public override void PerformTest() { ICipherParameters kp = new KeyParameter( Hex.Decode("9661410AB797D8A9EB767C21172DF6C7")); ICipherParameters kpwiv = new ParametersWithIV(kp, Hex.Decode("4B5C2F003E67F39557A8D26F3DA2B155")); int offset = 117; byte[] m = new byte[512]; for (int i = 0; i < 256; i++) { m[offset + i] = (byte)i; } VmpcMac mac = new VmpcMac(); mac.Init(kpwiv); mac.BlockUpdate(m, offset, 256); byte[] output = new byte[20]; mac.DoFinal(output, 0); if (!Arrays.AreEqual(output, output1)) { Fail("Fail", Hex.ToHexString(output1), Hex.ToHexString(output)); } }
public override void PerformTest() { byte[] key = Hex.Decode("9661410AB797D8A9EB767C21172DF6C7"); byte[] iv = Hex.Decode("4B5C2F003E67F39557A8D26F3DA2B155"); ICipherParameters kp = new KeyParameter(key); ICipherParameters kpwiv = new ParametersWithIV(kp, iv); VmpcKsa3Engine engine = new VmpcKsa3Engine(); try { engine.Init(true, kp); Fail("Init failed to throw expected exception"); } catch (ArgumentException) { // Expected } engine.Init(true, kpwiv); checkEngine(engine); engine.Reset(); byte[] output = checkEngine(engine); engine.Init(false, kpwiv); byte[] recovered = new byte[output.Length]; engine.ProcessBytes(output, 0, output.Length, recovered, 0); if (!Arrays.AreEqual(input, recovered)) { Fail("decrypted bytes differ from original bytes"); } }
protected virtual ParametersWithIV CreateParametersWithIV(KeyParameter key, byte[] buf, ref int off, int len) { ParametersWithIV ivParams = new ParametersWithIV(key, buf, off, len); off += len; return ivParams; }
public RecipientInfo Generate(KeyParameter contentEncryptionKey, SecureRandom random) { byte[] keyBytes = contentEncryptionKey.GetKey(); string rfc3211WrapperName = Helper.GetRfc3211WrapperName(keyEncryptionKeyOID); IWrapper keyWrapper = Helper.CreateWrapper(rfc3211WrapperName); // Note: In Java build, the IV is automatically generated in JCE layer int ivLength = Platform.StartsWith(rfc3211WrapperName, "DESEDE") ? 8 : 16; byte[] iv = new byte[ivLength]; random.NextBytes(iv); ICipherParameters parameters = new ParametersWithIV(keyEncryptionKey, iv); keyWrapper.Init(true, new ParametersWithRandom(parameters, random)); Asn1OctetString encryptedKey = new DerOctetString( keyWrapper.Wrap(keyBytes, 0, keyBytes.Length)); DerSequence seq = new DerSequence( new DerObjectIdentifier(keyEncryptionKeyOID), new DerOctetString(iv)); AlgorithmIdentifier keyEncryptionAlgorithm = new AlgorithmIdentifier( PkcsObjectIdentifiers.IdAlgPwriKek, seq); return new RecipientInfo(new PasswordRecipientInfo( keyDerivationAlgorithm, keyEncryptionAlgorithm, encryptedKey)); }
/** * decrypt the content and return an input stream. */ public override CmsTypedStream GetContentStream( ICipherParameters key) { try { AlgorithmIdentifier kekAlg = AlgorithmIdentifier.GetInstance(info.KeyEncryptionAlgorithm); Asn1Sequence kekAlgParams = (Asn1Sequence)kekAlg.Parameters; byte[] encryptedKey = info.EncryptedKey.GetOctets(); string kekAlgName = DerObjectIdentifier.GetInstance(kekAlgParams[0]).Id; string cName = CmsEnvelopedHelper.Instance.GetRfc3211WrapperName(kekAlgName); IWrapper keyWrapper = WrapperUtilities.GetWrapper(cName); byte[] iv = Asn1OctetString.GetInstance(kekAlgParams[1]).GetOctets(); ICipherParameters parameters = ((CmsPbeKey)key).GetEncoded(kekAlgName); parameters = new ParametersWithIV(parameters, iv); keyWrapper.Init(false, parameters); KeyParameter sKey = ParameterUtilities.CreateKeyParameter( GetContentAlgorithmName(), keyWrapper.Unwrap(encryptedKey, 0, encryptedKey.Length)); return GetContentFromSessionKey(sKey); } catch (SecurityUtilityException e) { throw new CmsException("couldn't create cipher.", e); } catch (InvalidKeyException e) { throw new CmsException("key invalid in message.", e); } }
private static ParametersWithIV CreateParametersWithIV(KeyParameter key, byte[] buf, ref int off, int len) { ParametersWithIV ivParams = new ParametersWithIV(key, buf, off, len); off += len; return ivParams; }
/** Creates a new instance of AESCipher */ public AESCipher(bool forEncryption, byte[] key, byte[] iv) { IBlockCipher aes = new AesFastEngine(); IBlockCipher cbc = new CbcBlockCipher(aes); bp = new PaddedBufferedBlockCipher(cbc); KeyParameter kp = new KeyParameter(key); ParametersWithIV piv = new ParametersWithIV(kp, iv); bp.Init(forEncryption, piv); }
private void initCipher(bool forEncryption, IBlockCipher cipher, byte[] key_block, int key_size, int key_offset, int iv_offset) { KeyParameter key_parameter = new KeyParameter(key_block, key_offset, key_size); ParametersWithIV parameters_with_iv = new ParametersWithIV( key_parameter, key_block, iv_offset, cipher.GetBlockSize()); cipher.Init(forEncryption, parameters_with_iv); }
