private void TestEncryptProcessArguments(PlainDataContainer pdc)
{
PlainFileKey pfk = TestUtilities.ReadTestResource <PlainFileKey>(TestResources.plain_file_key);
FileEncryptionCipher encCipher = Crypto.CreateFileEncryptionCipher(pfk);
encCipher.ProcessBytes(pdc);
}
private EncryptedFileKey TestEncryptFileKey(byte[] plainFileKeyResource, byte[] userPublicKeyResource)
{
PlainFileKey pfk = TestUtilities.ReadTestResource <PlainFileKey>(plainFileKeyResource);
UserPublicKey upk = TestUtilities.ReadTestResource <UserPublicKey>(userPublicKeyResource);
return(Crypto.EncryptFileKey(pfk, upk));
}
public void TestEncryptMultiBlock_Success()
{
PlainFileKey pfk = TestUtilities.ReadTestResource <PlainFileKey>(TestResources.plain_file_key);
byte[] ft = Convert.FromBase64String(pfk.Tag);
byte[] pfc = Convert.FromBase64String(TestResources.plain_file);
byte[] efc = Convert.FromBase64String(TestResources.enc_file);
FileEncryptionCipher encCipher = Crypto.CreateFileEncryptionCipher(pfk);
using (MemoryStream output = new MemoryStream()) {
using (MemoryStream input = new MemoryStream(pfc)) {
byte[] buffer = new byte[16];
int bytesRead;
while ((bytesRead = input.Read(buffer, 0, buffer.Length)) != 0)
{
byte[] blockBytes = new byte[bytesRead];
Array.Copy(buffer, blockBytes, bytesRead);
EncryptedDataContainer currentEdc = encCipher.ProcessBytes(new PlainDataContainer(blockBytes));
output.Write(currentEdc.Content, 0, currentEdc.Content.Length);
}
}
EncryptedDataContainer testEdc = encCipher.DoFinal();
output.Write(testEdc.Content, 0, testEdc.Content.Length);
byte[] testFt = testEdc.Tag;
byte[] testEfc = output.ToArray();
CollectionAssert.AreEqual(efc, testEfc, "File content does not match!");
CollectionAssert.AreEqual(ft, testFt, "File tag does not match!");
}
}
/// <summary>
/// Encrypts a file key.
/// </summary>
/// <param name="plainFileKey">The file key to encrypt.</param>
/// <param name="userPublicKey">The public key which should be used for the encryption.</param>
/// <returns>The encrypted file key.</returns>
/// <exception cref="Dracoon.Crypto.Sdk.InvalidFileKeyException">If the provided file key is invalid.</exception>
/// <exception cref="Dracoon.Crypto.Sdk.InvalidKeyPairException">If the provided public key is invalid.</exception>
/// <exception cref="Dracoon.Crypto.Sdk.CryptoException">If an unexpected error occured.</exception>
public static EncryptedFileKey EncryptFileKey(PlainFileKey plainFileKey, UserPublicKey userPublicKey)
{
ValidatePlainFileKey(plainFileKey);
ValidateUserPublicKey(userPublicKey);
AsymmetricKeyParameter pubKey = ConvertPublicKey(userPublicKey.PublicKey);
byte[] eFileKey;
try {
OaepEncoding engine = new OaepEncoding(new RsaEngine(), new Sha256Digest(), new Sha1Digest(), null);
engine.Init(true, pubKey);
byte[] pFileKey = Convert.FromBase64String(plainFileKey.Key);
eFileKey = engine.ProcessBlock(pFileKey, 0, pFileKey.Length);
} catch (Exception e) {
throw new CryptoException("Could not encrypt file key. Encryption failed.", e);
}
EncryptedFileKey encFileKey = new EncryptedFileKey()
{
Key = Convert.ToBase64String(eFileKey),
Iv = plainFileKey.Iv,
Tag = plainFileKey.Tag,
Version = plainFileKey.Version
};
return(encFileKey);
}
/// <summary>
/// Decrypts a file key.
