fix: ChaCha20 在旧平台上不支持 (#153)

Author: tangge233

Utils/Encryption/AesCbc.cs

@@ -49,112 +49,6 @@ public byte[] Encrypt(ReadOnlySpan<byte> data, ReadOnlySpan<byte> key)
             throw new NotSupportedException("You should no longer use AES-CBC as your encryption method");
         }
 
-        /// <summary>
-        /// 使用特定的 AES 算法加密数据
-        /// </summary>
-        /// <param name = "input" > 需要加密的数据 </ param >
-        /// < param name="key">密钥</param>
-        /// <returns>Base64 编码的加密数据</returns>
-        /// <exception cref = "ArgumentNullException" > 如果 key 为 null 或者空</exception>
-        //private static string AesEncrypt(string input, string key)
-        //{
-        //    if (string.IsNullOrEmpty(input))
-        //        return string.Empty;
-        //    if (string.IsNullOrEmpty(key))
-        //        throw new ArgumentNullException(nameof(key));
-
-        //            using var aes = Aes.Create();
-        //            aes.KeySize = 256;
-        //            aes.BlockSize = 128;
-        //            aes.Mode = CipherMode.CBC;
-        //            aes.Padding = PaddingMode.PKCS7;
-        //            var salt = new byte[32];
-        //#if NET6_0_OR_GREATER
-        //            using (var rng = RandomNumberGenerator.Create())
-        //#else
-        //        using (var rng = new RNGCryptoServiceProvider())
-        //#endif
-        //            {
-        //                rng.GetBytes(salt);
-        //            }
-
-        //#pragma warning disable SYSLIB0041
-        //            using (var deriveBytes = new Rfc2898DeriveBytes(key, salt, 1000))
-        //            {
-        //                aes.Key = deriveBytes.GetBytes(aes.KeySize / 8);
-        //                aes.GenerateIV();
-        //            }
-        //#pragma warning restore SYSLIB0041
-
-        //            using (var ms = new MemoryStream())
-        //            {
-        //                ms.Write(salt, 0, salt.Length);
-        //                ms.Write(aes.IV, 0, aes.IV.Length);
-
-        //                using (var cs = new CryptoStream(ms, aes.CreateEncryptor(), CryptoStreamMode.Write))
-        //                {
-        //                    var data = Encoding.UTF8.GetBytes(input);
-        //                    cs.Write(data, 0, data.Length);
-        //                }
-
-        //                return Convert.ToBase64String(ms.ToArray());
-        //            }
-        //        }
-
-        /// <summary>
-        /// 使用特定的 AES 算法解密数据
-        /// </summary>
-        /// <param name="input">Base64 编码的加密数据</param>
-        /// <param name="key">密钥</param>
-        /// <returns>返回解密文本</returns>
-        /// <exception cref="ArgumentNullException">如果 Key 为 null 或空</exception>
-        /// <exception cref="ArgumentException">如果 input 数据错误</exception>
-//        private static string AesDecrypt(string input, string key)
-//        {
-//            if (string.IsNullOrEmpty(input))
-//                return string.Empty;
-//            if (string.IsNullOrEmpty(key))
-//                throw new ArgumentNullException(nameof(key));
-
-
-//            using var aes = Aes.Create();
-//            aes.KeySize = 256;
-//            aes.BlockSize = 128;
-//            aes.Mode = CipherMode.CBC;
-//            aes.Padding = PaddingMode.PKCS7;
-
-//            var encryptedData = Convert.FromBase64String(input);
-
-//            var salt = new byte[32];
-//            Array.Copy(encryptedData, 0, salt, 0, salt.Length);
-
-//            var iv = new byte[aes.BlockSize / 8];
-//            Array.Copy(encryptedData, salt.Length, iv, 0, iv.Length);
-//            aes.IV = iv;
-
-//            if (encryptedData.Length < salt.Length + iv.Length)
-//            {
-//                throw new ArgumentException("加密数据格式无效或已损坏");
-//            }
-
-//#pragma warning disable SYSLIB0041
-//            using (var deriveBytes = new Rfc2898DeriveBytes(key, salt, 1000))
-//            {
-//                aes.Key = deriveBytes.GetBytes(aes.KeySize / 8);
-//            }
-//#pragma warning restore SYSLIB0041
-
-//            var cipherTextLength = encryptedData.Length - salt.Length - iv.Length;
-//            using (var ms = new MemoryStream(encryptedData, salt.Length + iv.Length, cipherTextLength))
-//            {
-//                using (var cs = new CryptoStream(ms, aes.CreateDecryptor(), CryptoStreamMode.Read))
-//                {
-//                    using (var sr = new StreamReader(cs, Encoding.UTF8))
-//                    {
-//                        return sr.ReadToEnd();
-//                    }
-//                }
-//            }
-//        }
+        public bool IsSupported { get => false; }
     }
 }

