protected internal AgileEncryptionVerifier(EncryptionDocument ed)
{
IEnumerator <CT_KeyEncryptor> encList = ed.GetEncryption().keyEncryptors.keyEncryptor.GetEnumerator();
CT_PasswordKeyEncryptor keyData;
try
{
//keyData = encList.Next().EncryptedPasswordKey;
encList.MoveNext();
keyData = encList.Current.Item as CT_PasswordKeyEncryptor;
if (keyData == null)
{
throw new NullReferenceException("encryptedKey not Set");
}
}
catch (Exception e)
{
throw new EncryptedDocumentException("Unable to parse keyData", e);
}
int keyBits = (int)keyData.keyBits;
CipherAlgorithm ca = CipherAlgorithm.FromXmlId(keyData.cipherAlgorithm.ToString(), keyBits);
CipherAlgorithm = (ca);
int hashSize = (int)keyData.hashSize;
HashAlgorithm ha = HashAlgorithm.FromEcmaId(keyData.hashAlgorithm.ToString());
HashAlgorithm = (ha);
if (HashAlgorithm.hashSize != hashSize)
{
throw new EncryptedDocumentException("Unsupported hash algorithm: " +
keyData.hashAlgorithm + " @ " + hashSize + " bytes");
}
SpinCount = (int)(keyData.spinCount);
EncryptedVerifier = (keyData.encryptedVerifierHashInput);
Salt = (keyData.saltValue);
EncryptedKey = (keyData.encryptedKeyValue);
EncryptedVerifierHash = (keyData.encryptedVerifierHashValue);
int saltSize = (int)keyData.saltSize;
if (saltSize != Salt.Length)
{
throw new EncryptedDocumentException("Invalid salt size");
}
switch (keyData.cipherChaining)
{
case ST_CipherChaining.ChainingModeCBC:
ChainingMode = (ChainingMode.cbc);
break;
case ST_CipherChaining.ChainingModeCFB:
ChainingMode = (ChainingMode.cfb);
break;
default:
throw new EncryptedDocumentException("Unsupported chaining mode - " + keyData.cipherChaining.ToString());
}
//if (!encList.HasNext()) return;
try
{
//CertificateFactory cf = CertificateFactory.GetInstance("X.509");
while (encList.MoveNext())
{
CT_CertificateKeyEncryptor certKey = encList.Current.Item as CT_CertificateKeyEncryptor;
AgileCertificateEntry ace = new AgileCertificateEntry();
ace.certVerifier = certKey.certVerifier;
ace.encryptedKey = certKey.encryptedKeyValue;
ace.x509 = new X509Certificate(X509CertificateStructure.GetInstance(certKey.X509Certificate));
certList.Add(ace);
}
}
catch (Exception e)
{
throw new EncryptedDocumentException("can't parse X509 certificate", e);
}
}
protected EncryptionDocument CreateEncryptionDocument()
{
AgileEncryptionVerifier ver = builder.GetVerifier();
AgileEncryptionHeader header = builder.GetHeader();
EncryptionDocument ed = EncryptionDocument.NewInstance();
CT_Encryption edRoot = ed.AddNewEncryption();
CT_KeyData keyData = edRoot.AddNewKeyData();
CT_KeyEncryptors keyEncList = edRoot.AddNewKeyEncryptors();
CT_KeyEncryptor keyEnc = keyEncList.AddNewKeyEncryptor();
keyEnc.uri = (/*setter*/ passwordUri);
CT_PasswordKeyEncryptor keyPass = keyEnc.AddNewEncryptedPasswordKey();
keyPass.spinCount = (uint)ver.SpinCount;
keyData.saltSize = (uint)header.BlockSize;
keyPass.saltSize = (uint)header.BlockSize;
keyData.blockSize = (uint)header.BlockSize;
keyPass.blockSize = (uint)header.BlockSize;
keyData.keyBits = (uint)header.KeySize;
keyPass.keyBits = (uint)header.KeySize;
HashAlgorithm hashAlgo = header.HashAlgorithm;
keyData.hashSize = (uint)hashAlgo.hashSize;
keyPass.hashSize = (uint)hashAlgo.hashSize;
ST_CipherAlgorithm?xmlCipherAlgo = (ST_CipherAlgorithm?)Enum.Parse(typeof(ST_CipherAlgorithm), header.CipherAlgorithm.xmlId);
if (xmlCipherAlgo == null)
{
throw new EncryptedDocumentException("CipherAlgorithm " + header.CipherAlgorithm + " not supported.");
}
keyData.cipherAlgorithm = (/*setter*/ xmlCipherAlgo.Value);
keyPass.cipherAlgorithm = (/*setter*/ xmlCipherAlgo.Value);
switch (header.ChainingMode.jceId)
{
case "cbc":
keyData.cipherChaining = (/*setter*/ ST_CipherChaining.ChainingModeCBC);
keyPass.cipherChaining = (/*setter*/ ST_CipherChaining.ChainingModeCBC);
break;
case "cfb":
keyData.cipherChaining = (/*setter*/ ST_CipherChaining.ChainingModeCFB);
keyPass.cipherChaining = (/*setter*/ ST_CipherChaining.ChainingModeCFB);
break;
default:
throw new EncryptedDocumentException("ChainingMode " + header.ChainingMode + " not supported.");
}
ST_HashAlgorithm?xmlHashAlgo = (ST_HashAlgorithm?)Enum.Parse(typeof(ST_HashAlgorithm), hashAlgo.ecmaString);
if (xmlHashAlgo == null)
{
throw new EncryptedDocumentException("HashAlgorithm " + hashAlgo + " not supported.");
}
keyData.hashAlgorithm = (/*setter*/ xmlHashAlgo.Value);
keyPass.hashAlgorithm = (/*setter*/ xmlHashAlgo.Value);
keyData.saltValue = (/*setter*/ header.KeySalt);
keyPass.saltValue = (/*setter*/ ver.Salt);
keyPass.encryptedVerifierHashInput = (/*setter*/ ver.EncryptedVerifier);
keyPass.encryptedVerifierHashValue = (/*setter*/ ver.EncryptedVerifierHash);
keyPass.encryptedKeyValue = (/*setter*/ ver.EncryptedKey);
CT_DataIntegrity hmacData = edRoot.AddNewDataIntegrity();
hmacData.encryptedHmacKey = (/*setter*/ header.GetEncryptedHmacKey());
hmacData.encryptedHmacValue = (/*setter*/ header.GetEncryptedHmacValue());
foreach (AgileCertificateEntry ace in ver.GetCertificates())
{
keyEnc = keyEncList.AddNewKeyEncryptor();
keyEnc.uri = (/*setter*/ certificateUri);
CT_CertificateKeyEncryptor certData = keyEnc.AddNewEncryptedCertificateKey();
try {
certData.X509Certificate = ace.x509.GetEncoded();
} catch (Exception e) {
throw new EncryptedDocumentException(e);
}
certData.encryptedKeyValue = (/*setter*/ ace.encryptedKey);
certData.certVerifier = (/*setter*/ ace.certVerifier);
}
return(ed);
}