private static void UsingPassword(string inputFilePath, byte[] passwordBytes)
{
try
{
bool fileIsDirectory = FileHandling.IsDirectory(inputFilePath);
if (fileIsDirectory)
{
DirectoryDecryption.UsingPassword(inputFilePath, passwordBytes);
return;
}
byte[] salt = FileHeaders.ReadSalt(inputFilePath);
byte[] keyEncryptionKey = Argon2.DeriveKey(passwordBytes, salt);
string outputFilePath = GetOutputFilePath(inputFilePath);
DecryptFile.Initialize(inputFilePath, outputFilePath, keyEncryptionKey);
Utilities.ZeroArray(keyEncryptionKey);
DecryptionSuccessful(inputFilePath, outputFilePath);
}
catch (Exception ex) when(ExceptionFilters.FileAccess(ex))
{
Logging.LogException(ex.ToString(), Logging.Severity.Error);
if (ex is ArgumentException || ex is ArgumentOutOfRangeException)
{
DisplayMessage.FilePathMessage(inputFilePath, ex.Message);
return;
}
DisplayMessage.FilePathException(inputFilePath, ex.GetType().Name, "Unable to decrypt the file.");
}
}
public static void UsingPassword(string directoryPath, byte[] passwordBytes)
{
bool overwriteOption = Globals.Overwrite;
try
{
// Always overwrite directories
string backupDirectoryPath = BackupDirectory(directoryPath);
Globals.Overwrite = true;
string[] filePaths = GetFiles(directoryPath, out string newDirectoryPath);
// Generate one salt for the entire directory
byte[] salt = Generate.Salt();
CreateSaltFile(newDirectoryPath, salt);
// Perform password hashing once
byte[] keyEncryptionKey = Argon2.DeriveKey(passwordBytes, salt);
EncryptEachFileWithPassword(filePaths, salt, keyEncryptionKey);
RenameBackupDirectory(backupDirectoryPath, directoryPath);
}
catch (Exception ex) when(ExceptionFilters.FileAccess(ex))
{
Logging.LogException(ex.ToString(), Logging.Severity.Error);
DisplayMessage.FilePathException(directoryPath, ex.GetType().Name, "Unable to encrypt the directory.");
}
finally
{
Globals.Overwrite = overwriteOption;
}
}
public static void UsingPassword(string directoryPath, byte[] passwordBytes)
{
try
{
string[] filePaths = GetFiles(directoryPath);
string saltFilePath = Path.Combine(directoryPath, Constants.SaltFile);
if (!File.Exists(saltFilePath))
{
throw new FileNotFoundException("No salt file found. Unable to decrypt the directory. Please decrypt these files individually.");
}
byte[] salt = File.ReadAllBytes(saltFilePath);
if (salt.Length != Constants.SaltLength)
{
throw new ArgumentException("Invalid salt length.");
}
byte[] keyEncryptionKey = Argon2.DeriveKey(passwordBytes, salt);
DecryptEachFileWithPassword(filePaths, keyEncryptionKey);
Finalize(directoryPath, saltFilePath);
}
catch (Exception ex) when(ExceptionFilters.FileAccess(ex))
{
Logging.LogException(ex.ToString(), Logging.Severity.Error);
if (ex is ArgumentException || ex is FileNotFoundException)
{
DisplayMessage.FilePathError(directoryPath, ex.Message);
return;
}
DisplayMessage.FilePathException(directoryPath, ex.GetType().Name, "Unable to decrypt the directory.");
}
}
private static void UsingPassword(string inputFilePath, byte[] passwordBytes)
{
try
{
bool fileIsDirectory = FileHandling.IsDirectory(inputFilePath);
if (fileIsDirectory)
{
DirectoryEncryption.UsingPassword(inputFilePath, passwordBytes);
return;
}
// Derive a unique KEK per file
byte[] salt = Generate.Salt();
byte[] keyEncryptionKey = Argon2.DeriveKey(passwordBytes, salt);
// Fill unused header with random public key
byte[] ephemeralPublicKey = Generate.EphemeralPublicKeyHeader();
string outputFilePath = GetOutputFilePath(inputFilePath);
EncryptFile.Initialize(inputFilePath, outputFilePath, ephemeralPublicKey, salt, keyEncryptionKey);
CryptographicOperations.ZeroMemory(keyEncryptionKey);
EncryptionSuccessful(inputFilePath, outputFilePath);
}
catch (Exception ex) when(ExceptionFilters.Cryptography(ex))
{
DisplayMessage.FilePathException(inputFilePath, ex.GetType().Name, "Unable to encrypt the file.");
}
}
