public EncryptedMessage EncryptData(Message email, RSAEncryption rsaEncryption, DigitalSignature signature) { byte[] message = Encoding.ASCII.GetBytes(email.Text); var sessionKey = _aes.GenerateRandomNumber(32); var encryptedPacket = new EncryptedMessage { ReceiveDate = DateTime.Now, Iv = _aes.GenerateRandomNumber(16), SenderEmail = email.EmailSender, ReceiverEmail = email.EmailReceiver }; encryptedPacket.EncryptedData = _aes.Encrypt(message, sessionKey, encryptedPacket.Iv); encryptedPacket.EncryptedSessionKey = rsaEncryption.EncryptData(sessionKey); using (var hmac = new HMACSHA256(sessionKey)) { encryptedPacket.Hmac = hmac.ComputeHash(encryptedPacket.EncryptedData); } encryptedPacket.Signature = signature.SignData(encryptedPacket.Hmac); _dbContext.EncryptedMessages.Add(encryptedPacket); _dbContext.SaveChanges(); return(encryptedPacket); }
public void DecryptData(EncryptedFile encryptedFile, RSAEncryption rsaEncryption, DigitalSignature signature) { var decryptedSessionKey = rsaEncryption.DecryptData(encryptedFile.EncryptedSessionKey); using (var hmac = new HMACSHA256(decryptedSessionKey)) { var hmacToCheck = hmac.ComputeHash(encryptedFile.EncryptedData); if (!Compare(encryptedFile.Hmac, hmacToCheck)) { throw new CryptographicException("HMAC for decryption does not match encrypted packet."); } if (!signature.VerifySignature(encryptedFile.Hmac, encryptedFile.Signature)) { throw new CryptographicException("Digital Signature can not be verified."); } } byte[] fileInBytes = _aes.Decrypt(encryptedFile.EncryptedData, decryptedSessionKey, encryptedFile.Iv); if (!Directory.Exists($"storage/{encryptedFile.ReceiverEmail}/files")) { Directory.CreateDirectory($"storage/{encryptedFile.ReceiverEmail}/files"); } using (var fs = new FileStream($"storage/{encryptedFile.ReceiverEmail}/files/{encryptedFile.FileName}", FileMode.Create, FileAccess.Write)) { fs.Write(fileInBytes, 0, fileInBytes.Length); } }
public void EncryptFile(IFormFile fileform, EncryptedMessage encryptedMessage, RSAEncryption rsaEncryption, DigitalSignature signature) { var sessionKey = _aes.GenerateRandomNumber(32); var encryptedPacket = new EncryptedFile { Iv = _aes.GenerateRandomNumber(16), SenderEmail = encryptedMessage.SenderEmail, ReceiverEmail = encryptedMessage.ReceiverEmail, EncryptedMessageId = encryptedMessage.EncryptedMessageId, FileName = fileform.FileName, }; byte[] fileInBytes; using (var stream = new MemoryStream()) { fileform.CopyToAsync(stream); fileInBytes = stream.ToArray(); } encryptedPacket.EncryptedData = _aes.Encrypt(fileInBytes, sessionKey, encryptedPacket.Iv); encryptedPacket.EncryptedSessionKey = rsaEncryption.EncryptData(sessionKey); using (var hmac = new HMACSHA256(sessionKey)) { encryptedPacket.Hmac = hmac.ComputeHash(encryptedPacket.EncryptedData); } encryptedPacket.Signature = signature.SignData(encryptedPacket.Hmac); _dbContext.EncryptedFiles.Add(encryptedPacket); _dbContext.SaveChanges(); }
public byte[] DecryptData(EncryptedMessage encryptedPacket, RSAEncryption rsaEncryption, DigitalSignature signature) { var decryptedSessionKey = rsaEncryption.DecryptData(encryptedPacket.EncryptedSessionKey); using (var hmac = new HMACSHA256(decryptedSessionKey)) { var hmacToCheck = hmac.ComputeHash(encryptedPacket.EncryptedData); if (!Compare(encryptedPacket.Hmac, hmacToCheck)) { throw new CryptographicException("HMAC for decryption does not match encrypted packet."); } if (!signature.VerifySignature(encryptedPacket.Hmac, encryptedPacket.Signature)) { throw new CryptographicException("Digital Signature can not be verified."); } } var decryptedData = _aes.Decrypt(encryptedPacket.EncryptedData, decryptedSessionKey, encryptedPacket.Iv); return(decryptedData); }