diff --git a/README.md b/README.md index f1382e365..d989cd7e9 100644 --- a/README.md +++ b/README.md @@ -118,7 +118,6 @@ The main types provided by this library are: Private keys in OpenSSL traditional PEM format can be encrypted using one of the following cipher methods: * DES-EDE3-CBC -* DES-EDE3-CFB * AES-128-CBC * AES-192-CBC * AES-256-CBC diff --git a/src/Renci.SshNet/ConnectionInfo.cs b/src/Renci.SshNet/ConnectionInfo.cs index 17bc1a810..169e157f3 100644 --- a/src/Renci.SshNet/ConnectionInfo.cs +++ b/src/Renci.SshNet/ConnectionInfo.cs @@ -18,8 +18,6 @@ using Renci.SshNet.Security.Cryptography; using Renci.SshNet.Security.Cryptography.Ciphers; -using CipherMode = System.Security.Cryptography.CipherMode; - namespace Renci.SshNet { /// @@ -377,16 +375,16 @@ public ConnectionInfo(string host, int port, string username, ProxyTypes proxyTy Encryptions = new OrderedDictionary { - { "aes128-ctr", new CipherInfo(128, (key, iv) => new AesCipher(key, iv, AesCipherMode.CTR, pkcs7Padding: false)) }, - { "aes192-ctr", new CipherInfo(192, (key, iv) => new AesCipher(key, iv, AesCipherMode.CTR, pkcs7Padding: false)) }, - { "aes256-ctr", new CipherInfo(256, (key, iv) => new AesCipher(key, iv, AesCipherMode.CTR, pkcs7Padding: false)) }, + { "aes128-ctr", new CipherInfo(128, (key, iv) => new AesCtrCipher(key, iv)) }, + { "aes192-ctr", new CipherInfo(192, (key, iv) => new AesCtrCipher(key, iv)) }, + { "aes256-ctr", new CipherInfo(256, (key, iv) => new AesCtrCipher(key, iv)) }, { "aes128-gcm@openssh.com", new CipherInfo(128, (key, iv) => new AesGcmCipher(key, iv, aadLength: 4), isAead: true) }, { "aes256-gcm@openssh.com", new CipherInfo(256, (key, iv) => new AesGcmCipher(key, iv, aadLength: 4), isAead: true) }, { "chacha20-poly1305@openssh.com", new CipherInfo(512, (key, iv) => new ChaCha20Poly1305Cipher(key, aadLength: 4), isAead: true) }, - { "aes128-cbc", new CipherInfo(128, (key, iv) => new AesCipher(key, iv, AesCipherMode.CBC, pkcs7Padding: false)) }, - { "aes192-cbc", new CipherInfo(192, (key, iv) => new AesCipher(key, iv, AesCipherMode.CBC, pkcs7Padding: false)) }, - { "aes256-cbc", new CipherInfo(256, (key, iv) => new AesCipher(key, iv, AesCipherMode.CBC, pkcs7Padding: false)) }, - { "3des-cbc", new CipherInfo(192, (key, iv) => new TripleDesCipher(key, iv, CipherMode.CBC, pkcs7Padding: false)) }, + { "aes128-cbc", new CipherInfo(128, (key, iv) => new AesCipher(key, iv, CipherMode.CBC)) }, + { "aes192-cbc", new CipherInfo(192, (key, iv) => new AesCipher(key, iv, CipherMode.CBC)) }, + { "aes256-cbc", new CipherInfo(256, (key, iv) => new AesCipher(key, iv, CipherMode.CBC)) }, + { "3des-cbc", new CipherInfo(192, (key, iv) => new TripleDesCipher(key, iv, CipherMode.CBC)) }, }; HmacAlgorithms = new OrderedDictionary diff --git a/src/Renci.SshNet/PrivateKeyFile.OpenSSH.cs b/src/Renci.SshNet/PrivateKeyFile.OpenSSH.cs index a994014a9..ada3eaedd 100644 --- a/src/Renci.SshNet/PrivateKeyFile.OpenSSH.cs +++ b/src/Renci.SshNet/PrivateKeyFile.OpenSSH.cs @@ -2,6 +2,7 @@ using System; using System.Globalization; using System.Linq; +using System.Security.Cryptography; using System.Text; using Renci.SshNet.Common; @@ -9,8 +10,6 @@ using Renci.SshNet.Security.Cryptography; using Renci.SshNet.Security.Cryptography.Ciphers; -using CipherMode = System.Security.Cryptography.CipherMode; - namespace Renci.SshNet { public partial class PrivateKeyFile @@ -92,25 +91,25 @@ public Key Parse() { case "3des-cbc": ivLength = 8; - cipherInfo = new CipherInfo(192, (key, iv) => new TripleDesCipher(key, iv, CipherMode.CBC, pkcs7Padding: false)); + cipherInfo = new CipherInfo(192, (key, iv) => new TripleDesCipher(key, iv, CipherMode.CBC)); break; case "aes128-cbc": - cipherInfo = new CipherInfo(128, (key, iv) => new AesCipher(key, iv, AesCipherMode.CBC, pkcs7Padding: false)); + cipherInfo = new CipherInfo(128, (key, iv) => new AesCipher(key, iv, CipherMode.CBC)); break; case "aes192-cbc": - cipherInfo = new CipherInfo(192, (key, iv) => new AesCipher(key, iv, AesCipherMode.CBC, pkcs7Padding: false)); + cipherInfo = new CipherInfo(192, (key, iv) => new AesCipher(key, iv, CipherMode.CBC)); break; case "aes256-cbc": - cipherInfo = new CipherInfo(256, (key, iv) => new AesCipher(key, iv, AesCipherMode.CBC, pkcs7Padding: false)); + cipherInfo = new CipherInfo(256, (key, iv) => new AesCipher(key, iv, CipherMode.CBC)); break; case "aes128-ctr": - cipherInfo = new CipherInfo(128, (key, iv) => new AesCipher(key, iv, AesCipherMode.CTR, pkcs7Padding: false)); + cipherInfo = new CipherInfo(128, (key, iv) => new AesCtrCipher(key, iv)); break; case "aes192-ctr": - cipherInfo = new CipherInfo(192, (key, iv) => new AesCipher(key, iv, AesCipherMode.CTR, pkcs7Padding: false)); + cipherInfo = new CipherInfo(192, (key, iv) => new AesCtrCipher(key, iv)); break; case "aes256-ctr": - cipherInfo = new CipherInfo(256, (key, iv) => new AesCipher(key, iv, AesCipherMode.CTR, pkcs7Padding: false)); + cipherInfo = new CipherInfo(256, (key, iv) => new AesCtrCipher(key, iv)); break; case "aes128-gcm@openssh.com": cipherInfo = new CipherInfo(128, (key, iv) => new AesGcmCipher(key, iv, aadLength: 0), isAead: true); diff --git a/src/Renci.SshNet/PrivateKeyFile.PKCS1.cs b/src/Renci.SshNet/PrivateKeyFile.PKCS1.cs index 9f27a8d70..1004e3e36 100644 --- a/src/Renci.SshNet/PrivateKeyFile.PKCS1.cs +++ b/src/Renci.SshNet/PrivateKeyFile.PKCS1.cs @@ -10,8 +10,6 @@ using Renci.SshNet.Security; using Renci.SshNet.Security.Cryptography.Ciphers; -using CipherMode = System.Security.Cryptography.CipherMode; - namespace Renci.SshNet { public partial class PrivateKeyFile @@ -50,17 +48,14 @@ public Key Parse() case "DES-EDE3-CBC": cipher = new CipherInfo(192, (key, iv) => new TripleDesCipher(key, iv, CipherMode.CBC, pkcs7Padding: true)); break; - case "DES-EDE3-CFB": - cipher = new CipherInfo(192, (key, iv) => new TripleDesCipher(key, iv, CipherMode.CFB, pkcs7Padding: false)); - break; case "AES-128-CBC": - cipher = new CipherInfo(128, (key, iv) => new AesCipher(key, iv, AesCipherMode.CBC, pkcs7Padding: true)); + cipher = new CipherInfo(128, (key, iv) => new AesCipher(key, iv, CipherMode.CBC, pkcs7Padding: true)); break; case "AES-192-CBC": - cipher = new CipherInfo(192, (key, iv) => new AesCipher(key, iv, AesCipherMode.CBC, pkcs7Padding: true)); + cipher = new CipherInfo(192, (key, iv) => new AesCipher(key, iv, CipherMode.CBC, pkcs7Padding: true)); break; case "AES-256-CBC": - cipher = new CipherInfo(256, (key, iv) => new AesCipher(key, iv, AesCipherMode.CBC, pkcs7Padding: true)); + cipher = new CipherInfo(256, (key, iv) => new AesCipher(key, iv, CipherMode.CBC, pkcs7Padding: true)); break; default: throw new SshException(string.Format(CultureInfo.InvariantCulture, "Private key cipher \"{0}\" is not supported.", _cipherName)); diff --git a/src/Renci.SshNet/PrivateKeyFile.PuTTY.cs b/src/Renci.SshNet/PrivateKeyFile.PuTTY.cs index 9c1fcc1b5..eae800e31 100644 --- a/src/Renci.SshNet/PrivateKeyFile.PuTTY.cs +++ b/src/Renci.SshNet/PrivateKeyFile.PuTTY.cs @@ -106,7 +106,7 @@ public Key Parse() throw new SshException("PuTTY key file version " + _version + " is not supported"); } - using (var cipher = new AesCipher(cipherKey, cipherIV, AesCipherMode.CBC, pkcs7Padding: false)) + using (var cipher = new AesCipher(cipherKey, cipherIV, CipherMode.CBC)) { privateKey = cipher.Decrypt(_data); } diff --git a/src/Renci.SshNet/PrivateKeyFile.SSHCOM.cs b/src/Renci.SshNet/PrivateKeyFile.SSHCOM.cs index 5bae05f20..f070455f5 100644 --- a/src/Renci.SshNet/PrivateKeyFile.SSHCOM.cs +++ b/src/Renci.SshNet/PrivateKeyFile.SSHCOM.cs @@ -9,8 +9,6 @@ using Renci.SshNet.Security; using Renci.SshNet.Security.Cryptography.Ciphers; -using CipherMode = System.Security.Cryptography.CipherMode; - namespace Renci.SshNet { public partial class PrivateKeyFile @@ -53,7 +51,7 @@ public Key Parse() } var key = GetCipherKey(_passPhrase, 192 / 8); - using var ssh2Сipher = new TripleDesCipher(key, new byte[8], CipherMode.CBC, pkcs7Padding: false); + using var ssh2Сipher = new TripleDesCipher(key, new byte[8], CipherMode.CBC); keyData = ssh2Сipher.Decrypt(dataReader.ReadBytes(blobSize)); } else diff --git a/src/Renci.SshNet/PrivateKeyFile.cs b/src/Renci.SshNet/PrivateKeyFile.cs index c7b9ccbc9..1298da81b 100644 --- a/src/Renci.SshNet/PrivateKeyFile.cs +++ b/src/Renci.SshNet/PrivateKeyFile.cs @@ -40,9 +40,6 @@ namespace Renci.SshNet /// DES-EDE3-CBC /// /// - /// DES-EDE3-CFB - /// - /// /// AES-128-CBC /// /// diff --git a/src/Renci.SshNet/Security/Cryptography/BlockCipher.cs b/src/Renci.SshNet/Security/Cryptography/BlockCipher.cs deleted file mode 100644 index bfd640ebe..000000000 --- a/src/Renci.SshNet/Security/Cryptography/BlockCipher.cs +++ /dev/null @@ -1,223 +0,0 @@ -using System; - -using Org.BouncyCastle.Crypto.Paddings; - -using Renci.SshNet.Common; -using Renci.SshNet.Security.Cryptography.Ciphers; -using Renci.SshNet.Security.Cryptography.Ciphers.Modes; - -namespace Renci.SshNet.Security.Cryptography -{ - /// - /// Base class for block cipher implementations. - /// - public abstract class BlockCipher : SymmetricCipher - { - private readonly CipherMode _mode; - - private readonly IBlockCipherPadding _padding; - - /// - /// Gets the size of the block in bytes. - /// - /// - /// The size of the block in bytes. - /// - private readonly byte _blockSize; - - /// - /// Gets the minimum data size. - /// - /// - /// The minimum data size. - /// - public override byte MinimumSize - { - get { return BlockSize; } - } - - /// - /// Gets the size of the block. - /// - /// - /// The size of the block. - /// - public byte BlockSize - { - get - { - return _blockSize; - } - } - - /// - /// Initializes a new instance of the class. - /// - /// The key. - /// Size of the block. - /// Cipher mode. - /// Cipher padding. - /// is . - protected BlockCipher(byte[] key, byte blockSize, CipherMode mode, IBlockCipherPadding padding) - : base(key) - { - _blockSize = blockSize; - _mode = mode; - _padding = padding; - - _mode?.Init(this); - } - - /// - /// Encrypts the specified data. - /// - /// The data. - /// The zero-based offset in at which to begin encrypting. - /// The number of bytes to encrypt from . - /// - /// The encrypted data. - /// - public override byte[] Encrypt(byte[] input, int offset, int length) - { - var paddingLength = 0; - if (_padding is not null) - { - paddingLength = _blockSize - (length % _blockSize); - input = input.Take(offset, length); - Array.Resize(ref input, length + paddingLength); - _ = _padding.AddPadding(input, length); - length += paddingLength; - offset = 0; - } - else if (length % _blockSize > 0) - { - if (_mode is CfbCipherMode or OfbCipherMode or CtrCipherMode) - { - paddingLength = _blockSize - (length % _blockSize); - input = input.Take(offset, length); - length += paddingLength; - Array.Resize(ref input, length); - offset = 0; - } - else - { - throw new ArgumentException(string.Format("The data block size is incorrect for {0}.", GetType().Name), "data"); - } - } - - var output = new byte[length]; - var writtenBytes = 0; - - for (var i = 0; i < length / _blockSize; i++) - { - if (_mode is null) - { - writtenBytes += EncryptBlock(input, offset + (i * _blockSize), _blockSize, output, i * _blockSize); - } - else - { - writtenBytes += _mode.EncryptBlock(input, offset + (i * _blockSize), _blockSize, output, i * _blockSize); - } - } - - if (writtenBytes < length) - { - throw new InvalidOperationException("Encryption error."); - } - - if (_padding is null && paddingLength > 0) - { - Array.Resize(ref output, output.Length - paddingLength); - } - - return output; - } - - /// - /// Decrypts the specified input. - /// - /// The input. - /// The zero-based offset in at which to begin decrypting. - /// The number of bytes to decrypt from . - /// - /// The decrypted data. - /// - public override byte[] Decrypt(byte[] input, int offset, int length) - { - var paddingLength = 0; - if (length % _blockSize > 0) - { - if (_padding is null && _mode is CfbCipherMode or OfbCipherMode or CtrCipherMode) - { - paddingLength = _blockSize - (length % _blockSize); - input = input.Take(offset, length); - length += paddingLength; - Array.Resize(ref input, length); - offset = 0; - } - else - { - throw new ArgumentException(string.Format("The data block size is incorrect for {0}.", GetType().Name), "data"); - } - } - - var output = new byte[length]; - - var writtenBytes = 0; - for (var i = 0; i < length / _blockSize; i++) - { - if (_mode is null) - { - writtenBytes += DecryptBlock(input, offset + (i * _blockSize), _blockSize, output, i * _blockSize); - } - else - { - writtenBytes += _mode.DecryptBlock(input, offset + (i * _blockSize), _blockSize, output, i * _blockSize); - } - } - - if (writtenBytes < length) - { - throw new InvalidOperationException("Encryption error."); - } - - if (_padding is not null) - { - paddingLength = _padding.PadCount(output); - } - - if (paddingLength > 0) - { - Array.Resize(ref output, output.Length - paddingLength); - } - - return output; - } - - /// - /// Encrypts the specified region of the input byte array and copies the encrypted data to the specified region of the output byte array. - /// - /// The input data to encrypt. - /// The offset into the input byte array from which to begin using data. - /// The number of bytes in the input byte array to use as data. - /// The output to which to write encrypted data. - /// The offset into the output byte array from which to begin writing data. - /// - /// The number of bytes encrypted. - /// - public abstract int EncryptBlock(byte[] inputBuffer, int inputOffset, int inputCount, byte[] outputBuffer, int outputOffset); - - /// - /// Decrypts the specified region of the input byte array and copies the decrypted data to the specified region of the output byte array. - /// - /// The input data to decrypt. - /// The offset into the input byte array from which to begin using data. - /// The number of bytes in the input byte array to use as data. - /// The output to which to write decrypted data. - /// The offset into the output byte array from which to begin writing data. - /// - /// The number of bytes decrypted. - /// - public abstract int DecryptBlock(byte[] inputBuffer, int inputOffset, int inputCount, byte[] outputBuffer, int outputOffset); - } -} diff --git a/src/Renci.SshNet/Security/Cryptography/Cipher.cs b/src/Renci.SshNet/Security/Cryptography/Cipher.cs index 872c2131d..87cc07c85 100644 --- a/src/Renci.SshNet/Security/Cryptography/Cipher.cs +++ b/src/Renci.SshNet/Security/Cryptography/Cipher.cs @@ -16,6 +16,17 @@ public abstract class Cipher /// public abstract byte MinimumSize { get; } + /// + /// Gets the block size. + /// + public byte BlockSize + { + get + { + return MinimumSize; + } + } + /// /// Gets the size of the authentication tag for ciphers which implement Authenticated Encryption (AE). /// @@ -25,6 +36,23 @@ public abstract class Cipher /// public virtual int TagSize { get; } + /// + /// Gets the key. + /// + protected byte[] Key { get; private set; } + + /// + /// Initializes a new instance of the class. + /// + /// The key. + /// is . + protected Cipher(byte[] key) + { + ArgumentNullException.ThrowIfNull(key); + + Key = key; + } + /// /// Sets the sequence number. /// diff --git a/src/Renci.SshNet/Security/Cryptography/Ciphers/AesCipher.BclImpl.cs b/src/Renci.SshNet/Security/Cryptography/Ciphers/AesCipher.BclImpl.cs deleted file mode 100644 index 6b639dcbc..000000000 --- a/src/Renci.SshNet/Security/Cryptography/Ciphers/AesCipher.BclImpl.cs +++ /dev/null @@ -1,141 +0,0 @@ -#nullable enable -using System; -using System.Security.Cryptography; - -using Renci.SshNet.Common; - -namespace Renci.SshNet.Security.Cryptography.Ciphers -{ - public partial class AesCipher - { - private sealed class BclImpl : BlockCipher, IDisposable - { - private readonly Aes _aes; - private readonly ICryptoTransform _encryptor; - private readonly ICryptoTransform _decryptor; - - public BclImpl( - byte[] key, - byte[] iv, - System.Security.Cryptography.CipherMode cipherMode, - PaddingMode paddingMode) - : base(key, 16, mode: null, padding: null) - { - var aes = Aes.Create(); - aes.Key = key; - - if (cipherMode != System.Security.Cryptography.CipherMode.ECB) - { - ArgumentNullException.ThrowIfNull(iv); - - aes.IV = iv.Take(16); - } - - aes.Mode = cipherMode; - aes.Padding = paddingMode; - aes.FeedbackSize = 128; // We use CFB128 - _aes = aes; - _encryptor = aes.CreateEncryptor(); - _decryptor = aes.CreateDecryptor(); - } - - public override byte[] Encrypt(byte[] input, int offset, int length) - { - return Transform(_encryptor, input, offset, length, output: null, 0, out _); - } - - public override byte[] Decrypt(byte[] input, int offset, int length) - { - return Transform(_decryptor, input, offset, length, output: null, 0, out _); - } - - public override int Decrypt(byte[] input, int offset, int length, byte[] output, int outputOffset) - { - _ = Transform(_decryptor, input, offset, length, output, outputOffset, out var bytesWritten); - - return bytesWritten; - } - - private byte[] Transform(ICryptoTransform transform, byte[] input, int offset, int length, byte[]? output, int outputOffset, out int bytesWritten) - { - if (_aes.Padding != PaddingMode.None) - { - // If padding has been specified, call TransformFinalBlock to apply - // the padding and reset the state. - - var finalBlock = transform.TransformFinalBlock(input, offset, length); - - if (output is not null) - { - finalBlock.AsSpan().CopyTo(output.AsSpan(outputOffset)); - } - - bytesWritten = finalBlock.Length; - - return finalBlock; - } - - // Otherwise, (the most important case) assume this instance is - // used for one direction of an SSH connection, whereby the - // encrypted data in all packets are considered a single data - // stream i.e. we do not want to reset the state between calls to Decrypt. - - var paddingLength = 0; - if (length % BlockSize > 0) - { - if (_aes.Mode is System.Security.Cryptography.CipherMode.CFB or System.Security.Cryptography.CipherMode.OFB) - { - // Manually pad the input for cfb and ofb cipher mode as BCL doesn't support partial block. - // See https://github.com/dotnet/runtime/blob/e7d837da5b1aacd9325a8b8f2214cfaf4d3f0ff6/src/libraries/System.Security.Cryptography/src/System/Security/Cryptography/SymmetricPadding.cs#L20-L21 - paddingLength = BlockSize - (length % BlockSize); - - var tmp = new byte[length + paddingLength]; - - input.AsSpan(offset, length).CopyTo(tmp); - - input = tmp; - offset = 0; - length = tmp.Length; - } - } - - if (output is null) - { - output = new byte[length]; - - bytesWritten = transform.TransformBlock(input, offset, length, output, outputOffset); - - bytesWritten -= paddingLength; - - // Manually unpad the output. - Array.Resize(ref output, bytesWritten); - } - else - { - bytesWritten = transform.TransformBlock(input, offset, length, output, outputOffset); - - bytesWritten -= paddingLength; - } - - return output; - } - - public override int EncryptBlock(byte[] inputBuffer, int inputOffset, int inputCount, byte[] outputBuffer, int outputOffset) - { - throw new NotImplementedException($"Invalid usage of {nameof(EncryptBlock)}."); - } - - public override int DecryptBlock(byte[] inputBuffer, int inputOffset, int inputCount, byte[] outputBuffer, int outputOffset) - { - throw new NotImplementedException($"Invalid usage of {nameof(DecryptBlock)}."); - } - - public void Dispose() - { - _aes.Dispose(); - _encryptor.Dispose(); - _decryptor.Dispose(); - } - } - } -} diff --git a/src/Renci.SshNet/Security/Cryptography/Ciphers/AesCipher.BlockImpl.cs b/src/Renci.SshNet/Security/Cryptography/Ciphers/AesCipher.BlockImpl.cs deleted file mode 100644 index 0f5a8d204..000000000 --- a/src/Renci.SshNet/Security/Cryptography/Ciphers/AesCipher.BlockImpl.cs +++ /dev/null @@ -1,46 +0,0 @@ -using System; -using System.Security.Cryptography; - -using Org.BouncyCastle.Crypto.Paddings; - -namespace Renci.SshNet.Security.Cryptography.Ciphers -{ - public partial class AesCipher - { - private sealed class BlockImpl : BlockCipher, IDisposable - { - private readonly Aes _aes; - private readonly ICryptoTransform _encryptor; - private readonly ICryptoTransform _decryptor; - - public BlockImpl(byte[] key, CipherMode mode, IBlockCipherPadding padding) - : base(key, 16, mode, padding) - { - var aes = Aes.Create(); - aes.Key = key; - aes.Mode = System.Security.Cryptography.CipherMode.ECB; - aes.Padding = PaddingMode.None; - _aes = aes; - _encryptor = aes.CreateEncryptor(); - _decryptor = aes.CreateDecryptor(); - } - - public override int EncryptBlock(byte[] inputBuffer, int inputOffset, int inputCount, byte[] outputBuffer, int outputOffset) - { - return _encryptor.TransformBlock(inputBuffer, inputOffset, inputCount, outputBuffer, outputOffset); - } - - public override int DecryptBlock(byte[] inputBuffer, int inputOffset, int inputCount, byte[] outputBuffer, int