public static byte[] Decrypt(byte[] encryptedFileHeader, byte[] nonce, byte[] keyEncryptionKey, byte[] additionalData)
{
try
{
return(XChaCha20BLAKE2b.Decrypt(encryptedFileHeader, nonce, keyEncryptionKey, additionalData, TagLength.Medium));
}
catch (CryptographicException)
{
return(null);
}
}
public static byte[] Encrypt(byte[] passwordBytes, byte[] keyAlgorithm, byte[] privateKey)
{
byte[] salt = Generate.Salt();
byte[] key = Argon2.DeriveKey(passwordBytes, salt);
CryptographicOperations.ZeroMemory(passwordBytes);
byte[] nonce = Generate.Nonce();
byte[] additionalData = Arrays.Concat(keyAlgorithm, Constants.PrivateKeyVersion);
byte[] encryptedPrivateKey = XChaCha20BLAKE2b.Encrypt(privateKey, nonce, key, additionalData, TagLength.Medium);
CryptographicOperations.ZeroMemory(privateKey);
CryptographicOperations.ZeroMemory(key);
return(Arrays.Concat(additionalData, salt, nonce, encryptedPrivateKey));
}
private static byte[] Decrypt(byte[] passwordBytes, byte[] privateKey)
{
byte[] keyAlgorithm = GetKeyAlgorithm(privateKey);
byte[] keyVersion = GetKeyVersion(privateKey);
byte[] salt = GetSalt(privateKey);
byte[] nonce = GetNonce(privateKey);
byte[] encryptedPrivateKey = GetEncryptedPrivateKey(privateKey);
byte[] additionalData = Arrays.Concat(keyAlgorithm, keyVersion);
byte[] key = Argon2.DeriveKey(passwordBytes, salt);
CryptographicOperations.ZeroMemory(passwordBytes);
byte[] decryptedPrivateKey = XChaCha20BLAKE2b.Decrypt(encryptedPrivateKey, nonce, key, additionalData, TagLength.Medium);
CryptographicOperations.ZeroMemory(key);
return(decryptedPrivateKey);
}
private static void Encrypt(FileStream inputFile, FileStream outputFile, byte[] nonce, byte[] dataEncryptionKey, byte[] additionalData)
{
const int offset = 0;
byte[] plaintextChunk = new byte[Constants.FileChunkSize];
while (inputFile.Read(plaintextChunk, offset, plaintextChunk.Length) > 0)
{
byte[] ciphertextChunk = XChaCha20BLAKE2b.Encrypt(plaintextChunk, nonce, dataEncryptionKey, additionalData, TagLength.Medium);
nonce = Utilities.Increment(nonce);
additionalData = ChunkHandling.GetPreviousTag(ciphertextChunk);
outputFile.Write(ciphertextChunk, offset, ciphertextChunk.Length);
}
CryptographicOperations.ZeroMemory(dataEncryptionKey);
}
private static void Decrypt(FileStream inputFile, FileStream outputFile, byte[] nonce, byte[] dataEncryptionKey, byte[] additionalData, int lastChunkLength)
{
inputFile.Seek(Constants.FileHeadersLength, SeekOrigin.Begin);
const int offset = 0;
byte[] ciphertextChunk = new byte[Constants.TotalChunkLength];
while (inputFile.Read(ciphertextChunk, offset, ciphertextChunk.Length) > 0)
{
byte[] plaintextChunk = XChaCha20BLAKE2b.Decrypt(ciphertextChunk, nonce, dataEncryptionKey, additionalData, TagLength.Medium);
nonce = Utilities.Increment(nonce);
additionalData = ChunkHandling.GetPreviousTag(ciphertextChunk);
outputFile.Write(plaintextChunk, offset, plaintextChunk.Length);
}
outputFile.SetLength(outputFile.Length - Constants.FileChunkSize + lastChunkLength);
CryptographicOperations.ZeroMemory(dataEncryptionKey);
}
public static byte[] Encrypt(byte[] fileHeader, byte[] nonce, byte[] keyEncryptionKey, byte[] additionalData)
{
return(XChaCha20BLAKE2b.Encrypt(fileHeader, nonce, keyEncryptionKey, additionalData, TagLength.Medium));
}
