Beispiel #1
0
        private static byte[] GetPolicyBuffer(long fileSize, DRPolicyData policy, byte[] iv, byte[] encryptionKey)
        {
            MemoryStream ms = new MemoryStream();
            BinaryWriter bw = new BinaryWriter(ms);

            bw.Write(AES_VERIFICATION_KEY);
            bw.Write((uint)(policy.AESFlags));
            bw.Write(iv.Length);
            bw.Write(iv);
            bw.Write(encryptionKey.Length);

            if (encryptionKey.Length < 32)
            {
                //the struture always keep 32 bytes for encryption key.
                Array.Resize(ref encryptionKey, 32);
            }

            bw.Write(encryptionKey);
            bw.Write(policy.CreationTime);
            bw.Write(policy.ExpireTime);
            bw.Write((uint)policy.AccessFlags);
            bw.Write(fileSize);
            bw.Write(policy.LengthOfIncludeProcessNames);

            //the first offset lenght = current position + 13*4
            //    sizeof(OffsetOfIncludeProcessNames)  +  sizeof(OffsetOfExcludeProcessNames) + sizeof(LengthOfExcludeProcessNames)
            // +  sizeof(OffsetOfIncludeUserNames) + sizeof(LengthOfIncludeUserNames) +  sizeof(OffsetOfExcludeUserNames) + sizeof(LengthOfExcludeUserNames)
            // +  sizeof(OffsetOfAccountName) + sizeof(LengthOfAccountName) +  sizeof(OffsetOfComputerIds) + sizeof(LengthOfComputerIds)
            // +  sizeof(LengthOfUserPassword) + sizeof(OffsetOfUserPassword)

            policy.OffsetOfIncludeProcessNames = (uint)ms.Length + 13 * 4;
            bw.Write(policy.OffsetOfIncludeProcessNames);

            bw.Write(policy.LengthOfExcludeProcessNames);
            policy.OffsetOfExcludeProcessNames = policy.OffsetOfIncludeProcessNames + policy.LengthOfIncludeProcessNames;
            bw.Write(policy.OffsetOfExcludeProcessNames);

            bw.Write(policy.LengthOfIncludeUserNames);
            policy.OffsetOfIncludeUserNames = policy.OffsetOfExcludeProcessNames + policy.LengthOfExcludeProcessNames;
            bw.Write(policy.OffsetOfIncludeUserNames);

            bw.Write(policy.LengthOfExcludeUserNames);
            policy.OffsetOfExcludeUserNames = policy.OffsetOfIncludeUserNames + policy.LengthOfIncludeUserNames;
            bw.Write(policy.OffsetOfExcludeUserNames);

            bw.Write(policy.LengthOfAccountName);
            policy.OffsetOfAccountName = policy.OffsetOfExcludeUserNames + policy.LengthOfExcludeUserNames;
            bw.Write(policy.OffsetOfAccountName);

            bw.Write(policy.LengthOfComputerIds);
            policy.OffsetOfComputerIds = policy.OffsetOfAccountName + policy.LengthOfAccountName;
            bw.Write(policy.OffsetOfComputerIds);

            bw.Write(policy.LengthOfUserPassword);
            policy.OffsetOfUserPassword = policy.OffsetOfComputerIds + policy.LengthOfComputerIds;
            bw.Write(policy.OffsetOfUserPassword);


            byte[] strBuffer;
            if (policy.LengthOfIncludeProcessNames > 0)
            {
                strBuffer = UnicodeEncoding.Unicode.GetBytes(policy.IncludeProcessNames);
                bw.Write(strBuffer);
            }

            if (policy.LengthOfExcludeProcessNames > 0)
            {
                strBuffer = UnicodeEncoding.Unicode.GetBytes(policy.ExcludeProcessNames);
                bw.Write(strBuffer);
            }

            if (policy.LengthOfIncludeUserNames > 0)
            {
                strBuffer = UnicodeEncoding.Unicode.GetBytes(policy.IncludeUserNames);
                bw.Write(strBuffer);
            }

            if (policy.LengthOfExcludeUserNames > 0)
            {
                strBuffer = UnicodeEncoding.Unicode.GetBytes(policy.ExcludeUserNames);
                bw.Write(strBuffer);
            }

            if (policy.LengthOfAccountName > 0)
            {
                strBuffer = UnicodeEncoding.Unicode.GetBytes(policy.AccountName);
                bw.Write(strBuffer);
            }

            if (policy.LengthOfComputerIds > 0)
            {
                strBuffer = UnicodeEncoding.Unicode.GetBytes(policy.ComputerIds);
                bw.Write(strBuffer);
            }

            if (policy.LengthOfUserPassword > 0)
            {
                strBuffer = UnicodeEncoding.Unicode.GetBytes(policy.UserPassword);
                bw.Write(strBuffer);
            }

            byte[] AESBuffer = ms.ToArray();