outputOffset) - { - return _decryptor.TransformBlock(inputBuffer, inputOffset, inputCount, outputBuffer, outputOffset); - } - - public void Dispose() - { - _aes.Dispose(); - _encryptor.Dispose(); - _decryptor.Dispose(); - } - } - } -} diff --git a/src/Renci.SshNet/Security/Cryptography/Ciphers/AesCipher.CtrImpl.cs b/src/Renci.SshNet/Security/Cryptography/Ciphers/AesCipher.CtrImpl.cs deleted file mode 100644 index 89f865079..000000000 --- a/src/Renci.SshNet/Security/Cryptography/Ciphers/AesCipher.CtrImpl.cs +++ /dev/null @@ -1,148 +0,0 @@ -#nullable enable -using System; -using System.Buffers.Binary; -using System.Diagnostics; -using System.Numerics; -using System.Security.Cryptography; - -namespace Renci.SshNet.Security.Cryptography.Ciphers -{ - public partial class AesCipher - { - private sealed class CtrImpl : BlockCipher, IDisposable - { - private readonly Aes _aes; - - private readonly ICryptoTransform _encryptor; - - private ulong _ivUpper; // The upper 64 bits of the IV - private ulong _ivLower; // The lower 64 bits of the IV - - public CtrImpl( - byte[] key, - byte[] iv) - : base(key, 16, mode: null, padding: null) - { - var aes = Aes.Create(); - aes.Key = key; - aes.Mode = System.Security.Cryptography.CipherMode.ECB; - aes.Padding = PaddingMode.None; - _aes = aes; - _encryptor = aes.CreateEncryptor(); - - _ivLower = BinaryPrimitives.ReadUInt64BigEndian(iv.AsSpan(8)); - _ivUpper = BinaryPrimitives.ReadUInt64BigEndian(iv); - } - - public override byte[] Encrypt(byte[] input, int offset, int length) - { - return Decrypt(input, offset, length); - } - - public override byte[] Decrypt(byte[] input, int offset, int length) - { - ArgumentNullException.ThrowIfNull(input); - - var buffer = CTREncryptDecrypt(input, offset, length, output: null, 0); - - // adjust output for non-blocksized lengths - if (buffer.Length > length) - { - Array.Resize(ref buffer, length); - } - - return buffer; - } - - public override int Decrypt(byte[] input, int offset, int length, byte[] output, int outputOffset) - { - ArgumentNullException.ThrowIfNull(input); - ArgumentNullException.ThrowIfNull(output); - - _ = CTREncryptDecrypt(input, offset, length, output, outputOffset); - - return length; - } - - public override int DecryptBlock(byte[] inputBuffer, int inputOffset, int inputCount, byte[] outputBuffer, int outputOffset) - { - throw new NotImplementedException($"Invalid usage of {nameof(DecryptBlock)}."); - } - - public override int EncryptBlock(byte[] inputBuffer, int inputOffset, int inputCount, byte[] outputBuffer, int outputOffset) - { - throw new NotImplementedException($"Invalid usage of {nameof(EncryptBlock)}."); - } - - private byte[] CTREncryptDecrypt(byte[] data, int offset, int length, byte[]? output, int outputOffset) - { - var blockSizedLength = length; - if (blockSizedLength % BlockSize != 0) - { - blockSizedLength += BlockSize - (blockSizedLength % BlockSize); - } - - Debug.Assert(blockSizedLength % BlockSize == 0); - - if (output is null) - { - output = new byte[blockSizedLength]; - outputOffset = 0; - } - else if (data.AsSpan(offset, length).Overlaps(output.AsSpan(outputOffset, blockSizedLength))) - { - throw new ArgumentException("Input and output buffers must not overlap"); - } - - CTRCreateCounterArray(output.AsSpan(outputOffset, blockSizedLength)); - - var bytesWritten = _encryptor.TransformBlock(output, outputOffset, blockSizedLength, output, outputOffset); - - Debug.Assert(bytesWritten == blockSizedLength); - - ArrayXOR(output, outputOffset, data, offset, length); - - return output; - } - - // creates the Counter array filled with incrementing copies of IV - private void CTRCreateCounterArray(Span buffer) - { - Debug.Assert(buffer.Length % 16 == 0); - - for (var i = 0; i < buffer.Length; i += 16) - { - BinaryPrimitives.WriteUInt64BigEndian(buffer.Slice(i + 8), _ivLower); - BinaryPrimitives.WriteUInt64BigEndian(buffer.Slice(i), _ivUpper); - - _ivLower += 1; - _ivUpper += (_ivLower == 0) ? 1UL : 0UL; - } - } - - // XOR 2 arrays using Vector - private static void ArrayXOR(byte[] buffer, int bufferOffset, byte[] data, int offset, int length) - { - var i = 0; - - var oneVectorFromEnd = length - Vector.Count; - for (; i <= oneVectorFromEnd; i += Vector.Count) - { - var v = new Vector(buffer, bufferOffset + i) ^ new Vector(data, offset + i); - v.CopyTo(buffer, bufferOffset + i); - } - - for (; i < length; i++) - { - buffer[bufferOffset + i] ^= data[offset + i]; - } - } - - public void Dispose() - { - _aes.Dispose(); - _encryptor.Dispose(); - } - } - } -} diff --git a/src/Renci.SshNet/Security/Cryptography/Ciphers/AesCipher.cs b/src/Renci.SshNet/Security/Cryptography/Ciphers/AesCipher.cs index eb335549a..cde4220be 100644 --- a/src/Renci.SshNet/Security/Cryptography/Ciphers/AesCipher.cs +++ b/src/Renci.SshNet/Security/Cryptography/Ciphers/AesCipher.cs @@ -1,18 +1,28 @@ +#nullable enable using System; using System.Security.Cryptography; -using Org.BouncyCastle.Crypto.Paddings; - -using Renci.SshNet.Security.Cryptography.Ciphers.Modes; +using Renci.SshNet.Common; namespace Renci.SshNet.Security.Cryptography.Ciphers { /// /// AES cipher implementation. /// - public sealed partial class AesCipher : BlockCipher, IDisposable + internal sealed class AesCipher : Cipher, IDisposable { - private readonly BlockCipher _impl; + private readonly Aes _aes; + private readonly ICryptoTransform _encryptor; + private readonly ICryptoTransform _decryptor; + + /// + public override byte MinimumSize + { + get + { + return 16; + } + } /// /// Initializes a new instance of the class. @@ -23,73 +33,85 @@ public sealed partial class AesCipher : BlockCipher, IDisposable /// Enable PKCS7 padding. /// is . /// Keysize is not valid for this algorithm. - public AesCipher(byte[] key, byte[] iv, AesCipherMode mode, bool pkcs7Padding = false) - : base(key, 16, mode: null, padding: null) + public AesCipher(byte[] key, byte[] iv, CipherMode mode, bool pkcs7Padding = false) + : base(key) { - if (mode == AesCipherMode.OFB) - { - // OFB is not supported on modern .NET - _impl = new BlockImpl(key, new OfbCipherMode(iv), pkcs7Padding ? new Pkcs7Padding() : null); - } -#if !NET - else if (mode == AesCipherMode.CFB) - { - // CFB not supported on NetStandard 2.1 - _impl = new BlockImpl(key, new CfbCipherMode(iv), pkcs7Padding ? new Pkcs7Padding() : null); - } -#endif - else if (mode == AesCipherMode.CTR) - { - // CTR not supported by the BCL, use an optimized implementation - _impl = new CtrImpl(key, iv); - } - else - { - _impl = new BclImpl( - key, - iv, - (System.Security.Cryptography.CipherMode)mode, - pkcs7Padding ? PaddingMode.PKCS7 : PaddingMode.None); - } + var aes = Aes.Create(); + aes.Key = key; + aes.IV = iv.Take(16); + aes.Mode = mode; + aes.Padding = pkcs7Padding ? PaddingMode.PKCS7 : PaddingMode.None; + _aes = aes; + _encryptor = aes.CreateEncryptor(); + _decryptor = aes.CreateDecryptor(); } /// - public override int EncryptBlock(byte[] inputBuffer, int inputOffset, int inputCount, byte[] outputBuffer, int outputOffset) + public override byte[] Encrypt(byte[] input, int offset, int length) { - return _impl.EncryptBlock(inputBuffer, inputOffset, inputCount, outputBuffer, outputOffset); + return Transform(_encryptor, input, offset, length, output: null, 0, out _); } /// - public override int DecryptBlock(byte[] inputBuffer, int inputOffset, int inputCount, byte[] outputBuffer, int outputOffset) + public override byte[] Decrypt(byte[] input, int offset, int length) { - return _impl.EncryptBlock(inputBuffer, inputOffset, inputCount, outputBuffer, outputOffset); + return Transform(_decryptor, input, offset, length, output: null, 0, out _); } /// - public override byte[] Encrypt(byte[] input, int offset, int length) + public override int Decrypt(byte[] input, int offset, int length, byte[] output, int outputOffset) { - return _impl.Encrypt(input, offset, length); - } + _ = Transform(_decryptor, input, offset, length, output, outputOffset, out var bytesWritten); - /// - public override byte[] Decrypt(byte[] input, int offset, int length) - { - return _impl.Decrypt(input, offset, length); + return bytesWritten; } - /// - public override int Decrypt(byte[] input, int offset, int length, byte[] output, int outputOffset) + private byte[] Transform(ICryptoTransform transform, byte[] input, int offset, int length, byte[]? output, int outputOffset, out int bytesWritten) { - return _impl.Decrypt(input, offset, length, output, outputOffset); + if (_aes.Padding != PaddingMode.None) + { + // If padding has been specified, call TransformFinalBlock to apply + // the padding and reset the state. + + var finalBlock = transform.TransformFinalBlock(input, offset, length); + + if (output is not null) + { + finalBlock.AsSpan().CopyTo(output.AsSpan(outputOffset)); + } + + bytesWritten = finalBlock.Length; + + return finalBlock; + } + + // Otherwise, (the most important case) assume this instance is + // used for one direction of an SSH connection, whereby the + // encrypted data in all packets are considered a single data + // stream i.e. we do not want to reset the state between calls to Decrypt. + if (output is null) + { + output = new byte[length]; + + bytesWritten = transform.TransformBlock(input, offset, length, output, outputOffset); + + // Manually unpad the output. + Array.Resize(ref output, bytesWritten); + } + else + { + bytesWritten = transform.TransformBlock(input, offset, length, output, outputOffset); + } + + return output; } /// public void Dispose() { - if (_impl is IDisposable disposableImpl) - { - disposableImpl.Dispose(); - } + _aes.Dispose(); + _encryptor.Dispose(); + _decryptor.Dispose(); } } } diff --git a/src/Renci.SshNet/Security/Cryptography/Ciphers/AesCipherMode.cs b/src/Renci.SshNet/Security/Cryptography/Ciphers/AesCipherMode.cs deleted file mode 100644 index 9f948b3cf..000000000 --- a/src/Renci.SshNet/Security/Cryptography/Ciphers/AesCipherMode.cs +++ /dev/null @@ -1,26 +0,0 @@ -namespace Renci.SshNet.Security.Cryptography.Ciphers -{ - /// - /// Custom AES Cipher Mode, follows System.Security.Cryptography.CipherMode. - /// - public enum AesCipherMode - { - /// Cipher Block Chain Mode. - CBC = 1, - - /// Electronic Codebook Mode. - ECB = 2, - - /// Output Feedback Mode. - OFB = 3, - - /// Cipher Feedback Mode. - CFB = 4, - - /// Cipher Text Stealing Mode. - CTS = 5, - - /// Counter Mode. - CTR = 6 - } -} diff --git a/src/Renci.SshNet/Security/Cryptography/Ciphers/AesCtrCipher.cs b/src/Renci.SshNet/Security/Cryptography/Ciphers/AesCtrCipher.cs new file mode 100644 index 000000000..9bcf36142 --- /dev/null +++ b/src/Renci.SshNet/Security/Cryptography/Ciphers/AesCtrCipher.cs @@ -0,0 +1,140 @@ +#nullable enable +using System; +using System.Buffers.Binary; +using System.Diagnostics; +using System.Numerics; +using System.Security.Cryptography; + +namespace Renci.SshNet.Security.Cryptography.Ciphers +{ + internal sealed class AesCtrCipher : Cipher, IDisposable + { + private readonly Aes _aes; + private readonly ICryptoTransform _encryptor; + + private ulong _ivUpper; // The upper 64 bits of the IV + private ulong _ivLower; // The lower 64 bits of the IV + + public override byte MinimumSize + { + get + { + return 16; + } + } + + public AesCtrCipher(byte[] key, byte[] iv) + : base(key) + { + var aes = Aes.Create(); + aes.Key = key; + aes.Mode = CipherMode.ECB; + aes.Padding = PaddingMode.None; + _aes = aes; + _encryptor = aes.CreateEncryptor(); + + _ivLower = BinaryPrimitives.ReadUInt64BigEndian(iv.AsSpan(8)); + _ivUpper = BinaryPrimitives.ReadUInt64BigEndian(iv); + } + + public override byte[] Encrypt(byte[] input, int offset, int length) + { + return Decrypt(input, offset, length); + } + + public override byte[] Decrypt(byte[] input, int offset, int length) + { + ArgumentNullException.ThrowIfNull(input); + + var buffer = CTREncryptDecrypt(input, offset, length, output: null, 0); + + // adjust output for non-blocksized lengths + if (buffer.Length > length) + { + Array.Resize(ref buffer, length); + } + + return buffer; + } + + public override int Decrypt(byte[] input, int offset, int length, byte[] output, int outputOffset) + { + ArgumentNullException.ThrowIfNull(input); + ArgumentNullException.ThrowIfNull(output); + + _ = CTREncryptDecrypt(input, offset, length, output, outputOffset); + + return length; + } + + private byte[] CTREncryptDecrypt(byte[] data, int offset, int length, byte[]? output, int outputOffset) + { + var blockSizedLength = length; + if (blockSizedLength % BlockSize != 0) + { + blockSizedLength += BlockSize - (blockSizedLength % BlockSize); + } + + Debug.Assert(blockSizedLength % BlockSize == 0); + + if (output is null) + { + output = new byte[blockSizedLength]; + outputOffset = 0; + } + else if (data.AsSpan(offset, length).Overlaps(output.AsSpan(outputOffset, blockSizedLength))) + { + throw new ArgumentException("Input and output buffers must not overlap"); + } + + CTRCreateCounterArray(output.AsSpan(outputOffset, blockSizedLength)); + + var bytesWritten = _encryptor.TransformBlock(output, outputOffset, blockSizedLength, output, outputOffset); + + Debug.Assert(bytesWritten == blockSizedLength); + + ArrayXOR(output, outputOffset, data, offset, length); + + return output; + } + + // creates the Counter array filled with incrementing copies of IV + private void CTRCreateCounterArray(Span buffer) + { + Debug.Assert(buffer.Length % BlockSize == 0); + + for (var i = 0; i < buffer.Length; i += BlockSize) + { + BinaryPrimitives.WriteUInt64BigEndian(buffer.Slice(i + 8), _ivLower); + BinaryPrimitives.WriteUInt64BigEndian(buffer.Slice(i), _ivUpper); + + _ivLower += 1; + _ivUpper += (_ivLower == 0) ? 1UL : 0UL; + } + } + + // XOR 2 arrays using Vector + private static void ArrayXOR(byte[] buffer, int bufferOffset, byte[] data, int offset, int length) + { + var i = 0; + + var oneVectorFromEnd = length - Vector.Count; + for (; i <= oneVectorFromEnd; i += Vector.Count) + { + var v = new Vector(buffer, bufferOffset + i) ^ new Vector(data, offset + i); + v.CopyTo(buffer, bufferOffset + i); + } + + for (; i < length; i++) + { + buffer[bufferOffset + i] ^= data[offset + i]; + } + } + + public void Dispose() + { + _aes.Dispose(); + _encryptor.Dispose(); + } + } +} diff --git a/src/Renci.SshNet/Security/Cryptography/Ciphers/AesGcmCipher.cs b/src/Renci.SshNet/Security/Cryptography/Ciphers/AesGcmCipher.cs index 03cb78ea5..2e865ffd4 100644 --- a/src/Renci.SshNet/Security/Cryptography/Ciphers/AesGcmCipher.cs +++ b/src/Renci.SshNet/Security/Cryptography/Ciphers/AesGcmCipher.cs @@ -10,7 +10,7 @@ namespace Renci.SshNet.Security.Cryptography.Ciphers /// AES GCM cipher implementation. /// . /// - internal sealed partial class AesGcmCipher : SymmetricCipher, IDisposable + internal sealed partial class AesGcmCipher : Cipher, IDisposable { private const int TagSizeInBytes = 16; private readonly byte[] _iv; diff --git a/src/Renci.SshNet/Security/Cryptography/Ciphers/ChaCha20Poly1305Cipher.cs b/src/Renci.SshNet/Security/Cryptography/Ciphers/ChaCha20Poly1305Cipher.cs index 4107db278..a6c8a30f8 100644 --- a/src/Renci.SshNet/Security/Cryptography/Ciphers/ChaCha20Poly1305Cipher.cs +++ b/src/Renci.SshNet/Security/Cryptography/Ciphers/ChaCha20Poly1305Cipher.cs @@ -16,7 +16,7 @@ namespace Renci.SshNet.Security.Cryptography.Ciphers /// ChaCha20Poly1305 cipher implementation. /// . /// - internal sealed class ChaCha20Poly1305Cipher : SymmetricCipher + internal sealed class ChaCha20Poly1305Cipher : Cipher { private readonly byte[] _iv; private readonly int _aadLength; diff --git a/src/Renci.SshNet/Security/Cryptography/Ciphers/CipherMode.cs b/src/Renci.SshNet/Security/Cryptography/Ciphers/CipherMode.cs deleted file mode 100644 index 490756aff..000000000 --- a/src/Renci.SshNet/Security/Cryptography/Ciphers/CipherMode.cs +++ /dev/null @@ -1,75 +0,0 @@ -using Renci.SshNet.Common; - -namespace Renci.SshNet.Security.Cryptography.Ciphers -{ - /// - /// Base class for cipher mode implementations. - /// - public abstract class CipherMode - { -#pragma warning disable SA1401 // Fields should be private -#pragma warning disable SA1306 // Field names should begin with lower-case letter - /// - /// Gets the cipher. - /// - protected BlockCipher Cipher; - - /// - /// Gets the IV vector. - /// - protected byte[] IV; - - /// - /// Holds block size of the cipher. - /// - protected int _blockSize; -#pragma warning restore SA1306 // Field names should begin with lower-case letter -#pragma warning restore SA1401 // Fields should be private - - /// - /// Initializes a new instance of the class. - /// - /// The iv. - protected CipherMode(byte[] iv) - { - IV = iv; - } - - /// - /// Initializes the specified cipher mode. - /// - /// The cipher. - internal void Init(BlockCipher cipher) - { - Cipher = cipher; - _blockSize = cipher.BlockSize; - IV = IV.Take(_blockSize); - } - - /// - /// Encrypts the specified region of the input byte array and copies the encrypted data to the specified region of the output byte array. - /// - /// The input data to encrypt. - /// The offset into the input byte array from which to begin using data. - /// The number of bytes in the input byte array to use as data. - /// The output to which to write encrypted data. - /// The offset into the output byte array from which to begin writing data. - /// - /// The number of bytes encrypted. - /// - public abstract int EncryptBlock(byte[] inputBuffer, int inputOffset, int inputCount, byte[] outputBuffer, int outputOffset); - - /// - /// Decrypts the specified region of the input byte array and copies the decrypted data to the specified region of the output byte array. - /// - /// The input data to decrypt. - /// The offset into the input byte array from which to begin using data. - /// The number of bytes in the input byte array to use as data. - /// The output to which to write decrypted data. - /// The offset into the output byte array from which to begin writing data. - /// - /// The number of bytes decrypted. - /// - public abstract int DecryptBlock(byte[] inputBuffer, int inputOffset, int inputCount, byte[] outputBuffer, int outputOffset); - } -} diff --git a/src/Renci.SshNet/Security/Cryptography/Ciphers/Modes/CbcCipherMode.cs b/src/Renci.SshNet/Security/Cryptography/Ciphers/Modes/CbcCipherMode.cs deleted file mode 100644 index a2b9243d4..000000000 --- a/src/Renci.SshNet/Security/Cryptography/Ciphers/Modes/CbcCipherMode.cs +++ /dev/null @@ -1,100 +0,0 @@ -using System; -using System.Globalization; - -namespace Renci.SshNet.Security.Cryptography.Ciphers.Modes -{ - /// - /// Implements CBC cipher mode. - /// - public class CbcCipherMode : CipherMode - { - /// - /// Initializes a new instance of the class. - /// - /// The iv. - public CbcCipherMode(byte[] iv) - : base(iv) - { - } - - /// - /// Encrypts the specified region of the input byte array and copies the encrypted data to the specified region of the output byte array. - /// - /// The input data to encrypt. - /// The offset into the input byte array from which to begin using data. - /// The number of bytes in the input byte array to use as data. - /// The output to which to write encrypted data. - /// The offset into the output byte array from which to begin writing data. - /// - /// The number of bytes encrypted. - /// - public override int EncryptBlock(byte[] inputBuffer, int inputOffset, int inputCount, byte[] outputBuffer, int outputOffset) - { - if (inputBuffer.Length - inputOffset < _blockSize) - { - throw new ArgumentException("Invalid input buffer"); - } - - if (outputBuffer.Length - outputOffset < _blockSize) - { - throw new ArgumentException("Invalid output buffer"); - } - - if (inputCount != _blockSize) - { - throw new ArgumentException(string.Format(CultureInfo.CurrentCulture, "inputCount must be {0}.", _blockSize)); - } - - for (var i = 0; i < _blockSize; i++) - { - IV[i] ^= inputBuffer[inputOffset + i]; - } - - _ = Cipher.EncryptBlock(IV, 0, inputCount, outputBuffer, outputOffset); - - Buffer.BlockCopy(outputBuffer, outputOffset, IV, 0, IV.Length); - - return _blockSize; - } - - /// - /// Decrypts the specified region of the input byte array and copies the decrypted data to the specified region of the output byte array. - /// - /// The input data to decrypt. - /// The offset into the input byte array from which to begin using data. - /// The number of bytes in the input byte array to use as data. - /// The output to which to write decrypted data. - /// The offset into the output byte array from which to begin writing data. - /// - /// The number of bytes decrypted. - /// - public override int DecryptBlock(byte[] inputBuffer, int inputOffset, int inputCount, byte[] outputBuffer, int outputOffset) - { - if (inputBuffer.Length - inputOffset < _blockSize) - { - throw new ArgumentException("Invalid input buffer"); - } - - if (outputBuffer.Length - outputOffset < _blockSize) - { - throw new