Esempio n. 1
0
        /// <summary>
        /// Encrypt SD data with exchange key.
        /// </summary>
        /// <param name="plaintextList"></param>
        /// <param name="cert">Exchange key</param>
        /// <returns></returns>
        public SecurityDomainRestoreData EncryptForRestore(PlaintextList plaintextList, X509Certificate2 cert)
        {
            try
            {
                SecurityDomainRestoreData securityDomainRestoreData = new SecurityDomainRestoreData();
                securityDomainRestoreData.EncData.kdf = "sp108_kdf";

                byte[] master_key = Utils.GetRandom(32);

                foreach (Plaintext p in plaintextList.list)
                {
                    Datum      datum   = new Datum();
                    HMACSHA512 hmac    = new HMACSHA512();
                    byte[]     enc_key = KDF.sp800_108(master_key, p.tag, "", hmac, 512);

                    datum.tag = p.tag;
                    JWE jwe = new JWE();
                    jwe.Encrypt(enc_key, p.plaintext, "A256CBC-HS512", p.tag);
                    datum.compact_jwe = jwe.EncodeCompact();
                    securityDomainRestoreData.EncData.data.Add(datum);
                }

                // Now go make the wrapped key
                JWE jwe_wrapped = new JWE();
                jwe_wrapped.Encrypt(cert, master_key);
                securityDomainRestoreData.WrappedKey.enc_key = jwe_wrapped.EncodeCompact();
                securityDomainRestoreData.WrappedKey.x5t_256 = Base64UrlEncoder.Encode(Utils.Sha256Thumbprint(cert));
                return(securityDomainRestoreData);
            }
            catch (Exception ex)
            {
                throw new Exception("Failed to encrypt security domain data for restoring.", ex);
            }
        }
Esempio n. 2
0
        public void LoadKey(KeyPath path)
        {
            CertKey certKey = new CertKey();

            certKey.Load(path);
            string encodedThumbprint = Base64UrlEncoder.Encode(certKey.GetThumbprint());

            _keys.Add(encodedThumbprint, certKey);
        }
Esempio n. 3
0
        public void EncodeHeader()
        {
            string header_json = JsonConvert.SerializeObject(
                protected_header,
                Formatting.None,
                new JsonSerializerSettings {
                NullValueHandling = NullValueHandling.Ignore
            });

            encoded_header = Base64UrlEncoder.Encode(header_json);
        }
Esempio n. 4
0
 void SetExponent(byte[] exp)
 {
     e = Base64UrlEncoder.Encode(exp);
 }
Esempio n. 5
0
 void SetX5t256(X509Certificate2 cert)
 {
     x5t_S256 = Base64UrlEncoder.Encode(Utils.Sha256Thumbprint(cert));
 }
Esempio n. 6
0
 void SetX5t(X509Certificate2 cert)
 {
     x5t = Base64UrlEncoder.Encode(ToByteArray(cert.Thumbprint));
 }
Esempio n. 7
0
 void SetModulus(byte[] modulus)
 {
     n = Base64UrlEncoder.Encode(modulus);
 }