public void SecureFile_WipeAndDelete() { // Verify that a file can be wiped and deleted. Note that there's // no reasonable way to automate a check to see that the file // was actually wiped. It's best to step through the code manually // to verify this. var path = Path.GetTempFileName(); using (var fs = new FileStream(path, FileMode.Create, FileAccess.ReadWrite)) { for (int i = 0; i < 1000000; i++) { fs.WriteByte((byte)i); } } SecureFile.WipeAndDelete(path, 3); Assert.IsFalse(System.IO.File.Exists(path)); // Verify that calling WipeAndDelete() on a non-existant file // does not throw an exception. SecureFile.WipeAndDelete(path, 3); }
//public void filldata() //{ // ConnectionClass mycon = new ConnectionClass(); // string c_id=Request.QueryString["c_id"]; // DataFolder.DataSource = mycon.select("select * from tbl_category where c_id="+c_id); // DataFolder.DataBind(); // } protected void addfile_Click(object sender, EventArgs e) { ConnectionClass mycon = new ConnectionClass(); SecureFile sf = new SecureFile(); string cid = Request.QueryString["c_id"]; string type = mycon.GetValue("select c_name from tbl_category where c_id=" + cid); if (type == "Text") { string ext = System.IO.Path.GetExtension(folderupload.FileName); string filename = DateTime.Now.ToBinary().ToString(); string savepath = @"~\folder\" + filename + ext; folderupload.SaveAs(Server.MapPath(savepath)); string save = MapPath("encrypt"); string source = MapPath("folder"); sf.encrypt(filename + ext, source + "//" + filename + ext, passs.Text); mycon.iud("insert into tbl_pvt values(" + cid + ",'" + savepath + "','" + filename + "','" + sname.Text + "','" + DateTime.Now.ToString() + "','ACTIVE')"); } else { string ext = System.IO.Path.GetExtension(folderupload.FileName); string filename = DateTime.Now.ToBinary().ToString(); string savepath = @"~\folder\" + filename + ext; folderupload.SaveAs(Server.MapPath(savepath)); mycon.iud("insert into tbl_pvt values(" + cid + ",'" + savepath + "','" + filename + "','" + sname.Text + "','" + DateTime.Now.ToString() + "','ACTIVE')"); } Response.Write("INSERTED"); string user_id = Session["u_id"].ToString(); mycon.iud("insert into tbl_logs values('you have added file into your user folder','" + user_id + "','" + DateTime.Now.ToString() + "')"); fillfolderdata(); }
public string[] EncryptFilesWithStormshieldDataFile(string[] filePaths, string[] emailAddresses) { List <string> encryptedFilePaths = new List <string>(); string recipients = CSharpArrayToCmdletList(emailAddresses); using (Stormshield.DataSecurity.Connector.API api = new Stormshield.DataSecurity.Connector.API()) { object[] objects = api.Execute(string.Format("Get-SDSCertificate -EmailAddress {0}", recipients)); if (objects == null || objects.Length != emailAddresses.Length) { throw new InvalidOperationException("Certains certificats ne sont pas trouvés"); } else { KeyValuePair <string, object>[] parameters = new KeyValuePair <string, object>[] { new KeyValuePair <string, object>("-Path", filePaths), new KeyValuePair <string, object>("-Coworkers", objects) }; objects = api.Execute("Protect-SDSFile", parameters); if (objects != null) { foreach (object item in objects) { SecureFile secureFile = item as SecureFile; encryptedFilePaths.Add(secureFile.Path); } } } } return(encryptedFilePaths.ToArray()); }
public void SecureFile_Stream_Validate() { string privateKey = AsymmetricCrypto.CreatePrivateKey(CryptoAlgorithm.RSA, 1024); string publicKey = AsymmetricCrypto.GetPublicKey(CryptoAlgorithm.RSA, privateKey); EnhancedMemoryStream original = new EnhancedMemoryStream(); EnhancedMemoryStream encrypted = new EnhancedMemoryStream(); SecureFile secure = null; byte b; for (int i = 0; i < 100; i++) { original.WriteByte((byte)i); } secure = new SecureFile(original, SecureFileMode.Encrypt, publicKey); original.Position = 0; secure.EncryptTo(encrypted, CryptoAlgorithm.AES, 256); secure.Close(); secure = null; encrypted.Position = 0; Assert.IsTrue(SecureFile.Validate(encrypted, privateKey)); encrypted.Position = encrypted.Length - 1; b = (byte)encrypted.ReadByte(); encrypted.Position = encrypted.Length - 1; encrypted.WriteByte((byte)(~b)); encrypted.Position = 0; Assert.IsFalse(SecureFile.Validate(encrypted, privateKey)); }
public void SecureFile_Stream_NoContent() { string privateKey = AsymmetricCrypto.CreatePrivateKey(CryptoAlgorithm.RSA, 1024); string publicKey = AsymmetricCrypto.GetPublicKey(CryptoAlgorithm.RSA, privateKey); EnhancedMemoryStream original = new EnhancedMemoryStream(); EnhancedMemoryStream encrypted = new EnhancedMemoryStream(); EnhancedMemoryStream decrypted = new EnhancedMemoryStream(); SecureFile secure = null; secure = new SecureFile(original, SecureFileMode.Encrypt, publicKey); original.Position = 0; secure.EncryptTo(encrypted, CryptoAlgorithm.AES, 256); secure.Close(); secure = null; original.Position = 0; encrypted.Position = 0; Assert.AreNotEqual(original.ReadBytesToEnd(), encrypted.ReadBytesToEnd()); encrypted.Position = 0; secure = new SecureFile(encrypted, SecureFileMode.Decrypt, privateKey); secure.DecryptTo(decrypted); secure.Close(); secure = null; Assert.AreEqual(0, decrypted.Length); }