ArgumentException("Invalid output buffer"); - } - - if (inputCount != _blockSize) - { - throw new ArgumentException(string.Format(CultureInfo.CurrentCulture, "inputCount must be {0}.", _blockSize)); - } - - _ = Cipher.DecryptBlock(inputBuffer, inputOffset, inputCount, outputBuffer, outputOffset); - - for (var i = 0; i < _blockSize; i++) - { - outputBuffer[outputOffset + i] ^= IV[i]; - } - - Buffer.BlockCopy(inputBuffer, inputOffset, IV, 0, IV.Length); - - return _blockSize; - } - } -} diff --git a/src/Renci.SshNet/Security/Cryptography/Ciphers/Modes/CfbCipherMode.cs b/src/Renci.SshNet/Security/Cryptography/Ciphers/Modes/CfbCipherMode.cs deleted file mode 100644 index 23a4bb2f7..000000000 --- a/src/Renci.SshNet/Security/Cryptography/Ciphers/Modes/CfbCipherMode.cs +++ /dev/null @@ -1,105 +0,0 @@ -using System; -using System.Globalization; - -namespace Renci.SshNet.Security.Cryptography.Ciphers.Modes -{ - /// - /// Implements CFB cipher mode. - /// - public class CfbCipherMode : CipherMode - { - private readonly byte[] _ivOutput; - - /// - /// Initializes a new instance of the class. - /// - /// The iv. - public CfbCipherMode(byte[] iv) - : base(iv) - { - _ivOutput = new byte[iv.Length]; - } - - /// - /// Encrypts the specified region of the input byte array and copies the encrypted data to the specified region of the output byte array. - /// - /// The input data to encrypt. - /// The offset into the input byte array from which to begin using data. - /// The number of bytes in the input byte array to use as data. - /// The output to which to write encrypted data. - /// The offset into the output byte array from which to begin writing data. - /// - /// The number of bytes encrypted. - /// - public override int EncryptBlock(byte[] inputBuffer, int inputOffset, int inputCount, byte[] outputBuffer, int outputOffset) - { - if (inputBuffer.Length - inputOffset < _blockSize) - { - throw new ArgumentException("Invalid input buffer"); - } - - if (outputBuffer.Length - outputOffset < _blockSize) - { - throw new ArgumentException("Invalid output buffer"); - } - - if (inputCount != _blockSize) - { - throw new ArgumentException(string.Format(CultureInfo.CurrentCulture, "inputCount must be {0}.", _blockSize)); - } - - _ = Cipher.EncryptBlock(IV, 0, IV.Length, _ivOutput, 0); - - for (var i = 0; i < _blockSize; i++) - { - outputBuffer[outputOffset + i] = (byte)(_ivOutput[i] ^ inputBuffer[inputOffset + i]); - } - - Buffer.BlockCopy(IV, _blockSize, IV, 0, IV.Length - _blockSize); - Buffer.BlockCopy(outputBuffer, outputOffset, IV, IV.Length - _blockSize, _blockSize); - - return _blockSize; - } - - /// - /// Decrypts the specified region of the input byte array and copies the decrypted data to the specified region of the output byte array. - /// - /// The input data to decrypt. - /// The offset into the input byte array from which to begin using data. - /// The number of bytes in the input byte array to use as data. - /// The output to which to write decrypted data. - /// The offset into the output byte array from which to begin writing data. - /// - /// The number of bytes decrypted. - /// - public override int DecryptBlock(byte[] inputBuffer, int inputOffset, int inputCount, byte[] outputBuffer, int outputOffset) - { - if (inputBuffer.Length - inputOffset < _blockSize) - { - throw new ArgumentException("Invalid input buffer"); - } - - if (outputBuffer.Length - outputOffset < _blockSize) - { - throw new ArgumentException("Invalid output buffer"); - } - - if (inputCount != _blockSize) - { - throw new ArgumentException(string.Format(CultureInfo.CurrentCulture, "inputCount must be {0}.", _blockSize)); - } - - _ = Cipher.EncryptBlock(IV, 0, IV.Length, _ivOutput, 0); - - Buffer.BlockCopy(IV, _blockSize, IV, 0, IV.Length - _blockSize); - Buffer.BlockCopy(inputBuffer, inputOffset, IV, IV.Length - _blockSize, _blockSize); - - for (var i = 0; i < _blockSize; i++) - { - outputBuffer[outputOffset + i] = (byte)(_ivOutput[i] ^ inputBuffer[inputOffset + i]); - } - - return _blockSize; - } - } -} diff --git a/src/Renci.SshNet/Security/Cryptography/Ciphers/Modes/CtrCipherMode.cs b/src/Renci.SshNet/Security/Cryptography/Ciphers/Modes/CtrCipherMode.cs deleted file mode 100644 index a0ae5010b..000000000 --- a/src/Renci.SshNet/Security/Cryptography/Ciphers/Modes/CtrCipherMode.cs +++ /dev/null @@ -1,83 +0,0 @@ -using System; -using System.Globalization; - -namespace Renci.SshNet.Security.Cryptography.Ciphers.Modes -{ - /// - /// Implements CTR cipher mode. - /// - public class CtrCipherMode : CipherMode - { - private readonly byte[] _ivOutput; - - /// - /// Initializes a new instance of the class. - /// - /// The iv. - public CtrCipherMode(byte[] iv) - : base(iv) - { - _ivOutput = new byte[iv.Length]; - } - - /// - /// Encrypts the specified region of the input byte array and copies the encrypted data to the specified region of the output byte array. - /// - /// The input data to encrypt. - /// The offset into the input byte array from which to begin using data. - /// The number of bytes in the input byte array to use as data. - /// The output to which to write encrypted data. - /// The offset into the output byte array from which to begin writing data. - /// - /// The number of bytes encrypted. - /// - public override int EncryptBlock(byte[] inputBuffer, int inputOffset, int inputCount, byte[] outputBuffer, int outputOffset) - { - if (inputBuffer.Length - inputOffset < _blockSize) - { - throw new ArgumentException("Invalid input buffer"); - } - - if (outputBuffer.Length - outputOffset < _blockSize) - { - throw new ArgumentException("Invalid output buffer"); - } - - if (inputCount != _blockSize) - { - throw new ArgumentException(string.Format(CultureInfo.CurrentCulture, "inputCount must be {0}.", _blockSize)); - } - - _ = Cipher.EncryptBlock(IV, 0, IV.Length, _ivOutput, 0); - - for (var i = 0; i < _blockSize; i++) - { - outputBuffer[outputOffset + i] = (byte)(_ivOutput[i] ^ inputBuffer[inputOffset + i]); - } - - var j = IV.Length; - while (--j >= 0 && ++IV[j] == 0) - { - // Intentionally empty block - } - - return _blockSize; - } - - /// - /// Decrypts the specified region of the input byte array and copies the decrypted data to the specified region of the output byte array. - /// - /// The input data to decrypt. - /// The offset into the input byte array from which to begin using data. - /// The number of bytes in the input byte array to use as data. - /// The output to which to write decrypted data. - /// The offset into the output byte array from which to begin writing data. - /// - /// The number of bytes decrypted. - /// - public override int DecryptBlock(byte[] inputBuffer, int inputOffset, int inputCount, byte[] outputBuffer, int outputOffset) - { - return EncryptBlock(inputBuffer, inputOffset, inputCount, outputBuffer, outputOffset); - } - } -} diff --git a/src/Renci.SshNet/Security/Cryptography/Ciphers/Modes/OfbCipherMode.cs b/src/Renci.SshNet/Security/Cryptography/Ciphers/Modes/OfbCipherMode.cs deleted file mode 100644 index df2ce60be..000000000 --- a/src/Renci.SshNet/Security/Cryptography/Ciphers/Modes/OfbCipherMode.cs +++ /dev/null @@ -1,79 +0,0 @@ -using System; -using System.Globalization; - -namespace Renci.SshNet.Security.Cryptography.Ciphers.Modes -{ - /// - /// Implements OFB cipher mode. - /// - public class OfbCipherMode : CipherMode - { - private readonly byte[] _ivOutput; - - /// - /// Initializes a new instance of the class. - /// - /// The iv. - public OfbCipherMode(byte[] iv) - : base(iv) - { - _ivOutput = new byte[iv.Length]; - } - - /// - /// Encrypts the specified region of the input byte array and copies the encrypted data to the specified region of the output byte array. - /// - /// The input data to encrypt. - /// The offset into the input byte array from which to begin using data. - /// The number of bytes in the input byte array to use as data. - /// The output to which to write encrypted data. - /// The offset into the output byte array from which to begin writing data. - /// - /// The number of bytes encrypted. - /// - public override int EncryptBlock(byte[] inputBuffer, int inputOffset, int inputCount, byte[] outputBuffer, int outputOffset) - { - if (inputBuffer.Length - inputOffset < _blockSize) - { - throw new ArgumentException("Invalid input buffer"); - } - - if (outputBuffer.Length - outputOffset < _blockSize) - { - throw new ArgumentException("Invalid output buffer"); - } - - if (inputCount != _blockSize) - { - throw new ArgumentException(string.Format(CultureInfo.CurrentCulture, "inputCount must be {0}.", _blockSize)); - } - - _ = Cipher.EncryptBlock(IV, 0, IV.Length, _ivOutput, 0); - - Buffer.BlockCopy(_ivOutput, 0, IV, 0, IV.Length); - - for (var i = 0; i < _blockSize; i++) - { - outputBuffer[outputOffset + i] = (byte)(_ivOutput[i] ^ inputBuffer[inputOffset + i]); - } - - return _blockSize; - } - - /// - /// Decrypts the specified region of the input byte array and copies the decrypted data to the specified region of the output byte array. - /// - /// The input data to decrypt. - /// The offset into the input byte array from which to begin using data. - /// The number of bytes in the input byte array to use as data. - /// The output to which to write decrypted data. - /// The offset into the output byte array from which to begin writing data. - /// - /// The number of bytes decrypted. - /// - public override int DecryptBlock(byte[] inputBuffer, int inputOffset, int inputCount, byte[] outputBuffer, int outputOffset) - { - return EncryptBlock(inputBuffer, inputOffset, inputCount, outputBuffer, outputOffset); - } - } -} diff --git a/src/Renci.SshNet/Security/Cryptography/Ciphers/TripleDesCipher.BclImpl.cs b/src/Renci.SshNet/Security/Cryptography/Ciphers/TripleDesCipher.BclImpl.cs deleted file mode 100644 index 6c0c5f233..000000000 --- a/src/Renci.SshNet/Security/Cryptography/Ciphers/TripleDesCipher.BclImpl.cs +++ /dev/null @@ -1,130 +0,0 @@ -using System; -using System.Security.Cryptography; - -using Renci.SshNet.Common; - -namespace Renci.SshNet.Security.Cryptography.Ciphers -{ - public partial class TripleDesCipher - { - private sealed class BclImpl : BlockCipher, IDisposable - { - private readonly TripleDES _des; - private readonly ICryptoTransform _encryptor; - private readonly ICryptoTransform _decryptor; - - public BclImpl( - byte[] key, - byte[] iv, - System.Security.Cryptography.CipherMode mode, - PaddingMode padding) - : base(key, 8, mode: null, padding: null) - { - var des = TripleDES.Create(); - des.FeedbackSize = 64; // We use CFB8 - des.Key = Key; - des.IV = iv.Take(8); - des.Mode = mode; - des.Padding = padding; - _des = des; - _encryptor = _des.CreateEncryptor(); - _decryptor = _des.CreateDecryptor(); - } - - public override byte[] Encrypt(byte[] input, int offset, int length) - { - if (_des.Padding != PaddingMode.None) - { - return _encryptor.TransformFinalBlock(input, offset, length); - } - - var paddingLength = 0; - if (length % BlockSize > 0) - { - if (_des.Mode is System.Security.Cryptography.CipherMode.CFB or System.Security.Cryptography.CipherMode.OFB) - { - // Manually pad the input for cfb and ofb cipher mode as BCL doesn't support partial block. - // See https://github.com/dotnet/runtime/blob/e7d837da5b1aacd9325a8b8f2214cfaf4d3f0ff6/src/libraries/System.Security.Cryptography/src/System/Security/Cryptography/SymmetricPadding.cs#L20-L21 - paddingLength = BlockSize - (length % BlockSize); - input = input.Take(offset, length); - length += paddingLength; - Array.Resize(ref input, length); - offset = 0; - } - } - - // Otherwise, (the most important case) assume this instance is - // used for one direction of an SSH connection, whereby the - // encrypted data in all packets are considered a single data - // stream i.e. we do not want to reset the state between calls to Encrypt. - var output = new byte[length]; - _ = _encryptor.TransformBlock(input, offset, length, output, 0); - - if (paddingLength > 0) - { - // Manually unpad the output. - Array.Resize(ref output, output.Length - paddingLength); - } - - return output; - } - - public override byte[] Decrypt(byte[] input, int offset, int length) - { - if (_des.Padding != PaddingMode.None) - { - // If padding has been specified, call TransformFinalBlock to apply - // the padding and reset the state. - return _decryptor.TransformFinalBlock(input, offset, length); - } - - var paddingLength = 0; - if (length % BlockSize > 0) - { - if (_des.Mode is System.Security.Cryptography.CipherMode.CFB or System.Security.Cryptography.CipherMode.OFB) - { - // Manually pad the input for cfb and ofb cipher mode as BCL doesn't support partial block. - // See https://github.com/dotnet/runtime/blob/e7d837da5b1aacd9325a8b8f2214cfaf4d3f0ff6/src/libraries/System.Security.Cryptography/src/System/Security/Cryptography/SymmetricPadding.cs#L20-L21 - paddingLength = BlockSize - (length % BlockSize); - input = input.Take(offset, length); - length += paddingLength; - Array.Resize(ref input, length); - offset = 0; - } - } - - // Otherwise, (the most important case) assume this instance is - // used for one direction of an SSH connection, whereby the - // encrypted data in all packets are considered a single data - // stream i.e. we do not want to reset the state between calls to Encrypt. - var output = new byte[length]; - _ = _decryptor.TransformBlock(input, offset, length, output, 0); - - if (paddingLength > 0) - { - // Manually unpad the output. - Array.Resize(ref output, output.Length - paddingLength); - } - - return output; - } - - public override int EncryptBlock(byte[] inputBuffer, int inputOffset, int inputCount, byte[] outputBuffer, int outputOffset) - { - throw new NotImplementedException($"Invalid usage of {nameof(EncryptBlock)}."); - } - - public override int DecryptBlock(byte[] inputBuffer, int inputOffset, int inputCount, byte[] outputBuffer, int outputOffset) - { - throw new NotImplementedException($"Invalid usage of {nameof(DecryptBlock)}."); - } - - public void Dispose() - { - _des.Dispose(); - _encryptor.Dispose(); - _decryptor.Dispose(); - } - } - } -} diff --git a/src/Renci.SshNet/Security/Cryptography/Ciphers/TripleDesCipher.BlockImpl.cs b/src/Renci.SshNet/Security/Cryptography/Ciphers/TripleDesCipher.BlockImpl.cs deleted file mode 100644 index 592c5f795..000000000 --- a/src/Renci.SshNet/Security/Cryptography/Ciphers/TripleDesCipher.BlockImpl.cs +++ /dev/null @@ -1,48 +0,0 @@ -#if !NET -using System; -using System.Security.Cryptography; - -using Org.BouncyCastle.Crypto.Paddings; - -namespace Renci.SshNet.Security.Cryptography.Ciphers -{ - public partial class TripleDesCipher - { - private sealed class BlockImpl : BlockCipher, IDisposable - { - private readonly TripleDES _tripleDES; - private readonly ICryptoTransform _encryptor; - private readonly ICryptoTransform _decryptor; - - public BlockImpl(byte[] key, CipherMode mode, IBlockCipherPadding padding) - : base(key, 8, mode, padding) - { - var tripleDES = TripleDES.Create(); - tripleDES.Key = key; - tripleDES.Mode = System.Security.Cryptography.CipherMode.ECB; - tripleDES.Padding = PaddingMode.None; - _tripleDES = tripleDES; - _encryptor = tripleDES.CreateEncryptor(); - _decryptor = tripleDES.CreateDecryptor(); - } - - public override int EncryptBlock(byte[] inputBuffer, int inputOffset, int inputCount, byte[] outputBuffer, int outputOffset) - { - return _encryptor.TransformBlock(inputBuffer, inputOffset, inputCount, outputBuffer, outputOffset); - } - - public override int DecryptBlock(byte[] inputBuffer, int inputOffset, int inputCount, byte[] outputBuffer, int outputOffset) - { - return _decryptor.TransformBlock(inputBuffer, inputOffset, inputCount, outputBuffer, outputOffset); - } - - public void Dispose() - { - _tripleDES.Dispose(); - _encryptor.Dispose(); - _decryptor.Dispose(); - } - } - } -} -#endif diff --git a/src/Renci.SshNet/Security/Cryptography/Ciphers/TripleDesCipher.cs b/src/Renci.SshNet/Security/Cryptography/Ciphers/TripleDesCipher.cs index 59af932c2..cdbe53497 100644 --- a/src/Renci.SshNet/Security/Cryptography/Ciphers/TripleDesCipher.cs +++ b/src/Renci.SshNet/Security/Cryptography/Ciphers/TripleDesCipher.cs @@ -1,24 +1,26 @@ using System; using System.Security.Cryptography; -#if !NET -using Org.BouncyCastle.Crypto.Paddings; - -using Renci.SshNet.Security.Cryptography.Ciphers.Modes; -#endif +using Renci.SshNet.Common; namespace Renci.SshNet.Security.Cryptography.Ciphers { /// /// Implements 3DES cipher algorithm. /// - public sealed partial class TripleDesCipher : BlockCipher, IDisposable + internal sealed class TripleDesCipher : Cipher, IDisposable { -#if NET - private readonly BclImpl _impl; -#else - private readonly BlockCipher _impl; -#endif + private readonly TripleDES _des; + private readonly ICryptoTransform _encryptor; + private readonly ICryptoTransform _decryptor; + + public override byte MinimumSize + { + get + { + return 8; + } + } /// /// Initializes a new instance of the class. @@ -28,59 +30,63 @@ public sealed partial class TripleDesCipher : BlockCipher, IDisposable /// The mode. /// Enable PKCS7 padding. /// is . - public TripleDesCipher(byte[] key, byte[] iv, System.Security.Cryptography.CipherMode mode, bool pkcs7Padding) - : base(key, 8, mode: null, padding: null) + public TripleDesCipher(byte[] key, byte[] iv, CipherMode mode, bool pkcs7Padding = false) + : base(key) { -#if !NET - if (mode == System.Security.Cryptography.CipherMode.CFB) - { - // CFB8 not supported on .NET Framework, but supported on .NET - // see https://github.com/microsoft/referencesource/blob/51cf7850defa8a17d815b4700b67116e3fa283c2/mscorlib/system/security/cryptography/tripledescryptoserviceprovider.cs#L76-L78 - // see https://github.com/dotnet/runtime/blob/e7d837da5b1aacd9325a8b8f2214cfaf4d3f0ff6/src/libraries/System.Security.Cryptography/src/System/Security/Cryptography/TripleDesImplementation.cs#L229-L236 - _impl = new BlockImpl(key, new CfbCipherMode(iv), pkcs7Padding ? new Pkcs7Padding() : null); - } - else -#endif - { - _impl = new BclImpl(key, iv, mode, pkcs7Padding ? PaddingMode.PKCS7 : PaddingMode.None); - } + var des = TripleDES.Create(); + des.Key = key; + des.IV = iv.Take(8); + des.Mode = mode; + des.Padding = pkcs7Padding ? PaddingMode.PKCS7 : PaddingMode.None; + _des = des; + _encryptor = _des.CreateEncryptor(); + _decryptor = _des.CreateDecryptor(); } /// public override byte[] Encrypt(byte[] input, int offset, int length) { - return _impl.Encrypt(input, offset, length); + if (_des.Padding != PaddingMode.None) + { + return _encryptor.TransformFinalBlock(input, offset, length); + } + + // Otherwise, (the most important case) assume this instance is + // used for one direction of an SSH connection, whereby the + // encrypted data in all packets are considered a single data + // stream i.e. we do not want to reset the state between calls to Encrypt. + var output = new byte[length]; + _ = _encryptor.TransformBlock(input, offset, length, output, 0); + + return output; } /// public override byte[] Decrypt(byte[] input, int offset, int length) { - return _impl.Decrypt(input, offset, length); - } + if (_des.Padding != PaddingMode.None) + { + // If padding has been specified, call TransformFinalBlock to apply + // the padding and reset the state. + return _decryptor.TransformFinalBlock(input, offset, length); + } - /// - public override int EncryptBlock(byte[] inputBuffer, int inputOffset, int inputCount, byte[] outputBuffer, int outputOffset) - { - return _impl.EncryptBlock(inputBuffer, inputOffset, inputCount, outputBuffer, outputOffset); - } + // Otherwise, (the most important case) assume this instance is + // used for one direction of an SSH connection, whereby the + // encrypted data in all packets are considered a single data + // stream i.e. we do not want to reset the state between calls to Encrypt. + var output = new byte[length]; + _ = _decryptor.TransformBlock(input, offset, length, output, 0); - /// - public override int DecryptBlock(byte[] inputBuffer, int inputOffset, int inputCount, byte[] outputBuffer, int outputOffset) - { - return _impl.DecryptBlock(inputBuffer, inputOffset, inputCount, outputBuffer, outputOffset); + return output; } /// public void Dispose() { -#if NET - _impl.Dispose(); -#else - if (_impl is IDisposable disposableImpl) - { - disposableImpl.Dispose(); - } -#endif + _des.Dispose(); + _encryptor.Dispose(); + _decryptor.Dispose(); } } } diff --git a/src/Renci.SshNet/Security/Cryptography/SymmetricCipher.cs b/src/Renci.SshNet/Security/Cryptography/SymmetricCipher.cs deleted file mode 100644 index 87674a9f8..000000000 --- a/src/Renci.SshNet/Security/Cryptography/SymmetricCipher.cs +++ /dev/null @@ -1,27 +0,0 @@ -using System; - -namespace Renci.SshNet.Security.Cryptography -{ - /// - /// Base class for symmetric cipher implementations. - /// - public abstract class SymmetricCipher : Cipher - { - /// - /// Gets