private static void UsingPublicKey(string inputFilePath, byte[] sharedSecret, byte[] recipientPublicKey) { try { bool fileIsDirectory = FileHandling.IsDirectory(inputFilePath); if (fileIsDirectory) { DirectoryEncryption.UsingPublicKey(inputFilePath, sharedSecret, recipientPublicKey); return; } // Derive a unique KEK per file (byte[] ephemeralSharedSecret, byte[] ephemeralPublicKey) = KeyExchange.GetEphemeralSharedSecret(recipientPublicKey); byte[] salt = Generate.Salt(); byte[] keyEncryptionKey = Generate.KeyEncryptionKey(sharedSecret, ephemeralSharedSecret, salt); string outputFilePath = GetOutputFilePath(inputFilePath); EncryptFile.Initialize(inputFilePath, outputFilePath, ephemeralPublicKey, salt, keyEncryptionKey); Utilities.ZeroArray(keyEncryptionKey); EncryptionSuccessful(inputFilePath, outputFilePath); } catch (Exception ex) when(ExceptionFilters.FileAccess(ex)) { Logging.LogException(ex.ToString(), Logging.Severity.Error); DisplayMessage.FilePathException(inputFilePath, ex.GetType().Name, "Unable to encrypt the file."); } }
private static void UsingPassword(string inputFilePath, byte[] passwordBytes) { try { bool fileIsDirectory = FileHandling.IsDirectory(inputFilePath); if (fileIsDirectory) { DirectoryEncryption.UsingPassword(inputFilePath, passwordBytes); return; } // Derive a unique KEK per file byte[] salt = Generate.Salt(); byte[] keyEncryptionKey = Argon2.DeriveKey(passwordBytes, salt); // Fill unused header with random public key byte[] ephemeralPublicKey = Generate.EphemeralPublicKeyHeader(); string outputFilePath = GetOutputFilePath(inputFilePath); EncryptFile.Initialize(inputFilePath, outputFilePath, ephemeralPublicKey, salt, keyEncryptionKey); CryptographicOperations.ZeroMemory(keyEncryptionKey); EncryptionSuccessful(inputFilePath, outputFilePath); } catch (Exception ex) when(ExceptionFilters.Cryptography(ex)) { DisplayMessage.FilePathException(inputFilePath, ex.GetType().Name, "Unable to encrypt the file."); } }
private static void UsingPassword(string inputFilePath, byte[] passwordBytes) { try { bool fileIsDirectory = FileHandling.IsDirectory(inputFilePath); if (fileIsDirectory) { DirectoryEncryption.UsingPassword(inputFilePath, passwordBytes); return; } // Derive a unique KEK per file byte[] salt = Generate.Salt(); byte[] keyEncryptionKey = Argon2.DeriveKey(passwordBytes, salt); // Fill the ephemeral public key header with random key (since not in use) byte[] randomEphemeralPublicKeyHeader = Generate.EphemeralPublicKeyHeader(); string outputFilePath = GetOutputFilePath(inputFilePath); EncryptFile.Initialize(inputFilePath, outputFilePath, randomEphemeralPublicKeyHeader, salt, keyEncryptionKey); Utilities.ZeroArray(keyEncryptionKey); EncryptionSuccessful(inputFilePath, outputFilePath); } catch (Exception ex) when(ExceptionFilters.FileAccess(ex)) { Logging.LogException(ex.ToString(), Logging.Severity.Error); DisplayMessage.FilePathException(inputFilePath, ex.GetType().Name, "Unable to encrypt the file."); } }
private static void UsingPrivateKey(string inputFilePath, byte[] privateKey) { try { bool fileIsDirectory = FileHandling.IsDirectory(inputFilePath); if (fileIsDirectory) { DirectoryEncryption.UsingPrivateKey(inputFilePath, privateKey); return; } // Derive a unique KEK per file byte[] ephemeralSharedSecret = KeyExchange.GetPrivateKeySharedSecret(privateKey, out byte[] ephemeralPublicKey); byte[] salt = Generate.Salt(); byte[] keyEncryptionKey = Generate.KeyEncryptionKey(ephemeralSharedSecret, salt); string outputFilePath = GetOutputFilePath(inputFilePath); EncryptFile.Initialize(inputFilePath, outputFilePath, ephemeralPublicKey, salt, keyEncryptionKey); CryptographicOperations.ZeroMemory(keyEncryptionKey); EncryptionSuccessful(inputFilePath, outputFilePath); } catch (Exception ex) when(ExceptionFilters.Cryptography(ex)) { DisplayMessage.FilePathException(inputFilePath, ex.GetType().Name, "Unable to encrypt the file."); } }