private static Stream ReadAgileEncryptionInfo(TOle2File DataStream, TEncryptionData Encryption)
{
byte[] Enc = new byte[DataStream.Length - DataStream.Position];
DataStream.Read(Enc, Enc.Length);
TEncryptionParameters DataEncParams = new TEncryptionParameters();
TAgileEncryptionKey DataKey = new TAgileEncryptionKey();
TAgileEncryptionVerifier KeyVerifier = new TAgileEncryptionVerifier();
TEncryptionParameters KeyEncParams = new TEncryptionParameters();
TAgileEncryptionKey KeyKey = new TAgileEncryptionKey();
using (MemoryStream ms = new MemoryStream(Enc))
{
using (XmlReader xml = XmlReader.Create(ms))
{
xml.ReadStartElement("encryption"); //goes to keyData
ReadAgileCipherParams(xml, DataEncParams, DataKey);
xml.ReadStartElement("keyData"); //goes to dataIntegrity
//We are not checking data integrity at the moment.
//DataIntegrity.EncryptedHMacKey = Convert.FromBase64String(xml.GetAttribute("encryptedHmacKey"));
//DataIntegrity.EncryptedHmacValue = Convert.FromBase64String(xml.GetAttribute("encryptedHmacValue"));
xml.ReadStartElement("dataIntegrity"); //goes to keyEncryptors
xml.ReadStartElement("keyEncryptors"); //goes to keyEncryptor
xml.ReadStartElement("keyEncryptor"); //goes to encryptedKey
KeyKey.SpinCount = Convert.ToInt32(xml.GetAttribute("spinCount"), CultureInfo.InvariantCulture);
ReadAgileCipherParams(xml, KeyEncParams, KeyKey);
KeyVerifier.EncryptedVerifierHashInput = Convert.FromBase64String(xml.GetAttribute("encryptedVerifierHashInput"));
KeyVerifier.EncryptedVerifierHashValue = Convert.FromBase64String(xml.GetAttribute("encryptedVerifierHashValue"));
KeyVerifier.EncryptedKeyValue = Convert.FromBase64String(xml.GetAttribute("encryptedKeyValue"));
}
}
CheckPassword(Encryption, KeyVerifier, KeyEncParams, KeyKey);
DataKey.Key = KeyKey.Key;
DataKey.Password = KeyKey.Password;
DataKey.CalcDataIV(0);
return(DecryptStream(DataStream, DataEncParams, DataKey));
}
private byte[] GetInfoStreamXml(AesManaged EncEngine, TEncryptionParameters EncParams, TAgileEncryptionKey KeyKey, TAgileEncryptionKey DataKey)
{
const string KeyEncryptorPasswordNamespace = "http://schemas.microsoft.com/office/2006/keyEncryptor/password";
using (MemoryStream ms = new MemoryStream())
{
XmlWriterSettings Settings = new XmlWriterSettings();
Settings.Encoding = new System.Text.UTF8Encoding(false);
using (XmlWriter xml = XmlWriter.Create(ms, Settings))
{
xml.WriteStartDocument(true);
xml.WriteStartElement("encryption", "http://schemas.microsoft.com/office/2006/encryption");
xml.WriteAttributeString("xmlns", "p", null, KeyEncryptorPasswordNamespace);
xml.WriteStartElement("keyData");
WriteAgileCipherParams(xml, EncParams, DataKey);
xml.WriteEndElement();
xml.WriteStartElement("dataIntegrity");
byte[] HMacKeyBlockKey = new byte[] { 0x5f, 0xb2, 0xad, 0x01, 0x0c, 0xb9, 0xe1, 0xf6 };
DataKey.CalcDataIV(HMacKeyBlockKey);
byte[] HMacKey = TEncryptionUtils.GetRandom((int)DataKey.HashSizeBytes());
using (ICryptoTransform Encryptor = EncEngine.CreateEncryptor(DataKey.Key, DataKey.IV))
{
byte[] EncryptedHMacKey = TAgileEncryptionVerifier.EncryptBytes(HMacKey, Encryptor, DataKey.BlockSize);
xml.WriteAttributeString("encryptedHmacKey", Convert.ToBase64String(EncryptedHMacKey));
}
HMAC HMacCalc = new HMACSHA1(HMacKey);
WorkingStream.Position = 0;
byte[] HMac = HMacCalc.ComputeHash(WorkingStream);
byte[] HMacValBlockKey = new byte[] { 0xa0, 0x67, 0x7f, 0x02, 0xb2, 0x2c, 0x84, 0x33 };
DataKey.CalcDataIV(HMacValBlockKey);
using (ICryptoTransform Encryptor = EncEngine.CreateEncryptor(DataKey.Key, DataKey.IV))
{
byte[] EncryptedHMacValue = TAgileEncryptionVerifier.EncryptBytes(HMac, Encryptor, DataKey.BlockSize);
xml.WriteAttributeString("encryptedHmacValue", Convert.ToBase64String(EncryptedHMacValue));
}
xml.WriteEndElement();
xml.WriteStartElement("keyEncryptors");
xml.WriteStartElement("keyEncryptor");
xml.WriteAttributeString("uri", KeyEncryptorPasswordNamespace);
xml.WriteStartElement("encryptedKey", KeyEncryptorPasswordNamespace);
xml.WriteAttributeString("spinCount", Convert.ToString(KeyKey.SpinCount, CultureInfo.InvariantCulture));
WriteAgileCipherParams(xml, EncParams, KeyKey);
byte[] RandData = TEncryptionUtils.GetRandom(KeyKey.Salt.Length);
KeyKey.CalcKey(TAgileEncryptionKey.VerifierHashInputBlockKey, null);
using (ICryptoTransform Encryptor = EncEngine.CreateEncryptor(KeyKey.Key, KeyKey.IV))
{
byte[] EncryptedVerifierHashInput = TAgileEncryptionVerifier.EncryptBytes(RandData, Encryptor, KeyKey.BlockSize);
xml.WriteAttributeString("encryptedVerifierHashInput", Convert.ToBase64String(EncryptedVerifierHashInput));
}
KeyKey.CalcKey(TAgileEncryptionKey.VerifierHashValueBlockKey, null);
using (ICryptoTransform Encryptor = EncEngine.CreateEncryptor(KeyKey.Key, KeyKey.IV))
{
byte[] EncryptedVerifierHashValue = TAgileEncryptionVerifier.EncryptBytes(KeyKey.Hash(RandData), Encryptor, KeyKey.BlockSize);
xml.WriteAttributeString("encryptedVerifierHashValue", Convert.ToBase64String(EncryptedVerifierHashValue));
}
KeyKey.CalcKey(TAgileEncryptionKey.VerifierKeyValueBlockKey, null);
using (ICryptoTransform Encryptor = EncEngine.CreateEncryptor(KeyKey.Key, KeyKey.IV))
{
byte[] EncryptedKeyValue = TAgileEncryptionVerifier.EncryptBytes(DataKey.Key, Encryptor, KeyKey.BlockSize);
xml.WriteAttributeString("encryptedKeyValue", Convert.ToBase64String(EncryptedKeyValue));
}
xml.WriteEndElement();
xml.WriteEndElement();
xml.WriteEndElement();
xml.WriteEndElement();
xml.WriteEndDocument();
}
return(ms.ToArray());
}
}
