ChaCha Component

Properties   Methods   Events   Config Settings   Errors  

The ChaCha component can be used to encrypt and decrypt data with the ChaCha20 algorithm.

Syntax

nsoftware.IPWorksEncrypt.Chacha

Remarks

The component implements ChaCha20 as defined in RFC 7539. This may be used to both encrypt and decrypt data. The component also support Authenticated Encryption with Additional Data (AEAD) via AEAD_CHACHA20_POLY1305. To enable the use of AEAD set UseAEAD to True.

Data may be encrypted and decrypted in its entirety by calling Encrypt and Decrypt or chunk by chunk by calling EncryptBlock and DecryptBlock.

In all operations a Key and IV must be used. If IV is not set one is automatically generated. KeyPassword may be set in order to automatically generate both a Key and IV when a method is called. The same KeyPassword, or Key and IV pair are used on both sides of the operation data can be encrypted and decrypted.

Encrypt Notes

Encrypt will encrypt the specified data. The following properties are applicable:

Input and Output Properties

The component will determine the source and destination of the input and output based on which properties are set.

The order in which the input properties are checked is as follows:

When a valid source is found the search stops. The order in which the output properties are checked is as follows:

When using streams you may need to additionally set CloseInputStreamAfterProcessing or CloseOutputStreamAfterProcessing.

Additional Notes

The Key property must be set to a 256 bit (32 byte) value. This is the only allowed value for ChaCha20. If KeyPassword is set both Key and IV will be automatically generated when Encrypt is called.

The IV should typically be set to a 96 bit (12 byte) value. See the IV property for details on using a 64 bit (8 byte) value. If IV is not set a 96 bit (12 byte) value will automatically be generated by the component when Encrypt is called.

InitialCounter may be set for specific cases where an initial counter of 1 is needed. The default value is 0 and is recommended.

During encryption the Progress event will fire as data is encrypted.

Encrypt Example

Chacha chacha = new Chacha(); chacha.KeyB = new byte[]{ 0xBB, 0x76, 0x17, 0xC9, 0x05, 0x73, 0x4A, 0x8D, 0x59, 0x9D, 0x7B, 0x0D, 0x86, 0x2A, 0x03, 0x82, 0x50, 0x6A, 0x70, 0xFB, 0xA8, 0x56, 0x47, 0x1B, 0x1E, 0x68, 0x0B, 0x2B, 0x34, 0x18, 0x0F, 0xE2 }; chacha.IVB = new byte[] { 0x0D, 0xE4, 0x43, 0x40, 0x29, 0xAD, 0x70, 0x7D, 0x7B, 0x32, 0xB5, 0xC7 }; chacha.InputMessage = "hello chacha!"; chacha.Encrypt(); //chacha.OutputMessageB contains the byte[] of the encrypted data. The above code produces the following encrypted bytes. // {0x35, 0xBA, 0x31, 0x60, 0x02, 0x77, 0x57, 0x06, 0x5F, 0x6E, 0xE0, 0xD4, 0x76}

AEAD Notes

When encrypting and UseAEAD is True AdditionalAuthData optionally holds data that is authenticated but not encrypted.

After encrypting the message the AuthTag property will be populated. To include the AuthTag in the output set IncludeAuthTag to True.

Encrypt with AEAD Example

Chacha chacha = new Chacha(); chacha.KeyB = new byte[] { 0xBB, 0x76, 0x17, 0xC9, 0x05, 0x73, 0x4A, 0x8D, 0x59, 0x9D, 0x7B, 0x0D, 0x86, 0x2A, 0x03, 0x82, 0x50, 0x6A, 0x70, 0xFB, 0xA8, 0x56, 0x47, 0x1B, 0x1E, 0x68, 0x0B, 0x2B, 0x34, 0x18, 0x0F, 0xE2 }; chacha.IVB = new byte[] { 0x0D, 0xE4, 0x43, 0x40, 0x29, 0xAD, 0x70, 0x7D, 0x7B, 0x32, 0xB5, 0xC7 }; chacha.UseAEAD = true; chacha.AdditionalAuthData = "my auth data."; chacha.InputMessage = "hello chacha!"; chacha.Encrypt(); //chacha.OutputMessageB contains the byte[] of the encrypted data. The above code produces the following encrypted bytes: // {0x67, 0xF5, 0xC7, 0xE4, 0xE6, 0xD6, 0xC2, 0xF4, 0x09, 0xE3, 0x90, 0xF2, 0x65} //chacha.AuthTagB contains the byte[] of the AuthTag. The above code produces the following authentication tag: // {0x46, 0x35, 0xFD, 0x33, 0x30, 0x52, 0xAA, 0x6B, 0xBA, 0x32, 0x16, 0xA6, 0x48, 0x12, 0x52, 0x78}

Encrypt Block Notes

EncryptBlock will encrypt the input data and return the encrypted block. The encrypted block will always be the same length as the decrypted data. The following properties are applicable:

  • IV (required)
  • Key (required)

InputBuffer specifies the input data to encrypt.

LastBlock specifies whether the block is the last block. Required when UseAEAD is True. When LastBlock is True the component will calculate the AuthTag value. If UseAEAD is False the value of LastBlock is not used.