/// </summary>
/// <param name="encFileKey">The file key to decrypt.</param>
/// <param name="userPrivateKey">The private key which should be used for the decryption.</param>
/// <param name="password">The password which secures the private key.</param>
/// <returns>The decrypted file key.</returns>
/// <exception cref="Dracoon.Crypto.Sdk.InvalidFileKeyException">If the provided encrypted file key is invalid.</exception>
/// <exception cref="Dracoon.Crypto.Sdk.InvalidKeyPairException">If the provided private key is invalid.</exception>
/// <exception cref="Dracoon.Crypto.Sdk.InvalidPasswordException">If the provided private key password is invalid</exception>
/// <exception cref="Dracoon.Crypto.Sdk.CryptoException">If an unexpected error in the decryption occured.</exception>
public static PlainFileKey DecryptFileKey(EncryptedFileKey encFileKey, UserPrivateKey userPrivateKey, string password)
{
ValidateEncryptedFileKey(encFileKey);
ValidateUserPrivateKey(userPrivateKey);
ValidatePassword(password);
AsymmetricKeyParameter privateKey = DecryptPrivateKey(userPrivateKey.PrivateKey, password);
byte[] dFileKey;
try {
OaepEncoding engine = new OaepEncoding(new RsaEngine(), new Sha256Digest(), new Sha1Digest(), null);
engine.Init(false, privateKey);
byte[] eFileKey = Convert.FromBase64String(encFileKey.Key);
dFileKey = engine.ProcessBlock(eFileKey, 0, eFileKey.Length);
} catch (InvalidCipherTextException e) {
throw new CryptoException("Could not decrypt file key. Decryption failed.", e);
}
PlainFileKey plainFileKey = new PlainFileKey()
{
Key = Convert.ToBase64String(dFileKey),
Iv = encFileKey.Iv,
Tag = encFileKey.Tag,
Version = encFileKey.Version
};
return(plainFileKey);
}
private void TestDecryptDoFinalArguments(EncryptedDataContainer edc)
{
PlainFileKey pfk = TestUtilities.ReadTestResource <PlainFileKey>(TestResources.plain_file_key);
FileDecryptionCipher decCipher = Crypto.CreateFileDecryptionCipher(pfk);
decCipher.DoFinal(edc);
}
//[TestMethod()]
public void TestEnDecryption()
{
PlainFileKey generatedFK = Crypto.GenerateFileKey();
byte[] plainFileBytes = Encoding.UTF8.GetBytes("Dinge die ich jetzt testen will.");
// Encrypt text
PlainDataContainer plainDC = new PlainDataContainer(plainFileBytes);
FileEncryptionCipher encCipher = Crypto.CreateFileEncryptionCipher(generatedFK);
EncryptedDataContainer encryptedResult;
using (MemoryStream ms = new MemoryStream()) {
EncryptedDataContainer encryptedDC = encCipher.ProcessBytes(plainDC);
ms.Write(encryptedDC.Content, 0, encryptedDC.Content.Length);
encryptedDC = encCipher.DoFinal();
ms.Write(encryptedDC.Content, 0, encryptedDC.Content.Length);
encryptedResult = new EncryptedDataContainer(ms.ToArray(), encryptedDC.Tag);
}
generatedFK.Tag = Convert.ToBase64String(encryptedResult.Tag);
// Decrypt text
FileDecryptionCipher decCipher = Crypto.CreateFileDecryptionCipher(generatedFK);
PlainDataContainer decryptedResult;
using (MemoryStream ms = new MemoryStream()) {
PlainDataContainer decryptedDC = decCipher.ProcessBytes(new EncryptedDataContainer(encryptedResult.Content, null));
ms.Write(decryptedDC.Content, 0, decryptedDC.Content.Length);
decryptedDC = decCipher.DoFinal(new EncryptedDataContainer(null, Convert.FromBase64String(generatedFK.Tag)));
ms.Write(decryptedDC.Content, 0, decryptedDC.Content.Length);
decryptedResult = new PlainDataContainer(ms.ToArray());
}
System.Diagnostics.Debug.WriteLine("Result: " + Encoding.UTF8.GetString(decryptedResult.Content));
}
private void HandlePendingMissingFileKeys(ApiMissingFileKeys missingFileKeys, UserPrivateKey thisUserPrivateKey)
{
if (missingFileKeys == null || missingFileKeys.Items.Count == 0)
{
return;
}
Dictionary <long, UserPublicKey> userPublicKeys = UserMapper.ConvertApiUserIdPublicKeys(missingFileKeys.UserPublicKey);
