Public Member Functions | |
BouncyCastle () | |
bool | testKeys (byte[] plain, IxianKeyPair key_pair) |
Verifies that the provided Ixian key pair are valid, working RSA keys. Both encryption and signing are tested and the resulting values are then decrypted and verified to ensure that the process is reversible. More... | |
IxianKeyPair | generateKeys (int keySize, bool skip_header=false) |
Generates a new pair of RSA private and public keys. More... | |
byte [] | getSignature (byte[] input_data, byte[] privateKey) |
Generates a cryptographic signature for the input data, using the provided private key in the Ixian serialized format. See the class IxianKeyPair and the function generateKeys() for information about how to obtain a serialized RSA key. More... | |
bool | verifySignature (byte[] input_data, byte[] publicKey, byte[] signature) |
Verifies that the given signature correctly signs the data with the given public key. See the class IxianKeyPair and the function generateKeys() for information about how to obtain a serialized RSA key. The signature should be one which has been calculated with the getSignature() function. More... | |
byte [] | encryptWithRSA (byte[] input, byte[] publicKey) |
Encrypts the data using RSA cryptography and using the provided public key in the Ixian serialized format. See the class IxianKeyPair and the function generateKeys() for information about how to obtain a serialized RSA key. More... | |
byte [] | decryptWithRSA (byte[] input, byte[] privateKey) |
Decrypts the data using RSA cryptography and using the provided private key in the Ixian serialized format. See the class IxianKeyPair and the function generateKeys() for information about how to obtain a serialized RSA key. The encrypted data should be the value returned from encryptWithRSA() function. More... | |
byte [] | encryptDataAES (byte[] input, byte[] key) |
Encrpyts the provided data with a variant of the AES algorithm and using the provided symmetrical encryption key. More... | |
byte [] | decryptDataAES (byte[] input, byte [] key, int inOffset=0) |
Decrypts the provided block of data with a variant of the AES algorithm and using the provided symmetrical encryption key. More... | |
byte [] | encryptWithPassword (byte[] data, string password) |
Encrypts the provided data with the given password. This function uses encryptDataAES() as the internal encryption primitive, but abstracts away some of the detail around key and salt generation. More... | |
byte [] | decryptWithPassword (byte[] data, string password) |
Encrypts the provided data with the given password. This function uses decryptDataAES() as the internal encryption primitive, but abstracts away some of the detail around key and salt processing. More... | |
byte [] | encryptWithChacha (byte[] input, byte[] key) |
Encrypt the given data using the Chacha engine. More... | |
byte [] | decryptWithChacha (byte[] input, byte[] key) |
Decrypt the given data using the Chacha engine. More... | |
byte [] | generateChildKey (byte[] parentKey, int seed=0) |
Generates a child RSA key from the given parent RSA key, so that the process may be repeated in the future. This function allows for RSA key derivation and hirearchical keys. Using a different seed value will yield different child keys, but the process can be repeated if the seed values are known. More... | |
byte [] | getSecureRandomBytes (int length) |
Generates secure random bytes according to the specified length. More... | |
Definition at line 16 of file BouncyCastle.cs.
IXICore.BouncyCastle.BouncyCastle | ( | ) |
Definition at line 29 of file BouncyCastle.cs.
byte [] IXICore.BouncyCastle.decryptDataAES | ( | byte [] | input, |
byte [] | key, | ||
int | offset = 0 |
||
) |
Decrypts the provided block of data with a variant of the AES algorithm and using the provided symmetrical encryption key.
This function mirrors encryptDataAES()
, so the input data should also contain the random salt value used in encryption. The function allows processing encrypted data from a larger byte buffer by specifying the offset at which the data starts. For most use cases, offset
should be set to 0.
input | Ciphertext data to decrypt |
key | Decryption key. |
offset | Offset of the encrypted data in the byte-field. This is usually 0. |
Implements IXICore.ICryptoLib.
Definition at line 277 of file BouncyCastle.cs.
byte [] IXICore.BouncyCastle.decryptWithChacha | ( | byte [] | input, |
byte [] | key | ||
) |
Decrypt the given data using the Chacha engine.
input | Ciphertext data. |
key | Chacha decryption key. |
Implements IXICore.ICryptoLib.
Definition at line 388 of file BouncyCastle.cs.
byte [] IXICore.BouncyCastle.decryptWithPassword | ( | byte [] | data, |
string | password | ||
) |
Encrypts the provided data with the given password. This function uses decryptDataAES()
as the internal encryption primitive, but abstracts away some of the detail around key and salt processing.
In order to obtain a good encryption key from the password, PBKDF2 from RFC 2898 is used. This function is the inverse of encryptWithPassword()
, so it can only process Ciphertext generated by that function.
data | Ciphertext data. |
password | Encryption password. |
Implements IXICore.ICryptoLib.
Definition at line 329 of file BouncyCastle.cs.
byte [] IXICore.BouncyCastle.decryptWithRSA | ( | byte [] | input, |
byte [] | privateKey | ||
) |
Decrypts the data using RSA cryptography and using the provided private key in the Ixian serialized format. See the class IxianKeyPair
and the function generateKeys()
for information about how to obtain a serialized RSA key. The encrypted data should be the value returned from encryptWithRSA()
function.
input | Ciphertext data to decrypt. |
privateKey | RSA private key in the Ixian serialized format. |
Implements IXICore.ICryptoLib.