public byte[] GenerateAesCtrCipher(byte[] iv, byte[] encryptKey, byte[] input) { //ctr https://gist.github.com/hanswolff/8809275 var key = ParameterUtilities.CreateKeyParameter("AES", encryptKey); var parametersWithIv = new ParametersWithIV(key, iv); var cipher = CipherUtilities.GetCipher("AES/CTR/NoPadding"); cipher.Init(true, parametersWithIv); return cipher.DoFinal(input); }
public Packet MessageEncrypt(ICipherSetRemoteInfo remoteInfo, Packet inner) { CS1ARemoteInfo ri = (CS1ARemoteInfo)remoteInfo; var agreedValue = ECDHAgree (ri.RemotePublicKey, ri.EphemeralKeys.PrivateKey); // Hash the agreed key var hashedValue = Helpers.SHA256Hash (Helpers.ToByteArray(agreedValue, 20)); // Fold to get the actual key for AES byte[] aesKey = Helpers.Fold (hashedValue); Random rnd = new Random (); // Setup and encrypt the actual data byte[] aesIV = new byte[16]; rnd.NextBytes (aesIV); Array.Clear (aesIV, 4, 12); var cipher = new SicBlockCipher (new AesFastEngine ()); var parameters = new ParametersWithIV (new KeyParameter (aesKey), aesIV); cipher.Init (true, parameters); var encryptedInner = new byte[inner.FullPacket.Length]; BufferedBlockCipher bufferCipher = new BufferedBlockCipher (cipher); var offset = bufferCipher.ProcessBytes (inner.FullPacket, encryptedInner, 0); bufferCipher.DoFinal (encryptedInner, offset); // Construct the packet minus the hmac Packet outPacket = new Packet (); outPacket.Body = new byte[29 + encryptedInner.Length]; Buffer.BlockCopy (ri.EphemeralKeys.PublicKey, 0, outPacket.Body, 0, ri.EphemeralKeys.PublicKey.Length); Buffer.BlockCopy (aesIV, 0, outPacket.Body, 21, 4); Buffer.BlockCopy (encryptedInner, 0, outPacket.Body, 25, encryptedInner.Length); // ECDH for the hmac key using var idAgreedValue = ECDHAgree (ri.RemotePublicKey, Key.PrivateKey); // Mash on the IV for the compound key byte[] macKey = new byte[24]; byte[] idAgreedValueArray = Helpers.ToByteArray(idAgreedValue, 20); Buffer.BlockCopy(idAgreedValueArray, 0, macKey, 0, idAgreedValueArray.Length); Buffer.BlockCopy(aesIV, 0, macKey, idAgreedValueArray.Length, 4); // Actually hmac all the data now var hmac = new HMac (new Sha256Digest ()); hmac.Init(new KeyParameter (macKey, 0, 24)); hmac.BlockUpdate(outPacket.Body, 0, 25 + encryptedInner.Length); byte[] mac = new byte[hmac.GetMacSize()]; hmac.DoFinal(mac, 0); // Fold it up, shove it in and we're done var foldedMac = Helpers.Fold(mac, 3); Buffer.BlockCopy(foldedMac, 0, outPacket.Body, 25 + encryptedInner.Length, foldedMac.Length); return outPacket; }
public override ICipherParameters GenParam() { string pass = SafeUtil.GenPass(_Uk.TbPass.Text, _Uk.TbPass.MaxLength); ICipherParameters param = new KeyParameter(Encoding.Default.GetBytes(pass)); if (_Uk.TbSalt.Visible) { pass = SafeUtil.GenPass(_Uk.TbSalt.Text, _Uk.TbSalt.MaxLength); param = new ParametersWithIV(param, Encoding.Default.GetBytes(pass)); } return param; }
/// <summary> /// Generates a key from a password and salt and IV /// </summary> /// <param name="password"></param> /// <param name="saltBytes"></param> /// <param name="ivBytes"></param> /// <returns></returns> private static ParametersWithIV GenerateKey(string password, byte[] saltBytes, byte[] ivBytes) { var passBytes = PbeParametersGenerator.Pkcs5PasswordToUtf8Bytes(password.ToCharArray()); //create key generator var generator = new Pkcs5S2ParametersGenerator(); //initialize generator.Init(passBytes, saltBytes, KEY_DERIVATION_ITERATION); //generate with a 256bit key, and a 128bit IV var kp = new ParametersWithIV(generator.GenerateDerivedParameters(ALGORITHM_NAME, KEY_SIZE), ivBytes); return kp; }
public static byte[] AESGetEncrypt(byte[] key, byte[] plain_data_array, UInt64 counter) { if (key == null || key.Length == 0 || key.Length != 16) throw new ArgumentException("AESGetEncrypt: The key cannot be null/empty and must be 16 bytes in length"); if (plain_data_array == null || plain_data_array.Length == 0) throw new ArgumentException("AESGetEncrypt: The plain data be null/empty"); var _cipher = CipherUtilities.GetCipher("AES/CTR/NoPadding"); ParametersWithIV _parameter_with_iv = new ParametersWithIV(new KeyParameter(key), GetAESCounterBytes(counter)); _cipher.Init(true, _parameter_with_iv); return _cipher.DoFinal(plain_data_array); }
public static string myDecrypt(string cipherText) { // encryption key... var key = Encoding.UTF8.GetBytes("0123456789abcdef"); var iv = Encoding.UTF8.GetBytes("fedcba9876543210"); var cipher = CipherUtilities.GetCipher("AES/CBC/NoPadding"); ParametersWithIV par = new ParametersWithIV(new KeyParameter(key), iv); // Initialise the cipher... cipher.Init(false, par); var bytes = cipher.DoFinal(StringToByteArray(cipherText)); string result = Encoding.UTF8.GetString(bytes, 0, bytes.Length); //result is Always \0\0\0\0\0\0\0\0\0\0\0.... string[] words = result.Split('\0'); return words[0]; }
