptoStream(pbAdditionalEntropy); byte[] pbRandom = crs.GetRandomBytes(1024); int nRandomPos = 0; StringBuilder sb = new StringBuilder(); for (char chAdd = '~'; chAdd < 255; ++chAdd) { sb.Append(chAdd); } string strCharSetHighANSI = sb.ToString(); strPattern = PasswordGenerator.ExpandPattern(strPattern); CharStream csStream = new CharStream(strPattern); char ch = csStream.ReadChar(); while (ch != char.MinValue) { string strCurrentCharSet = string.Empty; switch (ch) { case '\\': ch = csStream.ReadChar(); if (ch == char.MinValue) // Backslash at the end { vGenerated.AddLast('\\'); break; } vGenerated.AddLast(ch); break; case 'a': strCurrentCharSet = CharSetLower + CharSetNumeric; break; case 'A': strCurrentCharSet = CharSetLower + CharSetUpper + CharSetNumeric; break; case '\u00C2': strCurrentCharSet = CharSetUpper + CharSetNumeric; break; case 'c': strCurrentCharSet = CharSetLowerConsonants; break; case 'C': strCurrentCharSet = CharSetLowerConsonants + CharSetUpperConsonants; break; case '\u0108': strCurrentCharSet = CharSetUpperConsonants; break; case 'd': strCurrentCharSet = CharSetNumeric; break; // Digit case 'h': strCurrentCharSet = CharSetHexLower; break; case 'H': strCurrentCharSet = CharSetHexUpper; break; case 'l': strCurrentCharSet = CharSetLower; break; case 'L': strCurrentCharSet = CharSetLower + CharSetUpper; break; case '\u013D': strCurrentCharSet = CharSetUpper; break; case 'p': strCurrentCharSet = CharSetPunctuation; break; case 'v': strCurrentCharSet = CharSetLowerVowel; break; case 'V': strCurrentCharSet = CharSetLowerVowel + CharSetUpperVowel; break; case '\u0177': strCurrentCharSet = CharSetUpperVowel; break; case 'x': strCurrentCharSet = strCharSetHighANSI; break; default: vGenerated.AddLast(ch); break; } if (strCurrentCharSet.Length > 0) { while (true) { byte bt = pbRandom[nRandomPos]; ++nRandomPos; if (nRandomPos == pbRandom.Length) { pbRandom = crs.GetRandomBytes(1024); nRandomPos = 0; } if (bt < (byte)strCurrentCharSet.Length) { vGenerated.AddLast(strCurrentCharSet[(int)bt]); break; } } } ch = csStream.ReadChar(); } char[] vArray = new char[vGenerated.Count]; vGenerated.CopyTo(vArray, 0); UTF8Encoding utf8 = new UTF8Encoding(); ProtectedString ps = new ProtectedString(bReturnProtected, utf8.GetBytes(vArray)); Array.Clear(vArray, 0, vArray.Length); vGenerated.Clear(); return(ps); }
/// <summary> /// Read the protected string and return it protected with a sequence /// of bytes generated by a random stream. /// </summary> /// <param name="crsRandomSource">Random number source.</param> /// <returns>Protected string.</returns> public byte[] ReadXorredString(CryptoRandomStream crsRandomSource) { Debug.Assert(crsRandomSource != null); if(crsRandomSource == null) throw new ArgumentNullException("crsRandomSource"); byte[] pbData = ReadUtf8(); uint uLen = (uint)pbData.Length; byte[] randomPad = crsRandomSource.GetRandomBytes(uLen); Debug.Assert(randomPad.Length == pbData.Length); for(uint i = 0; i < uLen; ++i) pbData[i] ^= randomPad[i]; return pbData; }
private static ProtectedString CustomCharSetGenerate(CustomCharSet charSet, uint uPasswordLength, bool bReturnProtected, byte[] pbAdditionalEntropy) { Debug.Assert(charSet != null); if (charSet == null) { throw new ArgumentNullException(); } if (charSet.UCount == 0) { return(new ProtectedString(false, string.Empty)); } if (uPasswordLength == 0) { return(new ProtectedString(false, string.Empty)); } CryptoRandomStream crs = CreateCryptoStream(pbAdditionalEntropy); UTF8Encoding utf8 = new UTF8Encoding(); uint uGeneratedCount = 0, uNewCharIndex, uRandomPos = 0; byte[] pbRandom = crs.GetRandomBytes(1024); bool b16BitIndex = (charSet.UCount > 256); char[] vGenerated = new char[uPasswordLength]; Array.Clear(vGenerated, 0, vGenerated.Length); while (uGeneratedCount < uPasswordLength) { uNewCharIndex = pbRandom[uRandomPos]; ++uRandomPos; if (b16BitIndex) { uNewCharIndex *= 256; uNewCharIndex += pbRandom[uRandomPos]; ++uRandomPos; } if (uRandomPos >= (uint)pbRandom.Length) { pbRandom = CryptoRandom.GetRandomBytes(1024); uRandomPos = 0; } if (uNewCharIndex < charSet.UCount) { vGenerated[uGeneratedCount] = charSet[uNewCharIndex]; ++uGeneratedCount; } } if (Array.IndexOf <char>(vGenerated, char.MinValue) >= 0) { Debug.Assert(false); throw new System.Security.SecurityException(); } byte[] pbUTF8 = utf8.GetBytes(vGenerated); ProtectedString ps = new ProtectedString(bReturnProtected, pbUTF8); Array.Clear(pbUTF8, 0, pbUTF8.Length); Array.Clear(vGenerated, 0, vGenerated.Length); return(ps); }