internal void Register(string username, string certificateFilePath, string password, bool isExt = false)
{
X509Certificate2 cert = new X509Certificate2(certificateFilePath);
if (CertificateValidator.VerifyCertificate(cert) == false)
{
throw new Exception("Certificate is invalid.");
}
else if (CertificateValidator.VerifyKeyUsage(cert) == false)
{
throw new Exception("Certificate must have 'digitalSignature' and 'keyEncipherment' set as it's key usage.");
}
if (isExt)
{
this.data.AddExternal(username, File.ReadAllBytes(certificateFilePath));
}
else
{
this.data.AddUser(username, password, File.ReadAllBytes(certificateFilePath));
}
}
public void DecryptFile(EncryptedFile input, FileStream output, ProgressReporter reporter = null)
{
var cert = new X509Certificate2(this.sender.PublicCertificate);
if (cert == null)
{
reporter?.Log("Sender certificate error. Unable to verify integrity.");
}
else
{
reporter?.Log("Certificate located.");
if (CertificateValidator.VerifyCertificate(cert) == false)
{
reporter?.Log("Sender's certificate is INVALID. Continuing.");
}
reporter?.Log("Verifying file integrity...");
RSACryptoServiceProvider publicKeyProvider = (RSACryptoServiceProvider)cert.PublicKey.Key;
bool verifySuccess = EncryptedFileChecker.VerifySignature(input, publicKeyProvider.ExportParameters(false));
if (verifySuccess)
{
reporter?.Log("File verification: SUCCESS");
}
else
{
reporter?.Log("File verification: FAILED");
}
reporter?.SetPercentage(25);
}
reporter?.Log("Decrypting file...");
FileDecryptor decryptor = new FileDecryptor(this.currentUser.PrivateKey);
decryptor.Decrypt(input, output, reporter.SetPercentage);
reporter?.Log("File decryption complete.");
}
public UserInformation Login(string username, string password, out UserDatabase data)
{
UserDatabase dataComp = new UserDatabase(this.userDatabasePath);
var user = dataComp.GetUser(username);
if (user != null && user.IsPasswordValid(password))
{
var userCert = new X509Certificate2(user.PublicCertificate);
if (userCert == null)
{
throw new Exception("Certificate error.");
}
if (CertificateValidator.VerifyCertificate(userCert) == false)
{
throw new Exception("Certificate is invalid.");
}
byte[] keyRaw = File.ReadAllBytes(this.privateKeyPath);
var privateParameters = new KeyFileParser(keyRaw).GetParameters();
RSACryptoServiceProvider publicKeyProvider = (RSACryptoServiceProvider)userCert.PublicKey.Key;
if (!RsaMachine.AreKeysMatched(publicKeyProvider.ExportParameters(false), privateParameters))
{
throw new Exception("The given private key does not match this user's certificate.");
}
data = dataComp;
return(new UserInformation(user, privateParameters));
}
else
{
throw new Exception("Invalid username or password.");
}
}