public static void SignEachFile(byte[] privateKey, string comment, bool preHash, string[] filePaths)
{
privateKey = PrivateKey.Decrypt(privateKey);
if (privateKey == null)
{
return;
}
if (string.IsNullOrEmpty(comment))
{
comment = _defaultComment;
}
foreach (string filePath in filePaths)
{
try
{
DigitalSignatures.SignFile(filePath, comment, preHash, privateKey);
DisplayMessage.FilePathMessage(filePath, "File signed successfully.");
}
catch (Exception ex) when(ExceptionFilters.Cryptography(ex))
{
Logging.LogException(ex.ToString(), Logging.Severity.Error);
DisplayMessage.FilePathException(filePath, ex.GetType().Name, "Unable to create signature.");
}
}
Utilities.ZeroArray(privateKey);
}
public static void SignEachFile(string[] filePaths, string signatureFilePath, string comment, bool preHash, byte[] privateKey)
{
privateKey = PrivateKey.Decrypt(privateKey);
if (privateKey == null)
{
return;
}
if (string.IsNullOrEmpty(comment))
{
comment = _defaultComment;
}
foreach (string filePath in filePaths)
{
try
{
DigitalSignatures.SignFile(filePath, signatureFilePath, comment, preHash, privateKey);
DisplayMessage.FilePathMessage(filePath, "File signed successfully.");
}
catch (Exception ex) when(ExceptionFilters.Cryptography(ex))
{
DisplayMessage.FilePathException(filePath, ex.GetType().Name, "Unable to create signature.");
}
}
CryptographicOperations.ZeroMemory(privateKey);
}
public static string KeyfilePath(string keyfilePath)
{
try
{
const string keyfileExtension = ".key";
// Generate a random keyfile
if (Directory.Exists(keyfilePath))
{
string randomFileName = ObfuscateFileName.GetRandomFileName() + keyfileExtension;
keyfilePath = Path.Combine(keyfilePath, randomFileName);
}
// Append keyfile extension if missing
if (!keyfilePath.EndsWith(keyfileExtension, StringComparison.InvariantCulture))
{
keyfilePath += keyfileExtension;
}
Keyfiles.GenerateKeyfile(keyfilePath);
return(keyfilePath);
}
catch (Exception ex) when(ExceptionFilters.FileAccess(ex))
{
Logging.LogException(ex.ToString(), Logging.Severity.Error);
DisplayMessage.FilePathException(keyfilePath, ex.GetType().Name, "Unable to randomly generate keyfile.");
return(null);
}
}
public static void GenerateNewKeyPair(string exportDirectoryPath)
{
try
{
int keyPairType = GetKeyPairType();
bool validUserInput = FilePathValidation.GenerateKeyPair(exportDirectoryPath, keyPairType);
if (!validUserInput)
{
return;
}
string publicKey, privateKey, publicKeyPath, privateKeyPath;
if (keyPairType == 1)
{
(publicKey, privateKey) = AsymmetricKeys.GenerateEncryptionKeyPair();
(publicKeyPath, privateKeyPath) = AsymmetricKeys.ExportEncryptionKeyPair(exportDirectoryPath, publicKey, privateKey);
}
else
{
(publicKey, privateKey) = AsymmetricKeys.GenerateSigningKeyPair();
(publicKeyPath, privateKeyPath) = AsymmetricKeys.ExportSigningKeyPair(exportDirectoryPath, publicKey, privateKey);
}
DisplayKeyPair(publicKey, publicKeyPath, privateKeyPath);
}
catch (Exception ex) when(ExceptionFilters.FileAccess(ex))
{
Logging.LogException(ex.ToString(), Logging.Severity.Error);
DisplayMessage.FilePathException(exportDirectoryPath, ex.GetType().Name, "Unable to export key pair.");
}
}
private static void UsingPassword(string inputFilePath, byte[] passwordBytes)
{
try
{
bool fileIsDirectory = FileHandling.IsDirectory(inputFilePath);
if (fileIsDirectory)
{
DirectoryEncryption.UsingPassword(inputFilePath, passwordBytes);
return;
}
// Derive a unique KEK per file
byte[] salt = Generate.Salt();
byte[] keyEncryptionKey = Argon2.DeriveKey(passwordBytes, salt);
// Fill the ephemeral public key header with random key (since not in use)
byte[] randomEphemeralPublicKeyHeader = Generate.EphemeralPublicKeyHeader();
string outputFilePath = GetOutputFilePath(inputFilePath);
EncryptFile.Initialize(inputFilePath, outputFilePath, randomEphemeralPublicKeyHeader, salt, keyEncryptionKey);
Utilities.ZeroArray(keyEncryptionKey);