EncryptBlock Example

Chacha chacha = new Chacha(); chacha.KeyB = new byte[] { 0xBB, 0x76, 0x17, 0xC9, 0x05, 0x73, 0x4A, 0x8D, 0x59, 0x9D, 0x7B, 0x0D, 0x86, 0x2A, 0x03, 0x82, 0x50, 0x6A, 0x70, 0xFB, 0xA8, 0x56, 0x47, 0x1B, 0x1E, 0x68, 0x0B, 0x2B, 0x34, 0x18, 0x0F, 0xE2 }; chacha.IVB = new byte[] { 0x0D, 0xE4, 0x43, 0x40, 0x29, 0xAD, 0x70, 0x7D, 0x7B, 0x32, 0xB5, 0xC7 }; chacha.UseAEAD = true; byte[] tempEncryptedBlock; //Encrypt any number of blocks of any size tempEncryptedBlock = chacha.EncryptBlock(part1, false); tempEncryptedBlock = chacha.EncryptBlock(part2, false); //Pass true for the last block tempEncryptedBlock = chacha.EncryptBlock(part3, true); //Save AuthTag for use when decrypting byte[] authTab = chacha.AuthTagB;

Decrypt Notes

Decrypt will decrypt the specified data. The following properties are applicable:

Input and Output Properties

The component will determine the source and destination of the input and output based on which properties are set.

The order in which the input properties are checked is as follows:

When a valid source is found the search stops. The order in which the output properties are checked is as follows:

When using streams you may need to additionally set CloseInputStreamAfterProcessing or CloseOutputStreamAfterProcessing.

Additional Notes

The Key property must be set to the 256 bit (32 byte) value originally used to encrypt the data. IV must be set to the original IV value used to encrypt the data.

If using a password, KeyPassword must be set to the same KeyPassword used when encrypting the data. This will automatically generate both Key and IV when Decrypt is called.

InitialCounter may be set for specific cases where an initial counter of 1 is needed. The default value is 0 and is recommended.

During decryption the Progress event will fire as data is decrypted.

Decrypt Example

Chacha chacha = new Chacha(); chacha.KeyB = new byte[] { 0xBB, 0x76, 0x17, 0xC9, 0x05, 0x73, 0x4A, 0x8D, 0x59, 0x9D, 0x7B, 0x0D, 0x86, 0x2A, 0x03, 0x82, 0x50, 0x6A, 0x70, 0xFB, 0xA8, 0x56, 0x47, 0x1B, 0x1E, 0x68, 0x0B, 0x2B, 0x34, 0x18, 0x0F, 0xE2 }; chacha.IVB = new byte[] { 0x0D, 0xE4, 0x43, 0x40, 0x29, 0xAD, 0x70, 0x7D, 0x7B, 0x32, 0xB5, 0xC7 }; chacha.InputMessageB = new byte[] { 0x35, 0xBA, 0x31, 0x60, 0x02, 0x77, 0x57, 0x06, 0x5F, 0x6E, 0xE0, 0xD4, 0x76 }; chacha.Decrypt(); Console.WriteLine(chacha.OutputMessage); //outputs "hello chacha!"

AEAD Notes

When decrypting AdditionalAuthData must be set to the same value that was specified when encrypting. AuthTag must be set to the AuthTag value produced when encrypting.

Note: IncludeAuthTag may be set to True if the AuthTag value was included in the encrypted message.

Decrypt with AEAD Example

Chacha chacha = new Chacha(); chacha.KeyB = new byte[] { 0xBB, 0x76, 0x17, 0xC9, 0x05, 0x73, 0x4A, 0x8D, 0x59, 0x9D, 0x7B, 0x0D, 0x86, 0x2A, 0x03, 0x82, 0x50, 0x6A, 0x70, 0xFB, 0xA8, 0x56, 0x47, 0x1B, 0x1E, 0x68, 0x0B, 0x2B, 0x34, 0x18, 0x0F, 0xE2 }; chacha.IVB = new byte[] { 0x0D, 0xE4, 0x43, 0x40, 0x29, 0xAD, 0x70, 0x7D, 0x7B, 0x32, 0xB5, 0xC7 }; chacha.AuthTagB = new byte[] { 0x46, 0x35, 0xFD, 0x33, 0x30, 0x52, 0xAA, 0x6B, 0xBA, 0x32, 0x16, 0xA6, 0x48, 0x12, 0x52, 0x78 }; chacha.InputMessageB = new byte[] { 0x67, 0xF5, 0xC7, 0xE4, 0xE6, 0xD6, 0xC2, 0xF4, 0x09, 0xE3, 0x90, 0xF2, 0x65 }; chacha.UseAEAD = true; chacha.AdditionalAuthData = "my auth data."; chacha.Decrypt(); Console.WriteLine(chacha.OutputMessage); //outputs "hello chacha!"

Decrypt Block Notes

DecryptBlock will decrypt the input data and return the decrypted block. The decrypted block will always be the same length as the encrypted data. The following properties are applicable:

  • IV (required)
  • Key (required)

InputBuffer specifies the input data to decrypt.

LastBlock specifies whether the block is the last block. Required when UseAEAD is True. When LastBlock is True the component will validate the AuthTag value. If UseAEAD is False the value of LastBlock is not used.

DecryptBlock Example

Chacha chacha = new Chacha(); chacha.KeyB = new byte[] { 0xBB, 0x76, 0x17, 0xC9, 0x05, 0x73, 0x4A, 0x8D, 0x59, 0x9D, 0x7B, 0x0D, 0x86, 0x2A, 0x03, 0x82, 0x50, 0x6A, 0x70, 0xFB, 0xA8, 0x56, 0x47, 0x1B, 0x1E, 0x68, 0x0B, 0x2B, 0x34, 0x18, 0x0F, 0xE2 }; chacha.IVB = new byte[] { 0x0D, 0xE4, 0x43, 0x40, 0x29, 0xAD, 0x70, 0x7D, 0x7B, 0x32, 0xB5, 0xC7 }; chacha.UseAEAD = true; cahcha.AuthTagB = authTag; //Value calculated during encryption. byte[] tempDecryptedBlock; //Decrypt any number of blocks of any size tempDecryptedBlock = chacha.DecryptBlock(part1, false); tempDecryptedBlock = chacha.DecryptBlock(part2, false); //Pass true for the last block tempDecryptedBlock = chacha.DecryptBlock(part3, true);

Property List


The following is the full list of the properties of the component with short descriptions. Click on the links for further details.