/** * Method init * * @param forWrapping * @param param */ public virtual void Init( bool forWrapping, ICipherParameters parameters) { this.forWrapping = forWrapping; this.engine = new CbcBlockCipher(new DesEdeEngine()); SecureRandom sr; if (parameters is ParametersWithRandom) { ParametersWithRandom pr = (ParametersWithRandom) parameters; parameters = pr.Parameters; sr = pr.Random; } else { sr = new SecureRandom(); } if (parameters is KeyParameter) { this.param = (KeyParameter) parameters; if (this.forWrapping) { // Hm, we have no IV but we want to wrap ?!? // well, then we have to create our own IV. this.iv = new byte[8]; sr.NextBytes(iv); this.paramPlusIV = new ParametersWithIV(this.param, this.iv); } } else if (parameters is ParametersWithIV) { if (!forWrapping) throw new ArgumentException("You should not supply an IV for unwrapping"); this.paramPlusIV = (ParametersWithIV) parameters; this.iv = this.paramPlusIV.GetIV(); this.param = (KeyParameter) this.paramPlusIV.Parameters; if (this.iv.Length != 8) throw new ArgumentException("IV is not 8 octets", "parameters"); } }
public static AesEncyrption getInstance() { if (instance == null) { try { if (string.IsNullOrEmpty(_encryptionKey)) { Initalize(); } AesEncyrption bcEngine = new AesEncyrption(); KeyParameter keyParam = new KeyParameter(Encoding.UTF8.GetBytes(_encryptionKey)); ICipherParameters param = new ParametersWithIV(keyParam, iv); //create decrypt/encryptor cipher IBlockCipherPadding padding = new Pkcs7Padding(); BufferedBlockCipher decrypt = new PaddedBufferedBlockCipher(new CbcBlockCipher(new AesEngine()), padding); decrypt.Reset(); decrypt.Init(false, param); bcEngine.setDecryptCipher(decrypt); BufferedBlockCipher encrypt = new PaddedBufferedBlockCipher(new CbcBlockCipher(new AesEngine()), padding); encrypt.Reset(); encrypt.Init(true, param); bcEngine.setEncryptCipher(encrypt); instance = bcEngine; } catch (Exception) { throw; } } return instance; }
public void Init( bool forWrapping, ICipherParameters param) { this.forWrapping = forWrapping; if (param is ParametersWithRandom) { ParametersWithRandom p = (ParametersWithRandom) param; this.rand = p.Random; this.param = (ParametersWithIV) p.Parameters; } else { if (forWrapping) { rand = new SecureRandom(); } this.param = (ParametersWithIV) param; } }
protected void oidTest( string[] oids, string[] names, int groupSize) { byte[] data = {1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16}; for (int i = 0; i != oids.Length; i++) { IBufferedCipher c1 = CipherUtilities.GetCipher(oids[i]); IBufferedCipher c2 = CipherUtilities.GetCipher(names[i]); CipherKeyGenerator kg = GeneratorUtilities.GetKeyGenerator(oids[i]); KeyParameter k = ParameterUtilities.CreateKeyParameter(oids[i], kg.GenerateKey()); ICipherParameters cp = k; if (names[i].IndexOf("/ECB/") < 0) { cp = new ParametersWithIV(cp, new byte[16]); } c1.Init(true, cp); c2.Init(false, cp); byte[] result = c2.DoFinal(c1.DoFinal(data)); if (!AreEqual(data, result)) { Fail("failed OID test"); } if (k.GetKey().Length != (16 + ((i / groupSize) * 8))) { Fail("failed key length test"); } } }
private static byte[] decrypt28147cfb(byte[] key, byte[] input) { ICipherParameters param = new ParametersWithIV( new ParametersWithSBox( new KeyParameter(key), //key Gost28147Engine.GetSBox("E-A")), //type S-box Hex.Decode("0000000000000000")); //IV byte[] output = new byte[input.Length]; BufferedBlockCipher cipher = new BufferedBlockCipher(new CfbBlockCipher(new Gost28147Engine(), 64)); cipher.Init(false, param); int len1 = cipher.ProcessBytes(input, 0, input.Length, output, 0); try { cipher.DoFinal(output, len1); } catch (CryptoException ex) { //MessageBox.Show("Error: " + ex.Message); } return output; }
static uint[] Run (IBlockCipher algo, byte[] key, byte[] iv) { IBlockCipher cipher = new Org.BouncyCastle.Crypto.Modes.CbcBlockCipher (algo); ParametersWithIV param = new ParametersWithIV (new KeyParameter (key), iv); Stopwatch sw = new Stopwatch (); uint[] result = new uint[2]; sw.Reset (); sw.Start (); for (int i = 0; i < LOOP; i++) { cipher.Init (true, param); cipher.Reset (); } sw.Stop (); result[0] = (uint)(LOOP / sw.Elapsed.TotalSeconds); sw.Reset (); sw.Start (); for (int i = 0; i < LOOP; i++) { cipher.Init (false, param); cipher.Reset (); } sw.Stop (); result[1] = (uint)(LOOP / sw.Elapsed.TotalSeconds); return result; }