public void SecureFile_Stream_LargeContent() { string privateKey = AsymmetricCrypto.CreatePrivateKey(CryptoAlgorithm.RSA, 1024); string publicKey = AsymmetricCrypto.GetPublicKey(CryptoAlgorithm.RSA, privateKey); EnhancedMemoryStream original = new EnhancedMemoryStream(); EnhancedMemoryStream encrypted = new EnhancedMemoryStream(); EnhancedMemoryStream decrypted = new EnhancedMemoryStream(); SecureFile secure = null; for (int i = 0; i < 128000; i++) { original.WriteByte((byte)i); } secure = new SecureFile(original, SecureFileMode.Encrypt, publicKey); original.Position = 0; secure.EncryptTo(encrypted, CryptoAlgorithm.AES, 256); secure.Close(); secure = null; encrypted.Position = 0; secure = new SecureFile(encrypted, SecureFileMode.Decrypt, privateKey); secure.DecryptTo(decrypted); secure.Close(); secure = null; original.Position = 0; encrypted.Position = 0; CollectionAssert.AreNotEqual(original.ReadBytesToEnd(), encrypted.ReadBytesToEnd()); original.Position = 0; decrypted.Position = 0; CollectionAssert.AreEqual(original.ReadBytesToEnd(), decrypted.ReadBytesToEnd()); }
public void SecureFile_File_Validate() { string originalName = Path.GetTempFileName(); string encryptName = Path.GetTempFileName(); string privateKey = AsymmetricCrypto.CreatePrivateKey(CryptoAlgorithm.RSA, 1024); string publicKey = AsymmetricCrypto.GetPublicKey(CryptoAlgorithm.RSA, privateKey); EnhancedStream original = null; EnhancedStream encrypted = null; SecureFile secure = null; byte b; try { original = new EnhancedFileStream(originalName, FileMode.Create, FileAccess.ReadWrite); for (int i = 0; i < 100; i++) { original.WriteByte((byte)i); } original.Close(); original = null; secure = new SecureFile(originalName, SecureFileMode.Encrypt, publicKey); secure.EncryptTo(encryptName, CryptoAlgorithm.AES, 256); secure.Close(); secure = null; Assert.IsTrue(SecureFile.Validate(encryptName, privateKey)); encrypted = new EnhancedFileStream(encryptName, FileMode.Open, FileAccess.ReadWrite); encrypted.Position = encrypted.Length - 1; b = (byte)encrypted.ReadByte(); encrypted.Position = encrypted.Length - 1; encrypted.WriteByte((byte)(~b)); encrypted.Close(); Assert.IsFalse(SecureFile.Validate(encryptName, privateKey)); } finally { if (original != null) { original.Close(); } if (encrypted != null) { encrypted.Close(); } System.IO.File.Delete(originalName); System.IO.File.Delete(encryptName); } }
private void MainForm_Load(object sender, EventArgs e) { _secureFile = new SecureFile(_key); _secureFile.ChunkUpdate += SecureFile_ChunkUpdate; _secureFile.ProcessCompleted += SecureFile_ProcessCompleted; if (!SecureDelete.IsPossible()) { MessageBox.Show("Secure Deletion of Files not possible. SDelete wasn't found in this Directory. Please download it and save it inside the DataEncrypter directory.", "No Secure Deletion", MessageBoxButtons.OK, MessageBoxIcon.Exclamation); } }
private void UpdateDatabaseOSX() { if (File.Exists(_macDBPath + "/" + DBNameDecrypted) == true) { if (File.Exists(_macDBPath + "/" + DBName) == true) { File.Delete(_macDBPath + "/" + DBName); } SecureFile.EncryptFile(_macDBPath + "/" + DBNameDecrypted, _macDBPath + "/" + DBName); File.Delete(_macDBPath + "/" + DBNameDecrypted); } }
/// <summary> /// This example demonstrates the use of the Set-SDSFileCoworker API /// </summary> /// <remarks>All coworkers are replaced with the specified ones (author will not be removed)</remarks> /// <example>SetCoworkers "C:\My Folder\Document.docx.sbox" [email protected]</example> /// <example>SetCoworkers "C:\My Folder\Document.docx.sbox" [email protected],[email protected]</example> /// <example>SetCoworkers "C:\My Folder\Document.docx.sbox" [email protected],[email protected],[email protected]</example> static int Main(string[] args) { int returnCode = 0; try { if (args.Length != 2) { throw new ArgumentException("Missing parameters"); } string sboxPath = args[0]; string emailAddresses = args[1]; using (API api = new API()) { object[] objects = api.Execute("Get-SDSUser"); if (objects == null) { throw new InvalidOperationException("No user connected"); } object[] certificates = api.Execute(string.Format("Get-SDSCertificate -EmailAddress {0}", emailAddresses)); if (certificates == null || certificates.Length != emailAddresses.Split(new char[] { ',' }).Length) { throw new InvalidOperationException("One or more certificates not found"); } KeyValuePair <string, Object>[] parameters = new KeyValuePair <string, Object>[] { new KeyValuePair <string, Object>("Path", sboxPath), new KeyValuePair <string, Object>("Coworkers", certificates) }; objects = api.Execute("Set-SDSFileCoworker", parameters); if (objects == null || objects.Length != 1) { throw new InvalidOperationException("Set-SDSFileCoworker"); } SecureFile secureFile = objects[0] as SecureFile; Console.WriteLine(string.Format("Return:\n{0}", secureFile.Path)); } } catch (System.Exception ex) { Console.WriteLine(ex); returnCode = 2; } return(returnCode); }