AdditionalAuthDataAdditional Authentication Data (AAD) used when UseAEAD is True.
AuthTagThe authentication tag used when UseAEAD is set to True.
InputFileThe file to process.
InputMessageThe message to process.
IVThe initialization vector (IV).
KeyThe secret key for the symmetric algorithm.
KeyPasswordA password to generate the Key and IV .
OutputFileThe output file when encrypting or decrypting.
OutputMessageThe output message after processing.
OverwriteIndicates whether or not the component should overwrite files.
UseAEADWhether to use AEAD (Authenticated Encryption with Additional Data).
UseHexWhether input or output is hex encoded.

Method List


The following is the full list of the methods of the component with short descriptions. Click on the links for further details.

ConfigSets or retrieves a configuration setting.
DecryptDecrypts the data.
DecryptBlockDecrypts a block and returns the decrypted data.
EncryptEncrypts the data.
EncryptBlockEncrypts data and returns the encrypted block.
ResetResets the component
SetInputStreamSets the stream from which the component will read data to encrypt or decrypt.
SetOutputStreamSets the stream to which the component will write encrypted or decrypted data.

Event List


The following is the full list of the events fired by the component with short descriptions. Click on the links for further details.

ErrorFired when information is available about errors during data delivery.
ProgressFired as progress is made.

Config Settings


The following is a list of config settings for the component with short descriptions. Click on the links for further details.

CloseInputStreamAfterProcessingDetermines whether or not the input stream is closed after processing.
CloseOutputStreamAfterProcessingDetermines whether or not the output stream is closed after processing.
EncryptedDataEncodingThe encoding of the encrypted input or output data.
IncludeAuthTagWhether to append the authentication tag to the cipher text when UseAEAD is True.
IncludeIVWhether to prepend the IV to the output data and read the IV from the input data.
InitialCounterThe initial counter value.
IVLengthThe IV length in bytes.
KeyPasswordAlgorithmThe hash algorithm used to derive the Key and IV from the KeyPassword property.
KeyPasswordIterationsThe number of iterations performed when using KeyPassword to derive the Key and IV.
KeyPasswordSaltThe salt value used in conjunction with the KeyPassword to derive the Key and IV.
BuildInfoInformation about the product's build.
GUIAvailableWhether or not a message loop is available for processing events.
LicenseInfoInformation about the current license.
MaskSensitiveWhether sensitive data is masked in log messages.
UseInternalSecurityAPIWhether or not to use the system security libraries or an internal implementation.

AdditionalAuthData Property (ChaCha Component)

Additional Authentication Data (AAD) used when UseAEAD is True.

Syntax

public string AdditionalAuthData { get; set; }
public byte[] AdditionalAuthDataB { get; set; }
Public Property AdditionalAuthData As String
Public Property AdditionalAuthDataB As Byte()

Default Value

""

Remarks

This property specifies data that is authentication but not encrypted. This is only applicable when UseAEAD is True.

Note that AAD data is authenticated but not encrypted, so it is not included in the output.

AuthTag Property (ChaCha Component)

The authentication tag used when UseAEAD is set to True.

Syntax

public string AuthTag { get; set; }
public byte[] AuthTagB { get; set; }
Public Property AuthTag As String
Public Property AuthTagB As Byte()

Default Value

""

Remarks

This property holds the 128 bit authentication tag used when UseAEAD is set to True. It is only applicable when UseAEAD is True.

This is populated after calling Encrypt. To also include the value in the output set IncludeAuthTag to True.

This must be set before calling Decrypt. If the auth tag is included in the encrypted data set IncludeAuthTag to True before calling Decrypt.

InputFile Property (ChaCha Component)

The file to process.

Syntax

public string InputFile { get; set; }
Public Property InputFile As String

Default Value

""

Remarks

This property specifies the file to be processed. Set this property to the full or relative path to the file which will be processed.

Input and Output Properties

The component will determine the source and destination of the input and output based on which properties are set.

The order in which the input properties are checked is as follows:

When a valid source is found the search stops. The order in which the output properties are checked is as follows:

When using streams you may need to additionally set CloseInputStreamAfterProcessing or CloseOutputStreamAfterProcessing.

InputMessage Property (ChaCha Component)

The message to process.

Syntax

public string InputMessage { get; set; }
public byte[] InputMessageB { get; set; }
Public Property InputMessage As String
Public Property InputMessageB As Byte()

Default Value

""

Remarks

This property specifies the message to be processed.

Input and Output Properties

The component will determine the source and destination of the input and output based on which properties are set.

The order in which the input properties are checked is as follows:

When a valid source is found the search stops. The order in which the output properties are checked is as follows:

When using streams you may need to additionally set CloseInputStreamAfterProcessing or CloseOutputStreamAfterProcessing.

IV Property (ChaCha Component)

The initialization vector (IV).

Syntax

public string IV { get; set; }
public byte[] IVB { get; set; }
Public Property IV As String
Public Property IVB As Byte()

Default Value

""

Remarks

This property specifies the initialization vector (IV). This is also referred to as the nonce. By default this property is empty and the component will automatically generate a new IV value if KeyPassword or Key is set before Encrypt or EncryptBlock is called.

The size of the IV may be either 96 bits in length (12 bytes) or 64 bits in length (8 bytes).

Compatibility Notes

A 96 bit length value is used for implementations implementing RFC 7539. A 64 bit length value may be used by implementations that follow the original draft of ChaCha. When using a 96 bit length value the maximum file size of data is 256 GB.

