private static void UsingPassword(string inputFilePath, byte[] passwordBytes)
{
try
{
bool fileIsDirectory = FileHandling.IsDirectory(inputFilePath);
if (fileIsDirectory)
{
DirectoryDecryption.UsingPassword(inputFilePath, passwordBytes);
return;
}
byte[] salt = FileHeaders.ReadSalt(inputFilePath);
byte[] keyEncryptionKey = Argon2.DeriveKey(passwordBytes, salt);
string outputFilePath = GetOutputFilePath(inputFilePath);
DecryptFile.Initialize(inputFilePath, outputFilePath, keyEncryptionKey);
Utilities.ZeroArray(keyEncryptionKey);
DecryptionSuccessful(inputFilePath, outputFilePath);
}
catch (Exception ex) when(ExceptionFilters.FileAccess(ex))
{
Logging.LogException(ex.ToString(), Logging.Severity.Error);
if (ex is ArgumentException || ex is ArgumentOutOfRangeException)
{
DisplayMessage.FilePathMessage(inputFilePath, ex.Message);
return;
}
DisplayMessage.FilePathException(inputFilePath, ex.GetType().Name, "Unable to decrypt the file.");
}
}
private static void RestoreDirectoryName(string obfuscatedDirectoryPath)
{
try
{
string obfuscatedDirectoryName = Path.GetFileName(obfuscatedDirectoryPath);
// Get the path where the original directory name is stored
string storageFileName = $"{obfuscatedDirectoryName}.txt";
string storageFilePath = Path.Combine(obfuscatedDirectoryPath, storageFileName);
if (!File.Exists(storageFilePath))
{
return;
}
string directoryName = File.ReadAllText(storageFilePath);
string directoryPath = obfuscatedDirectoryPath.Replace(obfuscatedDirectoryName, directoryName);
directoryPath = FileHandling.GetUniqueDirectoryPath(directoryPath);
Directory.Move(obfuscatedDirectoryPath, directoryPath);
DisplayMessage.FileEncryptionResult(obfuscatedDirectoryName, directoryName);
storageFilePath = Path.Combine(directoryPath, storageFileName);
FileHandling.DeleteFile(storageFilePath);
}
catch (Exception ex) when(ExceptionFilters.FileAccess(ex))
{
Logging.LogException(ex.ToString(), Logging.Severity.Error);
DisplayMessage.FilePathException(obfuscatedDirectoryPath, ex.GetType().Name, "Unable to restore the directory name.");
}
}
public static void GenerateNewKeyPair(string exportDirectoryPath)
{
try
{
int keyPairType = GetKeyPairType();
bool validUserInput = FilePathValidation.GenerateKeyPair(exportDirectoryPath, keyPairType);
if (!validUserInput)
{
return;
}
string publicKey, privateKey, publicKeyPath, privateKeyPath;
if (keyPairType == 1)
{
(publicKey, privateKey) = AsymmetricKeys.GenerateEncryptionKeyPair();
(publicKeyPath, privateKeyPath) = AsymmetricKeys.ExportEncryptionKeyPair(exportDirectoryPath, publicKey, privateKey);
}
else
{
(publicKey, privateKey) = AsymmetricKeys.GenerateSigningKeyPair();
(publicKeyPath, privateKeyPath) = AsymmetricKeys.ExportSigningKeyPair(exportDirectoryPath, publicKey, privateKey);
}
DisplayKeyPair(publicKey, publicKeyPath, privateKeyPath);
}
catch (Exception ex) when(ExceptionFilters.FileAccess(ex))
{
Logging.LogException(ex.ToString(), Logging.Severity.Error);
DisplayMessage.FilePathException(exportDirectoryPath, ex.GetType().Name, "Unable to export key pair.");
}
}
private static void UsingPrivateKey(string inputFilePath, byte[] sharedSecret, byte[] recipientPrivateKey)
{
try
{
bool fileIsDirectory = FileHandling.IsDirectory(inputFilePath);
if (fileIsDirectory)
{
DirectoryDecryption.UsingPrivateKey(inputFilePath, sharedSecret, recipientPrivateKey);
return;
}
byte[] ephemeralPublicKey = FileHeaders.ReadEphemeralPublicKey(inputFilePath);
byte[] ephemeralSharedSecret = KeyExchange.GetSharedSecret(recipientPrivateKey, ephemeralPublicKey);
byte[] salt = FileHeaders.ReadSalt(inputFilePath);
byte[] keyEncryptionKey = Generate.KeyEncryptionKey(sharedSecret, ephemeralSharedSecret, salt);
string outputFilePath = GetOutputFilePath(inputFilePath);