protected void DataFolder_ItemCommand(object source, DataListCommandEventArgs e) { ConnectionClass mycon = new ConnectionClass(); if (e.CommandName == "delete") { string path = e.CommandArgument.ToString(); mycon.iud("update tbl_pvt set status='INACTIVE' where path='" + path + "'"); string user_id = Session["u_id"].ToString(); mycon.iud("insert into tbl_logs values('You have deleted a file from your Private folder','" + user_id + "','" + DateTime.Now.ToString() + "')"); } else if (e.CommandName == "view") { string path = e.CommandArgument.ToString(); // done.NavigateUrl = path; string cd = Request.QueryString["c_id"]; string u_id = mycon.GetValue("select u_id from tbl_category where c_id=" + cd); string cdd = mycon.GetValue("select c_id from tbl_category where u_id='" + u_id + "'AND c_name='Text'"); if (Request.QueryString["c_id"].ToString() != cdd) { Response.Redirect(path); } else { SecureFile sf = new SecureFile(); string p = MapPath(path); int index = path.IndexOf('-'); int len = path.Length; string fname = path.Substring(index, len - index); if (passs.Text != "") { string pth = sf.decrypt(fname, p, passs.Text); // Response.Redirect(pth); if (pth != "") { string ext = Path.GetExtension(fname); Response.Redirect("~/folder/" + fname + "_decrypted" + ext); } else { Response.Write("INVALID PASSWORD"); } } } } fillfolderdata(); }
/// <summary> /// This example demonstrates the use of the Get-SDSFile API /// </summary> /// <example>MultipleGetFile "C:\My Folder\Document.docx.sbox" "C:\My Folder\Document.xlsx.sbox" "C:\My Folder\Document.pdf.sbox"</example> static int Main(string[] args) { int returnCode = 0; try { if (args.Length == 0) { throw new ArgumentException("Missing parameters"); } StringBuilder sboxPathes = new StringBuilder(); foreach (string arg in args) { sboxPathes.AppendFormat("'{0}',", arg); } using (API api = new API()) { object[] objects = api.Execute("Get-SDSUser"); if (objects == null) { throw new InvalidOperationException("No user connected"); } objects = api.Execute(string.Format("Get-SDSFile {0}", sboxPathes.ToString().TrimEnd(new char[] { ',' }))); if (objects == null || objects.Length != sboxPathes.ToString().Split(new char[] { ',' }).Length) { throw new InvalidOperationException("Get-SDSFile"); } foreach (object o in objects) { SecureFile secureFile = o as SecureFile; Console.WriteLine(string.Format("Return:\n{0}", secureFile.Path)); } } } catch (System.Exception ex) { Console.WriteLine(ex); returnCode = 2; } return(returnCode); }
public string[] EncryptFileWithStormshieldDataFile(string filePath) { List <string> encryptedFilePaths = new List <string>(); using (Stormshield.DataSecurity.Connector.API api = new Stormshield.DataSecurity.Connector.API()) { object[] objects = api.Execute(string.Format("Protect-SDSFile '{0}'", filePath)); if (objects != null) { foreach (object item in objects) { SecureFile secureFile = item as SecureFile; encryptedFilePaths.Add(secureFile.Path); } } } return(encryptedFilePaths.ToArray()); }
public void SecureFile_Stream_BadHash() { string privateKey = AsymmetricCrypto.CreatePrivateKey(CryptoAlgorithm.RSA, 1024); string publicKey = AsymmetricCrypto.GetPublicKey(CryptoAlgorithm.RSA, privateKey); EnhancedMemoryStream original = new EnhancedMemoryStream(); EnhancedMemoryStream encrypted = new EnhancedMemoryStream(); EnhancedMemoryStream decrypted = new EnhancedMemoryStream(); SecureFile secure = null; byte b; for (int i = 0; i < 100; i++) { original.WriteByte((byte)i); } secure = new SecureFile(original, SecureFileMode.Encrypt, publicKey); original.Position = 0; secure.EncryptTo(encrypted, CryptoAlgorithm.AES, 256); secure.Close(); secure = null; // Munge the last byte of the hash digest and then // confirm the this is detected encrypted.Position = encrypted.Length - 1; b = (byte)encrypted.ReadByte(); encrypted.Position = encrypted.Length - 1; encrypted.WriteByte((byte)(~b)); encrypted.Position = 0; secure = new SecureFile(encrypted, SecureFileMode.Decrypt, privateKey); try { secure.DecryptTo(decrypted); Assert.Fail("Corrupt hash digest not detected."); } catch { // Expecting an exception } }
