/// <summary> /// Creates the configuration content key. /// </summary> /// <param name="configEncryption">The config encryption.</param> /// <param name="cert">The cert.</param> /// <returns>The content key.</returns> internal static ContentKeyData CreateConfigurationContentKey(ConfigurationEncryption configEncryption, X509Certificate2 cert) { byte[] encryptedContentKey = configEncryption.EncryptContentKeyToCertificate(cert); ContentKeyData contentKeyData = new ContentKeyData { Id = configEncryption.GetKeyIdentifierAsString(), EncryptedContentKey = Convert.ToBase64String(encryptedContentKey), ContentKeyType = (int)ContentKeyType.ConfigurationEncryption, ProtectionKeyId = cert.Thumbprint, ProtectionKeyType = (int)ProtectionKeyType.X509CertificateThumbprint, Checksum = configEncryption.GetChecksum() }; return(contentKeyData); }
private void ProtectTaskConfiguration(TaskTemplateData taskTemplate, ref X509Certificate2 certToUse, IMediaDataServiceContext dataContext) { using (ConfigurationEncryption configEncryption = new ConfigurationEncryption()) { // Update the task template with the required data. taskTemplate.Configuration = configEncryption.Encrypt(taskTemplate.Configuration); taskTemplate.EncryptionKeyId = configEncryption.GetKeyIdentifierAsString(); taskTemplate.EncryptionScheme = ConfigurationEncryption.SchemeName; taskTemplate.EncryptionVersion = ConfigurationEncryption.SchemeVersion; taskTemplate.InitializationVector = configEncryption.GetInitializationVectorAsString(); if (certToUse == null) { // Get the certificate to use to encrypt the configuration encryption key. certToUse = ContentKeyBaseCollection.GetCertificateToEncryptContentKey(GetMediaContext(), ContentKeyType.ConfigurationEncryption); } // Create a content key object to hold the encryption key. ContentKeyData contentKeyData = ContentKeyBaseCollection.InitializeConfigurationContentKey(configEncryption, certToUse); dataContext.AddObject(ContentKeyBaseCollection.ContentKeySet, contentKeyData); } }
/// <summary> /// Decrypts the configuration string. /// </summary> /// <param name="cloudMediaContext">The cloud media context.</param> /// <param name="encryptionKeyId">The encryption key id.</param> /// <param name="initializationVector">The initialization vector.</param> /// <param name="encryptedConfiguration">The encrypted configuration.</param> /// <returns>The decrypted configuration.</returns> internal static string DecryptConfigurationString(CloudMediaContext cloudMediaContext, string encryptionKeyId, string initializationVector, string encryptedConfiguration) { if (cloudMediaContext == null) { throw new ArgumentNullException("cloudMediaContext"); } if (string.IsNullOrEmpty(encryptionKeyId)) { throw new ArgumentException(string.Format(CultureInfo.InvariantCulture, StringTable.ErrorArgCannotBeNullOrEmpty, "encryption key identifier"), "encryptionKeyId"); } if (string.IsNullOrEmpty(initializationVector)) { throw new ArgumentException(string.Format(CultureInfo.InvariantCulture, StringTable.ErrorArgCannotBeNullOrEmpty, "initialization vector"), "initializationVector"); } if (string.IsNullOrEmpty(encryptedConfiguration)) { throw new ArgumentException(string.Format(CultureInfo.InvariantCulture, StringTable.ErrorArgCannotBeNullOrEmpty, "encrypted configuration"), "encryptedConfiguration"); } string returnValue; Guid keyId = EncryptionUtils.GetKeyIdAsGuid(encryptionKeyId); byte[] iv = Convert.FromBase64String(initializationVector); IContentKey configKey = cloudMediaContext.ContentKeys.Where(c => c.Id == encryptionKeyId).Single(); byte[] contentKey = configKey.GetClearKeyValue(); using (ConfigurationEncryption configEnc = new ConfigurationEncryption(keyId, contentKey, iv)) { returnValue = configEnc.Decrypt(encryptedConfiguration); } return(returnValue); }
/// <summary> /// Decrypts the configuration string. /// </summary> /// <param name="cloudMediaContext">The cloud media context.</param> /// <param name="encryptionKeyId">The encryption key id.</param> /// <param name="initializationVector">The initialization vector.</param> /// <param name="encryptedConfiguration">The encrypted configuration.</param> /// <returns>The decrypted configuration.</returns> internal static string DecryptConfigurationString(MediaContextBase cloudMediaContext, string encryptionKeyId, string initializationVector, string encryptedConfiguration) { if (cloudMediaContext == null) { throw new ArgumentNullException("cloudMediaContext"); } if (string.IsNullOrEmpty(encryptionKeyId)) { throw new ArgumentException(string.Format(CultureInfo.InvariantCulture, StringTable.ErrorArgCannotBeNullOrEmpty, "encryption key identifier"), "encryptionKeyId"); } if (string.IsNullOrEmpty(initializationVector)) { throw new ArgumentException(string.Format(CultureInfo.InvariantCulture, StringTable.ErrorArgCannotBeNullOrEmpty, "initialization vector"), "initializationVector"); } if (string.IsNullOrEmpty(encryptedConfiguration)) { throw new ArgumentException(string.Format(CultureInfo.InvariantCulture, StringTable.ErrorArgCannotBeNullOrEmpty, "encrypted configuration"), "encryptedConfiguration"); } string returnValue; Guid keyId = EncryptionUtils.GetKeyIdAsGuid(encryptionKeyId); byte[] iv = Convert.FromBase64String(initializationVector); IContentKey configKey = cloudMediaContext.ContentKeys.Where(c => c.Id == encryptionKeyId).Single(); byte[] contentKey = configKey.GetClearKeyValue(); using (ConfigurationEncryption configEnc = new ConfigurationEncryption(keyId, contentKey, iv)) { returnValue = configEnc.Decrypt(encryptedConfiguration); } return returnValue; }
private static void ProtectTaskConfiguration(TaskTemplateData taskTemplate, ref X509Certificate2 certToUse, DataServiceContext dataContext) { using (ConfigurationEncryption configEncryption = new ConfigurationEncryption()) { // Update the task template with the required data. taskTemplate.Configuration = configEncryption.Encrypt(taskTemplate.Configuration); taskTemplate.EncryptionKeyId = configEncryption.GetKeyIdentifierAsString(); taskTemplate.EncryptionScheme = ConfigurationEncryption.SchemeName; taskTemplate.EncryptionVersion = ConfigurationEncryption.SchemeVersion; taskTemplate.InitializationVector = configEncryption.GetInitializationVectorAsString(); if (certToUse == null) { // Get the certificate to use to encrypt the configuration encryption key. certToUse = ContentKeyBaseCollection.GetCertificateToEncryptContentKey(dataContext, ContentKeyType.ConfigurationEncryption); } // Create a content key object to hold the encryption key. ContentKeyData contentKeyData = ContentKeyBaseCollection.CreateConfigurationContentKey(configEncryption, certToUse); dataContext.AddObject(ContentKeyCollection.ContentKeySet, contentKeyData); } }