DecryptFile.Initialize(inputFilePath, outputFilePath, keyEncryptionKey);
Utilities.ZeroArray(keyEncryptionKey);
DecryptionSuccessful(inputFilePath, outputFilePath);
}
catch (Exception ex) when(ExceptionFilters.FileAccess(ex))
{
Logging.LogException(ex.ToString(), Logging.Severity.Error);
if (ex is ArgumentException || ex is ArgumentOutOfRangeException)
{
DisplayMessage.FilePathMessage(inputFilePath, ex.Message);
return;
}
DisplayMessage.FilePathException(inputFilePath, ex.GetType().Name, "Unable to decrypt the file.");
}
}
public static string KeyfilePath(string keyfilePath)
{
try
{
const string keyfileExtension = ".key";
// Generate a random keyfile
if (Directory.Exists(keyfilePath))
{
string randomFileName = ObfuscateFileName.GetRandomFileName() + keyfileExtension;
keyfilePath = Path.Combine(keyfilePath, randomFileName);
}
// Append keyfile extension if missing
if (!keyfilePath.EndsWith(keyfileExtension, StringComparison.InvariantCulture))
{
keyfilePath += keyfileExtension;
}
Keyfiles.GenerateKeyfile(keyfilePath);
return(keyfilePath);
}
catch (Exception ex) when(ExceptionFilters.FileAccess(ex))
{
Logging.LogException(ex.ToString(), Logging.Severity.Error);
DisplayMessage.FilePathException(keyfilePath, ex.GetType().Name, "Unable to randomly generate keyfile.");
return(null);
}
}
private static void UsingPassword(string inputFilePath, byte[] passwordBytes)
{
try
{
bool fileIsDirectory = FileHandling.IsDirectory(inputFilePath);
if (fileIsDirectory)
{
DirectoryEncryption.UsingPassword(inputFilePath, passwordBytes);
return;
}
// Derive a unique KEK per file
byte[] salt = Generate.Salt();
byte[] keyEncryptionKey = Argon2.DeriveKey(passwordBytes, salt);
// Fill the ephemeral public key header with random key (since not in use)
byte[] randomEphemeralPublicKeyHeader = Generate.EphemeralPublicKeyHeader();
string outputFilePath = GetOutputFilePath(inputFilePath);
EncryptFile.Initialize(inputFilePath, outputFilePath, randomEphemeralPublicKeyHeader, salt, keyEncryptionKey);
Utilities.ZeroArray(keyEncryptionKey);
EncryptionSuccessful(inputFilePath, outputFilePath);
}
catch (Exception ex) when(ExceptionFilters.FileAccess(ex))
{
Logging.LogException(ex.ToString(), Logging.Severity.Error);
DisplayMessage.FilePathException(inputFilePath, ex.GetType().Name, "Unable to encrypt the file.");
}
}
private static void UsingPublicKey(string inputFilePath, byte[] sharedSecret, byte[] recipientPublicKey)
{
try
{
bool fileIsDirectory = FileHandling.IsDirectory(inputFilePath);
if (fileIsDirectory)
{
DirectoryEncryption.UsingPublicKey(inputFilePath, sharedSecret, recipientPublicKey);
return;
}
// Derive a unique KEK per file
(byte[] ephemeralSharedSecret, byte[] ephemeralPublicKey) = KeyExchange.GetEphemeralSharedSecret(recipientPublicKey);
byte[] salt = Generate.Salt();
byte[] keyEncryptionKey = Generate.KeyEncryptionKey(sharedSecret, ephemeralSharedSecret, salt);
string outputFilePath = GetOutputFilePath(inputFilePath);
EncryptFile.Initialize(inputFilePath, outputFilePath, ephemeralPublicKey, salt, keyEncryptionKey);
Utilities.ZeroArray(keyEncryptionKey);
EncryptionSuccessful(inputFilePath, outputFilePath);
}
catch (Exception ex) when(ExceptionFilters.FileAccess(ex))
{
Logging.LogException(ex.ToString(), Logging.Severity.Error);
DisplayMessage.FilePathException(inputFilePath, ex.GetType().Name, "Unable to encrypt the file.");
}
}
public static void UsingPassword(string directoryPath, byte[] passwordBytes)
{
try
{
string[] filePaths = GetFiles(directoryPath);
string saltFilePath = Path.Combine(directoryPath, Constants.SaltFile);
if (!File.Exists(saltFilePath))
{
throw new FileNotFoundException("No salt file found. Unable to decrypt the directory. Please decrypt these files individually.");
}
byte[] salt = File.ReadAllBytes(saltFilePath);