the key. - /// - protected byte[] Key { get; private set; } - - /// - /// Initializes a new instance of the class. - /// - /// The key. - /// is . - protected SymmetricCipher(byte[] key) - { - ArgumentNullException.ThrowIfNull(key); - - Key = key; - } - } -} diff --git a/test/Data/Key.RSA.Encrypted.Des.Ede3.CFB.1234567890.pub b/test/Data/Key.RSA.Encrypted.Des.Ede3.CFB.1234567890.pub deleted file mode 100644 index 9bd8adc51..000000000 --- a/test/Data/Key.RSA.Encrypted.Des.Ede3.CFB.1234567890.pub +++ /dev/null @@ -1 +0,0 @@ -ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAs8tm1pWW8JOQTpuvsGlf/x7su38XuKo7zOLiY/6gB+ZBWs6UC3TnP1UnG13qyS9euWmIWqVz/3d6OM/O9ysjwgzBjRGQIyekxbXxDb+IpYrZR8T5QHXFjPp/yXGcknurUYF8G4ubxqJAULe5lCzg/b4aN9Vxv1tMTRdaArLPldc= diff --git a/test/Data/Key.RSA.Encrypted.Des.Ede3.CFB.1234567890.txt b/test/Data/Key.RSA.Encrypted.Des.Ede3.CFB.1234567890.txt deleted file mode 100644 index 8021cda6d..000000000 --- a/test/Data/Key.RSA.Encrypted.Des.Ede3.CFB.1234567890.txt +++ /dev/null @@ -1,18 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -Proc-Type: 4,ENCRYPTED -DEK-Info: DES-EDE3-CFB,81C75CC63A21DFFB - -7BCpj4mM2LTaWGP2f/IK8+Zd7XssLHtagETCURfg+x+IYhOOsW/qORNBeOL4lT8G -s8ymGJIMjNC0aGwJb214Kp19ajMlRN8IaHtw1QD3BYIxFSx35DSWd6WrECcdaJCm -FZ5y+rXf0NMUOUKg9xXF+Xnbucau3QN4NiLBB50oJyRIRco6Wy/9AB1yKrZsll4N -3+1XnnXZuanvIugi8TybUgzyrGE1dqwyGjHtN+bf8hWu8jrnx3AkjmzXJ+yiGbd4 -w/JYfCzyVsEZuEzkn62johwNpwcuXFYEXxSSU444/TZf2BuuvvpkbCltkfvhOC3z -fp1DOtToaZadwHsH8laB+HPktisfetoPaQdqi/fGgqiERzDq9Xy7wY9JXdT65WeU -mh+USBy7mF6I57UgRM6AAZLvrJmG+hE8GYezThT9ZEnFyumrQgt8sTdWWFStYJcW -jlohuNO8c4IXwvXfVgafaIIAcFUcAKk/XgSLjMcn7YyBlaR6qIdwLLfRNEspv9mR -IF0M2ua4vZRLJfn+NOcs0n10v0jUFgMXoIqDr86OB3pW3ud/lET6bz6QYO3rNHW4 -NtAmD2wwl66nuq2d9uLUSSkQj5spVDbFzfvnZCN3yl4hdyWlmzRJqybyr5xTIbT7 -x5JF/eg3xq8weaZrFqq7r5uIhDYI7/sexxL9M/8nyV8COUYkDxxISbNpoDuCKbv8 -fyIX92mGQtM8D7YftvCbEr8kw1fga9XhkDdOEuBzKZyIAD50xE39rFFMNNq8l8/Y -Gxo8zq0rW/IsrwvhWLLGtvmy68Be+WAi/mDHf6x4 ------END RSA PRIVATE KEY----- \ No newline at end of file diff --git a/test/Renci.SshNet.Benchmarks/Security/Cryptography/Ciphers/AesCipherBenchmarks.cs b/test/Renci.SshNet.Benchmarks/Security/Cryptography/Ciphers/AesCipherBenchmarks.cs index 9cecc0855..f5e8ecbfb 100644 --- a/test/Renci.SshNet.Benchmarks/Security/Cryptography/Ciphers/AesCipherBenchmarks.cs +++ b/test/Renci.SshNet.Benchmarks/Security/Cryptography/Ciphers/AesCipherBenchmarks.cs @@ -1,4 +1,6 @@ -using BenchmarkDotNet.Attributes; +using System.Security.Cryptography; + +using BenchmarkDotNet.Attributes; using Renci.SshNet.Security.Cryptography.Ciphers; @@ -26,49 +28,25 @@ public AesCipherBenchmarks() [Benchmark] public byte[] Encrypt_CBC() { - return new AesCipher(_key, _iv, AesCipherMode.CBC, false).Encrypt(_data); + return new AesCipher(_key, _iv, CipherMode.CBC, false).Encrypt(_data); } [Benchmark] public byte[] Decrypt_CBC() { - return new AesCipher(_key, _iv, AesCipherMode.CBC, false).Decrypt(_data); - } - - [Benchmark] - public byte[] Encrypt_CFB() - { - return new AesCipher(_key, _iv, AesCipherMode.CFB, false).Encrypt(_data); - } - - [Benchmark] - public byte[] Decrypt_CFB() - { - return new AesCipher(_key, _iv, AesCipherMode.CFB, false).Decrypt(_data); + return new AesCipher(_key, _iv, CipherMode.CBC, false).Decrypt(_data); } [Benchmark] public byte[] Encrypt_CTR() { - return new AesCipher(_key, _iv, AesCipherMode.CTR, false).Encrypt(_data); + return new AesCtrCipher(_key, _iv).Encrypt(_data); } [Benchmark] public byte[] Decrypt_CTR() { - return new AesCipher(_key, _iv, AesCipherMode.CTR, false).Decrypt(_data); - } - - [Benchmark] - public byte[] Encrypt_ECB() - { - return new AesCipher(_key, null, AesCipherMode.ECB, false).Encrypt(_data); - } - - [Benchmark] - public byte[] Decrypt_ECB() - { - return new AesCipher(_key, null, AesCipherMode.ECB, false).Decrypt(_data); + return new AesCtrCipher(_key, _iv).Decrypt(_data); } } } diff --git a/test/Renci.SshNet.Benchmarks/Security/Cryptography/Ciphers/TripleDesCipherBenchmarks.cs b/test/Renci.SshNet.Benchmarks/Security/Cryptography/Ciphers/TripleDesCipherBenchmarks.cs index 1d45f4281..6f56b12c1 100644 --- a/test/Renci.SshNet.Benchmarks/Security/Cryptography/Ciphers/TripleDesCipherBenchmarks.cs +++ b/test/Renci.SshNet.Benchmarks/Security/Cryptography/Ciphers/TripleDesCipherBenchmarks.cs @@ -1,8 +1,8 @@ -using BenchmarkDotNet.Attributes; +using System.Security.Cryptography; -using Renci.SshNet.Security.Cryptography.Ciphers; +using BenchmarkDotNet.Attributes; -using CipherMode = System.Security.Cryptography.CipherMode; +using Renci.SshNet.Security.Cryptography.Ciphers; namespace Renci.SshNet.Benchmarks.Security.Cryptography.Ciphers { @@ -36,17 +36,5 @@ public byte[] Decrypt_CBC() { return new TripleDesCipher(_key, _iv, CipherMode.CBC, false).Decrypt(_data); } - - [Benchmark] - public byte[] Encrypt_CFB() - { - return new TripleDesCipher(_key, _iv, CipherMode.CFB, false).Encrypt(_data); - } - - [Benchmark] - public byte[] Decrypt_CFB() - { - return new TripleDesCipher(_key, _iv, CipherMode.CFB, false).Decrypt(_data); - } } } diff --git a/test/Renci.SshNet.Tests/Classes/PrivateKeyFileTest.cs b/test/Renci.SshNet.Tests/Classes/PrivateKeyFileTest.cs index f18cef76e..b45f4a6cd 100644 --- a/test/Renci.SshNet.Tests/Classes/PrivateKeyFileTest.cs +++ b/test/Renci.SshNet.Tests/Classes/PrivateKeyFileTest.cs @@ -357,7 +357,6 @@ public void ConstructorWithFileNameAndPassPhraseShouldBeAbleToReadFileThatIsShar [DataRow("Key.RSA.Encrypted.Aes.192.CBC.12345.txt", "12345", typeof(RsaKey))] [DataRow("Key.RSA.Encrypted.Aes.256.CBC.12345.txt", "12345", typeof(RsaKey))] [DataRow("Key.RSA.Encrypted.Des.Ede3.CBC.12345.txt", "12345", typeof(RsaKey))] - [DataRow("Key.RSA.Encrypted.Des.Ede3.CFB.1234567890.txt", "1234567890", typeof(RsaKey))] [DataRow("Key.RSA.PKCS8.Encrypted.Aes.256.CBC.12345.txt", "12345", typeof(RsaKey))] [DataRow("Key.RSA.PKCS8.txt", null, typeof(RsaKey))] [DataRow("Key.RSA.txt", null, typeof(RsaKey))] diff --git a/test/Renci.SshNet.Tests/Classes/Security/Cryptography/BlockCipherTest.cs b/test/Renci.SshNet.Tests/Classes/Security/Cryptography/BlockCipherTest.cs deleted file mode 100644 index b1fc791fc..000000000 --- a/test/Renci.SshNet.Tests/Classes/Security/Cryptography/BlockCipherTest.cs +++ /dev/null @@ -1,164 +0,0 @@ -using System; -using System.Linq; - -using Microsoft.VisualStudio.TestTools.UnitTesting; - -using Org.BouncyCastle.Crypto.Paddings; - -using Renci.SshNet.Security.Cryptography; -using Renci.SshNet.Security.Cryptography.Ciphers; -using Renci.SshNet.Security.Cryptography.Ciphers.Modes; -using Renci.SshNet.Tests.Common; - -namespace Renci.SshNet.Tests.Classes.Security.Cryptography -{ - [TestClass] - public class BlockCipherTest : TestBase - { - [TestMethod] - public void EncryptShouldTakeIntoAccountPaddingForLengthOfInputBufferPassedToEncryptBlock_InputNotDivisible() - { - var input = new byte[] { 0x2c, 0x1a, 0x05, 0x00, 0x68 }; - var output = new byte[] { 0x0a, 0x00, 0x03, 0x02, 0x06, 0x08, 0x07, 0x05 }; - var key = new byte[] { 0x17, 0x78, 0x56, 0xe1, 0x3e, 0xbd, 0x3e, 0x50, 0x1d, 0x79, 0x3f, 0x0f, 0x55, 0x37, 0x45, 0x54 }; - var blockCipher = new BlockCipherStub(key, 8, null, new Pkcs7Padding()) - { - EncryptBlockDelegate = (inputBuffer, inputOffset, inputCount, outputBuffer, outputOffset) => - { - Assert.HasCount(8, inputBuffer); - Buffer.BlockCopy(output, 0, outputBuffer, 0, output.Length); - return inputBuffer.Length; - } - }; - - var actual = blockCipher.Encrypt(input); - - Assert.IsTrue(output.SequenceEqual(actual)); - } - - [TestMethod] - public void EncryptShouldTakeIntoAccountPaddingForLengthOfInputBufferPassedToEncryptBlock_InputDivisible() - { - var input = new byte[0]; - var output = new byte[] { 0x0a, 0x00, 0x03, 0x02, 0x06, 0x08, 0x07, 0x05 }; - var key = new byte[] { 0x17, 0x78, 0x56, 0xe1, 0x3e, 0xbd, 0x3e, 0x50, 0x1d, 0x79, 0x3f, 0x0f, 0x55, 0x37, 0x45, 0x54 }; - var blockCipher = new BlockCipherStub(key, 8, null, new Pkcs7Padding()) - { - EncryptBlockDelegate = (inputBuffer, inputOffset, inputCount, outputBuffer, outputOffset) => - { - Assert.HasCount(8, inputBuffer); - Buffer.BlockCopy(output, 0, outputBuffer, 0, output.Length); - return inputBuffer.Length; - } - }; - - var actual = blockCipher.Encrypt(input); - - Assert.IsTrue(output.SequenceEqual(actual)); - } - - [TestMethod] - public void EncryptShouldTakeIntoAccountManualPaddingForLengthOfInputBufferPassedToDecryptBlockAndUnPaddingForTheFinalOutput_CFB() - { - var input = new byte[] { 0x0a, 0x00, 0x03, 0x02, 0x06 }; - var output = new byte[] { 0x2c, 0x1a, 0x05, 0x00, 0x68 }; - var key = new byte[] { 0x17, 0x78, 0x56, 0xe1, 0x3e, 0xbd, 0x3e, 0x50, 0x1d, 0x79, 0x3f, 0x0f, 0x55, 0x37, 0x45, 0x54 }; - var blockCipher = new BlockCipherStub(key, 8, new CfbCipherModeStub(new byte[8]), null) - { - EncryptBlockDelegate = (inputBuffer, inputOffset, inputCount, outputBuffer, outputOffset) => - { - Assert.HasCount(8, inputBuffer); - Buffer.BlockCopy(output, 0, outputBuffer, 0, output.Length); - return inputBuffer.Length; - } - }; - - var actual = blockCipher.Encrypt(input); - - Assert.IsTrue(output.SequenceEqual(actual)); - } - - [TestMethod] - public void DecryptShouldTakeIntoAccountUnPaddingForTheFinalOutput() - { - var input = new byte[] { 0x0a, 0x00, 0x03, 0x02, 0x06, 0x08, 0x07, 0x05 }; - var output = new byte[] { 0x2c, 0x1a, 0x05, 0x00, 0x68 }; - var padding = new byte[] { 0x03, 0x03, 0x03 }; - var key = new byte[] { 0x17, 0x78, 0x56, 0xe1, 0x3e, 0xbd, 0x3e, 0x50, 0x1d, 0x79, 0x3f, 0x0f, 0x55, 0x37, 0x45, 0x54 }; - var blockCipher = new BlockCipherStub(key, 8, null, new Pkcs7Padding()) - { - DecryptBlockDelegate = (inputBuffer, inputOffset, inputCount, outputBuffer, outputOffset) => - { - Assert.HasCount(8, outputBuffer); - Buffer.BlockCopy(output, 0, outputBuffer, 0, output.Length); - Buffer.BlockCopy(padding, 0, outputBuffer, output.Length, padding.Length); - return inputBuffer.Length; - } - }; - - var actual = blockCipher.Decrypt(input); - - Assert.IsTrue(output.SequenceEqual(actual)); - } - - [TestMethod] - public void DecryptShouldTakeIntoAccountManualPaddingForLengthOfInputBufferPassedToDecryptBlockAndUnPaddingForTheFinalOutput_CFB() - { - var input = new byte[] { 0x0a, 0x00, 0x03, 0x02, 0x06 }; - var output = new byte[] { 0x2c, 0x1a, 0x05, 0x00, 0x68 }; - var key = new byte[] { 0x17, 0x78, 0x56, 0xe1, 0x3e, 0xbd, 0x3e, 0x50, 0x1d, 0x79, 0x3f, 0x0f, 0x55, 0x37, 0x45, 0x54 }; - var blockCipher = new BlockCipherStub(key, 8, new CfbCipherModeStub(new byte[8]), null) - { - DecryptBlockDelegate = (inputBuffer, inputOffset, inputCount, outputBuffer, outputOffset) => - { - Assert.HasCount(8, inputBuffer); - Buffer.BlockCopy(output, 0, outputBuffer, 0, output.Length); - return inputBuffer.Length; - } - }; - - var actual = blockCipher.Decrypt(input); - - Assert.IsTrue(output.SequenceEqual(actual)); - } - - - private class BlockCipherStub : BlockCipher - { - public Func EncryptBlockDelegate; - public Func DecryptBlockDelegate; - - public BlockCipherStub(byte[] key, byte blockSize, CipherMode mode, IBlockCipherPadding padding) : base(key, blockSize, mode, padding) - { - } - - public override int EncryptBlock(byte[] inputBuffer, int inputOffset, int inputCount, byte[] outputBuffer, int outputOffset) - { - return EncryptBlockDelegate(inputBuffer, inputOffset, inputCount, outputBuffer, outputOffset); - } - - public override int DecryptBlock(byte[] inputBuffer, int inputOffset, int inputCount, byte[] outputBuffer, int outputOffset) - { - return DecryptBlockDelegate(inputBuffer, inputOffset, inputCount, outputBuffer, outputOffset); - } - } - - private class CfbCipherModeStub : CfbCipherMode - { - public CfbCipherModeStub(byte[] iv) - : base(iv) - { - } - - public override int EncryptBlock(byte[] inputBuffer, int inputOffset, int inputCount, byte[] outputBuffer, int outputOffset) - { - return Cipher.EncryptBlock(inputBuffer, inputOffset, inputCount, outputBuffer, outputOffset); - } - - public override int DecryptBlock(byte[] inputBuffer, int inputOffset, int inputCount, byte[] outputBuffer, int outputOffset) - { - return Cipher.DecryptBlock(inputBuffer, inputOffset, inputCount, outputBuffer, outputOffset); - } - } - } -} diff --git a/test/Renci.SshNet.Tests/Classes/Security/Cryptography/Ciphers/AesCipherTest.Gen.cs.txt b/test/Renci.SshNet.Tests/Classes/Security/Cryptography/Ciphers/AesCipherTest.Gen.cs.txt index 066c80ed5..54140a0a1 100644 --- a/test/Renci.SshNet.Tests/Classes/Security/Cryptography/Ciphers/AesCipherTest.Gen.cs.txt +++ b/test/Renci.SshNet.Tests/Classes/Security/Cryptography/Ciphers/AesCipherTest.Gen.cs.txt @@ -4,20 +4,17 @@ // expected encrypted values, and also verifies those values against the .NET // BCL implementation as an extra validation before generating the tests. -Dictionary modes = new() +Dictionary modes = new() { - ["ecb"] = ("iv: null, AesCipherMode.ECB", CipherMode.ECB), - ["cbc"] = ("(byte[])iv.Clone(), AesCipherMode.CBC", CipherMode.CBC), - ["cfb"] = ("(byte[])iv.Clone(), AesCipherMode.CFB", CipherMode.CFB), - ["ctr"] = ("(byte[])iv.Clone(), AesCipherMode.CTR", null), - ["ofb"] = ("(byte[])iv.Clone(), AesCipherMode.OFB", CipherMode.OFB), + ["cbc"] = ("(byte[])iv.Clone()", "CipherMode.CBC", CipherMode.CBC), + ["ctr"] = ("(byte[])iv.Clone()", string.Empty, null), }; Random random = new(123); using IndentedTextWriter tw = new(Console.Out); -foreach ((string mode, (string modeCode, CipherMode? bclMode)) in modes) +foreach ((string mode, (string ivCode, string modeCode, CipherMode? bclMode)) in modes) { foreach (int keySize in new int[] { 128, 192, 256 }) { @@ -110,7 +107,15 @@ foreach ((string mode, (string modeCode, CipherMode? bclMode)) in modes) tw.WriteLine($"// {openSslCmd} | hd"); // pipe to hexdump WriteBytes(expected); tw.WriteLine(); - tw.WriteLine($"var actual = new AesCipher(key, {modeCode}, pkcs7Padding: {(pad ? "true" : "false")}).Encrypt(input);"); + if (mode == "ctr") + { + tw.WriteLine($"var actual = new AesCtrCipher(key, {ivCode}).Encrypt(input);"); + } + else + { + tw.WriteLine($"var actual = new AesCipher(key, {ivCode}, {modeCode}, pkcs7Padding: {(pad ? "true" : "false")}).Encrypt(input);"); + } + tw.WriteLine(); tw.WriteLine($"CollectionAssert.AreEqual(expected, actual);"); @@ -137,7 +142,15 @@ foreach ((string mode, (string modeCode, CipherMode? bclMode)) in modes) } tw.WriteLine(); - tw.WriteLine($"var decrypted = new AesCipher(key, {modeCode}, pkcs7Padding: {(pad ? "true" : "false")}).Decrypt(actual);"); + if (mode == "ctr") + { + tw.WriteLine($"var decrypted = new AesCtrCipher(key, {ivCode}).Decrypt(actual);"); + } + else + { + tw.WriteLine($"var decrypted = new AesCipher(key, {ivCode}, {modeCode}, pkcs7Padding: {(pad ? "true" : "false")}).Decrypt(actual);"); + } + tw.WriteLine(); tw.WriteLine($"CollectionAssert.AreEqual(input, decrypted);"); diff --git a/test/Renci.SshNet.Tests/Classes/Security/Cryptography/Ciphers/AesCipherTest.cs b/test/Renci.SshNet.Tests/Classes/Security/Cryptography/Ciphers/AesCipherTest.cs index ee738b8a9..8fdf57740 100644 --- a/test/Renci.SshNet.Tests/Classes/Security/Cryptography/Ciphers/AesCipherTest.cs +++ b/test/Renci.SshNet.Tests/Classes/Security/Cryptography/Ciphers/AesCipherTest.cs @@ -1,4 +1,5 @@ using System.Linq; +using System.Security.Cryptography; using Microsoft.VisualStudio.TestTools.UnitTesting; @@ -42,7 +43,7 @@ public void AES_CTR_Encrypt_Should_Preserve_Cipher_Stream_State() 0xec, 0x47, 0x81, 0x82, 0x89, 0x24, 0x76, 0xe2, 0x20, 0x6a, 0x99, 0xe2, 0xa7, 0x5a, 0xb0, 0x40, }; - var cipher = new AesCipher(key, (byte[])iv.Clone(), AesCipherMode.CTR, pkcs7Padding: false); + var cipher = new AesCtrCipher(key, (byte[])iv.Clone()); var actual1 = cipher.Encrypt(input.Take(32)); var actual2 = cipher.Encrypt(input.Take(32, 32)); @@ -78,7 +79,7 @@ public void AES_CTR_Decrypt_Should_Preserve_Cipher_Stream_State() 0xbc, 0x89, 0x7a, 0x22, 0x42, 0x2c, 0xba, 0x8e, 0xd7, 0x15, 0x22, 0x41, 0xe4, 0xb5, 0x0b, 0xad, }; - var cipher = new AesCipher(key, (byte[])iv.Clone(), AesCipherMode.CTR, pkcs7Padding: false); + var cipher = new AesCtrCipher(key, (byte[])iv.Clone()); var actual1 = cipher.Decrypt(input.Take(32)); var actual2 = cipher.Decrypt(input.Take(32, 32)); @@ -115,11 +116,11 @@ public void AES_CTR_IV_Overflow() 0xfd, 0x34, 0xc5, 0x81, 0xfa, 0xb9, 0xe3, 0xc4, 0x10, 0xed, 0x06, 0x6e, 0x91, 0x5e, 0xfc, 0x47, }; - var actual = new AesCipher(key, (byte[])iv.Clone(), AesCipherMode.CTR, pkcs7Padding: false).Encrypt(input); + var actual = new AesCtrCipher(key, (byte[])iv.Clone()).Encrypt(input); CollectionAssert.AreEqual(expected, actual); - var decrypted = new AesCipher(key, (byte[])iv.Clone(), AesCipherMode.CTR, pkcs7Padding: false).Decrypt(actual); + var decrypted = new AesCtrCipher(key, (byte[])iv.Clone()).Decrypt(actual); CollectionAssert.AreEqual(input, decrypted); } @@ -133,7 +134,7 @@ public void Encrypt_InputAndOffsetAndLength_128_CBC() var key = new byte[] { 0xe4, 0x94, 0xf9, 0xb1, 0x00, 0x4f, 0x16, 0x2a, 0x80, 0x11, 0xea, 0x73, 0x0d, 0xb9, 0xbf, 0x64 }; var iv = new byte[] { 0x74, 0x8b, 0x4f, 0xe6, 0xc1, 0x29, 0xb3, 0x54, 0xec, 0x77, 0x92, 0xf3, 0x15, 0xa0, 0x41, 0xa8 }; var expected = new byte[] { 0x19, 0x7f, 0x80, 0xd8, 0xc9, 0x89, 0xc4, 0xa7, 0xc6, 0xc6, 0x3f, 0x9f, 0x1e, 0x00, 0x1f, 0x72, 0xa7, 0x5e, 0xde, 0x40, 0x88, 0xa2, 0x72, 0xf2, 0xed, 0x3f, 0x81, 0x45, 0xb6, 0xbd, 0x45, 0x87, 0x15, 0xa5, 0x10, 0x92, 0x4a, 0x37, 0x9e, 0xa9, 0x80, 0x1c, 0x14, 0x83, 0xa3, 0x39, 0x45, 0x28 }; - var testCipher = new AesCipher(key, (byte[])iv.Clone(), AesCipherMode.CBC, pkcs7Padding: false); + var testCipher = new AesCipher(key, (byte[])iv.Clone(), CipherMode.CBC, pkcs7Padding: false); var actual = testCipher.Encrypt(input, 2, input.Length - 5); @@ -147,7 +148,7 @@ public void Encrypt_Input_128_CTR() var key = new byte[] { 0x17, 0x78, 0x56, 0xe1, 0x3e, 0xbd, 0x3e, 0x50, 0x1d, 0x79, 0x3f, 0x0f, 0x55, 0x37, 0x45, 0x54 }; var iv = new byte[] { 0xe6, 0x65, 0x36, 0x0d, 0xdd, 0xd7, 0x50, 0xc3, 0x48, 0xdb, 0x48, 0x07, 0xa1, 0x30, 0xd2, 0x38 }; var expected = new byte[] { 0xca, 0xfb, 0x1c, 0x49, 0xbf, 0x82, 0x2a, 0xbb, 0x1c, 0x52, 0xc7, 0x86, 0x22, 0x8a, 0xe5, 0xa4, 0xf3, 0xda, 0x4e, 0x1c, 0x3a, 0x87, 0x41, 0x1c, 0xd2, 0x6e, 0x76, 0xdc, 0xc2, 0xe9, 0xc2, 0x0e, 0xf5, 0xc7, 0xbd, 0x12, 0x85, 0xfa, 0x0e, 0xda, 0xee, 0x50, 0xd7, 0xfd, 0x81, 0x34, 0x25, 0x6d }; - var testCipher = new AesCipher(key, (byte[])iv.Clone(), AesCipherMode.CTR, pkcs7Padding: false); + var testCipher = new AesCtrCipher(key, (byte[])iv.Clone()); var actual = testCipher.Encrypt(input); @@ -161,7 +162,7 @@ public void Decrypt_Input_128_CTR() var iv = new byte[] { 0xe6, 0x65, 0x36, 0x0d, 0xdd, 0xd7, 0x50, 0xc3, 0x48, 0xdb, 0x48, 0x07, 0xa1, 0x30, 0xd2, 0x38 }; var input = new byte[] { 0xca, 0xfb, 0x1c, 0x49, 0xbf, 0x82, 0x2a, 0xbb, 0x1c, 0x52, 0xc7, 0x86, 0x22, 0x8a, 0xe5, 0xa4, 0xf3, 0xda, 0x4e, 0x1c, 0x3a, 0x87, 0x41, 0x1c, 0xd2, 0x6e, 0x76, 0xdc, 0xc2, 0xe9, 0xc2, 0x0e, 0xf5, 0xc7, 0xbd, 0x12, 0x85, 0xfa, 0x0e, 0xda, 0xee, 0x50, 0xd7, 0xfd, 0x81, 0x34, 0x25, 0x6d }; var expected = new byte[] { 0x00, 0x00, 0x00, 0x2c, 0x1a, 0x05, 0x00, 0x00, 0x00, 0x0c, 0x73, 0x73, 0x68, 0x2d, 0x75, 0x73, 0x65, 0x72, 0x61, 0x75, 0x74, 0x68, 0xb0, 0x74, 0x21, 0x87, 0x16, 0xb9, 0x69, 0x48, 0x33, 0xce, 0xb3, 0xe7, 0xdc, 0x3f, 0x50, 0xdc, 0xcc, 0xd5, 0x27, 0xb7, 0xfe, 0x7a, 0x78, 0x22, 0xae, 0xc8 }; - var testCipher = new AesCipher(key, (byte[])iv.Clone(), AesCipherMode.CTR, pkcs7Padding: false); + var testCipher = new AesCtrCipher(key, (byte[])iv.Clone()); var actual = testCipher.Decrypt(input); @@ -175,7 +176,7 @@ public void Decrypt_InputAndOffsetAndLength_128_CTR() var iv = new byte[] { 0xe6, 0x65, 0x36, 0x0d, 0xdd, 0xd7, 0x50, 0xc3, 0x48, 0xdb, 0x48, 0x07, 0xa1, 0x30, 0xd2, 0x38 }; var input = new byte[] { 0x0a, 0xca, 0xfb, 0x1c, 0x49, 0xbf, 0x82, 0x2a, 0xbb, 0x1c, 0x52, 0xc7, 0x86, 0x22, 0x8a, 0xe5, 0xa4, 0xf3, 0xda, 0x4e, 0x1c, 0x3a, 0x87, 0x41, 0x1c, 0xd2, 0x6e, 0x76, 0xdc, 0xc2, 0xe9, 0xc2, 0x0e, 0xf5, 0xc7, 0xbd, 0x12, 0x85, 0xfa, 0x0e, 0xda, 0xee, 0x50, 0xd7, 0xfd, 0x81, 0x34, 0x25, 0x6d, 0x0a, 0x05 }; var expected = new byte[] { 0x00, 0x00, 0x00, 0x2c, 0x1a, 0x05, 0x00, 0x00, 0x00, 0x0c, 0x73, 0x73, 0x68, 0x2d, 0x75, 0x73, 0x65, 0x72, 0x61, 0x75, 0x74, 0x68, 0xb0, 0x74, 0x21, 0x87, 0x16, 0xb9, 0x69, 0x48, 0x33, 0xce, 0xb3, 0xe7, 0xdc, 0x3f, 0x50, 0xdc, 0xcc, 0xd5, 0x27, 0xb7, 0xfe, 0x7a, 0x78, 0x22, 0xae, 0xc8 }; - var testCipher = new AesCipher(key, (byte[])iv.Clone(), AesCipherMode.CTR, pkcs7Padding: false); + var testCipher = new AesCtrCipher(key, (byte[])iv.Clone()); var actual = testCipher.Decrypt(input, 1, input.Length - 3); @@ -183,475 +184,6 @@ public void Decrypt_InputAndOffsetAndLength_128_CTR() } // All tests below this line were generated by the script in AesCipherTest.Gen.cs.txt - [TestMethod] - public void AES_ECB_128_Length16_NoPad() - { - var input = new byte[] - { - 0x03, 0xe1, 0xe1, 0xaa, 