/// <summary> /// This example demonstrates the use of the Unprotect-SDSFile API /// It allows a user to decrypt one or more files encrypted with Stormshield Data File component /// </summary> /// <example>DecryptFile C:\Document.docx.sbox</example> /// <example>DecryptFile "C:\Document.docx.sbox,'C:\My Folder\Document.xlsx.sbox'"</example> static int Main(string[] args) { int returnCode = 0; try { if (args.Length != 1) { throw new ArgumentException("Missing parameters"); } string sboxPathes = args[0]; using (API api = new API()) { object[] objects = api.Execute("Get-SDSUser"); if (objects == null) { throw new InvalidOperationException("No user connected"); } objects = api.Execute(string.Format("Unprotect-SDSFile {0}", sboxPathes)); if (objects == null || objects.Length != sboxPathes.Split(new char[] { ',' }).Length) { throw new InvalidOperationException("Unprotect-SDSFile"); } foreach (object o in objects) { SecureFile secureFile = o as SecureFile; Console.WriteLine(string.Format("Return:\n{0}", secureFile.Path)); } } } catch (System.Exception ex) { Console.WriteLine(ex); returnCode = 2; } return(returnCode); }
public void SecureFile_Stream_Metadata() { string privateKey = AsymmetricCrypto.CreatePrivateKey(CryptoAlgorithm.RSA, 1024); string publicKey = AsymmetricCrypto.GetPublicKey(CryptoAlgorithm.RSA, privateKey); EnhancedMemoryStream original = new EnhancedMemoryStream(); EnhancedMemoryStream encrypted = new EnhancedMemoryStream(); EnhancedMemoryStream decrypted = new EnhancedMemoryStream(); SecureFile secure = null; DateTime createTime = Helper.UtcNowRounded - TimeSpan.FromMinutes(1); DateTime writeTime = Helper.UtcNowRounded; secure = new SecureFile(original, SecureFileMode.Encrypt, publicKey); secure.Properties["Foo"] = "Bar"; secure.Properties["Hello"] = "World"; secure.FileName = "Test.dat"; secure.FullPath = "c:\\test\\test.dat"; secure.CreateTimeUtc = createTime; secure.WriteTimeUtc = writeTime; original.Position = 0; secure.EncryptTo(encrypted, CryptoAlgorithm.AES, 256); secure.Close(); secure = null; original.Position = 0; encrypted.Position = 0; Assert.AreNotEqual(original.ReadBytesToEnd(), encrypted.ReadBytesToEnd()); encrypted.Position = 0; secure = new SecureFile(encrypted, SecureFileMode.Decrypt, privateKey); secure.DecryptTo(decrypted); Assert.AreEqual("Bar", secure.Properties["Foo"]); Assert.AreEqual("World", secure.Properties["Hello"]); Assert.AreEqual("Test.dat", secure.FileName); Assert.AreEqual("c:\\test\\test.dat", secure.FullPath); Assert.AreEqual(createTime, secure.CreateTimeUtc); Assert.AreEqual(writeTime, secure.WriteTimeUtc); secure.Close(); secure = null; Assert.AreEqual(0, decrypted.Length); }
/// <summary> /// This example demonstrates the use of the Remove-SDSFileCoworker API /// </summary> /// <example>RemoveCoworkers "C:\My Folder\Document.docx.sbox" [email protected]</example> /// <example>RemoveCoworkers "C:\My Folder\Document.docx.sbox" [email protected],[email protected]</example> /// <example>RemoveCoworkers "C:\My Folder\Document.docx.sbox" [email protected],[email protected],[email protected]</example> static int Main(string[] args) { int returnCode = 0; try { if (args.Length != 2) { throw new ArgumentException("Missing parameters"); } string sboxPath = args[0]; string emailAddresses = args[1]; using (API api = new API()) { object[] objects = api.Execute("Get-SDSUser"); if (objects == null) { throw new InvalidOperationException("No user connected"); } objects = api.Execute(string.Format("Remove-SDSFileCoworker '{0}' -EmailAddress {1}", sboxPath, emailAddresses)); if (objects == null || objects.Length != 1) { throw new InvalidOperationException("Remove-SDSFileCoworker"); } SecureFile secureFile = objects[0] as SecureFile; Console.WriteLine(string.Format("Return:\n{0}", secureFile.Path)); } } catch (System.Exception ex) { Console.WriteLine(ex); returnCode = 2; } return(returnCode); }
public void SecureFile_Stream_GetPublicKey() { string privateKey = AsymmetricCrypto.CreatePrivateKey(CryptoAlgorithm.RSA, 1024); string publicKey = AsymmetricCrypto.GetPublicKey(CryptoAlgorithm.RSA, privateKey); EnhancedMemoryStream original = new EnhancedMemoryStream(); EnhancedMemoryStream encrypted = new EnhancedMemoryStream(); SecureFile secure = null; for (int i = 0; i < 100; i++) { original.WriteByte((byte)i); } // Verify that the public key is saved when requested (the default) secure = new SecureFile(original, SecureFileMode.Encrypt, publicKey); Assert.IsTrue(secure.SavePublicKey); Assert.AreEqual(publicKey, secure.PublicKey); original.Position = 0; secure.EncryptTo(encrypted, CryptoAlgorithm.AES, 256); secure.Close(); secure = null; encrypted.Position = 0; Assert.AreEqual(publicKey, SecureFile.GetPublicKey(encrypted)); // Verify that the public key is not saved if SavePublicKey=false encrypted.SetLength(0); secure = new SecureFile(original, SecureFileMode.Encrypt, publicKey); secure.SavePublicKey = false; original.Position = 0; secure.EncryptTo(encrypted, CryptoAlgorithm.AES, 256); secure.Close(); secure = null; encrypted.Position = 0; Assert.IsNull(SecureFile.GetPublicKey(encrypted)); }
