/// <summary>
/// Build an EncryptedFile object from the file data, encryption information and
/// signature information
/// </summary>
/// <param name="fileData">File data to encrypt</param>
/// <param name="fileDescrition">File description</param>
/// <param name="fileEncryptor">IFileEncryptor interface</param>
/// <param name="recipients">Set of recipient for the encrypted file</param>
/// <param name="owner">Owner of the original file</param>
public EncryptedFile(byte[] fileData,
FileDescription fileDescrition,
IEncryptProcess fileEncryptor,
Recipient[] recipients,
Owner owner)
{
List<EncryptedKey> encryptedKeys = new List<EncryptedKey>();
// Encrypt the data
byte[] encryptedData = fileEncryptor.EncryptData(fileData);
// Encrypt the encryption key for each recipient
foreach (Recipient recipient in recipients)
{
encryptedKeys.Add(new EncryptedKey(recipient.UserId, fileEncryptor.EncryptKey(recipient.DigestEncryptor)));
}
// Sign the original data
owner.DigestSignature.Sign(fileData);
DigestData signedDigest = owner.DigestSignature.Digest;
EncryptedDataHeader encryptedHeader = new EncryptedDataHeader(fileDescrition.FileName, owner.UserId);
encryptedHeader.Application = fileDescrition.Application;
encryptedHeader.MIME = fileDescrition.MimeType;
encryptedHeader.EncryptionAlgorithm = fileDescrition.EncryptionAlgorithm;
encryptedHeader.EncryptedKeys = encryptedKeys.ToArray();
encryptedHeader.Signature = signedDigest;
BuildRawData(encryptedData, encryptedHeader);
}
/// <summary>
/// Build an EncryptedFile object from the data result of the encryption.
/// </summary>
/// <param name="encryptedData"></param>
public EncryptedFile(byte[] encryptedData)
{
// Get the header type
byte headerType = encryptedData[0];
if (headerType != JSON_TYPE)
{
throw new UnsupportedHeaderType(headerType);
}
// Get the header length
int offset = 1;
byte[] jsonHeaderLengthBytes = new byte[sizeof(UInt32)];
Buffer.BlockCopy(encryptedData, offset, jsonHeaderLengthBytes, 0, sizeof(UInt32));
UInt32 jsonHeaderLength = BitConverter.ToUInt32(jsonHeaderLengthBytes, 0);
// Get the Json serialized EncryptedDataHeader
offset += sizeof(UInt32);
byte[] jsonHeaderBytes = new byte[jsonHeaderLength];
Buffer.BlockCopy(encryptedData, offset, jsonHeaderBytes, 0, (int) jsonHeaderLength);
// Get the encrypted file data
offset += (int) jsonHeaderLength;
int encrFileDataLength = encryptedData.Length - (int)jsonHeaderLength - sizeof(UInt32) - 1;
encryptedFileData = new byte[encrFileDataLength];
Buffer.BlockCopy(encryptedData, offset, encryptedFileData, 0, encrFileDataLength);
// Deserialize the the header
encryptedHeader = JsonConvert.DeserializeObject<EncryptedDataHeader>(ASCIIEncoding.ASCII.GetString(jsonHeaderBytes));
}
private void BuildRawData(byte[] encryptedData, EncryptedDataHeader encryptedHeader)
{
string jsonHeader = JsonConvert.SerializeObject(encryptedHeader);
byte[] jsonHeaderBuffer = ASCIIEncoding.ASCII.GetBytes(jsonHeader);
rawEncryptedData = new byte[HEAD_LEN + jsonHeaderBuffer.Length + encryptedData.Length];
UInt32 jsonLength = (UInt32)jsonHeaderBuffer.Length;
byte[] jsonLengthBytes = BitConverter.GetBytes(jsonLength);
int pos = 0;
rawEncryptedData[0] = JSON_TYPE;
pos += 1;
Buffer.BlockCopy(jsonLengthBytes, 0, rawEncryptedData, pos, jsonLengthBytes.Length);
pos += jsonLengthBytes.Length;
Buffer.BlockCopy(jsonHeaderBuffer, 0, rawEncryptedData, pos, jsonHeaderBuffer.Length);
pos += jsonHeaderBuffer.Length;
Buffer.BlockCopy(encryptedData, 0, rawEncryptedData, pos, encryptedData.Length);
}
public void TestEncrypteDatadHeader()
{
EncryptedDataHeader encryptedHeader = new EncryptedDataHeader(FILE_NAME, USER_ID_SRCE);
encryptedHeader.Application = APP_NOTEPAD;
encryptedHeader.EncryptionAlgorithm = ALGO_AES;
encryptedHeader.MIME = MIME_TEXT;
AesCryptoServiceProvider aesServiceProvider = new AesCryptoServiceProvider();
aesServiceProvider.KeySize = 256;
aesServiceProvider.GenerateKey();
aesServiceProvider.GenerateIV();
byte[] key = aesServiceProvider.Key;
byte[] iv = aesServiceProvider.IV;
byte[] aesKeyAndIV = new byte[key.Length + iv.Length];
Buffer.BlockCopy(key, 0, aesKeyAndIV, 0, key.Length);
Buffer.BlockCopy(iv, 0, aesKeyAndIV, key.Length, iv.Length);
// Encrypt the AES key with the public key of the OlivierCodepro certificate
RSACryptoServiceProvider rsaProviderOlivierCodepro = new RSACryptoServiceProvider();
DigestData rsaDigestEncrypt = new RSAOAEPEncryptor(rsaProviderOlivierCodepro);
((IDigestEncryptor)rsaDigestEncrypt).Encrypt(aesKeyAndIV);
EncryptedKey encryptedAesKeyForOlivierCodepro = new EncryptedKey(USER_ID_DEST1, rsaDigestEncrypt);
encryptedHeader.EncryptedKeys = new EncryptedKey[] { encryptedAesKeyForOlivierCodepro };
// Sign the test BEFORE it is encrypted using OlivierRouit private key
byte[] byteText = ASCIIEncoding.ASCII.GetBytes(TEXT_TO_SIGN);
RSACryptoServiceProvider rsaProviderOlivierRouit = new RSACryptoServiceProvider();
DigestData rsaDigestSigned = new RSASHA1Signature(rsaProviderOlivierRouit);
((IDigestSignature)rsaDigestSigned).Sign(byteText);
encryptedHeader.Signature = rsaDigestSigned;
string jsonSerialized = JsonConvert.SerializeObject(encryptedHeader);
EncryptedDataHeader encryptedHeaderDeserialized = JsonConvert.DeserializeObject<EncryptedDataHeader>(jsonSerialized);
// Process the Signature DigestData
IDigestSignature signDigest = RSADigestFactory.CreateDigestData(encryptedHeaderDeserialized.Signature, rsaProviderOlivierRouit) as IDigestSignature;
bool verified = signDigest.Verify(byteText);
Assert.IsTrue(verified);
// Process the encrypted DigestData
IDigestEncryptor encryptDigest = RSADigestFactory.CreateDigestData(encryptedHeaderDeserialized.EncryptedKeys.Where(k => k.UserID == USER_ID_DEST1).First().Encrypted, rsaProviderOlivierCodepro) as IDigestEncryptor;
byte[] decryptedKeyAndIV = encryptDigest.Decrypt();
bool equals = aesKeyAndIV.HasSameContent(decryptedKeyAndIV);
Assert.IsTrue(equals);
}
