Ejemplo n.º 1
0
        public IDictionary <String, Object> Encrypt(IDictionary <String, Object> map)
        {
            //requestMap is a SmartMap it offers a easy way to do nested lookups.
            SmartMap smartMap = new SmartMap(map);

            if (this.publicKey != null)
            {
                foreach (String fieldToEncrypt in configuration.FieldsToEncrypt)
                {
                    if (smartMap.ContainsKey(fieldToEncrypt))
                    {
                        String payload = null;

                        // 1) extract the encryptedData from map
                        Object tmpObjectToEncrypt = smartMap.Get(fieldToEncrypt);
                        smartMap.Remove(fieldToEncrypt);

                        if (tmpObjectToEncrypt.GetType() == typeof(Dictionary <String, Object>))
                        {
                            // 2) create json string
                            payload = JsonConvert.SerializeObject(tmpObjectToEncrypt);
                            // 3) escaping the string
                            payload = CryptUtil.SanitizeJson(payload);
                        }
                        else
                        {
                            payload = tmpObjectToEncrypt.ToString();
                        }

                        Tuple <byte[], byte[], byte[]> aesResult = CryptUtil.EncryptAES(System.Text.Encoding.UTF8.GetBytes(payload), configuration.SymmetricKeysize, configuration.SymmetricMode, configuration.SymmetricPadding);

                        // 4) generate random iv
                        byte[] ivBytes = aesResult.Item1;
                        // 5) generate AES SecretKey
                        byte[] secretKeyBytes = aesResult.Item2;
                        // 6) encrypt payload
                        byte[] encryptedDataBytes = aesResult.Item3;

                        String ivValue            = CryptUtil.Encode(ivBytes, configuration.DataEncoding);
                        String encryptedDataValue = CryptUtil.Encode(encryptedDataBytes, configuration.DataEncoding);

                        // 7) encrypt secretKey with issuer key
                        byte[] encryptedSecretKey = CryptUtil.EncrytptRSA(secretKeyBytes, this.publicKey, configuration.OaepEncryptionPadding);
                        String encryptedKeyValue  = CryptUtil.Encode(encryptedSecretKey, configuration.DataEncoding);

                        String fingerprintHexString = publicKeyFingerPrint;

                        String baseKey = "";
                        if (fieldToEncrypt.IndexOf(".") > 0)
                        {
                            baseKey  = fieldToEncrypt.Substring(0, fieldToEncrypt.IndexOf("."));
                            baseKey += ".";
                        }

                        if (configuration.PublicKeyFingerprintFiledName != null)
                        {
                            smartMap.Add(baseKey + configuration.PublicKeyFingerprintFiledName, fingerprintHexString);
                        }
                        if (configuration.OaepHashingAlgorithmFieldName != null)
                        {
                            smartMap.Add(baseKey + configuration.OaepHashingAlgorithmFieldName, configuration.OaepHashingAlgorithm);
                        }
                        smartMap.Add(baseKey + configuration.IvFieldName, ivValue);
                        smartMap.Add(baseKey + configuration.EncryptedKeyFiledName, encryptedKeyValue);
                        smartMap.Add(baseKey + configuration.EncryptedDataFieldName, encryptedDataValue);

                        break;
                    }
                }
            }
            return(smartMap);
        }
Ejemplo n.º 2
0
        public IDictionary <String, Object> Decrypt(IDictionary <String, Object> map)
        {
            SmartMap smartMap = new SmartMap(map);

            foreach (String fieldToDecrypt in configuration.FieldsToDecrypt)
            {
                if (smartMap.ContainsKey(fieldToDecrypt))
                {
                    String baseKey = "";
                    if (fieldToDecrypt.IndexOf(".") > 0)
                    {
                        baseKey  = fieldToDecrypt.Substring(0, fieldToDecrypt.LastIndexOf("."));
                        baseKey += ".";
                    }

                    //need to read the key
                    String encryptedKey = (String)smartMap.Get(baseKey + configuration.EncryptedKeyFiledName);
                    smartMap.Remove(baseKey + configuration.EncryptedKeyFiledName);

                    byte[] encryptedKeyByteArray = CryptUtil.Decode(encryptedKey, configuration.DataEncoding);

                    //need to decryt with RSA
                    byte[] secretKeyBytes = null;
                    if (smartMap.ContainsKey(baseKey + configuration.OaepHashingAlgorithmFieldName))
                    {
                        string oaepHashingAlgorithm = (String)smartMap.Get(baseKey + configuration.OaepHashingAlgorithmFieldName);
                        oaepHashingAlgorithm = oaepHashingAlgorithm.Replace("SHA", "SHA-");
                        RSAEncryptionPadding customEncryptionPadding = configuration.OaepEncryptionPadding;
                        if (oaepHashingAlgorithm.Equals("SHA-256"))
                        {
                            customEncryptionPadding = RSAEncryptionPadding.OaepSHA256;
                        }
                        else if (oaepHashingAlgorithm.Equals("SHA-512"))
                        {
                            customEncryptionPadding = RSAEncryptionPadding.OaepSHA512;
                        }
                        secretKeyBytes = CryptUtil.DecryptRSA(encryptedKeyByteArray, this.privateKey, customEncryptionPadding);
                    }
                    else
                    {
                        secretKeyBytes = CryptUtil.DecryptRSA(encryptedKeyByteArray, this.privateKey, configuration.OaepEncryptionPadding);
                    }



                    //need to read the iv
                    String ivString = (String)smartMap.Get(baseKey + configuration.IvFieldName);
                    smartMap.Remove(baseKey + configuration.IvFieldName);

                    byte[] ivByteArray = CryptUtil.Decode(ivString.ToString(), configuration.DataEncoding);

                    // remove the field that are not required in the map
                    if (smartMap.ContainsKey(configuration.PublicKeyFingerprintFiledName))
                    {
                        smartMap.Remove(configuration.PublicKeyFingerprintFiledName);
                    }

                    //need to decrypt the data
                    String encryptedData = (String)smartMap.Get(baseKey + configuration.EncryptedDataFieldName);
                    smartMap.Remove(baseKey + configuration.EncryptedDataFieldName);
                    byte[] encryptedDataByteArray = CryptUtil.Decode(encryptedData, configuration.DataEncoding);

                    byte[] decryptedDataByteArray = CryptUtil.DecryptAES(ivByteArray, secretKeyBytes, encryptedDataByteArray, configuration.SymmetricKeysize, configuration.SymmetricMode, configuration.SymmetricPadding);
                    String decryptedDataString    = System.Text.Encoding.UTF8.GetString(decryptedDataByteArray);

                    if (decryptedDataString.StartsWith("{"))
                    {
                        Dictionary <String, Object> decryptedDataMap = JsonConvert.DeserializeObject <Dictionary <String, Object> >(decryptedDataString);
                        foreach (KeyValuePair <String, Object> entry in decryptedDataMap)
                        {
                            smartMap.Add(baseKey + configuration.EncryptedDataFieldName + "." + entry.Key, entry.Value);
                        }
                    }
                    else
                    {
                        smartMap.Add(baseKey + configuration.EncryptedDataFieldName, decryptedDataString);
                    }

                    break;
                }
            }
            return(smartMap);
        }