Ejemplo n.º 1
0
        static Result Decrypt(string encryptedFilePath, EncryptedFileInfo encryptionInfoXml, string privateKeyXml)
        {
            var folderPath = Path.GetDirectoryName(encryptedFilePath);
            var filePath   = Path.Combine(folderPath, encryptionInfoXml.FileName);

            var aesKey = DecryptBytesRsa(Convert.FromBase64String(encryptionInfoXml.EncryptedAesKey), privateKeyXml);
            var aesIv  = DecryptBytesRsa(Convert.FromBase64String(encryptionInfoXml.EncryptedAesIv), privateKeyXml);

            var signatureKey         = DecryptBytesRsa(Convert.FromBase64String(encryptionInfoXml.EncryptedFileDigestKey), privateKeyXml);
            var signatureCalculated  = Convert.ToBase64String(CryptoHashers.CalculateFileDigest(encryptedFilePath, encryptionInfoXml.FileDigestHashAlgorithmType, signatureKey));
            var signatureTransmitted = encryptionInfoXml.EncryptedFileDigest;

            if (signatureTransmitted != signatureCalculated)
            {
                return(Result.Fail(
                           "File manifest calculated for the encrypted file does not match the value in the XML doc. File may have been modified, aborting decryption operation."));
            }

            using (var aes = new AesCryptoServiceProvider {
                KeySize = 128, Key = aesKey, IV = aesIv
            })
                using (var decryptor = aes.CreateDecryptor())
                    using (var fsPlain = File.Open(filePath, FileMode.Create, FileAccess.Write, FileShare.None))
                        using (var fsEncrypted = File.Open(encryptedFilePath, FileMode.Open, FileAccess.Read, FileShare.Read))
                            using (var cs = new CryptoStream(fsPlain, decryptor, CryptoStreamMode.Write))
                            {
                                fsEncrypted.CopyTo(cs);
                            }

            return(Result.Ok());
        }
Ejemplo n.º 2
0
        static EncryptedFileInfo Encrypt(string filePath, string publicKeyXml, HashAlgorithmType hashAlgorithm)
        {
            var folderPath        = Path.GetDirectoryName(filePath);
            var fileName          = Path.GetFileName(filePath);
            var encryptedFileName = $"{fileName}.encrypted";
            var encryptedFilePath = Path.Combine(folderPath, encryptedFileName);

            var signatureKey  = CryptoRandom.GetRandomBytes(64);
            var encryptionKey = CryptoRandom.GetRandomBytes(16);
            var encryptionIv  = CryptoRandom.GetRandomBytes(16);

            using (var aes = new AesCryptoServiceProvider {
                KeySize = 128, Key = encryptionKey, IV = encryptionIv
            })
                using (var encryptor = aes.CreateEncryptor())
                    using (var fsInput = File.Open(filePath, FileMode.Open, FileAccess.Read, FileShare.Read))
                        using (var fsEncrypted = File.Open(encryptedFilePath, FileMode.Create, FileAccess.Write, FileShare.None))
                            using (var cs = new CryptoStream(fsEncrypted, encryptor, CryptoStreamMode.Write))
                            {
                                fsInput.CopyTo(cs);
                            }

            var encryptedAesKey = Convert.ToBase64String(EncryptBytesRsa(encryptionKey, publicKeyXml));
            var encryptedAesIv  = Convert.ToBase64String(EncryptBytesRsa(encryptionIv, publicKeyXml));

            var encryptedFileDigestKey   = Convert.ToBase64String(EncryptBytesRsa(signatureKey, publicKeyXml));
            var encryptedFileDigestBytes = CryptoHashers.CalculateFileDigest(encryptedFilePath, hashAlgorithm, signatureKey);
            var encryptedFileDigest      = Convert.ToBase64String(encryptedFileDigestBytes);

            return(new EncryptedFileInfo
            {
                FileName = fileName,
                EncryptedFileName = encryptedFileName,
                FileEncryptionAlgorithmType = CipherAlgorithmType.Aes128,
                EncryptedAesKey = encryptedAesKey,
                EncryptedAesIv = encryptedAesIv,
                FileDigestHashAlgorithmType = hashAlgorithm,
                EncryptedFileDigest = encryptedFileDigest,
                FileDigestKeyEncryptionAlgorithmType = ExchangeAlgorithmType.RsaKeyX,
                EncryptedFileDigestKey = encryptedFileDigestKey
            });
        }