EncryptionSuccessful(inputFilePath, outputFilePath);
}
catch (Exception ex) when(ExceptionFilters.FileAccess(ex))
{
Logging.LogException(ex.ToString(), Logging.Severity.Error);
DisplayMessage.FilePathException(inputFilePath, ex.GetType().Name, "Unable to encrypt the file.");
}
}
private static void UsingPublicKey(string inputFilePath, byte[] sharedSecret, byte[] recipientPublicKey)
{
try
{
bool fileIsDirectory = FileHandling.IsDirectory(inputFilePath);
if (fileIsDirectory)
{
DirectoryEncryption.UsingPublicKey(inputFilePath, sharedSecret, recipientPublicKey);
return;
}
// Derive a unique KEK per file
(byte[] ephemeralSharedSecret, byte[] ephemeralPublicKey) = KeyExchange.GetEphemeralSharedSecret(recipientPublicKey);
byte[] salt = Generate.Salt();
byte[] keyEncryptionKey = Generate.KeyEncryptionKey(sharedSecret, ephemeralSharedSecret, salt);
string outputFilePath = GetOutputFilePath(inputFilePath);
EncryptFile.Initialize(inputFilePath, outputFilePath, ephemeralPublicKey, salt, keyEncryptionKey);
Utilities.ZeroArray(keyEncryptionKey);
EncryptionSuccessful(inputFilePath, outputFilePath);
}
catch (Exception ex) when(ExceptionFilters.FileAccess(ex))
{
Logging.LogException(ex.ToString(), Logging.Severity.Error);
DisplayMessage.FilePathException(inputFilePath, ex.GetType().Name, "Unable to encrypt the file.");
}
}
private static void RestoreDirectoryName(string obfuscatedDirectoryPath)
{
try
{
string obfuscatedDirectoryName = Path.GetFileName(obfuscatedDirectoryPath);
// Get the path where the original directory name is stored
string storageFileName = $"{obfuscatedDirectoryName}.txt";
string storageFilePath = Path.Combine(obfuscatedDirectoryPath, storageFileName);
if (!File.Exists(storageFilePath))
{
return;
}
string directoryName = File.ReadAllText(storageFilePath);
string directoryPath = obfuscatedDirectoryPath.Replace(obfuscatedDirectoryName, directoryName);
directoryPath = FileHandling.GetUniqueDirectoryPath(directoryPath);
Directory.Move(obfuscatedDirectoryPath, directoryPath);
DisplayMessage.FileEncryptionResult(obfuscatedDirectoryName, directoryName);
storageFilePath = Path.Combine(directoryPath, storageFileName);
FileHandling.DeleteFile(storageFilePath);
}
catch (Exception ex) when(ExceptionFilters.FileAccess(ex))
{
Logging.LogException(ex.ToString(), Logging.Severity.Error);
DisplayMessage.FilePathException(obfuscatedDirectoryPath, ex.GetType().Name, "Unable to restore the directory name.");
}
}
private static void UsingPrivateKey(string inputFilePath, byte[] sharedSecret, byte[] recipientPrivateKey)
{
try
{
bool fileIsDirectory = FileHandling.IsDirectory(inputFilePath);
if (fileIsDirectory)
{
DirectoryDecryption.UsingPrivateKey(inputFilePath, sharedSecret, recipientPrivateKey);
return;
}
byte[] ephemeralPublicKey = FileHeaders.ReadEphemeralPublicKey(inputFilePath);
byte[] ephemeralSharedSecret = KeyExchange.GetSharedSecret(recipientPrivateKey, ephemeralPublicKey);
byte[] salt = FileHeaders.ReadSalt(inputFilePath);
byte[] keyEncryptionKey = Generate.KeyEncryptionKey(sharedSecret, ephemeralSharedSecret, salt);
string outputFilePath = GetOutputFilePath(inputFilePath);
DecryptFile.Initialize(inputFilePath, outputFilePath, keyEncryptionKey);
Utilities.ZeroArray(keyEncryptionKey);
DecryptionSuccessful(inputFilePath, outputFilePath);
}
catch (Exception ex) when(ExceptionFilters.FileAccess(ex))
{
Logging.LogException(ex.ToString(), Logging.Severity.Error);
if (ex is ArgumentException || ex is ArgumentOutOfRangeException)
{
DisplayMessage.FilePathMessage(inputFilePath, ex.Message);
return;
}
DisplayMessage.FilePathException(inputFilePath, ex.GetType().Name, "Unable to decrypt the file.");
}
}
private static void FileException(string inputFilePath, Exception ex)
{
if (ex is ArgumentException)
{
DisplayMessage.FilePathMessage(inputFilePath, ex.Message);
return;
}