/// <exception cref="IOException"></exception> public TlsStreamCipher(TlsContext context, IStreamCipher clientWriteCipher, IStreamCipher serverWriteCipher, IDigest clientWriteDigest, IDigest serverWriteDigest, int cipherKeySize, bool usesNonce) { bool isServer = context.IsServer; this.context = context; this.usesNonce = usesNonce; this.encryptCipher = clientWriteCipher; this.decryptCipher = serverWriteCipher; int key_block_size = (2 * cipherKeySize) + clientWriteDigest.GetDigestSize() + serverWriteDigest.GetDigestSize(); byte[] key_block = TlsUtilities.CalculateKeyBlock(context, key_block_size); int offset = 0; // Init MACs TlsMac clientWriteMac = new TlsMac(context, clientWriteDigest, key_block, offset, clientWriteDigest.GetDigestSize()); offset += clientWriteDigest.GetDigestSize(); TlsMac serverWriteMac = new TlsMac(context, serverWriteDigest, key_block, offset, serverWriteDigest.GetDigestSize()); offset += serverWriteDigest.GetDigestSize(); // Build keys KeyParameter clientWriteKey = new KeyParameter(key_block, offset, cipherKeySize); offset += cipherKeySize; KeyParameter serverWriteKey = new KeyParameter(key_block, offset, cipherKeySize); offset += cipherKeySize; if (offset != key_block_size) { throw new TlsFatalAlert(AlertDescription.internal_error); } ICipherParameters encryptParams, decryptParams; if (isServer) { this.writeMac = serverWriteMac; this.readMac = clientWriteMac; this.encryptCipher = serverWriteCipher; this.decryptCipher = clientWriteCipher; encryptParams = serverWriteKey; decryptParams = clientWriteKey; } else { this.writeMac = clientWriteMac; this.readMac = serverWriteMac; this.encryptCipher = clientWriteCipher; this.decryptCipher = serverWriteCipher; encryptParams = clientWriteKey; decryptParams = serverWriteKey; } if (usesNonce) { byte[] dummyNonce = new byte[8]; encryptParams = new ParametersWithIV(encryptParams, dummyNonce); decryptParams = new ParametersWithIV(decryptParams, dummyNonce); } this.encryptCipher.Init(true, encryptParams); this.decryptCipher.Init(false, decryptParams); }
private Asn1Object CreateDERForRecipient(byte[] inp, X509Certificate cert) { String s = "1.2.840.113549.3.2"; byte[] outp = new byte[100]; DerObjectIdentifier derob = new DerObjectIdentifier(s); byte[] keyp = IVGenerator.GetIV(16); IBufferedCipher cf = CipherUtilities.GetCipher(derob); KeyParameter kp = new KeyParameter(keyp); byte[] iv = IVGenerator.GetIV(cf.GetBlockSize()); ParametersWithIV piv = new ParametersWithIV(kp, iv); cf.Init(true, piv); int len = cf.DoFinal(inp, outp, 0); byte[] abyte1 = new byte[len]; System.Array.Copy(outp, 0, abyte1, 0, len); DerOctetString deroctetstring = new DerOctetString(abyte1); KeyTransRecipientInfo keytransrecipientinfo = ComputeRecipientInfo(cert, keyp); DerSet derset = new DerSet(new RecipientInfo(keytransrecipientinfo)); Asn1EncodableVector ev = new Asn1EncodableVector(); ev.Add(new DerInteger(58)); ev.Add(new DerOctetString(iv)); DerSequence seq = new DerSequence(ev); AlgorithmIdentifier algorithmidentifier = new AlgorithmIdentifier(derob, seq); EncryptedContentInfo encryptedcontentinfo = new EncryptedContentInfo(PkcsObjectIdentifiers.Data, algorithmidentifier, deroctetstring); Asn1Set set = null; EnvelopedData env = new EnvelopedData(null, derset, encryptedcontentinfo, set); Org.BouncyCastle.Asn1.Cms.ContentInfo contentinfo = new Org.BouncyCastle.Asn1.Cms.ContentInfo(PkcsObjectIdentifiers.EnvelopedData, env); return contentinfo.ToAsn1Object(); }
/** * Method unwrap * * @param in * @param inOff * @param inLen * @return * @throws InvalidCipherTextException */ public byte[] Unwrap( byte[] input, int inOff, int length) { if (forWrapping) { throw new InvalidOperationException("Not set for unwrapping"); } if (input == null) { throw new InvalidCipherTextException("Null pointer as ciphertext"); } int blockSize = engine.GetBlockSize(); if (length % blockSize != 0) { throw new InvalidCipherTextException("Ciphertext not multiple of " + blockSize); } /* // Check if the length of the cipher text is reasonable given the key // type. It must be 40 bytes for a 168 bit key and either 32, 40, or // 48 bytes for a 128, 192, or 256 bit key. If the length is not supported // or inconsistent with the algorithm for which the key is intended, // return error. // // we do not accept 168 bit keys. it has to be 192 bit. int lengthA = (estimatedKeyLengthInBit / 8) + 16; int lengthB = estimatedKeyLengthInBit % 8; if ((lengthA != keyToBeUnwrapped.Length) || (lengthB != 0)) { throw new XMLSecurityException("empty"); } */ // Decrypt the cipher text with TRIPLedeS in CBC mode using the KEK // and an initialization vector (IV) of 0x4adda22c79e82105. Call the output TEMP3. ParametersWithIV param2 = new ParametersWithIV(this.param, IV2); this.engine.Init(false, param2); byte [] TEMP3 = new byte[length]; for (int currentBytePos = 0; currentBytePos != TEMP3.Length; currentBytePos += blockSize) { engine.ProcessBlock(input, inOff + currentBytePos, TEMP3, currentBytePos); } // Reverse the order of the octets in TEMP3 and call the result TEMP2. byte[] TEMP2 = reverse(TEMP3); // Decompose TEMP2 into IV, the first 8 octets, and TEMP1, the remaining octets. this.iv = new byte[8]; byte[] TEMP1 = new byte[TEMP2.Length - 8]; Array.Copy(TEMP2, 