/// <summary>
/// Adds the encryption metadata to the file info.
/// </summary>
/// <param name="file">The file information to update.</param>
/// <param name="fileEncryption">The file encryption to use.</param>
internal static void AddEncryptionMetadataToAssetFile(AssetFileData file, FileEncryption fileEncryption)
{
ulong iv = fileEncryption.GetInitializationVectorForFile(file.Name);
file.IsEncrypted = true;
file.EncryptionKeyId = fileEncryption.GetKeyIdentifierAsString();
file.EncryptionScheme = FileEncryption.SchemeName;
file.EncryptionVersion = FileEncryption.SchemeVersion;
file.InitializationVector = iv.ToString(CultureInfo.InvariantCulture);
}
/// <summary>
/// Creates the storage content key.
/// </summary>
/// <param name="fileEncryption">The file encryption.</param>
/// <param name="cert">The cert.</param>
/// <returns>The content key.</returns>
internal static ContentKeyData CreateStorageContentKey(FileEncryption fileEncryption, X509Certificate2 cert)
{
byte[] encryptedContentKey = fileEncryption.EncryptContentKeyToCertificate(cert);
ContentKeyData contentKeyData = new ContentKeyData
{
Id = fileEncryption.GetKeyIdentifierAsString(),
EncryptedContentKey = Convert.ToBase64String(encryptedContentKey),
ContentKeyType = (int)ContentKeyType.StorageEncryption,
ProtectionKeyId = cert.Thumbprint,
ProtectionKeyType = (int)ProtectionKeyType.X509CertificateThumbprint,
Checksum = fileEncryption.GetChecksum()
};
return(contentKeyData);
}
private static void SetEncryptionSettings(IIngestManifestAsset ingestManifestAsset, AssetCreationOptions options, IngestManifestFileData data)
{
if (options.HasFlag(AssetCreationOptions.StorageEncrypted))
{
var contentKeyData = ingestManifestAsset.Asset.ContentKeys.Where(c => c.ContentKeyType == ContentKeyType.StorageEncryption).FirstOrDefault();
if (contentKeyData == null)
{
throw new InvalidOperationException(String.Format(CultureInfo.InvariantCulture, StringTable.StorageEncryptionContentKeyIsMissing, ingestManifestAsset.Asset.Id));
}
using (var fileEncryption = new FileEncryption(contentKeyData.GetClearKeyValue(), EncryptionUtils.GetKeyIdAsGuid(contentKeyData.Id)))
{
if (!fileEncryption.IsInitializationVectorPresent(data.Name))
{
fileEncryption.CreateInitializationVectorForFile(data.Name);
}
ulong iv = fileEncryption.GetInitializationVectorForFile(data.Name);
data.IsEncrypted = true;
data.EncryptionKeyId = fileEncryption.GetKeyIdentifierAsString();
data.EncryptionScheme = FileEncryption.SchemeName;
data.EncryptionVersion = FileEncryption.SchemeVersion;
data.InitializationVector = iv.ToString(CultureInfo.InvariantCulture);
}
}
else if (options.HasFlag(AssetCreationOptions.CommonEncryptionProtected))
{
data.IsEncrypted = true;
data.EncryptionScheme = CommonEncryption.SchemeName;
data.EncryptionVersion = CommonEncryption.SchemeVersion;
}
else if (options.HasFlag(AssetCreationOptions.EnvelopeEncryptionProtected))
{
data.IsEncrypted = true;
data.EncryptionScheme = EnvelopeEncryption.SchemeName;
data.EncryptionVersion = EnvelopeEncryption.SchemeVersion;
}
}
