예제 #1
0
 private byte[] GetEncryptedKey(ProtectedKey keyToBeArchived, string passphrase, byte[] salt)
 {
     byte[] decryptedKey = keyToBeArchived.DecryptedKey;
     byte[] result;
     try
     {
         result = this.EncryptKeyForArchival(decryptedKey, passphrase, salt);
     }
     finally
     {
         Utility.ZeroOutBytes(decryptedKey);
     }
     return(result);
 }
예제 #2
0
        /// <summary>
        /// Reads an encrypted key from an input file. This method is not intended to allow keys to be transferred
        /// from another machine.
        /// </summary>
        /// <param name="protectedKeyFileName">Input file from which DPAPI-protected key is to be read.</param>
        /// <param name="dpapiProtectionScope"><see cref="T:System.Security.Cryptography.DataProtectionScope" /> used to protect the key on disk. </param>
        /// <returns>Key read from stream, encapsulated in a <see cref="T:Microsoft.Practices.EnterpriseLibrary.Security.Cryptography.ProtectedKey"></see>.</returns>
        public static ProtectedKey Read(string protectedKeyFileName, DataProtectionScope dpapiProtectionScope)
        {
            string fullPath = Path.GetFullPath(protectedKeyFileName);

            if (KeyManager.cache[fullPath] != null)
            {
                return(KeyManager.cache[fullPath]);
            }
            ProtectedKey result;

            using (FileStream fileStream = new FileStream(protectedKeyFileName, FileMode.Open, FileAccess.Read, FileShare.Read))
            {
                ProtectedKey protectedKey = KeyManager.Read(fileStream, dpapiProtectionScope);
                KeyManager.cache[fullPath] = protectedKey;
                result = protectedKey;
            }
            return(result);
        }
예제 #3
0
        /// <summary>
        /// Archives a cryptographic key to a <see cref="T:System.IO.Stream" />. This method is intended for use in
        /// transferring a key between machines.
        /// </summary>
        /// <param name="outputStream"><see cref="T:System.IO.Stream" /> to which key is to be archived.</param>
        /// <param name="keyToArchive">Key to be archived.</param>
        /// <param name="passphrase">User-provided passphrase used to encrypt the key in the arhive.</param>
        public static void ArchiveKey(Stream outputStream, ProtectedKey keyToArchive, string passphrase)
        {
            IKeyWriter keyWriter = new KeyReaderWriter();

            keyWriter.Archive(outputStream, keyToArchive, passphrase);
        }
예제 #4
0
        /// <summary>
        /// Writes an encrypted key to an output stream. This method is not intended to allow the keys to be
        /// moved from machine to machine.
        /// </summary>
        /// <param name="outputStream"><see cref="T:System.IO.Stream" /> to which DPAPI-protected key is to be written.</param>
        /// <param name="key">Encrypted key to be written to stream.</param>
        public static void Write(Stream outputStream, ProtectedKey key)
        {
            IKeyWriter keyWriter = new KeyReaderWriter();

            keyWriter.Write(outputStream, key);
        }
예제 #5
0
        /// <overloads>
        /// Writes an encrypted key to an output stream. This method is not intended to allow the keys to be
        /// moved from machine to machine.
        /// </overloads>
        /// <summary>
        /// Writes an encrypted key to an output stream. This method is not intended to allow the keys to be
        /// moved from machine to machine.
        /// </summary>
        /// <param name="outputStream"><see cref="T:System.IO.Stream" /> to which DPAPI-protected key is to be written.</param>
        /// <param name="encryptedKey">Encrypted key to be written to stream.</param>
        /// <param name="dpapiProtectionScope"><see cref="T:System.Security.Cryptography.DataProtectionScope" /> used to protect the key on disk. </param>
        public static void Write(Stream outputStream, byte[] encryptedKey, DataProtectionScope dpapiProtectionScope)
        {
            ProtectedKey key = ProtectedKey.CreateFromEncryptedKey(encryptedKey, dpapiProtectionScope);

            KeyManager.Write(outputStream, key);
        }
예제 #6
0
 /// <summary>
 /// Writes an encrypted key to an output stream. This method is not intended to allow the keys to be
 /// moved from machine to machine.
 /// </summary>
 /// <param name="outputStream"><see cref="T:System.IO.Stream" /> to which DPAPI-protected key is to be written.</param>
 /// <param name="key">Encrypted key to be written to stream.</param>
 public void Write(Stream outputStream, ProtectedKey key)
 {
     this.WriteVersionNumber(outputStream, 4321);
     this.WriteEncryptedKey(outputStream, key);
 }
예제 #7
0
 /// <summary>
 /// Reads a DPAPI-protected key from the given <see cref="T:System.IO.Stream" />.
 /// </summary>
 /// <param name="protectedKeyStream"><see cref="T:System.IO.Stream" /> containing the DPAPI-protected key.</param>
 /// <param name="protectionScope"><see cref="T:System.Security.Cryptography.DataProtectionScope"></see> used to decrypt the key read from the stream.</param>
 /// <returns>Key read from stream, encapsulated in a <see cref="T:Microsoft.Practices.EnterpriseLibrary.Security.Cryptography.ProtectedKey"></see>.</returns>
 public ProtectedKey Read(Stream protectedKeyStream, DataProtectionScope protectionScope)
 {
     this.ValidateKeyVersion(protectedKeyStream);
     return(ProtectedKey.CreateFromEncryptedKey(this.ReadEncryptedKey(protectedKeyStream), protectionScope));
 }
예제 #8
0
 private void WriteEncryptedKey(Stream outputStream, ProtectedKey key)
 {
     outputStream.Write(key.EncryptedKey, 0, key.EncryptedKey.Length);
 }