If another entity is performing the decryption and it is not known whether it supports 64 bit length values, choose a 96 bit length value by default. This follows the RFC and should be the most widely implemented value.

The component supports both lengths.

Note: If Key is specified but IV is not, an IV will be automatically generated. To control the length of the IV that is generated set IVLength.

Key Property (ChaCha Component)

The secret key for the symmetric algorithm.

Syntax

public string Key { get; set; }
public byte[] KeyB { get; set; }
Public Property Key As String
Public Property KeyB As Byte()

Default Value

""

Remarks

This secret key is used both for encryption and decryption. The secret key should be known only to the sender and the receiver. This key must be 256 bits in length (32 bytes).

If this property is left empty and KeyPassword is specified, a Key value will be generated by the component as necessary.

KeyPassword Property (ChaCha Component)

A password to generate the Key and IV .

Syntax

public string KeyPassword { get; set; }
Public Property KeyPassword As String

Default Value

""

Remarks

When this property is set the component will calculate values for Key and IV using the PKCS5 password digest algorithm. This provides a simpler alternative to creating and managing Key and IV values directly.

OutputFile Property (ChaCha Component)

The output file when encrypting or decrypting.

Syntax

public string OutputFile { get; set; }
Public Property OutputFile As String

Default Value

""

Remarks

This property specifies the file to which the output will be written when Encrypt or Decrypt is called. This may be set to an absolute or relative path.

This property is only applicable to Encrypt and Decrypt.

Input and Output Properties

The component will determine the source and destination of the input and output based on which properties are set.

The order in which the input properties are checked is as follows:

When a valid source is found the search stops. The order in which the output properties are checked is as follows:

When using streams you may need to additionally set CloseInputStreamAfterProcessing or CloseOutputStreamAfterProcessing.

OutputMessage Property (ChaCha Component)

The output message after processing.

Syntax

public string OutputMessage { get; }
public byte[] OutputMessageB { get; }
Public ReadOnly Property OutputMessage As String
Public ReadOnly Property OutputMessageB As Byte()

Default Value

""

Remarks

This property will be populated with the output from the operation if OutputFile and SetOutputStream are not set.

Input and Output Properties

The component will determine the source and destination of the input and output based on which properties are set.

The order in which the input properties are checked is as follows:

When a valid source is found the search stops. The order in which the output properties are checked is as follows:

When using streams you may need to additionally set CloseInputStreamAfterProcessing or CloseOutputStreamAfterProcessing.

This property is read-only and not available at design time.

Overwrite Property (ChaCha Component)

Indicates whether or not the component should overwrite files.

Syntax

public bool Overwrite { get; set; }
Public Property Overwrite As Boolean

Default Value

False

Remarks

This property indicates whether or not the component will overwrite OutputFile. If Overwrite is False, an error will be thrown whenever OutputFile exists before an operation. The default value is False.

UseAEAD Property (ChaCha Component)

Whether to use AEAD (Authenticated Encryption with Additional Data).

Syntax

public bool UseAEAD { get; set; }
Public Property UseAEAD As Boolean

Default Value

False

Remarks

If this property is set to True the component uses the algorithm AEAD_CHACHA20_POLY1305 as defined in RFC 7539 to construct a message using AEAD. See Encrypt and Decrypt for details.

UseHex Property (ChaCha Component)

Whether input or output is hex encoded.

Syntax

public bool UseHex { get; set; }
Public Property UseHex As Boolean

Default Value

False

Remarks

This property specifies whether the encrypted data is hex encoded.

If set to True, when Encrypt is called the component will perform the encryption as normal and then hex encode the output. OutputMessage or OutputFile will hold hex encoded data.

If set to True, when Decrypt is called the component will expect InputMessage or InputFile to hold hex encoded data. The component will then hex decode the data and perform decryption as normal.

AEAD Notes

When UseAEAD is set to True this property also applies to AuthTag. After calling Encrypt AuthTag will hold a hex encoded value. Before calling Decrypt AuthTag must be set to a hex encoded value.

Config Method (ChaCha Component)

Sets or retrieves a configuration setting.

Syntax

public string Config(string configurationString);

Async Version
public async Task<string> Config(string configurationString);
public async Task<string> Config(string configurationString, CancellationToken cancellationToken);
Public Function Config(ByVal ConfigurationString As String) As String

Async Version
Public Function Config(ByVal ConfigurationString As String) As Task(Of String)
Public Function Config(ByVal ConfigurationString As String, cancellationToken As CancellationToken) As Task(Of String)

Remarks

Config is a generic method available in every component. It is used to set and retrieve configuration settings for the component.

These settings are similar in functionality to properties, but they are rarely used. In order to avoid "polluting" the property namespace of the component, access to these internal properties is provided through the Config method.

To set a configuration setting named PROPERTY, you must call Config("PROPERTY=VALUE"), where VALUE is the value of the setting expressed as a string. For boolean values, use the strings "True", "False", "0", "1", "Yes", or "No" (case does not matter).

To read (query) the value of a configuration setting, you must call Config("PROPERTY"). The value will be returned as a string.

Decrypt Method (ChaCha Component)

Decrypts the data.

Syntax

public void Decrypt();

Async Version
public async Task Decrypt();
public async Task Decrypt(CancellationToken cancellationToken);
Public Sub Decrypt()

Async Version
Public Sub Decrypt() As Task
Public Sub Decrypt(cancellationToken As CancellationToken) As Task

Remarks

Decrypt will decrypt the specified data. The following properties are applicable:

Input and Output Properties

The component will determine the source and destination of the input and output based on which properties are set.

The order in which the input properties are checked is as follows:

When a valid source is found the search stops. The order in which the output properties are checked is as follows:

When using streams you may need to additionally set CloseInputStreamAfterProcessing or CloseOutputStreamAfterProcessing.