Dictionary <long, PlainFileKey> plainFileKeys = GeneratePlainFileKeyMap(missingFileKeys.FileKeys, thisUserPrivateKey);
ApiSetUserFileKeysRequest setUserFileKeysRequest = new ApiSetUserFileKeysRequest {
Items = new List <ApiSetUserFileKey>(missingFileKeys.UserPublicKey.Count)
};
foreach (ApiUserIdFileId currentMissingFileKey in missingFileKeys.Items)
{
UserPublicKey currentUsersPublicKey = userPublicKeys[currentMissingFileKey.UserId];
PlainFileKey currentPlainFileKey = plainFileKeys[currentMissingFileKey.FileId];
EncryptedFileKey currentEncryptedFileKey = EncryptFileKey(currentPlainFileKey, currentUsersPublicKey, currentMissingFileKey.FileId);
ApiSetUserFileKey newRequestEntry = new ApiSetUserFileKey {
FileId = currentMissingFileKey.FileId,
UserId = currentMissingFileKey.UserId,
FileKey = FileMapper.ToApiFileKey(currentEncryptedFileKey)
};
setUserFileKeysRequest.Items.Add(newRequestEntry);
}
IRestRequest restRequest = _client.Builder.PostMissingFileKeys(setUserFileKeysRequest);
_client.Executor.DoSyncApiCall <VoidResponse>(restRequest, RequestType.PostMissingFileKeys);
}
private EncryptedFileKey EncryptFileKey(PlainFileKey plainFileKey)
{
try {
return(Crypto.Sdk.Crypto.EncryptFileKey(plainFileKey, _userPublicKey));
} catch (CryptoException ce) {
string message = "Encryption of file key for upload " + ActionId + " failed!";
DracoonClient.Log.Debug(LogTag, message);
throw new DracoonCryptoException(CryptoErrorMapper.ParseCause(ce));
}
}
/// <summary>
/// Checks the file key for file encryption.
/// </summary>
/// <param name="fileKey">The file key to check.</param>
/// <exception cref="Dracoon.Crypto.Sdk.InvalidFileKeyException"/>
private static void ValidatePlainFileKey(PlainFileKey fileKey)
{
if (fileKey == null)
{
throw new InvalidFileKeyException("File key cannot be null.");
}
if (fileKey.Version == null || !fileKey.Version.Equals(CryptoConstants.defaultVersion))
{
throw new InvalidFileKeyException("Unknown file key version.");
}
}
public void TestDecryptFileKey_Success()
{
string pw = "Pass1234!";
PlainFileKey pfk = TestUtilities.ReadTestResource <PlainFileKey>(TestResources.plain_file_key);
PlainFileKey testPfk = TestDecryptFileKey(TestResources.enc_file_key, TestResources.private_key, pw);
Assert.AreEqual(pfk.Key, testPfk.Key, "File key is incorrect!");
Assert.AreEqual(pfk.Iv, testPfk.Iv, "Initialization vector is incorrect!");
Assert.AreEqual(pfk.Tag, testPfk.Tag, "Tag is incorrect!");
Assert.AreEqual(pfk.Version, testPfk.Version, "Version is incorrect!");
}
internal EncryptedFileKey EncryptFileKey(PlainFileKey plainFileKey, UserPublicKey userPublicKey, long?nodeId = null)
{
try {
return(Crypto.Sdk.Crypto.EncryptFileKey(plainFileKey, userPublicKey));
} catch (CryptoException ce) {
string message = "Encryption file key for node " + (nodeId.HasValue ? nodeId.Value.ToString() : "NULL") + " failed with " +
ce.Message;
DracoonClient.Log.Debug(Logtag, message);
throw new DracoonCryptoException(CryptoErrorMapper.ParseCause(ce));
}
}
protected FileCipher(bool forEncryption, PlainFileKey fileKey)
{
try {
byte[] key = Convert.FromBase64String(fileKey.Key);
byte[] iv = Convert.FromBase64String(fileKey.Iv);
AeadParameters parameters = new AeadParameters(new KeyParameter(key), 8 * tagSize, iv);
realCipher = new GcmBlockCipher(new AesEngine());
realCipher.Init(forEncryption, parameters);
} catch (Exception e) {
throw new CryptoSystemException("Could not create " + (forEncryption ? "encryption" : "decryption") + " ciper.", e);
}
}
private PlainDataContainer TestDecryptSingleBlock(PlainFileKey pfk, EncryptedDataContainer edc)
{
FileDecryptionCipher decryptCipher = Crypto.CreateFileDecryptionCipher(pfk);
using (MemoryStream ms = new MemoryStream()) {
PlainDataContainer pdc = decryptCipher.ProcessBytes(new EncryptedDataContainer(edc.Content, null));
ms.Write(pdc.Content, 0, pdc.Content.Length);
