private void Initialize(long keyWrapIterations)
{
DerivationSalt = _keyEncryptingKey.DerivationSalt;
DerivationIterations = _keyEncryptingKey.DerivationIterations;
Salt salt = new Salt(_keyEncryptingKey.DerivedKey.Size);
KeyWrap keyWrap = new KeyWrap(salt, keyWrapIterations, KeyWrapMode.Specification);
ICrypto crypto = _cryptoFactory.CreateCrypto(_keyEncryptingKey.DerivedKey, null, 0);
_unwrappedKeyData = Resolve.RandomGenerator.Generate(_keyEncryptingKey.DerivedKey.Size / 8 + crypto.BlockLength);
byte[] wrappedKeyData = keyWrap.Wrap(crypto, _unwrappedKeyData);
Set(wrappedKeyData, salt, keyWrapIterations);
}
public async Task TestAddingSingleV2AsymmetricKeyWrap()
{
EncryptionParameters encryptionParameters = new EncryptionParameters(new V2Aes256CryptoFactory().CryptoId, new Passphrase("allan"));
IAsymmetricPublicKey publicKey = New <IAsymmetricFactory>().CreatePublicKey(Resources.PublicKey1);
await encryptionParameters.AddAsync(new UserPublicKey[] { new UserPublicKey(EmailAddress.Parse("*****@*****.**"), publicKey), });
V2DocumentHeaders documentHeaders = new V2DocumentHeaders(encryptionParameters, 1000);
IEnumerable <V2AsymmetricKeyWrapHeaderBlock> wraps = documentHeaders.Headers.HeaderBlocks.OfType <V2AsymmetricKeyWrapHeaderBlock>();
Assert.That(wraps.Count(), Is.EqualTo(1), "There should be one V2AsymmetricKeyWrapHeaderBlock found.");
V2AsymmetricKeyWrapHeaderBlock block1 = wraps.First();
ICryptoFactory cryptoFactory = Resolve.CryptoFactory.Create(encryptionParameters.CryptoId);
IAsymmetricPrivateKey privateKey1 = New <IAsymmetricFactory>().CreatePrivateKey(Resources.PrivateKey1);
block1.SetPrivateKey(cryptoFactory, privateKey1);
ICrypto cryptoFromAsymmetricKey = block1.Crypto(0);
V2KeyWrapHeaderBlock symmetricKeyWrap = documentHeaders.Headers.HeaderBlocks.OfType <V2KeyWrapHeaderBlock>().First();
ICrypto cryptoFromSymmetricKey = cryptoFactory.CreateCrypto(symmetricKeyWrap.MasterKey, symmetricKeyWrap.MasterIV, 0);
Assert.That(cryptoFromAsymmetricKey.Key, Is.EqualTo(cryptoFromSymmetricKey.Key), "The keys from Asymmetric and Symmetric should be equal.");
IAsymmetricPrivateKey privateKey2 = New <IAsymmetricFactory>().CreatePrivateKey(Resources.PrivateKey2);
block1.SetPrivateKey(cryptoFactory, privateKey2);
ICrypto cryptoFromAsymmetricKey1WithKey2 = block1.Crypto(0);
Assert.That(cryptoFromAsymmetricKey1WithKey2, Is.Null, "There should be no valid key set and thus no ICrypto instance returned.");
}
public WrapIterator(Guid cryptoId)
{
ICryptoFactory factory = Resolve.CryptoFactory.Create(cryptoId);
_dummyCrypto = factory.CreateCrypto(factory.CreateDerivedKey(new Passphrase("A dummy passphrase")).DerivedKey, null, 0);
_dummySalt = new Salt(_dummyCrypto.Key.Size);
_dummyKey = new SymmetricKey(_dummyCrypto.Key.Size);
}
/// <summary>
/// Instantiate a thumb print
/// </summary>
/// <param name="passphrase">The passphrase to thumbprint.</param>
/// <param name="salt">The salt to use.</param>
public SymmetricKeyThumbprint(Passphrase passphrase, Salt salt, long keyWrapIterations)
{
if (passphrase == null)
{
throw new ArgumentNullException("passphrase");
}
if (salt == null)
{
throw new ArgumentNullException("salt");
}
ICryptoFactory factory = Resolve.CryptoFactory.Minimum;
ICrypto crypto = factory.CreateCrypto(factory.RestoreDerivedKey(passphrase, salt, CryptoFactory.DerivationIterations).DerivedKey, null, 0);
KeyWrap keyWrap = new KeyWrap(salt, keyWrapIterations, KeyWrapMode.Specification);
byte[] wrap = keyWrap.Wrap(crypto, crypto.Key);
_bytes = wrap.Reduce(6);
}
/// <summary>
/// Create an ICrypto instance from the decrypted asymmetric key wrap if possible.
/// </summary>
/// <param name="keyStreamOffset"></param>
/// <returns>An ICrypto instance, initialized with key and iv, or null if no valid key is set.</returns>
public ICrypto Crypto(long keyStreamOffset)
{
byte[] iv = new byte[_cryptoFactory.BlockSize / 8];
byte[] masterKey = new byte[_cryptoFactory.KeySize / 8];
if (DecryptedDataBlock.Length == 0)
{
return(null);
}
if (DecryptedDataBlock.Length != masterKey.Length + iv.Length)
{
return(null);
}
Array.Copy(DecryptedDataBlock, 0, masterKey, 0, masterKey.Length);
Array.Copy(DecryptedDataBlock, masterKey.Length, iv, 0, iv.Length);
ICrypto crypto = _cryptoFactory.CreateCrypto(new SymmetricKey(masterKey), new SymmetricIV(iv), keyStreamOffset);
return(crypto);
}
