public override void PerformTest()
{
BufferedBlockCipher cipher = new BufferedBlockCipher(engine);
cipher.Init(true, param);
byte[] outBytes = new byte[input.Length];
int len1 = cipher.ProcessBytes(input, 0, input.Length, outBytes, 0);
cipher.DoFinal(outBytes, len1);
if (!AreEqual(outBytes, output))
{
Fail("failed - " + "expected " + Hex.ToHexString(output) + " got " + Hex.ToHexString(outBytes));
}
cipher.Init(false, param);
int len2 = cipher.ProcessBytes(output, 0, output.Length, outBytes, 0);
cipher.DoFinal(outBytes, len2);
if (!AreEqual(input, outBytes))
{
Fail("failed reversal got " + Hex.ToHexString(outBytes));
}
}
public Packet MessageEncrypt(ICipherSetRemoteInfo remoteInfo, Packet inner)
{
CS1ARemoteInfo ri = (CS1ARemoteInfo)remoteInfo;
var agreedValue = ECDHAgree (ri.RemotePublicKey, ri.EphemeralKeys.PrivateKey);
// Hash the agreed key
var hashedValue = Helpers.SHA256Hash (Helpers.ToByteArray(agreedValue, 20));
// Fold to get the actual key for AES
byte[] aesKey = Helpers.Fold (hashedValue);
Random rnd = new Random ();
// Setup and encrypt the actual data
byte[] aesIV = new byte[16];
rnd.NextBytes (aesIV);
Array.Clear (aesIV, 4, 12);
var cipher = new SicBlockCipher (new AesFastEngine ());
var parameters = new ParametersWithIV (new KeyParameter (aesKey), aesIV);
cipher.Init (true, parameters);
var encryptedInner = new byte[inner.FullPacket.Length];
BufferedBlockCipher bufferCipher = new BufferedBlockCipher (cipher);
var offset = bufferCipher.ProcessBytes (inner.FullPacket, encryptedInner, 0);
bufferCipher.DoFinal (encryptedInner, offset);
// Construct the packet minus the hmac
Packet outPacket = new Packet ();
outPacket.Body = new byte[29 + encryptedInner.Length];
Buffer.BlockCopy (ri.EphemeralKeys.PublicKey, 0, outPacket.Body, 0, ri.EphemeralKeys.PublicKey.Length);
Buffer.BlockCopy (aesIV, 0, outPacket.Body, 21, 4);
Buffer.BlockCopy (encryptedInner, 0, outPacket.Body, 25, encryptedInner.Length);
// ECDH for the hmac key using
var idAgreedValue = ECDHAgree (ri.RemotePublicKey, Key.PrivateKey);
// Mash on the IV for the compound key
byte[] macKey = new byte[24];
byte[] idAgreedValueArray = Helpers.ToByteArray(idAgreedValue, 20);
Buffer.BlockCopy(idAgreedValueArray, 0, macKey, 0, idAgreedValueArray.Length);
Buffer.BlockCopy(aesIV, 0, macKey, idAgreedValueArray.Length, 4);
// Actually hmac all the data now
var hmac = new HMac (new Sha256Digest ());
hmac.Init(new KeyParameter (macKey, 0, 24));
hmac.BlockUpdate(outPacket.Body, 0, 25 + encryptedInner.Length);
byte[] mac = new byte[hmac.GetMacSize()];
hmac.DoFinal(mac, 0);
// Fold it up, shove it in and we're done
var foldedMac = Helpers.Fold(mac, 3);
Buffer.BlockCopy(foldedMac, 0, outPacket.Body, 25 + encryptedInner.Length, foldedMac.Length);
return outPacket;
}
public override void PerformTest()
{
BufferedBlockCipher cipher = new BufferedBlockCipher(engine);
cipher.Init(true, param);
byte[] outBytes = new byte[input.Length];
Array.Copy(input, 0, outBytes, 0, outBytes.Length);
for (int i = 0; i != iterations; i++)
{
int len1 = cipher.ProcessBytes(outBytes, 0, outBytes.Length, outBytes, 0);
cipher.DoFinal(outBytes, len1);
}
if (!AreEqual(outBytes, output))
{
Fail("failed - " + "expected " + Hex.ToHexString(output) + " got " + Hex.ToHexString(outBytes));
}
cipher.Init(false, param);
for (int i = 0; i != iterations; i++)
{
int len1 = cipher.ProcessBytes(outBytes, 0, outBytes.Length, outBytes, 0);
cipher.DoFinal(outBytes, len1);
}
if (!AreEqual(input, outBytes))
{
Fail("failed reversal");
}
}
public string GenerateActivationKey()
{
var engine = new BlowfishEngine();
var cipher = new CbcBlockCipher(engine);
var bbc = new BufferedBlockCipher(cipher);
bbc.Init(true, new ParametersWithIV(new KeyParameter(Encoding.ASCII.GetBytes(EncKey)), IV));
var n = Prng.Next(0, 999999);
var s = String.Format("{0,6};YNAB4;;;;", n); // must be fixed length due to padding issue
var sb = Encoding.ASCII.GetBytes(s);
sb[sb.Length - 4] = 0x4; //
sb[sb.Length - 3] = 0x4; // padding issue???