if (salt.Length != Constants.SaltLength)
{
throw new ArgumentException("Invalid salt length.");
}
byte[] keyEncryptionKey = Argon2.DeriveKey(passwordBytes, salt);
DecryptEachFileWithPassword(filePaths, keyEncryptionKey);
Finalize(directoryPath, saltFilePath);
}
catch (Exception ex) when(ExceptionFilters.FileAccess(ex))
{
Logging.LogException(ex.ToString(), Logging.Severity.Error);
if (ex is ArgumentException || ex is FileNotFoundException)
{
DisplayMessage.FilePathError(directoryPath, ex.Message);
return;
}
DisplayMessage.FilePathException(directoryPath, ex.GetType().Name, "Unable to decrypt the directory.");
}
}
public static void UsingPassword(string directoryPath, byte[] passwordBytes)
{
bool overwriteOption = Globals.Overwrite;
try
{
// Always overwrite directories
string backupDirectoryPath = BackupDirectory(directoryPath);
Globals.Overwrite = true;
string[] filePaths = GetFiles(directoryPath, out string newDirectoryPath);
// Generate one salt for the entire directory
byte[] salt = Generate.Salt();
CreateSaltFile(newDirectoryPath, salt);
// Perform password hashing once
byte[] keyEncryptionKey = Argon2.DeriveKey(passwordBytes, salt);
EncryptEachFileWithPassword(filePaths, salt, keyEncryptionKey);
RenameBackupDirectory(backupDirectoryPath, directoryPath);
}
catch (Exception ex) when(ExceptionFilters.FileAccess(ex))
{
Logging.LogException(ex.ToString(), Logging.Severity.Error);
DisplayMessage.FilePathException(directoryPath, ex.GetType().Name, "Unable to encrypt the directory.");
}
finally
{
Globals.Overwrite = overwriteOption;
}
}
private static void Finalize(string directoryPath)
{
try
{
RestoreDirectoryNames.AllDirectories(directoryPath);
}
catch (Exception ex) when(ExceptionFilters.FileAccess(ex))
{
DisplayMessage.FilePathException(directoryPath, ex.GetType().Name, "Unable to restore the directory names.");
}
}
public static void SetFileAttributesReadOnly(string filePath)
{
try
{
File.SetAttributes(filePath, FileAttributes.ReadOnly);
}
catch (Exception ex) when(ExceptionFilters.FileAccess(ex))
{
DisplayMessage.FilePathException(filePath, ex.GetType().Name, "Unable to make the file read-only.");
}
}
public static bool?IsSignatureFile(string filePath)
{
try
{
byte[] magicBytes = ReadFileHeader(filePath, offset: 0, Constants.SignatureMagicBytes.Length);
return(Utilities.Compare(magicBytes, Constants.SignatureMagicBytes));
}
catch (Exception ex) when(ExceptionFilters.FileAccess(ex))
{
return(null);
}
}
public static bool?IsKryptorFile(string filePath)
{
try
{
byte[] magicBytes = FileHeaders.ReadMagicBytes(filePath);
return(Utilities.Compare(magicBytes, Constants.KryptorMagicBytes));
}
catch (Exception ex) when(ExceptionFilters.FileAccess(ex))
{
return(null);
}
}
public static void MakeFileReadOnly(string filePath)
{
try
{
File.SetAttributes(filePath, FileAttributes.ReadOnly);
}
catch (Exception ex) when(ExceptionFilters.FileAccess(ex))
{
Logging.LogException(ex.ToString(), Logging.Severity.Warning);
DisplayMessage.FilePathException(filePath, ex.GetType().Name, "Unable to make the file read-only.");
}
}
private static byte[] UseKeyfile(byte[] passwordBytes, string keyfilePath)
{
try
{
byte[] keyfileBytes = Keyfiles.ReadKeyfile(keyfilePath);
return(passwordBytes == null ? keyfileBytes : CombineKeyfileAndPassword(passwordBytes, keyfileBytes));
}
catch (Exception ex) when(ExceptionFilters.FileAccess(ex))
{
DisplayMessage.Exception(ex.GetType().Name, "Unable to read keyfile. The keyfile has not been used.");
return(passwordBytes);
}
}
public static void OverwriteFile(string fileToDelete, string fileToCopy)
{
try
{
File.Copy(fileToCopy, fileToDelete, overwrite: true);
DeleteFile(fileToDelete);
}
catch (Exception ex) when(ExceptionFilters.FileAccess(ex))
{
