public BufferedIesCipher(IesEngine engine) { if (engine == null) throw new ArgumentNullException("engine"); _engine = engine; }
private void StaticTest() { FpCurve curve = new FpCurve( new BigInteger("6277101735386680763835789423207666416083908700390324961279"), // q new BigInteger("fffffffffffffffffffffffffffffffefffffffffffffffc", 16), // a new BigInteger("64210519e59c80e70fa7e9ab72243049feb8deecc146b9b1", 16)); // b ECDomainParameters parameters = new ECDomainParameters( curve, curve.DecodePoint(Hex.Decode("03188da80eb03090f67cbf20eb43a18800f4ff0afd82ff1012")), // G new BigInteger("6277101735386680763835789423176059013767194773182842284081")); // n ECPrivateKeyParameters priKey = new ECPrivateKeyParameters( "ECDH", new BigInteger("651056770906015076056810763456358567190100156695615665659"), // d parameters); ECPublicKeyParameters pubKey = new ECPublicKeyParameters( "ECDH", curve.DecodePoint(Hex.Decode("0262b12d60690cdcf330babab6e69763b471f994dd702d16a5")), // Q parameters); AsymmetricCipherKeyPair p1 = new AsymmetricCipherKeyPair(pubKey, priKey); AsymmetricCipherKeyPair p2 = new AsymmetricCipherKeyPair(pubKey, priKey); // // stream test // IesEngine i1 = new IesEngine( new ECDHBasicAgreement(), new Kdf2BytesGenerator(new Sha1Digest()), new HMac(new Sha1Digest())); IesEngine i2 = new IesEngine( new ECDHBasicAgreement(), new Kdf2BytesGenerator(new Sha1Digest()), new HMac(new Sha1Digest())); byte[] d = new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 }; byte[] e = new byte[] { 8, 7, 6, 5, 4, 3, 2, 1 }; IesParameters p = new IesParameters(d, e, 64); i1.Init(true, p1.Private, p2.Public, p); i2.Init(false, p2.Private, p1.Public, p); byte[] message = Hex.Decode("1234567890abcdef"); byte[] out1 = i1.ProcessBlock(message, 0, message.Length); if (!AreEqual(out1, Hex.Decode("468d89877e8238802403ec4cb6b329faeccfa6f3a730f2cdb3c0a8e8"))) { Fail("stream cipher test failed on enc"); } byte[] out2 = i2.ProcessBlock(out1, 0, out1.Length); if (!AreEqual(out2, message)) { Fail("stream cipher test failed"); } // // twofish with CBC // BufferedBlockCipher c1 = new PaddedBufferedBlockCipher( new CbcBlockCipher(new TwofishEngine())); BufferedBlockCipher c2 = new PaddedBufferedBlockCipher( new CbcBlockCipher(new TwofishEngine())); i1 = new IesEngine( new ECDHBasicAgreement(), new Kdf2BytesGenerator(new Sha1Digest()), new HMac(new Sha1Digest()), c1); i2 = new IesEngine( new ECDHBasicAgreement(), new Kdf2BytesGenerator(new Sha1Digest()), new HMac(new Sha1Digest()), c2); d = new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 }; e = new byte[] { 8, 7, 6, 5, 4, 3, 2, 1 }; p = new IesWithCipherParameters(d, e, 64, 128); i1.Init(true, p1.Private, p2.Public, p); i2.Init(false, p2.Private, p1.Public, p); message = Hex.Decode("1234567890abcdef"); out1 = i1.ProcessBlock(message, 0, message.Length); if (!AreEqual(out1, Hex.Decode("b8a06ea5c2b9df28b58a0a90a734cde8c9c02903e5c220021fe4417410d1e53a32a71696"))) { Fail("twofish cipher test failed on enc"); } out2 = i2.ProcessBlock(out1, 0, out1.Length); if (!AreEqual(out2, message)) { Fail("twofish cipher test failed"); } }