private void SelectFile_button_Click(object sender, EventArgs e) { using (var fileDialog = new OpenFileDialog()) { fileDialog.InitialDirectory = ""; fileDialog.Filter = "All files (*.*)|*.*"; fileDialog.FilterIndex = 0; fileDialog.RestoreDirectory = true; if (fileDialog.ShowDialog() == DialogResult.OK) { if (_filePath != fileDialog.FileName) { //Get the path of specified file _filePath = fileDialog.FileName; fileName_label.Text = Path.GetFileName(_filePath); //check if its a secure file if (SecureFile.IsSecureFile(_filePath)) { mode_comboBox.SelectedItem = mode_comboBox.Items[1]; _isSecureFile = true; } else { mode_comboBox.SelectedItem = mode_comboBox.Items[0]; } LogMessage(CreateFileInfo(_filePath)); key_textBox.Enabled = true; } } } CheckKey(); }
public void SecureFile_File_KeyChain() { string encryptName = Path.GetTempFileName(); string privateKey = AsymmetricCrypto.CreatePrivateKey(CryptoAlgorithm.RSA, 1024); string publicKey = AsymmetricCrypto.GetPublicKey(CryptoAlgorithm.RSA, privateKey); EnhancedMemoryStream original = new EnhancedMemoryStream(); SecureFile secure = null; try { for (int i = 0; i < 100; i++) { original.WriteByte((byte)i); } // Verify that SecureFile can find the correct private key in the key chain. secure = new SecureFile(original, SecureFileMode.Encrypt, publicKey); Assert.IsTrue(secure.SavePublicKey); Assert.AreEqual(publicKey, secure.PublicKey); original.Position = 0; secure.EncryptTo(encryptName, CryptoAlgorithm.AES, 256); secure.Close(); secure = null; var keyChain = new KeyChain(); var decrypted = new EnhancedMemoryStream(); keyChain.Add(privateKey); secure = new SecureFile(encryptName, keyChain); secure.DecryptTo(decrypted); secure.Close(); secure = null; CollectionAssert.AreEqual(original.ToArray(), decrypted.ToArray()); // Verify that SecureFile throws a CryptographicException if the // key is not present in the chain. keyChain.Clear(); try { secure = new SecureFile(encryptName, keyChain); secure.DecryptTo(decrypted); Assert.Fail("Expecting a CryptographicException"); } catch (CryptographicException) { // Expecting this } finally { if (secure != null) { secure.Close(); secure = null; } } // Verify that SecureFile throws a CryptographicException if the // public key was not saved to the file. keyChain.Add(privateKey); secure = new SecureFile(original, SecureFileMode.Encrypt, publicKey); secure.SavePublicKey = false; original.Position = 0; secure.EncryptTo(encryptName, CryptoAlgorithm.AES, 256); secure.Close(); secure = null; try { secure = new SecureFile(encryptName, keyChain); secure.DecryptTo(decrypted); Assert.Fail("Expecting a CryptographicException"); } catch (CryptographicException) { // Expecting this } finally { if (secure != null) { secure.Close(); secure = null; } } } finally { System.IO.File.Delete(encryptName); } }
private void CreateDatabaseLogicForMac() { if (Directory.Exists(_macDBPath) == true) { if (File.Exists(_macDBPath + "/" + DBName) == true) { if (File.Exists(_macDBPath + "/" + DBNameDecrypted) == true) { if (File.Exists(_macDBPath + "/" + DBName) == true) { File.Delete(_macDBPath + "/" + DBName); } SecureFile.EncryptFile(_macDBPath + "/" + DBNameDecrypted, _macDBPath + "/" + DBName); } else { SecureFile.DecryptFile(_macDBPath + "/" + DBName, _macDBPath + "/" + DBNameDecrypted); } string __foundVersion = CheckBundleVersion(); if (__foundVersion != CurrentBundleVersion.version) { if (File.Exists(_macDBPath + "/" + DBName) == true) { File.Delete(_macDBPath + "/" + DBName); } if (File.Exists(_macDBPath + "/" + DBNameDecrypted) == true) { File.Delete(_macDBPath + "/" + DBNameDecrypted); } File.Copy(Application.streamingAssetsPath + "/" + DBName, _macDBPath + "/" + DBName, true); SecureFile.DecryptFile(_macDBPath + "/" + DBName, _macDBPath + "/" + DBNameDecrypted); InsertBundleVersionDataInDatabase(CurrentBundleVersion.version); } } else { File.Copy(Application.streamingAssetsPath + "/" + DBName, _macDBPath + "/" + DBName, true); if (File.Exists(_macDBPath + "/" + DBNameDecrypted) == true) { if (File.Exists(_macDBPath + "/" + DBName) == true) { File.Delete(_macDBPath + "/" + DBName); } SecureFile.EncryptFile(_macDBPath + "/" + DBNameDecrypted, _macDBPath + "/" + DBName); } else { SecureFile.DecryptFile(_macDBPath + "/" + DBName, _macDBPath + "/" + DBNameDecrypted); } } } else { Directory.CreateDirectory(_macDBPath); File.Copy(Application.streamingAssetsPath + "/" + DBName, _macDBPath + "/" + DBName, true); SecureFile.DecryptFile(_macDBPath + "/" + DBName, _macDBPath + "/" + DBNameDecrypted); InsertBundleVersionDataInDatabase(CurrentBundleVersion.version); } }