            //encrypt the access policy except the sizeOfAESData;
            FilterAPI.AESEncryptDecryptBuffer(AESBuffer, 0, null, null);

            return(AESBuffer);
        }
Beispiel #2
0
        /// <summary>
        /// Create an encrypted file with embedded digital right policy, distribute the encrypted file via internet,
        /// only the authorized users and processes can access the encrypted file.
        /// </summary>
        /// <param name="fileName"></param>
        /// <param name="passPhrase"></param>
        /// <param name="policy"></param>
        /// <param name="lastError"></param>
        /// <returns></returns>
        public static bool EncryptFileWithEmbeddedDRPolicy(string sourceFileName, string destFileName, byte[] encryptIV, byte[] encryptKey, DRPolicyData policy, out string lastError)
        {
            bool       ret = false;
            FileStream fs  = null;

            lastError = string.Empty;

            try
            {
                if (!File.Exists(sourceFileName))
                {
                    lastError = sourceFileName + " doesn't exist.";
                    return(false);
                }

                FileInfo fileInfo = new FileInfo(sourceFileName);
                long     fileSize = fileInfo.Length;

                byte[] AESBuffer = GetPolicyBuffer(fileSize, policy, encryptIV, encryptKey);


                //encrypt the file with encryption key and a iv key.
                ret = FilterAPI.AESEncryptFileToFile(sourceFileName, destFileName, (uint)encryptKey.Length, encryptKey, (uint)encryptIV.Length, encryptIV, false);
                if (!ret)
                {
                    lastError = "Create encrypt file " + destFileName + " failed with error:" + FilterAPI.GetLastErrorMessage();
                    return(ret);
                }

                fs = new FileStream(destFileName, FileMode.Append, FileAccess.Write, FileShare.Read);

                //append the DR policy to the encrypted file.
                fs.Write(AESBuffer, 0, AESBuffer.Length);

                //append the sizeof the DR policy
                fs.Write(BitConverter.GetBytes(AESBuffer.Length + 4), 0, 4);
            }
            catch (Exception ex)
            {
                ret       = false;
                lastError = "Encrypt file " + sourceFileName + " failed with error:" + ex.Message;
            }
            finally
            {
                if (null != fs)
                {
                    fs.Close();
                }
            }

            return(ret);
        }
Beispiel #3
0
        private static byte[] ConvertDRPolicyDataToByteArray(DRPolicyData policy)
        {
            MemoryStream ms = new MemoryStream();
            BinaryWriter bw = new BinaryWriter(ms);

            bw.Write(AES_VERIFICATION_KEY);
            bw.Write((uint)(policy.AESFlags));
            bw.Write(policy.IVLength);
            bw.Write(policy.IV);
            bw.Write(policy.EncryptionKeyLength);
            bw.Write(policy.EncryptionKey);
            bw.Write(policy.CreationTime);
            bw.Write(policy.ExpireTime);
            bw.Write((uint)policy.AccessFlags);
            bw.Write(policy.FileSize);
            bw.Write(policy.LengthOfAuthorizedProcessNames);
            bw.Write(policy.LengthOfUnauthorizedProcessNames);
            bw.Write(policy.LengthOfAuthorizedUserNames);
            bw.Write(policy.LengthOfUnauthorizedUserNames);
            bw.Write(policy.LengthOfAccountName);
            bw.Write(policy.LengthOfComputerIds);
            bw.Write(policy.LengthOfUserPassword);

            byte[] strBuffer;
            if (policy.LengthOfAuthorizedProcessNames > 0)
            {
                strBuffer = UnicodeEncoding.Unicode.GetBytes(policy.AuthorizedProcessNames);
                bw.Write(strBuffer);
            }

            if (policy.LengthOfUnauthorizedProcessNames > 0)
            {
                strBuffer = UnicodeEncoding.Unicode.GetBytes(policy.UnauthorizedProcessNames);
                bw.Write(strBuffer);
            }

            if (policy.LengthOfAuthorizedUserNames > 0)
            {
                strBuffer = UnicodeEncoding.Unicode.GetBytes(policy.AuthorizedUserNames);
                bw.Write(strBuffer);
            }

            if (policy.LengthOfUnauthorizedUserNames > 0)
            {
                strBuffer = UnicodeEncoding.Unicode.GetBytes(policy.UnauthorizedUserNames);
                bw.Write(strBuffer);
            }

            if (policy.LengthOfAccountName > 0)
            {
                strBuffer = UnicodeEncoding.Unicode.GetBytes(policy.AccountName);
                bw.Write(strBuffer);
            }

            if (policy.LengthOfComputerIds > 0)
            {
                strBuffer = UnicodeEncoding.Unicode.GetBytes(policy.ComputerIds);
                bw.Write(strBuffer);
            }

            if (policy.LengthOfUserPassword > 0)
            {
                strBuffer = UnicodeEncoding.Unicode.GetBytes(policy.UserPassword);
                bw.Write(strBuffer);
            }

            //append the sizeof the DR policy
            int sizeofDRDataArray = (int)ms.Length + 4;// the size of sizeofDRDataArray takes 4 bytes memory as a int data

            bw.Write(sizeofDRDataArray);

            byte[] AESBuffer = ms.ToArray();

            return(AESBuffer);
        }