private void DoTest( AsymmetricCipherKeyPair p1, AsymmetricCipherKeyPair p2) { // // stream test // IesEngine i1 = new IesEngine( new ECDHBasicAgreement(), new Kdf2BytesGenerator(new Sha1Digest()), new HMac(new Sha1Digest())); IesEngine i2 = new IesEngine( new ECDHBasicAgreement(), new Kdf2BytesGenerator(new Sha1Digest()), new HMac(new Sha1Digest())); byte[] d = new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 }; byte[] e = new byte[] { 8, 7, 6, 5, 4, 3, 2, 1 }; IesParameters p = new IesParameters(d, e, 64); i1.Init(true, p1.Private, p2.Public, p); i2.Init(false, p2.Private, p1.Public, p); byte[] message = Hex.Decode("1234567890abcdef"); byte[] out1 = i1.ProcessBlock(message, 0, message.Length); byte[] out2 = i2.ProcessBlock(out1, 0, out1.Length); if (!AreEqual(out2, message)) { Fail("stream cipher test failed"); } // // twofish with CBC // BufferedBlockCipher c1 = new PaddedBufferedBlockCipher( new CbcBlockCipher(new TwofishEngine())); BufferedBlockCipher c2 = new PaddedBufferedBlockCipher( new CbcBlockCipher(new TwofishEngine())); i1 = new IesEngine( new ECDHBasicAgreement(), new Kdf2BytesGenerator(new Sha1Digest()), new HMac(new Sha1Digest()), c1); i2 = new IesEngine( new ECDHBasicAgreement(), new Kdf2BytesGenerator(new Sha1Digest()), new HMac(new Sha1Digest()), c2); d = new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 }; e = new byte[] { 8, 7, 6, 5, 4, 3, 2, 1 }; p = new IesWithCipherParameters(d, e, 64, 128); i1.Init(true, p1.Private, p2.Public, p); i2.Init(false, p2.Private, p1.Public, p); message = Hex.Decode("1234567890abcdef"); out1 = i1.ProcessBlock(message, 0, message.Length); out2 = i2.ProcessBlock(out1, 0, out1.Length); if (!AreEqual(out2, message)) { Fail("twofish cipher test failed"); } }
public static IBufferedCipher GetCipher(string algorithm) { if (algorithm == null) throw new ArgumentNullException("algorithm"); algorithm = Platform.StringToUpper(algorithm); var aliased = (string) _algorithms[algorithm]; if (aliased != null) algorithm = aliased; IesEngine iesEngine = null; switch (algorithm) { case "IES": iesEngine = new IesEngine(new DHBasicAgreement(), new Kdf2BytesGenerator(new Sha1Digest()), new HMac(new Sha1Digest())); break; case "ECIES": iesEngine = new IesEngine(new ECDHBasicAgreement(), new Kdf2BytesGenerator(new Sha1Digest()), new HMac(new Sha1Digest())); break; case "ECCCDHIES": iesEngine = new IesEngine(new ECDHBasicAgreement()); break; } if (iesEngine != null) return new BufferedIesCipher(iesEngine); if (algorithm.StartsWith("PBE")) { if (algorithm.EndsWith("-CBC")) { if (algorithm == "PBEWITHSHA1ANDDES-CBC") { return new PaddedBufferedBlockCipher( new CbcBlockCipher(new DesEngine())); } if (algorithm == "PBEWITHSHA1ANDRC2-CBC") { return new PaddedBufferedBlockCipher( new CbcBlockCipher(new RC2Engine())); } if (Strings.IsOneOf(algorithm, "PBEWITHSHAAND2-KEYTRIPLEDES-CBC", "PBEWITHSHAAND3-KEYTRIPLEDES-CBC")) { return new PaddedBufferedBlockCipher( new CbcBlockCipher(new DesEdeEngine())); } if (Strings.IsOneOf(algorithm, "PBEWITHSHAAND128BITRC2-CBC", "PBEWITHSHAAND40BITRC2-CBC")) { return new PaddedBufferedBlockCipher( new CbcBlockCipher(new RC2Engine())); } } else if (algorithm.EndsWith("-BC") || algorithm.EndsWith("-OPENSSL")) { if (Strings.IsOneOf(algorithm, "PBEWITHSHAAND128BITAES-CBC-BC", "PBEWITHSHAAND192BITAES-CBC-BC", "PBEWITHSHAAND256BITAES-CBC-BC", "PBEWITHSHA256AND128BITAES-CBC-BC", "PBEWITHSHA256AND192BITAES-CBC-BC", "PBEWITHSHA256AND256BITAES-CBC-BC", "PBEWITHMD5AND128BITAES-CBC-OPENSSL", "PBEWITHMD5AND192BITAES-CBC-OPENSSL", "PBEWITHMD5AND256BITAES-CBC-OPENSSL")) { return new PaddedBufferedBlockCipher(new CbcBlockCipher(new AesFastEngine())); } } } var parts = algorithm.Split('/'); IBlockCipher blockCipher = null; IAsymmetricBlockCipher asymBlockCipher = null; IStreamCipher streamCipher = null; var algorithmName = parts[0]; CipherAlgorithm cipherAlgorithm; try { cipherAlgorithm = (CipherAlgorithm) Enums.GetEnumValue(typeof (CipherAlgorithm), algorithmName); } catch (ArgumentException) { throw new SecurityUtilityException("Cipher " + algorithm + " not recognised."); } switch (cipherAlgorithm) { case CipherAlgorithm.AES: blockCipher = new AesFastEngine(); break; case CipherAlgorithm.ARC4: streamCipher = new RC4Engine(); break; case CipherAlgorithm.BLOWFISH: blockCipher = new BlowfishEngine(); break; case CipherAlgorithm.CAMELLIA: blockCipher = new CamelliaEngine(); break; case CipherAlgorithm.CAST5: blockCipher = new Cast5Engine(); break; case CipherAlgorithm.CAST6: blockCipher = new Cast6Engine(); break; case CipherAlgorithm.DES: blockCipher = new DesEngine(); break; case CipherAlgorithm.DESEDE: blockCipher = new DesEdeEngine(); break; case CipherAlgorithm.ELGAMAL: asymBlockCipher = new ElGamalEngine(); break; case CipherAlgorithm.GOST28147: blockCipher = new Gost28147Engine(); break; case CipherAlgorithm.HC128: streamCipher = new HC128Engine(); break; case CipherAlgorithm.HC256: streamCipher = new HC256Engine(); break; case CipherAlgorithm.IDEA: #if INCLUDE_IDEA blockCipher = new IdeaEngine(); break; #else throw new SecurityUtilityException("Cipher " + algorithm + " not included."); #endif case CipherAlgorithm.NOEKEON: blockCipher = new NoekeonEngine(); break; case CipherAlgorithm.PBEWITHSHAAND128BITRC4: case CipherAlgorithm.PBEWITHSHAAND40BITRC4: streamCipher = new RC4Engine(); break; case CipherAlgorithm.RC2: blockCipher = new RC2Engine(); break; case CipherAlgorithm.RC5: blockCipher = new RC532Engine(); break; case CipherAlgorithm.RC5_64: blockCipher = new RC564Engine(); break; case CipherAlgorithm.RC6: blockCipher = new RC6Engine(); break; case CipherAlgorithm.RIJNDAEL: blockCipher = new RijndaelEngine(); break; case CipherAlgorithm.RSA: asymBlockCipher = new RsaBlindedEngine(); break; case CipherAlgorithm.SALSA20: streamCipher = new Salsa20Engine(); break; case CipherAlgorithm.SEED: blockCipher = new SeedEngine(); break; case CipherAlgorithm.SERPENT: blockCipher = new SerpentEngine(); break; case CipherAlgorithm.SKIPJACK: blockCipher = new SkipjackEngine(); break; case CipherAlgorithm.TEA: blockCipher = new TeaEngine(); break; case CipherAlgorithm.TWOFISH: blockCipher = new TwofishEngine(); break; case CipherAlgorithm.VMPC: streamCipher = new VmpcEngine(); break; case CipherAlgorithm.VMPC_KSA3: streamCipher = new VmpcKsa3Engine(); break; case CipherAlgorithm.XTEA: blockCipher = new XteaEngine(); break; default: throw new SecurityUtilityException("Cipher " + algorithm + " not recognised."); } if (streamCipher != null) { if (parts.Length > 1) throw new ArgumentException("Modes and paddings not used for stream ciphers"); return new BufferedStreamCipher(streamCipher); } var cts = false; var padded = true; IBlockCipherPadding padding = null; IAeadBlockCipher aeadBlockCipher = null; if (parts.Length > 2) { var paddingName = parts[2]; CipherPadding cipherPadding; switch (paddingName) { case "": cipherPadding = CipherPadding.RAW; break; case "X9.23PADDING": cipherPadding = CipherPadding.X923PADDING; break; default: try { cipherPadding = (CipherPadding) Enums.GetEnumValue(typeof (CipherPadding), paddingName); } catch (ArgumentException) { throw new SecurityUtilityException("Cipher " + algorithm + " not recognised."); } break; } switch (cipherPadding) { case CipherPadding.NOPADDING: padded = false; break; case CipherPadding.RAW: break; case CipherPadding.ISO10126PADDING: case CipherPadding.ISO10126D2PADDING: case CipherPadding.ISO10126_2PADDING: padding = new ISO10126d2Padding(); break; case CipherPadding.ISO7816_4PADDING: case CipherPadding.ISO9797_1PADDING: padding = new ISO7816d4Padding(); break; case CipherPadding.ISO9796_1: case CipherPadding.ISO9796_1PADDING: asymBlockCipher = new ISO9796d1Encoding(asymBlockCipher); break; case CipherPadding.OAEP: case CipherPadding.OAEPPADDING: asymBlockCipher = new OaepEncoding(asymBlockCipher); break; case CipherPadding.OAEPWITHMD5ANDMGF1PADDING: asymBlockCipher = new OaepEncoding(asymBlockCipher, new MD5Digest()); break; case CipherPadding.OAEPWITHSHA1ANDMGF1PADDING: case CipherPadding.OAEPWITHSHA_1ANDMGF1PADDING: asymBlockCipher = new OaepEncoding(asymBlockCipher, new Sha1Digest()); break; case CipherPadding.OAEPWITHSHA224ANDMGF1PADDING: case CipherPadding.OAEPWITHSHA_224ANDMGF1PADDING: asymBlockCipher = new OaepEncoding(asymBlockCipher, new Sha224Digest()); break; case CipherPadding.OAEPWITHSHA256ANDMGF1PADDING: case CipherPadding.OAEPWITHSHA_256ANDMGF1PADDING: asymBlockCipher = new OaepEncoding(asymBlockCipher, new Sha256Digest()); break; case CipherPadding.OAEPWITHSHA384ANDMGF1PADDING: case CipherPadding.OAEPWITHSHA_384ANDMGF1PADDING: asymBlockCipher = new OaepEncoding(asymBlockCipher, new Sha384Digest()); break; case CipherPadding.OAEPWITHSHA512ANDMGF1PADDING: case CipherPadding.OAEPWITHSHA_512ANDMGF1PADDING: asymBlockCipher = new OaepEncoding(asymBlockCipher, new Sha512Digest()); break; case CipherPadding.PKCS1: case CipherPadding.PKCS1PADDING: asymBlockCipher = new Pkcs1Encoding(asymBlockCipher); break; case CipherPadding.PKCS5: case CipherPadding.PKCS5PADDING: case CipherPadding.PKCS7: case CipherPadding.PKCS7PADDING: padding = new Pkcs7Padding(); break; case CipherPadding.TBCPADDING: padding = new TbcPadding(); break; case CipherPadding.WITHCTS: cts = true; break; case CipherPadding.X923PADDING: padding = new X923Padding(); break; case CipherPadding.ZEROBYTEPADDING: padding = new ZeroBytePadding(); break; default: throw new SecurityUtilityException("Cipher " + algorithm + " not recognised."); } } if (parts.Length > 1) { var mode = parts[1]; var di = GetDigitIndex(mode); var modeName = di >= 0 ? mode.Substring(0, di) : mode; try { var cipherMode = modeName == "" ? CipherMode.NONE : (CipherMode) Enums.GetEnumValue(typeof (CipherMode), modeName); switch (cipherMode) { case CipherMode.ECB: case CipherMode.NONE: break; case CipherMode.CBC: blockCipher = new CbcBlockCipher(blockCipher); break; case CipherMode.CCM: aeadBlockCipher = new CcmBlockCipher(blockCipher); break; case CipherMode.CFB: { var bits = (di < 0) ? 8*blockCipher.GetBlockSize() : int.Parse(mode.Substring(di)); blockCipher = new CfbBlockCipher(blockCipher, bits); break; } case CipherMode.CTR: blockCipher = new SicBlockCipher(blockCipher); break; case CipherMode.CTS: cts = true; blockCipher = new CbcBlockCipher(blockCipher); break; case CipherMode.EAX: aeadBlockCipher = new EaxBlockCipher(blockCipher); break; case CipherMode.GCM: aeadBlockCipher = new GcmBlockCipher(blockCipher); break; case CipherMode.GOFB: blockCipher = new GOfbBlockCipher(blockCipher); break; case CipherMode.OFB: { var bits = (di < 0) ? 8*blockCipher.GetBlockSize() : int.Parse(mode.Substring(di)); blockCipher = new OfbBlockCipher(blockCipher, bits); break; } case CipherMode.OPENPGPCFB: blockCipher = new OpenPgpCfbBlockCipher(blockCipher); break; case CipherMode.SIC: if (blockCipher.GetBlockSize() < 16) { throw new ArgumentException( "Warning: SIC-Mode can become a twotime-pad if the blocksize of the cipher is too small. Use a cipher with a block size of at least 128 bits (e.g. AES)"); } blockCipher = new SicBlockCipher(blockCipher); break; default: throw new SecurityUtilityException("Cipher " + algorithm + " not recognised."); } } catch (ArgumentException) { throw new SecurityUtilityException("Cipher " + algorithm + " not recognised."); } } if (aeadBlockCipher != null) { if (cts) throw new SecurityUtilityException("CTS mode not valid for AEAD ciphers."); if (padded && parts.Length > 2 && parts[2] != "") throw new SecurityUtilityException("Bad padding specified for AEAD cipher."); return new BufferedAeadBlockCipher(aeadBlockCipher); } if (blockCipher != null) { if (cts) { return new CtsBlockCipher(blockCipher); } if (padding != null) { return new PaddedBufferedBlockCipher(blockCipher, padding); } if (!padded || blockCipher.IsPartialBlockOkay) { return new BufferedBlockCipher(blockCipher); } return new PaddedBufferedBlockCipher(blockCipher); } if (asymBlockCipher != null) { return new BufferedAsymmetricBlockCipher(asymBlockCipher); } throw new SecurityUtilityException("Cipher " + algorithm + " not recognised."); }
private void StaticTest() { FpCurve curve = new FpCurve( new BigInteger("6277101735386680763835789423207666416083908700390324961279"), // q new BigInteger("fffffffffffffffffffffffffffffffefffffffffffffffc", 16), // a new BigInteger("64210519e59c80e70fa7e9ab72243049feb8deecc146b9b1", 16)); // b ECDomainParameters parameters = new ECDomainParameters( curve, curve.DecodePoint(Hex.Decode("03188da80eb03090f67cbf20eb43a18800f4ff0afd82ff1012")), // G new BigInteger("6277101735386680763835789423176059013767194773182842284081")); // n ECPrivateKeyParameters priKey = new ECPrivateKeyParameters( "ECDH", new BigInteger("651056770906015076056810763456358567190100156695615665659"), // d parameters); ECPublicKeyParameters pubKey = new ECPublicKeyParameters( "ECDH", curve.DecodePoint(Hex.Decode("0262b12d60690cdcf330babab6e69763b471f994dd702d16a5")), // Q parameters); AsymmetricCipherKeyPair p1 = new AsymmetricCipherKeyPair(pubKey, priKey); AsymmetricCipherKeyPair p2 = new AsymmetricCipherKeyPair(pubKey, priKey); // // stream test // IesEngine i1 = new IesEngine( new ECDHBasicAgreement(), new Kdf2BytesGenerator(new Sha1Digest()), new HMac(new Sha1Digest())); IesEngine i2 = new IesEngine( new ECDHBasicAgreement(), new Kdf2BytesGenerator(new Sha1Digest()), new HMac(new Sha1Digest())); byte[] d = new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 }; byte[] e = new byte[] { 8, 7, 6, 5, 4, 3, 2, 1 }; IesParameters p = new IesParameters(d, e, 64); i1.Init(true, p1.Private, p2.Public, p); i2.Init(false, p2.Private, p1.Public, p); byte[] message = Hex.Decode("1234567890abcdef"); byte[] out1 = i1.ProcessBlock(message, 0, message.Length); if (!AreEqual(out1, Hex.Decode("2442ae1fbf90dd9c06b0dcc3b27e69bd11c9aee4ad4cfc9e50eceb44"))) { Fail("stream cipher test failed on enc"); } byte[] out2 = i2.ProcessBlock(out1, 0, out1.Length); if (!AreEqual(out2, message)) { Fail("stream cipher test failed"); } // // twofish with CBC // BufferedBlockCipher c1 = new PaddedBufferedBlockCipher( new CbcBlockCipher(new TwofishEngine())); BufferedBlockCipher c2 = new PaddedBufferedBlockCipher( new CbcBlockCipher(new TwofishEngine())); i1 = new IesEngine( new ECDHBasicAgreement(), new Kdf2BytesGenerator(new Sha1Digest()), new HMac(new Sha1Digest()), c1); i2 = new IesEngine( new ECDHBasicAgreement(), new Kdf2BytesGenerator(new Sha1Digest()), new HMac(new Sha1Digest()), c2); d = new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 }; e = new byte[] { 8, 7, 6, 5, 4, 3, 2, 1 }; p = new IesWithCipherParameters(d, e, 64, 128); i1.Init(true, p1.Private, p2.Public, p); i2.Init(false, p2.Private, p1.Public, p); message = Hex.Decode("1234567890abcdef"); out1 = i1.ProcessBlock(message, 0, message.Length); if (!AreEqual(out1, Hex.Decode("2ea288651e21576215f2424bbb3f68816e282e3931b44bd1c429ebdb5f1b290cf1b13309"))) { Fail("twofish cipher test failed on enc"); } out2 = i2.ProcessBlock(out1, 0, out1.Length); if (!AreEqual(out2, message)) { Fail("twofish cipher test failed"); } }