sb[sb.Length - 2] = 0x4; // PCKS#5
sb[sb.Length - 1] = 0x4; //
var cipherText = new byte[bbc.GetOutputSize(sb.Length)];
var outputLen = bbc.ProcessBytes(sb, 0, sb.Length, cipherText, 0);
bbc.DoFinal(sb, outputLen);
var encryptedLic = Base32.EncodeByteArray(cipherText);
return encryptedLic;
}
public static byte[] decrypt28147cfb(byte[] key, byte[] input)
{
ICipherParameters param = new ParametersWithIV(
new ParametersWithSBox(
new KeyParameter(key), //key
Gost28147Engine.GetSBox("E-A")), //type S-box
Hex.Decode("0000000000000000")); //IV
byte[] output = new byte[input.Length];
BufferedBlockCipher cipher = new BufferedBlockCipher(new CfbBlockCipher(new Gost28147Engine(), 64));
cipher.Init(false, param);
int len1 = cipher.ProcessBytes(input, 0, input.Length, output, 0);
try
{
cipher.DoFinal(output, len1);
}
catch (CryptoException ex)
{
//MessageBox.Show("Error: " + ex.Message);
}
return output;
}
public Packet ChannelDecrypt(ICipherSetRemoteInfo channelInfo, Packet outer)
{
// We gotta have the primary components and something to decrypt
if (outer.Body.Length < 25) {
return null;
}
var ci = (CS1ARemoteInfo)channelInfo;
// Rip apart our packet
byte[] token = outer.Body.Take (16).ToArray ();
byte[] iv = outer.Body.Skip (16).Take (4).ToArray ();
byte[] encryptedData = outer.Body.Skip (20).Take (outer.Body.Length - 24).ToArray ();
byte[] dataMac = outer.Body.Skip (outer.Body.Length - 4).Take (4).ToArray ();
// Make sure we're on the right channel
if (!token.SequenceEqual (ci.Token)) {
return null;
}
// Validate us some hmac
byte[] hmacKey = new byte[20];
Buffer.BlockCopy (ci.DecryptionKey, 0, hmacKey, 0, 16);
Buffer.BlockCopy (iv, 0, hmacKey, 16, 4);
var hmac = new HMac (new Sha256Digest ());
hmac.Init(new KeyParameter (hmacKey));
hmac.BlockUpdate(encryptedData, 0, encryptedData.Length);
byte[] mac = new byte[hmac.GetMacSize()];
hmac.DoFinal(mac, 0);
var foldedMac = Helpers.Fold (mac, 3);
if (!foldedMac.SequenceEqual (dataMac)) {
// Get out of here with your bad data
return null;
}
// Everything seems ok. Get it decrypted
byte[] aesIV = new byte[16];
Buffer.BlockCopy (iv, 0, aesIV, 0, 4);
Array.Clear (aesIV, 4, 12);
var cipher = new SicBlockCipher (new AesFastEngine ());
var parameters = new ParametersWithIV (new KeyParameter (ci.DecryptionKey), aesIV);
cipher.Init (false, parameters);
var decryptedData = new byte[encryptedData.Length];
BufferedBlockCipher bufferCipher = new BufferedBlockCipher (cipher);
var offset = bufferCipher.ProcessBytes (encryptedData, decryptedData, 0);
bufferCipher.DoFinal (decryptedData, offset);
// Build a packet and ship it off
return Packet.DecodePacket (decryptedData);
}
public Packet ChannelEncrypt(ICipherSetRemoteInfo channelInfo, Packet inner)
{
var ci = (CS1ARemoteInfo)channelInfo;
// TODO: Validate we don't care about endianess of IV here
// Setup and encrypt the actual data
