private static Stream ReadAgileEncryptionInfo(TOle2File DataStream, TEncryptionData Encryption) { byte[] Enc = new byte[DataStream.Length - DataStream.Position]; DataStream.Read(Enc, Enc.Length); TEncryptionParameters DataEncParams = new TEncryptionParameters(); TAgileEncryptionKey DataKey = new TAgileEncryptionKey(); TAgileEncryptionVerifier KeyVerifier = new TAgileEncryptionVerifier(); TEncryptionParameters KeyEncParams = new TEncryptionParameters(); TAgileEncryptionKey KeyKey = new TAgileEncryptionKey(); using (MemoryStream ms = new MemoryStream(Enc)) { using (XmlReader xml = XmlReader.Create(ms)) { xml.ReadStartElement("encryption"); //goes to keyData ReadAgileCipherParams(xml, DataEncParams, DataKey); xml.ReadStartElement("keyData"); //goes to dataIntegrity //We are not checking data integrity at the moment. //DataIntegrity.EncryptedHMacKey = Convert.FromBase64String(xml.GetAttribute("encryptedHmacKey")); //DataIntegrity.EncryptedHmacValue = Convert.FromBase64String(xml.GetAttribute("encryptedHmacValue")); xml.ReadStartElement("dataIntegrity"); //goes to keyEncryptors xml.ReadStartElement("keyEncryptors"); //goes to keyEncryptor xml.ReadStartElement("keyEncryptor"); //goes to encryptedKey KeyKey.SpinCount = Convert.ToInt32(xml.GetAttribute("spinCount"), CultureInfo.InvariantCulture); ReadAgileCipherParams(xml, KeyEncParams, KeyKey); KeyVerifier.EncryptedVerifierHashInput = Convert.FromBase64String(xml.GetAttribute("encryptedVerifierHashInput")); KeyVerifier.EncryptedVerifierHashValue = Convert.FromBase64String(xml.GetAttribute("encryptedVerifierHashValue")); KeyVerifier.EncryptedKeyValue = Convert.FromBase64String(xml.GetAttribute("encryptedKeyValue")); } } CheckPassword(Encryption, KeyVerifier, KeyEncParams, KeyKey); DataKey.Key = KeyKey.Key; DataKey.Password = KeyKey.Password; DataKey.CalcDataIV(0); return(DecryptStream(DataStream, DataEncParams, DataKey)); }
private byte[] GetInfoStreamXml(AesManaged EncEngine, TEncryptionParameters EncParams, TAgileEncryptionKey KeyKey, TAgileEncryptionKey DataKey) { const string KeyEncryptorPasswordNamespace = "http://schemas.microsoft.com/office/2006/keyEncryptor/password"; using (MemoryStream ms = new MemoryStream()) { XmlWriterSettings Settings = new XmlWriterSettings(); Settings.Encoding = new System.Text.UTF8Encoding(false); using (XmlWriter xml = XmlWriter.Create(ms, Settings)) { xml.WriteStartDocument(true); xml.WriteStartElement("encryption", "http://schemas.microsoft.com/office/2006/encryption"); xml.WriteAttributeString("xmlns", "p", null, KeyEncryptorPasswordNamespace); xml.WriteStartElement("keyData"); WriteAgileCipherParams(xml, EncParams, DataKey); xml.WriteEndElement(); xml.WriteStartElement("dataIntegrity"); byte[] HMacKeyBlockKey = new byte[] { 0x5f, 0xb2, 0xad, 0x01, 0x0c, 0xb9, 0xe1, 0xf6 }; DataKey.CalcDataIV(HMacKeyBlockKey); byte[] HMacKey = TEncryptionUtils.GetRandom((int)DataKey.HashSizeBytes()); using (ICryptoTransform Encryptor = EncEngine.CreateEncryptor(DataKey.Key, DataKey.IV)) { byte[] EncryptedHMacKey = TAgileEncryptionVerifier.EncryptBytes(HMacKey, Encryptor, DataKey.BlockSize); xml.WriteAttributeString("encryptedHmacKey", Convert.ToBase64String(EncryptedHMacKey)); } HMAC HMacCalc = new HMACSHA1(HMacKey); WorkingStream.Position = 0; byte[] HMac = HMacCalc.ComputeHash(WorkingStream); byte[] HMacValBlockKey = new byte[] { 0xa0, 0x67, 0x7f, 0x02, 0xb2, 0x2c, 0x84, 0x33 }; DataKey.CalcDataIV(HMacValBlockKey); using (ICryptoTransform Encryptor = EncEngine.CreateEncryptor(DataKey.Key, DataKey.IV)) { byte[] EncryptedHMacValue = TAgileEncryptionVerifier.EncryptBytes(HMac, Encryptor, DataKey.BlockSize); xml.WriteAttributeString("encryptedHmacValue", Convert.ToBase64String(EncryptedHMacValue)); } xml.WriteEndElement(); xml.WriteStartElement("keyEncryptors"); xml.WriteStartElement("keyEncryptor"); xml.WriteAttributeString("uri", KeyEncryptorPasswordNamespace); xml.WriteStartElement("encryptedKey", KeyEncryptorPasswordNamespace); xml.WriteAttributeString("spinCount", Convert.ToString(KeyKey.SpinCount, CultureInfo.InvariantCulture)); WriteAgileCipherParams(xml, EncParams, KeyKey); byte[] RandData = TEncryptionUtils.GetRandom(KeyKey.Salt.Length); KeyKey.CalcKey(TAgileEncryptionKey.VerifierHashInputBlockKey, null); using (ICryptoTransform Encryptor = EncEngine.CreateEncryptor(KeyKey.Key, KeyKey.IV)) { byte[] EncryptedVerifierHashInput = TAgileEncryptionVerifier.EncryptBytes(RandData, Encryptor, KeyKey.BlockSize); xml.WriteAttributeString("encryptedVerifierHashInput", Convert.ToBase64String(EncryptedVerifierHashInput)); } KeyKey.CalcKey(TAgileEncryptionKey.VerifierHashValueBlockKey, null); using (ICryptoTransform Encryptor = EncEngine.CreateEncryptor(KeyKey.Key, KeyKey.IV)) { byte[] EncryptedVerifierHashValue = TAgileEncryptionVerifier.EncryptBytes(KeyKey.Hash(RandData), Encryptor, KeyKey.BlockSize); xml.WriteAttributeString("encryptedVerifierHashValue", Convert.ToBase64String(EncryptedVerifierHashValue)); } KeyKey.CalcKey(TAgileEncryptionKey.VerifierKeyValueBlockKey, null); using (ICryptoTransform Encryptor = EncEngine.CreateEncryptor(KeyKey.Key, KeyKey.IV)) { byte[] EncryptedKeyValue = TAgileEncryptionVerifier.EncryptBytes(DataKey.Key, Encryptor, KeyKey.BlockSize); xml.WriteAttributeString("encryptedKeyValue", Convert.ToBase64String(EncryptedKeyValue)); } xml.WriteEndElement(); xml.WriteEndElement(); xml.WriteEndElement(); xml.WriteEndElement(); xml.WriteEndDocument(); } return(ms.ToArray()); } }