Public Member Functions | |
BouncyCastle () | |
bool | testKeys (byte[] plain, IxianKeyPair key_pair) |
Verifies that the provided Ixian key pair are valid, working RSA keys. Both encryption and signing are tested and the resulting values are then decrypted and verified to ensure that the process is reversible. More... | |
IxianKeyPair | generateKeys (int keySize, bool skip_header=false) |
Generates a new pair of RSA private and public keys. More... | |
byte [] | getSignature (byte[] input_data, byte[] privateKey) |
Generates a cryptographic signature for the input data, using the provided private key in the Ixian serialized format. See the class IxianKeyPair and the function generateKeys() for information about how to obtain a serialized RSA key. More... | |
bool | verifySignature (byte[] input_data, byte[] publicKey, byte[] signature) |
Verifies that the given signature correctly signs the data with the given public key. See the class IxianKeyPair and the function generateKeys() for information about how to obtain a serialized RSA key. The signature should be one which has been calculated with the getSignature() function. More... | |
byte [] | encryptWithRSA (byte[] input, byte[] publicKey) |
Encrypts the data using RSA cryptography and using the provided public key in the Ixian serialized format. See the class IxianKeyPair and the function generateKeys() for information about how to obtain a serialized RSA key. More... | |
byte [] | decryptWithRSA (byte[] input, byte[] privateKey) |
Decrypts the data using RSA cryptography and using the provided private key in the Ixian serialized format. See the class IxianKeyPair and the function generateKeys() for information about how to obtain a serialized RSA key. The encrypted data should be the value returned from encryptWithRSA() function. More... | |
byte [] | encryptDataAES (byte[] input, byte[] key) |
Encrpyts the provided data with a variant of the AES algorithm and using the provided symmetrical encryption key. More... | |
byte [] | decryptDataAES (byte[] input, byte [] key, int inOffset=0) |
Decrypts the provided block of data with a variant of the AES algorithm and using the provided symmetrical encryption key. More... | |
byte [] | encryptWithPassword (byte[] data, string password) |
Encrypts the provided data with the given password. This function uses encryptDataAES() as the internal encryption primitive, but abstracts away some of the detail around key and salt generation. More... | |
byte [] | decryptWithPassword (byte[] data, string password) |
Encrypts the provided data with the given password. This function uses decryptDataAES() as the internal encryption primitive, but abstracts away some of the detail around key and salt processing. More... | |
byte [] | encryptWithChacha (byte[] input, byte[] key) |
Encrypts the provided data with the given password. This function uses Bouncy Castle's 'ChaCha' method as the internal encryption primitive, but abstracts away some of the detail around key processing. More... | |
byte [] | decryptWithChacha (byte[] input, byte[] key) |
Decrypts the provided data with the given password. This function uses Bouncy Castle's 'ChaCha' method as the internal encryption primitive, but abstracts away some of the detail around key processing. More... | |
byte [] | generateChildKey (byte[] parentKey, int seed=0) |
Generates a child RSA key from the given parent RSA key, so that the process may be repeated in the future. This function allows for RSA key derivation and hirearchical keys. Using a different seed value will yield different child keys, but the process can be repeated if the seed values are known. More... | |
Definition at line 20 of file BouncyCastle.cs.
CryptoLibs.BouncyCastle.BouncyCastle | ( | ) |
Definition at line 30 of file BouncyCastle.cs.
byte [] CryptoLibs.BouncyCastle.decryptDataAES | ( | byte [] | input, |
byte [] | key, | ||
int | offset = 0 |
||
) |
Decrypts the provided block of data with a variant of the AES algorithm and using the provided symmetrical encryption key.
This function mirrors encryptDataAES()
, so the input data should also contain the random salt value used in encryption. The function allows processing encrypted data from a larger byte buffer by specifying the offset at which the data starts. For most use cases, offset
should be set to 0.
input | Ciphertext data to decrypt |
key | Decryption key. |
offset | Offset of the encrypted data in the byte-field. This is usually 0. |
Implements DLT.ICryptoLib.
Definition at line 275 of file BouncyCastle.cs.
byte [] CryptoLibs.BouncyCastle.decryptWithChacha | ( | byte [] | input, |
byte [] | key | ||
) |
Decrypts the provided data with the given password. This function uses Bouncy Castle's 'ChaCha' method as the internal encryption primitive, but abstracts away some of the detail around key processing.
data | Ciphertext data. |
password | Decryption password. |
Implements DLT.ICryptoLib.
Definition at line 387 of file BouncyCastle.cs.
byte [] CryptoLibs.BouncyCastle.decryptWithPassword | ( | byte [] | data, |
string | password | ||
) |
Encrypts the provided data with the given password. This function uses decryptDataAES()
as the internal encryption primitive, but abstracts away some of the detail around key and salt processing.
In order to obtain a good encryption key from the password, PBKDF2 from RFC 2898 is used. This function is the inverse of encryptWithPassword()
, so it can only process Ciphertext generated by that function.
data | Ciphertext data. |
password | Encryption password. |
Implements DLT.ICryptoLib.
