private bool DecryptAssetBase(AssetBase x)
{
// Check it's encrypted first.
if (!x.Description.Contains("ENCASS"))
{
return(true);
}
// ENCASS:ALG:AKA:SALT:Description
// 0 1 2 3 4
string[] splitchars = new string[1];
splitchars[0] = "#:~:#";
string[] meta = x.Description.Split(splitchars, StringSplitOptions.None);
if (meta.Length < 5)
{
m_log.Warn("[ENCASSETS] Recieved Encrypted Asset, but header is corrupt");
return(false);
}
// Check if we have a matching key
if (m_keyfiles.ContainsKey(meta[2]))
{
RjinKeyfile deckey = m_keyfiles[meta[2]];
x.Description = meta[4];
switch (meta[1])
{
case "OPENSIM_AES_AF1":
x.Data = UtilRijndael.Decrypt(x.Data,
deckey.Secret,
meta[3],
"SHA1",
2,
deckey.IVBytes,
deckey.Keysize);
// Decrypted Successfully
return(true);
default:
m_log.Warn(
"[ENCASSETS] Recieved Encrypted Asset, but we dont know how to decrypt '" + meta[1] + "'.");
// We dont understand this encryption scheme
return(false);
}
}
m_log.Warn("[ENCASSETS] Recieved Encrypted Asset, but we do not have the decryption key.");
return(false);
}
private static void EncryptAssetBase(AssetBase x, RjinKeyfile file)
{
// Make a salt
RNGCryptoServiceProvider RandomGen = new RNGCryptoServiceProvider();
byte[] rand = new byte[32];
RandomGen.GetBytes(rand);
string salt = Convert.ToBase64String(rand);
x.Data = UtilRijndael.Encrypt(x.Data, file.Secret, salt, "SHA1", 2, file.IVBytes, file.Keysize);
x.Description = String.Format("ENCASS#:~:#{0}#:~:#{1}#:~:#{2}#:~:#{3}",
"OPENSIM_AES_AF1",
file.AlsoKnownAs,
salt,
x.Description);
}
private static void EncryptAssetBase(AssetBase x, RjinKeyfile file)
{
// Make a salt
RNGCryptoServiceProvider RandomGen = new RNGCryptoServiceProvider();
byte[] rand = new byte[32];
RandomGen.GetBytes(rand);
string salt = Convert.ToBase64String(rand);
x.Data = UtilRijndael.Encrypt(x.Data, file.Secret, salt, "SHA1", 2, file.IVBytes, file.Keysize);
x.Description = String.Format("ENCASS#:~:#{0}#:~:#{1}#:~:#{2}#:~:#{3}",
"OPENSIM_AES_AF1",
file.AlsoKnownAs,
salt,
x.Description);
}
public void Initialise(string serverUrl, string keydir, bool decOnly)
{
m_log.Debug("[CRYPTOGRID] Common constructor");
_assetServerUrl = serverUrl;
string[] keys = Directory.GetFiles(keydir, "*.deckey");
foreach (string key in keys)
{
XmlSerializer xs = new XmlSerializer(typeof (RjinKeyfile));
FileStream file = new FileStream(key, FileMode.Open, FileAccess.Read);
RjinKeyfile rjkey = (RjinKeyfile) xs.Deserialize(file);
file.Close();
m_keyfiles.Add(rjkey.AlsoKnownAs, rjkey);
}
keys = Directory.GetFiles(keydir, "*.enckey");
if (keys.Length == 1)
{
string Ekey = keys[0];
XmlSerializer Exs = new XmlSerializer(typeof (RjinKeyfile));
FileStream Efile = new FileStream(Ekey, FileMode.Open, FileAccess.Read);
RjinKeyfile Erjkey = (RjinKeyfile) Exs.Deserialize(Efile);
Efile.Close();
m_keyfiles.Add(Erjkey.AlsoKnownAs, Erjkey);
m_encryptKey = Erjkey;
} else
{
if (keys.Length > 1)
throw new Exception(
"You have more than one asset *encryption* key. (You should never have more than one)," +
"If you downloaded this key from someone, rename it to <filename>.deckey to convert it to" +
"a decryption-only key.");
m_log.Warn("No encryption key found, generating a new one for you...");
RjinKeyfile encKey = new RjinKeyfile();
encKey.GenerateRandom();
m_encryptKey = encKey;
FileStream encExportFile = new FileStream("mysecretkey_rename_me.enckey",FileMode.CreateNew);
XmlSerializer xs = new XmlSerializer(typeof(RjinKeyfile));
xs.Serialize(encExportFile, encKey);
encExportFile.Flush();
encExportFile.Close();
m_log.Info(
"Encryption file generated, please rename 'mysecretkey_rename_me.enckey' to something more appropriate (however preserve the file extension).");
}
// If Decrypt-Only, dont encrypt on upload
m_encryptOnUpload = !decOnly;
}
public void Initialise(string serverUrl, string keydir, bool decOnly)
{
m_log.Debug("[CRYPTOGRID] Common constructor");
_assetServerUrl = serverUrl;
string[] keys = Directory.GetFiles(keydir, "*.deckey");
foreach (string key in keys)
{
XmlSerializer xs = new XmlSerializer(typeof(RjinKeyfile));
FileStream file = new FileStream(key, FileMode.Open, FileAccess.Read);
RjinKeyfile rjkey = (RjinKeyfile)xs.Deserialize(file);
file.Close();
m_keyfiles.Add(rjkey.AlsoKnownAs, rjkey);
}
keys = Directory.GetFiles(keydir, "*.enckey");
if (keys.Length == 1)
{
string Ekey = keys[0];
XmlSerializer Exs = new XmlSerializer(typeof(RjinKeyfile));
FileStream Efile = new FileStream(Ekey, FileMode.Open, FileAccess.Read);
RjinKeyfile Erjkey = (RjinKeyfile)Exs.Deserialize(Efile);
Efile.Close();
m_keyfiles.Add(Erjkey.AlsoKnownAs, Erjkey);
m_encryptKey = Erjkey;
}
else
{
if (keys.Length > 1)
{
throw new Exception(
"You have more than one asset *encryption* key. (You should never have more than one)," +
"If you downloaded this key from someone, rename it to <filename>.deckey to convert it to" +
"a decryption-only key.");
}
m_log.Warn("No encryption key found, generating a new one for you...");
RjinKeyfile encKey = new RjinKeyfile();
encKey.GenerateRandom();
m_encryptKey = encKey;
FileStream encExportFile = new FileStream("mysecretkey_rename_me.enckey", FileMode.CreateNew);
XmlSerializer xs = new XmlSerializer(typeof(RjinKeyfile));
xs.Serialize(encExportFile, encKey);
encExportFile.Flush();
encExportFile.Close();
m_log.Info(
"Encryption file generated, please rename 'mysecretkey_rename_me.enckey' to something more appropriate (however preserve the file extension).");
}
// If Decrypt-Only, dont encrypt on upload
m_encryptOnUpload = !decOnly;
}