0, this.iv, 0, 8); Array.Copy(TEMP2, 8, TEMP1, 0, TEMP2.Length - 8); // Decrypt TEMP1 using TRIPLedeS in CBC mode using the KEK and the IV // found in the previous step. Call the result WKCKS. this.paramPlusIV = new ParametersWithIV(this.param, this.iv); this.engine.Init(false, this.paramPlusIV); byte[] WKCKS = new byte[TEMP1.Length]; for (int currentBytePos = 0; currentBytePos != WKCKS.Length; currentBytePos += blockSize) { engine.ProcessBlock(TEMP1, currentBytePos, WKCKS, currentBytePos); } // Decompose WKCKS. CKS is the last 8 octets and WK, the wrapped key, are // those octets before the CKS. byte[] result = new byte[WKCKS.Length - 8]; byte[] CKStoBeVerified = new byte[8]; Array.Copy(WKCKS, 0, result, 0, WKCKS.Length - 8); Array.Copy(WKCKS, WKCKS.Length - 8, CKStoBeVerified, 0, 8); // Calculate a CMS Key Checksum, (section 5.6.1), over the WK and compare // with the CKS extracted in the above step. If they are not equal, return error. if (!CheckCmsKeyChecksum(result, CKStoBeVerified)) { throw new InvalidCipherTextException( "Checksum inside ciphertext is corrupted"); } // WK is the wrapped key, now extracted for use in data decryption. return result; }
public byte[] Cloak() { Encode (); byte[] outData = new byte[FullPacket.Length + 8]; // Get our nonce Random rnd = new Random (); byte[] nonce = new byte[8]; rnd.NextBytes (nonce); // We can't have a leading 0 byte if (nonce [0] == 0) { nonce [0] = 1; } var parms = new ParametersWithIV(new KeyParameter(cloakKey), nonce); var chacha = new ChaChaEngine(20); chacha.Init(true, parms); chacha.ProcessBytes (FullPacket, 0, FullPacket.Length, outData, 8); Buffer.BlockCopy (nonce, 0, outData, 0, 8); return outData; }
public override void PerformTest() { base.PerformTest(); //advanced tests with Gost28147KeyGenerator: //encrypt on hesh message; ECB mode: byte[] inBytes = Hex.Decode("4e6f77206973207468652074696d6520666f7220616c6c20"); byte[] output = Hex.Decode("8ad3c8f56b27ff1fbd46409359bdc796bc350e71aac5f5c0"); byte[] outBytes = new byte[inBytes.Length]; byte[] key = generateKey(Hex.Decode("0123456789abcdef")); //!!! heshing start_key - get 256 bits !!! // System.out.println(new string(Hex.Encode(key))); ICipherParameters param = new ParametersWithSBox(new KeyParameter(key), Gost28147Engine.GetSBox("E-A")); //CipherParameters param = new Gost28147Parameters(key,"D-Test"); BufferedBlockCipher cipher = new BufferedBlockCipher(new Gost28147Engine()); cipher.Init(true, param); int len1 = cipher.ProcessBytes(inBytes, 0, inBytes.Length, outBytes, 0); try { cipher.DoFinal(outBytes, len1); } catch (CryptoException e) { Fail("failed - exception " + e.ToString(), e); } if (outBytes.Length != output.Length) { Fail("failed - " + "expected " + Hex.ToHexString(output) + " got " + Hex.ToHexString(outBytes)); } for (int i = 0; i != outBytes.Length; i++) { if (outBytes[i] != output[i]) { Fail("failed - " + "expected " + Hex.ToHexString(output) + " got " + Hex.ToHexString(outBytes)); } } //encrypt on hesh message; CFB mode: inBytes = Hex.Decode("bc350e71aac5f5c2"); output = Hex.Decode("0ebbbafcf38f14a5"); outBytes = new byte[inBytes.Length]; key = generateKey(Hex.Decode("0123456789abcdef")); //!!! heshing start_key - get 256 bits !!! param = new ParametersWithIV( new ParametersWithSBox( new KeyParameter(key), //key Gost28147Engine.GetSBox("E-A")), //type S-box Hex.Decode("1234567890abcdef")); //IV cipher = new BufferedBlockCipher(new CfbBlockCipher(new Gost28147Engine(), 64)); cipher.Init(true, param); len1 = cipher.ProcessBytes(inBytes, 0, inBytes.Length, outBytes, 0); try { cipher.DoFinal(outBytes, len1); } catch (CryptoException e) { Fail("failed - exception " + e.ToString(), e); } if (outBytes.Length != output.Length) { Fail("failed - " + "expected " + Hex.ToHexString(output) + " got " + Hex.ToHexString(outBytes)); } for (int i = 0; i != outBytes.Length; i++) { if (outBytes[i] != output[i]) { Fail("failed - " + "expected " + Hex.ToHexString(output) + " got " + Hex.ToHexString(outBytes)); } } //encrypt on hesh message; CFB mode: inBytes = Hex.Decode("000102030405060708090a0b0c0d0e0fff0102030405060708090a0b0c0d0e0f"); output = Hex.Decode("64988982819f0a1655e226e19ecad79d10cc73bac95c5d7da034786c12294225"); outBytes = new byte[inBytes.Length]; key = generateKey(Hex.Decode("aafd12f659cae63489b479e5076ddec2f06cb58faafd12f659cae63489b479e5")); //!!! heshing start_key - get 256 bits !!! param = new ParametersWithIV( new ParametersWithSBox( new KeyParameter(key), //key Gost28147Engine.GetSBox("E-A")), //type S-box Hex.Decode("aafd12f659cae634")); //IV cipher = new BufferedBlockCipher(new CfbBlockCipher(new Gost28147Engine(), 64)); cipher.Init(true, param); len1 = cipher.ProcessBytes(inBytes, 0, inBytes.Length, outBytes, 0); cipher.DoFinal(outBytes, len1); if (outBytes.Length != output.Length) { Fail("failed - " + "expected " + Hex.ToHexString(output) + " got " + Hex.ToHexString(outBytes)); } for (int i = 0; i != outBytes.Length; i++) { if (outBytes[i] != output[i]) { Fail("failed - " + "expected " + Hex.ToHexString(output) + " got " + Hex.ToHexString(outBytes)); } } //encrypt on hesh message; OFB mode: inBytes = Hex.Decode("bc350e71aa11345709acde"); output = Hex.Decode("1bcc2282707c676fb656dc"); outBytes = new byte[inBytes.Length]; key = generateKey(Hex.Decode("0123456789abcdef")); //!!! heshing start_key - get 256 bits !!! param = new ParametersWithIV( new ParametersWithSBox( new KeyParameter(key), //key Gost28147Engine.GetSBox("E-A")), //type S-box Hex.Decode("1234567890abcdef")); //IV cipher = new BufferedBlockCipher(new GOfbBlockCipher(new Gost28147Engine())); cipher.Init(true, param); len1 = cipher.ProcessBytes(inBytes, 0, inBytes.Length, outBytes, 0); cipher.DoFinal(outBytes, len1); if (outBytes.Length != output.Length) { Fail("failed - " + "expected " + Hex.ToHexString(output) + " got " + Hex.ToHexString(outBytes)); } for (int i = 0; i != outBytes.Length; i++) { if (outBytes[i] != output[i]) { Fail("failed - " + "expected " + Hex.ToHexString(output) + " got " + Hex.ToHexString(outBytes)); } } }
/// <summary> /// Decloak the given buffer and return the valid Packet from it /// </summary> /// <param name="buffer">A cloaked packet buffer.</param> static public Packet Decloak(byte[] buffer) { if (buffer.Length < 8 || buffer [0] == 0) { return Packet.DecodePacket (buffer); } byte[] nonce = buffer.Take (8).ToArray (); var parms = new ParametersWithIV(new KeyParameter(cloakKey), nonce); var chacha = new ChaChaEngine(20); chacha.Init(false, parms); byte[] outBuff = new byte[buffer.Length - 8]; chacha.ProcessBytes(buffer, 8, buffer.Length - 8, outBuff, 0); return Decloak (outBuff); }
public static ICipherParameters GenerateCipherParameters( string algorithm, char[] password, bool wrongPkcs12Zero, Asn1Encodable pbeParameters) { string mechanism = (string) algorithms[algorithm.ToUpperInvariant()]; byte[] keyBytes = null; byte[] salt = null; int iterationCount = 0; if (IsPkcs12(mechanism)) { Pkcs12PbeParams pbeParams = Pkcs12PbeParams.GetInstance(pbeParameters); salt = pbeParams.GetIV(); iterationCount = pbeParams.Iterations.IntValue; keyBytes = PbeParametersGenerator.Pkcs12PasswordToBytes(password, wrongPkcs12Zero); } else if (IsPkcs5Scheme2(mechanism)) { // See below } else { PbeParameter pbeParams = PbeParameter.GetInstance(pbeParameters); salt = pbeParams.GetSalt(); iterationCount = pbeParams.IterationCount.IntValue; keyBytes = PbeParametersGenerator.Pkcs5PasswordToBytes(password); } ICipherParameters parameters = null; if (IsPkcs5Scheme2(mechanism)) { PbeS2Parameters s2p = PbeS2Parameters.GetInstance(pbeParameters.ToAsn1Object()); AlgorithmIdentifier encScheme = s2p.EncryptionScheme; DerObjectIdentifier encOid = encScheme.ObjectID; Asn1Object encParams = encScheme.Parameters.ToAsn1Object(); // TODO What about s2p.KeyDerivationFunc.ObjectID? Pbkdf2Params pbeParams = Pbkdf2Params.GetInstance(s2p.KeyDerivationFunc.Parameters.ToAsn1Object()); byte[] iv; if (encOid.Equals(PkcsObjectIdentifiers.RC2Cbc)) // PKCS5.B.2.3 { RC2CbcParameter rc2Params = RC2CbcParameter.GetInstance(encParams); iv = rc2Params.GetIV(); } else { iv = Asn1OctetString.GetInstance(encParams).GetOctets(); } salt = pbeParams.GetSalt(); iterationCount = pbeParams.IterationCount.IntValue; keyBytes = PbeParametersGenerator.Pkcs5PasswordToBytes(password); int keyLength = pbeParams.KeyLength != null ? pbeParams.KeyLength.IntValue * 8 : GeneratorUtilities.GetDefaultKeySize(encOid); PbeParametersGenerator gen = MakePbeGenerator( (string)algorithmType[mechanism], null, keyBytes, salt, iterationCount); parameters = gen.GenerateDerivedParameters(encOid.Id, keyLength); if (iv != null) { // FIXME? OpenSSL weirdness with IV of zeros (for ECB keys?) if (Arrays.AreEqual(iv, new byte[iv.Length])) { //System.Diagnostics.Debug.Error.Write("***** IV all 0 (length " + iv.Length + ") *****"); } else { parameters = new ParametersWithIV(parameters, iv); } } } else if (mechanism.StartsWith("PBEwithSHA-1")) { PbeParametersGenerator generator = MakePbeGenerator( (string) algorithmType[mechanism], new Sha1Digest(), keyBytes, salt, iterationCount); if (mechanism.Equals("PBEwithSHA-1and128bitRC4")) { parameters = generator.GenerateDerivedParameters("RC4", 128); } else if (mechanism.Equals("PBEwithSHA-1and40bitRC4")) { parameters = generator.GenerateDerivedParameters("RC4", 40); } else if (mechanism.Equals("PBEwithSHA-1and3-keyDESEDE-CBC")) { parameters = generator.GenerateDerivedParameters("DESEDE", 192, 64); } else if (mechanism.Equals("PBEwithSHA-1and2-keyDESEDE-CBC")) { parameters = generator.GenerateDerivedParameters("DESEDE", 