public void SecureFile_File_BadHash() { string originalName = Path.GetTempFileName(); string encryptName = Path.GetTempFileName(); string decryptName = Path.GetTempFileName(); string privateKey = AsymmetricCrypto.CreatePrivateKey(CryptoAlgorithm.RSA, 1024); string publicKey = AsymmetricCrypto.GetPublicKey(CryptoAlgorithm.RSA, privateKey); EnhancedStream original = null; EnhancedStream encrypted = null; SecureFile secure = null; byte b; try { original = new EnhancedFileStream(originalName, FileMode.Create, FileAccess.ReadWrite); for (int i = 0; i < 100; i++) { original.WriteByte((byte)i); } original.Close(); original = null; secure = new SecureFile(originalName, SecureFileMode.Encrypt, publicKey); secure.EncryptTo(encryptName, CryptoAlgorithm.AES, 256); secure.Close(); secure = null; // Munge the last byte of the hash digest and then confirm // that the bad hash is detected. encrypted = new EnhancedFileStream(encryptName, FileMode.Open, FileAccess.ReadWrite); encrypted.Position = encrypted.Length - 1; b = (byte)encrypted.ReadByte(); encrypted.Position = encrypted.Length - 1; encrypted.WriteByte((byte)(~b)); encrypted.Close(); encrypted = null; ExtendedAssert.Throws <CryptographicException>( () => { secure = new SecureFile(encryptName, SecureFileMode.Decrypt, privateKey); secure.DecryptTo(decryptName); }); } finally { if (original != null) { original.Close(); } if (encrypted != null) { encrypted.Close(); } try { System.IO.File.Delete(originalName); } catch { } try { System.IO.File.Delete(encryptName); } catch { } try { System.IO.File.Delete(decryptName); } catch { } } }
public void SecureFile_File_Metadata() { string originalName = Path.GetTempFileName(); string encryptName = Path.GetTempFileName(); string decryptName = Path.GetTempFileName(); string privateKey = AsymmetricCrypto.CreatePrivateKey(CryptoAlgorithm.RSA, 1024); string publicKey = AsymmetricCrypto.GetPublicKey(CryptoAlgorithm.RSA, privateKey); EnhancedStream original = null; EnhancedStream encrypted = null; EnhancedStream decrypted = null; SecureFile secure = null; DateTime createTime = Helper.UtcNowRounded - TimeSpan.FromMinutes(1); DateTime writeTime = Helper.UtcNowRounded; try { original = new EnhancedFileStream(originalName, FileMode.Create, FileAccess.ReadWrite); for (int i = 0; i < 100; i++) { original.WriteByte((byte)i); } original.Close(); original = null; Directory.SetCreationTimeUtc(originalName, createTime); Directory.SetLastWriteTimeUtc(originalName, writeTime); secure = new SecureFile(originalName, SecureFileMode.Encrypt, publicKey); secure.Properties["Foo"] = "Bar"; secure.Properties["Hello"] = "World"; secure.EncryptTo(encryptName, CryptoAlgorithm.AES, 256); Assert.AreEqual(Path.GetFileName(originalName), secure.FileName); Assert.AreEqual(createTime, secure.CreateTimeUtc); Assert.AreEqual(writeTime, secure.WriteTimeUtc); secure.Close(); secure = null; secure = new SecureFile(encryptName, SecureFileMode.Decrypt, privateKey); Assert.AreEqual("Bar", secure.Properties["Foo"]); Assert.AreEqual("World", secure.Properties["Hello"]); Assert.AreEqual(Path.GetFileName(originalName), secure.FileName); Assert.AreEqual(createTime, secure.CreateTimeUtc); Assert.AreEqual(writeTime, secure.WriteTimeUtc); secure.DecryptTo(decryptName); secure.Close(); secure = null; Assert.AreEqual(createTime, Directory.GetCreationTimeUtc(decryptName)); Assert.AreEqual(writeTime, Directory.GetLastWriteTimeUtc(decryptName)); original = new EnhancedFileStream(originalName, FileMode.Open, FileAccess.Read); encrypted = new EnhancedFileStream(encryptName, FileMode.Open, FileAccess.Read); decrypted = new EnhancedFileStream(decryptName, FileMode.Open, FileAccess.Read); original.Position = 0; encrypted.Position = 0; Assert.AreNotEqual(original.ReadBytesToEnd(), encrypted.ReadBytesToEnd()); original.Position = 0; decrypted.Position = 0; CollectionAssert.AreEqual(original.ReadBytesToEnd(), decrypted.ReadBytesToEnd()); } finally { if (original != null) { original.Close(); } if (encrypted != null) { encrypted.Close(); } if (decrypted != null) { decrypted.Close(); } System.IO.File.Delete(originalName); System.IO.File.Delete(encryptName); System.IO.File.Delete(decryptName); } }
/// <summary> /// Implements the background thread. /// </summary> private void DownloadThread() { DateTime lastWarningTime = DateTime.MinValue; PolledTimer pollTimer; bool resetTimer; try { // Initialize the GeoTracker file folder try { Helper.CreateFileTree(dataPath); if (File.Exists(downloadPath)) { SysLog.LogWarning("GeoTracker: Deleting existing temporary [{0}] file on startup.", downloadPath); Helper.DeleteFile(downloadPath); } if (File.Exists(decryptedPath)) { SysLog.LogWarning("GeoTracker: Deleting existing temporary [{0}] file on startup.", decryptedPath); Helper.DeleteFile(decryptedPath); } } catch (Exception e) { SysLog.LogException(e); } // Initalize the poll timer. We'll schedule an immediate download if the data file does // not exist, otherwise we'll delay the polling for a random period of time between // 0 and 15 minutes in the hope that we'll end up staggering the polling times across // the server cluster (so we won't hammer the source website). pollTimer = new PolledTimer(settings.IPGeocodeSourcePollInterval, false); resetTimer = false; if (!File.Exists(dataPath)) { pollTimer.FireNow(); } else { pollTimer.ResetRandomTemporary(TimeSpan.Zero, TimeSpan.FromMinutes(15)); } // The polling loop. while (true) { if (stopPending) { return; } try { if (pollDataNow) { pollTimer.FireNow(); pollDataNow = false; } if (pollTimer.HasFired) { DateTime fileDateUtc = DateTime.UtcNow; bool isUpdate = false; double fileSize = 0; ElapsedTimer downloadTimer; HttpWebRequest request; HttpWebResponse response; HttpStatusCode statusCode; resetTimer = true; // If a database file already exists then extract its last modify // date and use this in an If-Modified-Since request to the source // website to see if there's an updated file. if (File.Exists(dataPath)) { request = (HttpWebRequest)WebRequest.Create(settings.IPGeocodeSourceUri); request.Timeout = (int)TimeSpan.FromSeconds(30).TotalMilliseconds; isUpdate = true; fileDateUtc = File.GetLastWriteTimeUtc(dataPath); request.Method = "HEAD"; request.IfModifiedSince = fileDateUtc; try { using (response = (HttpWebResponse)request.GetResponse()) statusCode = response.StatusCode; } catch (WebException e) { statusCode = ((HttpWebResponse)e.Response).StatusCode; } if (statusCode == HttpStatusCode.NotModified) { // The source website does not have an updated file. I'm going to // do one extra check to see if the file we have is more than 45 // days old and log a warning. Note that we're going to issue this // warning only once a week while the service is running. if (DateTime.UtcNow - fileDateUtc < TimeSpan.FromDays(45) || DateTime.UtcNow - lastWarningTime >= TimeSpan.FromDays(7)) { continue; } lastWarningTime = DateTime.UtcNow; const string warning = @"GeoTracker: The local copy of the MaxMind GeoIP City or GeoLite City database is [{0}] days old and should be updated. You may need to download a new copy of the database from http://maxmind.com, decompress it and upload it to the source website at [{1}]. Note: Make sure that the website is configured with the [.DAT=application/octet-stream] MIME mapping."; SysLog.LogWarning(warning, (int)(DateTime.UtcNow - fileDateUtc).TotalDays, settings.IPGeocodeSourceUri); continue; } } // Download the database to the temporary download file. Helper.DeleteFile(downloadPath); downloadTimer = new ElapsedTimer(true); fileSize = Helper.WebDownload(settings.IPGeocodeSourceUri, downloadPath, settings.IPGeocodeSourceTimeout, out response); downloadTimer.Stop(); // Set the file times to match the Last-Modified header received from the website (it any). string lastModified = response.Headers["Last-Modified"]; if (lastModified != null) { try { fileDateUtc = Helper.ParseInternetDate(lastModified); File.SetCreationTimeUtc(downloadPath, fileDateUtc); File.SetLastWriteTimeUtc(downloadPath, fileDateUtc); } catch (Exception e) { SysLog.LogException(e, "GeoTracker: Website for [{0}] returned invalid Last-Modified header [{1}].", settings.IPGeocodeSourceUri, lastModified); } } // Decrypt the file and set its file dates. var keyChain = new KeyChain(settings.IPGeocodeSourceRsaKey); using (var secureFile = new SecureFile(downloadPath, keyChain)) { secureFile.DecryptTo(decryptedPath); } File.SetCreationTimeUtc(decryptedPath, fileDateUtc); File.SetLastWriteTimeUtc(decryptedPath, fileDateUtc); // Verify the decrypted data file and then swap in new file. const string info = @"GeoTracker: {0} of IP-to-location database from [{1}] completed. Downloaded [{2:#.#}MB] bytes in [{3}]."; SysLog.LogInformation(info, isUpdate ? "Update download" : "Initial download", settings.IPGeocodeSourceUri, fileSize / (1024 * 1024), downloadTimer.ElapsedTime); // Create a new MaxMind lookup intance and then swap it in without interrupting // any queries in progress. try { LookupService newMaxMind; newMaxMind = new LookupService(decryptedPath, LookupService.GEOIP_MEMORY_CACHE); newMaxMind.close(); maxMind = newMaxMind; UpdateCount++; } catch (Exception e) { SysLog.LogException(e); SysLog.LogError("GeoTracker: The MaxMind downloaded database file [{0}] appears to be corrupted. This will be deleted so the downloader can get a fresh copy.", downloadPath); } lock (syncLock) { Helper.DeleteFile(dataPath); File.Copy(decryptedPath, dataPath); File.SetCreationTimeUtc(dataPath, fileDateUtc); File.SetLastWriteTimeUtc(dataPath, fileDateUtc); } // Delete the temporary files. Helper.DeleteFile(decryptedPath); Helper.DeleteFile(downloadPath); } } catch (WebException e) { SysLog.LogException(e); SysLog.LogWarning("GeoTracker: The download of the MaxMind database file has failed. The service will try again in 1 minute."); pollTimer.ResetTemporary(TimeSpan.FromMinutes(1)); resetTimer = false; } catch (ThreadAbortException e) { SysLog.LogException(e); throw; } catch (Exception e) { SysLog.LogException(e); } finally { if (resetTimer) { resetTimer = false; pollTimer.Reset(); } } Thread.Sleep(settings.BkInterval); } } finally { running = false; } }
