private static AS4EncryptedKey GetEncryptedKey( byte[] symmetricKey, KeyEncryptionConfiguration keyEncryptionConfig) { return (AS4EncryptedKey.CreateEncryptedKeyBuilderForKey(symmetricKey, keyEncryptionConfig) .Build()); }
internal EncryptionStrategy( KeyEncryptionConfiguration keyEncryptionConfig, DataEncryptionConfiguration dataEncryptionConfig, IEnumerable <Attachment> attachments) { _keyEncryptionConfig = keyEncryptionConfig; _dataEncryptionConfig = dataEncryptionConfig; _attachments = attachments.ToList(); }
/// <summary> /// Start Encrypting AS4 Message /// </summary> /// <param name="messagingContext"></param> /// <returns></returns> public async Task <StepResult> ExecuteAsync(MessagingContext messagingContext) { if (messagingContext == null) { throw new ArgumentNullException(nameof(messagingContext)); } if (messagingContext.AS4Message == null) { throw new InvalidOperationException( $"{nameof(EncryptAS4MessageStep)} requires an AS4Message to encrypt but no AS4Message is present in the MessagingContext"); } if (messagingContext.SendingPMode == null) { throw new InvalidOperationException( $"{nameof(EncryptAS4MessageStep)} requires a SendingPMode to encrypt the AS4Message but no SendingPMode is present in the MessagingContext"); } if (messagingContext.SendingPMode.Security?.Encryption == null || messagingContext.SendingPMode.Security.Encryption.IsEnabled == false) { Logger.Trace( "No encryption of the AS4Message will happen because the " + $"SendingPMode {messagingContext.SendingPMode?.Id} Security.Encryption.IsEnabled is disabled"); return(await StepResult.SuccessAsync(messagingContext)); } Logger.Info( $"(Outbound)[{messagingContext.AS4Message.GetPrimaryMessageId()}] Encrypt AS4Message with given encryption information " + $"configured in the SendingPMode: {messagingContext.SendingPMode.Id}"); KeyEncryptionConfiguration keyEncryptionConfig = RetrieveKeyEncryptionConfig(messagingContext.SendingPMode); Encryption encryptionSettings = messagingContext.SendingPMode.Security.Encryption; var dataEncryptionConfig = new DataEncryptionConfiguration( encryptionMethod: encryptionSettings.Algorithm, algorithmKeySize: encryptionSettings.AlgorithmKeySize); EncryptAS4Message( messagingContext.AS4Message, keyEncryptionConfig, dataEncryptionConfig); var journal = JournalLogEntry.CreateFrom( messagingContext.AS4Message, $"Encrypted using certificate {keyEncryptionConfig.EncryptionCertificate.FriendlyName} and " + $"key encryption method: {keyEncryptionConfig.EncryptionMethod}, key digest method: {keyEncryptionConfig.DigestMethod}, " + $"key mgf: {keyEncryptionConfig.Mgf} and Data encryption method: {dataEncryptionConfig.EncryptionMethod}, " + $" data encryption type: {dataEncryptionConfig.EncryptionType}, data transport algorithm: {dataEncryptionConfig.TransformAlgorithm}"); return(await StepResult .Success(messagingContext) .WithJournalAsync(journal)); }
public void FailsToEncrypt_IfInvalidKeySize() { // Arrange AS4Message as4Message = CreateAS4Message(); var keyEncryptionConfig = new KeyEncryptionConfiguration(CreateEncryptionCertificate()); var dataEncryptionConfig = new DataEncryptionConfiguration(AS4.Model.PMode.Encryption.Default.Algorithm, -1); // Act / Assert Assert.ThrowsAny <Exception>(() => as4Message.Encrypt(keyEncryptionConfig, dataEncryptionConfig)); }
/// <summary> /// Initializes a new instance of the <see cref="EncryptionStrategyBuilder"/> class for the specified <paramref name="as4Message"/> /// </summary> /// <param name="as4Message"></param> /// <param name="keyConfiguration">The configuration that defines how the encryption-key must be encrypted</param> public static EncryptionStrategyBuilder Create(AS4Message as4Message, KeyEncryptionConfiguration keyConfiguration) { if (as4Message == null) { throw new ArgumentNullException(nameof(as4Message)); } if (keyConfiguration == null) { throw new ArgumentNullException(nameof(keyConfiguration)); } return(new EncryptionStrategyBuilder(as4Message, keyConfiguration)); }
private static void EncryptAS4Message( AS4Message message, KeyEncryptionConfiguration keyEncryptionConfig, DataEncryptionConfiguration dataEncryptionConfig) { try { message.Encrypt(keyEncryptionConfig, dataEncryptionConfig); } catch (Exception exception) { string description = $"Problems with encryption AS4Message: {exception}"; Logger.Error(description); throw new CryptographicException(description, exception); } }
/// <summary> /// Encrypts the AS4 Message using the specified <paramref name="keyEncryptionConfig"/> /// and <paramref name="dataEncryptionConfig"/> /// </summary> /// <param name="keyEncryptionConfig"></param> /// <param name="dataEncryptionConfig"></param> public void Encrypt(KeyEncryptionConfiguration keyEncryptionConfig, DataEncryptionConfiguration dataEncryptionConfig) { if (keyEncryptionConfig == null) { throw new ArgumentNullException(nameof(keyEncryptionConfig)); } if (dataEncryptionConfig == null) { throw new ArgumentNullException(nameof(dataEncryptionConfig)); } var encryptor = EncryptionStrategyBuilder .Create(this, keyEncryptionConfig) .WithDataEncryptionConfiguration(dataEncryptionConfig) .Build(); SecurityHeader.Encrypt(encryptor); }
public void ThenCreateAS4EncryptedKeySucceeds(string algorithm, string digest, string mgf) { byte[] encryptionKey = GenerateEncryptionKey(); var keyEncryption = new KeyEncryption { TransportAlgorithm = algorithm, DigestAlgorithm = digest, MgfAlgorithm = mgf }; var keyEncryptionConfiguration = new KeyEncryptionConfiguration(GetCertificate(), keyEncryption); AS4EncryptedKey key = AS4EncryptedKey.CreateEncryptedKeyBuilderForKey(encryptionKey, keyEncryptionConfiguration) .Build(); Assert.Equal(algorithm, key.GetEncryptionAlgorithm()); Assert.Equal(digest, key.GetDigestAlgorithm()); Assert.Equal(mgf, key.GetMaskGenerationFunction()); }
private EncryptionStrategyBuilder(AS4Message as4Message, KeyEncryptionConfiguration keyConfig) { _as4Message = as4Message; _keyConfiguration = keyConfig; }