128, 64); } else if (mechanism.Equals("PBEwithSHA-1and128bitRC2-CBC")) { parameters = generator.GenerateDerivedParameters("RC2", 128, 64); } else if (mechanism.Equals("PBEwithSHA-1and40bitRC2-CBC")) { parameters = generator.GenerateDerivedParameters("RC2", 40, 64); } else if (mechanism.Equals("PBEwithSHA-1andDES-CBC")) { parameters = generator.GenerateDerivedParameters("DES", 64, 64); } else if (mechanism.Equals("PBEwithSHA-1andRC2-CBC")) { parameters = generator.GenerateDerivedParameters("RC2", 64, 64); } else if (mechanism.Equals("PBEwithSHA-1and128bitAES-CBC-BC")) { parameters = generator.GenerateDerivedParameters("AES", 128, 128); } else if (mechanism.Equals("PBEwithSHA-1and192bitAES-CBC-BC")) { parameters = generator.GenerateDerivedParameters("AES", 192, 128); } else if (mechanism.Equals("PBEwithSHA-1and256bitAES-CBC-BC")) { parameters = generator.GenerateDerivedParameters("AES", 256, 128); } } else if (mechanism.StartsWith("PBEwithSHA-256")) { PbeParametersGenerator generator = MakePbeGenerator( (string) algorithmType[mechanism], new Sha256Digest(), keyBytes, salt, iterationCount); if (mechanism.Equals("PBEwithSHA-256and128bitAES-CBC-BC")) { parameters = generator.GenerateDerivedParameters("AES", 128, 128); } else if (mechanism.Equals("PBEwithSHA-256and192bitAES-CBC-BC")) { parameters = generator.GenerateDerivedParameters("AES", 192, 128); } else if (mechanism.Equals("PBEwithSHA-256and256bitAES-CBC-BC")) { parameters = generator.GenerateDerivedParameters("AES", 256, 128); } } else if (mechanism.StartsWith("PBEwithMD5")) { PbeParametersGenerator generator = MakePbeGenerator( (string)algorithmType[mechanism], new MD5Digest(), keyBytes, salt, iterationCount); if (mechanism.Equals("PBEwithMD5andDES-CBC")) { parameters = generator.GenerateDerivedParameters("DES", 64, 64); } else if (mechanism.Equals("PBEwithMD5andRC2-CBC")) { parameters = generator.GenerateDerivedParameters("RC2", 64, 64); } else if (mechanism.Equals("PBEwithMD5and128bitAES-CBC-OpenSSL")) { parameters = generator.GenerateDerivedParameters("AES", 128, 128); } else if (mechanism.Equals("PBEwithMD5and192bitAES-CBC-OpenSSL")) { parameters = generator.GenerateDerivedParameters("AES", 192, 128); } else if (mechanism.Equals("PBEwithMD5and256bitAES-CBC-OpenSSL")) { parameters = generator.GenerateDerivedParameters("AES", 256, 128); } } else if (mechanism.StartsWith("PBEwithMD2")) { PbeParametersGenerator generator = MakePbeGenerator( (string)algorithmType[mechanism], new MD2Digest(), keyBytes, salt, iterationCount); if (mechanism.Equals("PBEwithMD2andDES-CBC")) { parameters = generator.GenerateDerivedParameters("DES", 64, 64); } else if (mechanism.Equals("PBEwithMD2andRC2-CBC")) { parameters = generator.GenerateDerivedParameters("RC2", 64, 64); } } else if (mechanism.StartsWith("PBEwithHmac")) { string digestName = mechanism.Substring("PBEwithHmac".Length); IDigest digest = DigestUtilities.GetDigest(digestName); PbeParametersGenerator generator = MakePbeGenerator( (string) algorithmType[mechanism], digest, keyBytes, salt, iterationCount); int bitLen = digest.GetDigestSize() * 8; parameters = generator.GenerateDerivedMacParameters(bitLen); } Array.Clear(keyBytes, 0, keyBytes.Length); return FixDesParity(mechanism, parameters); }
private void doRunTest( string name, int ivLength) { string lCode = "ABCDEFGHIJKLMNOPQRSTUVWXY0123456789"; string baseName = name; if (name.IndexOf('/') >= 0) { baseName = name.Substring(0, name.IndexOf('/')); } CipherKeyGenerator kGen = GeneratorUtilities.GetKeyGenerator(baseName); IBufferedCipher inCipher = CipherUtilities.GetCipher(name); IBufferedCipher outCipher = CipherUtilities.GetCipher(name); KeyParameter key = ParameterUtilities.CreateKeyParameter(baseName, kGen.GenerateKey()); MemoryStream bIn = new MemoryStream(Encoding.ASCII.GetBytes(lCode), false); MemoryStream bOut = new MemoryStream(); // In the Java build, this IV would be implicitly created and then retrieved with getIV() ICipherParameters cipherParams = key; if (ivLength > 0) { cipherParams = new ParametersWithIV(cipherParams, new byte[ivLength]); } inCipher.Init(true, cipherParams); // TODO Should we provide GetIV() method on IBufferedCipher? //if (inCipher.getIV() != null) //{ // outCipher.Init(false, new ParametersWithIV(key, inCipher.getIV())); //} //else //{ // outCipher.Init(false, key); //} outCipher.Init(false, cipherParams); CipherStream cIn = new CipherStream(bIn, inCipher, null); CipherStream cOut = new CipherStream(bOut, null, outCipher); int c; while ((c = cIn.ReadByte()) >= 0) { cOut.WriteByte((byte)c); } cIn.Close(); cOut.Flush(); cOut.Close(); byte[] bs = bOut.ToArray(); string res = Encoding.ASCII.GetString(bs, 0, bs.Length); if (!res.Equals(lCode)) { Fail("Failed - decrypted data doesn't match."); } }
