private TransportMessageFilterContext _encrypt(TransportMessageFilterContext context)
{
using (Aes aes = Aes.Create())
{
var key = Convert.FromBase64String(_keyProvider.GetKey(_keyName));
aes.GenerateIV();
var aesIV = aes.IV;
ICryptoTransform encryptor = aes.CreateEncryptor(key, aesIV);
using (MemoryStream msEncrypt = new MemoryStream())
{
using (CryptoStream csEncrypt = new CryptoStream(msEncrypt, encryptor, CryptoStreamMode.Write))
{
csEncrypt.Write(context.TransportMessage.Data, 0, context.TransportMessage.Data.Length);
}
context.TransportMessage.Data = msEncrypt.ToArray();
}
var meta = context.TransportMessage.MetaData = context.TransportMessage.MetaData ?? new MessageMetaData();
meta.Encrypted = true;
meta.EncryptionKeyName = _keyName;
meta.EncryptionMethod = "AES";
meta.Add("EncryptionVector", aesIV);
return(context);
}
}
private byte[][] GetHashKeys()
{
var key = _encryptionKeyProvider.GetKey();
var result = new byte[2][];
var enc = Encoding.UTF8;
var sha2 = new SHA256CryptoServiceProvider();
var rawKey = enc.GetBytes(key);
var rawIV = enc.GetBytes(key);
var hashKey = sha2.ComputeHash(rawKey);
var hashIV = sha2.ComputeHash(rawIV);
Array.Resize(ref hashIV, 16);
result[0] = hashKey;
result[1] = hashIV;
return(result);
}
public SensitiveDataService(ApplicationDbContext context, IEncryptionKeyProvider provider)
{
_context = context;
_key = Convert.FromBase64String(provider.GetKey());
}