Repository files navigation

Cryptor is a program written inC# that can encrypt and decrypt files using hybrid data encryption. It has implementedPKI and can encrypt files using several encryption and hashing algorithms.

Cryptor works by generating a random password or key for the encryption algorithm, encrypting the data block by block and then encrypting the encryption key usingthe receivers public key and writing it all in a file withcustom format. That file is then digitally signed using the senders private key and the signature is appended tothe file. To decrypt, receiver only needs to have hisprivate key which matches the public key used by the sender. Because it encrypts files by dividing them into smallerblocks, it can be used for encrypting very large files. Speed depends on algorithms used.

This software is modification of a project I did for a courseCryptography and Computer Protection at my University. I had fun developing it. It can be usedas a reference forMVVM (Model-View-ViewModel) architecture andX.509 Certificates.

Cryptor is written inC# and requires.NET Framework 4.7.2 to run. It was developed in Visual Studio Community 2019.Application's user interface is implemented usingWindows Presentation Foundation (WPF) and it usesSQLite withEntity Framework 6to store data.

Also for the implementation of the 'Twofish' algorithm I used theBouncyCastle Nuget package. I would like to thank Bouncy Castledevelopers for the great work they did developing it.

Cryptor for now supports three encryption algorithms:

• Advanced Encryption Standard (AES)
• Triple DES
• Twofish

RSA cryptosystem is used for key encryption and generating a digital signature of the file.

For hashing there are two algorithms the application can use:

• SHA256
• MD5

Because the application usespolymorphism andMVVM architecture it would be easy to further expand the collection of supported algorithms by implementing correct interfaces.

To use the application user first needs to register. To do that, he needs to provide the system with anUsername,Password and hisX.509 Public Certificate file.After that he can login to the system. Same registering form is used for adding external users, those users that you want to send encrypted files to. In that case the user needs to checktheExternal checkbox and then he can register an external user by providing onlyUsername you wish to identify him with and hisPublic Certificate.

At login, user needs to provide hisUsername,Password and hisPrivate Key that matches the Public Key included in his Public Certificate he used to register. The application willcheck if the private key matches the public key, and it will only login if they match.

In the main form, user can set all the desired parameters:input file,output file,algorithms to use,mode andsender/receiver. If mode of operation is decryption, system will deduce the algorithmsused from the header of the encrypted file.

Application provides data validation so any textbox with an invalid entry will be marked with a redX on the right side and it'stooltip will contain an explanation.

During encryption or decryption user will be presented with a progress bar and a text area where application will log it's progress during the operation.

For testing purposes there is a folder'OPENSSL' and a databaseUsers.db provided in the repository with certificates and private keys. There are two users already registered:

1. Username: default;Password: default;Key: OPENSSL/private/default.key
2. Username: luka;Password: luka;Key: OPENSSL/private/luka.key

If for some reason you want to create a new SQLite database here is the proper query:

CREATE TABLE Users (    Id                INTEGER   PRIMARY KEY AUTOINCREMENT                                UNIQUE,    Username          CHAR (20) NOT NULL                                UNIQUE,    Salt              BLOB,    PassHash          BLOB,    IsExternal        INT       NOT NULL,    PublicCertificate BLOB      NOT NULL);

ProjectAlgorithmLibrary contains implementation for encryption algorithms likeAES,Twofish andTripleDES. Every algorithm 'machine' shouldimplement theIMachine interface so the application stays easily extensible with new algorithms by usingpolymorphism. This project should contain hash algorithms that implementthe abstract class System.Security.Cryptography.HashAlgorithm. Hashing algorithms I used were already implemented in .NET.

CryptedStreamParsers project contains all neccessary classes for encrypting and decrypting streams. Every class here works with streams, so encrypted data doesn't neccessarilly needs to bea file, it can be a memory stream or something else.PrivateKeyParsers project contains neccessary classes for reading private key files.

ProjectFileEncryptorWpf contains all the Models, Views and ViewModels. Every ViewModel inherits the abstract classViewModelBase which implements interfaces INotifyDataErrorInfo and INotifyPropertyChanged.INotifyDataErrorInfo providescustom synchronous and asynchronous validation support andINotifyPropertyChanged is used for notifying Views that a property value has changed.

This free software was developed byLuka B.