private TransportMessageFilterContext _decrypt(TransportMessageFilterContext context)
{
var meta = context.TransportMessage.MetaData = context.TransportMessage.MetaData ?? new MessageMetaData();
if (!meta.ContainsKey("EncryptionVector"))
{
throw new ApplicationException($"Unable to decrypt message. MetaData field EncryptionVector was null");
}
var aesIV = meta.GetBytes("EncryptionVector");
var metaKeyName = meta.EncryptionKeyName;
var keyName = _keyName ?? metaKeyName;
//if (string.IsNullOrEmpty(keyName))
// throw new ApplicationException($"Unable find AES keyName through configuration or metadata. AesEncryptionTransportFilter._keyName and MetaData.EncryptionKeyName was null. MessageType: {context.TransportMessage.MessageTypeIdentifier}");
//if (!"AES".Equals(meta.EncryptionMethod, StringComparison.OrdinalIgnoreCase))
// throw new ApplicationException($"Unable to decrypt message. Expected meta data EncryptionMethod=AES, but found {context.TransportMessage.MetaData.EncryptionMethod}");
using (Aes aes = Aes.Create())
{
var key = Convert.FromBase64String(_keyProvider.GetKey(keyName));
ICryptoTransform decryptor = aes.CreateDecryptor(key, aesIV);
using (MemoryStream stream = new MemoryStream(context.TransportMessage.Data))
{
using (CryptoStream csDecrypt = new CryptoStream(stream, decryptor, CryptoStreamMode.Read))
{
context.TransportMessage.Data = ReadFully(csDecrypt);
}
}
return(context);
}
}
private TransportMessageFilterContext _encrypt(TransportMessageFilterContext context)
{
using (Aes aes = Aes.Create())
{
var key = Convert.FromBase64String(_keyProvider.GetKey(_keyName));
aes.GenerateIV();
var aesIV = aes.IV;
ICryptoTransform encryptor = aes.CreateEncryptor(key, aesIV);
using (MemoryStream msEncrypt = new MemoryStream())
{
using (CryptoStream csEncrypt = new CryptoStream(msEncrypt, encryptor, CryptoStreamMode.Write))
{
csEncrypt.Write(context.TransportMessage.Data, 0, context.TransportMessage.Data.Length);
}
context.TransportMessage.Data = msEncrypt.ToArray();
}
var meta = context.TransportMessage.MetaData = context.TransportMessage.MetaData ?? new MessageMetaData();
meta.Encrypted = true;
meta.EncryptionKeyName = _keyName;
meta.EncryptionMethod = "AES";
meta.Add("EncryptionVector", aesIV);
return(context);
}
}
public TransportMessageFilterContext Process(TransportMessageFilterContext context)
{
if (context.TransportMessage.MessageTypeIdentifier.Equals(_messageTypeIdentifier, StringComparison.OrdinalIgnoreCase))
{
return(_innerFilter.Process(context));
}
return(context);
}
public TransportMessageFilterContext Process(TransportMessageFilterContext context)
{
if (context.Direction == FilterDirection.Outbound)
{
return(_encrypt(context));
}
else if (context.Direction == FilterDirection.Inbound)
{
return(_decrypt(context));
}
return(context);
}
