예제 #1
0
        private IList <IColumn> TransformChunk(IList <FileEncryptionSettings> readerSettings, IList <FileEncryptionSettings> writerSettings, IList <IColumn> sourceRowGroup)
        {
            List <IColumn> transformedColumns = new List <IColumn>();

            for (int index = 0; index < sourceRowGroup.Count; index++)
            {
                FileEncryptionSettings readerColumnSettings = readerSettings[index];
                FileEncryptionSettings writerColumnSettings = writerSettings[index];
                IColumn column = sourceRowGroup[index];

                if (ShouldEncrypt(readerColumnSettings, writerColumnSettings))
                {
                    transformedColumns.Add(EncryptColumn(writerColumnSettings, column));
                }
                else if (ShouldDecrypt(readerColumnSettings, writerColumnSettings))
                {
                    transformedColumns.Add(DecryptColumn(writerColumnSettings, column));
                }
                else if (ShouldRotate(readerColumnSettings, writerColumnSettings))
                {
                    transformedColumns.Add(EncryptColumn(writerColumnSettings, DecryptColumn(readerColumnSettings, column)));
                }
                else
                {
                    transformedColumns.Add(sourceRowGroup[index]);
                }
            }

            return(transformedColumns);
        }
예제 #2
0
        private static Column <byte[]> EncryptColumn(FileEncryptionSettings writerColumnSettings, IColumn column)
        {
            byte[][] encryptedData = column.Data
                                     .Encrypt(writerColumnSettings)
                                     .ToArray();

            return(new Column <byte[]>(encryptedData)
            {
                Name = column.Name
            });
        }
예제 #3
0
        private static IColumn DecryptColumn(FileEncryptionSettings writerColumnSettings, IColumn column)
        {
            IList encryptedData = column.Data
                                  .Decrypt(writerColumnSettings);

            Type    type          = encryptedData.GetType().GenericTypeArguments[0];
            IColumn encodedColumn = (IColumn)Activator.CreateInstance(typeof(Column <>).MakeGenericType(type), encryptedData);

            encodedColumn.Name = column.Name;

            return(encodedColumn);
        }
예제 #4
0
        private bool ShouldRotate(FileEncryptionSettings readerEncryptionSettings, FileEncryptionSettings writerEncryptionSettings)
        {
            return((readerEncryptionSettings != writerEncryptionSettings) &&
                   readerEncryptionSettings.EncryptionType != EncryptionType.Plaintext &&
                   writerEncryptionSettings.EncryptionType != EncryptionType.Plaintext &&
                   (HasDifferentDataEncryptionRootKey() || HasDifferentEncryptionType()));

            bool HasDifferentDataEncryptionRootKey() => readerEncryptionSettings.DataEncryptionKey != writerEncryptionSettings.DataEncryptionKey &&
            !readerEncryptionSettings.DataEncryptionKey.RootKeyEquals(writerEncryptionSettings.DataEncryptionKey);

            bool HasDifferentEncryptionType() => readerEncryptionSettings.EncryptionType != writerEncryptionSettings.EncryptionType;
        }
예제 #5
0
        /// <summary>
        /// Compiles a <see cref="CryptoMetadata"/> object from <see cref="List{T}"/>s of <see cref="IColumn"/>s and <see cref="FileEncryptionSettings"/>.
        /// </summary>
        /// <param name="columns">The <see cref="IColumn"/>s on which to compile metadata.</param>
        /// <param name="encryptionSettings">The <see cref="FileEncryptionSettings"/> on which to compile metadata.</param>
        /// <returns></returns>
        public static CryptoMetadata CompileMetadata(IList <IColumn> columns, IList <FileEncryptionSettings> encryptionSettings)
        {
            if (columns.Count != encryptionSettings.Count)
            {
                throw new ArgumentException($"{nameof(columns)}.Count does not equal {nameof(encryptionSettings)}.Count");
            }

            CryptoMetadata cryptoMetadata = new CryptoMetadata();

            for (int i = 0; i < columns.Count; i++)
            {
                FileEncryptionSettings settings = encryptionSettings[i];

                if (settings.EncryptionType != EncryptionType.Plaintext)
                {
                    ColumnEncryptionMetadata columnEncryptionInformation = new ColumnEncryptionMetadata()
                    {
                        ColumnName            = columns[i].Name,
                        DataEncryptionKeyName = settings.DataEncryptionKey.Name,
                        ColumnIndex           = encryptionSettings.IndexOf(settings),
                        EncryptionAlgorithm   = DataEncryptionKeyAlgorithm.AEAD_AES_256_CBC_HMAC_SHA256,
                        EncryptionType        = settings.EncryptionType,
                        Serializer            = settings.GetSerializer()
                    };

                    DataEncryptionKeyMetadata columnKeyInformation = new DataEncryptionKeyMetadata()
                    {
                        KeyEncryptionKeyName       = settings.DataEncryptionKey.KeyEncryptionKey.Name,
                        EncryptedDataEncryptionKey = settings.DataEncryptionKey.EncryptedValue.ToHexString(),
                        Name = settings.DataEncryptionKey.Name
                    };

                    KeyEncryptionKeyMetadata columnMasterKeyInformation = new KeyEncryptionKeyMetadata()
                    {
                        KeyPath     = settings.DataEncryptionKey.KeyEncryptionKey.Path,
                        KeyProvider = settings.DataEncryptionKey.KeyEncryptionKey.KeyStoreProvider.ProviderName,
                        Name        = settings.DataEncryptionKey.KeyEncryptionKey.Name
                    };

                    cryptoMetadata.ColumnEncryptionInformation.Add(columnEncryptionInformation);
                    cryptoMetadata.DataEncryptionKeyInformation.Add(columnKeyInformation);
                    cryptoMetadata.KeyEncryptionKeyInformation.Add(columnMasterKeyInformation);
                }
            }

            return(cryptoMetadata);
        }
예제 #6
0
 private bool ShouldDecrypt(FileEncryptionSettings readerEncryptionSettings, FileEncryptionSettings writerEncryptionSettings)
 {
     return((readerEncryptionSettings != writerEncryptionSettings) &&
            readerEncryptionSettings.EncryptionType != EncryptionType.Plaintext &&
            writerEncryptionSettings.EncryptionType == EncryptionType.Plaintext);
 }