예제 #1
0
        public EncryptedMessage EncryptData(Message email, RSAEncryption rsaEncryption,
                                            DigitalSignature signature)
        {
            byte[] message = Encoding.ASCII.GetBytes(email.Text);

            var sessionKey = _aes.GenerateRandomNumber(32);

            var encryptedPacket = new EncryptedMessage
            {
                ReceiveDate   = DateTime.Now,
                Iv            = _aes.GenerateRandomNumber(16),
                SenderEmail   = email.EmailSender,
                ReceiverEmail = email.EmailReceiver
            };

            encryptedPacket.EncryptedData       = _aes.Encrypt(message, sessionKey, encryptedPacket.Iv);
            encryptedPacket.EncryptedSessionKey = rsaEncryption.EncryptData(sessionKey);

            using (var hmac = new HMACSHA256(sessionKey))
            {
                encryptedPacket.Hmac = hmac.ComputeHash(encryptedPacket.EncryptedData);
            }

            encryptedPacket.Signature = signature.SignData(encryptedPacket.Hmac);

            _dbContext.EncryptedMessages.Add(encryptedPacket);
            _dbContext.SaveChanges();
            return(encryptedPacket);
        }
        public void DecryptData(EncryptedFile encryptedFile, RSAEncryption rsaEncryption, DigitalSignature signature)
        {
            var decryptedSessionKey = rsaEncryption.DecryptData(encryptedFile.EncryptedSessionKey);

            using (var hmac = new HMACSHA256(decryptedSessionKey))
            {
                var hmacToCheck = hmac.ComputeHash(encryptedFile.EncryptedData);

                if (!Compare(encryptedFile.Hmac, hmacToCheck))
                {
                    throw new CryptographicException("HMAC for decryption does not match encrypted packet.");
                }

                if (!signature.VerifySignature(encryptedFile.Hmac, encryptedFile.Signature))
                {
                    throw new CryptographicException("Digital Signature can not be verified.");
                }
            }

            byte[] fileInBytes = _aes.Decrypt(encryptedFile.EncryptedData, decryptedSessionKey, encryptedFile.Iv);


            if (!Directory.Exists($"storage/{encryptedFile.ReceiverEmail}/files"))
            {
                Directory.CreateDirectory($"storage/{encryptedFile.ReceiverEmail}/files");
            }

            using (var fs = new FileStream($"storage/{encryptedFile.ReceiverEmail}/files/{encryptedFile.FileName}", FileMode.Create, FileAccess.Write))
            {
                fs.Write(fileInBytes, 0, fileInBytes.Length);
            }
        }
        public void EncryptFile(IFormFile fileform, EncryptedMessage encryptedMessage, RSAEncryption rsaEncryption, DigitalSignature signature)
        {
            var sessionKey = _aes.GenerateRandomNumber(32);

            var encryptedPacket = new EncryptedFile
            {
                Iv                 = _aes.GenerateRandomNumber(16),
                SenderEmail        = encryptedMessage.SenderEmail,
                ReceiverEmail      = encryptedMessage.ReceiverEmail,
                EncryptedMessageId = encryptedMessage.EncryptedMessageId,
                FileName           = fileform.FileName,
            };

            byte[] fileInBytes;

            using (var stream = new MemoryStream())
            {
                fileform.CopyToAsync(stream);
                fileInBytes = stream.ToArray();
            }

            encryptedPacket.EncryptedData       = _aes.Encrypt(fileInBytes, sessionKey, encryptedPacket.Iv);
            encryptedPacket.EncryptedSessionKey = rsaEncryption.EncryptData(sessionKey);

            using (var hmac = new HMACSHA256(sessionKey))
            {
                encryptedPacket.Hmac = hmac.ComputeHash(encryptedPacket.EncryptedData);
            }

            encryptedPacket.Signature = signature.SignData(encryptedPacket.Hmac);

            _dbContext.EncryptedFiles.Add(encryptedPacket);
            _dbContext.SaveChanges();
        }
예제 #4
0
        public byte[] DecryptData(EncryptedMessage encryptedPacket, RSAEncryption rsaEncryption, DigitalSignature signature)
        {
            var decryptedSessionKey = rsaEncryption.DecryptData(encryptedPacket.EncryptedSessionKey);

            using (var hmac = new HMACSHA256(decryptedSessionKey))
            {
                var hmacToCheck = hmac.ComputeHash(encryptedPacket.EncryptedData);

                if (!Compare(encryptedPacket.Hmac, hmacToCheck))
                {
                    throw new CryptographicException("HMAC for decryption does not match encrypted packet.");
                }

                if (!signature.VerifySignature(encryptedPacket.Hmac, encryptedPacket.Signature))
                {
                    throw new CryptographicException("Digital Signature can not be verified.");
                }
            }

            var decryptedData = _aes.Decrypt(encryptedPacket.EncryptedData, decryptedSessionKey, encryptedPacket.Iv);

            return(decryptedData);
        }