public void SecureFile_File_GetPublicKey() { string originalName = Path.GetTempFileName(); string encryptName = Path.GetTempFileName(); string privateKey = AsymmetricCrypto.CreatePrivateKey(CryptoAlgorithm.RSA, 1024); string publicKey = AsymmetricCrypto.GetPublicKey(CryptoAlgorithm.RSA, privateKey); EnhancedStream original = null; EnhancedStream encrypted = null; SecureFile secure = null; try { original = new EnhancedFileStream(originalName, FileMode.Create, FileAccess.ReadWrite); for (int i = 0; i < 100; i++) { original.WriteByte((byte)i); } original.Close(); original = null; // Verify that the public key is saved if requested secure = new SecureFile(originalName, SecureFileMode.Encrypt, publicKey); Assert.IsTrue(secure.SavePublicKey); Assert.AreEqual(publicKey, secure.PublicKey); secure.EncryptTo(encryptName, CryptoAlgorithm.AES, 256); secure.Close(); secure = null; Assert.AreEqual(publicKey, SecureFile.GetPublicKey(encryptName)); // Verify that the public key is not saved, if SavePublicKey=false System.IO.File.Delete(encryptName); secure = new SecureFile(originalName, SecureFileMode.Encrypt, publicKey); secure.SavePublicKey = false; secure.EncryptTo(encryptName, CryptoAlgorithm.AES, 256); secure.Close(); secure = null; Assert.IsNull(SecureFile.GetPublicKey(encryptName)); } finally { if (original != null) { original.Close(); } if (encrypted != null) { encrypted.Close(); } System.IO.File.Delete(originalName); System.IO.File.Delete(encryptName); } }
/// <summary> /// This example demonstrates the use of the Protect-SDSFile API /// It allows a user to encrypt a file with Stormshield Data File component. /// </summary> /// <example>EncryptFile C:\Document.docx</example> /// <example>EncryptFile C:\Document.docx [email protected]</example> /// <example>EncryptFile C:\Document.docx [email protected],[email protected]</example> static int Main(string[] args) { int returnCode = 0; try { if (args.Length == 0) { throw new ArgumentException("Missing parameters"); } string filePath = args[0]; using (API api = new API()) { object[] objects = api.Execute("Get-SDSUser"); if (objects == null) { throw new InvalidOperationException("No user connected"); } if (args.Length == 1) { // with no email addresses, the file is encrypted for the currently connected user //objects = api.Execute(string.Format("Protect-SDSFile '{0}'", filePath)); objects = api.Execute("Protect-SDSFile C:\\a\\a.docx"); } else { string emailAddresses = args[1]; object[] certificates = api.Execute(string.Format("Get-SDSCertificate -EmailAddress {0}", emailAddresses)); if (certificates == null || certificates.Length != emailAddresses.Split(new char[] { ',' }).Length) { throw new InvalidOperationException("One or more certificates not found"); } KeyValuePair <string, object>[] parameters = new KeyValuePair <string, object>[] { new KeyValuePair <string, object>("-Path", filePath), new KeyValuePair <string, object>("-Coworkers", certificates) }; objects = api.Execute("Protect-SDSFile", parameters); } if (objects == null || objects.Length != 1) { throw new InvalidOperationException("Protect-SDSFile"); } SecureFile secureFile = objects[0] as SecureFile; Console.WriteLine(string.Format("Return:\n{0}", secureFile.Path)); } } catch (System.Exception ex) { Console.WriteLine(ex); returnCode = 2; } return(returnCode); }
private static int DecryptSecureFile(string[] args) { CommandLine cmdLine = new CommandLine(args, false); string inPath = cmdLine.GetOption("in", null); string outPath = cmdLine.GetOption("out", null); string keyChainOption = cmdLine.GetOption("keychain", null); KeyChain keyChain = null; if (inPath == null) { Program.Error("[-in:<path>] command line option is required."); return(1); } if (outPath == null) { Program.Error("[-out:<path>] command line option is required."); return(1); } if (keyChainOption != null) { string keyPath; int pos; SymmetricKey symkey; pos = keyChainOption.IndexOf(';'); if (pos != -1) { // Keychain file is encrypted. keyPath = keyChainOption.Substring(0, pos); symkey = new SymmetricKey(keyChainOption.Substring(pos + 1)); keyChain = new KeyChain(symkey, File.ReadAllBytes(keyPath)); } else { // Keychain file is not encrypted. keyChain = new KeyChain(); using (var input = new StreamReader(keyChainOption)) { for (var line = input.ReadLine(); line != null; line = input.ReadLine()) { var trimmed = line.Trim(); if (trimmed.Length == 0 || trimmed.StartsWith("//") || trimmed.StartsWith("--")) { continue; } keyChain.Add(trimmed); } } } if (keyChain.Count == 0) { Program.Error("The keychain is empty."); return(1); } } else { keyChain = new KeyChain(); } var keys = cmdLine.GetOptionValues("key"); foreach (var key in keys) { keyChain.Add(key); } if (keyChain.Count == 0) { Program.Error("A private RSA key must be specified using a [-key] or [-keychain] option."); return(1); } using (var secureFile = new SecureFile(inPath, keyChain)) { secureFile.DecryptTo(outPath); } return(0); }