0xa5, 0xbc, 0xa1, 0x9f, 0xba, 0x8c, 0x42, 0x05, 0x8b, 0x4a, 0xbf, 0x28, - }; - var key = new byte[] - { - 0x96, 0x39, 0xec, 0x0d, 0xfc, 0x2d, 0xb2, 0x7c, 0xe9, 0x74, 0x8e, 0x5f, 0xb9, 0xf3, 0x99, 0xce, - }; - - // echo -n -e '\x03\xe1\xe1\xaa\xa5\xbc\xa1\x9f\xba\x8c\x42\x05\x8b\x4a\xbf\x28' | openssl enc -e -aes-128-ecb -K 9639EC0DFC2DB27CE9748E5FB9F399CE -nopad | hd - var expected = new byte[] - { - 0x9d, 0x55, 0x05, 0x4e, 0xe9, 0x50, 0xb5, 0x93, 0x50, 0x93, 0x69, 0x96, 0xa6, 0xdd, 0x1e, 0x15, - }; - - var actual = new AesCipher(key, iv: null, AesCipherMode.ECB, pkcs7Padding: false).Encrypt(input); - - CollectionAssert.AreEqual(expected, actual); - - var decrypted = new AesCipher(key, iv: null, AesCipherMode.ECB, pkcs7Padding: false).Decrypt(actual); - - CollectionAssert.AreEqual(input, decrypted); - } - - [TestMethod] - public void AES_ECB_128_Length16_Pad() - { - var input = new byte[] - { - 0x1a, 0xf1, 0x3a, 0x35, 0x8c, 0xca, 0x3f, 0xd6, 0x2f, 0x65, 0xc1, 0x31, 0x2d, 0x41, 0xe5, 0xc7, - }; - var key = new byte[] - { - 0xf3, 0x74, 0x23, 0x71, 0xed, 0x6d, 0x84, 0x79, 0x61, 0xd0, 0xf8, 0x6f, 0x7f, 0x0c, 0xcc, 0x86, - }; - - // echo -n -e '\x1a\xf1\x3a\x35\x8c\xca\x3f\xd6\x2f\x65\xc1\x31\x2d\x41\xe5\xc7' | openssl enc -e -aes-128-ecb -K F3742371ED6D847961D0F86F7F0CCC86 | hd - var expected = new byte[] - { - 0x98, 0xe4, 0x1f, 0x67, 0xe2, 0x4c, 0x0b, 0x7a, 0x73, 0x1e, 0x14, 0xd3, 0x04, 0x1e, 0xe7, 0x4e, - 0x5b, 0x27, 0x39, 0x52, 0x46, 0x1d, 0x16, 0x28, 0xc7, 0xec, 0x1f, 0x65, 0x7f, 0x67, 0x76, 0x70, - }; - - var actual = new AesCipher(key, iv: null, AesCipherMode.ECB, pkcs7Padding: true).Encrypt(input); - - CollectionAssert.AreEqual(expected, actual); - - var decrypted = new AesCipher(key, iv: null, AesCipherMode.ECB, pkcs7Padding: true).Decrypt(actual); - - CollectionAssert.AreEqual(input, decrypted); - } - - [TestMethod] - public void AES_ECB_128_Length35_Pad() - { - var input = new byte[] - { - 0xa7, 0xe6, 0xb3, 0x3b, 0x3f, 0x9c, 0x9e, 0xac, 0x6c, 0xc1, 0xd3, 0xbb, 0xd2, 0xd0, 0x57, 0x22, - 0x99, 0x3a, 0xc9, 0x2b, 0xfb, 0x1d, 0x0e, 0x8e, 0x31, 0x0c, 0x96, 0x68, 0x4c, 0x46, 0x1d, 0xbb, - 0xe1, 0x23, 0xc8, - }; - var key = new byte[] - { - 0x99, 0x59, 0x90, 0x47, 0xcb, 0x63, 0x99, 0x5b, 0xf7, 0x91, 0x87, 0x44, 0x09, 0x2e, 0xff, 0xa4, - }; - - // echo -n -e '\xa7\xe6\xb3\x3b\x3f\x9c\x9e\xac\x6c\xc1\xd3\xbb\xd2\xd0\x57\x22\x99\x3a\xc9\x2b\xfb\x1d\x0e\x8e\x31\x0c\x96\x68\x4c\x46\x1d\xbb\xe1\x23\xc8' | openssl enc -e -aes-128-ecb -K 99599047CB63995BF7918744092EFFA4 | hd - var expected = new byte[] - { - 0x11, 0x02, 0x21, 0xec, 0xd6, 0x55, 0x22, 0x24, 0x8f, 0x64, 0xb5, 0x89, 0xc3, 0x4e, 0x8a, 0x18, - 0x6d, 0xf6, 0x39, 0x72, 0xae, 0x4d, 0x6e, 0x3f, 0xf7, 0x30, 0x88, 0xa7, 0xd7, 0xa6, 0x23, 0xed, - 0xb1, 0xe2, 0x80, 0xcc, 0x21, 0x98, 0xa1, 0x26, 0x28, 0xac, 0x0b, 0x61, 0x19, 0x9d, 0xda, 0xaa, - }; - - var actual = new AesCipher(key, iv: null, AesCipherMode.ECB, pkcs7Padding: true).Encrypt(input); - - CollectionAssert.AreEqual(expected, actual); - - var decrypted = new AesCipher(key, iv: null, AesCipherMode.ECB, pkcs7Padding: true).Decrypt(actual); - - CollectionAssert.AreEqual(input, decrypted); - } - - [TestMethod] - public void AES_ECB_128_Length64_NoPad() - { - var input = new byte[] - { - 0xaf, 0x08, 0xbe, 0xc9, 0x08, 0xf3, 0xfe, 0xc7, 0x61, 0xc2, 0x17, 0xfd, 0xaa, 0xc7, 0x8d, 0x3a, - 0x4c, 0xa2, 0xfb, 0xde, 0x1e, 0x49, 0x3e, 0xc1, 0x34, 0x86, 0x14, 0xc6, 0x2d, 0x39, 0x35, 0x52, - 0x79, 0xad, 0x95, 0x01, 0x6f, 0x36, 0x9b, 0x2e, 0xde, 0xfc, 0x77, 0xc7, 0xc0, 0x27, 0x60, 0x6b, - 0x78, 0xfc, 0x13, 0x83, 0xa8, 0x38, 0xbb, 0x65, 0xca, 0xfd, 0x94, 0x82, 0xde, 0x38, 0x99, 0x28, - }; - var key = new byte[] - { - 0x8c, 0xc4, 0x84, 0xfd, 0x32, 0x8c, 0xca, 0x16, 0x06, 0xcc, 0x00, 0x22, 0xd2, 0x76, 0x00, 0x0d, - }; - - // echo -n -e '\xaf\x08\xbe\xc9\x08\xf3\xfe\xc7\x61\xc2\x17\xfd\xaa\xc7\x8d\x3a\x4c\xa2\xfb\xde\x1e\x49\x3e\xc1\x34\x86\x14\xc6\x2d\x39\x35\x52\x79\xad\x95\x01\x6f\x36\x9b\x2e\xde\xfc\x77\xc7\xc0\x27\x60\x6b\x78\xfc\x13\x83\xa8\x38\xbb\x65\xca\xfd\x94\x82\xde\x38\x99\x28' | openssl enc -e -aes-128-ecb -K 8CC484FD328CCA1606CC0022D276000D -nopad | hd - var expected = new byte[] - { - 0x10, 0xd6, 0x91, 0xf1, 0x57, 0x19, 0xf5, 0x64, 0x28, 0x15, 0xcc, 0xfe, 0x65, 0x6c, 0x65, 0xca, - 0x1b, 0x93, 0xe2, 0xfd, 0xfc, 0x0b, 0x1d, 0xe5, 0x94, 0x08, 0xb4, 0xd8, 0x8a, 0x0a, 0x38, 0xb7, - 0x3a, 0x8d, 0x4c, 0x6b, 0x80, 0x18, 0x61, 0xb8, 0x97, 0x02, 0x63, 0xcc, 0xe1, 0x98, 0xf3, 0xe4, - 0x5a, 0xf4, 0xf8, 0x16, 0xc6, 0xf2, 0xdd, 0x6d, 0x51, 0x4d, 0x42, 0xa9, 0x59, 0xdc, 0xb2, 0x01, - }; - - var actual = new AesCipher(key, iv: null, AesCipherMode.ECB, pkcs7Padding: false).Encrypt(input); - - CollectionAssert.AreEqual(expected, actual); - - var decrypted = new AesCipher(key, iv: null, AesCipherMode.ECB, pkcs7Padding: false).Decrypt(actual); - - CollectionAssert.AreEqual(input, decrypted); - } - - [TestMethod] - public void AES_ECB_128_Length64_Pad() - { - var input = new byte[] - { - 0x62, 0x4f, 0x3b, 0xfb, 0xa3, 0x63, 0x38, 0xec, 0x32, 0xfd, 0x7d, 0xdb, 0x38, 0x99, 0x93, 0x53, - 0xfc, 0x86, 0x5d, 0x35, 0xe9, 0x68, 0x02, 0xda, 0x1a, 0x43, 0x0b, 0x02, 0x55, 0x57, 0x74, 0xed, - 0x7d, 0x5a, 0xbf, 0x82, 0x3b, 0x05, 0x6a, 0xc2, 0x70, 0x62, 0xff, 0x28, 0x34, 0xce, 0x08, 0x58, - 0x9c, 0xe3, 0x76, 0x1b, 0xbb, 0x1a, 0xbc, 0xf9, 0x4c, 0x60, 0xe1, 0x5f, 0x57, 0x35, 0x96, 0xda, - }; - var key = new byte[] - { - 0x89, 0x8f, 0x5e, 0xde, 0xd9, 0x10, 0x17, 0xf6, 0x1b, 0x9a, 0xc4, 0x87, 0x69, 0xda, 0xa5, 0x4b, - }; - - // echo -n -e '\x62\x4f\x3b\xfb\xa3\x63\x38\xec\x32\xfd\x7d\xdb\x38\x99\x93\x53\xfc\x86\x5d\x35\xe9\x68\x02\xda\x1a\x43\x0b\x02\x55\x57\x74\xed\x7d\x5a\xbf\x82\x3b\x05\x6a\xc2\x70\x62\xff\x28\x34\xce\x08\x58\x9c\xe3\x76\x1b\xbb\x1a\xbc\xf9\x4c\x60\xe1\x5f\x57\x35\x96\xda' | openssl enc -e -aes-128-ecb -K 898F5EDED91017F61B9AC48769DAA54B | hd - var expected = new byte[] - { - 0x32, 0x60, 0x39, 0xf6, 0x08, 0xc9, 0xd4, 0xed, 0x52, 0xca, 0x50, 0x4e, 0xaa, 0x09, 0x8c, 0x82, - 0x40, 0xe3, 0xe6, 0x06, 0x35, 0xa8, 0xd4, 0xae, 0xdb, 0xa3, 0xb8, 0x8a, 0xf3, 0xb6, 0x21, 0x8e, - 0x77, 0xad, 0xdb, 0x3c, 0xca, 0x06, 0xff, 0x50, 0xa7, 0x87, 0x35, 0xf7, 0x22, 0xd8, 0x39, 0x51, - 0x31, 0x06, 0x1f, 0x6d, 0x63, 0x9b, 0x0f, 0xe6, 0xc0, 0xc6, 0x22, 0x08, 0xff, 0x87, 0xaf, 0xbb, - 0x3d, 0xc3, 0x0b, 0x2e, 0x7b, 0xd4, 0x20, 0x23, 0xb4, 0xb9, 0x2e, 0x07, 0x73, 0x37, 0x92, 0x80, - }; - - var actual = new AesCipher(key, iv: null, AesCipherMode.ECB, pkcs7Padding: true).Encrypt(input); - - CollectionAssert.AreEqual(expected, actual); - - var decrypted = new AesCipher(key, iv: null, AesCipherMode.ECB, pkcs7Padding: true).Decrypt(actual); - - CollectionAssert.AreEqual(input, decrypted); - } - - [TestMethod] - public void AES_ECB_192_Length16_NoPad() - { - var input = new byte[] - { - 0xcb, 0x24, 0x9f, 0xa4, 0x6f, 0x29, 0x7e, 0x8b, 0xcb, 0x7f, 0xff, 0x21, 0x56, 0x34, 0x90, 0x72, - }; - var key = new byte[] - { - 0xba, 0x95, 0x23, 0xa3, 0xcf, 0x25, 0xfa, 0x30, 0x5e, 0xfc, 0x40, 0x13, 0xda, 0x3d, 0xd3, 0x10, - 0x2f, 0x89, 0xbc, 0x44, 0x3a, 0x01, 0xdb, 0x11, - }; - - // echo -n -e '\xcb\x24\x9f\xa4\x6f\x29\x7e\x8b\xcb\x7f\xff\x21\x56\x34\x90\x72' | openssl enc -e -aes-192-ecb -K BA9523A3CF25FA305EFC4013DA3DD3102F89BC443A01DB11 -nopad | hd - var expected = new byte[] - { - 0x6b, 0x19, 0xbc, 0x1a, 0xe8, 0xf5, 0x3c, 0x9a, 0xbb, 0xaf, 0xb2, 0x28, 0xe1, 0x99, 0xd4, 0x81, - }; - - var actual = new AesCipher(key, iv: null, AesCipherMode.ECB, pkcs7Padding: false).Encrypt(input); - - CollectionAssert.AreEqual(expected, actual); - - var decrypted = new AesCipher(key, iv: null, AesCipherMode.ECB, pkcs7Padding: false).Decrypt(actual); - - CollectionAssert.AreEqual(input, decrypted); - } - - [TestMethod] - public void AES_ECB_192_Length16_Pad() - { - var input = new byte[] - { - 0x2a, 0x6f, 0x46, 0x73, 0xe9, 0x6b, 0xb1, 0x8e, 0xac, 0xef, 0xf1, 0xcc, 0x78, 0x4b, 0x38, 0xb9, - }; - var key = new byte[] - { - 0xba, 0x12, 0x6e, 0xf4, 0x7f, 0x99, 0xd7, 0x4d, 0xef, 0xd7, 0xdd, 0x16, 0x1d, 0x45, 0x29, 0x67, - 0x1d, 0x16, 0x1a, 0xcb, 0xba, 0x67, 0x28, 0xc9, - }; - - // echo -n -e '\x2a\x6f\x46\x73\xe9\x6b\xb1\x8e\xac\xef\xf1\xcc\x78\x4b\x38\xb9' | openssl enc -e -aes-192-ecb -K BA126EF47F99D74DEFD7DD161D4529671D161ACBBA6728C9 | hd - var expected = new byte[] - { - 0x58, 0xfc, 0x36, 0xd8, 0xc1, 0x97, 0x8e, 0x7a, 0x1a, 0x77, 0xcf, 0x2f, 0xa1, 0x9b, 0x7b, 0x0b, - 0x95, 0x9a, 0x5d, 0x23, 0x23, 0x58, 0x25, 0x2d, 0x5f, 0x33, 0xc1, 0x9e, 0x6b, 0x68, 0xa2, 0x1e, - }; - - var actual = new AesCipher(key, iv: null, AesCipherMode.ECB, pkcs7Padding: true).Encrypt(input); - - CollectionAssert.AreEqual(expected, actual); - - var decrypted = new AesCipher(key, iv: null, AesCipherMode.ECB, pkcs7Padding: true).Decrypt(actual); - - CollectionAssert.AreEqual(input, decrypted); - } - - [TestMethod] - public void AES_ECB_192_Length35_Pad() - { - var input = new byte[] - { - 0x97, 0xf9, 0x84, 0x12, 0x8e, 0x9b, 0x71, 0x66, 0xc6, 0x8a, 0xaf, 0x61, 0x31, 0x6c, 0xff, 0x52, - 0xea, 0xa5, 0xcb, 0x68, 0xe4, 0x6e, 0x2e, 0xb0, 0xe6, 0xf3, 0x8a, 0xb7, 0x72, 0x53, 0x0e, 0xa6, - 0xf0, 0x89, 0x33, - }; - var key = new byte[] - { - 0xc1, 0xe3, 0x16, 0x3b, 0x8d, 0xa6, 0x4d, 0xa3, 0x94, 0x8f, 0x8f, 0xb8, 0x1f, 0x66, 0x81, 0xeb, - 0xb3, 0xab, 0xbe, 0xac, 0x29, 0xca, 0xd3, 0x2b, - }; - - // echo -n -e '\x97\xf9\x84\x12\x8e\x9b\x71\x66\xc6\x8a\xaf\x61\x31\x6c\xff\x52\xea\xa5\xcb\x68\xe4\x6e\x2e\xb0\xe6\xf3\x8a\xb7\x72\x53\x0e\xa6\xf0\x89\x33' | openssl enc -e -aes-192-ecb -K C1E3163B8DA64DA3948F8FB81F6681EBB3ABBEAC29CAD32B | hd - var expected = new byte[] - { - 0xb3, 0x36, 0x3c, 0x9a, 0x84, 0x76, 0xa5, 0x0e, 0x4c, 0xed, 0x54, 0xbd, 0x33, 0x5b, 0x15, 0xfc, - 0x1d, 0x4f, 0x3b, 0x64, 0x99, 0x9a, 0xfb, 0xc7, 0x4d, 0xe1, 0x91, 0xe0, 0x4e, 0x8d, 0x1e, 0x51, - 0x40, 0xae, 0x13, 0xd6, 0xc1, 0xfc, 0x2b, 0xc0, 0xa0, 0x90, 0x9a, 0xfb, 0x96, 0xc7, 0xa0, 0x16, - }; - - var actual = new AesCipher(key, iv: null, AesCipherMode.ECB, pkcs7Padding: true).Encrypt(input); - - CollectionAssert.AreEqual(expected, actual); - - var decrypted = new AesCipher(key, iv: null, AesCipherMode.ECB, pkcs7Padding: true).Decrypt(actual); - - CollectionAssert.AreEqual(input, decrypted); - } - - [TestMethod] - public void AES_ECB_192_Length64_NoPad() - { - var input = new byte[] - { - 0x96, 0xca, 0x9a, 0x20, 0x56, 0x3a, 0x6b, 0x50, 0xf0, 0x68, 0x5b, 0xfa, 0x32, 0xdc, 0x0a, 0xf6, - 0x10, 0xea, 0xa0, 0x7c, 0xec, 0x58, 0x30, 0x19, 0x86, 0x1f, 0x10, 0xe6, 0x28, 0x12, 0x17, 0x49, - 0x6c, 0xfc, 0x15, 0x5e, 0x30, 0xb3, 0xd5, 0x5f, 0xa5, 0x69, 0x03, 0x09, 0x1f, 0x0e, 0x3e, 0xcb, - 0x2e, 0x47, 0x5e, 0xe9, 0xc8, 0xc2, 0xd5, 0x3e, 0x9a, 0x80, 0x9a, 0x37, 0x2a, 0x85, 0x28, 0xdd, - }; - var key = new byte[] - { - 0x51, 0x11, 0x8d, 0x36, 0xc6, 0xab, 0xc6, 0x5c, 0x14, 0x41, 0xd7, 0x82, 0x55, 0x26, 0xf9, 0x77, - 0xe0, 0x44, 0xb7, 0xe0, 0xb4, 0x2d, 0x80, 0xaa, - }; - - // echo -n -e '\x96\xca\x9a\x20\x56\x3a\x6b\x50\xf0\x68\x5b\xfa\x32\xdc\x0a\xf6\x10\xea\xa0\x7c\xec\x58\x30\x19\x86\x1f\x10\xe6\x28\x12\x17\x49\x6c\xfc\x15\x5e\x30\xb3\xd5\x5f\xa5\x69\x03\x09\x1f\x0e\x3e\xcb\x2e\x47\x5e\xe9\xc8\xc2\xd5\x3e\x9a\x80\x9a\x37\x2a\x85\x28\xdd' | openssl enc -e -aes-192-ecb -K 51118D36C6ABC65C1441D7825526F977E044B7E0B42D80AA -nopad | hd - var expected = new byte[] - { - 0xf8, 0xa6, 0xb9, 0xe9, 0x34, 0x48, 0x9c, 0x57, 0x4a, 0x88, 0xf7, 0x06, 0xe7, 0xb4, 0xca, 0xdd, - 0xb6, 0x14, 0xdb, 0x1e, 0x01, 0x15, 0xa3, 0x40, 0xaf, 0xaf, 0xed, 0xb9, 0x7e, 0x19, 0x5f, 0x1e, - 0x82, 0x64, 0x20, 0x35, 0x23, 0xab, 0x82, 0x57, 0x26, 0x86, 0x60, 0x29, 0xbb, 0xa4, 0x8a, 0xc8, - 0xa5, 0xd7, 0x6e, 0x76, 0x4f, 0x45, 0xef, 0xfe, 0xb2, 0x9f, 0xbc, 0x96, 0xd5, 0x49, 0x55, 0x31, - }; - - var actual = new AesCipher(key, iv: null, AesCipherMode.ECB, pkcs7Padding: false).Encrypt(input); - - CollectionAssert.AreEqual(expected, actual); - - var decrypted = new AesCipher(key, iv: null, AesCipherMode.ECB, pkcs7Padding: false).Decrypt(actual); - - CollectionAssert.AreEqual(input, decrypted); - } - - [TestMethod] - public void AES_ECB_192_Length64_Pad() - { - var input = new byte[] - { - 0x81, 0x01, 0xd4, 0x87, 0xea, 0x53, 0xe8, 0x73, 0x87, 0x22, 0x56, 0xe6, 0xcd, 0x47, 0x29, 0x23, - 0x91, 0xe3, 0x0f, 0xee, 0xe7, 0x16, 0x43, 0x76, 0x0c, 0xb7, 0x41, 0x2f, 0x6e, 0xeb, 0xf6, 0xd8, - 0x3e, 0x35, 0x5f, 0xb3, 0x59, 0xf9, 0xbf, 0xd2, 0xee, 0x50, 0x28, 0xf6, 0x48, 0x4e, 0x52, 0xf9, - 0xfc, 0x94, 0x7c, 0x9e, 0xf8, 0x16, 0x9b, 0x6a, 0xbe, 0x5e, 0x7a, 0x33, 0x11, 0xb9, 0x04, 0x9b, - }; - var key = new byte[] - { - 0x2c, 0x7d, 0xa7, 0x98, 0xe7, 0x75, 0xca, 0x98, 0x23, 0x3c, 0x00, 0x96, 0xed, 0x4c, 0x2d, 0xbe, - 0x64, 0x47, 0x32, 0xda, 0x6f, 0x58, 0xe0, 0x28, - }; - - // echo -n -e '\x81\x01\xd4\x87\xea\x53\xe8\x73\x87\x22\x56\xe6\xcd\x47\x29\x23\x91\xe3\x0f\xee\xe7\x16\x43\x76\x0c\xb7\x41\x2f\x6e\xeb\xf6\xd8\x3e\x35\x5f\xb3\x59\xf9\xbf\xd2\xee\x50\x28\xf6\x48\x4e\x52\xf9\xfc\x94\x7c\x9e\xf8\x16\x9b\x6a\xbe\x5e\x7a\x33\x11\xb9\x04\x9b' | openssl enc -e -aes-192-ecb -K 2C7DA798E775CA98233C0096ED4C2DBE644732DA6F58E028 | hd - var expected = new byte[] - { - 0xdf, 0x78, 0xfe, 0x06, 0xa3, 0xb7, 0x43, 0x04, 0x43, 0xb6, 0x64, 0x45, 0x81, 0x08, 0x76, 0xd1, - 0xd1, 0x50, 0xb1, 0x15, 0x4e, 0xbe, 0x72, 0xd3, 0xa8, 0x4f, 0x57, 0xce, 0x2b, 0xa3, 0x8e, 0x43, - 0x16, 0xdc, 0xd3, 0xf3, 0x4b, 0xfe, 0x0c, 0x29, 0xd0, 0xce, 0x2c, 0x1d, 0x4d, 0xb0, 0x29, 0x11, - 0x07, 0x2c, 0x91, 0x70, 0xe0, 0xa9, 0xe3, 0x8f, 0x16, 0x12, 0xcb, 0x9a, 0x73, 0x06, 0xa9, 0x65, - 0xa0, 0xec, 0xa8, 0x7e, 0x68, 0xb7, 0x63, 0x7b, 0xc2, 0x5e, 0xc4, 0x33, 0xfa, 0xf2, 0x76, 0x83, - }; - - var actual = new AesCipher(key, iv: null, AesCipherMode.ECB, pkcs7Padding: true).Encrypt(input); - - CollectionAssert.AreEqual(expected, actual); - - var decrypted = new AesCipher(key, iv: null, AesCipherMode.ECB, pkcs7Padding: true).Decrypt(actual); - - CollectionAssert.AreEqual(input, decrypted); - } - - [TestMethod] - public void AES_ECB_256_Length16_NoPad() - { - var input = new byte[] - { - 0xca, 0xe3, 0x7a, 0xbb, 0x16, 0x04, 0x7c, 0x71, 0x30, 0xbc, 0xce, 0xc9, 0x86, 0x2a, 0x2b, 0xd4, - }; - var key = new byte[] - { - 0x9c, 0x7e, 0xfe, 0xf2, 0x80, 0xcf, 0x19, 0x96, 0x7b, 0xca, 0x4a, 0x60, 0x82, 0x62, 0x17, 0xaa, - 0x35, 0xab, 0x10, 0x8b, 0xdd, 0x25, 0x12, 0x95, 0x78, 0x83, 0xca, 0xc2, 0xbd, 0xf7, 0xae, 0x21, - }; - - // echo -n -e '\xca\xe3\x7a\xbb\x16\x04\x7c\x71\x30\xbc\xce\xc9\x86\x2a\x2b\xd4' | openssl enc -e -aes-256-ecb -K 9C7EFEF280CF19967BCA4A60826217AA35AB108BDD2512957883CAC2BDF7AE21 -nopad | hd - var expected = new byte[] - { - 0xf5, 0x94, 0x26, 0x13, 0x73, 0x7c, 0x20, 0xc4, 0xc4, 0xd3, 0x46, 0xb6, 0x0c, 0xd4, 0x29, 0xf2, - }; - - var actual = new AesCipher(key, iv: null, AesCipherMode.ECB, pkcs7Padding: false).Encrypt(input); - - CollectionAssert.AreEqual(expected, actual); - - var decrypted = new AesCipher(key, iv: null, AesCipherMode.ECB, pkcs7Padding: false).Decrypt(actual); - - CollectionAssert.AreEqual(input, decrypted); - } - - [TestMethod] - public void AES_ECB_256_Length16_Pad() - { - var input = new byte[] - { - 0xa4, 0x23, 0x94, 0xdb, 0x1a, 0x9f, 0xf7, 0x77, 0x6c, 0x69, 0x79, 0xfc, 0x05, 0x57, 0xd9, 0x84, - }; - var key = new byte[] - { - 0x1c, 0x29, 0xfe, 0x8c, 0x34, 0xef, 0xef, 0x15, 0xa4, 0x15, 0xc1, 0xf9, 0xe5, 0xc6, 0xdb, 0x5c, - 0x94, 0xfc, 0x1d, 0x99, 0x63, 0xd3, 0x06, 0xc2, 0xfe, 0xb7, 0xbb, 0x51, 0xa6, 0x09, 0xf4, 0x72, - }; - - // echo -n -e '\xa4\x23\x94\xdb\x1a\x9f\xf7\x77\x6c\x69\x79\xfc\x05\x57\xd9\x84' | openssl enc -e -aes-256-ecb -K 1C29FE8C34EFEF15A415C1F9E5C6DB5C94FC1D9963D306C2FEB7BB51A609F472 | hd - var expected = new byte[] - { - 0xbb, 0x82, 0xae, 0x6f, 0xb3, 0x48, 0xe5, 0x4c, 0xba, 0x04, 0x99, 0xb5, 0x00, 0xe4, 0x7f, 0xc4, - 0xbb, 0x89, 0x9c, 0xcb, 0x62, 0x32, 0x82, 0xb2, 0x58, 0xe2, 0x69, 0xd5, 0xce, 0x1d, 0xd0, 0xa9, - }; - - var actual = new AesCipher(key, iv: null, AesCipherMode.ECB, pkcs7Padding: true).Encrypt(input); - - CollectionAssert.AreEqual(expected, actual); - - var decrypted = new AesCipher(key, iv: null, AesCipherMode.ECB, pkcs7Padding: true).Decrypt(actual); - - CollectionAssert.AreEqual(input, decrypted); - } - - [TestMethod] - public void AES_ECB_256_Length35_Pad() - { - var input = new byte[] - { - 0x8d, 0x1d, 0x68, 0x08, 0x39, 0x40, 0x21, 0x48, 0x22, 0x3c, 0x8e, 0x7d, 0x33, 0x9e, 0x6f, 0x9b, - 0x21, 0x4f, 0xee, 0x2a, 0x96, 0x4a, 0x3e, 0x32, 0x63, 0x68, 0x65, 0xe4, 0x9c, 0x01, 0xe4, 0x00, - 0x26, 0x15, 0xc3, - }; - var key = new byte[] - { - 0x88, 0xa1, 0xeb, 0x38, 0xca, 0x99, 0xe6, 0x6e, 0xe2, 0xd4, 0x1c, 0x81, 0x96, 0x0f, 0x9b, 0xe3, - 0x8e, 0x0f, 0x66, 0x0f, 0x43, 0xdf, 0x36, 0xa5, 0xd1, 0xda, 0x3c, 0xac, 0x20, 0x57, 0x8d, 0x57, - }; - - // echo -n -e '\x8d\x1d\x68\x08\x39\x40\x21\x48\x22\x3c\x8e\x7d\x33\x9e\x6f\x9b\x21\x4f\xee\x2a\x96\x4a\x3e\x32\x63\x68\x65\xe4\x9c\x01\xe4\x00\x26\x15\xc3' | openssl enc -e -aes-256-ecb -K 88A1EB38CA99E66EE2D41C81960F9BE38E0F660F43DF36A5D1DA3CAC20578D57 | hd - var expected = new byte[] - { - 0x2b, 0xcf, 0xfe, 0xee, 0x2a, 0xd7, 0xb3, 0xcb, 0x87, 0x6d, 0xa3, 0xee, 0xab, 0xb8, 0x46, 0xe6, - 0xce, 0xe8, 0xa2, 0x30, 0x82, 0xa5, 0x6e, 0x8c, 0x82, 0xaf, 0x29, 0x1c, 0x73, 0xae, 0x8c, 0x01, - 0xe4, 0xd5, 0x5d, 0x03, 0x40, 0x5a, 0xd8, 0x91, 0x30, 0x89, 0xdf, 0xcf, 0x74, 0x54, 0x43, 0x31, - }; - - var actual = new AesCipher(key, iv: null, AesCipherMode.ECB, pkcs7Padding: true).Encrypt(input); - - CollectionAssert.AreEqual(expected, actual); - - var decrypted = new AesCipher(key, iv: null, AesCipherMode.ECB, pkcs7Padding: true).Decrypt(actual); - - CollectionAssert.AreEqual(input, decrypted); - } - - [TestMethod] - public void AES_ECB_256_Length64_NoPad() - { - var input = new byte[] - { - 0x00, 0x1e, 0x55, 0xf1, 0xbf, 0x05, 0x80, 0xa9, 0x6a, 0x46, 0x67, 0xef, 0x5c, 0x3a, 0x4e, 0x8a, - 0x46, 0xc5, 0x63, 0xbb, 0x28, 0xa1, 0xae, 0x78, 0xeb, 0xd4, 0x5f, 0x67, 0x82, 0xd8, 0x5e, 0xe9, - 0x0b, 0x67, 0xab, 0x02, 0x02, 0x9b, 0x97, 0x18, 0x59, 0x3c, 0x8e, 0xee, 0xae, 0x33, 0x34, 0x75, - 0x8d, 0xd2, 0x17, 0x82, 0x84, 0x13, 0xac, 0x5f, 0x6f, 0xdc, 0x06, 0xea, 0xa5, 0x18, 0x27, 0x92, - }; - var key = new byte[] - { - 0xe8, 0x7e, 0xe4, 0xf4, 0x8e, 0x4c, 0x87, 0xab, 0x2d, 0x4a, 0x61, 0xeb, 0x12, 0xc0, 0xca, 0xb7, - 0xa0, 0xea, 0xda, 0xb0, 0xc0, 0xdb, 0x65, 0xf8, 0xbb, 0x4c, 0x92, 0x26, 0x95, 0xac, 0x72, 0x41, - }; - - // echo -n -e '\x00\x1e\x55\xf1\xbf\x05\x80\xa9\x6a\x46\x67\xef\x5c\x3a\x4e\x8a\x46\xc5\x63\xbb\x28\xa1\xae\x78\xeb\xd4\x5f\x67\x82\xd8\x5e\xe9\x0b\x67\xab\x02\x02\x9b\x97\x18\x59\x3c\x8e\xee\xae\x33\x34\x75\x8d\xd2\x17\x82\x84\x13\xac\x5f\x6f\xdc\x06\xea\xa5\x18\x27\x92' | openssl enc -e -aes-256-ecb -K E87EE4F48E4C87AB2D4A61EB12C0CAB7A0EADAB0C0DB65F8BB4C922695AC7241 -nopad | hd - var expected = new byte[] - { - 0x7c, 0xac, 0x06, 0xc2, 0x81, 0xd5, 0x81, 0xe4, 0x79, 0x66, 0x29, 0x0c, 0xee, 0x2a, 0xd5, 0x1a, - 0xef, 0xb4, 0xc2, 0x7f, 0x57, 0x7e, 0x9b, 0x21, 0x23, 0x78, 0xec, 0x33, 0x42, 0x16, 0x48, 0x5a, - 0xd6, 0x41, 0xef, 0x08, 0xe7, 0x0a, 0xf2, 0x0e, 0xf1, 0x91, 0x26, 0x01, 0x2c, 0xc7, 0x2a, 0x2f, - 0x4e, 0xd4, 0xc2, 0x5d, 0x32, 0x33, 0x1a, 0xb0, 0x12, 0xa7, 0x60, 0x31, 0x6a, 0xed, 0xa2, 0x2b, - }; - - var actual = new AesCipher(key, iv: null, AesCipherMode.ECB, pkcs7Padding: false).Encrypt(input); - - CollectionAssert.AreEqual(expected, actual); - - var decrypted = new AesCipher(key, iv: null, AesCipherMode.ECB, pkcs7Padding: false).Decrypt(actual); - - CollectionAssert.AreEqual(input, decrypted); - } - - [TestMethod] - public void AES_ECB_256_Length64_Pad() - { - var input = new byte[] - { - 0x11, 0x4e, 0x4a, 0xbb, 0x3e, 0x76, 0xd2, 0x0c, 0x18, 0xeb, 0x39, 0x42, 0xb9, 0x61, 0x15, 0x81, - 0xd7, 0x20, 0xd6, 0x16, 0xba, 0x9a, 0x67, 0x60, 0x04, 0x9a, 0x66, 0x55, 0x87, 0x2c, 0x46, 0xfa, - 0xff, 0xe3, 0x14, 0x47, 0x62, 0xb7, 0x03, 0x9f, 0x29, 0xf9, 0x18, 0x63, 0x06, 0xa3, 0x86, 0xe9, - 0x55, 0xd3, 0x62, 0x90, 0xea, 0x36, 0xf4, 0x77, 0xe6, 0xea, 0xb7, 0xa4, 0x10, 0x7c, 0x85, 0xec, - }; - var key = new byte[] - { - 0xa5, 0x3e, 0x43, 0xd6, 0x4d, 0xce, 0x1f, 0x1f, 0x1d, 0x37, 0xec, 0xc0, 0x82, 0x03, 0x5a, 0x60, - 0x13, 0x7c, 0xff, 0xb3, 0xc9, 0xb5, 0x10, 0xc9, 0xee, 0x9c, 0x60, 0x77, 0x00, 0x5f, 0x8e, 0xac, - }; - - // echo -n -e '\x11\x4e\x4a\xbb\x3e\x76\xd2\x0c\x18\xeb\x39\x42\xb9\x61\x15\x81\xd7\x20\xd6\x16\xba\x9a\x67\x60\x04\x9a\x66\x55\x87\x2c\x46\xfa\xff\xe3\x14\x47\x62\xb7\x03\x9f\x29\xf9\x18\x63\x06\xa3\x86\xe9\x55\xd3\x62\x90\xea\x36\xf4\x77\xe6\xea\xb7\xa4\x10\x7c\x85\xec' | openssl enc -e -aes-256-ecb -K A53E43D64DCE1F1F1D37ECC082035A60137CFFB3C9B510C9EE9C6077005F8EAC | hd - var expected = new byte[] - { - 0x2c, 0xa4, 0x8d, 0x68, 0xc0, 0xf9, 0x7d, 0xc2, 0xb3, 0xe3, 0xe4, 0xf2, 0x0c, 0x06, 0x39, 0x49, - 0x51, 0xd1, 0x6b, 0x3f, 0x54, 0xb5, 0x85, 0x66, 0x09, 0x27, 0x24, 0x76, 0x24, 0x5e, 0x5d, 0x75, - 0xfe, 0xcf, 0x8d, 0x06, 0xdc, 0x39, 0xb8, 0x4a, 0x34, 0xfe, 0x3e, 0x20, 0x8b, 0xdb, 0xfd, 0x56, - 0x9e, 0x20, 0xf2, 0x95, 0xd7, 0xd2, 0xfe, 0x31, 0xb0, 0x5e, 0x7e, 0x7d, 0x41, 0x13, 0xc1, 0x09, - 0x62, 0xa7, 0x55, 0xf1, 0xc7, 0x6a, 0x0d, 0xb6, 