public void EncryptPackets(SymmetricAlgorithm keyedAlgorithm, params OpenPgpPacket[] packetsToEncrypt) { var transform = new OpenPgpCfbTransform(keyedAlgorithm, encrypt: true); var msEncrypted = new MemoryStream(); EncryptedStream = msEncrypted; var encryptor = new CryptoStream(msEncrypted, transform, CryptoStreamMode.Write); // HACK: Write the prefix bytes manually rather than do it all in the transform since we need it for the hash encryptor.Write(transform.PrefixBytes, 0, transform.PrefixBytes.Length); var hasher = SHA1.Create(); var hashContentsStream = new MemoryStream(); var hashStream = new CryptoStream(hashContentsStream, hasher, CryptoStreamMode.Write); hashStream.Write(transform.PrefixBytes, 0, transform.PrefixBytes.Length); var currentPacketStream = new MemoryStream(); foreach (var currentPacketToEncrypt in packetsToEncrypt) { currentPacketStream.SetLength(0); currentPacketToEncrypt.WriteTo(currentPacketStream); currentPacketStream.Position = 0; currentPacketStream.CopyTo(hashStream); currentPacketStream.Position = 0; currentPacketStream.CopyTo(encryptor); } var mdcPacket = new ModificationDetectionCodeOpenPgpPacket(); mdcPacket.Header.Length = hasher.HashSize / 8; mdcPacket.Header.WriteTo(hashStream); hashStream.FlushFinalBlock(); var hashContents = hasher.Hash; mdcPacket.HashValue = hashContents; mdcPacket.WriteTo(encryptor); // SECREVIEW: Emit MDC packet encryptor.FlushFinalBlock(); msEncrypted.Position = 0; }
// Throw error if not valid public IEnumerable <OpenPgpPacket> GetDecryptedPackets(SymmetricAlgorithm keyedAlgorithm) { var transform = new OpenPgpCfbTransform(keyedAlgorithm, encrypt: false); var decryptor = new CryptoStream(EncryptedStream, transform, CryptoStreamMode.Read); var decrypted = new MemoryStream(); decryptor.CopyTo(decrypted); // Get rid of the modification detection code, but verify it var mdcStart = decrypted.Length - (1 + 1 + 20); decrypted.Position = mdcStart; var mdcStream = new MemoryStream(); decrypted.CopyTo(mdcStream); decrypted.Position = 0; decrypted.SetLength(mdcStart + 2); var hasher = SHA1.Create(); var hashIncludingHeaderAndLength = hasher.ComputeHash(transform.PrefixBytes.Concat(decrypted.ToArray()).ToArray()); decrypted.SetLength(decrypted.Length - 2); decrypted.Position = 0; // TODO: mdcStream.Position = 0; var mdc = OpenPgpPacketReader.ReadAllPackets(mdcStream).First() as ModificationDetectionCodeOpenPgpPacket; for (int i = 0; i < hashIncludingHeaderAndLength.Length; i++) { if (hashIncludingHeaderAndLength[i] != mdc.HashValue[i]) { throw new ModificationDetectedException(); } } return(OpenPgpPacketReader.ReadAllPackets(decrypted)); }
// Throw error if not valid public IEnumerable<OpenPgpPacket> GetDecryptedPackets(SymmetricAlgorithm keyedAlgorithm) { var transform = new OpenPgpCfbTransform(keyedAlgorithm, encrypt:false); var decryptor = new CryptoStream(EncryptedStream, transform, CryptoStreamMode.Read); var decrypted = new MemoryStream(); decryptor.CopyTo(decrypted); // Get rid of the modification detection code, but verify it var mdcStart = decrypted.Length - (1 + 1 + 20); decrypted.Position = mdcStart; var mdcStream = new MemoryStream(); decrypted.CopyTo(mdcStream); decrypted.Position = 0; decrypted.SetLength(mdcStart + 2); var hasher = SHA1.Create(); var hashIncludingHeaderAndLength = hasher.ComputeHash(transform.PrefixBytes.Concat(decrypted.ToArray()).ToArray()); decrypted.SetLength(decrypted.Length - 2); decrypted.Position = 0; // TODO: mdcStream.Position = 0; var mdc = OpenPgpPacketReader.ReadAllPackets(mdcStream).First() as ModificationDetectionCodeOpenPgpPacket; for(int i = 0; i < hashIncludingHeaderAndLength.Length; i++) { if(hashIncludingHeaderAndLength[i] != mdc.HashValue[i]) { throw new ModificationDetectedException(); } } return OpenPgpPacketReader.ReadAllPackets(decrypted); }
public void EncryptPackets(SymmetricAlgorithm keyedAlgorithm, params OpenPgpPacket[] packetsToEncrypt) { var transform = new OpenPgpCfbTransform(keyedAlgorithm, encrypt: true); var msEncrypted = new MemoryStream(); EncryptedStream = msEncrypted; var encryptor = new CryptoStream(msEncrypted, transform, CryptoStreamMode.Write); // HACK: Write the prefix bytes manually rather than do it all in the transform since we need it for the hash encryptor.Write(transform.PrefixBytes, 0, transform.PrefixBytes.Length); var hasher = SHA1.Create(); var hashContentsStream = new MemoryStream(); var hashStream = new CryptoStream(hashContentsStream, hasher, CryptoStreamMode.Write); hashStream.Write(transform.PrefixBytes, 0, transform.PrefixBytes.Length); var currentPacketStream = new MemoryStream(); foreach(var currentPacketToEncrypt in packetsToEncrypt) { currentPacketStream.SetLength(0); currentPacketToEncrypt.WriteTo(currentPacketStream); currentPacketStream.Position = 0; currentPacketStream.CopyTo(hashStream); currentPacketStream.Position = 0; currentPacketStream.CopyTo(encryptor); } var mdcPacket = new ModificationDetectionCodeOpenPgpPacket(); mdcPacket.Header.Length = hasher.HashSize/8; mdcPacket.Header.WriteTo(hashStream); hashStream.FlushFinalBlock(); var hashContents = hasher.Hash; mdcPacket.HashValue = hashContents; mdcPacket.WriteTo(encryptor); // SECREVIEW: Emit MDC packet encryptor.FlushFinalBlock(); msEncrypted.Position = 0; }