internal void Register(string username, string certificateFilePath, string password, bool isExt = false) { X509Certificate2 cert = new X509Certificate2(certificateFilePath); if (CertificateValidator.VerifyCertificate(cert) == false) { throw new Exception("Certificate is invalid."); } else if (CertificateValidator.VerifyKeyUsage(cert) == false) { throw new Exception("Certificate must have 'digitalSignature' and 'keyEncipherment' set as it's key usage."); } if (isExt) { this.data.AddExternal(username, File.ReadAllBytes(certificateFilePath)); } else { this.data.AddUser(username, password, File.ReadAllBytes(certificateFilePath)); } }
public void DecryptFile(EncryptedFile input, FileStream output, ProgressReporter reporter = null) { var cert = new X509Certificate2(this.sender.PublicCertificate); if (cert == null) { reporter?.Log("Sender certificate error. Unable to verify integrity."); } else { reporter?.Log("Certificate located."); if (CertificateValidator.VerifyCertificate(cert) == false) { reporter?.Log("Sender's certificate is INVALID. Continuing."); } reporter?.Log("Verifying file integrity..."); RSACryptoServiceProvider publicKeyProvider = (RSACryptoServiceProvider)cert.PublicKey.Key; bool verifySuccess = EncryptedFileChecker.VerifySignature(input, publicKeyProvider.ExportParameters(false)); if (verifySuccess) { reporter?.Log("File verification: SUCCESS"); } else { reporter?.Log("File verification: FAILED"); } reporter?.SetPercentage(25); } reporter?.Log("Decrypting file..."); FileDecryptor decryptor = new FileDecryptor(this.currentUser.PrivateKey); decryptor.Decrypt(input, output, reporter.SetPercentage); reporter?.Log("File decryption complete."); }
public UserInformation Login(string username, string password, out UserDatabase data) { UserDatabase dataComp = new UserDatabase(this.userDatabasePath); var user = dataComp.GetUser(username); if (user != null && user.IsPasswordValid(password)) { var userCert = new X509Certificate2(user.PublicCertificate); if (userCert == null) { throw new Exception("Certificate error."); } if (CertificateValidator.VerifyCertificate(userCert) == false) { throw new Exception("Certificate is invalid."); } byte[] keyRaw = File.ReadAllBytes(this.privateKeyPath); var privateParameters = new KeyFileParser(keyRaw).GetParameters(); RSACryptoServiceProvider publicKeyProvider = (RSACryptoServiceProvider)userCert.PublicKey.Key; if (!RsaMachine.AreKeysMatched(publicKeyProvider.ExportParameters(false), privateParameters)) { throw new Exception("The given private key does not match this user's certificate."); } data = dataComp; return(new UserInformation(user, privateParameters)); } else { throw new Exception("Invalid username or password."); } }