Additional Notes

The Key property must be set to the 256 bit (32 byte) value originally used to encrypt the data. IV must be set to the original IV value used to encrypt the data.

If using a password, KeyPassword must be set to the same KeyPassword used when encrypting the data. This will automatically generate both Key and IV when Decrypt is called.

InitialCounter may be set for specific cases where an initial counter of 1 is needed. The default value is 0 and is recommended.

During decryption the Progress event will fire as data is decrypted.

Decrypt Example

Chacha chacha = new Chacha(); chacha.KeyB = new byte[] { 0xBB, 0x76, 0x17, 0xC9, 0x05, 0x73, 0x4A, 0x8D, 0x59, 0x9D, 0x7B, 0x0D, 0x86, 0x2A, 0x03, 0x82, 0x50, 0x6A, 0x70, 0xFB, 0xA8, 0x56, 0x47, 0x1B, 0x1E, 0x68, 0x0B, 0x2B, 0x34, 0x18, 0x0F, 0xE2 }; chacha.IVB = new byte[] { 0x0D, 0xE4, 0x43, 0x40, 0x29, 0xAD, 0x70, 0x7D, 0x7B, 0x32, 0xB5, 0xC7 }; chacha.InputMessageB = new byte[] { 0x35, 0xBA, 0x31, 0x60, 0x02, 0x77, 0x57, 0x06, 0x5F, 0x6E, 0xE0, 0xD4, 0x76 }; chacha.Decrypt(); Console.WriteLine(chacha.OutputMessage); //outputs "hello chacha!"

AEAD Notes

When decrypting AdditionalAuthData must be set to the same value that was specified when encrypting. AuthTag must be set to the AuthTag value produced when encrypting.

Note: IncludeAuthTag may be set to True if the AuthTag value was included in the encrypted message.

Decrypt with AEAD Example

Chacha chacha = new Chacha(); chacha.KeyB = new byte[] { 0xBB, 0x76, 0x17, 0xC9, 0x05, 0x73, 0x4A, 0x8D, 0x59, 0x9D, 0x7B, 0x0D, 0x86, 0x2A, 0x03, 0x82, 0x50, 0x6A, 0x70, 0xFB, 0xA8, 0x56, 0x47, 0x1B, 0x1E, 0x68, 0x0B, 0x2B, 0x34, 0x18, 0x0F, 0xE2 }; chacha.IVB = new byte[] { 0x0D, 0xE4, 0x43, 0x40, 0x29, 0xAD, 0x70, 0x7D, 0x7B, 0x32, 0xB5, 0xC7 }; chacha.AuthTagB = new byte[] { 0x46, 0x35, 0xFD, 0x33, 0x30, 0x52, 0xAA, 0x6B, 0xBA, 0x32, 0x16, 0xA6, 0x48, 0x12, 0x52, 0x78 }; chacha.InputMessageB = new byte[] { 0x67, 0xF5, 0xC7, 0xE4, 0xE6, 0xD6, 0xC2, 0xF4, 0x09, 0xE3, 0x90, 0xF2, 0x65 }; chacha.UseAEAD = true; chacha.AdditionalAuthData = "my auth data."; chacha.Decrypt(); Console.WriteLine(chacha.OutputMessage); //outputs "hello chacha!"

DecryptBlock Method (ChaCha Component)

Decrypts a block and returns the decrypted data.

Syntax

public byte[] DecryptBlock(byte[] inputBuffer, bool lastBlock);

Async Version
public async Task<byte[]> DecryptBlock(byte[] inputBuffer, bool lastBlock);
public async Task<byte[]> DecryptBlock(byte[] inputBuffer, bool lastBlock, CancellationToken cancellationToken);
Public Function DecryptBlock(ByVal InputBuffer As String, ByVal LastBlock As Boolean) As String

Async Version
Public Function DecryptBlock(ByVal InputBuffer As String, ByVal LastBlock As Boolean) As Task(Of String)
Public Function DecryptBlock(ByVal InputBuffer As String, ByVal LastBlock As Boolean, cancellationToken As CancellationToken) As Task(Of String)

Remarks

DecryptBlock will decrypt the input data and return the decrypted block. The decrypted block will always be the same length as the encrypted data. The following properties are applicable:

  • IV (required)
  • Key (required)

InputBuffer specifies the input data to decrypt.

LastBlock specifies whether the block is the last block. Required when UseAEAD is True. When LastBlock is True the component will validate the AuthTag value. If UseAEAD is False the value of LastBlock is not used.

DecryptBlock Example

Chacha chacha = new Chacha(); chacha.KeyB = new byte[] { 0xBB, 0x76, 0x17, 0xC9, 0x05, 0x73, 0x4A, 0x8D, 0x59, 0x9D, 0x7B, 0x0D, 0x86, 0x2A, 0x03, 0x82, 0x50, 0x6A, 0x70, 0xFB, 0xA8, 0x56, 0x47, 0x1B, 0x1E, 0x68, 0x0B, 0x2B, 0x34, 0x18, 0x0F, 0xE2 }; chacha.IVB = new byte[] { 0x0D, 0xE4, 0x43, 0x40, 0x29, 0xAD, 0x70, 0x7D, 0x7B, 0x32, 0xB5, 0xC7 }; chacha.UseAEAD = true; cahcha.AuthTagB = authTag; //Value calculated during encryption. byte[] tempDecryptedBlock; //Decrypt any number of blocks of any size tempDecryptedBlock = chacha.DecryptBlock(part1, false); tempDecryptedBlock = chacha.DecryptBlock(part2, false); //Pass true for the last block tempDecryptedBlock = chacha.DecryptBlock(part3, true);

Encrypt Method (ChaCha Component)

Encrypts the data.