0x67, 0xee, 0x09, 0xcc, 0xae, 0xe8, 0x13, 0x0f, - }; - - var actual = new AesCipher(key, iv: null, AesCipherMode.ECB, pkcs7Padding: true).Encrypt(input); - - CollectionAssert.AreEqual(expected, actual); - - var decrypted = new AesCipher(key, iv: null, AesCipherMode.ECB, pkcs7Padding: true).Decrypt(actual); - - CollectionAssert.AreEqual(input, decrypted); - } - [TestMethod] public void AES_CBC_128_Length16_NoPad() { @@ -674,11 +206,11 @@ public void AES_CBC_128_Length16_NoPad() 0xbd, 0x17, 0x7d, 0x43, 0xf9, 0x66, 0x21, 0xf3, 0x3f, 0xc1, 0x89, 0xd7, 0x8d, 0x11, 0xf0, 0x52, }; - var actual = new AesCipher(key, (byte[])iv.Clone(), AesCipherMode.CBC, pkcs7Padding: false).Encrypt(input); + var actual = new AesCipher(key, (byte[])iv.Clone(), CipherMode.CBC, pkcs7Padding: false).Encrypt(input); CollectionAssert.AreEqual(expected, actual); - var decrypted = new AesCipher(key, (byte[])iv.Clone(), AesCipherMode.CBC, pkcs7Padding: false).Decrypt(actual); + var decrypted = new AesCipher(key, (byte[])iv.Clone(), CipherMode.CBC, pkcs7Padding: false).Decrypt(actual); CollectionAssert.AreEqual(input, decrypted); } @@ -706,11 +238,11 @@ public void AES_CBC_128_Length16_Pad() 0x97, 0xb2, 0xf2, 0xbf, 0xde, 0x3e, 0x6b, 0xee, 0x78, 0xf5, 0x77, 0xc9, 0x1a, 0x56, 0x01, 0x56, }; - var actual = new AesCipher(key, (byte[])iv.Clone(), AesCipherMode.CBC, pkcs7Padding: true).Encrypt(input); + var actual = new AesCipher(key, (byte[])iv.Clone(), CipherMode.CBC, pkcs7Padding: true).Encrypt(input); CollectionAssert.AreEqual(expected, actual); - var decrypted = new AesCipher(key, (byte[])iv.Clone(), AesCipherMode.CBC, pkcs7Padding: true).Decrypt(actual); + var decrypted = new AesCipher(key, (byte[])iv.Clone(), CipherMode.CBC, pkcs7Padding: true).Decrypt(actual); CollectionAssert.AreEqual(input, decrypted); } @@ -741,11 +273,11 @@ public void AES_CBC_128_Length35_Pad() 0xc8, 0x60, 0x05, 0xde, 0x81, 0xe4, 0xc6, 0xcd, 0x31, 0x7f, 0x9e, 0x5d, 0x4b, 0x03, 0x5f, 0x71, }; - var actual = new AesCipher(key, (byte[])iv.Clone(), AesCipherMode.CBC, pkcs7Padding: true).Encrypt(input); + var actual = new AesCipher(key, (byte[])iv.Clone(), CipherMode.CBC, pkcs7Padding: true).Encrypt(input); CollectionAssert.AreEqual(expected, actual); - var decrypted = new AesCipher(key, (byte[])iv.Clone(), AesCipherMode.CBC, pkcs7Padding: true).Decrypt(actual); + var decrypted = new AesCipher(key, (byte[])iv.Clone(), CipherMode.CBC, pkcs7Padding: true).Decrypt(actual); CollectionAssert.AreEqual(input, decrypted); } @@ -778,11 +310,11 @@ public void AES_CBC_128_Length64_NoPad() 0xe9, 0x40, 0x33, 0xc1, 0x3f, 0xb8, 0xf6, 0x69, 0x6b, 0x78, 0xaf, 0x4f, 0x58, 0x4c, 0xe6, 0x74, }; - var actual = new AesCipher(key, (byte[])iv.Clone(), AesCipherMode.CBC, pkcs7Padding: false).Encrypt(input); + var actual = new AesCipher(key, (byte[])iv.Clone(), CipherMode.CBC, pkcs7Padding: false).Encrypt(input); CollectionAssert.AreEqual(expected, actual); - var decrypted = new AesCipher(key, (byte[])iv.Clone(), AesCipherMode.CBC, pkcs7Padding: false).Decrypt(actual); + var decrypted = new AesCipher(key, (byte[])iv.Clone(), CipherMode.CBC, pkcs7Padding: false).Decrypt(actual); CollectionAssert.AreEqual(input, decrypted); } @@ -816,11 +348,11 @@ public void AES_CBC_128_Length64_Pad() 0xb4, 0x20, 0xcb, 0xb8, 0xb1, 0x7f, 0x0c, 0xf6, 0x17, 0x00, 0x0d, 0xde, 0x41, 0x46, 0x14, 0xae, }; - var actual = new AesCipher(key, (byte[])iv.Clone(), AesCipherMode.CBC, pkcs7Padding: true).Encrypt(input); + var actual = new AesCipher(key, (byte[])iv.Clone(), CipherMode.CBC, pkcs7Padding: true).Encrypt(input); CollectionAssert.AreEqual(expected, actual); - var decrypted = new AesCipher(key, (byte[])iv.Clone(), AesCipherMode.CBC, pkcs7Padding: true).Decrypt(actual); + var decrypted = new AesCipher(key, (byte[])iv.Clone(), CipherMode.CBC, pkcs7Padding: true).Decrypt(actual); CollectionAssert.AreEqual(input, decrypted); } @@ -848,11 +380,11 @@ public void AES_CBC_192_Length16_NoPad() 0x1f, 0x5a, 0xe4, 0x2d, 0x8b, 0x65, 0x70, 0x71, 0x26, 0x25, 0x3e, 0x46, 0x54, 0x3a, 0x99, 0x93, }; - var actual = new AesCipher(key, (byte[])iv.Clone(), AesCipherMode.CBC, pkcs7Padding: false).Encrypt(input); + var actual = new AesCipher(key, (byte[])iv.Clone(), CipherMode.CBC, pkcs7Padding: false).Encrypt(input); CollectionAssert.AreEqual(expected, actual); - var decrypted = new AesCipher(key, (byte[])iv.Clone(), AesCipherMode.CBC, pkcs7Padding: false).Decrypt(actual); + var decrypted = new AesCipher(key, (byte[])iv.Clone(), CipherMode.CBC, pkcs7Padding: false).Decrypt(actual); CollectionAssert.AreEqual(input, decrypted); } @@ -881,11 +413,11 @@ public void AES_CBC_192_Length16_Pad() 0x26, 0xac, 0x95, 0x24, 0xb5, 0x20, 0x37, 0x0b, 0x38, 0x72, 0x02, 0x19, 0x46, 0xfc, 0x63, 0xc7, }; - var actual = new AesCipher(key, (byte[])iv.Clone(), AesCipherMode.CBC, pkcs7Padding: true).Encrypt(input); + var actual = new AesCipher(key, (byte[])iv.Clone(), CipherMode.CBC, pkcs7Padding: true).Encrypt(input); CollectionAssert.AreEqual(expected, actual); - var decrypted = new AesCipher(key, (byte[])iv.Clone(), AesCipherMode.CBC, pkcs7Padding: true).Decrypt(actual); + var decrypted = new AesCipher(key, (byte[])iv.Clone(), CipherMode.CBC, pkcs7Padding: true).Decrypt(actual); CollectionAssert.AreEqual(input, decrypted); } @@ -917,11 +449,11 @@ public void AES_CBC_192_Length35_Pad() 0x10, 0x33, 0xf9, 0xe5, 0x3c, 0x5e, 0x35, 0x63, 0x5f, 0xbd, 0x35, 0x30, 0xbf, 0x9d, 0x1f, 0x9f, }; - var actual = new AesCipher(key, (byte[])iv.Clone(), AesCipherMode.CBC, pkcs7Padding: true).Encrypt(input); + var actual = new AesCipher(key, (byte[])iv.Clone(), CipherMode.CBC, pkcs7Padding: true).Encrypt(input); CollectionAssert.AreEqual(expected, actual); - var decrypted = new AesCipher(key, (byte[])iv.Clone(), AesCipherMode.CBC, pkcs7Padding: true).Decrypt(actual); + var decrypted = new AesCipher(key, (byte[])iv.Clone(), CipherMode.CBC, pkcs7Padding: true).Decrypt(actual); CollectionAssert.AreEqual(input, decrypted); } @@ -955,11 +487,11 @@ public void AES_CBC_192_Length64_NoPad() 0x8a, 0x64, 0x2a, 0x96, 0x82, 0xaa, 0xac, 0x8e, 0x88, 0x63, 0x28, 0x52, 0x5a, 0xfa, 0x8a, 0x5d, }; - var actual = new AesCipher(key, (byte[])iv.Clone(), AesCipherMode.CBC, pkcs7Padding: false).Encrypt(input); + var actual = new AesCipher(key, (byte[])iv.Clone(), CipherMode.CBC, pkcs7Padding: false).Encrypt(input); CollectionAssert.AreEqual(expected, actual); - var decrypted = new AesCipher(key, (byte[])iv.Clone(), AesCipherMode.CBC, pkcs7Padding: false).Decrypt(actual); + var decrypted = new AesCipher(key, (byte[])iv.Clone(), CipherMode.CBC, pkcs7Padding: false).Decrypt(actual); CollectionAssert.AreEqual(input, decrypted); } @@ -994,11 +526,11 @@ public void AES_CBC_192_Length64_Pad() 0xe5, 0xa1, 0x39, 0x09, 0x9c, 0xdd, 0xea, 0x04, 0xb9, 0x60, 0x34, 0xbe, 0x65, 0x9c, 0x15, 0x98, }; - var actual = new AesCipher(key, (byte[])iv.Clone(), AesCipherMode.CBC, pkcs7Padding: true).Encrypt(input); + var actual = new AesCipher(key, (byte[])iv.Clone(), CipherMode.CBC, pkcs7Padding: true).Encrypt(input); CollectionAssert.AreEqual(expected, actual); - var decrypted = new AesCipher(key, (byte[])iv.Clone(), AesCipherMode.CBC, pkcs7Padding: true).Decrypt(actual); + var decrypted = new AesCipher(key, (byte[])iv.Clone(), CipherMode.CBC, pkcs7Padding: true).Decrypt(actual); CollectionAssert.AreEqual(input, decrypted); } @@ -1017,481 +549,166 @@ public void AES_CBC_256_Length16_NoPad() }; var iv = new byte[] { - 0xa4, 0x51, 0x86, 0x7e, 0xbe, 0x7f, 0x54, 0x24, 0x35, 0xd1, 0x67, 0xc1, 0x89, 0x68, 0x20, 0x1d, - }; - - // echo -n -e '\x8a\x09\x12\x86\xdb\xa3\x7f\x86\x7d\xaa\x88\xd9\x7c\x01\xc4\xb0' | openssl enc -e -aes-256-cbc -K 9945871C2365D3411F1A1A166560075A2E19DCF7BEB91DA426F5FA7D0A1C99C0 -iv A451867EBE7F542435D167C18968201D -nopad | hd - var expected = new byte[] - { - 0x3e, 0x7c, 0xdd, 0x13, 0x85, 0x57, 0x34, 0x61, 0xe6, 0x6e, 0xcd, 0x87, 0xd9, 0xaa, 0xf8, 0xe3, - }; - - var actual = new AesCipher(key, (byte[])iv.Clone(), AesCipherMode.CBC, pkcs7Padding: false).Encrypt(input); - - CollectionAssert.AreEqual(expected, actual); - - var decrypted = new AesCipher(key, (byte[])iv.Clone(), AesCipherMode.CBC, pkcs7Padding: false).Decrypt(actual); - - CollectionAssert.AreEqual(input, decrypted); - } - - [TestMethod] - public void AES_CBC_256_Length16_Pad() - { - var input = new byte[] - { - 0xa2, 0x2d, 0xab, 0x63, 0x25, 0xcc, 0xf1, 0xe0, 0x27, 0xe3, 0xf6, 0x2d, 0x6a, 0x56, 0x36, 0x03, - }; - var key = new byte[] - { - 0x81, 0x59, 0x72, 0x13, 0xd9, 0x89, 0x9c, 0xae, 0xc5, 0xb7, 0xc1, 0xec, 0x52, 0x5c, 0x1a, 0xbd, - 0xd4, 0xdd, 0xda, 0xdd, 0x70, 0x35, 0x9b, 0xd7, 0x5f, 0xa6, 0x56, 0xda, 0x89, 0x26, 0xba, 0xdf, - }; - var iv = new byte[] - { - 0x9a, 0x63, 0x3f, 0x2f, 0xf6, 0x0c, 0x43, 0x19, 0x90, 0xfc, 0x9d, 0x6d, 0x0a, 0x04, 0x8d, 0xcb, - }; - - // echo -n -e '\xa2\x2d\xab\x63\x25\xcc\xf1\xe0\x27\xe3\xf6\x2d\x6a\x56\x36\x03' | openssl enc -e -aes-256-cbc -K 81597213D9899CAEC5B7C1EC525C1ABDD4DDDADD70359BD75FA656DA8926BADF -iv 9A633F2FF60C431990FC9D6D0A048DCB | hd - var expected = new byte[] - { - 0xb3, 0x4b, 0xbb, 0x73, 0xa6, 0x1b, 0xb4, 0xdc, 0xfa, 0xb4, 0x02, 0xe2, 0x78, 0x72, 0x04, 0x9a, - 0x3e, 0x08, 0x87, 0x8c, 0xae, 0x30, 0xbc, 0x4f, 0x89, 0x16, 0x30, 0x42, 0x2a, 0xd9, 0xe6, 0xac, - }; - - var actual = new AesCipher(key, (byte[])iv.Clone(), AesCipherMode.CBC, pkcs7Padding: true).Encrypt(input); - - CollectionAssert.AreEqual(expected, actual); - - var decrypted = new AesCipher(key, (byte[])iv.Clone(), AesCipherMode.CBC, pkcs7Padding: true).Decrypt(actual); - - CollectionAssert.AreEqual(input, decrypted); - } - - [TestMethod] - public void AES_CBC_256_Length35_Pad() - { - var input = new byte[] - { - 0xc8, 0x38, 0x58, 0x8d, 0x7b, 0x59, 0x92, 0x4b, 0xbe, 0x9a, 0xb4, 0x33, 0x33, 0xc2, 0x25, 0x9f, - 0xfd, 0xe2, 0x52, 0xee, 0x1c, 0xeb, 0xc6, 0xc7, 0x99, 0xc1, 0x4d, 0x74, 0x98, 0x2e, 0xcc, 0x5a, - 0x18, 0x8a, 0x12, - }; - var key = new byte[] - { - 0x50, 0xcd, 0x2c, 0x63, 0x41, 0xd0, 0xf4, 0x71, 0x5b, 0x58, 0x0f, 0xe5, 0xce, 0xd7, 0xfd, 0x70, - 0x28, 0xb2, 0x9e, 0xae, 0xdc, 0x71, 0x91, 0xf3, 0xba, 0x0b, 0x1e, 0xb2, 0x8f, 0xce, 0x59, 0x1b, - }; - var iv = new byte[] - { - 0xa8, 0xaf, 0xd4, 0xd1, 0xd0, 0x7e, 0x11, 0x1e, 0x28, 0x7a, 0x6a, 0x6f, 0x89, 0xdb, 0x7f, 0x9d, - }; - - // echo -n -e '\xc8\x38\x58\x8d\x7b\x59\x92\x4b\xbe\x9a\xb4\x33\x33\xc2\x25\x9f\xfd\xe2\x52\xee\x1c\xeb\xc6\xc7\x99\xc1\x4d\x74\x98\x2e\xcc\x5a\x18\x8a\x12' | openssl enc -e -aes-256-cbc -K 50CD2C6341D0F4715B580FE5CED7FD7028B29EAEDC7191F3BA0B1EB28FCE591B -iv A8AFD4D1D07E111E287A6A6F89DB7F9D | hd - var expected = new byte[] - { - 0x26, 0x79, 0xc3, 0x69, 0xd9, 0x39, 0xaf, 0x83, 0xb4, 0x14, 0x17, 0x0a, 0x79, 0x4e, 0x2e, 0x02, - 0xa3, 0xb7, 0x68, 0x50, 0xfd, 0x05, 0x7b, 0xff, 0xe3, 0x74, 0x6f, 0x91, 0xec, 0x43, 0x5a, 0xf9, - 0x88, 0x46, 0x53, 0x42, 0x98, 0x69, 0x4b, 0x91, 0x9e, 0x5f, 0x69, 0x22, 0x58, 0xff, 0x48, 0xca, - }; - - var actual = new AesCipher(key, (byte[])iv.Clone(), AesCipherMode.CBC, pkcs7Padding: true).Encrypt(input); - - CollectionAssert.AreEqual(expected, actual); - - var decrypted = new AesCipher(key, (byte[])iv.Clone(), AesCipherMode.CBC, pkcs7Padding: true).Decrypt(actual); - - CollectionAssert.AreEqual(input, decrypted); - } - - [TestMethod] - public void AES_CBC_256_Length64_NoPad() - { - var input = new byte[] - { - 0x9a, 0xbd, 0xa3, 0xa8, 0x79, 0xdc, 0x36, 0xde, 0x3c, 0x38, 0xa9, 0x35, 0xb2, 0x41, 0xe1, 0x8d, - 0xff, 0xf4, 0x3d, 0x1e, 0x02, 0x2c, 0xa0, 0xaa, 0xa1, 0x80, 0x86, 0x61, 0x07, 0x21, 0x6a, 0xde, - 0x8c, 0x80, 0x17, 0xd1, 0x2a, 0xb1, 0xa1, 0xcc, 0x79, 0xf6, 0x95, 0x97, 0xd4, 0xdb, 0x6b, 0xe6, - 0x99, 0xdd, 0x70, 0x95, 0x9e, 0x60, 0x9b, 0x6e, 0x1d, 0xf8, 0x07, 0xf9, 0x55, 0xd4, 0xd7, 0x1a, - }; - var key = new byte[] - { - 0xce, 0xca, 0xa8, 0x31, 0x29, 0x0f, 0x63, 0x4d, 0x52, 0x71, 0xa5, 0x0c, 0x96, 0x08, 0xd6, 0xc5, - 0x14, 0xa0, 0xc8, 0x29, 0xb1, 0xd5, 0x40, 0x2c, 0xe5, 0xa9, 0xb4, 0x31, 0xa9, 0xa8, 0x76, 0xa5, - }; - var iv = new byte[] - { - 0x1e, 0x7a, 0xc8, 0x09, 0x32, 0x39, 0xbc, 0x89, 0x7a, 0x22, 0x42, 0x2c, 0xba, 0x8e, 0xd7, 0x15, - }; - - // echo -n -e '\x9a\xbd\xa3\xa8\x79\xdc\x36\xde\x3c\x38\xa9\x35\xb2\x41\xe1\x8d\xff\xf4\x3d\x1e\x02\x2c\xa0\xaa\xa1\x80\x86\x61\x07\x21\x6a\xde\x8c\x80\x17\xd1\x2a\xb1\xa1\xcc\x79\xf6\x95\x97\xd4\xdb\x6b\xe6\x99\xdd\x70\x95\x9e\x60\x9b\x6e\x1d\xf8\x07\xf9\x55\xd4\xd7\x1a' | openssl enc -e -aes-256-cbc -K CECAA831290F634D5271A50C9608D6C514A0C829B1D5402CE5A9B431A9A876A5 -iv 1E7AC8093239BC897A22422CBA8ED715 -nopad | hd - var expected = new byte[] - { - 0xde, 0xdc, 0xe6, 0x24, 0xcb, 0xa0, 0x97, 0x6b, 0xe4, 0x2d, 0x38, 0xc2, 0xa0, 0x56, 0x3b, 0x38, - 0xe8, 0x34, 0x9c, 0x9c, 0x10, 0x01, 0x72, 0x4e, 0xae, 0xcf, 0x2a, 0x98, 0x75, 0x2d, 0xee, 0xbd, - 0x42, 0xe8, 0x17, 0x85, 0x23, 0x1e, 0xf7, 0xf9, 0x9f, 0x2e, 0x4f, 0xaa, 0x18, 0x1b, 0x01, 0xf7, - 0xfe, 0xa4, 0x71, 0xef, 0x33, 0x6b, 0x4f, 0x86, 0xe1, 0xa9, 0xf8, 0xc3, 0x40, 0xa4, 0x56, 0xc4, - }; - - var actual = new AesCipher(key, (byte[])iv.Clone(), AesCipherMode.CBC, pkcs7Padding: false).Encrypt(input); - - CollectionAssert.AreEqual(expected, actual); - - var decrypted = new AesCipher(key, (byte[])iv.Clone(), AesCipherMode.CBC, pkcs7Padding: false).Decrypt(actual); - - CollectionAssert.AreEqual(input, decrypted); - } - - [TestMethod] - public void AES_CBC_256_Length64_Pad() - { - var input = new byte[] - { - 0x22, 0x41, 0xe4, 0xb5, 0x0b, 0xad, 0x69, 0xf9, 0x8a, 0x7c, 0x4b, 0x80, 0x5b, 0x31, 0xa4, 0xaa, - 0xfa, 0xff, 0xed, 0x1c, 0x3f, 0xcc, 0x92, 0xdb, 0xe4, 0x3e, 0xaf, 0x8f, 0x92, 0x13, 0x71, 0x56, - 0xd1, 0x9f, 0x0f, 0x68, 0xc3, 0xc1, 0x9a, 0x70, 0x11, 0xcf, 0x7f, 0xb6, 0xee, 0x3b, 0x2e, 0x48, - 0x7e, 0x97, 0x32, 0xbb, 0xa1, 0xbb, 0xd5, 0x56, 0xaf, 0x09, 0xd0, 0xcc, 0xfe, 0xda, 0x66, 0x76, - }; - var key = new byte[] - { - 0x0a, 0xf5, 0xaf, 0xbc, 0x22, 0x3b, 0xe6, 0x39, 0x65, 0x7d, 0x0a, 0x70, 0x4c, 0xdc, 0xec, 0xa8, - 0x10, 0x66, 0x10, 0xfb, 0xe1, 0xb6, 0xb5, 0x15, 0xca, 0xb9, 0xb9, 0xba, 0xf0, 0xcd, 0x72, 0x37, - }; - var iv = new byte[] - { - 0x68, 0x09, 0xab, 0xf9, 0x8c, 0x72, 0x26, 0x42, 0xb1, 0xf9, 0x55, 0x24, 0xb1, 0x64, 0x09, 0xd2, - }; - - // echo -n -e '\x22\x41\xe4\xb5\x0b\xad\x69\xf9\x8a\x7c\x4b\x80\x5b\x31\xa4\xaa\xfa\xff\xed\x1c\x3f\xcc\x92\xdb\xe4\x3e\xaf\x8f\x92\x13\x71\x56\xd1\x9f\x0f\x68\xc3\xc1\x9a\x70\x11\xcf\x7f\xb6\xee\x3b\x2e\x48\x7e\x97\x32\xbb\xa1\xbb\xd5\x56\xaf\x09\xd0\xcc\xfe\xda\x66\x76' | openssl enc -e -aes-256-cbc -K 0AF5AFBC223BE639657D0A704CDCECA8106610FBE1B6B515CAB9B9BAF0CD7237 -iv 6809ABF98C722642B1F95524B16409D2 | hd - var expected = new byte[] - { - 0x8f, 0x52, 0x10, 0x0a, 0xa6, 0x14, 0xfb, 0x31, 0x74, 0xc6, 0xd4, 0x39, 0x67, 0x6b, 0xd9, 0x67, - 0x23, 0xf9, 0xd3, 0xba, 0x1d, 0x9d, 0x93, 0x4e, 0xab, 0xe4, 0xd7, 0xf4, 0x02, 0xd8, 0x8c, 0x64, - 0xc9, 0x21, 0x18, 0x19, 0xee, 0xa2, 0x50, 0x73, 0xe9, 0x14, 0xba, 0x69, 0x0d, 0x6b, 0xff, 0x48, - 0xec, 0x60, 0x9f, 0x18, 0x5d, 0xb1, 0x8d, 0x49, 0xac, 0x5e, 0x50, 0x9b, 0x9d, 0x13, 0x2c, 0x41, - 0xbc, 0xcc, 0x5a, 0x91, 0x8a, 0xbb, 0xe9, 0x70, 0x39, 0x42, 0x8d, 0xb1, 0x02, 0x53, 0xa7, 0x88, - }; - - var actual = new AesCipher(key, (byte[])iv.Clone(), AesCipherMode.CBC, pkcs7Padding: true).Encrypt(input); - - CollectionAssert.AreEqual(expected, actual); - - var decrypted = new AesCipher(key, (byte[])iv.Clone(), AesCipherMode.CBC, pkcs7Padding: true).Decrypt(actual); - - CollectionAssert.AreEqual(input, decrypted); - } - - [TestMethod] - public void AES_CFB_128_Length16_NoPad() - { - var input = new byte[] - { - 0x1c, 0x28, 0xbb, 0x97, 0xc9, 0x6b, 0x94, 0x54, 0x3f, 0x9a, 0xf2, 0x69, 0x82, 0x2b, 0x48, 0x97, - }; - var key = new byte[] - { - 0x0a, 0xd3, 0x07, 0x43, 0x30, 0xf3, 0x1c, 0x9d, 0x40, 0xce, 0x49, 0xe8, 0x60, 0x91, 0x64, 0x65, - }; - var iv = new byte[] - { - 0xaf, 0xe6, 0x9e, 0xc8, 0x12, 0xdb, 0x6d, 0xfd, 0x74, 0x57, 0xb9, 0xf2, 0x80, 0xbd, 0xbf, 0x85, - }; - - // echo -n -e '\x1c\x28\xbb\x97\xc9\x6b\x94\x54\x3f\x9a\xf2\x69\x82\x2b\x48\x97' | openssl enc -e -aes-128-cfb -K 0AD3074330F31C9D40CE49E860916465 -iv AFE69EC812DB6DFD7457B9F280BDBF85 -nopad | hd - var expected = new byte[] - { - 0x8c, 0x75, 0xf1, 0xba, 0xf9, 0xe6, 0x66, 0x7d, 0x14, 0x4a, 0x9f, 0xfc, 0x31, 0xf7, 0x98, 0xcb, - }; - - var actual = new AesCipher(key, (byte[])iv.Clone(), AesCipherMode.CFB, pkcs7Padding: false).Encrypt(input); - - CollectionAssert.AreEqual(expected, actual); - - var decrypted = new AesCipher(key, (byte[])iv.Clone(), AesCipherMode.CFB, pkcs7Padding: false).Decrypt(actual); - - CollectionAssert.AreEqual(input, decrypted); - } - - [TestMethod] - public void AES_CFB_128_Length35_NoPad() - { - var input = new byte[] - { - 0xb0, 0xbd, 0x19, 0xdd, 0x5d, 0xc6, 0xa2, 0x28, 0x0b, 0x1e, 0x56, 0xfb, 0x21, 0xac, 0xf3, 0xae, - 0x35, 0x8c, 0xb9, 0x9c, 0x8d, 0x80, 0x85, 0x2f, 0x66, 0x09, 0xce, 0xd8, 0x3a, 0x2a, 0x1d, 0x82, - 0x0e, 0xc4, 0x37, - }; - var key = new byte[] - { - 0xa3, 0x77, 0x86, 0x07, 0xe9, 0x43, 0x75, 0xbc, 0xf3, 0x84, 0x72, 0xdb, 0xc8, 0x63, 0x0b, 0xbc, - }; - var iv = new byte[] - { - 0xf3, 0x03, 0x23, 0xf7, 0x30, 0x38, 0xea, 0x77, 0x53, 0xf7, 0xc9, 0xee, 0xe0, 0x00, 0xd4, 0xec, - }; - - // echo -n -e '\xb0\xbd\x19\xdd\x5d\xc6\xa2\x28\x0b\x1e\x56\xfb\x21\xac\xf3\xae\x35\x8c\xb9\x9c\x8d\x80\x85\x2f\x66\x09\xce\xd8\x3a\x2a\x1d\x82\x0e\xc4\x37' | openssl enc -e -aes-128-cfb -K A3778607E94375BCF38472DBC8630BBC -iv F30323F73038EA7753F7C9EEE000D4EC -nopad | hd - var expected = new byte[] - { - 0xea, 0x51, 0x2a, 0x19, 0xd1, 0xc0, 0xcf, 0x4d, 0x81, 0x92, 0xc8, 0x69, 0xdd, 0x37, 0x89, 0x11, - 0xeb, 0x39, 0xf7, 0xfd, 0xbf, 0xa7, 0x2c, 0xb3, 0x69, 0x6a, 0x3a, 0x22, 0xe1, 0x83, 0xc9, 0x71, - 0xfc, 0x42, 0x49, - }; - - var actual = new AesCipher(key, (byte[])iv.Clone(), AesCipherMode.CFB, pkcs7Padding: false).Encrypt(input); - - CollectionAssert.AreEqual(expected, actual); - - var decrypted = new AesCipher(key, (byte[])iv.Clone(), AesCipherMode.CFB, pkcs7Padding: false).Decrypt(actual); - - CollectionAssert.AreEqual(input, decrypted); - } - - [TestMethod] - public void AES_CFB_128_Length64_NoPad() - { - var input = new byte[] - { - 0x5d, 0x75, 0x50, 0x36, 0xaf, 0x84, 0xcf, 0x58, 0x17, 0xc3, 0x91, 0xaa, 0xf3, 0x2d, 0x06, 0x74, - 0x2e, 0x6e, 0x29, 0x7e, 0xeb, 0xcc, 0x06, 0x6b, 0x8d, 0x0f, 0xb4, 0xf1, 0x7a, 0x87, 0xdb, 0xf3, - 0xb0, 0x86, 0x7e, 0x52, 0x13, 0xd4, 0x0c, 0x6f, 0x34, 0xca, 0xe0, 0x6d, 0xa6, 0x3f, 0x83, 0x25, - 0xf1, 0x54, 0xbf, 0x72, 0xd7, 0x55, 0x00, 0x90, 0x6f, 0xe5, 0xa9, 0x9f, 0xd0, 0xde, 0xde, 0x8f, - }; - var key = new byte[] - { - 0xe7, 0x9e, 0xfa, 0x6d, 0xaf, 0xb3, 0x61, 0x5a, 0x61, 0xba, 0x4a, 0x21, 0xec, 0x98, 0xc4, 0x4d, - }; - var iv = new byte[] - { - 0x8b, 0x8e, 0x00, 0x25, 0xc8, 0x69, 0x1b, 0x5b, 0x85, 0xee, 0xe3, 0x2e, 0x2b, 0x6d, 0x9e, 0x56, - }; - - // echo -n -e '\x5d\x75\x50\x36\xaf\x84\xcf\x58\x17\xc3\x91\xaa\xf3\x2d\x06\x74\x2e\x6e\x29\x7e\xeb\xcc\x06\x6b\x8d\x0f\xb4\xf1\x7a\x87\xdb\xf3\xb0\x86\x7e\x52\x13\xd4\x0c\x6f\x34\xca\xe0\x6d\xa6\x3f\x83\x25\xf1\x54\xbf\x72\xd7\x55\x00\x90\x6f\xe5\xa9\x9f\xd0\xde\xde\x8f' | openssl enc -e -aes-128-cfb -K E79EFA6DAFB3615A61BA4A21EC98C44D -iv 8B8E0025C8691B5B85EEE32E2B6D9E56 -nopad | hd - var expected = new byte[] - { - 0x99, 0xe7, 0xd8, 0xbf, 0x94, 0x24, 0x5c, 0xef, 0x8e, 0xe7, 0x2e, 0x7b, 0x3d, 0x9f, 0x88, 0x56, - 0x97, 0xb4, 0xff, 0xdb, 0x7f, 0x00, 0xe0, 0xaa, 0x46, 0x4d, 0x3f, 0x96, 0x04, 0xc9, 0x6b, 0xfe, - 0xb6, 0xdb, 0x01, 0x3c, 0x29, 0x78, 0xc0, 0xc5, 0x29, 0x1b, 0x1e, 0x70, 0x8e, 0xe1, 0x1a, 0xbc, - 0xd7, 0x15, 0xa4, 0x00, 0x33, 0xe6, 0x07, 0x1a, 0x6c, 0xc7, 0x95, 0x95, 0xb2, 0x52, 0x51, 0xc8, - }; - - var actual = new AesCipher(key, (byte[])iv.Clone(), AesCipherMode.CFB, pkcs7Padding: false).Encrypt(input); - - CollectionAssert.AreEqual(expected, actual); - - var decrypted = new AesCipher(key, (byte[])iv.Clone(), AesCipherMode.CFB, pkcs7Padding: false).Decrypt(actual); - - CollectionAssert.AreEqual(input, decrypted); - } - - [TestMethod] - public void AES_CFB_192_Length16_NoPad() - { - var input = new byte[] - { - 0xeb, 0x50, 0x85, 0x07, 0x45, 0x16, 0x76, 0x3d, 0xf3, 0x64, 0x11, 0x1d, 0x0a, 0xdf, 0xa4, 0xd6, - }; - var key = new byte[] - { - 0x20, 0x5c, 0x14, 0x41, 0xdd, 0xb9, 0xc6, 0x7e, 0x83, 0x9f, 0xe7, 0xc0, 0xd0, 0x32, 0x2f, 0xf4, - 0x1b, 0xf4, 0x35, 0x9b, 0x13, 0xbd, 0x08, 0x74, - }; - var iv = new byte[] - { - 0x18, 0xc2, 0x32, 0x64, 0x58, 0xfe, 0x51, 0xa5, 0x49, 0x0c, 0x0d, 0xcf, 0x58, 0x5d, 0x78, 0x32, - }; - - // echo -n -e '\xeb\x50\x85\x07\x45\x16\x76\x3d\xf3\x64\x11\x1d\x0a\xdf\xa4\xd6' | openssl enc -e -aes-192-cfb -K 205C1441DDB9C67E839FE7C0D0322FF41BF4359B13BD0874 -iv 18C2326458FE51A5490C0DCF585D7832 -nopad | hd - var expected = new byte[] - { - 0x57, 0x7a, 0x4f, 0x03, 0x6e, 0x76, 0x43, 0x2d, 0xc0, 0x23, 0x26, 0x19, 0x58, 0x2e, 0x77, 0x83, - }; - - var actual = new AesCipher(key, (byte[])iv.Clone(), AesCipherMode.CFB, pkcs7Padding: false).Encrypt(input); - - CollectionAssert.AreEqual(expected, actual); - - var decrypted = new