diff --git a/mRemoteNGTests/Security/AesGcmTests.cs b/mRemoteNGTests/Security/AesGcmTests.cs
index bdf0dbe3c..b63343ab6 100644
--- a/mRemoteNGTests/Security/AesGcmTests.cs
+++ b/mRemoteNGTests/Security/AesGcmTests.cs
@@ -7,12 +7,14 @@ namespace mRemoteNGTests.Security
{
public class AesGcmTests
{
+ private AESGCM _aesgcm;
private SecureString _encryptionKey;
private string _plainText;
[SetUp]
public void Setup()
{
+ _aesgcm = new AESGCM();
_encryptionKey = "mypassword111111".ConvertToSecureString();
_plainText = "MySecret!";
}
@@ -25,29 +27,29 @@ namespace mRemoteNGTests.Security
[Test]
public void GetBlockSizeReturnsProperValueForAes()
{
- Assert.That(AESGCM.BlockSizeInBytes, Is.EqualTo(16));
+ Assert.That(_aesgcm.BlockSizeInBytes, Is.EqualTo(16));
}
[Test]
public void EncryptionOutputsBase64String()
{
- var cipherText = AESGCM.Encrypt(_plainText, _encryptionKey);
+ var cipherText = _aesgcm.Encrypt(_plainText, _encryptionKey);
Assert.That(cipherText.IsBase64String, Is.True);
}
[Test]
public void DecryptedTextIsEqualToOriginalPlainText()
{
- var cipherText = AESGCM.Encrypt(_plainText, _encryptionKey);
- var decryptedCipherText = AESGCM.Decrypt(cipherText, _encryptionKey);
+ var cipherText = _aesgcm.Encrypt(_plainText, _encryptionKey);
+ var decryptedCipherText = _aesgcm.Decrypt(cipherText, _encryptionKey);
Assert.That(decryptedCipherText, Is.EqualTo(_plainText));
}
[Test]
public void EncryptingTheSameValueReturnsNewCipherTextEachTime()
{
- var cipherText1 = AESGCM.Encrypt(_plainText, _encryptionKey);
- var cipherText2 = AESGCM.Encrypt(_plainText, _encryptionKey);
+ var cipherText1 = _aesgcm.Encrypt(_plainText, _encryptionKey);
+ var cipherText2 = _aesgcm.Encrypt(_plainText, _encryptionKey);
Assert.That(cipherText1, Is.Not.EqualTo(cipherText2));
}
}
diff --git a/mRemoteV1/Security/AESGCM.cs b/mRemoteV1/Security/AESGCM.cs
index 57d995f5a..c00878bf6 100644
--- a/mRemoteV1/Security/AESGCM.cs
+++ b/mRemoteV1/Security/AESGCM.cs
@@ -19,41 +19,41 @@ using Org.BouncyCastle.Security;
namespace mRemoteNG.Security
{
- public static class AESGCM
+ public class AESGCM
{
- private static readonly SecureRandom Random = new SecureRandom();
+ private readonly SecureRandom Random = new SecureRandom();
//Preconfigured Encryption Parameters
- public static readonly int NonceBitSize = 128;
- public static readonly int MacBitSize = 128;
- public static readonly int KeyBitSize = 256;
+ public readonly int NonceBitSize = 128;
+ public readonly int MacBitSize = 128;
+ public readonly int KeyBitSize = 256;
//Preconfigured Password Key Derivation Parameters
- public static readonly int SaltBitSize = 128;
- public static readonly int Iterations = 10000;
- public static readonly int MinPasswordLength = 12;
+ public readonly int SaltBitSize = 128;
+ public readonly int Iterations = 10000;
+ public readonly int MinPasswordLength = 12;
- public static int BlockSizeInBytes => 16;
+ public int BlockSizeInBytes => 16;
///
/// Helper that generates a random new key on each call.