pdc = decryptCipher.DoFinal(new EncryptedDataContainer(null, edc.Tag));
ms.Write(pdc.Content, 0, pdc.Content.Length);
return(new PlainDataContainer(ms.ToArray()));
}
}
public void TestEncryptSingleBlock_DifferentContent()
{
PlainFileKey pfk = TestUtilities.ReadTestResource <PlainFileKey>(TestResources.plain_file_key);
byte[] pfc = Convert.FromBase64String(TestResources.plain_file_modified);
byte[] efc = Convert.FromBase64String(TestResources.enc_file);
PlainDataContainer testPdc = new PlainDataContainer(pfc);
EncryptedDataContainer testEdc = TestEncryptSingleBlock(pfk, testPdc);
CollectionAssert.AreNotEqual(efc, testEdc.Content, "File content does match!");
}
public void TestEncryptSingleBlock_DifferentTag()
{
PlainFileKey pfk = TestUtilities.ReadTestResource <PlainFileKey>(TestResources.plain_file_key_bad_tag);
byte[] ft = Convert.FromBase64String(pfk.Tag);
byte[] pfc = Convert.FromBase64String(TestResources.plain_file);
PlainDataContainer testPdc = new PlainDataContainer(pfc);
EncryptedDataContainer testEdc = TestEncryptSingleBlock(pfk, testPdc);
CollectionAssert.AreNotEqual(ft, testEdc.Tag, "File tag does not match!");
}
private EncryptedDataContainer TestEncryptSingleBlock(PlainFileKey pfk, PlainDataContainer pdc)
{
FileEncryptionCipher encCipher = Crypto.CreateFileEncryptionCipher(pfk);
using (MemoryStream output = new MemoryStream()) {
EncryptedDataContainer currentEdc = encCipher.ProcessBytes(pdc);
output.Write(currentEdc.Content, 0, currentEdc.Content.Length);
currentEdc = encCipher.DoFinal();
output.Write(currentEdc.Content, 0, currentEdc.Content.Length);
return(new EncryptedDataContainer(output.ToArray(), currentEdc.Tag));
}
}
public void TestEncryptFileKey_Success()
{
EncryptedFileKey efk = TestUtilities.ReadTestResource <EncryptedFileKey>(TestResources.enc_file_key);
EncryptedFileKey testEfk = TestEncryptFileKey(TestResources.plain_file_key, TestResources.public_key);
PlainFileKey pfk = TestUtilities.ReadTestResource <PlainFileKey>(TestResources.plain_file_key);
PlainFileKey testPfk = Crypto.DecryptFileKey(testEfk, TestUtilities.ReadTestResource <UserPrivateKey>(TestResources.private_key), "Pass1234!");
Assert.AreEqual(pfk.Key, testPfk.Key, "File key is incorrect!");
Assert.AreEqual(efk.Iv, testEfk.Iv, "Initialization vector is incorrect!");
Assert.AreEqual(efk.Tag, testEfk.Tag, "Tag is incorrect!");
Assert.AreEqual(efk.Version, testEfk.Version, "Version is incorrect!");
}
private Dictionary <long, PlainFileKey> GeneratePlainFileKeyMap(List <ApiFileIdFileKey> fileIdFileKeys, UserPrivateKey thisUserPrivateKey)
{
Dictionary <long, PlainFileKey> plainFileKeys = new Dictionary <long, PlainFileKey>(fileIdFileKeys.Count);
foreach (ApiFileIdFileKey currentEncryptedFileKey in fileIdFileKeys)
{
EncryptedFileKey encryptedFileKey = FileMapper.FromApiFileKey(currentEncryptedFileKey.FileKeyContainer);
PlainFileKey decryptedFileKey = DecryptFileKey(encryptedFileKey, thisUserPrivateKey, currentEncryptedFileKey.FileId);
plainFileKeys.Add(currentEncryptedFileKey.FileId, decryptedFileKey);
}
return(plainFileKeys);
}
private void EncryptedDownload(Uri downloadUri, PlainFileKey plainFileKey)
{
FileDecryptionCipher cipher;
try {
cipher = Crypto.Sdk.Crypto.CreateFileDecryptionCipher(plainFileKey);
} catch (CryptoException ce) {
string message = "Creation of decryption engine for encrypted download " + ActionId + " failed!";
DracoonClient.Log.Debug(Logtag, message);
throw new DracoonCryptoException(CryptoErrorMapper.ParseCause(ce), ce);
}
try {
ProgressReportTimer = Stopwatch.StartNew();
long downloadedByteCount = 0;
while (downloadedByteCount < AssociatedNode.Size.GetValueOrDefault(0))
{
byte[] chunk = DownloadChunk(downloadUri, downloadedByteCount, AssociatedNode.Size.GetValueOrDefault(0));
EncryptedDataContainer encryptedContainer = new EncryptedDataContainer(chunk, null);
