//ZZZZ000;P:2;O:B.N.1.990.325;D:0.0.0.000.GBR;T:01/06/45/54/043/Z/MAR/2023;C:U;FM.CFF/B.N.1.990.325;FMO:0.0.0.217.NLD;TNO:XX0021;MPI:FFE;NUN:5;GRID:301925/5361605/309;GZE:32;TST:PERS/INF/PRONE;STR:32;SIZ:300/150/2662;MUE2:1/HEA/VT;MOC:WR;

//ZZZZ000V;P:6;O:0.0.0.000.GBR;D:B.N.1.990.325;T:07/12/20/00/554/Z/JUN/2023;C:U;

//ZZZZ000;P:6;O:B.N.1.990.325;D:0.0.0.000.GBR;T:01/06/09/47/289/Z/MAR/2023;C:U;OT:01/04/34/00/560/Z/MAR/2023;

using System;

using System.Security.Cryptography;

using System.Text;

​

namespace CHACHA20;

​

class Program

{

    static void Main()

    {

        Console.Write("Enter pass phrase (max 32 characters): ");

        string passPhrase = Console.ReadLine() ?? "";

        byte[] keyBytes = new byte[32];

        Array.Copy(Encoding.UTF8.GetBytes(passPhrase), keyBytes, Math.Min(32, passPhrase.Length));

​

        while (true)

        {

            Console.Write("Enter ASCA message to process, enter 'quit' to exit: ");

            string plainText = Console.ReadLine() ?? "";

            if (plainText.ToUpper() == "QUIT" || plainText.ToUpper() == "'QUIT'") break;

            //Header + LMEX + MSGID set = additional data.

            //TODO: OT set for acknowledgement replies

            var index = plainText.IndexOf("C:");

            if (index < 0)

            {

                Console.Write("Invalid ASCA message entered.");

                continue;

            }

            index = plainText.IndexOf(";", index + 2) + 1;

            string associatedText;

            if (index == plainText.Length || plainText.Substring(index).StartsWith("OT:")) //Interface verification/acknowledgement

            {

                associatedText = plainText;

                plainText = "";

            }

            else //regular ASCA message, msgid also in associated data

            {

                index = plainText.IndexOf(";", index + 1) + 1;

                associatedText = plainText.Substring(0, index);

                plainText = plainText.Substring(index);

            }

            WriteLine("", "");

            Console.WriteLine("------- Sender stuff -------");

            byte[] senderNonce = RandomNumberGenerator.GetBytes(12);

            byte[] ciphertext = Encrypt(plainText, keyBytes, senderNonce, associatedText, out byte[] authenticationTag);

​

            WriteLine("Header & LMEX: ", associatedText.Substring(0, 77));

            int associatedDataLength = associatedText.Length - 77;

            WriteLine("Remaining Associated Data Length: ", associatedDataLength.ToString());

            if (associatedDataLength > 0)

            {

                WriteLine("Associated Data: ", associatedText.Substring(77, associatedDataLength));

            }

            WriteLine("Authentication Tag: ", Convert.ToBase64String(authenticationTag));

            WriteLine("Nonce: ", Convert.ToBase64String(senderNonce));

            WriteLine("Cipher text: ", Convert.ToBase64String(ciphertext));

​

            string manipulation = AskForManipulation();

​

            switch (manipulation.Substring(0, 1).ToUpperInvariant())

            {

                case "A":

                    WriteLine("", "");

                    associatedText = "X" + associatedText.Substring(1);

                    WriteLine("Manipulated Associated Data: ", associatedText);

                    break;

                case "C":

                    WriteLine("", "");

                    ciphertext[0] = Encoding.UTF8.GetBytes("X")[0];

                    WriteLine("Manipulated Ciphertext: ", Convert.ToBase64String(ciphertext));

                    break;

                case "T":

                    WriteLine("", "");

                    authenticationTag[0] = Encoding.UTF8.GetBytes("X")[0];

                    WriteLine("Manipulated AuthenticationTag: ", Convert.ToBase64String(authenticationTag));

                    break;

            }

            WriteLine("", "");

​

            //To send: Header + LMEX, length remaining associatedText + remaining associatedText, authenticationTag (fixed length 16 pos), nonce + ciphertext

            byte[] messageToSend = Concat(Encoding.UTF8.GetBytes((associatedText.Substring(0, 77))),

                Concat(BitConverter.GetBytes((ushort)associatedDataLength),

                    Concat(Encoding.UTF8.GetBytes(associatedDataLength > 0 ? associatedText.Substring(77, associatedDataLength) : ""),

                        Concat(authenticationTag,

                            Concat(senderNonce,

                                ciphertext)))));

            WriteLine("Message to send: ", Convert.ToBase64String(messageToSend));

​

            WriteLine("", "");

            Console.WriteLine("------- Receiver stuff -------");