Logging.LogException(ex.ToString(), Logging.Severity.Warning);
DisplayMessage.FilePathException(fileToDelete, ex.GetType().Name, "Unable to overwrite the file.");
}
}
public static void UsingPublicKey(string directoryPath, byte[] sharedSecret, byte[] recipientPrivateKey)
{
try
{
string[] filePaths = GetFiles(directoryPath);
DecryptEachFileWithPublicKey(filePaths, sharedSecret, recipientPrivateKey);
Finalize(directoryPath);
}
catch (Exception ex) when(ExceptionFilters.FileAccess(ex))
{
DisplayMessage.FilePathException(directoryPath, ex.GetType().Name, "Unable to decrypt the directory.");
}
}
public static void UsingPrivateKey(string directoryPath, byte[] privateKey)
{
try
{
string[] filePaths = GetFiles(ref directoryPath);
EncryptEachFileWithPrivateKey(filePaths, privateKey);
}
catch (Exception ex) when(ExceptionFilters.FileAccess(ex))
{
Logging.LogException(ex.ToString(), Logging.Severity.Error);
DisplayMessage.FilePathException(directoryPath, ex.GetType().Name, "Unable to encrypt the directory.");
}
}
public static void OverwriteFile(string fileToDelete, string fileToCopy)
{
try
{
File.SetAttributes(fileToDelete, FileAttributes.Normal);
File.Copy(fileToCopy, fileToDelete, overwrite: true);
File.Delete(fileToDelete);
}
catch (Exception ex) when(ExceptionFilters.FileAccess(ex))
{
DisplayMessage.FilePathException(fileToDelete, ex.GetType().Name, "Unable to overwrite the file.");
}
}
public static void RemoveAppendedFileName(string inputFilePath)
{
try
{
File.SetAttributes(inputFilePath, FileAttributes.Normal);
string fileName = Path.GetFileName(inputFilePath);
byte[] fileNameBytes = Encoding.UTF8.GetBytes(fileName);
using var inputFile = new FileStream(inputFilePath, FileMode.Open, FileAccess.ReadWrite, FileShare.Read, Constants.FileStreamBufferSize, FileOptions.RandomAccess);
inputFile.SetLength(inputFile.Length - fileNameBytes.Length);
}
catch (Exception ex) when(ExceptionFilters.FileAccess(ex))
{
DisplayMessage.FilePathException(inputFilePath, ex.GetType().Name, "Unable to remove appended file name.");
}
}
public static void DeleteFile(string filePath)
{
try
{
if (File.Exists(filePath))
{
File.SetAttributes(filePath, FileAttributes.Normal);
File.Delete(filePath);
}
}
catch (Exception ex) when(ExceptionFilters.FileAccess(ex))
{
DisplayMessage.FilePathException(filePath, ex.GetType().Name, "Unable to delete the file.");
}
}
private static void Finalize(string directoryPath)
{
try
{
if (Globals.ObfuscateFileNames)
{
RestoreDirectoryNames.AllDirectories(directoryPath);
}
}
catch (Exception ex) when(ExceptionFilters.FileAccess(ex))
{
Logging.LogException(ex.ToString(), Logging.Severity.Error);
DisplayMessage.FilePathException(directoryPath, ex.GetType().Name, "Unable to restore the directory names.");
}
}
private static string ObfuscateDirectoryName(string directoryPath)
{
try
{
string directoryName = Path.GetFileName(directoryPath);
string obfuscatedPath = ObfuscateFileName.ReplaceFilePath(directoryPath);
Directory.Move(directoryPath, obfuscatedPath);
StoreDirectoryName(directoryName, obfuscatedPath);
return(obfuscatedPath);
}
catch (Exception ex) when(ExceptionFilters.FileAccess(ex))
{
DisplayMessage.FilePathException(directoryPath, ex.GetType().Name, "Unable to obfuscate directory name.");
return(directoryPath);
}
}
public static void LogException(string exceptionMessage, Severity severity)
{
try
{
string logMessage = $"Exception Severity = {severity}" + Environment.NewLine + exceptionMessage + Environment.NewLine;
if (!Directory.Exists(_logdirectoryPath))
{
Directory.CreateDirectory(_logdirectoryPath);
}
File.AppendAllText(_logFilePath, logMessage);
}
catch (Exception ex) when(ExceptionFilters.FileAccess(ex))
{
DisplayMessage.Exception(ex.GetType().Name, "Unable to log exception.");
}
}
