/// <summary> /// Decrypts the specified encrypted file /// </summary> /// <param name="thumbprint">The thumbprint of the certificate corresponding to the public key used to encrypt the file</param> /// <param name="ciphertextFilePath">The fully-qualified path of the encrypted file</param> /// <param name="plaintextFilePath">The fully-qualified path in which to write the decrypted file</param> /// <param name="Context">The certificate store where the encryption certificate resides</param> /// <param name="verbose">True enables verbose logging</param> /// <returns>True or false depending upon whether the file decryption succeeded</returns> /// <example> /// <code> /// string thumbprint = @"ccdc673c40ebb2a433300c0c8a2ba6f443da5688"; /// <see cref="X509Context"/> certStore = <see cref="X509Context"/>.<see cref="X509Context.UserReadOnly"/>; /// string encryptedFilePath = @"C:\Data\accounts.csv.ctx"; /// bool success = <see cref="X509Utils"/>.DecryptFile(thumbprint, encryptedFilePath, certStore); /// </code> /// </example> public static bool DecryptFile(string thumbprint, string ciphertextFilePath, string plaintextFilePath, X509Context Context, bool verbose = false) { CheckForFile(ciphertextFilePath); File.Delete(plaintextFilePath); using (X509CryptoAgent cryptoAgent = new X509CryptoAgent(FormatThumbprint(thumbprint), Context)) { cryptoAgent.DecryptFile(ciphertextFilePath, plaintextFilePath); } return(File.Exists(plaintextFilePath)); }
/// <summary> /// Recovers the specified encrypted file /// </summary> /// <param name="inFile">The path to the encrypted file to be recovered. Path must exist</param> /// <param name="outFile">The path in which to write the recovered plaintext file</param> /// <param name="wipeTimesToWrite">Performs n-pass forensic wipe of the disk sectors where the input file was stored.</param> public void DecryptFile(string inFile, string outFile, int wipeTimesToWrite = 0) { using (X509CryptoAgent Agent = new X509CryptoAgent(this)) { Agent.DecryptFile(inFile, outFile); } if (!File.Exists(outFile)) { throw new X509CryptoException($"Unable to decrypt the file \"{inFile}\". The plaintext file \"{outFile}\" could not be created."); } if (wipeTimesToWrite > 0) { X509Utils.WipeFile(inFile, wipeTimesToWrite); } }