Definition at line 243 of file BouncyCastle.cs.
byte [] IXICore.BouncyCastle.encryptDataAES | ( | byte [] | input, |
byte [] | key | ||
) |
Encrpyts the provided data with a variant of the AES algorithm and using the provided symmetrical encryption key.
For best results, the key should be as random as possible. The function also generates a random salt value to increase the security of encryption. Because the salt value is needed for decryption, it is returned together with the ciphertext. The exact algorithm used for encryption is "AES/CBC/PKCS7Padding"
input | Cleartext data. |
key | Encryption key. |
Implements IXICore.ICryptoLib.
Definition at line 250 of file BouncyCastle.cs.
byte [] IXICore.BouncyCastle.encryptWithChacha | ( | byte [] | input, |
byte [] | key | ||
) |
Encrypt the given data using the Chacha engine.
input | Cleartext data. |
key | Chacha encryption key. |
Implements IXICore.ICryptoLib.
Definition at line 346 of file BouncyCastle.cs.
byte [] IXICore.BouncyCastle.encryptWithPassword | ( | byte [] | data, |
string | password | ||
) |
Encrypts the provided data with the given password. This function uses encryptDataAES()
as the internal encryption primitive, but abstracts away some of the detail around key and salt generation.
In order to obtain a good encryption key from the password, PBKDF2 from RFC 2898 is used. Since the function also generates a random encryption salt, the returned byte-field also includes this salt value.
data | Cleartext data. |
password | Encryption password. |
Implements IXICore.ICryptoLib.
Definition at line 315 of file BouncyCastle.cs.
byte [] IXICore.BouncyCastle.encryptWithRSA | ( | byte [] | input, |
byte [] | publicKey | ||
) |
Encrypts the data using RSA cryptography and using the provided public key in the Ixian serialized format. See the class IxianKeyPair
and the function generateKeys()
for information about how to obtain a serialized RSA key.
input | Cleartext data to encrypt. |
publicKey | RSA public key in the Ixian serialized format. |
Implements IXICore.ICryptoLib.
Definition at line 235 of file BouncyCastle.cs.
byte [] IXICore.BouncyCastle.generateChildKey | ( | byte [] | parentKey, |
int | seed = 0 |
||
) |
Generates a child RSA key from the given parent RSA key, so that the process may be repeated in the future. This function allows for RSA key derivation and hirearchical keys. Using a different seed
value will yield different child keys, but the process can be repeated if the seed values are known.
parentKey | RSA private key in Ixian serialized format. |
seed | A unique seed value. |
Implements IXICore.ICryptoLib.
Definition at line 416 of file BouncyCastle.cs.
IxianKeyPair IXICore.BouncyCastle.generateKeys | ( | int | keySize, |
bool | skip_header = false |
||
) |
Generates a new pair of RSA private and public keys.
The serialized key format has changed slightly and the parameter skip_header
is used to denote older Ixian keys which did not include version information. It is recommended that the parameter is left on its default value false
when using this function, unless you have a very specific need togenerate older Ixian keys.
keySize | Size of the new RSA key, in bits. |
skip_header | Legacy parameter to allow generating older Ixian keys. |
Implements IXICore.ICryptoLib.
Definition at line 178 of file BouncyCastle.cs.
byte [] IXICore.BouncyCastle.getSecureRandomBytes | ( | int | length | ) |
Generates secure random bytes according to the specified length.
length | Length of the random data. |
Implements IXICore.ICryptoLib.
Definition at line 452 of file BouncyCastle.cs.
byte [] IXICore.BouncyCastle.getSignature | ( | byte [] | input, |
byte [] | privateKey | ||
) |
Generates a cryptographic signature for the input data, using the provided private key in the Ixian serialized format. See the class IxianKeyPair
and the function generateKeys()
for information about how to obtain a serialized RSA key.
input | Data which should be signed. |
privateKey | Private key for signing the data in Ixian serialized format. |
Implements IXICore.ICryptoLib.
Definition at line 201 of file BouncyCastle.cs.
bool IXICore.BouncyCastle.testKeys | ( | byte [] | sample, |
IxianKeyPair | kp | ||
) |
Verifies that the provided Ixian key pair are valid, working RSA keys. Both encryption and signing are tested and the resulting values are then decrypted and verified to ensure that the process is reversible.
sample | Sample data, used for testing the keys (Cleartext). |
kp | Ixian RSA key pair to be tested. |
Implements IXICore.ICryptoLib.
Definition at line 148 of file BouncyCastle.cs.
bool IXICore.BouncyCastle.verifySignature | ( | byte [] | input, |
byte [] | publicKey, | ||
byte [] | signature | ||
) |
Verifies that the given signature correctly signs the data with the given public key. See the class IxianKeyPair
and the function generateKeys()
for information about how to obtain a serialized RSA key. The signature should be one which has been calculated with the getSignature()
function.
input | Data which has been signed using the public key's corresponding private key. |
publicKey | Public key against which the signature should be tested. |
signature | Signature, as given by getSignature() . |
Implements IXICore.ICryptoLib.
Definition at line 217 of file BouncyCastle.cs.