private void LoadSymmetricKey(int?version)
{
if (_symmetricKey == null || (version.HasValue && version.Value != _symmetricKey.Version))
{
SymmetricKeyService helper = new SymmetricKeyService(_baseAddress, _credentials, _certificate);
_symmetricKey = helper.LoadSymmetricKey(version);
}
}
private byte[] EncryptSymmetricKey_RSA(SymmetricKey symmKey, X509Certificate2 cert)
{
using (RSACryptoServiceProvider RSA = (RSACryptoServiceProvider)cert.PublicKey.Key)
{
var encrypt = RSA.Encrypt(symmKey.Key, false);
return(encrypt);
}
}
private SymmetricKey CreateNewAESSymmetricKeyset(int KeyLength, int ivLength)
{
if (_certificate == null)
{
throw new InvalidOperationException("Unable to create new AES keyset; Certificate not loaded.");
}
// 32 bytes (32 bytes * 8 bits in a byte == 256 bits)
byte[] symmKey = CreateCryptograhicKey(KeyLength);
// IV: 16 bytes (16 bytes * 8 bits in a byte == 128 bits) == 128 bit block size.
byte[] iv = CreateCryptograhicKey(ivLength);
SymmetricKey symmKeySet = new SymmetricKey()
{
Iv = iv, Key = symmKey
};
symmKeySet.CertificateHash = _certificate.Thumbprint;
symmKeySet.Version = 0;
// Encrypt the Symmetric Key for storage
symmKeySet.Key = EncryptSymmetricKey_RSA(symmKeySet, _certificate);
// Determine the value of the most recent row
var query = (from n in _context.SymmetricKeys
where n.PartitionKey == "P" + _certificate.Thumbprint
select n
).FirstOrDefault();
// Save to AzureTable
symmKeySet.Version = query == null ? 0 : query.Version + 1;
symmKeySet.PartitionKey = "P" + _certificate.Thumbprint;
symmKeySet.RowKey = string.Format("{0:D19}", DateTime.MaxValue.Ticks - DateTime.UtcNow.Ticks);
_context.SaveSymmetricKey(symmKeySet);
// Cleanup
// Return unencrypted value for key
symmKeySet.Key = DecryptSymmetricKey_RSA(symmKeySet, _certificate);
return(symmKeySet);
}
private void LoadSymmetricKey(int? version)
{
if (_symmetricKey == null || (version.HasValue && version.Value != _symmetricKey.Version))
{
SymmetricKeyService helper = new SymmetricKeyService(_baseAddress, _credentials, _certificate);
_symmetricKey = helper.LoadSymmetricKey(version);
}
}
private SymmetricKey CreateNewAESSymmetricKeyset(int KeyLength, int ivLength)
{
if (_certificate == null)
{
throw new InvalidOperationException("Unable to create new AES keyset; Certificate not loaded.");
}
// 32 bytes (32 bytes * 8 bits in a byte == 256 bits)
byte[] symmKey = CreateCryptograhicKey(KeyLength);
// IV: 16 bytes (16 bytes * 8 bits in a byte == 128 bits) == 128 bit block size.
byte[] iv = CreateCryptograhicKey(ivLength);
SymmetricKey symmKeySet = new SymmetricKey() { Iv = iv, Key = symmKey };
symmKeySet.CertificateHash = _certificate.Thumbprint;
symmKeySet.Version = 0;
// Encrypt the Symmetric Key for storage
symmKeySet.Key = EncryptSymmetricKey_RSA(symmKeySet, _certificate);
// Determine the value of the most recent row
var query = (from n in _context.SymmetricKeys
where n.PartitionKey == "P" + _certificate.Thumbprint
select n
).FirstOrDefault();
// Save to AzureTable
symmKeySet.Version = query == null ? 0 : query.Version + 1;
symmKeySet.PartitionKey = "P" + _certificate.Thumbprint;
symmKeySet.RowKey = string.Format("{0:D19}", DateTime.MaxValue.Ticks - DateTime.UtcNow.Ticks);
_context.SaveSymmetricKey(symmKeySet);
// Cleanup
// Return unencrypted value for key
symmKeySet.Key = DecryptSymmetricKey_RSA(symmKeySet, _certificate);
return symmKeySet;
}
private byte[] EncryptSymmetricKey_RSA(SymmetricKey symmKey, X509Certificate2 cert)
{
using (RSACryptoServiceProvider RSA = (RSACryptoServiceProvider)cert.PublicKey.Key)
{
var encrypt = RSA.Encrypt(symmKey.Key, false);
return encrypt;
}
}
private byte[] DecryptSymmetricKey_RSA(SymmetricKey encryptedValue, X509Certificate2 cert)
{
_RSA = (RSACryptoServiceProvider)cert.PrivateKey;
byte[] decrypt = _RSA.Decrypt(encryptedValue.Key, false);
return decrypt;
}
public SymmetricKey SaveSymmetricKey(SymmetricKey sKey)
{
AddObject("SymmetricKeys", sKey);
SaveChanges();
return sKey;
}
private byte[] DecryptSymmetricKey_RSA(SymmetricKey encryptedValue, X509Certificate2 cert)
{
_RSA = (RSACryptoServiceProvider)cert.PrivateKey;
byte[] decrypt = _RSA.Decrypt(encryptedValue.Key, false);
return(decrypt);
}
public SymmetricKey SaveSymmetricKey(SymmetricKey sKey)
{
AddObject("SymmetricKeys", sKey);
SaveChanges();
return(sKey);
}