public static string GetOutputFilePath(string inputFilePath)
{
try
{
if (Globals.ObfuscateFileNames)
{
ObfuscateFileName.AppendFileName(inputFilePath);
inputFilePath = ObfuscateFileName.ReplaceFilePath(inputFilePath);
}
}
catch (Exception ex) when(ExceptionFilters.FileAccess(ex) || ex is EncoderFallbackException)
{
Logging.LogException(ex.ToString(), Logging.Severity.Error);
DisplayMessage.FilePathException(inputFilePath, ex.GetType().Name, "Unable to store file name.");
}
return(inputFilePath + Constants.EncryptedExtension);
}
public static void UsingPassword(string directoryPath, byte[] passwordBytes)
{
try
{
string[] filePaths = GetFiles(ref directoryPath);
// Generate one salt for all files in directory
byte[] salt = Generate.Salt();
CreateSaltFile(directoryPath, salt);
// Perform password hashing once
byte[] keyEncryptionKey = Argon2.DeriveKey(passwordBytes, salt);
EncryptEachFileWithPassword(filePaths, salt, keyEncryptionKey);
}
catch (Exception ex) when(ExceptionFilters.FileAccess(ex))
{
Logging.LogException(ex.ToString(), Logging.Severity.Error);
DisplayMessage.FilePathException(directoryPath, ex.GetType().Name, "Unable to encrypt the directory.");
}
}
public static string GetOutputFilePath(string inputFilePath)
{
try
{
if (Globals.ObfuscateFileNames)
{
ObfuscateFileName.AppendFileName(inputFilePath);
inputFilePath = ObfuscateFileName.ReplaceFilePath(inputFilePath);
}
}
catch (Exception ex) when(ExceptionFilters.FileAccess(ex) || ex is EncoderFallbackException)
{
DisplayMessage.FilePathException(inputFilePath, ex.GetType().Name, "Unable to store file name.");
}
string outputFilePath = inputFilePath + Constants.EncryptedExtension;
return(FileHandling.GetUniqueFilePath(outputFilePath));
}
private static string[] GetFiles(string directoryPath, out string newDirectoryPath)
{
try
{
if (Globals.ObfuscateFileNames)
{
directoryPath = ObfuscateDirectoryNames.AllDirectories(directoryPath);
}
}
catch (Exception ex) when(ExceptionFilters.FileAccess(ex))
{
DisplayMessage.FilePathException(directoryPath, ex.GetType().Name, "Unable to obfuscate the directory names.");
}
newDirectoryPath = directoryPath;
string[] filePaths = FileHandling.GetAllFiles(directoryPath);
// -1 for the selected directory
Globals.TotalCount += filePaths.Length - 1;
return(filePaths);
}
public static void RenameFile(string inputFilePath, string outputFilePath, int fileNameLength)
{
try
{
if (fileNameLength == 0)
{
return;
}
Globals.ObfuscateFileNames = true;
string originalFileName = ReadFileName(outputFilePath, fileNameLength);
string obfuscatedFileName = Path.GetFileName(outputFilePath);
string restoredFilePath = outputFilePath.Replace(obfuscatedFileName, originalFileName);
restoredFilePath = FileHandling.GetUniqueFilePath(restoredFilePath);
File.Move(outputFilePath, restoredFilePath);
DisplayMessage.FileEncryptionResult(inputFilePath, restoredFilePath);
}
catch (Exception ex) when(ExceptionFilters.FileAccess(ex))
{
DisplayMessage.FilePathException(outputFilePath, ex.GetType().Name, "Unable to restore the original file name.");
}
}
public static void RenameFile(string outputFilePath, int fileNameLength)
{
try
{
if (fileNameLength == 0)
{
return;
}
string originalFileName = ReadFileName(outputFilePath, fileNameLength);
string obfuscatedFileName = Path.GetFileName(outputFilePath);
string restoredFilePath = outputFilePath.Replace(obfuscatedFileName, originalFileName);
// Replace the file if it already exists
FileHandling.DeleteFile(restoredFilePath);
File.Move(outputFilePath, restoredFilePath);
}
catch (Exception ex) when(ExceptionFilters.FileAccess(ex))
{
Logging.LogException(ex.ToString(), Logging.Severity.Error);
DisplayMessage.FilePathException(outputFilePath, ex.GetType().Name, "Unable to restore the original file name.");
}
}
