Exemple #1
0
 private void Dispose(bool disposing, bool force)
 {
     if (disposing & force)
     {
         _key.Dispose();
     }
 }
 private void Dispose(bool disposing)
 {
     if (disposing)
     {
         if (_implementation != null)
         {
             _implementation.Dispose();
             _implementation = null;
         }
     }
 }
        internal static T Decrypt <T>(string encryptedData, KeyVaultKeyResolver cloudResolver, string keyId)
        {
            CipherData cb = Deserialize <CipherData>(encryptedData);
            IKey       keyEncryptionKey = null;

            try
            {
                keyEncryptionKey = cloudResolver.ResolveKeyAsync(keyId, CancellationToken.None).GetAwaiter().GetResult();
                var currentKeyVersion = new Uri(keyEncryptionKey.Kid).Segments.Last();

                if (!currentKeyVersion.Equals(cb.KeyVersion))
                {
                    Console.WriteLine("Data encrypted with different key version: {0} vs {1}", currentKeyVersion, cb.KeyVersion);
                    // version doesn't match - go get the correct key version to unwrap with.
                    string newKey = keyId + "/" + cb.KeyVersion;
                    Console.WriteLine("Retrieving different key: " + newKey);
                    try
                    {
                        keyEncryptionKey = cloudResolver.ResolveKeyAsync(newKey, CancellationToken.None).GetAwaiter().GetResult();
                    }
                    catch (AggregateException ae)
                    {
                        Console.WriteLine("Cloudresolver could not retrieve key, version '" + cb.KeyVersion + "': " + ae.Message);
                        return(default(T));
                    }
                }

                // Unwrap Key using KeyVault
                byte[] aesKey = keyEncryptionKey.UnwrapKeyAsync(Convert.FromBase64String(cb.WrapedKey), cb.AlgorithmName, CancellationToken.None).GetAwaiter().GetResult();

                string plainJson = Decrypt(Convert.FromBase64String(cb.CipherText), aesKey);

                using (var streamReader = new StringReader(plainJson))
                {
                    JsonReader jreader = new JsonTextReader(streamReader);
                    return(new JsonSerializer().Deserialize <T>(jreader));
                }
            }
            finally
            {
                if (keyEncryptionKey != null)
                {
                    keyEncryptionKey.Dispose();
                }
            }
        }
        internal static void DecryptFile(string cipherTextPath, string encryptedMetadata, string decryptedOutput, KeyVaultKeyResolver cloudResolver, string keyId)
        {
            // Make sure encrypted file exists.
            if (!File.Exists(cipherTextPath))
            {
                throw new FileNotFoundException("File not found.", cipherTextPath);
            }

            CipherData cb = Deserialize <CipherData>(encryptedMetadata);
            IKey       keyEncryptionKey = null;

            try
            {
                keyEncryptionKey = cloudResolver.ResolveKeyAsync(keyId, CancellationToken.None).GetAwaiter().GetResult();
                var currentKeyVersion = new Uri(keyEncryptionKey.Kid).Segments.Last();

                if (!currentKeyVersion.Equals(cb.KeyVersion))
                {
                    Console.WriteLine("Data encrypted with different key version: {0} vs {1}", currentKeyVersion, cb.KeyVersion);
                    // version doesn't match - go get the correct key version to unwrap with.
                    string newKey = keyId + "/" + cb.KeyVersion;
                    Console.WriteLine("Retrieving different key: " + newKey);
                    keyEncryptionKey = cloudResolver.ResolveKeyAsync(newKey, CancellationToken.None).GetAwaiter().GetResult();
                }

                // Unwrap Key using KeyVault
                byte[] aesKey = keyEncryptionKey.UnwrapKeyAsync(Convert.FromBase64String(cb.WrapedKey), cb.AlgorithmName, CancellationToken.None).GetAwaiter().GetResult();

                DecryptFile(cipherTextPath, decryptedOutput, aesKey);
            }
            finally
            {
                if (keyEncryptionKey != null)
                {
                    keyEncryptionKey.Dispose();
                }
            }
        }