AesCipher(key, (byte[])iv.Clone(), AesCipherMode.CFB, pkcs7Padding: false).Decrypt(actual); - - CollectionAssert.AreEqual(input, decrypted); - } - - [TestMethod] - public void AES_CFB_192_Length35_NoPad() - { - var input = new byte[] - { - 0x8a, 0x07, 0x84, 0xa5, 0x2f, 0xb5, 0x6d, 0xc0, 0x35, 0x1c, 0x01, 0x15, 0xaa, 0x09, 0xc3, 0x63, - 0x53, 0xa0, 0x28, 0x1a, 0x87, 0x62, 0x25, 0x84, 0x4e, 0x41, 0x76, 0xc3, 0x24, 0x5f, 0x9b, 0xbe, - 0x7c, 0x02, 0x11, - }; - var key = new byte[] - { - 0x0b, 0x38, 0x62, 0x45, 0x62, 0x55, 0x71, 0x2e, 0x3b, 0xfc, 0x3b, 0xfb, 0x40, 0x49, 0xaa, 0x7b, - 0xb8, 0x34, 0x5d, 0xab, 0x27, 0xe1, 0xff, 0x57, - }; - var iv = new byte[] - { - 0xed, 0x3e, 0xa9, 0x9b, 0xd5, 0x80, 0x43, 0x98, 0xa7, 0xf7, 0xb7, 0x2a, 0xf0, 0x5a, 0xc6, 0xc4, + 0xa4, 0x51, 0x86, 0x7e, 0xbe, 0x7f, 0x54, 0x24, 0x35, 0xd1, 0x67, 0xc1, 0x89, 0x68, 0x20, 0x1d, }; - // echo -n -e '\x8a\x07\x84\xa5\x2f\xb5\x6d\xc0\x35\x1c\x01\x15\xaa\x09\xc3\x63\x53\xa0\x28\x1a\x87\x62\x25\x84\x4e\x41\x76\xc3\x24\x5f\x9b\xbe\x7c\x02\x11' | openssl enc -e -aes-192-cfb -K 0B3862456255712E3BFC3BFB4049AA7BB8345DAB27E1FF57 -iv ED3EA99BD5804398A7F7B72AF05AC6C4 -nopad | hd + // echo -n -e '\x8a\x09\x12\x86\xdb\xa3\x7f\x86\x7d\xaa\x88\xd9\x7c\x01\xc4\xb0' | openssl enc -e -aes-256-cbc -K 9945871C2365D3411F1A1A166560075A2E19DCF7BEB91DA426F5FA7D0A1C99C0 -iv A451867EBE7F542435D167C18968201D -nopad | hd var expected = new byte[] { - 0xf1, 0xbe, 0xde, 0x5d, 0x2f, 0x39, 0x84, 0x26, 0x11, 0xfa, 0x38, 0xa8, 0x51, 0x85, 0xfe, 0xfd, - 0x89, 0xf8, 0xd1, 0x7b, 0xed, 0x96, 0x7f, 0x13, 0xad, 0xdf, 0xbc, 0x15, 0xcc, 0xa3, 0xbf, 0xbf, - 0x05, 0xcb, 0xad, + 0x3e, 0x7c, 0xdd, 0x13, 0x85, 0x57, 0x34, 0x61, 0xe6, 0x6e, 0xcd, 0x87, 0xd9, 0xaa, 0xf8, 0xe3, }; - var actual = new AesCipher(key, (byte[])iv.Clone(), AesCipherMode.CFB, pkcs7Padding: false).Encrypt(input); + var actual = new AesCipher(key, (byte[])iv.Clone(), CipherMode.CBC, pkcs7Padding: false).Encrypt(input); CollectionAssert.AreEqual(expected, actual); - var decrypted = new AesCipher(key, (byte[])iv.Clone(), AesCipherMode.CFB, pkcs7Padding: false).Decrypt(actual); + var decrypted = new AesCipher(key, (byte[])iv.Clone(), CipherMode.CBC, pkcs7Padding: false).Decrypt(actual); CollectionAssert.AreEqual(input, decrypted); } [TestMethod] - public void AES_CFB_192_Length64_NoPad() + public void AES_CBC_256_Length16_Pad() { var input = new byte[] { - 0x15, 0x34, 0xea, 0x88, 0x12, 0x46, 0x36, 0x79, 0x7a, 0xe4, 0xe3, 0x89, 0x1e, 0x57, 0xe9, 0x29, - 0x39, 0x0b, 0x58, 0x23, 0xac, 0xd6, 0x58, 0xba, 0xb9, 0xa2, 0x53, 0x48, 0x92, 0x7f, 0x8b, 0x5d, - 0x6e, 0x98, 0x96, 0xf3, 0xf7, 0x77, 0x44, 0xa6, 0x08, 0x2f, 0x20, 0xf1, 0x9d, 0xb9, 0x7a, 0x50, - 0x0e, 0x8e, 0xf1, 0xe5, 0x02, 0xa2, 0x18, 0x3e, 0xdb, 0x2f, 0xcf, 0x6f, 0xf2, 0xed, 0xe7, 0xfb, + 0xa2, 0x2d, 0xab, 0x63, 0x25, 0xcc, 0xf1, 0xe0, 0x27, 0xe3, 0xf6, 0x2d, 0x6a, 0x56, 0x36, 0x03, }; var key = new byte[] { - 0x59, 0x86, 0x1b, 0x85, 0xc1, 0xf5, 0x32, 0xc2, 0xc7, 0xb1, 0x1b, 0x7c, 0xb5, 0x66, 0x1d, 0xff, - 0x28, 0x03, 0x3a, 0x03, 0x8d, 0xa6, 0x5b, 0xcc, + 0x81, 0x59, 0x72, 0x13, 0xd9, 0x89, 0x9c, 0xae, 0xc5, 0xb7, 0xc1, 0xec, 0x52, 0x5c, 0x1a, 0xbd, + 0xd4, 0xdd, 0xda, 0xdd, 0x70, 0x35, 0x9b, 0xd7, 0x5f, 0xa6, 0x56, 0xda, 0x89, 0x26, 0xba, 0xdf, }; var iv = new byte[] { - 0x80, 0x57, 0x18, 0xc8, 0xa7, 0xd4, 0xb3, 0x1b, 0x48, 0x25, 0x98, 0x16, 0x9e, 0xf4, 0x8e, 0x19, + 0x9a, 0x63, 0x3f, 0x2f, 0xf6, 0x0c, 0x43, 0x19, 0x90, 0xfc, 0x9d, 0x6d, 0x0a, 0x04, 0x8d, 0xcb, }; - // echo -n -e '\x15\x34\xea\x88\x12\x46\x36\x79\x7a\xe4\xe3\x89\x1e\x57\xe9\x29\x39\x0b\x58\x23\xac\xd6\x58\xba\xb9\xa2\x53\x48\x92\x7f\x8b\x5d\x6e\x98\x96\xf3\xf7\x77\x44\xa6\x08\x2f\x20\xf1\x9d\xb9\x7a\x50\x0e\x8e\xf1\xe5\x02\xa2\x18\x3e\xdb\x2f\xcf\x6f\xf2\xed\xe7\xfb' | openssl enc -e -aes-192-cfb -K 59861B85C1F532C2C7B11B7CB5661DFF28033A038DA65BCC -iv 805718C8A7D4B31B482598169EF48E19 -nopad | hd + // echo -n -e '\xa2\x2d\xab\x63\x25\xcc\xf1\xe0\x27\xe3\xf6\x2d\x6a\x56\x36\x03' | openssl enc -e -aes-256-cbc -K 81597213D9899CAEC5B7C1EC525C1ABDD4DDDADD70359BD75FA656DA8926BADF -iv 9A633F2FF60C431990FC9D6D0A048DCB | hd var expected = new byte[] { - 0x8e, 0x1e, 0xad, 0x77, 0xa8, 0xf6, 0xb8, 0x9f, 0x4a, 0xa5, 0x04, 0xcc, 0x33, 0x54, 0xca, 0x76, - 0xd6, 0x25, 0x08, 0x22, 0x5b, 0x5f, 0xff, 0xbf, 0x10, 0x63, 0xf1, 0x6b, 0xf8, 0xfa, 0x02, 0x6a, - 0x3e, 0xa6, 0x66, 0xbf, 0x56, 0x2e, 0x5c, 0xbb, 0x94, 0x5c, 0x3b, 0x54, 0xde, 0x63, 0x24, 0x2c, - 0x08, 0x4e, 0x2b, 0xbd, 0xbb, 0x0a, 0xdc, 0x25, 0xe5, 0x10, 0x6c, 0x3c, 0x89, 0x03, 0xa7, 0x63, + 0xb3, 0x4b, 0xbb, 0x73, 0xa6, 0x1b, 0xb4, 0xdc, 0xfa, 0xb4, 0x02, 0xe2, 0x78, 0x72, 0x04, 0x9a, + 0x3e, 0x08, 0x87, 0x8c, 0xae, 0x30, 0xbc, 0x4f, 0x89, 0x16, 0x30, 0x42, 0x2a, 0xd9, 0xe6, 0xac, }; - var actual = new AesCipher(key, (byte[])iv.Clone(), AesCipherMode.CFB, pkcs7Padding: false).Encrypt(input); + var actual = new AesCipher(key, (byte[])iv.Clone(), CipherMode.CBC, pkcs7Padding: true).Encrypt(input); CollectionAssert.AreEqual(expected, actual); - var decrypted = new AesCipher(key, (byte[])iv.Clone(), AesCipherMode.CFB, pkcs7Padding: false).Decrypt(actual); + var decrypted = new AesCipher(key, (byte[])iv.Clone(), CipherMode.CBC, pkcs7Padding: true).Decrypt(actual); CollectionAssert.AreEqual(input, decrypted); } [TestMethod] - public void AES_CFB_256_Length16_NoPad() + public void AES_CBC_256_Length35_Pad() { var input = new byte[] { - 0x5c, 0x2f, 0x1d, 0x50, 0x86, 0x9c, 0x89, 0x74, 0x11, 0xd0, 0x46, 0xef, 0xb2, 0xe3, 0x6d, 0xb3, + 0xc8, 0x38, 0x58, 0x8d, 0x7b, 0x59, 0x92, 0x4b, 0xbe, 0x9a, 0xb4, 0x33, 0x33, 0xc2, 0x25, 0x9f, + 0xfd, 0xe2, 0x52, 0xee, 0x1c, 0xeb, 0xc6, 0xc7, 0x99, 0xc1, 0x4d, 0x74, 0x98, 0x2e, 0xcc, 0x5a, + 0x18, 0x8a, 0x12, }; var key = new byte[] { - 0x2a, 0x4f, 0x05, 0x69, 0xdd, 0x69, 0x1a, 0xf2, 0xfe, 0xff, 0x34, 0x8f, 0xcd, 0x06, 0x60, 0x34, - 0x74, 0x21, 0xa7, 0x5d, 0x88, 0x0a, 0x45, 0xe4, 0xcd, 0xa3, 0xb7, 0xd7, 0x8e, 0xc4, 0x68, 0x64, + 0x50, 0xcd, 0x2c, 0x63, 0x41, 0xd0, 0xf4, 0x71, 0x5b, 0x58, 0x0f, 0xe5, 0xce, 0xd7, 0xfd, 0x70, + 0x28, 0xb2, 0x9e, 0xae, 0xdc, 0x71, 0x91, 0xf3, 0xba, 0x0b, 0x1e, 0xb2, 0x8f, 0xce, 0x59, 0x1b, }; var iv = new byte[] { - 0xb8, 0xe5, 0xec, 0x4e, 0xee, 0x24, 0x3b, 0xf2, 0x15, 0x2b, 0x52, 0x86, 0x67, 0xf9, 0xa7, 0x0a, + 0xa8, 0xaf, 0xd4, 0xd1, 0xd0, 0x7e, 0x11, 0x1e, 0x28, 0x7a, 0x6a, 0x6f, 0x89, 0xdb, 0x7f, 0x9d, }; - // echo -n -e '\x5c\x2f\x1d\x50\x86\x9c\x89\x74\x11\xd0\x46\xef\xb2\xe3\x6d\xb3' | openssl enc -e -aes-256-cfb -K 2A4F0569DD691AF2FEFF348FCD0660347421A75D880A45E4CDA3B7D78EC46864 -iv B8E5EC4EEE243BF2152B528667F9A70A -nopad | hd + // echo -n -e '\xc8\x38\x58\x8d\x7b\x59\x92\x4b\xbe\x9a\xb4\x33\x33\xc2\x25\x9f\xfd\xe2\x52\xee\x1c\xeb\xc6\xc7\x99\xc1\x4d\x74\x98\x2e\xcc\x5a\x18\x8a\x12' | openssl enc -e -aes-256-cbc -K 50CD2C6341D0F4715B580FE5CED7FD7028B29EAEDC7191F3BA0B1EB28FCE591B -iv A8AFD4D1D07E111E287A6A6F89DB7F9D | hd var expected = new byte[] { - 0xd4, 0x21, 0xc2, 0xf2, 0x06, 0xcf, 0xa6, 0x65, 0x5d, 0xb0, 0x13, 0x3c, 0x87, 0x04, 0x5c, 0x59, + 0x26, 0x79, 0xc3, 0x69, 0xd9, 0x39, 0xaf, 0x83, 0xb4, 0x14, 0x17, 0x0a, 0x79, 0x4e, 0x2e, 0x02, + 0xa3, 0xb7, 0x68, 0x50, 0xfd, 0x05, 0x7b, 0xff, 0xe3, 0x74, 0x6f, 0x91, 0xec, 0x43, 0x5a, 0xf9, + 0x88, 0x46, 0x53, 0x42, 0x98, 0x69, 0x4b, 0x91, 0x9e, 0x5f, 0x69, 0x22, 0x58, 0xff, 0x48, 0xca, }; - var actual = new AesCipher(key, (byte[])iv.Clone(), AesCipherMode.CFB, pkcs7Padding: false).Encrypt(input); + var actual = new AesCipher(key, (byte[])iv.Clone(), CipherMode.CBC, pkcs7Padding: true).Encrypt(input); CollectionAssert.AreEqual(expected, actual); - var decrypted = new AesCipher(key, (byte[])iv.Clone(), AesCipherMode.CFB, pkcs7Padding: false).Decrypt(actual); + var decrypted = new AesCipher(key, (byte[])iv.Clone(), CipherMode.CBC, pkcs7Padding: true).Decrypt(actual); CollectionAssert.AreEqual(input, decrypted); } [TestMethod] - public void AES_CFB_256_Length35_NoPad() + public void AES_CBC_256_Length64_NoPad() { var input = new byte[] { - 0x6f, 0x12, 0x7a, 0x91, 0x3b, 0x0f, 0x2b, 0x20, 0x0a, 0x21, 0x9c, 0x39, 0xb2, 0x43, 0x64, 0x39, - 0x97, 0xd0, 0xd7, 0xe8, 0x1a, 0x11, 0x45, 0x4f, 0xe5, 0xb5, 0x48, 0x5c, 0xb7, 0xbe, 0x7c, 0xd4, - 0xfc, 0xac, 0x68, + 0x9a, 0xbd, 0xa3, 0xa8, 0x79, 0xdc, 0x36, 0xde, 0x3c, 0x38, 0xa9, 0x35, 0xb2, 0x41, 0xe1, 0x8d, + 0xff, 0xf4, 0x3d, 0x1e, 0x02, 0x2c, 0xa0, 0xaa, 0xa1, 0x80, 0x86, 0x61, 0x07, 0x21, 0x6a, 0xde, + 0x8c, 0x80, 0x17, 0xd1, 0x2a, 0xb1, 0xa1, 0xcc, 0x79, 0xf6, 0x95, 0x97, 0xd4, 0xdb, 0x6b, 0xe6, + 0x99, 0xdd, 0x70, 0x95, 0x9e, 0x60, 0x9b, 0x6e, 0x1d, 0xf8, 0x07, 0xf9, 0x55, 0xd4, 0xd7, 0x1a, }; var key = new byte[] { - 0x7b, 0x49, 0xd7, 0x28, 0xa8, 0xba, 0xcb, 0x44, 0xcd, 0x88, 0x01, 0x3f, 0xd2, 0xc7, 0x19, 0xef, - 0x97, 0x21, 0xbe, 0xef, 0x5d, 0xcc, 0x2b, 0xac, 0x86, 0xc7, 0xce, 0x69, 0x4b, 0xa4, 0xc7, 0x3d, + 0xce, 0xca, 0xa8, 0x31, 0x29, 0x0f, 0x63, 0x4d, 0x52, 0x71, 0xa5, 0x0c, 0x96, 0x08, 0xd6, 0xc5, + 0x14, 0xa0, 0xc8, 0x29, 0xb1, 0xd5, 0x40, 0x2c, 0xe5, 0xa9, 0xb4, 0x31, 0xa9, 0xa8, 0x76, 0xa5, }; var iv = new byte[] { - 0x05, 0xda, 0xe8, 0xf0, 0xc0, 0xa7, 0x2f, 0x2d, 0x4f, 0xcd, 0x77, 0xc6, 0xe3, 0x75, 0x76, 0x94, + 0x1e, 0x7a, 0xc8, 0x09, 0x32, 0x39, 0xbc, 0x89, 0x7a, 0x22, 0x42, 0x2c, 0xba, 0x8e, 0xd7, 0x15, }; - // echo -n -e '\x6f\x12\x7a\x91\x3b\x0f\x2b\x20\x0a\x21\x9c\x39\xb2\x43\x64\x39\x97\xd0\xd7\xe8\x1a\x11\x45\x4f\xe5\xb5\x48\x5c\xb7\xbe\x7c\xd4\xfc\xac\x68' | openssl enc -e -aes-256-cfb -K 7B49D728A8BACB44CD88013FD2C719EF9721BEEF5DCC2BAC86C7CE694BA4C73D -iv 05DAE8F0C0A72F2D4FCD77C6E3757694 -nopad | hd + // echo -n -e '\x9a\xbd\xa3\xa8\x79\xdc\x36\xde\x3c\x38\xa9\x35\xb2\x41\xe1\x8d\xff\xf4\x3d\x1e\x02\x2c\xa0\xaa\xa1\x80\x86\x61\x07\x21\x6a\xde\x8c\x80\x17\xd1\x2a\xb1\xa1\xcc\x79\xf6\x95\x97\xd4\xdb\x6b\xe6\x99\xdd\x70\x95\x9e\x60\x9b\x6e\x1d\xf8\x07\xf9\x55\xd4\xd7\x1a' | openssl enc -e -aes-256-cbc -K CECAA831290F634D5271A50C9608D6C514A0C829B1D5402CE5A9B431A9A876A5 -iv 1E7AC8093239BC897A22422CBA8ED715 -nopad | hd var expected = new byte[] { - 0x6f, 0x5b, 0x27, 0x08, 0x46, 0x96, 0xf4, 0x30, 0x2e, 0x61, 0x1c, 0x5d, 0x7d, 0xa6, 0x7b, 0xdb, - 0x98, 0x78, 0x77, 0x04, 0xdb, 0xb0, 0xa7, 0xc8, 0x20, 0x20, 0x77, 0x10, 0x79, 0x16, 0x26, 0x7c, - 0xb5, 0xcb, 0x97, + 0xde, 0xdc, 0xe6, 0x24, 0xcb, 0xa0, 0x97, 0x6b, 0xe4, 0x2d, 0x38, 0xc2, 0xa0, 0x56, 0x3b, 0x38, + 0xe8, 0x34, 0x9c, 0x9c, 0x10, 0x01, 0x72, 0x4e, 0xae, 0xcf, 0x2a, 0x98, 0x75, 0x2d, 0xee, 0xbd, + 0x42, 0xe8, 0x17, 0x85, 0x23, 0x1e, 0xf7, 0xf9, 0x9f, 0x2e, 0x4f, 0xaa, 0x18, 0x1b, 0x01, 0xf7, + 0xfe, 0xa4, 0x71, 0xef, 0x33, 0x6b, 0x4f, 0x86, 0xe1, 0xa9, 0xf8, 0xc3, 0x40, 0xa4, 0x56, 0xc4, }; - var actual = new AesCipher(key, (byte[])iv.Clone(), AesCipherMode.CFB, pkcs7Padding: false).Encrypt(input); + var actual = new AesCipher(key, (byte[])iv.Clone(), CipherMode.CBC, pkcs7Padding: false).Encrypt(input); CollectionAssert.AreEqual(expected, actual); - var decrypted = new AesCipher(key, (byte[])iv.Clone(), AesCipherMode.CFB, pkcs7Padding: false).Decrypt(actual); + var decrypted = new AesCipher(key, (byte[])iv.Clone(), CipherMode.CBC, pkcs7Padding: false).Decrypt(actual); CollectionAssert.AreEqual(input, decrypted); } [TestMethod] - public void AES_CFB_256_Length64_NoPad() + public void AES_CBC_256_Length64_Pad() { var input = new byte[] { - 0x9e, 0xce, 0xe5, 0xb2, 0x3d, 0xbd, 0x0a, 0xae, 0x1e, 0x2b, 0xa2, 0xe1, 0xeb, 0x61, 0xf8, 0x28, - 0xc1, 0xc4, 0x39, 0xf7, 0xdf, 0x28, 0x2f, 0xef, 0xf2, 0x91, 0x9f, 0x90, 0x54, 0x64, 0xc8, 0x10, - 0x50, 0x3a, 0xcb, 0x7d, 0xbf, 0x14, 0x00, 0x48, 0xd0, 0x39, 0xd2, 0x94, 0x05, 0x4d, 0x41, 0xed, - 0xd4, 0x4f, 0x05, 0x1f, 0x3c, 0x7e, 0xb5, 0x75, 0x9e, 0xf5, 0xc0, 0xab, 0x1d, 0x79, 0x59, 0xba, + 0x22, 0x41, 0xe4, 0xb5, 0x0b, 0xad, 0x69, 0xf9, 0x8a, 0x7c, 0x4b, 0x80, 0x5b, 0x31, 0xa4, 0xaa, + 0xfa, 0xff, 0xed, 0x1c, 0x3f, 0xcc, 0x92, 0xdb, 0xe4, 0x3e, 0xaf, 0x8f, 0x92, 0x13, 0x71, 0x56, + 0xd1, 0x9f, 0x0f, 0x68, 0xc3, 0xc1, 0x9a, 0x70, 0x11, 0xcf, 0x7f, 0xb6, 0xee, 0x3b, 0x2e, 0x48, + 0x7e, 0x97, 0x32, 0xbb, 0xa1, 0xbb, 0xd5, 0x56, 0xaf, 0x09, 0xd0, 0xcc, 0xfe, 0xda, 0x66, 0x76, }; var key = new byte[] { - 0x62, 0x91, 0x90, 0xb1, 0x96, 0x7b, 0x69, 0xac, 0xc3, 0xf1, 0x26, 0xa5, 0x56, 0x9a, 0xe9, 0xa4, - 0x4f, 0xb1, 0xbc, 0x05, 0x5e, 0xa9, 0xd4, 0xd2, 0x85, 0x55, 0xde, 0xc9, 0x54, 0x54, 0x2a, 0x56, + 0x0a, 0xf5, 0xaf, 0xbc, 0x22, 0x3b, 0xe6, 0x39, 0x65, 0x7d, 0x0a, 0x70, 0x4c, 0xdc, 0xec, 0xa8, + 0x10, 0x66, 0x10, 0xfb, 0xe1, 0xb6, 0xb5, 0x15, 0xca, 0xb9, 0xb9, 0xba, 0xf0, 0xcd, 0x72, 0x37, }; var iv = new byte[] { - 0xe0, 0x17, 0x32, 0x74, 0xbd, 0x90, 0x57, 0x58, 0xe5, 0x59, 0x5b, 0x4a, 0x58, 0x0f, 0x1f, 0x04, + 0x68, 0x09, 0xab, 0xf9, 0x8c, 0x72, 0x26, 0x42, 0xb1, 0xf9, 0x55, 0x24, 0xb1, 0x64, 0x09, 0xd2, }; - // echo -n -e '\x9e\xce\xe5\xb2\x3d\xbd\x0a\xae\x1e\x2b\xa2\xe1\xeb\x61\xf8\x28\xc1\xc4\x39\xf7\xdf\x28\x2f\xef\xf2\x91\x9f\x90\x54\x64\xc8\x10\x50\x3a\xcb\x7d\xbf\x14\x00\x48\xd0\x39\xd2\x94\x05\x4d\x41\xed\xd4\x4f\x05\x1f\x3c\x7e\xb5\x75\x9e\xf5\xc0\xab\x1d\x79\x59\xba' | openssl enc -e -aes-256-cfb -K 629190B1967B69ACC3F126A5569AE9A44FB1BC055EA9D4D28555DEC954542A56 -iv E0173274BD905758E5595B4A580F1F04 -nopad | hd + // echo -n -e '\x22\x41\xe4\xb5\x0b\xad\x69\xf9\x8a\x7c\x4b\x80\x5b\x31\xa4\xaa\xfa\xff\xed\x1c\x3f\xcc\x92\xdb\xe4\x3e\xaf\x8f\x92\x13\x71\x56\xd1\x9f\x0f\x68\xc3\xc1\x9a\x70\x11\xcf\x7f\xb6\xee\x3b\x2e\x48\x7e\x97\x32\xbb\xa1\xbb\xd5\x56\xaf\x09\xd0\xcc\xfe\xda\x66\x76' | openssl enc -e -aes-256-cbc -K 0AF5AFBC223BE639657D0A704CDCECA8106610FBE1B6B515CAB9B9BAF0CD7237 -iv 6809ABF98C722642B1F95524B16409D2 | hd var expected = new byte[] { - 0x9a, 0x12, 0x90, 0xd7, 0x30, 0x9e, 0x66, 0x42, 0xf4, 0xe7, 0x8e, 0x80, 0xfb, 0xfc, 0x14, 0x5e, - 0x53, 0x4c, 0x08, 0xea, 0xdd, 0x17, 0xa8, 0x63, 0xa4, 0x34, 0x7a, 0x57, 0xdc, 0x92, 0xc3, 0xfb, - 0xf1, 0xba, 0x31, 0x82, 0x77, 0x57, 0x1c, 0x0c, 0x87, 0x05, 0x3a, 0xfb, 0xa7, 0xce, 0xb6, 0x09, - 0xbe, 0x24, 0x47, 0xeb, 0xe5, 0x0a, 0x24, 0x6d, 0xc2, 0x1e, 0xca, 0x52, 0x8d, 0x9a, 0xe7, 0x49, + 0x8f, 0x52, 0x10, 0x0a, 0xa6, 0x14, 0xfb, 0x31, 0x74, 0xc6, 0xd4, 0x39, 0x67, 0x6b, 0xd9, 0x67, + 0x23, 0xf9, 0xd3, 0xba, 0x1d, 0x9d, 0x93, 0x4e, 0xab, 0xe4, 0xd7, 0xf4, 0x02, 0xd8, 0x8c, 0x64, + 0xc9, 0x21, 0x18, 0x19, 0xee, 0xa2, 0x50, 0x73, 0xe9, 0x14, 0xba, 0x69, 0x0d, 0x6b, 0xff, 0x48, + 0xec, 0x60, 0x9f, 0x18, 0x5d, 0xb1, 0x8d, 0x49, 0xac, 0x5e, 0x50, 0x9b, 0x9d, 0x13, 0x2c, 0x41, + 0xbc, 0xcc, 0x5a, 0x91, 0x8a, 0xbb, 0xe9, 0x70, 0x39, 0x42, 0x8d, 0xb1, 0x02, 0x53, 0xa7, 0x88, }; - var actual = new AesCipher(key, (byte[])iv.Clone(), AesCipherMode.CFB, pkcs7Padding: false).Encrypt(input); + var actual = new AesCipher(key, (byte[])iv.Clone(), CipherMode.CBC, pkcs7Padding: true).Encrypt(input); CollectionAssert.AreEqual(expected, actual); - var decrypted = new AesCipher(key, (byte[])iv.Clone(), AesCipherMode.CFB, pkcs7Padding: false).Decrypt(actual); + var decrypted = new AesCipher(key, (byte[])iv.Clone(), CipherMode.CBC, pkcs7Padding: true).Decrypt(actual); CollectionAssert.AreEqual(input, decrypted); } @@ -1518,11 +735,11 @@ public void AES_CTR_128_Length16_NoPad() 0xee, 0x28, 0x3f, 0x2e, 0xd9, 0xac, 0x08, 0x36, 0x8a, 0xc0, 0x44, 0x90, 0x4d, 0x1f, 0x35, 0x06, }; - var actual = new AesCipher(key, (byte[])iv.Clone(), AesCipherMode.CTR, pkcs7Padding: false).Encrypt(input); + var actual = new AesCtrCipher(key, (byte[])iv.Clone()).Encrypt(input); CollectionAssert.AreEqual(expected, actual); - var decrypted = new AesCipher(key, (byte[])iv.Clone(), AesCipherMode.CTR, pkcs7Padding: false).Decrypt(actual); + var decrypted = new AesCtrCipher(key, (byte[])iv.Clone()).Decrypt(actual); CollectionAssert.AreEqual(input, decrypted); } @@ -1553,11 +770,11 @@ public void AES_CTR_128_Length35_NoPad() 0x17, 0xf1, 0x16, }; - var actual = new AesCipher(key, (byte[])iv.Clone(), AesCipherMode.CTR, pkcs7Padding: false).Encrypt(input); + var actual = new AesCtrCipher(key, (byte[])iv.Clone()).Encrypt(input); CollectionAssert.AreEqual(expected, actual); - var decrypted = new AesCipher(key, (byte[])iv.Clone(), AesCipherMode.CTR, pkcs7Padding: false).Decrypt(actual); + var decrypted = new AesCtrCipher(key, (byte[])iv.Clone()).Decrypt(actual); CollectionAssert.AreEqual(input, decrypted); } @@ -1590,11 +807,11 @@ public void AES_CTR_128_Length64_NoPad() 0x0d, 0x1a, 0x30, 0x6d, 0xa7, 0xbd, 0x2b, 0x9b, 0x05, 0x05, 0xad, 0x92, 0x9a, 0xd6, 0x8e, 0x28, }; - var actual = new AesCipher(key, (byte[])iv.Clone(), AesCipherMode.CTR, pkcs7Padding: false).Encrypt(input); + var actual = new AesCtrCipher(key, (byte[])iv.Clone()).Encrypt(input); CollectionAssert.AreEqual(expected, actual); - var decrypted = new AesCipher(key, (byte[])iv.Clone(), AesCipherMode.CTR, pkcs7Padding: false).Decrypt(actual); + var decrypted = new AesCtrCipher(key, (byte[])iv.Clone()).Decrypt(actual); CollectionAssert.AreEqual(input, decrypted); } @@ -1622,11 +839,11 @@ public void AES_CTR_192_Length16_NoPad() 0x27, 0x94, 0x39, 0x4c, 0xab, 0x94, 0xd5, 0xfe, 0x0a, 0xc4, 0xf6, 0x33, 0x4c, 0x8c, 0xa5, 0xe1, }; - var actual = new AesCipher(key, (byte[])iv.Clone(), AesCipherMode.CTR, pkcs7Padding: false).Encrypt(input); + var actual = new AesCtrCipher(key, (byte[])iv.Clone()).Encrypt(input); CollectionAssert.AreEqual(expected, actual); - var decrypted = new AesCipher(key, (byte[])iv.Clone(), AesCipherMode.CTR, pkcs7Padding: false).Decrypt(actual); + var decrypted = new AesCtrCipher(key, (byte[])iv.Clone()).Decrypt(actual); CollectionAssert.AreEqual(input, decrypted); } @@ -1658,11 +875,11 @@ public void AES_CTR_192_Length35_NoPad() 0xf4, 0xfc, 0x58, }; - var actual = new AesCipher(key, (byte[])iv.Clone(), AesCipherMode.CTR, pkcs7Padding: false).Encrypt(input); + var actual = new AesCtrCipher(key, (byte[])iv.Clone()).Encrypt(input); CollectionAssert.AreEqual(expected, actual); - var decrypted = new AesCipher(key, (byte[])iv.Clone(), AesCipherMode.CTR, pkcs7Padding: false).Decrypt(actual); + var decrypted = new AesCtrCipher(key, (byte[])iv.Clone()).Decrypt(actual); CollectionAssert.AreEqual(input, decrypted); } @@ -1696,11 +913,11 @@ public void AES_CTR_192_Length64_NoPad() 0xe3, 0x39, 0xd5, 0xb8, 0x18, 0xe7, 0x1b, 0x0a, 0xdc, 0x63, 0xee, 0x3f, 0x59, 0xad, 0x76, 0xc1, }; - var actual = new AesCipher(key, (byte[])iv.Clone(), AesCipherMode.CTR, pkcs7Padding: false).Encrypt(input); + var actual = new AesCtrCipher(key, (byte[])iv.Clone()).Encrypt(input); CollectionAssert.AreEqual(expected, actual); - var decrypted = new AesCipher(key, (byte[])iv.Clone(), AesCipherMode.CTR, pkcs7Padding: false).Decrypt(actual); + var decrypted = new AesCtrCipher(key, (byte[])iv.Clone()).Decrypt(actual); CollectionAssert.AreEqual(input, decrypted); } @@ -1728,11 +945,11 @@ public void AES_CTR_256_Length16_NoPad() 0xc8, 0x8a, 0x9b, 0xd7, 0x03, 0xfa, 0x95, 0x61, 0x95, 0x69, 0x81, 0xa8, 0x2d, 0x0d, 0xfe, 0x4a, }; - var actual = new AesCipher(key, (byte[])iv.Clone(), AesCipherMode.CTR, pkcs7Padding: false).Encrypt(input); + var actual = new AesCtrCipher(key, (byte[])iv.Clone()).Encrypt(input); CollectionAssert.AreEqual(expected, actual); - var decrypted = new AesCipher(key, (byte[])iv.Clone(), AesCipherMode.CTR, pkcs7Padding: false).Decrypt(actual); + var decrypted = new AesCtrCipher(key, (byte[])iv.Clone()).Decrypt(actual); CollectionAssert.AreEqual(input, decrypted); } @@ -1764,11 +981,11 @@ public void AES_CTR_256_Length35_NoPad() 0x46, 0xd7, 0x46, }; - var actual = new AesCipher(key, (byte[])iv.Clone(), AesCipherMode.CTR, pkcs7Padding: false).Encrypt(input); + var actual = new AesCtrCipher(key, (byte[])iv.Clone()).Encrypt(input); CollectionAssert.AreEqual(expected, actual); - var decrypted = new AesCipher(key, (byte[])iv.Clone(), AesCipherMode.CTR, pkcs7Padding: false).Decrypt(actual); + var decrypted = new AesCtrCipher(key, (byte[])iv.Clone()).Decrypt(actual); CollectionAssert.AreEqual(input, decrypted); } @@ -1802,326 +1019,11 @@ public void AES_CTR_256_Length64_NoPad() 0x8e, 0x53, 0xc7, 0x0a, 0xf9, 0x9f, 0x3c, 0xbe, 0x37, 0x6f, 0xd7, 0xd6, 0x5e, 0x94, 0x6a, 0x22, }; - var actual = new AesCipher(key, (byte[])iv.Clone(), AesCipherMode.CTR, pkcs7Padding: false).Encrypt(input); - - CollectionAssert.AreEqual(expected, actual); - - var decrypted = new AesCipher(key, (byte[])iv.Clone(), AesCipherMode.CTR, pkcs7Padding: false).Decrypt(actual); - - CollectionAssert.AreEqual(input, decrypted); - } - - [TestMethod] - public void AES_OFB_128_Length16_NoPad() - { - var input = new byte[] - { - 0x06, 0x57, 0x03, 0xd3, 0x9d, 0x58, 0x6b, 0x5d, 0xc5, 0x73, 0x74, 0x2d, 0x3a, 0xf5, 0xb1, 0x78, - }; - var key = new byte[] - { - 0x78, 0xcf, 0x5b, 0xc5, 0x88, 0x9c, 0xd5, 0x1d, 0xda, 0xc4, 0x75, 0xb1, 0x7a, 0x5f, 0x7e, 0x0a, - }; - var iv = new byte[] - { - 0x42, 0x44, 0x79, 0xc4, 0xf3, 0xe6, 0xb1, 0x11, 0xe6, 0x3b, 0x2d, 0x3d, 0x74, 0xce, 0xbb, 0x01, - }; - - // echo -n -e '\x06\x57\x03\xd3\x9d\x58\x6b\x5d\xc5\x73\x74\x2d\x3a\xf5\xb1\x78' | openssl enc -e -aes-128-ofb -K 78CF5BC5889CD51DDAC475B17A5F7E0A -iv 424479C4F3E6B111E63B2D3D74CEBB01 -nopad | hd - var expected = new byte[] - { - 0xf4, 0x71, 0xef, 0x7a, 0xa2, 0xef, 0x90, 0x25, 0x18, 0x3e, 0x24, 0xc1, 0x40, 0xe4, 0xff, 0xb6, - }; - - var actual = new AesCipher(key, (byte[])iv.Clone(), AesCipherMode.OFB, pkcs7Padding: false).Encrypt(input); - - CollectionAssert.AreEqual(expected, actual); - - var decrypted = new AesCipher(key, (byte[])iv.Clone(), AesCipherMode.OFB, pkcs7Padding: false).Decrypt(actual); - - CollectionAssert.AreEqual(input, decrypted); - } - - [TestMethod] - public void AES_OFB_128_Length35_NoPad() - { - var input = new byte[] - { - 0x14, 0xfe, 0xab, 0xb6, 0x19, 0x6f, 0x95, 0x69, 0x82, 0xe6, 0xf8, 0xd9, 0xe3, 0xb9, 0xe3, 0x65, - 0xf4, 0x69, 0xea, 0xf5, 0x7b, 0xec, 0x84, 0x91, 0x1d, 0x49, 0xde, 0x4d, 0x6f, 0x97, 0xa8, 0x0c, - 0x08, 0x74, 0x9d, - }; - var key = new byte[] - { - 0x7c, 0xb3, 0xc7, 0xf0, 0xd3, 0xaf, 0x0f, 0x42, 0x0d, 0xee, 0xd7, 0x2e, 0x2d, 0x58, 0xc7, 0x49, - }; - var iv = new byte[] - { - 0x0a, 0xe3, 0xc6, 0x85, 0x27, 0x79, 0x19, 0x99, 0xd0, 0x90, 0x48, 0xfa, 0xea, 0x3d, 0xec, 0xd0, - }; - - // echo -n -e '\x14\xfe\xab\xb6\x19\x6f\x95\x69\x82\xe6\xf8\xd9\xe3\xb9\xe3\x65\xf4\x69\xea\xf5\x7b\xec\x84\x91\x1d\x49\xde\x4d\x6f\x97\xa8\x0c\x08\x74\x9d' | openssl enc -e -aes-128-ofb -K 7CB3C7F0D3AF0F420DEED72E2D58C749 -iv 0AE3C68527791999D09048FAEA3DECD0 -nopad | hd - var expected = new byte[] - { - 0x96, 0x88, 0x4d, 0x4e, 0x85, 0xde, 0x53, 0x86, 0x4f, 0x63, 0x8e, 0x2e, 0x9a, 0xe7, 0x60, 0xda, - 0xae, 0x7a, 0xec, 0x54, 0x84, 0xe9, 0xba, 0x22, 0x79, 0x5f, 0x46, 0x2f, 0xbe, 0x6f, 0x1a, 0xe9, - 0x33, 0xf5, 0xcd, - }; - - var actual = new AesCipher(key, (byte[])iv.Clone(), AesCipherMode.OFB, pkcs7Padding: false).Encrypt(input); - - CollectionAssert.AreEqual(expected, actual); - - var decrypted = new AesCipher(key, (byte[])iv.Clone(), AesCipherMode.OFB, pkcs7Padding: false).Decrypt(actual); - - CollectionAssert.AreEqual(input, decrypted); - } - - [TestMethod] - public void AES_OFB_128_Length64_NoPad() - { - var input = new byte[] - { - 0x6e, 0x1b, 0x66, 0xb2, 0x2c, 0x79, 0x16, 0x45, 0x6b, 0xaa, 0x76, 0xa3, 0x46, 0x1b, 0xb1, 0xf4, - 0xa7, 0x4e, 0x9d, 0x28, 0x42, 0xee, 0x75, 0x02, 0x99, 0x2e, 0x20, 0x43, 0x66, 0x15, 0x57, 0xcf, - 0x01, 0x06, 0xbf, 0x11, 0xf1, 0x15, 0x1c, 0x90, 0xcc, 0x80, 0x19, 0x7d, 0x03, 0x76, 0x52, 0xb4, - 0xde, 0x53, 0x52, 0x9c, 0xa0, 0xc4, 0x8e, 0x80, 0xa5, 0x64, 0x18, 0xfd, 0x59, 0xd3, 0xde, 0x56, - }; - var key = new byte[] - { - 0x52, 0xa7, 0xa1, 0x3f, 0x5b, 0xa0, 0x03, 0x92, 0x31, 0x0c, 0x5b, 0xc1, 0xd4, 0xf8, 0xff, 0x23, - }; - var iv = new byte[] - { - 0xdb, 0x6b, 0x64, 0x13, 0xc2, 0xba, 0x2f, 0x3d, 0x78, 0x3f, 0x6b, 0x8c, 0xfd, 0x1e, 0x37, 0xf9, - }; - - // echo -n -e '\x6e\x1b\x66\xb2\x2c\x79\x16\x45\x6b\xaa\x76\xa3\x46\x1b\xb1\xf4\xa7\x4e\x9d\x28\x42\xee\x75\x02\x99\x2e\x20\x43\x66\x15\x57\xcf\x01\x06\xbf\x11\xf1\x15\x1c\x90\xcc\x80\x19\x7d\x03\x76\x52\xb4\xde\x53\x52\x9c\xa0\xc4\x8e\x80\xa5\x64\x18\xfd\x59\xd3\xde\x56' | openssl enc -e -aes-128-ofb -K 52A7A13F5BA00392310C5BC1D4F8FF23 -iv DB6B6413C2BA2F3D783F6B8CFD1E37F9 -nopad | hd - var expected = new byte[] - { - 0xc7, 0x9c, 0x09, 0xe1, 0x99, 0x28, 0x56, 0xe8, 0x16, 0x44, 0x79, 0x84, 0xed, 0x39, 0x3f, 0xc7, - 0xaa, 0x11, 0xde, 0xc5, 0x32, 0xf2, 0xea, 0xd5, 0x81, 0xee, 0x47, 0x8a, 0x10, 0xee, 0xa1, 0x83, - 0x7d, 0xef, 0x5e, 0xe1, 0xf6, 0x92, 0x05, 0xdc, 0x6f, 0x84, 0xed, 0x4e, 0xaa, 0x9b, 0x37, 0xd0, - 0x43, 0xe2, 0x0c, 0x6f, 0x22, 0x31, 0xcb, 0x7d, 0x4d, 0xd7, 0xa1, 0xa4, 0xd9, 0x7e, 0x55, 0xd2, - }; - - var actual = new AesCipher(key, (byte[])iv.Clone(), AesCipherMode.OFB, pkcs7Padding: false).Encrypt(input); - - CollectionAssert.AreEqual(expected, actual); - - var decrypted = new AesCipher(key, (byte[])iv.Clone(), AesCipherMode.OFB, pkcs7Padding: false).Decrypt(actual); - - CollectionAssert.AreEqual(input, decrypted); - } - - [TestMethod] - public void AES_OFB_192_Length16_NoPad() - { - var input = new byte[] - { - 0xa1, 0xc3, 0x2b, 0x5b, 0xd4, 0x13, 0x58, 0x3e, 0x50, 0xc0, 0x6b, 0x93, 0x68, 0xcc, 0xab, 0xad, - }; - var key = new byte[] - { - 0x65, 0xf4, 0x21, 0xee, 0x6f, 0xcb, 0x93, 0x97, 0x78, 0x63, 0xc7, 0x1c, 0x34, 0x76, 0x95, 0x12, - 0xd5, 0x62, 0x20, 0x11, 0xcd, 0xa3, 0x4e, 0xc8, - }; - var iv = new byte[] - { - 0x12, 0x26, 0xc2, 0x02, 0x4f, 0x9c, 0xd5, 0xab, 0x94, 0xbd, 0x27, 0x08, 0xfd, 0x48, 0x8a, 0xd5, - }; - - // echo -n -e '\xa1\xc3\x2b\x5b\xd4\x13\x58\x3e\x50\xc0\x6b\x93\x68\xcc\xab\xad' | openssl enc -e -aes-192-ofb -K 65F421EE6FCB93977863C71C34769512D5622011CDA34EC8 -iv 1226C2024F9CD5AB94BD2708FD488AD5 -nopad | hd - var expected = new byte[] - { - 0x49, 0xc5, 0x2c, 0x55, 0x4c, 0x74, 0xb0, 0x3e, 0xba, 0xd0, 0xcf, 0xdc, 0xd2, 0x44, 0xcb, 0x04, - }; - - var actual = new AesCipher(key, (byte[])iv.Clone(), AesCipherMode.OFB, pkcs7Padding: false).Encrypt(input); - - CollectionAssert.AreEqual(expected, actual); - - var decrypted = new AesCipher(key, (byte[])iv.Clone(), AesCipherMode.OFB, pkcs7Padding: false).Decrypt(actual); - - CollectionAssert.AreEqual(input, decrypted); - } - - [TestMethod] - public void AES_OFB_192_Length35_NoPad() - { - var input = new byte[] - { - 0x2f, 0x93, 0xe3, 0x70, 0x4c, 0x3c, 0x09, 0xd9, 0x2a, 0x58, 0xbd, 0x06, 0xac, 0x99, 0xe0, 0xc1, - 0xa5, 0x59, 0xdb, 0x48, 0x08, 0x91, 0x47, 0xdb, 0x8e, 0x1b, 0x88, 0x76, 0x4f, 0x8c, 0x15, 0x8d, - 0xd7, 0x4a, 0xe1, - }; - var key = new byte[] - { - 0x39, 0xc0, 0xdd, 0x7b, 0xd6, 0x1c, 0xe9, 0xd7, 0xf6, 0xdf, 0xce, 0xfe, 0xfa, 0xdd, 0x66, 0x62, - 0xa3, 0x6c, 0x41, 0xcc, 0x9e, 0x4b, 0x07, 0xe2, - }; - var iv = new byte[] - { - 0x30, 0xb3, 0x93, 0x8a, 0x9e, 0x43, 0x2f, 0x2e, 0x61, 0xb8, 0xa6, 0x01, 0xc7, 0xdd, 0x05, 0x2c, - }; - - // echo -n -e '\x2f\x93\xe3\x70\x4c\x3c\x09\xd9\x2a\x58\xbd\x06\xac\x99\xe0\xc1\xa5\x59\xdb\x48\x08\x91\x47\xdb\x8e\x1b\x88\x76\x4f\x8c\x15\x8d\xd7\x4a\xe1' | openssl enc -e -aes-192-ofb -K 39C0DD7BD61CE9D7F6DFCEFEFADD6662A36C41CC9E4B07E2 -iv 30B3938A9E432F2E61B8A601C7DD052C -nopad | hd - var expected = new byte[] - { - 0xc9, 0xc3, 0x2f, 0x5e, 0x4e, 0xd1, 0x37, 0x02, 0x83, 0xe1, 0xb8, 0x85, 0x9d, 0xdb, 0x0e, 0xd0, - 0xd9, 0xcd, 0xf9, 0x5b, 0xbd, 0x81, 0x63, 0x3a, 0xac, 0xde, 0xf8, 0x5b, 0x2e, 0x2a, 0x8e, 0x84, - 0x09, 0x88, 0x44, - }; - - var actual = new AesCipher(key, (byte[])iv.Clone(), AesCipherMode.OFB, pkcs7Padding: false).Encrypt(input); - - CollectionAssert.AreEqual(expected, actual); - - var decrypted = new AesCipher(key, (byte[])iv.Clone(), AesCipherMode.OFB, pkcs7Padding: false).Decrypt(actual); - - CollectionAssert.AreEqual(input, decrypted); - } - - [TestMethod] - public void AES_OFB_192_Length64_NoPad() - { - var input = new byte[] - { - 0x1f, 0xb9, 0x51, 0xfc, 0xc0, 0x1d, 0x8e, 0x99, 0xe8, 0x29, 0x71, 0x20, 0x96, 0x7d, 0x42, 0xed, - 0xb8, 0xfb, 0x4b, 0x23, 0x88, 0x5e, 0x39, 0xb2, 0xaf, 0x9f, 0x9c, 0x42, 0x36, 0x64, 0x9b, 0xc6, - 0x67, 0x14, 0xac, 0xe5, 0xfa, 0x0b, 0x21, 0x13, 0x25, 0xfa, 0xa1, 0x74, 0xd2, 0x0e, 0x98, 0xe4, - 0x75, 0xb9, 0x48, 0xcc, 0x91, 0xe2, 0xa3, 0xc1, 0x80, 0x9e, 0x4d, 0x20, 0x80, 0x4b, 0x62, 0x83, - }; - var key = new byte[] - { - 0x8e, 0xaa, 0xb9, 0x81, 0xd0, 0x5d, 0xf3, 0xad, 0xda, 0x38, 0xfd, 0x8e, 0xbc, 0xc4, 0xe0, 0xa0, - 0x07, 0xb8, 0xcc, 0x7d, 0x1c, 0xcf, 0x34, 0x85, - }; - var iv = new byte[] - { - 0x70, 0xeb, 0x65, 0x5b, 0xbd, 0x00, 0x92, 0xd9, 0x97, 0x1e, 0xe6, 0x27, 0x55, 0x16, 0x13, 0x18, - }; - - // echo -n -e '\x1f\xb9\x51\xfc\xc0\x1d\x8e\x99\xe8\x29\x71\x20\x96\x7d\x42\xed\xb8\xfb\x4b\x23\x88\x5e\x39\xb2\xaf\x9f\x9c\x42\x36\x64\x9b\xc6\x67\x14\xac\xe5\xfa\x0b\x21\x13\x25\xfa\xa1\x74\xd2\x0e\x98\xe4\x75\xb9\x48\xcc\x91\xe2\xa3\xc1\x80\x9e\x4d\x20\x80\x4b\x62\x83' | openssl enc -e -aes-192-ofb -K 8EAAB981D05DF3ADDA38FD8EBCC4E0A007B8CC7D1CCF3485 -iv 70EB655BBD0092D9971EE62755161318 -nopad | hd - var expected = new byte[] - { - 0x01, 0x8f, 0x85, 0x93, 0xb4, 0x7d, 0x43, 0x4c, 0xac, 0x96, 0xd3, 0xf5, 0xcd, 0x39, 0x29, 0x08, - 0x91, 0x43, 0xe4, 0x87, 0xa0, 0xfe, 0xde, 0x05, 0x5d, 0xfb, 0x1e, 0xe2, 0xea, 0x76, 0x0a, 0x53, - 0xd5, 0xfb, 0x02, 0x9c, 0x08, 0x30, 0x6d, 0x7b, 0x53, 0xd6, 0x9f, 0xbc, 0x1b, 0x76, 0x05, 0x55, - 0xb8, 0xa8, 0x9d, 0x3b, 0x4d, 0x82, 0x9b, 0x8c, 0x96, 0xeb, 0x4e, 0x9d, 0x91, 0xda, 0x6e, 0x9e, - }; - - var actual = new AesCipher(key, (byte[])iv.Clone(), AesCipherMode.OFB, pkcs7Padding: false).Encrypt(input); - - CollectionAssert.AreEqual(expected, actual); - - var decrypted = new AesCipher(key, (byte[])iv.Clone(), AesCipherMode.OFB, pkcs7Padding: false).Decrypt(actual); - - CollectionAssert.AreEqual(input, decrypted); - } - - [TestMethod] - public void AES_OFB_256_Length16_NoPad() - { - var input = new byte[] - { - 0xc5, 0x9b, 0xf1, 0x59, 0xe4, 0x14, 0x05, 0xbb, 0xbe, 0xac, 0x19, 0xc8, 0x7e, 0xe4, 0x67, 0xbf, - }; - var key = new byte[] - { - 0x76, 0x33, 0x10, 0xe5, 0xf7, 0x98, 0xef, 0xd9, 0xa5, 0x23, 0xf7, 0x9e, 0xde, 0xb8, 0x4a, 0xf1, - 0xa4, 0xb4, 0xb8, 0x80, 0xdd, 0xda, 0xa0, 0x5c, 0xe6, 0xa9, 0x9c, 0x10, 0xe7, 0xca, 0x5a, 0xb2, - }; - var iv = new byte[] - { - 0xb6, 0x26, 0xb1, 0x21, 0x05, 0x2e, 0x20, 0x2d, 0xac, 0x18, 0xb4, 0xc0, 0x1d, 0x66, 0xdd, 0x05, - }; - - // echo -n -e '\xc5\x9b\xf1\x59\xe4\x14\x05\xbb\xbe\xac\x19\xc8\x7e\xe4\x67\xbf' | openssl enc -e -aes-256-ofb -K 763310E5F798EFD9A523F79EDEB84AF1A4B4B880DDDAA05CE6A99C10E7CA5AB2 -iv B626B121052E202DAC18B4C01D66DD05 -nopad | hd - var expected = new byte[] - { - 0xd4, 0xef, 0xb1, 0x5d, 0x7c, 0x7e, 0x36, 0x89, 0xd2, 0x18, 0xbb, 0x8c, 0x1f, 0x07, 0x1d, 0x49, - }; - - var actual = new AesCipher(key, (byte[])iv.Clone(), AesCipherMode.OFB, pkcs7Padding: false).Encrypt(input); - - CollectionAssert.AreEqual(expected, actual); - - var decrypted = new AesCipher(key, (byte[])iv.Clone(), AesCipherMode.OFB, pkcs7Padding: false).Decrypt(actual); - - CollectionAssert.AreEqual(input, decrypted); - } - - [TestMethod] - public void AES_OFB_256_Length35_NoPad() - { - var input = new byte[] - { - 0x62, 0x28, 0x23, 0xc9, 0x2c, 0xe7, 0xe2, 0x9b, 0x92, 0xb4, 0xff, 0x4e, 0xfb, 0xde, 0xf1, 0xda, - 0xc9, 0x44, 0xe8, 0xb7, 0x07, 0x28, 0xeb, 0x76, 0x94, 0x8a, 0xd4, 0xc4, 0x26, 0xe0, 0x3e, 0x7f, - 0xcc, 0x97, 0xae, - }; - var key = new byte[] - { - 0xbf, 0xa7, 0x90, 0x86, 0xcf, 0x44, 0x15, 0x8e, 0x50, 0x2f, 0xd1, 0x32, 0xcd, 0x26, 0xd9, 0xf7, - 0xd9, 0x7e, 0x25, 0xfe, 0x39, 0x3c, 0xac, 0x35, 0xa1, 0x12, 0x1d, 0x75, 0xb2, 0x76, 0x7f, 0x82, - }; - var iv = new byte[] - { - 0x64, 0x30, 0x32, 0x33, 0x38, 0xbd, 0x18, 0x73, 0xf2, 0x99, 0x9b, 0x47, 0xc2, 0x58, 0x07, 0x9d, - }; - - // echo -n -e '\x62\x28\x23\xc9\x2c\xe7\xe2\x9b\x92\xb4\xff\x4e\xfb\xde\xf1\xda\xc9\x44\xe8\xb7\x07\x28\xeb\x76\x94\x8a\xd4\xc4\x26\xe0\x3e\x7f\xcc\x97\xae' | openssl enc -e -aes-256-ofb -K BFA79086CF44158E502FD132CD26D9F7D97E25FE393CAC35A1121D75B2767F82 -iv 6430323338BD1873F2999B47C258079D -nopad | hd - var expected = new byte[] - { - 0xf9, 0x43, 0x63, 0x96, 0x35, 0x46, 0x21, 0xac, 0x84, 0x43, 0x44, 0x17, 0xfc, 0x78, 0x41, 0x12, - 0x4e, 0x69, 0xbb, 0x71, 0x37, 0x12, 0xb1, 0x8f, 0xe0, 0xf7, 0xcf, 0x8c, 0xb0, 0x9b, 0x3e, 0x20, - 0x15, 0x7a, 0xce, - }; - - var actual = new AesCipher(key, (byte[])iv.Clone(), AesCipherMode.OFB, pkcs7Padding: false).Encrypt(input); - - CollectionAssert.AreEqual(expected, actual); - - var decrypted = new AesCipher(key, (byte[])iv.Clone(), AesCipherMode.OFB, pkcs7Padding: false).Decrypt(actual); - - CollectionAssert.AreEqual(input, decrypted); - } - - [TestMethod] - public void AES_OFB_256_Length64_NoPad() - { - var input = new byte[] - { - 0x4d, 0xe8, 0x64, 0x00, 0xa6, 0x98, 0x75, 0x82, 0xfa, 0x5b, 0xe4, 0xbc, 0x26, 0xa0, 0xdc, 0xd9, - 0xaf, 0x4f, 0xce, 0x9d, 0xf4, 0xa5, 0xbf, 0x1b, 0x65, 0xb2, 0x0c, 0x9f, 0xa1, 0x65, 0x72, 0x49, - 0x0b, 0x80, 0x27, 0xc9, 0x11, 0x7e, 0xdc, 0xcb, 0xbb, 0xb0, 0x38, 0xdc, 0xd9, 0x5c, 0x4d, 0x51, - 0xbd, 0xc1, 0x97, 0x73, 0x8a, 0x69, 0xa9, 0xa7, 0x29, 0x49, 0x9a, 0xf3, 0x8c, 0xd5, 0xe1, 0x95, - }; - var key = new byte[] - { - 0xe9, 0x9a, 0xb0, 0xa5, 0x78, 0x12, 0xc8, 0x30, 0x73, 0x02, 0xe2, 0x44, 0x6d, 0xe2, 0x41, 0x09, - 0x65, 0xba, 0xe2, 0xdf, 0xcd, 0xff, 0xbe, 0xa1, 0xd7, 0x80, 0xa0, 0xc8, 0xe3, 0xe8, 0x3e, 0xe5, - }; - var iv = new byte[] - { - 0xce, 0xa2, 0xf3, 0x3e, 0xab, 0xa7, 0xd9, 0xaa, 0xf9, 0x66, 0xff, 0x87, 0x87, 0x65, 0x39, 0x46, - }; - - // echo -n -e '\x4d\xe8\x64\x00\xa6\x98\x75\x82\xfa\x5b\xe4\xbc\x26\xa0\xdc\xd9\xaf\x4f\xce\x9d\xf4\xa5\xbf\x1b\x65\xb2\x0c\x9f\xa1\x65\x72\x49\x0b\x80\x27\xc9\x11\x7e\xdc\xcb\xbb\xb0\x38\xdc\xd9\x5c\x4d\x51\xbd\xc1\x97\x73\x8a\x69\xa9\xa7\x29\x49\x9a\xf3\x8c\xd5\xe1\x95' | openssl enc -e -aes-256-ofb -K E99AB0A57812C8307302E2446DE2410965BAE2DFCDFFBEA1D780A0C8E3E83EE5 -iv CEA2F33EABA7D9AAF966FF8787653946 -nopad | hd - var expected = new byte[] - { - 0xc0, 0xf7, 0xb0, 0x88, 0xc2, 0xe6, 0x70, 0x12, 0xea, 0x47, 0x5c, 0x01, 0xd9, 0x1b, 0xaf, 0xc2, - 0x92, 0x8e, 0x63, 0xed, 0xe5, 0xd4, 0x31, 0x6e, 0xe3, 0xe6, 0xc6, 0x39, 0x6e, 0x6a, 0x92, 0xbe, - 0x00, 0x13, 0x66, 0x7d, 0xa7, 0x01, 0x07, 0xd4, 0xdb, 0x21, 0xac, 0x1f, 0x12, 0xcf, 0xc8, 0xbf, - 0xf0, 0x1e, 0x04, 0x78, 0x6a, 0x90, 0x95, 0x80, 0x16, 0x8c, 0x7c, 0x86, 0xca, 0x26, 0x78, 0xab, - }; - - var actual = new AesCipher(key, (byte[])iv.Clone(), AesCipherMode.OFB, pkcs7Padding: false).Encrypt(input); + var actual = new AesCtrCipher(key, (byte[])iv.Clone()).Encrypt(input); CollectionAssert.AreEqual(expected, actual); - var decrypted = new AesCipher(key, (byte[])iv.Clone(), AesCipherMode.OFB, pkcs7Padding: false).Decrypt(actual); + var decrypted = new AesCtrCipher(key, (byte[])iv.Clone()).Decrypt(actual); CollectionAssert.AreEqual(input, decrypted); } diff --git a/test/Renci.SshNet.Tests/Classes/Security/Cryptography/Ciphers/TripleDesCipherTest.Gen.cs.txt b/test/Renci.SshNet.Tests/Classes/Security/Cryptography/Ciphers/TripleDesCipherTest.Gen.cs.txt index bf0b2749a..9e4f34f7e 100644 --- a/test/Renci.SshNet.Tests/Classes/Security/Cryptography/Ciphers/TripleDesCipherTest.Gen.cs.txt +++ b/test/Renci.SshNet.Tests/Classes/Security/Cryptography/Ciphers/TripleDesCipherTest.Gen.cs.txt @@ -7,7 +7,6 @@ Dictionary modes = new() { ["cbc"] = ("(byte[])iv.Clone(), CipherMode.CBC", CipherMode.CBC), - ["cfb"] = ("(byte[])iv.Clone(), CipherMode.CFB", CipherMode.CFB), }; Random random = new(123); diff --git a/test/Renci.SshNet.Tests/Classes/Security/Cryptography/Ciphers/TripleDesCipherTest.cs b/test/Renci.SshNet.Tests/Classes/Security/Cryptography/Ciphers/TripleDesCipherTest.cs index 7bec3ca23..94f5b3b5b 100644 --- a/test/Renci.SshNet.Tests/Classes/Security/Cryptography/Ciphers/TripleDesCipherTest.cs +++ b/test/Renci.SshNet.Tests/Classes/Security/Cryptography/Ciphers/TripleDesCipherTest.cs @@ -1,10 +1,10 @@ -using Microsoft.VisualStudio.TestTools.UnitTesting; +using System.Security.Cryptography; + +using Microsoft.VisualStudio.TestTools.UnitTesting; using Renci.SshNet.Security.Cryptography.Ciphers; using Renci.SshNet.Tests.Common; -using CipherMode = System.Security.Cryptography.CipherMode; - namespace Renci.SshNet.Tests.Classes.Security.Cryptography.Ciphers { /// @@ -180,105 +180,5 @@ public void TripleDes_CBC_Length32_Pad() CollectionAssert.AreEqual(input, decrypted); } - - [TestMethod] - public void TripleDes_CFB_Length8_NoPad() - { - var input = new byte[] - { - 0x4f, 0xa6, 0x62, 0x4f, 0x3b, 0xfb, 0xa3, 0x63, - }; - var key = new byte[] - { - 0x38, 0xec, 0x32, 0xfd, 0x7d, 0xdb, 0x38, 0x99, 0x93, 0x53, 0xfc, 0x86, 0x5d, 0x35, 0xe9, 0x68, - 0x02, 0xda, 0x1a, 0x43, 0x0b, 0x02, 0x55, 0x57, - }; - var iv = new byte[] - { - 0x74, 0xed, 0x7d, 0x5a, 0xbf, 0x82, 0x3b, 0x05, - }; - - // echo -n -e '\x4f\xa6\x62\x4f\x3b\xfb\xa3\x63' | openssl enc -e -des-ede3-cfb -K 38EC32FD7DDB38999353FC865D35E96802DA1A430B025557 -iv 74ED7D5ABF823B05 -nopad | hd - var expected = new byte[] - { - 0x28, 0x48, 0x3f, 0xb4, 0x48, 0xce, 0x96, 0xaf, - }; - - var actual = new TripleDesCipher(key, (byte[])iv.Clone(), CipherMode.CFB, pkcs7Padding: false).Encrypt(input); - - CollectionAssert.AreEqual(expected, actual); - - var decrypted = new TripleDesCipher(key, (byte[])iv.Clone(), CipherMode.CFB, pkcs7Padding: false).Decrypt(actual); - - CollectionAssert.AreEqual(input, decrypted); - } - - [TestMethod] - public void TripleDes_CFB_Length17_NoPad() - { - var input = new byte[] - { - 0x6a, 0xc2, 0x70, 0x62, 0xff, 0x28, 0x34, 0xce, 0x08, 0x58, 0x9c, 0xe3, 0x76, 0x1b, 0xbb, 0x1a, - 0xbc, - }; - var key = new byte[] - { - 0xf9, 0x4c, 0x60, 0xe1, 0x5f, 0x57, 0x35, 0x96, 0xda, 0x89, 0x8f, 0x5e, 0xde, 0xd9, 0x10, 0x17, - 0xf6, 0x1b, 0x9a, 0xc4, 0x87, 0x69, 0xda, 0xa5, - }; - var iv = new byte[] - { - 0x4b, 0x3b, 0xb3, 0x66, 0x71, 0xe0, 0x58, 0x31, - }; - - // echo -n -e '\x6a\xc2\x70\x62\xff\x28\x34\xce\x08\x58\x9c\xe3\x76\x1b\xbb\x1a\xbc' | openssl enc -e -des-ede3-cfb -K F94C60E15F573596DA898F5EDED91017F61B9AC48769DAA5 -iv 4B3BB36671E05831 -nopad | hd - var expected = new byte[] - { - 0x5a, 0x7e, 0x55, 0x4d, 0x63, 0xc1, 0x80, 0x32, 0x84, 0xdc, 0xd0, 0xa7, 0x6c, 0xea, 0x65, 0x42, - 0xc3, - }; - - var actual = new TripleDesCipher(key, (byte[])iv.Clone(), CipherMode.CFB, pkcs7Padding: false).Encrypt(input); - - CollectionAssert.AreEqual(expected, actual); - - var decrypted = new TripleDesCipher(key, (byte[])iv.Clone(), CipherMode.CFB, pkcs7Padding: false).Decrypt(actual); - - CollectionAssert.AreEqual(input, decrypted); - } - - [TestMethod] - public void TripleDes_CFB_Length32_NoPad() - { - var input = new byte[] - { - 0x62, 0x9d, 0xc6, 0x36, 0xda, 0x23, 0x0b, 0x6b, 0x3b, 0xcb, 0x24, 0x9f, 0xa4, 0x6f, 0x29, 0x7e, - 0x8b, 0xcb, 0x7f, 0xff, 0x21, 0x56, 0x34, 0x90, 0x72, 0xba, 0x95, 0x23, 0xa3, 0xcf, 0x25, 0xfa, - }; - var key = new byte[] - { - 0x30, 0x5e, 0xfc, 0x40, 0x13, 0xda, 0x3d, 0xd3, 0x10, 0x2f, 0x89, 0xbc, 0x44, 0x3a, 0x01, 0xdb, - 0x11, 0x34, 0xda, 0xa5, 0x60, 0x58, 0x10, 0x0c, - }; - var iv = new byte[] - { - 0x69, 0x35, 0xc3, 0x1f, 0x8d, 0xe7, 0xc7, 0x6b, - }; - - // echo -n -e '\x62\x9d\xc6\x36\xda\x23\x0b\x6b\x3b\xcb\x24\x9f\xa4\x6f\x29\x7e\x8b\xcb\x7f\xff\x21\x56\x34\x90\x72\xba\x95\x23\xa3\xcf\x25\xfa' | openssl enc -e -des-ede3-cfb -K 305EFC4013DA3DD3102F89BC443A01DB1134DAA56058100C -iv 6935C31F8DE7C76B -nopad | hd - var expected = new byte[] - { - 0xb8, 0xcf, 0xf4, 0xf9, 0x88, 0xfd, 0x02, 0xf1, 0xb9, 0xe9, 0xf0, 0xb3, 0x1d, 0x0a, 0x9b, 0x91, - 0x30, 0x3e, 0xf7, 0xa2, 0xf6, 0xb4, 0xa5, 0xc4, 0x4d, 0x89, 0x06, 0xed, 0x55, 0xd3, 0x28, 0xd0, - }; - - var actual = new TripleDesCipher(key, (byte[])iv.Clone(), CipherMode.CFB, pkcs7Padding: false).Encrypt(input); - - CollectionAssert.AreEqual(expected, actual); - - var decrypted = new TripleDesCipher(key, (byte[])iv.Clone(), CipherMode.CFB, pkcs7Padding: false).Decrypt(actual); - - CollectionAssert.AreEqual(input, decrypted); - } } } diff --git a/test/Renci.SshNet.Tests/Classes/Security/Cryptography/RsaKeyTest.cs b/test/Renci.SshNet.Tests/Classes/Security/Cryptography/RsaKeyTest.cs index 4db84a145..2f8f44205 100644 --- a/test/Renci.SshNet.Tests/Classes/Security/Cryptography/RsaKeyTest.cs +++ b/test/Renci.SshNet.Tests/Classes/Security/Cryptography/RsaKeyTest.cs @@ -187,23 +187,6 @@ public void Key_RSA_Encrypted_Des_Ede3_CBC_12345() AssertEqual(p.InverseQ, "C0C0C959707C6ABABA1B908C104EC037CE2C9187B17A659342A22BB44231A8AA53BD4AAD277349D87557F114197265001A1384F63E4746FE4CA1545A8D3BF803C2B7A6F46122F5659885DA60F1F88D1891DDFAA274B58A8AE08C2F2F52E89F9C6E3F79CBE16DD4DF2F9DC96442FA67758DCEF2A6F84451476F8347B3E67CAD5D"); } - [TestMethod] - public void Key_RSA_Encrypted_Des_Ede3_CFB_1234567890() - { - RsaKey rsaKey = GetRsaKey("Key.RSA.Encrypted.Des.Ede3.CFB.1234567890.txt", "1234567890"); - - RSAParameters p = rsaKey.GetRSAParameters(); - - AssertEqual(p.Modulus, "B3CB66D69596F093904E9BAFB0695FFF1EECBB7F17B8AA3BCCE2E263FEA007E6415ACE940B74E73F55271B5DEAC92F5EB969885AA573FF777A38CFCEF72B23C20CC18D11902327A4C5B5F10DBF88A58AD947C4F94075C58CFA7FC9719C927BAB51817C1B8B9BC6A24050B7B9942CE0FDBE1A37D571BF5B4C4D175A02B2CF95D7"); - AssertEqual(p.Exponent, "23"); - AssertEqual(p.D, "7103827840C546C32781DE33EB3AEBE230B20F74754F80F263874C795E38B4821A7397CAC55F6CC8B92E863B089BB7601CC5FDEFD5B6A0943E3256BC9B5CF1E6A1D0842ABE79CAA6044D1B1276D75116E57CE6C19DD690EDFB988384023734D27F4D795CE6472793A855A53C5A69C1CA3D8AA21EB113D8833F1F6B93B419F94B"); - AssertEqual(p.P, "E6DADD79CFEE89E89EA263F95B6D475BB472E631720F7EC4B49956A4BBC00F62C852AB1C3F10ADAB80F71EA247D01B1F06524798C8FAB07033302D60AF4F01A7"); - AssertEqual(p.Q, "C760C60DEE444FB408F5F948787F00165AA56FAB0D79A607D88B15EF3A63526E0479615FDE312B7490A2CC65D3CBCBBFE182A88031F68C96EFA98D1FC2117051"); - AssertEqual(p.DP, "3B5CD9DD7E9C6C9AE6F68EBC7698716F5A496E647C6A626D187F3389721B71ABAFDABE491787F224C9641DD1F53583511EE1F527499F8C749F72C9D7088207BD"); - AssertEqual(p.DQ, "60D73BA05DC9688AA54445E15F191D4CAFAF70C0CC07E2EDDE34ED659163712E1F6E27FB5D4B151B5C31D0FE424D0B315046C6DF2E35EC83D37E3D3B4FA211FB"); - AssertEqual(p.InverseQ, "C2A3CAFBAA7370C2692C83B953AB0705B1BB497513BD6798893D41579318D11D6ACE21F8321C229E9DF5A25A404262C9C60D4BD314435C103A9B18E4AD7F07C4"); - } - [TestMethod] public void Key_RSA() {