Syntax

public void Encrypt();

Async Version
public async Task Encrypt();
public async Task Encrypt(CancellationToken cancellationToken);
Public Sub Encrypt()

Async Version
Public Sub Encrypt() As Task
Public Sub Encrypt(cancellationToken As CancellationToken) As Task

Remarks

Encrypt will encrypt the specified data. The following properties are applicable:

Input and Output Properties

The component will determine the source and destination of the input and output based on which properties are set.

The order in which the input properties are checked is as follows:

When a valid source is found the search stops. The order in which the output properties are checked is as follows:

When using streams you may need to additionally set CloseInputStreamAfterProcessing or CloseOutputStreamAfterProcessing.

Additional Notes

The Key property must be set to a 256 bit (32 byte) value. This is the only allowed value for ChaCha20. If KeyPassword is set both Key and IV will be automatically generated when Encrypt is called.

The IV should typically be set to a 96 bit (12 byte) value. See the IV property for details on using a 64 bit (8 byte) value. If IV is not set a 96 bit (12 byte) value will automatically be generated by the component when Encrypt is called.

InitialCounter may be set for specific cases where an initial counter of 1 is needed. The default value is 0 and is recommended.

During encryption the Progress event will fire as data is encrypted.

Encrypt Example

Chacha chacha = new Chacha(); chacha.KeyB = new byte[]{ 0xBB, 0x76, 0x17, 0xC9, 0x05, 0x73, 0x4A, 0x8D, 0x59, 0x9D, 0x7B, 0x0D, 0x86, 0x2A, 0x03, 0x82, 0x50, 0x6A, 0x70, 0xFB, 0xA8, 0x56, 0x47, 0x1B, 0x1E, 0x68, 0x0B, 0x2B, 0x34, 0x18, 0x0F, 0xE2 }; chacha.IVB = new byte[] { 0x0D, 0xE4, 0x43, 0x40, 0x29, 0xAD, 0x70, 0x7D, 0x7B, 0x32, 0xB5, 0xC7 }; chacha.InputMessage = "hello chacha!"; chacha.Encrypt(); //chacha.OutputMessageB contains the byte[] of the encrypted data. The above code produces the following encrypted bytes. // {0x35, 0xBA, 0x31, 0x60, 0x02, 0x77, 0x57, 0x06, 0x5F, 0x6E, 0xE0, 0xD4, 0x76}

AEAD Notes

When encrypting and UseAEAD is True AdditionalAuthData optionally holds data that is authenticated but not encrypted.

After encrypting the message the AuthTag property will be populated. To include the AuthTag in the output set IncludeAuthTag to True.

Encrypt with AEAD Example

Chacha chacha = new Chacha(); chacha.KeyB = new byte[] { 0xBB, 0x76, 0x17, 0xC9, 0x05, 0x73, 0x4A, 0x8D, 0x59, 0x9D, 0x7B, 0x0D, 0x86, 0x2A, 0x03, 0x82, 0x50, 0x6A, 0x70, 0xFB, 0xA8, 0x56, 0x47, 0x1B, 0x1E, 0x68, 0x0B, 0x2B, 0x34, 0x18, 0x0F, 0xE2 }; chacha.IVB = new byte[] { 0x0D, 0xE4, 0x43, 0x40, 0x29, 0xAD, 0x70, 0x7D, 0x7B, 0x32, 0xB5, 0xC7 }; chacha.UseAEAD = true; chacha.AdditionalAuthData = "my auth data."; chacha.InputMessage = "hello chacha!"; chacha.Encrypt(); //chacha.OutputMessageB contains the byte[] of the encrypted data. The above code produces the following encrypted bytes: // {0x67, 0xF5, 0xC7, 0xE4, 0xE6, 0xD6, 0xC2, 0xF4, 0x09, 0xE3, 0x90, 0xF2, 0x65} //chacha.AuthTagB contains the byte[] of the AuthTag. The above code produces the following authentication tag: // {0x46, 0x35, 0xFD, 0x33, 0x30, 0x52, 0xAA, 0x6B, 0xBA, 0x32, 0x16, 0xA6, 0x48, 0x12, 0x52, 0x78}

EncryptBlock Method (ChaCha Component)

Encrypts data and returns the encrypted block.

Syntax

public byte[] EncryptBlock(byte[] inputBuffer, bool lastBlock);

Async Version
public async Task<byte[]> EncryptBlock(byte[] inputBuffer, bool lastBlock);
public async Task<byte[]> EncryptBlock(byte[] inputBuffer, bool lastBlock, CancellationToken cancellationToken);
Public Function EncryptBlock(ByVal InputBuffer As String, ByVal LastBlock As Boolean) As String

Async Version
Public Function EncryptBlock(ByVal InputBuffer As String, ByVal LastBlock As Boolean) As Task(Of String)
Public Function EncryptBlock(ByVal InputBuffer As String, ByVal LastBlock As Boolean, cancellationToken As CancellationToken) As Task(Of String)

Remarks

EncryptBlock will encrypt the input data and return the encrypted block. The encrypted block will always be the same length as the decrypted data. The following properties are applicable:

  • IV (required)
  • Key (required)

InputBuffer specifies the input data to encrypt.

LastBlock specifies whether the block is the last block. Required when UseAEAD is True. When LastBlock is True the component will calculate the AuthTag value. If UseAEAD is False the value of LastBlock is not used.

