/// <summary>
/// Decrypt data.
/// </summary>
/// <param name="req">Encrypted object and metadata.</param>
/// <param name="ret">Cleartext data.</param>
/// <param name="failureReason">Failure reason, if any.</param>
/// <returns>True if successful.</returns>
public bool Decrypt(Obj req, out byte[] ret, out string failureReason)
{
failureReason = "";
ret = null;
req.Passphrase = _Settings.Crypto.Passphrase;
req.InitVector = _Settings.Crypto.InitVector;
req.Salt = _Settings.Crypto.Salt;
req.StartTime = DateTime.Now;
string sessionKey = "";
if (!GetSessionKey(req.Ksn, out sessionKey))
{
_Logging.Log(LoggingModule.Severity.Warn, "Decrypt unable to derive session key");
failureReason = "Unable to derive session key.";
return(false);
}
req.SessionKey = sessionKey;
req.Clear = DecryptInternal(req.Cipher, req.SessionKey);
req.EndTime = DateTime.Now;
TimeSpan ts = Convert.ToDateTime(req.EndTime) - Convert.ToDateTime(req.StartTime);
req.TotalTimeMs = Convert.ToDecimal(Common.DecimalToString(Convert.ToDecimal(ts.TotalMilliseconds)));
if (req.Clear == null || req.Clear.Length < 1)
{
_Logging.Log(LoggingModule.Severity.Warn, "Decrypt null value for clear after decryption");
failureReason = "Null value for cleartext after decryption.";
return(false);
}
_Logging.Log(LoggingModule.Severity.Debug, "Decrypt decrypted " + req.Cipher.Length + " cipher bytes to " + req.Clear.Length + " clear bytes");
req.Cipher = null;
req.Passphrase = null;
req.Salt = null;
req.InitVector = null;
req.SessionKey = null;
req.Ksn = null;
ret = req.Clear;
return(true);
}
/// <summary>
/// Encrypt data.
/// </summary>
/// <param name="data">Data to encrypt.</param>
/// <param name="ret">Encrypted object and metadata.</param>
/// <param name="failureReason">Failure reason, if any.</param>
/// <returns>True if successful.</returns>
public bool Encrypt(byte[] data, out Obj ret, out string failureReason)
{
ret = new Obj();
failureReason = "";
ret.StartTime = DateTime.Now;
ret.Clear = data;
string sessionKey = "";
string ksn = "";
if (!CreateSessionKey(out sessionKey, out ksn))
{
_Logging.Log(LoggingModule.Severity.Warn, "Encrypt unable to generate session key and ksn");
failureReason = "Unable to generate session key and KSN.";
return(false);
}
ret.SessionKey = sessionKey;
ret.Ksn = ksn;
ret.Cipher = EncryptInternal(ret.Clear, ret.SessionKey);
ret.EndTime = DateTime.Now;
TimeSpan ts = Convert.ToDateTime(ret.EndTime) - Convert.ToDateTime(ret.StartTime);
ret.TotalTimeMs = Convert.ToDecimal(Common.DecimalToString(Convert.ToDecimal(ts.TotalMilliseconds)));
if (ret.Cipher == null || ret.Cipher.Length < 1)
{
_Logging.Log(LoggingModule.Severity.Warn, "Encrypt null value for cipher after encryption");
failureReason = "Null value for cipher after encryption.";
return(false);
}
ret.Clear = null;
ret.Passphrase = null;
ret.Salt = null;
ret.InitVector = null;
ret.SessionKey = null;
_Logging.Log(LoggingModule.Severity.Debug, "Encrypt encrypted " + data.Length + " clear bytes to " + ret.Cipher.Length + " cipher bytes");
return(true);
}