PlainDataContainer plainContainer = cipher.ProcessBytes(encryptedContainer);
OutputStream.Write(plainContainer.Content, 0, plainContainer.Content.Length);
downloadedByteCount += chunk.Length;
}
byte[] encryptionTag = Convert.FromBase64String(plainFileKey.Tag);
EncryptedDataContainer tagContainer = new EncryptedDataContainer(null, encryptionTag);
PlainDataContainer finalContainer = cipher.DoFinal(tagContainer);
OutputStream.Write(finalContainer.Content, 0, finalContainer.Content.Length);
if (LastNotifiedProgressValue != downloadedByteCount)
{
// Notify 100 percent progress
NotifyProgress(ActionId, downloadedByteCount, AssociatedNode.Size.GetValueOrDefault(0));
}
} catch (CryptoException ce) {
const string message = "Decryption of file failed while downloading!";
DracoonClient.Log.Debug(Logtag, message);
throw new DracoonFileIOException(message, ce);
} catch (IOException ioe) {
if (IsInterrupted)
{
throw new ThreadInterruptedException();
}
const string message = "Write to stream failed!";
DracoonClient.Log.Debug(Logtag, message);
throw new DracoonFileIOException(message, ioe);
} finally {
ProgressReportTimer.Stop();
}
}
public void TestDecryptSingleBlock_ModifiedContent()
{
PlainFileKey pfk = TestUtilities.ReadTestResource <PlainFileKey>(TestResources.plain_file_key);
byte[] ft = Convert.FromBase64String(pfk.Tag);
byte[] efc = Convert.FromBase64String(TestResources.enc_file_modified);
EncryptedDataContainer testEdc = new EncryptedDataContainer(efc, ft);
try {
TestDecryptSingleBlock(pfk, testEdc);
} catch (BadFileException) {
return;
}
Assert.Fail();
}
public void TestDecryptSingleBlock_Success()
{
PlainFileKey pfk = TestUtilities.ReadTestResource <PlainFileKey>(TestResources.plain_file_key);
byte[] fileTag = Convert.FromBase64String(pfk.Tag);
byte[] ef = Convert.FromBase64String(TestResources.enc_file);
byte[] pf = Convert.FromBase64String(TestResources.plain_file);
EncryptedDataContainer testEdc = new EncryptedDataContainer(ef, fileTag);
PlainDataContainer testPdc = TestDecryptSingleBlock(pfk, testEdc);
System.Diagnostics.Debug.WriteLine(Convert.ToBase64String(testPdc.Content));
System.Diagnostics.Debug.WriteLine(Convert.ToBase64String(pf));
CollectionAssert.AreEqual(pf, testPdc.Content, "File content does not match!");
}
/// <summary>
/// Decrypts some bytes.
/// </summary>
/// <param name="fileKey">The file key to use.</param>
/// <param name="data">The encrypted bytes.</param>
/// <returns>Plain bytes.</returns>
private static byte[] DecryptData(PlainFileKey fileKey, byte[] data)
{
// !!! This method is an example for decryption. Like the method 'encryptData(...)', it uses
// byte array streams for input and output. However, any kind of stream
// (e.g. FileInputStream) could be used here.
FileDecryptionCipher cipher = Crypto.CreateFileDecryptionCipher(fileKey);
byte[] decData;
using (MemoryStream is2 = new MemoryStream(data))
{
using (MemoryStream os = new MemoryStream())
{
byte[] buffer = new byte[BLOCK_SIZE];
int count;
try
{
PlainDataContainer pDataContainer;
// Decrypt blocks
while ((count = is2.Read(buffer, 0, buffer.Length)) > 0)
{
byte[] eData = createByteArray(buffer, count);
pDataContainer = cipher.ProcessBytes(new EncryptedDataContainer(eData, null));
os.Write(pDataContainer.Content, 0, pDataContainer.Content.Length);
}
// Complete decryption
byte[] tag = Convert.FromBase64String(fileKey.Tag);
pDataContainer = cipher.DoFinal(new EncryptedDataContainer(null, tag));
os.Write(pDataContainer.Content, 0, pDataContainer.Content.Length);
decData = os.ToArray();
}
catch (IOException e)
{
throw new Exception("Error while reading/writing data!", e);
}
catch (CryptoException e)
{
throw new Exception("Error while decrypting data!", e);
}
}
}
return(decData);
}
/// <summary>
/// Encrypts some bytes.