EncryptBlock Example

Chacha chacha = new Chacha(); chacha.KeyB = new byte[] { 0xBB, 0x76, 0x17, 0xC9, 0x05, 0x73, 0x4A, 0x8D, 0x59, 0x9D, 0x7B, 0x0D, 0x86, 0x2A, 0x03, 0x82, 0x50, 0x6A, 0x70, 0xFB, 0xA8, 0x56, 0x47, 0x1B, 0x1E, 0x68, 0x0B, 0x2B, 0x34, 0x18, 0x0F, 0xE2 }; chacha.IVB = new byte[] { 0x0D, 0xE4, 0x43, 0x40, 0x29, 0xAD, 0x70, 0x7D, 0x7B, 0x32, 0xB5, 0xC7 }; chacha.UseAEAD = true; byte[] tempEncryptedBlock; //Encrypt any number of blocks of any size tempEncryptedBlock = chacha.EncryptBlock(part1, false); tempEncryptedBlock = chacha.EncryptBlock(part2, false); //Pass true for the last block tempEncryptedBlock = chacha.EncryptBlock(part3, true); //Save AuthTag for use when decrypting byte[] authTab = chacha.AuthTagB;

Reset Method (ChaCha Component)

Resets the component

Syntax

public void Reset();

Async Version
public async Task Reset();
public async Task Reset(CancellationToken cancellationToken);
Public Sub Reset()

Async Version
Public Sub Reset() As Task
Public Sub Reset(cancellationToken As CancellationToken) As Task

Remarks

When called, the component will reset all of its properties to their default values.

SetInputStream Method (ChaCha Component)

Sets the stream from which the component will read data to encrypt or decrypt.

Syntax

public void SetInputStream(System.IO.Stream inputStream);

Async Version
public async Task SetInputStream(System.IO.Stream inputStream);
public async Task SetInputStream(System.IO.Stream inputStream, CancellationToken cancellationToken);
Public Sub SetInputStream(ByVal InputStream As System.IO.Stream)

Async Version
Public Sub SetInputStream(ByVal InputStream As System.IO.Stream) As Task
Public Sub SetInputStream(ByVal InputStream As System.IO.Stream, cancellationToken As CancellationToken) As Task

Remarks

This method sets the stream from which the component will read data to encrypt or decrypt.

Input and Output Properties

The component will determine the source and destination of the input and output based on which properties are set.

The order in which the input properties are checked is as follows:

When a valid source is found the search stops. The order in which the output properties are checked is as follows:

When using streams you may need to additionally set CloseInputStreamAfterProcessing or CloseOutputStreamAfterProcessing.

SetOutputStream Method (ChaCha Component)

Sets the stream to which the component will write encrypted or decrypted data.

Syntax

public void SetOutputStream(System.IO.Stream outputStream);

Async Version
public async Task SetOutputStream(System.IO.Stream outputStream);
public async Task SetOutputStream(System.IO.Stream outputStream, CancellationToken cancellationToken);
Public Sub SetOutputStream(ByVal OutputStream As System.IO.Stream)

Async Version
Public Sub SetOutputStream(ByVal OutputStream As System.IO.Stream) As Task
Public Sub SetOutputStream(ByVal OutputStream As System.IO.Stream, cancellationToken As CancellationToken) As Task

Remarks

This method sets the stream to which the component will write encrypted or decrypted data.

Input and Output Properties

The component will determine the source and destination of the input and output based on which properties are set.

The order in which the input properties are checked is as follows:

When a valid source is found the search stops. The order in which the output properties are checked is as follows:

  • SetOutputStream
  • OutputFile
  • OutputMessage: The output data is written to this property if no other destination is specified.

When using streams you may need to additionally set CloseInputStreamAfterProcessing or CloseOutputStreamAfterProcessing.

Error Event (ChaCha Component)

Fired when information is available about errors during data delivery.

Syntax

public event OnErrorHandler OnError;

public delegate void OnErrorHandler(object sender, ChachaErrorEventArgs e);

public class ChachaErrorEventArgs : EventArgs {
  public int ErrorCode { get; }
  public string Description { get; }
}
Public Event OnError As OnErrorHandler

Public Delegate Sub OnErrorHandler(sender As Object, e As ChachaErrorEventArgs)

Public Class ChachaErrorEventArgs Inherits EventArgs
  Public ReadOnly Property ErrorCode As Integer
  Public ReadOnly Property Description As String
End Class

Remarks

The Error event is fired in case of exceptional conditions during message processing. Normally the component throws an exception.

The ErrorCode parameter contains an error code, and the Description parameter contains a textual description of the error. For a list of valid error codes and their descriptions, please refer to the Error Codes section.

Progress Event (ChaCha Component)

Fired as progress is made.

Syntax

public event OnProgressHandler OnProgress;

public delegate void OnProgressHandler(object sender, ChachaProgressEventArgs e);

public class ChachaProgressEventArgs : EventArgs {
  public long BytesProcessed { get; }
  public int PercentProcessed { get; }
}
Public Event OnProgress As OnProgressHandler

Public Delegate Sub OnProgressHandler(sender As Object, e As ChachaProgressEventArgs)

Public Class ChachaProgressEventArgs Inherits EventArgs
  Public ReadOnly Property BytesProcessed As Long
  Public ReadOnly Property PercentProcessed As Integer
End Class

Remarks

This event is fired automatically as data is processed by the component.

The PercentProcessed parameter indicates the current status of the operation.

The BytesProcessed parameter holds the total number of bytes processed so far.

Config Settings (ChaCha Component)

The component accepts one or more of the following configuration settings. Configuration settings are similar in functionality to properties, but they are rarely used. In order to avoid "polluting" the property namespace of the component, access to these internal properties is provided through the Config method.

ChaCha Config Settings

CloseInputStreamAfterProcessing:   Determines whether or not the input stream is closed after processing.

Determines whether or not the input stream set by SetInputStream is closed after processing is complete. The default value is True.

CloseOutputStreamAfterProcessing:   Determines whether or not the output stream is closed after processing.

