Interface for implementing different cryptographic libraries. More...
Public Member Functions | |
IxianKeyPair | generateKeys (int keySize, bool skip_header=false) |
Generates a new pair of RSA private and public keys. More... | |
byte [] | getSignature (byte[] input, byte[] privateKey) |
Generates a cryptographic signature for the input data, using the provided private key in the Ixian serialized format. See the class IxianKeyPair and the function generateKeys() for information about how to obtain a serialized RSA key. More... | |
bool | verifySignature (byte[] input, byte[] publicKey, byte[] signature) |
Verifies that the given signature correctly signs the data with the given public key. See the class IxianKeyPair and the function generateKeys() for information about how to obtain a serialized RSA key. The signature should be one which has been calculated with the getSignature() function. More... | |
byte [] | encryptWithRSA (byte[] input, byte[] publicKey) |
Encrypts the data using RSA cryptography and using the provided public key in the Ixian serialized format. See the class IxianKeyPair and the function generateKeys() for information about how to obtain a serialized RSA key. More... | |
byte [] | decryptWithRSA (byte[] input, byte[] privateKey) |
Decrypts the data using RSA cryptography and using the provided private key in the Ixian serialized format. See the class IxianKeyPair and the function generateKeys() for information about how to obtain a serialized RSA key. The encrypted data should be the value returned from encryptWithRSA() function. More... | |
byte [] | encryptDataAES (byte[] input, byte[] key) |
Encrpyts the provided data with a variant of the AES algorithm and using the provided symmetrical encryption key. More... | |
byte [] | decryptDataAES (byte[] input, byte[] key, int offset=0) |
Decrypts the provided block of data with a variant of the AES algorithm and using the provided symmetrical encryption key. More... | |
byte [] | encryptWithPassword (byte[] data, string password) |
Encrypts the provided data with the given password. This function uses encryptDataAES() as the internal encryption primitive, but abstracts away some of the detail around key and salt generation. More... | |
byte [] | decryptWithPassword (byte[] data, string password) |
Encrypts the provided data with the given password. This function uses decryptDataAES() as the internal encryption primitive, but abstracts away some of the detail around key and salt processing. More... | |
byte [] | encryptWithChacha (byte[] input, byte[] key) |
Encrypts the provided data with the given password. This function uses Bouncy Castle's 'ChaCha' method as the internal encryption primitive, but abstracts away some of the detail around key processing. More... | |
byte [] | decryptWithChacha (byte[] input, byte[] key) |
Decrypts the provided data with the given password. This function uses Bouncy Castle's 'ChaCha' method as the internal encryption primitive, but abstracts away some of the detail around key processing. More... | |
byte [] | generateChildKey (byte[] parentKey, int seed=0) |
Generates a child RSA key from the given parent RSA key, so that the process may be repeated in the future. This function allows for RSA key derivation and hirearchical keys. Using a different seed value will yield different child keys, but the process can be repeated if the seed values are known. More... | |
bool | testKeys (byte[] sample, IxianKeyPair kp) |
Verifies that the provided Ixian key pair are valid, working RSA keys. Both encryption and signing are tested and the resulting values are then decrypted and verified to ensure that the process is reversible. More... | |
byte [] | getSecureRandomBytes (int length) |
Generates secure random bytes according to the specified length. More... | |
Interface for implementing different cryptographic libraries.
Definition at line 36 of file CryptoLib.cs.
byte [] IXICore.ICryptoLib.decryptDataAES | ( | byte [] | input, |
byte [] | key, | ||
int | offset = 0 |
||
) |
Decrypts the provided block of data with a variant of the AES algorithm and using the provided symmetrical encryption key.
This function mirrors encryptDataAES()
, so the input data should also contain the random salt value used in encryption. The function allows processing encrypted data from a larger byte buffer by specifying the offset at which the data starts. For most use cases, offset
should be set to 0.
input | Ciphertext data to decrypt |
key | Decryption key. |
offset | Offset of the encrypted data in the byte-field. This is usually 0. |
Implemented in IXICore.BouncyCastle.
byte [] IXICore.ICryptoLib.decryptWithChacha | ( | byte [] | input, |
byte [] | key | ||
) |
Decrypts the provided data with the given password. This function uses Bouncy Castle's 'ChaCha' method as the internal encryption primitive, but abstracts away some of the detail around key processing.
input | Ciphertext data. |
key | Decryption password. |
Implemented in IXICore.BouncyCastle.
byte [] IXICore.ICryptoLib.decryptWithPassword | ( | byte [] | data, |
string | password | ||
) |
Encrypts the provided data with the given password. This function uses decryptDataAES()
as the internal encryption primitive, but abstracts away some of the detail around key and salt processing.