/// </summary>
/// <param name="fileKey">The file key to use.</param>
/// <param name="data">The plain bytes.</param>
/// <returns>Encrypted bytes.</returns>
private static byte[] EncryptData(PlainFileKey fileKey, byte[] data)
{
// !!! This method is an example for encryption. It uses byte array streams for input and
// output. However, any kind of stream (e.g. FileInputStream) could be used here.
FileEncryptionCipher cipher = Crypto.CreateFileEncryptionCipher(fileKey);
byte[] encData;
using (Stream is2 = new MemoryStream(data))
{
using (MemoryStream os = new MemoryStream())
{
byte[] buffer = new byte[BLOCK_SIZE];
int count;
try
{
EncryptedDataContainer eDataContainer;
// Encrypt blocks
while ((count = is2.Read(buffer, 0, buffer.Length)) > 0)
{
byte[] pData = createByteArray(buffer, count);
eDataContainer = cipher.ProcessBytes(new PlainDataContainer(pData));
os.Write(eDataContainer.Content, 0, eDataContainer.Content.Length);
}
// Complete encryption
eDataContainer = cipher.DoFinal();
os.Write(eDataContainer.Content, 0, eDataContainer.Content.Length);
String tag = Convert.ToBase64String(eDataContainer.Tag);
fileKey.Tag = tag;
encData = os.ToArray();
}
catch (IOException e)
{
throw new Exception("Error while reading/writing data!", e);
}
catch (CryptoException e)
{
throw new Exception("Error while encrypting data!", e);
}
}
}
return(encData);
}
private void EncryptedUpload(ref PlainFileKey plainFileKey)
{
DracoonClient.Log.Debug(LogTag, "Uploading file [" + FileUploadRequest.Name + "] in encrypted proxied way.");
FileEncryptionCipher cipher;
try {
cipher = Crypto.Sdk.Crypto.CreateFileEncryptionCipher(plainFileKey);
} catch (CryptoException ce) {
string message = "Creation of encryption engine for encrypted upload " + ActionId + " failed!";
DracoonClient.Log.Debug(LogTag, message);
throw new DracoonCryptoException(CryptoErrorMapper.ParseCause(ce));
}
try {
long uploadedByteCount = 0;
byte[] buffer = new byte[DracoonClient.HttpConfig.ChunkSize];
int bytesRead = 0;
while ((bytesRead = InputStream.Read(buffer, 0, buffer.Length)) > 0)
{
EncryptedDataContainer encryptedContainer = EncryptChunk(cipher, bytesRead, buffer, false);
ProcessEncryptedChunk(new Uri(UploadToken.UploadUrl), encryptedContainer, uploadedByteCount, cipher, false);
uploadedByteCount += encryptedContainer.Content.Length;
}
EncryptedDataContainer finalEncryptedContainer = EncryptChunk(cipher, bytesRead, buffer, true);
plainFileKey.Tag = ProcessEncryptedChunk(new Uri(UploadToken.UploadUrl), finalEncryptedContainer, uploadedByteCount, cipher, true);
uploadedByteCount += finalEncryptedContainer.Content.Length;
if (LastNotifiedProgressValue != uploadedByteCount)
{
// Notify 100 percent progress
NotifyProgress(ActionId, uploadedByteCount, OptionalFileSize);
}
} catch (IOException ioe) {
if (IsInterrupted)
{
throw new ThreadInterruptedException();
}
string message = "Read from stream failed!";
DracoonClient.Log.Debug(LogTag, message);
throw new DracoonFileIOException(message, ioe);
} finally {
ProgressReportTimer?.Stop();
}
}
static void Main(String[] args)
{
// --- INITIALIZATION ---
// Generate key pair
UserKeyPair userKeyPair = Crypto.GenerateUserKeyPair(USER_PASSWORD);
// Check key pair
if (!Crypto.CheckUserKeyPair(userKeyPair, USER_PASSWORD))
{
Trace.WriteLine("Invalid user password!");
return;
}
byte[] plainData = Encoding.UTF8.GetBytes(DATA);
Trace.WriteLine("Plain Data:");
Trace.WriteLine(Encoding.UTF8.GetString(plainData));
Trace.WriteLine("Plain Data: (BASE64)");
Trace.WriteLine(Convert.ToBase64String(plainData));
// --- ENCRYPTION ---
// Generate plain file key
PlainFileKey fileKey = Crypto.GenerateFileKey();
// Encrypt blocks
byte[] encData = EncryptData(fileKey, plainData);
// Encrypt file key
EncryptedFileKey encFileKey = Crypto.EncryptFileKey(fileKey, userKeyPair.UserPublicKey);
Trace.WriteLine("Encrypted Data: (Base64)");
Trace.WriteLine(Convert.ToBase64String(encData));
// --- DECRYPTION ---
// Decrypt file key
PlainFileKey decFileKey = Crypto.DecryptFileKey(encFileKey, userKeyPair.UserPrivateKey,
USER_PASSWORD);
// Decrypt blocks
byte[] decData = DecryptData(decFileKey, encData);
Trace.WriteLine("Decrypted Data:");
Trace.WriteLine(Encoding.UTF8.GetString(decData));
Trace.WriteLine("Decrypted Data: (BASE64)");
Trace.WriteLine(Convert.ToBase64String(plainData));
}
/// <summary>
/// Generates a random file key.