DisplayMessage.FilePathException(inputFilePath, ex.GetType().Name, "Unable to decrypt the file.");
}
private static void FileException(string inputFilePath, Exception ex)
{
Logging.LogException(ex.ToString(), Logging.Severity.Error);
if (ex is ArgumentException)
{
DisplayMessage.FilePathMessage(inputFilePath, ex.Message);
return;
}
DisplayMessage.FilePathException(inputFilePath, ex.GetType().Name, "Unable to decrypt the file.");
}
private static void Finalize(string directoryPath)
{
try
{
RestoreDirectoryNames.AllDirectories(directoryPath);
}
catch (Exception ex) when(ExceptionFilters.FileAccess(ex))
{
DisplayMessage.FilePathException(directoryPath, ex.GetType().Name, "Unable to restore the directory names.");
}
}
public static void SetFileAttributesReadOnly(string filePath)
{
try
{
File.SetAttributes(filePath, FileAttributes.ReadOnly);
}
catch (Exception ex) when(ExceptionFilters.FileAccess(ex))
{
DisplayMessage.FilePathException(filePath, ex.GetType().Name, "Unable to make the file read-only.");
}
}
private static void EncryptInputFile(string inputFilePath, string outputFilePath, byte[] ephemeralPublicKey, byte[] salt, byte[] keyEncryptionKey)
{
try
{
EncryptFile.Initialize(inputFilePath, outputFilePath, ephemeralPublicKey, salt, keyEncryptionKey);
FileEncryption.EncryptionSuccessful(inputFilePath, outputFilePath);
}
catch (Exception ex) when(ExceptionFilters.Cryptography(ex))
{
DisplayMessage.FilePathException(inputFilePath, ex.GetType().Name, "Unable to encrypt the file.");
}
}
public static void MakeFileReadOnly(string filePath)
{
try
{
File.SetAttributes(filePath, FileAttributes.ReadOnly);
}
catch (Exception ex) when(ExceptionFilters.FileAccess(ex))
{
Logging.LogException(ex.ToString(), Logging.Severity.Warning);
DisplayMessage.FilePathException(filePath, ex.GetType().Name, "Unable to make the file read-only.");
}
}
public static void UsingPrivateKey(string directoryPath, byte[] privateKey)
{
try
{
string[] filePaths = GetFiles(ref directoryPath);
EncryptEachFileWithPrivateKey(filePaths, privateKey);
}
catch (Exception ex) when(ExceptionFilters.FileAccess(ex))
{
Logging.LogException(ex.ToString(), Logging.Severity.Error);
DisplayMessage.FilePathException(directoryPath, ex.GetType().Name, "Unable to encrypt the directory.");
}
}
public static void OverwriteFile(string fileToDelete, string fileToCopy)
{
try
{
File.Copy(fileToCopy, fileToDelete, overwrite: true);
DeleteFile(fileToDelete);
}
catch (Exception ex) when(ExceptionFilters.FileAccess(ex))
{
Logging.LogException(ex.ToString(), Logging.Severity.Warning);
DisplayMessage.FilePathException(fileToDelete, ex.GetType().Name, "Unable to overwrite the file.");
}
}
public static void OverwriteFile(string fileToDelete, string fileToCopy)
{
try
{
File.SetAttributes(fileToDelete, FileAttributes.Normal);
File.Copy(fileToCopy, fileToDelete, overwrite: true);
File.Delete(fileToDelete);
}
catch (Exception ex) when(ExceptionFilters.FileAccess(ex))
{
DisplayMessage.FilePathException(fileToDelete, ex.GetType().Name, "Unable to overwrite the file.");
}
}
public static void UsingPublicKey(string directoryPath, byte[] sharedSecret, byte[] recipientPrivateKey)
{
try
{
string[] filePaths = GetFiles(directoryPath);
DecryptEachFileWithPublicKey(filePaths, sharedSecret, recipientPrivateKey);
Finalize(directoryPath);
}
catch (Exception ex) when(ExceptionFilters.FileAccess(ex))
{
DisplayMessage.FilePathException(directoryPath, ex.GetType().Name, "Unable to decrypt the directory.");
}
}
private static void Finalize(string directoryPath)
{
try
{
if (Globals.ObfuscateFileNames)
{
RestoreDirectoryNames.AllDirectories(directoryPath);
}
}
catch (Exception ex) when(ExceptionFilters.FileAccess(ex))
{
Logging.LogException(ex.ToString(), Logging.Severity.Error);
DisplayMessage.FilePathException(directoryPath, ex.GetType().Name, "Unable to restore the directory names.");
}
}