///
///
- public static byte[] NewKey()
+ public byte[] NewKey()
{
var key = new byte[KeyBitSize / 8];
Random.NextBytes(key);
return key;
}
- public static string Encrypt(string plainText, SecureString encryptionKey)
+ public string Encrypt(string plainText, SecureString encryptionKey)
{
var encryptedText = SimpleEncryptWithPassword(plainText, encryptionKey.ConvertToUnsecureString());
return encryptedText;
}
- public static string Decrypt(string cipherText, SecureString decryptionKey)
+ public string Decrypt(string cipherText, SecureString decryptionKey)
{
var decryptedText = SimpleDecryptWithPassword(cipherText, decryptionKey.ConvertToUnsecureString());
return decryptedText;
@@ -72,7 +72,7 @@ namespace mRemoteNG.Security
///
/// Adds overhead of (Optional-Payload + BlockSize(16) + Message + HMac-Tag(16)) * 1.33 Base64
///
- public static string SimpleEncrypt(string secretMessage, byte[] key, byte[] nonSecretPayload = null)
+ public string SimpleEncrypt(string secretMessage, byte[] key, byte[] nonSecretPayload = null)
{
if (string.IsNullOrEmpty(secretMessage))
throw new ArgumentException("Secret Message Required!", "secretMessage");
@@ -90,7 +90,7 @@ namespace mRemoteNG.Security
/// The key.
/// Length of the optional non-secret payload.
/// Decrypted Message
- public static string SimpleDecrypt(string encryptedMessage, byte[] key, int nonSecretPayloadLength = 0)
+ public string SimpleDecrypt(string encryptedMessage, byte[] key, int nonSecretPayloadLength = 0)
{
if (string.IsNullOrEmpty(encryptedMessage))
throw new ArgumentException("Encrypted Message Required!", "encryptedMessage");
@@ -114,7 +114,7 @@ namespace mRemoteNG.Security
/// Significantly less secure than using random binary keys.
/// Adds additional non secret payload for key generation parameters.
///
- public static string SimpleEncryptWithPassword(string secretMessage, string password,
+ public string SimpleEncryptWithPassword(string secretMessage, string password,
byte[] nonSecretPayload = null)
{
if (string.IsNullOrEmpty(secretMessage))
@@ -140,7 +140,7 @@ namespace mRemoteNG.Security
///
/// Significantly less secure than using random binary keys.
///
- public static string SimpleDecryptWithPassword(string encryptedMessage, string password,
+ public string SimpleDecryptWithPassword(string encryptedMessage, string password,
int nonSecretPayloadLength = 0)
{
if (string.IsNullOrWhiteSpace(encryptedMessage))
@@ -162,7 +162,7 @@ namespace mRemoteNG.Security
///
/// Adds overhead of (Optional-Payload + BlockSize(16) + Message + HMac-Tag(16)) * 1.33 Base64
///
- public static byte[] SimpleEncrypt(byte[] secretMessage, byte[] key, byte[] nonSecretPayload = null)
+ public byte[] SimpleEncrypt(byte[] secretMessage, byte[] key, byte[] nonSecretPayload = null)
{
//User Error Checks
if (key == null || key.Length != KeyBitSize / 8)
@@ -210,7 +210,7 @@ namespace mRemoteNG.Security
/// The key.
/// Length of the optional non-secret payload.
/// Decrypted Message
- public static byte[] SimpleDecrypt(byte[] encryptedMessage, byte[] key, int nonSecretPayloadLength = 0)
+ public byte[] SimpleDecrypt(byte[] encryptedMessage, byte[] key, int nonSecretPayloadLength = 0)
{
//User Error Checks
if (key == null || key.Length != KeyBitSize / 8)
@@ -268,7 +268,7 @@ namespace mRemoteNG.Security
/// Significantly less secure than using random binary keys.
/// Adds additional non secret payload for key generation parameters.
///
- public static byte[] SimpleEncryptWithPassword(byte[] secretMessage, string password, byte[] nonSecretPayload = null)
+ public byte[] SimpleEncryptWithPassword(byte[] secretMessage, string password, byte[] nonSecretPayload = null)
{
nonSecretPayload = nonSecretPayload ?? new byte[] {};
@@ -315,7 +315,7 @@ namespace mRemoteNG.Security
///
/// Significantly less secure than using random binary keys.
///
- public static byte[] SimpleDecryptWithPassword(byte[] encryptedMessage, string password, int nonSecretPayloadLength = 0)
+ public byte[] SimpleDecryptWithPassword(byte[] encryptedMessage, string password, int nonSecretPayloadLength = 0)
{
//User Error Checks
if (string.IsNullOrWhiteSpace(password) || password.Length < MinPasswordLength)