byte[] aesIV = new byte[16];
Buffer.BlockCopy (BitConverter.GetBytes(ci.IV), 0, aesIV, 0, 4);
Array.Clear (aesIV, 4, 12);
var cipher = new SicBlockCipher (new AesFastEngine ());
var parameters = new ParametersWithIV (new KeyParameter (ci.EncryptionKey), aesIV);
cipher.Init (true, parameters);
var encryptedInner = new byte[inner.FullPacket.Length];
BufferedBlockCipher bufferCipher = new BufferedBlockCipher (cipher);
var offset = bufferCipher.ProcessBytes (inner.FullPacket, encryptedInner, 0);
bufferCipher.DoFinal (encryptedInner, offset);
// Hmac the output
byte[] hmacKey = new byte[20];
Buffer.BlockCopy (ci.EncryptionKey, 0, hmacKey, 0, 16);
Buffer.BlockCopy (BitConverter.GetBytes(ci.IV), 0, hmacKey, 16, 4);
var hmac = new HMac (new Sha256Digest ());
hmac.Init(new KeyParameter (hmacKey));
hmac.BlockUpdate(encryptedInner, 0, encryptedInner.Length);
byte[] mac = new byte[hmac.GetMacSize()];
hmac.DoFinal(mac, 0);
var foldedMac = Helpers.Fold (mac, 3);
// Create the outgoing packet
Packet outPacket = new Packet();
outPacket.Body = new byte[encryptedInner.Length + 24];
Buffer.BlockCopy(ci.Token, 0, outPacket.Body, 0, 16);
Buffer.BlockCopy(BitConverter.GetBytes(ci.IV), 0, outPacket.Body, 16, 4);
Buffer.BlockCopy(encryptedInner, 0, outPacket.Body, 20, encryptedInner.Length);
Buffer.BlockCopy(foldedMac, 0, outPacket.Body, outPacket.Body.Length - 4, 4);
// Next IV next packet
++ci.IV;
return outPacket;
}
public Packet MessageDecrypt(Packet outer)
{
byte[] remoteKeyData = outer.Body.Take(21).ToArray();
byte[] ivData = outer.Body.Skip(21).Take(4).ToArray();
byte[] innerEncryptedData = outer.Body.Skip(25).Take(outer.Body.Length - 29).ToArray();
// Decode the body
ECKeyPair remoteEphemeralKeys = ECKeyPair.LoadKeys (SecNamedCurves.GetByName ("secp160r1"), remoteKeyData, null);
var idAgreement = ECDHAgree (remoteEphemeralKeys.PublicKey, Key.PrivateKey);
var agreedHash = Helpers.SHA256Hash (Helpers.ToByteArray (idAgreement, 20));
var aesKey = Helpers.FoldOnce(agreedHash);
// Pad out the IV
byte[] aesIV = new byte[16];
Array.Clear (aesIV, 0, 16);
Buffer.BlockCopy (ivData, 0, aesIV, 0, 4);
// Decrypt it
var cipher = new BufferedBlockCipher (new SicBlockCipher (new AesFastEngine ()));
var parameters = new ParametersWithIV (new KeyParameter (aesKey), aesIV);
cipher.Init (false, parameters);
byte[] decryptedBody = new byte[innerEncryptedData.Length];
var offset = cipher.ProcessBytes (innerEncryptedData, decryptedBody, 0);
cipher.DoFinal (decryptedBody, offset);
Packet outPacket = Packet.DecodePacket (decryptedBody);
return outPacket;
}
private byte[] BouncyCastleCrypto(bool forEncrypt, byte[] input)
{
try
{
this.mode.Init(forEncrypt, new ParametersWithIV(new KeyParameter(key), iv));
BufferedBlockCipher cipher = new BufferedBlockCipher(this.mode);
return cipher.DoFinal(input);
}
catch (CryptoException)
{
throw;
}
}