private bool DecryptAssetBase(AssetBase x) { // Check it's encrypted first. if (!x.Description.Contains("ENCASS")) { return(true); } // ENCASS:ALG:AKA:SALT:Description // 0 1 2 3 4 string[] splitchars = new string[1]; splitchars[0] = "#:~:#"; string[] meta = x.Description.Split(splitchars, StringSplitOptions.None); if (meta.Length < 5) { m_log.Warn("[ENCASSETS] Recieved Encrypted Asset, but header is corrupt"); return(false); } // Check if we have a matching key if (m_keyfiles.ContainsKey(meta[2])) { RjinKeyfile deckey = m_keyfiles[meta[2]]; x.Description = meta[4]; switch (meta[1]) { case "OPENSIM_AES_AF1": x.Data = UtilRijndael.Decrypt(x.Data, deckey.Secret, meta[3], "SHA1", 2, deckey.IVBytes, deckey.Keysize); // Decrypted Successfully return(true); default: m_log.Warn( "[ENCASSETS] Recieved Encrypted Asset, but we dont know how to decrypt '" + meta[1] + "'."); // We dont understand this encryption scheme return(false); } } m_log.Warn("[ENCASSETS] Recieved Encrypted Asset, but we do not have the decryption key."); return(false); }
private static void EncryptAssetBase(AssetBase x, RjinKeyfile file) { // Make a salt RNGCryptoServiceProvider RandomGen = new RNGCryptoServiceProvider(); byte[] rand = new byte[32]; RandomGen.GetBytes(rand); string salt = Convert.ToBase64String(rand); x.Data = UtilRijndael.Encrypt(x.Data, file.Secret, salt, "SHA1", 2, file.IVBytes, file.Keysize); x.Description = String.Format("ENCASS#:~:#{0}#:~:#{1}#:~:#{2}#:~:#{3}", "OPENSIM_AES_AF1", file.AlsoKnownAs, salt, x.Description); }
public void Initialise(string serverUrl, string keydir, bool decOnly) { m_log.Debug("[CRYPTOGRID] Common constructor"); _assetServerUrl = serverUrl; string[] keys = Directory.GetFiles(keydir, "*.deckey"); foreach (string key in keys) { XmlSerializer xs = new XmlSerializer(typeof (RjinKeyfile)); FileStream file = new FileStream(key, FileMode.Open, FileAccess.Read); RjinKeyfile rjkey = (RjinKeyfile) xs.Deserialize(file); file.Close(); m_keyfiles.Add(rjkey.AlsoKnownAs, rjkey); } keys = Directory.GetFiles(keydir, "*.enckey"); if (keys.Length == 1) { string Ekey = keys[0]; XmlSerializer Exs = new XmlSerializer(typeof (RjinKeyfile)); FileStream Efile = new FileStream(Ekey, FileMode.Open, FileAccess.Read); RjinKeyfile Erjkey = (RjinKeyfile) Exs.Deserialize(Efile); Efile.Close(); m_keyfiles.Add(Erjkey.AlsoKnownAs, Erjkey); m_encryptKey = Erjkey; } else { if (keys.Length > 1) throw new Exception( "You have more than one asset *encryption* key. (You should never have more than one)," + "If you downloaded this key from someone, rename it to <filename>.deckey to convert it to" + "a decryption-only key."); m_log.Warn("No encryption key found, generating a new one for you..."); RjinKeyfile encKey = new RjinKeyfile(); encKey.GenerateRandom(); m_encryptKey = encKey; FileStream encExportFile = new FileStream("mysecretkey_rename_me.enckey",FileMode.CreateNew); XmlSerializer xs = new XmlSerializer(typeof(RjinKeyfile)); xs.Serialize(encExportFile, encKey); encExportFile.Flush(); encExportFile.Close(); m_log.Info( "Encryption file generated, please rename 'mysecretkey_rename_me.enckey' to something more appropriate (however preserve the file extension)."); } // If Decrypt-Only, dont encrypt on upload m_encryptOnUpload = !decOnly; }
public void Initialise(string serverUrl, string keydir, bool decOnly) { m_log.Debug("[CRYPTOGRID] Common constructor"); _assetServerUrl = serverUrl; string[] keys = Directory.GetFiles(keydir, "*.deckey"); foreach (string key in keys) { XmlSerializer xs = new XmlSerializer(typeof(RjinKeyfile)); FileStream file = new FileStream(key, FileMode.Open, FileAccess.Read); RjinKeyfile rjkey = (RjinKeyfile)xs.Deserialize(file); file.Close(); m_keyfiles.Add(rjkey.AlsoKnownAs, rjkey); } keys = Directory.GetFiles(keydir, "*.enckey"); if (keys.Length == 1) { string Ekey = keys[0]; XmlSerializer Exs = new XmlSerializer(typeof(RjinKeyfile)); FileStream Efile = new FileStream(Ekey, FileMode.Open, FileAccess.Read); RjinKeyfile Erjkey = (RjinKeyfile)Exs.Deserialize(Efile); Efile.Close(); m_keyfiles.Add(Erjkey.AlsoKnownAs, Erjkey); m_encryptKey = Erjkey; } else { if (keys.Length > 1) { throw new Exception( "You have more than one asset *encryption* key. (You should never have more than one)," + "If you downloaded this key from someone, rename it to <filename>.deckey to convert it to" + "a decryption-only key."); } m_log.Warn("No encryption key found, generating a new one for you..."); RjinKeyfile encKey = new RjinKeyfile(); encKey.GenerateRandom(); m_encryptKey = encKey; FileStream encExportFile = new FileStream("mysecretkey_rename_me.enckey", FileMode.CreateNew); XmlSerializer xs = new XmlSerializer(typeof(RjinKeyfile)); xs.Serialize(encExportFile, encKey); encExportFile.Flush(); encExportFile.Close(); m_log.Info( "Encryption file generated, please rename 'mysecretkey_rename_me.enckey' to something more appropriate (however preserve the file extension)."); } // If Decrypt-Only, dont encrypt on upload m_encryptOnUpload = !decOnly; }