Definition at line 332 of file BouncyCastle.cs.
byte [] CryptoLibs.BouncyCastle.decryptWithRSA | ( | byte [] | input, |
byte [] | privateKey | ||
) |
Decrypts the data using RSA cryptography and using the provided private key in the Ixian serialized format. See the class IxianKeyPair
and the function generateKeys()
for information about how to obtain a serialized RSA key. The encrypted data should be the value returned from encryptWithRSA()
function.
input | Ciphertext data to decrypt. |
privateKey | RSA private key in the Ixian serialized format. |
Implements DLT.ICryptoLib.
Definition at line 236 of file BouncyCastle.cs.
byte [] CryptoLibs.BouncyCastle.encryptDataAES | ( | byte [] | input, |
byte [] | key | ||
) |
Encrpyts the provided data with a variant of the AES algorithm and using the provided symmetrical encryption key.
For best results, the key should be as random as possible. The function also generates a random salt value to increase the security of encryption. Because the salt value is needed for decryption, it is returned together with the ciphertext. The exact algorithm used for encryption is "AES/CBC/PKCS7Padding"
input | Cleartext data. |
key | Encryption key. |
Implements DLT.ICryptoLib.
Definition at line 243 of file BouncyCastle.cs.
byte [] CryptoLibs.BouncyCastle.encryptWithChacha | ( | byte [] | input, |
byte [] | key | ||
) |
Encrypts the provided data with the given password. This function uses Bouncy Castle's 'ChaCha' method as the internal encryption primitive, but abstracts away some of the detail around key processing.
data | Cleartext data. |
password | Encryption password. |
Implements DLT.ICryptoLib.
Definition at line 344 of file BouncyCastle.cs.
byte [] CryptoLibs.BouncyCastle.encryptWithPassword | ( | byte [] | data, |
string | password | ||
) |
Encrypts the provided data with the given password. This function uses encryptDataAES()
as the internal encryption primitive, but abstracts away some of the detail around key and salt generation.
In order to obtain a good encryption key from the password, PBKDF2 from RFC 2898 is used. Since the function also generates a random encryption salt, the returned byte-field also includes this salt value.
data | Cleartext data. |
password | Encryption password. |
Implements DLT.ICryptoLib.
Definition at line 313 of file BouncyCastle.cs.
byte [] CryptoLibs.BouncyCastle.encryptWithRSA | ( | byte [] | input, |
byte [] | publicKey | ||
) |
Encrypts the data using RSA cryptography and using the provided public key in the Ixian serialized format. See the class IxianKeyPair
and the function generateKeys()
for information about how to obtain a serialized RSA key.
input | Cleartext data to encrypt. |
publicKey | RSA public key in the Ixian serialized format. |
Implements DLT.ICryptoLib.
Definition at line 228 of file BouncyCastle.cs.
byte [] CryptoLibs.BouncyCastle.generateChildKey | ( | byte [] | parentKey, |
int | seed = 0 |
||
) |
Generates a child RSA key from the given parent RSA key, so that the process may be repeated in the future. This function allows for RSA key derivation and hirearchical keys. Using a different seed
value will yield different child keys, but the process can be repeated if the seed values are known.
parentKey | RSA private key in Ixian serialized format. |
seed | A unique seed value. |
Implements DLT.ICryptoLib.
Definition at line 415 of file BouncyCastle.cs.
IxianKeyPair CryptoLibs.BouncyCastle.generateKeys | ( | int | keySize, |
bool | skip_header = false |
||
) |
Generates a new pair of RSA private and public keys.
The serialized key format has changed slightly and the parameter skip_header
is used to denote older Ixian keys which did not include version information. It is recommended that the parameter is left on its default value false
when using this function, unless you have a very specific need togenerate older Ixian keys.
keySize | Size of the new RSA key, in bits. |
skip_header | Legacy parameter to allow generating older Ixian keys. |
Implements DLT.ICryptoLib.
Definition at line 171 of file BouncyCastle.cs.
byte [] CryptoLibs.BouncyCastle.getSignature | ( | byte [] | input, |
byte [] | privateKey | ||
) |
Generates a cryptographic signature for the input data, using the provided private key in the Ixian serialized format. See the class IxianKeyPair
and the function generateKeys()
for information about how to obtain a serialized RSA key.
input | Data which should be signed. |
privateKey | Private key for signing the data in Ixian serialized format. |
Implements DLT.ICryptoLib.
Definition at line 194 of file BouncyCastle.cs.
bool CryptoLibs.BouncyCastle.testKeys | ( | byte [] | sample, |
IxianKeyPair | kp | ||
) |
Verifies that the provided Ixian key pair are valid, working RSA keys. Both encryption and signing are tested and the resulting values are then decrypted and verified to ensure that the process is reversible.
sample | Sample data, used for testing the keys (Cleartext). |
kp | Ixian RSA key pair to be tested. |
Implements DLT.ICryptoLib.
Definition at line 141 of file BouncyCastle.cs.
bool CryptoLibs.BouncyCastle.verifySignature | ( | byte [] | input, |
byte [] | publicKey, | ||
byte [] | signature | ||
) |
Verifies that the given signature correctly signs the data with the given public key. See the class IxianKeyPair
and the function generateKeys()
for information about how to obtain a serialized RSA key. The signature should be one which has been calculated with the getSignature()
function.
input | Data which has been signed using the public key's corresponding private key. |
publicKey | Public key against which the signature should be tested. |
signature | Signature, as given by getSignature() . |
Implements DLT.ICryptoLib.
Definition at line 210 of file BouncyCastle.cs.