/// </summary>
/// <param name="version">The encryption version for which the file key should be created.</param>
/// <returns>The generated file key.</returns>
/// <exception cref="Dracoon.Crypto.Sdk.InvalidFileKeyException">If the version for the file key is not supported.</exception>
public static PlainFileKey GenerateFileKey(string version)
{
ValidateFileKeyVersion(version);
byte[] key = new byte[fileKeySize];
new SecureRandom().NextBytes(key);
byte[] iv = new byte[ivSize];
new SecureRandom().NextBytes(iv);
PlainFileKey fileKey = new PlainFileKey()
{
Key = Convert.ToBase64String(key),
Iv = Convert.ToBase64String(iv),
Tag = null,
Version = version
};
return(fileKey);
}
protected override Node StartUpload()
{
NotifyStarted(ActionId);
ApiCreateFileUpload apiFileUploadRequest = FileMapper.ToApiCreateFileUpload(FileUploadRequest);
try {
apiFileUploadRequest.UseS3 = CheckUseS3();
} catch (DracoonApiException apiException) {
DracoonClient.Log.Warn(LogTag, "S3 direct upload is not possible.", apiException);
}
IRestRequest uploadTokenRequest = Client.Builder.PostCreateFileUpload(apiFileUploadRequest);
UploadToken = Client.Executor.DoSyncApiCall <ApiUploadToken>(uploadTokenRequest, RequestType.PostUploadToken);
Node publicResultNode;
PlainFileKey plainFileKey = CreateFileKey();
ApiCompleteFileUpload apiCompleteFileUpload = FileMapper.ToApiCompleteFileUpload(FileUploadRequest);
if (apiFileUploadRequest.UseS3.HasValue && apiFileUploadRequest.UseS3.Value)
{
List <ApiS3FileUploadPart> s3Parts = EncryptedS3Upload(ref plainFileKey);
EncryptedFileKey encryptedFileKey = EncryptFileKey(plainFileKey);
apiCompleteFileUpload.FileKey = FileMapper.ToApiFileKey(encryptedFileKey);
apiCompleteFileUpload.Parts = s3Parts;
IRestRequest completeFileUploadRequest = Client.Builder.PutCompleteS3FileUpload(UploadToken.UploadId, apiCompleteFileUpload);
Client.Executor.DoSyncApiCall <VoidResponse>(completeFileUploadRequest, RequestType.PutCompleteS3Upload);
publicResultNode = NodeMapper.FromApiNode(S3Finished());
}
else
{
EncryptedUpload(ref plainFileKey);
EncryptedFileKey encryptedFileKey = EncryptFileKey(plainFileKey);
apiCompleteFileUpload.FileKey = FileMapper.ToApiFileKey(encryptedFileKey);
IRestRequest completeFileUploadRequest =
Client.Builder.PutCompleteFileUpload(new Uri(UploadToken.UploadUrl).PathAndQuery, apiCompleteFileUpload);
ApiNode resultNode = Client.Executor.DoSyncApiCall <ApiNode>(completeFileUploadRequest, RequestType.PutCompleteUpload);
publicResultNode = NodeMapper.FromApiNode(resultNode);
}
NotifyFinished(ActionId, publicResultNode);
return(publicResultNode);
}
internal FileDecryptionCipher(PlainFileKey fileKey) : base(false, fileKey)
{
}
public DownloadShare CreateDownloadShare(CreateDownloadShareRequest request)
{
_client.Executor.CheckApiServerVersion();
#region Parameter Validation
request.MustNotNull(nameof(request));
Node targetNode = _client.NodesImpl.GetNode(request.NodeId);
// Node id is still checked in previous called getNode()
// To save much effort throw this restriction instantly and not let the rest api throw this error
if (targetNode.IsEncrypted.GetValueOrDefault(false) && targetNode.Type != NodeType.File)
{