Determines whether or not the output stream set by SetOutputStream is closed after processing is complete. The default value is True.

EncryptedDataEncoding:   The encoding of the encrypted input or output data.

This configuration setting specifies how the encrypted data is encoded (if at all).

When Encrypt is called the component will perform the encryption as normal and then encode the output as specified here. OutputMessage or OutputFile will hold the encoded data.

When Decrypt is called the component will expect InputMessage or InputFile to hold the encoded data as specified here. The component will then decode the data and perform decryption as normal.

Possible values are:

  • 0 (none - default)
  • 1 (Base64)
  • 2 (Hex)
  • 3 (Base64URL)

IncludeAuthTag:   Whether to append the authentication tag to the cipher text when UseAEAD is True.

This setting controls whether AuthTag is appended to the cipher text. This may be useful in cases where the other party knows to look for the authentication tag at the end of the data. The default value is False.

Note: This setting cannot be used in conjunction with DecryptBlock. When calling DecryptBlock AuthTag must be set explicitly and the cipher text being decrypted must not include the auth tag.

IncludeIV:   Whether to prepend the IV to the output data and read the IV from the input data.

If this config is true, the IV will be automatically prepended to the output data when calling Encrypt. When calling Decrypt and this setting is True, the IV is automatically extracted form the ciphertext. The default value is False.

InitialCounter:   The initial counter value.

This setting specifies the initial counter value. In most cases this is 0 (default), but some protocols may use a value of 1. The default value is 0.

IVLength:   The IV length in bytes.

This setting specifies the IV length. In most cases this is 12 bytes (default), but some protocols may use a value of 8 bytes. The default value is 12.

Note: When decrypting, if IncludeIV is set to True and the IV length was NOT 12 bytes when originally encrypting the data, this setting must be set to the appropriate value before calling Decrypt or DecryptBlock.

KeyPasswordAlgorithm:   The hash algorithm used to derive the Key and IV from the KeyPassword property.

This configuration setting specifies which hash algorithm will be used when deriving the Key and IV from KeyPassword. The default value is "MD5". Possible values are:

  • "SHA1"
  • "MD2"
  • "MD5" (default)
  • "HMAC-SHA1"
  • "HMAC-SHA224"
  • "HMAC-SHA256"
  • "HMAC-SHA384"
  • "HMAC-SHA512"
  • "HMAC-MD5"
  • "HMAC-RIPEMD160"

When using any HMAC algorithm the PBKDF#2 method from RFC 2898 is used. Any other algorithm uses PBKDF#1 from the same RFC.

KeyPasswordIterations:   The number of iterations performed when using KeyPassword to derive the Key and IV.

This configuration setting specifies the number of iterations performed when using KeyPassword to calculate values for Key and IV. When using PBKDF#2 the default number of iterations is 10,000. When using PBKDF#1 the default number is 10.

KeyPasswordSalt:   The salt value used in conjunction with the KeyPassword to derive the Key and IV.

This configuration setting specifies the hex encoded salt value to be used along with the KeyPassword when calculating values for Key and IV.

Base Config Settings

BuildInfo:   Information about the product's build.

When queried, this setting will return a string containing information about the product's build.

GUIAvailable:   Whether or not a message loop is available for processing events.

In a GUI-based application, long-running blocking operations may cause the application to stop responding to input until the operation returns. The component will attempt to discover whether or not the application has a message loop and, if one is discovered, it will process events in that message loop during any such blocking operation.

In some non-GUI applications, an invalid message loop may be discovered that will result in errant behavior. In these cases, setting GUIAvailable to false will ensure that the component does not attempt to process external events.

LicenseInfo:   Information about the current license.

When queried, this setting will return a string containing information about the license this instance of a component is using. It will return the following information:

  • Product: The product the license is for.
  • Product Key: The key the license was generated from.
  • License Source: Where the license was found (e.g., RuntimeLicense, License File).
  • License Type: The type of license installed (e.g., Royalty Free, Single Server).
  • Last Valid Build: The last valid build number for which the license will work.
MaskSensitive:   Whether sensitive data is masked in log messages.

In certain circumstances it may be beneficial to mask sensitive data, like passwords, in log messages. Set this to true to mask sensitive data. The default is true.

This setting only works on these components: AS3Receiver, AS3Sender, Atom, Client(3DS), FTP, FTPServer, IMAP, OFTPClient, SSHClient, SCP, Server(3DS), Sexec, SFTP, SFTPServer, SSHServer, TCPClient, TCPServer.

UseInternalSecurityAPI:   Whether or not to use the system security libraries or an internal implementation.

When set to false, the component will use the system security libraries by default to perform cryptographic functions where applicable. In this case, calls to unmanaged code will be made. In certain environments, this is not desirable. To use a completely managed security implementation, set this setting to true.

Setting this configuration setting to true tells the component to use the internal implementation instead of using the system security libraries.

On Windows, this setting is set to false by default. On Linux/macOS, this setting is set to true by default.

If using the .NET Standard Library, this setting will be true on all platforms. The .NET Standard library does not support using the system security libraries.

Note: This setting is static. The value set is applicable to all components used in the application.

When this value is set, the product's system dynamic link library (DLL) is no longer required as a reference, as all unmanaged code is stored in that file.

Trappable Errors (ChaCha Component)

ChaCha Errors

101   Unsupported algorithm.
102   No Key specified.
103   No IV specified.
104   Cannot read or write file.
107   Block size is not valid for this algorithm.
108   Key size is not valid for this algorithm.
111   OutputFile already exists and Overwrite is False.
121   The specified key is invalid.
123   IV size is not valid for this algorithm.
304   Cannot write file.
305   Cannot read file.
306   Cannot create file.
2004   Invalid padding. This may be an indication that the key is incorrect.