​

            byte[] messageReceived = messageToSend;

            //First 16 bytes is the authenticationTag

            //Next 4 bytes is the length of the associatedText

            //Next associatedTextLength number of bytes is the associated text

            //The remaining number of bytes contains the encrypted message

            var receivedHeaderLmex = SubArray(messageReceived, 0, 77);

            WriteLine("Guard could inspect Header + LMEX: ", Encoding.UTF8.GetString(receivedHeaderLmex));

            byte[] receivedAssociatedDataLength = SubArray(messageReceived, 77, 2);

            ushort length = BitConverter.ToUInt16(receivedAssociatedDataLength);

            var receivedAssociatedData = Concat(receivedHeaderLmex, SubArray(messageReceived, 77 + 2, associatedDataLength));  //cut length field out

            byte[] receivedAuthenticationTag = SubArray(messageReceived, 77 + 2 + associatedDataLength, 16);

            byte[] receiverNonce = SubArray(messageReceived, 77 + 2 + associatedDataLength + 16, 12);

            var receivedCipher = SubArray(messageReceived, 77 + 2 + associatedDataLength + 16 + 12, messageReceived.Length - (77 + 2 + associatedDataLength + 16 + 12));

            WriteLine("Received Associated Data: ", Encoding.UTF8.GetString(receivedAssociatedData));

            WriteLine("Received Authentication Tag: ", Convert.ToBase64String(receivedAuthenticationTag));

            WriteLine("Received Nonce: ", Convert.ToBase64String(receiverNonce));

            WriteLine("Received Cipher Text: ", Convert.ToBase64String(receivedCipher));

​

            if (Decrypt(receivedCipher, keyBytes, receiverNonce, receivedAssociatedData, receivedAuthenticationTag, out string decryptedText))

            {

                WriteLine("Decrypted text: ", decryptedText);

                associatedText = Encoding.UTF8.GetString(receivedAssociatedData);

                WriteLine("Received ASCA message: ", associatedText + decryptedText);

            }

            WriteLine("", "");

        }

    }

    private static string AskForManipulation()

    {

        WriteLine("", "");

        string result = "";

​

        while (!result.StartsWith("N")

              && !result.StartsWith("A")

              && !result.StartsWith("T")

              && !result.StartsWith("C"))

        {

            Console.Write("Manipulated the message? Use ");

            Console.Write("N");

            Console.Write("(o), ");

            Console.Write("A");

            Console.Write("(dditional data), ");

            Console.Write("C");

            Console.Write("(yphered text) or ");

            Console.Write("T");

            Console.Write("(ag): ");

            result = Console.ReadLine().ToUpperInvariant() ?? "";

        }

        return result;

    }

​

    static byte[] Encrypt(string plaintext, byte[] keyBytes, byte[] nonce, string associatedText, out byte[] authenticationTag)

    {

        byte[] encryptedText;

        byte[] plaintextBytes = Encoding.UTF8.GetBytes(plaintext);

        byte[] associatedData = Encoding.UTF8.GetBytes(associatedText);

        using (var chacha20 = new ChaCha20Poly1305(keyBytes))

        {

            encryptedText = new byte[plaintextBytes.Length];

            authenticationTag = new byte[16]; // 16 bytes voor de authenticatietag

            chacha20.Encrypt(nonce, plaintextBytes, encryptedText, authenticationTag, associatedData);

        }

        return encryptedText;

    }

    static bool Decrypt(byte[] ciphertext, byte[] keyBytes, byte[] nonce, byte[] associatedData, byte[] authenticationTag, out string decryptedText)

    {

        byte[] decryptBytes = new byte[ciphertext.Length];

​

        using (var chacha20 = new ChaCha20Poly1305(keyBytes))

        {

            try

            {

                chacha20.Decrypt(nonce, ciphertext, authenticationTag, decryptBytes, associatedData);

            }

            catch (Exception ex)

            {

                Console.WriteLine("Error: " + ex.Message);

                decryptedText = null;

                return false;

            }

        }

        decryptedText = Encoding.UTF8.GetString(decryptBytes);

        return true;

    }

    static byte[] Concat(byte[] a, byte[] b)

    {

        byte[] output = new byte[a.Length + b.Length];

        for (int i = 0; i < a.Length; i++)

        {

            output[i] = a[i];

        }

        for (int j = 0; j < b.Length; j++)

        {

            output[a.Length + j] = b[j];

        }

        return output;

    }

    static byte[] SubArray(byte[] data, int start, int length)

    {

        byte[] result = new byte[length];

        Array.Copy(data, start, result, 0, length);

        return result;

    }

    static void WriteLine(string label, string value)

    {

        if (label == null)

        {

            WriteLine("", "");

            return;

        }

        Console.Write(label);

        Console.WriteLine(value);

    }

}