Esempio n. 1
0
        public override void Load(Stream stream)
        {
            byte[] encryptedData;
            using (MemoryStream memoryStream = new MemoryStream())
            {
                stream.CopyTo(memoryStream);
                encryptedData = memoryStream.ToArray();
            }

            var base64Array = Encoding.UTF8.GetString(encryptedData).Split('.');

            var sessionKeyBlob = Convert.FromBase64String(base64Array[0]);

            var encryptedConfigData = Convert.FromBase64String(base64Array[1]);

            var sessionKey = SessionKeyContainer.FromBlob(sessionKeyBlob);

            var hybridDecryption = HybridDecryption.Create(_containerName, _signatureKey);

            var data = hybridDecryption.DecryptData(sessionKey, encryptedConfigData);

            using (MemoryStream memoryStream = new MemoryStream(data))
            {
                var configurationFileParser = new JsonConfigurationFileParser();
                this.Data = configurationFileParser.Parse(memoryStream);
            }
        }
Esempio n. 2
0
        public void GivenEncryptionKeyBlob_WhenImportingKey_ThenImportsSessionKeyCorrectly()
        {
            RandomNumberGenerator random = new RNGCryptoServiceProvider();

            var data       = File.ReadAllBytes("appsettings.json");
            var sessionKey = new byte[32];
            var iv         = new byte[16];

            random.GetBytes(sessionKey);
            random.GetBytes(iv);

            (SessionKeyContainer key, byte[] encryptedData)encryptedResult = _hybridEncryption.EncryptData(sessionKey, data, iv);

            var key = encryptedResult.key;

            var keyBlob = key.ExportToBlob();

            var keyFromBlob = SessionKeyContainer.FromBlob(keyBlob);

            Assert.That(keyFromBlob.SessionKey, Is.EqualTo(key.SessionKey));
        }
Esempio n. 3
0
        public void GivenEncryptingData_WhenDecryptingData_FromImportedKey_ThenDataIsDecrypted()
        {
            RandomNumberGenerator random = new RNGCryptoServiceProvider();

            var data       = new byte[512];
            var sessionKey = new byte[32];
            var iv         = new byte[16];

            random.GetBytes(sessionKey);
            random.GetBytes(iv);
            random.GetBytes(data);

            (SessionKeyContainer key, byte[] encryptedData)encryptedResult = _hybridEncryption.EncryptData(sessionKey, data, iv);

            var keyBlob = encryptedResult.key.ExportToBlob();

            var keyFromBlob = SessionKeyContainer.FromBlob(keyBlob);

            var decryptedData = _hybridDecryption.DecryptData(keyFromBlob, encryptedResult.encryptedData);

            Assert.That(decryptedData, Is.EqualTo(data));
        }
Esempio n. 4
0
        public byte[] DecryptData(SessionKeyContainer sessionKeyContainer, byte[] data)
        {
            var decryptedSessionKey = _asymmetricKeyEncryption.DecryptData(sessionKeyContainer.SessionKey);

            using (var hmac = new HMACSHA256(decryptedSessionKey))
            {
                var hmacToCheck = hmac.ComputeHash(data);

                if (!Compare(sessionKeyContainer.HMACHash, hmacToCheck))
                {
                    throw new CryptographicException("HMAC signatures do not match");
                }

                if (!_digitalSignature.VerifyData(sessionKeyContainer.HMACHash, sessionKeyContainer.Signature))
                {
                    throw new CryptographicException("Signatures cannot be verified");
                }
            }

            var decryptedData = _symmetricKeyEncryption.Decrypt(data, decryptedSessionKey, sessionKeyContainer.IV);

            return(decryptedData);
        }