protected internal AgileEncryptionHeader(EncryptionDocument ed) { CT_KeyData keyData; try { keyData = ed.GetEncryption().keyData; if (keyData == null) { throw new NullReferenceException("keyData not Set"); } } catch (Exception e) { throw new EncryptedDocumentException("Unable to parse keyData"); } KeySize = ((int)keyData.keyBits); Flags = (0); SizeExtra = (0); CspName = (null); BlockSize = (int)(keyData.blockSize); int keyBits = (int)keyData.keyBits; CipherAlgorithm ca = CipherAlgorithm.FromXmlId(keyData.cipherAlgorithm.ToString(), keyBits); CipherAlgorithm = (ca); CipherProvider = (ca.provider); switch (keyData.cipherChaining) { case ST_CipherChaining.ChainingModeCBC: ChainingMode = (ChainingMode.cbc); break; case ST_CipherChaining.ChainingModeCFB: ChainingMode = (ChainingMode.cfb); break; default: throw new EncryptedDocumentException("Unsupported chaining mode - " + keyData.cipherChaining.ToString()); } int hashSize = (int)keyData.hashSize; HashAlgorithm ha = HashAlgorithm.FromEcmaId(keyData.hashAlgorithm.ToString()); HashAlgorithm = (ha); if (HashAlgorithm.hashSize != hashSize) { throw new EncryptedDocumentException("Unsupported hash algorithm: " + keyData.hashAlgorithm + " @ " + hashSize + " bytes"); } int saltLength = (int)keyData.saltSize; SetKeySalt(keyData.saltValue); if (KeySalt.Length != saltLength) { throw new EncryptedDocumentException("Invalid salt length"); } CT_DataIntegrity di = ed.GetEncryption().dataIntegrity; SetEncryptedHmacKey(di.encryptedHmacKey); SetEncryptedHmacValue(di.encryptedHmacValue); }
protected EncryptionDocument CreateEncryptionDocument() { AgileEncryptionVerifier ver = builder.GetVerifier(); AgileEncryptionHeader header = builder.GetHeader(); EncryptionDocument ed = EncryptionDocument.NewInstance(); CT_Encryption edRoot = ed.AddNewEncryption(); CT_KeyData keyData = edRoot.AddNewKeyData(); CT_KeyEncryptors keyEncList = edRoot.AddNewKeyEncryptors(); CT_KeyEncryptor keyEnc = keyEncList.AddNewKeyEncryptor(); keyEnc.uri = (/*setter*/ passwordUri); CT_PasswordKeyEncryptor keyPass = keyEnc.AddNewEncryptedPasswordKey(); keyPass.spinCount = (uint)ver.SpinCount; keyData.saltSize = (uint)header.BlockSize; keyPass.saltSize = (uint)header.BlockSize; keyData.blockSize = (uint)header.BlockSize; keyPass.blockSize = (uint)header.BlockSize; keyData.keyBits = (uint)header.KeySize; keyPass.keyBits = (uint)header.KeySize; HashAlgorithm hashAlgo = header.HashAlgorithm; keyData.hashSize = (uint)hashAlgo.hashSize; keyPass.hashSize = (uint)hashAlgo.hashSize; ST_CipherAlgorithm?xmlCipherAlgo = (ST_CipherAlgorithm?)Enum.Parse(typeof(ST_CipherAlgorithm), header.CipherAlgorithm.xmlId); if (xmlCipherAlgo == null) { throw new EncryptedDocumentException("CipherAlgorithm " + header.CipherAlgorithm + " not supported."); } keyData.cipherAlgorithm = (/*setter*/ xmlCipherAlgo.Value); keyPass.cipherAlgorithm = (/*setter*/ xmlCipherAlgo.Value); switch (header.ChainingMode.jceId) { case "cbc": keyData.cipherChaining = (/*setter*/ ST_CipherChaining.ChainingModeCBC); keyPass.cipherChaining = (/*setter*/ ST_CipherChaining.ChainingModeCBC); break; case "cfb": keyData.cipherChaining = (/*setter*/ ST_CipherChaining.ChainingModeCFB); keyPass.cipherChaining = (/*setter*/ ST_CipherChaining.ChainingModeCFB); break; default: throw new EncryptedDocumentException("ChainingMode " + header.ChainingMode + " not supported."); } ST_HashAlgorithm?xmlHashAlgo = (ST_HashAlgorithm?)Enum.Parse(typeof(ST_HashAlgorithm), hashAlgo.ecmaString); if (xmlHashAlgo == null) { throw new EncryptedDocumentException("HashAlgorithm " + hashAlgo + " not supported."); } keyData.hashAlgorithm = (/*setter*/ xmlHashAlgo.Value); keyPass.hashAlgorithm = (/*setter*/ xmlHashAlgo.Value); keyData.saltValue = (/*setter*/ header.KeySalt); keyPass.saltValue = (/*setter*/ ver.Salt); keyPass.encryptedVerifierHashInput = (/*setter*/ ver.EncryptedVerifier); keyPass.encryptedVerifierHashValue = (/*setter*/ ver.EncryptedVerifierHash); keyPass.encryptedKeyValue = (/*setter*/ ver.EncryptedKey); CT_DataIntegrity hmacData = edRoot.AddNewDataIntegrity(); hmacData.encryptedHmacKey = (/*setter*/ header.GetEncryptedHmacKey()); hmacData.encryptedHmacValue = (/*setter*/ header.GetEncryptedHmacValue()); foreach (AgileCertificateEntry ace in ver.GetCertificates()) { keyEnc = keyEncList.AddNewKeyEncryptor(); keyEnc.uri = (/*setter*/ certificateUri); CT_CertificateKeyEncryptor certData = keyEnc.AddNewEncryptedCertificateKey(); try { certData.X509Certificate = ace.x509.GetEncoded(); } catch (Exception e) { throw new EncryptedDocumentException(e); } certData.encryptedKeyValue = (/*setter*/ ace.encryptedKey); certData.certVerifier = (/*setter*/ ace.certVerifier); } return(ed); }