throw new DracoonApiException(DracoonApiCode.VALIDATION_DL_SHARE_CANNOT_CREATE_ON_ENCRYPTED_ROOM_FOLDER);
}
request.Name.MustNotNullOrEmptyOrWhitespace(nameof(request.Name), true);
request.MaxAllowedDownloads.NullableMustPositive(nameof(request.MaxAllowedDownloads));
if (targetNode.IsEncrypted.GetValueOrDefault(false) && string.IsNullOrWhiteSpace(request.EncryptionPassword) &&
!string.IsNullOrWhiteSpace(request.AccessPassword))
{
throw new ArgumentException("Download share of a encrypted node must have a encryption password and no access password.");
}
if (!targetNode.IsEncrypted.GetValueOrDefault(false) && string.IsNullOrWhiteSpace(request.AccessPassword) &&
!string.IsNullOrWhiteSpace(request.EncryptionPassword))
{
throw new ArgumentException("Download share of a not encrypted node must have a access password and no encryption password.");
}
if (targetNode.IsEncrypted.GetValueOrDefault(false) && string.IsNullOrWhiteSpace(request.EncryptionPassword))
{
throw new ArgumentException("Download share of a encrypted node must have a encryption password.");
}
if (!targetNode.IsEncrypted.GetValueOrDefault(false))
{
request.AccessPassword?.MustNotNullOrEmptyOrWhitespace(nameof(request.AccessPassword));
}
if (request.EmailRecipients != null)
{
request.EmailRecipients.EnumerableMustNotNullOrEmpty(nameof(request.EmailRecipients));
request.EmailRecipients.ForEach(current => current.MustNotNullOrEmptyOrWhitespace(nameof(request.EmailRecipients) + " element"));
request.EmailBody.MustNotNullOrEmptyOrWhitespace(nameof(request.EmailBody));
request.EmailSubject.MustNotNullOrEmptyOrWhitespace(nameof(request.EmailSubject));
}
if (request.SmsRecipients != null)
{
request.SmsRecipients.EnumerableMustNotNullOrEmpty(nameof(request.SmsRecipients));
request.SmsRecipients.ForEach(current => current.MustNotNullOrEmptyOrWhitespace(nameof(request.SmsRecipients) + " element"));
if (string.IsNullOrEmpty(request.AccessPassword))
{
throw new ArgumentException("If a SMS should be sent, a access password must be set.");
}
}
#endregion
ApiCreateDownloadShareRequest apiRequest = ShareMapper.ToUnencryptedApiCreateDownloadShareRequest(request);
if (targetNode.IsEncrypted.GetValueOrDefault(false))
{
UserKeyPair creatorKeyPair = _client.AccountImpl.GetAndCheckUserKeyPair();
EncryptedFileKey creatorEncryptedFileKey = _client.NodesImpl.GetEncryptedFileKey(request.NodeId);
PlainFileKey plainFileKey = _client.NodesImpl.DecryptFileKey(creatorEncryptedFileKey, creatorKeyPair.UserPrivateKey, request.NodeId);
UserKeyPair newGeneratedKeyPair = _client.AccountImpl.GenerateNewUserKeyPair(request.EncryptionPassword);
EncryptedFileKey newEncryptedFileKey =
_client.NodesImpl.EncryptFileKey(plainFileKey, newGeneratedKeyPair.UserPublicKey, request.NodeId);
apiRequest.KeyPair = UserMapper.ToApiUserKeyPair(newGeneratedKeyPair);
apiRequest.FileKey = FileMapper.ToApiFileKey(newEncryptedFileKey);
}
IRestRequest restRequest = _client.Builder.PostCreateDownloadShare(apiRequest);
ApiDownloadShare resultShare =
_client.Executor.DoSyncApiCall <ApiDownloadShare>(restRequest, DracoonRequestExecutor.RequestType.PostCreateDownloadShare);
return(ShareMapper.FromApiDownloadShare(resultShare));
}
