Exemple #1
0
#pragma warning restore CA2227 // Collection properties should be read only

        internal static async Task <EncryptionData> CreateInternalV1_0(
            byte[] contentEncryptionIv,
            string keyWrapAlgorithm,
            byte[] contentEncryptionKey,
            IKeyEncryptionKey keyEncryptionKey,
            bool async,
            CancellationToken cancellationToken)
        => new EncryptionData()
        {
            EncryptionMode      = Constants.ClientSideEncryption.EncryptionMode,
            ContentEncryptionIV = contentEncryptionIv,
            EncryptionAgent     = new EncryptionAgent()
            {
                EncryptionAlgorithm = ClientSideEncryptionAlgorithm.AesCbc256,
                EncryptionVersion   = ClientSideEncryptionVersion.V1_0
            },
            KeyWrappingMetadata = new Dictionary <string, string>()
            {
                { Constants.ClientSideEncryption.AgentMetadataKey, AgentString }
            },
            WrappedContentKey = new KeyEnvelope()
            {
                Algorithm    = keyWrapAlgorithm,
                EncryptedKey = async
                        ? await keyEncryptionKey.WrapKeyAsync(keyWrapAlgorithm, contentEncryptionKey, cancellationToken).ConfigureAwait(false)
                        : keyEncryptionKey.WrapKey(keyWrapAlgorithm, contentEncryptionKey, cancellationToken),
                KeyId = keyEncryptionKey.KeyId
            }
        };
Exemple #2
0
        internal static async Task <EncryptionData> CreateInternalV2_0(
            string keyWrapAlgorithm,
            byte[] contentEncryptionKey,
            IKeyEncryptionKey keyEncryptionKey,
            bool async,
            CancellationToken cancellationToken)
        {
            // v2.0 binds content encryption key with protocol version under a single keywrap
            int keyOffset  = Constants.ClientSideEncryption.V2.WrappedDataVersionLength;
            var dataToWrap = new byte[keyOffset + contentEncryptionKey.Length];

            Encoding.UTF8.GetBytes(ClientSideEncryptionVersion.V2_0.Serialize()).CopyTo(dataToWrap, 0);
            contentEncryptionKey.CopyTo(dataToWrap, keyOffset);

            return(new EncryptionData()
            {
                EncryptionMode = Constants.ClientSideEncryption.EncryptionMode,
                EncryptionAgent = new EncryptionAgent()
                {
                    EncryptionAlgorithm = ClientSideEncryptionAlgorithm.AesGcm256,
                    EncryptionVersion = ClientSideEncryptionVersion.V2_0
                },
                EncryptedRegionInfo = new EncryptedRegionInfo()
                {
                    DataLength = Constants.ClientSideEncryption.V2.EncryptionRegionDataSize,
                    NonceLength = Constants.ClientSideEncryption.V2.NonceSize,
                },
                KeyWrappingMetadata = new Dictionary <string, string>()
                {
                    { Constants.ClientSideEncryption.AgentMetadataKey, AgentString }
                },
                WrappedContentKey = new KeyEnvelope()
                {
                    Algorithm = keyWrapAlgorithm,
                    EncryptedKey = async
                        ? await keyEncryptionKey.WrapKeyAsync(keyWrapAlgorithm, dataToWrap, cancellationToken).ConfigureAwait(false)
                        : keyEncryptionKey.WrapKey(keyWrapAlgorithm, dataToWrap, cancellationToken),
                    KeyId = keyEncryptionKey.KeyId
                }
            });
        }