private void doTestException( string name, int ivLength) { try { byte[] key128 = { (byte)128, (byte)131, (byte)133, (byte)134, (byte)137, (byte)138, (byte)140, (byte)143, (byte)128, (byte)131, (byte)133, (byte)134, (byte)137, (byte)138, (byte)140, (byte)143 }; byte[] key256 = { (byte)128, (byte)131, (byte)133, (byte)134, (byte)137, (byte)138, (byte)140, (byte)143, (byte)128, (byte)131, (byte)133, (byte)134, (byte)137, (byte)138, (byte)140, (byte)143, (byte)128, (byte)131, (byte)133, (byte)134, (byte)137, (byte)138, (byte)140, (byte)143, (byte)128, (byte)131, (byte)133, (byte)134, (byte)137, (byte)138, (byte)140, (byte)143 }; byte[] keyBytes; if (name.Equals("HC256")) { keyBytes = key256; } else { keyBytes = key128; } KeyParameter cipherKey = ParameterUtilities.CreateKeyParameter(name, keyBytes); ICipherParameters cipherParams = cipherKey; if (ivLength > 0) { cipherParams = new ParametersWithIV(cipherParams, new byte[ivLength]); } IBufferedCipher ecipher = CipherUtilities.GetCipher(name); ecipher.Init(true, cipherParams); byte[] cipherText = new byte[0]; try { // According specification Method engineUpdate(byte[] input, // int inputOffset, int inputLen, byte[] output, int // outputOffset) // throws ShortBufferException - if the given output buffer is // too // small to hold the result ecipher.ProcessBytes(new byte[20], 0, 20, cipherText, 0); // Fail("failed exception test - no ShortBufferException thrown"); Fail("failed exception test - no DataLengthException thrown"); } // catch (ShortBufferException e) catch (DataLengthException) { // ignore } // NB: The lightweight engine doesn't take public/private keys // try // { // IBufferedCipher c = CipherUtilities.GetCipher(name); // // // Key k = new PublicKey() // // { // // // // public string getAlgorithm() // // { // // return "STUB"; // // } // // // // public string getFormat() // // { // // return null; // // } // // // // public byte[] getEncoded() // // { // // return null; // // } // // // // }; // AsymmetricKeyParameter k = new AsymmetricKeyParameter(false); // c.Init(true, k); // // Fail("failed exception test - no InvalidKeyException thrown for public key"); // } // catch (InvalidKeyException) // { // // okay // } // // try // { // IBufferedCipher c = CipherUtilities.GetCipher(name); // // // Key k = new PrivateKey() // // { // // // // public string getAlgorithm() // // { // // return "STUB"; // // } // // // // public string getFormat() // // { // // return null; // // } // // // // public byte[] getEncoded() // // { // // return null; // // } // // // // }; // // AsymmetricKeyParameter k = new AsymmetricKeyParameter(true); // c.Init(false, k); // // Fail("failed exception test - no InvalidKeyException thrown for private key"); // } // catch (InvalidKeyException) // { // // okay // } } catch (Exception e) { Fail("unexpected exception.", e); } }
/** * Method wrap * * @param in * @param inOff * @param inLen * @return */ public byte[] Wrap( byte[] input, int inOff, int length) { if (!forWrapping) { throw new InvalidOperationException("Not initialized for wrapping"); } byte[] keyToBeWrapped = new byte[length]; Array.Copy(input, inOff, keyToBeWrapped, 0, length); // Compute the CMS Key Checksum, (section 5.6.1), call this CKS. byte[] CKS = CalculateCmsKeyChecksum(keyToBeWrapped); // Let WKCKS = WK || CKS where || is concatenation. byte[] WKCKS = new byte[keyToBeWrapped.Length + CKS.Length]; Array.Copy(keyToBeWrapped, 0, WKCKS, 0, keyToBeWrapped.Length); Array.Copy(CKS, 0, WKCKS, keyToBeWrapped.Length, CKS.Length); // Encrypt WKCKS in CBC mode using KEK as the key and IV as the // initialization vector. Call the results TEMP1. int blockSize = engine.GetBlockSize(); if (WKCKS.Length % blockSize != 0) throw new InvalidOperationException("Not multiple of block length"); engine.Init(true, paramPlusIV); byte [] TEMP1 = new byte[WKCKS.Length]; for (int currentBytePos = 0; currentBytePos != WKCKS.Length; currentBytePos += blockSize) { engine.ProcessBlock(WKCKS, currentBytePos, TEMP1, currentBytePos); } // Let TEMP2 = IV || TEMP1. byte[] TEMP2 = new byte[this.iv.Length + TEMP1.Length]; Array.Copy(this.iv, 0, TEMP2, 0, this.iv.Length); Array.Copy(TEMP1, 0, TEMP2, this.iv.Length, TEMP1.Length); // Reverse the order of the octets in TEMP2 and call the result TEMP3. byte[] TEMP3 = reverse(TEMP2); // Encrypt TEMP3 in CBC mode using the KEK and an initialization vector // of 0x 4a dd a2 2c 79 e8 21 05. The resulting cipher text is the desired // result. It is 40 octets long if a 168 bit key is being wrapped. ParametersWithIV param2 = new ParametersWithIV(this.param, IV2); this.engine.Init(true, param2); for (int currentBytePos = 0; currentBytePos != TEMP3.Length; currentBytePos += blockSize) { engine.ProcessBlock(TEMP3, currentBytePos, TEMP3, currentBytePos); } return TEMP3; }