public static void RemoveAppendedFileName(string inputFilePath)
{
try
{
File.SetAttributes(inputFilePath, FileAttributes.Normal);
string fileName = Path.GetFileName(inputFilePath);
byte[] fileNameBytes = Encoding.UTF8.GetBytes(fileName);
using var inputFile = new FileStream(inputFilePath, FileMode.Open, FileAccess.ReadWrite, FileShare.Read, Constants.FileStreamBufferSize, FileOptions.RandomAccess);
inputFile.SetLength(inputFile.Length - fileNameBytes.Length);
}
catch (Exception ex) when(ExceptionFilters.FileAccess(ex))
{
DisplayMessage.FilePathException(inputFilePath, ex.GetType().Name, "Unable to remove appended file name.");
}
}
public static void DeleteFile(string filePath)
{
try
{
if (File.Exists(filePath))
{
File.SetAttributes(filePath, FileAttributes.Normal);
File.Delete(filePath);
}
}
catch (Exception ex) when(ExceptionFilters.FileAccess(ex))
{
DisplayMessage.FilePathException(filePath, ex.GetType().Name, "Unable to delete the file.");
}
}
private static string ObfuscateDirectoryName(string directoryPath)
{
try
{
string directoryName = Path.GetFileName(directoryPath);
string obfuscatedPath = ObfuscateFileName.ReplaceFilePath(directoryPath);
Directory.Move(directoryPath, obfuscatedPath);
StoreDirectoryName(directoryName, obfuscatedPath);
return(obfuscatedPath);
}
catch (Exception ex) when(ExceptionFilters.FileAccess(ex))
{
DisplayMessage.FilePathException(directoryPath, ex.GetType().Name, "Unable to obfuscate directory name.");
return(directoryPath);
}
}
public static string GetOutputFilePath(string inputFilePath)
{
try
{
if (Globals.ObfuscateFileNames)
{
ObfuscateFileName.AppendFileName(inputFilePath);
inputFilePath = ObfuscateFileName.ReplaceFilePath(inputFilePath);
}
}
catch (Exception ex) when(ExceptionFilters.FileAccess(ex) || ex is EncoderFallbackException)
{
Logging.LogException(ex.ToString(), Logging.Severity.Error);
DisplayMessage.FilePathException(inputFilePath, ex.GetType().Name, "Unable to store file name.");
}
return(inputFilePath + Constants.EncryptedExtension);
}
public static string GetOutputFilePath(string inputFilePath)
{
try
{
if (Globals.ObfuscateFileNames)
{
ObfuscateFileName.AppendFileName(inputFilePath);
inputFilePath = ObfuscateFileName.ReplaceFilePath(inputFilePath);
}
}
catch (Exception ex) when(ExceptionFilters.FileAccess(ex) || ex is EncoderFallbackException)
{
DisplayMessage.FilePathException(inputFilePath, ex.GetType().Name, "Unable to store file name.");
}
string outputFilePath = inputFilePath + Constants.EncryptedExtension;
return(FileHandling.GetUniqueFilePath(outputFilePath));
}
public static void UsingPassword(string directoryPath, byte[] passwordBytes)
{
try
{
string[] filePaths = GetFiles(ref directoryPath);
// Generate one salt for all files in directory
byte[] salt = Generate.Salt();
CreateSaltFile(directoryPath, salt);
// Perform password hashing once
byte[] keyEncryptionKey = Argon2.DeriveKey(passwordBytes, salt);
EncryptEachFileWithPassword(filePaths, salt, keyEncryptionKey);
}
catch (Exception ex) when(ExceptionFilters.FileAccess(ex))
{
Logging.LogException(ex.ToString(), Logging.Severity.Error);
DisplayMessage.FilePathException(directoryPath, ex.GetType().Name, "Unable to encrypt the directory.");
}
}
private static void DecryptInputFile(string inputFilePath, byte[] keyEncryptionKey)
{
try
{
string outputFilePath = FileDecryption.GetOutputFilePath(inputFilePath);
DecryptFile.Initialize(inputFilePath, outputFilePath, keyEncryptionKey);
FileDecryption.DecryptionSuccessful(inputFilePath, outputFilePath);
}
catch (Exception ex) when(ExceptionFilters.Cryptography(ex))
{
Logging.LogException(ex.ToString(), Logging.Severity.Error);
if (ex is ArgumentException || ex is ArgumentOutOfRangeException)
{
DisplayMessage.FilePathMessage(inputFilePath, ex.Message);
return;
}
DisplayMessage.FilePathException(inputFilePath, ex.GetType().Name, "Unable to decrypt the file.");
}
}