public void DecryptData(EncryptedFile encryptedFile, RSAEncryption rsaEncryption, DigitalSignature signature)
{
var decryptedSessionKey = rsaEncryption.DecryptData(encryptedFile.EncryptedSessionKey);
using (var hmac = new HMACSHA256(decryptedSessionKey))
{
var hmacToCheck = hmac.ComputeHash(encryptedFile.EncryptedData);
if (!Compare(encryptedFile.Hmac, hmacToCheck))
{
throw new CryptographicException("HMAC for decryption does not match encrypted packet.");
}
if (!signature.VerifySignature(encryptedFile.Hmac, encryptedFile.Signature))
{
throw new CryptographicException("Digital Signature can not be verified.");
}
}
byte[] fileInBytes = _aes.Decrypt(encryptedFile.EncryptedData, decryptedSessionKey, encryptedFile.Iv);
if (!Directory.Exists($"storage/{encryptedFile.ReceiverEmail}/files"))
{
Directory.CreateDirectory($"storage/{encryptedFile.ReceiverEmail}/files");
}
using (var fs = new FileStream($"storage/{encryptedFile.ReceiverEmail}/files/{encryptedFile.FileName}", FileMode.Create, FileAccess.Write))
{
fs.Write(fileInBytes, 0, fileInBytes.Length);
}
}
public byte[] DecryptData(EncryptedMessage encryptedPacket, RSAEncryption rsaEncryption, DigitalSignature signature)
{
var decryptedSessionKey = rsaEncryption.DecryptData(encryptedPacket.EncryptedSessionKey);
using (var hmac = new HMACSHA256(decryptedSessionKey))
{
var hmacToCheck = hmac.ComputeHash(encryptedPacket.EncryptedData);
if (!Compare(encryptedPacket.Hmac, hmacToCheck))
{
throw new CryptographicException("HMAC for decryption does not match encrypted packet.");
}
if (!signature.VerifySignature(encryptedPacket.Hmac, encryptedPacket.Signature))
{
throw new CryptographicException("Digital Signature can not be verified.");
}
}
var decryptedData = _aes.Decrypt(encryptedPacket.EncryptedData, decryptedSessionKey, encryptedPacket.Iv);
return(decryptedData);
}