In order to obtain a good encryption key from the password, PBKDF2 from RFC 2898 is used. This function is the inverse of encryptWithPassword()
, so it can only process Ciphertext generated by that function.
data | Ciphertext data. |
password | Encryption password. |
Implemented in IXICore.BouncyCastle.
byte [] IXICore.ICryptoLib.decryptWithRSA | ( | byte [] | input, |
byte [] | privateKey | ||
) |
Decrypts the data using RSA cryptography and using the provided private key in the Ixian serialized format. See the class IxianKeyPair
and the function generateKeys()
for information about how to obtain a serialized RSA key. The encrypted data should be the value returned from encryptWithRSA()
function.
input | Ciphertext data to decrypt. |
privateKey | RSA private key in the Ixian serialized format. |
Implemented in IXICore.BouncyCastle.
byte [] IXICore.ICryptoLib.encryptDataAES | ( | byte [] | input, |
byte [] | key | ||
) |
Encrpyts the provided data with a variant of the AES algorithm and using the provided symmetrical encryption key.
For best results, the key should be as random as possible. The function also generates a random salt value to increase the security of encryption. Because the salt value is needed for decryption, it is returned together with the ciphertext. The exact algorithm used for encryption is "AES/CBC/PKCS7Padding"
input | Cleartext data. |
key | Encryption key. |
Implemented in IXICore.BouncyCastle.
byte [] IXICore.ICryptoLib.encryptWithChacha | ( | byte [] | input, |
byte [] | key | ||
) |
Encrypts the provided data with the given password. This function uses Bouncy Castle's 'ChaCha' method as the internal encryption primitive, but abstracts away some of the detail around key processing.
input | Cleartext data. |
key | Encryption password. |
Implemented in IXICore.BouncyCastle.
byte [] IXICore.ICryptoLib.encryptWithPassword | ( | byte [] | data, |
string | password | ||
) |
Encrypts the provided data with the given password. This function uses encryptDataAES()
as the internal encryption primitive, but abstracts away some of the detail around key and salt generation.
In order to obtain a good encryption key from the password, PBKDF2 from RFC 2898 is used. Since the function also generates a random encryption salt, the returned byte-field also includes this salt value.
data | Cleartext data. |
password | Encryption password. |
Implemented in IXICore.BouncyCastle.
byte [] IXICore.ICryptoLib.encryptWithRSA | ( | byte [] | input, |
byte [] | publicKey | ||
) |
Encrypts the data using RSA cryptography and using the provided public key in the Ixian serialized format. See the class IxianKeyPair
and the function generateKeys()
for information about how to obtain a serialized RSA key.
input | Cleartext data to encrypt. |
publicKey | RSA public key in the Ixian serialized format. |
Implemented in IXICore.BouncyCastle.
byte [] IXICore.ICryptoLib.generateChildKey | ( | byte [] | parentKey, |
int | seed = 0 |
||
) |
Generates a child RSA key from the given parent RSA key, so that the process may be repeated in the future. This function allows for RSA key derivation and hirearchical keys. Using a different seed
value will yield different child keys, but the process can be repeated if the seed values are known.
parentKey | RSA private key in Ixian serialized format. |
seed | A unique seed value. |
Implemented in IXICore.BouncyCastle.
IxianKeyPair IXICore.ICryptoLib.generateKeys | ( | int | keySize, |
bool | skip_header = false |
||
) |
Generates a new pair of RSA private and public keys.
The serialized key format has changed slightly and the parameter skip_header
is used to denote older Ixian keys which did not include version information. It is recommended that the parameter is left on its default value false
when using this function, unless you have a very specific need togenerate older Ixian keys.
keySize | Size of the new RSA key, in bits. |
skip_header | Legacy parameter to allow generating older Ixian keys. |
Implemented in IXICore.BouncyCastle.
byte [] IXICore.ICryptoLib.getSecureRandomBytes | ( | int | length | ) |
Generates secure random bytes according to the specified length.
length | Length of the random data. |
Implemented in IXICore.BouncyCastle.
byte [] IXICore.ICryptoLib.getSignature | ( | byte [] | input, |
byte [] | privateKey | ||
) |
Generates a cryptographic signature for the input data, using the provided private key in the Ixian serialized format. See the class IxianKeyPair
and the function generateKeys()
for information about how to obtain a serialized RSA key.
input | Data which should be signed. |
privateKey | Private key for signing the data in Ixian serialized format. |
Implemented in IXICore.BouncyCastle.
bool IXICore.ICryptoLib.testKeys | ( | byte [] | sample, |
IxianKeyPair | kp | ||
) |
Verifies that the provided Ixian key pair are valid, working RSA keys. Both encryption and signing are tested and the resulting values are then decrypted and verified to ensure that the process is reversible.
sample | Sample data, used for testing the keys (Cleartext). |
kp | Ixian RSA key pair to be tested. |
Implemented in IXICore.BouncyCastle.
bool IXICore.ICryptoLib.verifySignature | ( | byte [] | input, |
byte [] | publicKey, | ||
byte [] | signature | ||
) |
Verifies that the given signature correctly signs the data with the given public key. See the class IxianKeyPair
and the function generateKeys()
for information about how to obtain a serialized RSA key. The signature should be one which has been calculated with the getSignature()
function.
input | Data which has been signed using the public key's corresponding private key. |
publicKey | Public key against which the signature should be tested. |
signature | Signature, as given by getSignature() . |
Implemented in IXICore.BouncyCastle.