mirror of https://github.com/Ombi-app/Ombi
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
145 lines
7.5 KiB
145 lines
7.5 KiB
#region Copyright
|
|
// /************************************************************************
|
|
// Copyright (c) 2016 Jamie Rees
|
|
// File: StringCipher.cs
|
|
// Created By: Jamie Rees
|
|
//
|
|
// Permission is hereby granted, free of charge, to any person obtaining
|
|
// a copy of this software and associated documentation files (the
|
|
// "Software"), to deal in the Software without restriction, including
|
|
// without limitation the rights to use, copy, modify, merge, publish,
|
|
// distribute, sublicense, and/or sell copies of the Software, and to
|
|
// permit persons to whom the Software is furnished to do so, subject to
|
|
// the following conditions:
|
|
//
|
|
// The above copyright notice and this permission notice shall be
|
|
// included in all copies or substantial portions of the Software.
|
|
//
|
|
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
|
|
// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
|
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
|
|
// NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
|
|
// LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
|
|
// OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
|
|
// WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
|
// ************************************************************************/
|
|
#endregion
|
|
using System;
|
|
using System.IO;
|
|
using System.Linq;
|
|
using System.Security.Cryptography;
|
|
using System.Text;
|
|
|
|
namespace RequestPlex.Helpers
|
|
{
|
|
public class StringCipher
|
|
{
|
|
// This constant determines the number of iterations for the password bytes generation function.
|
|
private const int DerivationIterations = 1000;
|
|
// This constant is used to determine the keysize of the encryption algorithm in bits.
|
|
// We divide this by 8 within the code below to get the equivalent number of bytes.
|
|
private const int Keysize = 256;
|
|
|
|
/// <summary>
|
|
/// Decrypts the specified cipher text.
|
|
/// </summary>
|
|
/// <param name="cipherText">The cipher text.</param>
|
|
/// <param name="passPhrase">The pass phrase.</param>
|
|
/// <returns></returns>
|
|
public static string Decrypt(string cipherText, string passPhrase)
|
|
{
|
|
// Get the complete stream of bytes that represent:
|
|
// [32 bytes of Salt] + [32 bytes of IV] + [n bytes of CipherText]
|
|
var cipherTextBytesWithSaltAndIv = Convert.FromBase64String(cipherText);
|
|
// Get the saltbytes by extracting the first 32 bytes from the supplied cipherText bytes.
|
|
var saltStringBytes = cipherTextBytesWithSaltAndIv.Take(Keysize / 8).ToArray();
|
|
// Get the IV bytes by extracting the next 32 bytes from the supplied cipherText bytes.
|
|
var ivStringBytes = cipherTextBytesWithSaltAndIv.Skip(Keysize / 8).Take(Keysize / 8).ToArray();
|
|
// Get the actual cipher text bytes by removing the first 64 bytes from the cipherText string.
|
|
var cipherTextBytes = cipherTextBytesWithSaltAndIv.Skip((Keysize / 8) * 2).Take(cipherTextBytesWithSaltAndIv.Length - ((Keysize / 8) * 2)).ToArray();
|
|
|
|
using (var password = new Rfc2898DeriveBytes(passPhrase, saltStringBytes, DerivationIterations))
|
|
{
|
|
var keyBytes = password.GetBytes(Keysize / 8);
|
|
using (var symmetricKey = new RijndaelManaged())
|
|
{
|
|
symmetricKey.BlockSize = 256;
|
|
symmetricKey.Mode = CipherMode.CBC;
|
|
symmetricKey.Padding = PaddingMode.PKCS7;
|
|
using (var decryptor = symmetricKey.CreateDecryptor(keyBytes, ivStringBytes))
|
|
{
|
|
using (var memoryStream = new MemoryStream(cipherTextBytes))
|
|
{
|
|
using (var cryptoStream = new CryptoStream(memoryStream, decryptor, CryptoStreamMode.Read))
|
|
{
|
|
var plainTextBytes = new byte[cipherTextBytes.Length];
|
|
var decryptedByteCount = cryptoStream.Read(plainTextBytes, 0, plainTextBytes.Length);
|
|
memoryStream.Close();
|
|
cryptoStream.Close();
|
|
return Encoding.UTF8.GetString(plainTextBytes, 0, decryptedByteCount);
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
/// <summary>
|
|
/// Encrypts the specified plain text.
|
|
/// </summary>
|
|
/// <param name="plainText">The plain text.</param>
|
|
/// <param name="passPhrase">The pass phrase.</param>
|
|
/// <returns></returns>
|
|
public static string Encrypt(string plainText, string passPhrase)
|
|
{
|
|
// Salt and IV is randomly generated each time, but is preprended to encrypted cipher text
|
|
// so that the same Salt and IV values can be used when decrypting.
|
|
var saltStringBytes = Generate256BitsOfRandomEntropy();
|
|
var ivStringBytes = Generate256BitsOfRandomEntropy();
|
|
var plainTextBytes = Encoding.UTF8.GetBytes(plainText);
|
|
using (var password = new Rfc2898DeriveBytes(passPhrase, saltStringBytes, DerivationIterations))
|
|
{
|
|
var keyBytes = password.GetBytes(Keysize / 8);
|
|
using (var symmetricKey = new RijndaelManaged())
|
|
{
|
|
symmetricKey.BlockSize = 256;
|
|
symmetricKey.Mode = CipherMode.CBC;
|
|
symmetricKey.Padding = PaddingMode.PKCS7;
|
|
using (var encryptor = symmetricKey.CreateEncryptor(keyBytes, ivStringBytes))
|
|
{
|
|
using (var memoryStream = new MemoryStream())
|
|
{
|
|
using (var cryptoStream = new CryptoStream(memoryStream, encryptor, CryptoStreamMode.Write))
|
|
{
|
|
cryptoStream.Write(plainTextBytes, 0, plainTextBytes.Length);
|
|
cryptoStream.FlushFinalBlock();
|
|
// Create the final bytes as a concatenation of the random salt bytes, the random iv bytes and the cipher bytes.
|
|
var cipherTextBytes = saltStringBytes;
|
|
cipherTextBytes = cipherTextBytes.Concat(ivStringBytes).ToArray();
|
|
cipherTextBytes = cipherTextBytes.Concat(memoryStream.ToArray()).ToArray();
|
|
memoryStream.Close();
|
|
cryptoStream.Close();
|
|
return Convert.ToBase64String(cipherTextBytes);
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
/// <summary>
|
|
/// Generate256s the bits of random entropy.
|
|
/// </summary>
|
|
/// <returns></returns>
|
|
private static byte[] Generate256BitsOfRandomEntropy()
|
|
{
|
|
var randomBytes = new byte[32]; // 32 Bytes will give us 256 bits.
|
|
using (var rngCsp = new RNGCryptoServiceProvider())
|
|
{
|
|
// Fill the array with cryptographically secure random bytes.
|
|
rngCsp.GetBytes(randomBytes);
|
|
}
|
|
return randomBytes;
|
|
}
|
|
}
|
|
} |