1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
|
/*
KeePass Password Safe - The Open-Source Password Manager
Copyright (C) 2003-2025 Dominik Reichl <dominik.reichl@t-online.de>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
*/
using System;
using System.Collections.Generic;
using System.Diagnostics;
using System.IO;
using System.Security;
using System.Text;
#if !KeePassUAP
using System.Security.Cryptography;
#endif
using KeePassLib.Resources;
namespace KeePassLib.Cryptography.Cipher
{
public sealed class StandardAesEngine : ICipherEngine
{
private static PwUuid g_uuidAes = null;
public static PwUuid AesUuid
{
get
{
PwUuid pu = g_uuidAes;
if(pu == null)
{
pu = new PwUuid(new byte[] {
0x31, 0xC1, 0xF2, 0xE6, 0xBF, 0x71, 0x43, 0x50,
0xBE, 0x58, 0x05, 0x21, 0x6A, 0xFC, 0x5A, 0xFF });
g_uuidAes = pu;
}
return pu;
}
}
public PwUuid CipherUuid
{
get { return StandardAesEngine.AesUuid; }
}
public string DisplayName
{
get
{
return ("AES/Rijndael (" + KLRes.KeyBits.Replace("{PARAM}",
"256") + ", FIPS 197)");
}
}
private static void ValidateArguments(Stream s, bool bEncrypt, byte[] pbKey, byte[] pbIV)
{
if(s == null) { Debug.Assert(false); throw new ArgumentNullException("s"); }
if(pbKey == null) { Debug.Assert(false); throw new ArgumentNullException("pbKey"); }
if(pbKey.Length != 32) { Debug.Assert(false); throw new ArgumentOutOfRangeException("pbKey"); }
if(pbIV == null) { Debug.Assert(false); throw new ArgumentNullException("pbIV"); }
if(pbIV.Length != 16) { Debug.Assert(false); throw new ArgumentOutOfRangeException("pbIV"); }
if(bEncrypt)
{
Debug.Assert(s.CanWrite);
if(!s.CanWrite) throw new ArgumentException("Stream must be writable!");
}
else // Decrypt
{
Debug.Assert(s.CanRead);
if(!s.CanRead) throw new ArgumentException("Stream must be readable!");
}
}
private static Stream CreateStream(Stream s, bool bEncrypt, byte[] pbKey, byte[] pbIV)
{
StandardAesEngine.ValidateArguments(s, bEncrypt, pbKey, pbIV);
#if KeePassUAP
return StandardAesEngineExt.CreateStream(s, bEncrypt, pbKey, pbIV);
#else
SymmetricAlgorithm a = CryptoUtil.CreateAes(256, CipherMode.CBC,
PaddingMode.PKCS7);
ICryptoTransform t;
if(bEncrypt) t = a.CreateEncryptor(pbKey, pbIV);
else t = a.CreateDecryptor(pbKey, pbIV);
if(t == null) { Debug.Assert(false); throw new SecurityException("Unable to create AES transform!"); }
return new CryptoStreamEx(s, t, bEncrypt ? CryptoStreamMode.Write :
CryptoStreamMode.Read, a);
#endif
}
public Stream EncryptStream(Stream s, byte[] pbKey, byte[] pbIV)
{
return StandardAesEngine.CreateStream(s, true, pbKey, pbIV);
}
public Stream DecryptStream(Stream s, byte[] pbKey, byte[] pbIV)
{
return StandardAesEngine.CreateStream(s, false, pbKey, pbIV);
}
}
}
|