Utils/Encryption/AesGcm.cs

@@ -0,0 +1,56 @@
+using System;
+using System.Security.Cryptography;
+
+namespace PCL.Core.Utils.Encryption
+{
+    public class AesGcmProvider : IEncryptionProvider
+    {
+        public static AesGcmProvider Instance { get; } = new();
+
+        private const int NonceSize = 12; // 96 bits
+        private const int TagSize = 16;   // 128 bits
+
+        public byte[] Encrypt(ReadOnlySpan<byte> data, ReadOnlySpan<byte> key)
+        {
+            byte[] nonce = new byte[NonceSize];
+            RandomNumberGenerator.Fill(nonce);
+
+            byte[] tag = new byte[TagSize];
+            byte[] ciphertext = new byte[data.Length];
+
+            using (var aesGcm = new AesGcm(key, TagSize))
+            {
+                aesGcm.Encrypt(nonce, data, ciphertext, tag);
+            }
+
+            // [Nonce(12)] [Tag(16)] [Ciphertext(n)]
+            byte[] result = new byte[NonceSize + TagSize + ciphertext.Length];
+            Buffer.BlockCopy(nonce, 0, result, 0, NonceSize);
+            Buffer.BlockCopy(tag, 0, result, NonceSize, TagSize);
+            Buffer.BlockCopy(ciphertext, 0, result, NonceSize + TagSize, ciphertext.Length);
+
+            return result;
+        }
+
+        public byte[] Decrypt(ReadOnlySpan<byte> data, ReadOnlySpan<byte> key)
+        {
+            if (data.Length < NonceSize + TagSize)
+                throw new ArgumentException("加密数据长度不足。");
+
+            ReadOnlySpan<byte> nonce = data.Slice(0, NonceSize);
+            ReadOnlySpan<byte> tag = data.Slice(NonceSize, TagSize);
+            ReadOnlySpan<byte> ciphertext = data.Slice(NonceSize + TagSize);
+
+            byte[] plaintext = new byte[ciphertext.Length];
+
+            using (var aesGcm = new AesGcm(key, TagSize))
+            {
+                aesGcm.Decrypt(nonce, ciphertext, tag, plaintext);
+            }
+
+            return plaintext;
+        }
+
+        public bool IsSupported { get => AesGcm.IsSupported; }
+    }
+}

Utils/Encryption/ChaCha20.cs

@@ -80,4 +80,6 @@ private static void _DeriveKey(ReadOnlySpan<byte> ikm, ReadOnlySpan<byte> salt,
             salt,
             _Info.AsSpan());
     }
+
+    public bool IsSupported { get => ChaCha20Poly1305.IsSupported; }
 }

Utils/Encryption/IEncryptionProvider.cs

@@ -6,4 +6,6 @@ public interface IEncryptionProvider
 {
     public byte[] Encrypt(ReadOnlySpan<byte> data, ReadOnlySpan<byte> key);
     public byte[] Decrypt(ReadOnlySpan<byte> data, ReadOnlySpan<byte> key);
+
+    public static bool IsSupported { get; }
 }

Utils/Secret/EncryptHelper.cs

@@ -5,6 +5,7 @@
 using System.Security.Cryptography;
 using System.Text;
 using PCL.Core.IO;
+using PCL.Core.Logging;
 using PCL.Core.Utils.Encryption;
 
 namespace PCL.Core.Utils.Secret;
@@ -14,13 +15,26 @@ public static class EncryptHelper
     public static string SecretEncrypt(string data)
     {
         var rawData = Encoding.UTF8.GetBytes(data);
-        var encryptedData = ChaCha20.Instance.Encrypt(rawData, EncryptionKey);
-        var storeData = new EncryptionData()
+        byte[] encryptedData;
+        uint version;
+        if (ChaCha20.Instance.IsSupported)
         {
-            Version = 1,
-            Data = encryptedData
-        };
-        return Convert.ToBase64String(EncryptionData.ToBytes(storeData));
+            encryptedData = ChaCha20.Instance.Encrypt(rawData, EncryptionKey);
+            version = 1;
+        }
+        else if (AesGcmProvider.Instance.IsSupported)
+        {
+            encryptedData = AesGcmProvider.Instance.Encrypt(rawData, EncryptionKey);
+            version = 2;
+        }
+        else
+        {
+            LogWrapper.Warn("Encryption", "No available encryption method");
+            encryptedData = rawData;
+            version = 0;
+        }
+
+        return Convert.ToBase64String(EncryptionData.ToBytes(new EncryptionData { Version = version, Data = encryptedData })); ;
     }
 
     public static string SecretDecrypt(string data)
@@ -33,7 +47,9 @@ public static string SecretDecrypt(string data)
             var encryptionData = EncryptionData.FromBytes(rawData);
             var decryptedData = encryptionData.Version switch
             {
+                0 => rawData,
                 1 => ChaCha20.Instance.Decrypt(encryptionData.Data, EncryptionKey),
+                2 => AesGcmProvider.Instance.Decrypt(encryptionData.Data, EncryptionKey),
                 _ => throw new NotSupportedException("Unsupported encryption version")
             };
             return Encoding.UTF8.GetString(decryptedData);