public void TestV1Document()
{
using (MemoryStream inputStream = new MemoryStream(Resources.david_copperfield_key__aa_ae_oe__ulu_txt))
{
AxCryptFactory axFactory = new AxCryptFactory();
IEnumerable <DecryptionParameter> decryptionParameters = DecryptionParameter.CreateAll(new Passphrase[] { new Passphrase("Å ä Ö") }, null, new Guid[] { new V1Aes128CryptoFactory().CryptoId });
using (IAxCryptDocument decryptedDocument = axFactory.CreateDocument(decryptionParameters, inputStream))
{
Assert.That(decryptedDocument.PassphraseIsValid);
}
}
}
public static async Task TestEncryptWithOneAsymmetricKey()
{
EncryptionParameters encryptionParameters = new EncryptionParameters(new V2Aes256CryptoFactory().CryptoId, new Passphrase("allan"));
IAsymmetricPublicKey publicKey = New <IAsymmetricFactory>().CreatePublicKey(Resources.PublicKey1);
await encryptionParameters.AddAsync(new UserPublicKey[] { new UserPublicKey(EmailAddress.Parse("*****@*****.**"), publicKey), });
byte[] plainText = Resolve.RandomGenerator.Generate(25000);
byte[] output = EncrytionHelper(encryptionParameters, "TestEncryptWithOneAsymmetricKey.txt", AxCryptOptions.EncryptWithCompression, plainText);
IAsymmetricPrivateKey privateKey1 = New <IAsymmetricFactory>().CreatePrivateKey(Resources.PrivateKey1);
DecryptionParameter decryptionParameter = new DecryptionParameter(privateKey1, new V2Aes256CryptoFactory().CryptoId);
byte[] decryptedText = DecryptionHelper(new DecryptionParameter[] { decryptionParameter }, output);
Assert.That(decryptedText, Is.Not.Null, "The deryption failed because no valid decryption parameter was found.");
Assert.That(decryptedText, Is.EquivalentTo(plainText), "The decrypted text should be the same as was originally encrypted.");
}
public static IEnumerable <DecryptionParameter> DecryptionParameters(this IDataStore dataStore, Passphrase password, IEnumerable <IAsymmetricPrivateKey> privateKeys)
{
if (privateKeys == null)
{
throw new ArgumentNullException(nameof(privateKeys));
}
if (!dataStore.IsEncrypted())
{
return(new DecryptionParameter[0]);
}
if (dataStore.IsLegacyV1())
{
return(DecryptionParameter.CreateAll(new Passphrase[] { password }, privateKeys, new Guid[] { new V1Aes128CryptoFactory().CryptoId }));
}
return(DecryptionParameter.CreateAll(new Passphrase[] { password }, privateKeys, Resolve.CryptoFactory.OrderedIds.Where(id => id != new V1Aes128CryptoFactory().CryptoId)));
}
public void TestV2Document()
{
using (MemoryStream inputStream = new MemoryStream())
{
byte[] text = Resolve.RandomGenerator.Generate(500);
inputStream.Write(text, 0, text.Length);
inputStream.Position = 0;
byte[] buffer = new byte[2500];
using (V2AxCryptDocument document = new V2AxCryptDocument(new EncryptionParameters(new V2Aes256CryptoFactory().CryptoId, new Passphrase("properties")), 15))
{
document.EncryptTo(inputStream, new MemoryStream(buffer), AxCryptOptions.EncryptWithCompression);
}
AxCryptFactory axFactory = new AxCryptFactory();
IEnumerable <DecryptionParameter> decryptionParameters = DecryptionParameter.CreateAll(new Passphrase[] { new Passphrase("properties") }, null, new Guid[] { new V2Aes256CryptoFactory().CryptoId });
using (IAxCryptDocument decryptedDocument = axFactory.CreateDocument(decryptionParameters, new MemoryStream(buffer)))
{
Assert.That(decryptedDocument.PassphraseIsValid);
}
}
}
public static LogOnIdentity TryFindPassphrase(this IDataStore fileInfo, out Guid cryptoId)
{
cryptoId = Guid.Empty;
if (!fileInfo.IsEncrypted())
{
return(null);
}
foreach (LogOnIdentity knownKey in Resolve.KnownIdentities.Identities)
{
IEnumerable <DecryptionParameter> decryptionParameters = fileInfo.DecryptionParameters(knownKey.Passphrase, knownKey.PrivateKeys);
DecryptionParameter decryptionParameter = New <AxCryptFactory>().FindDecryptionParameter(decryptionParameters, fileInfo);
if (decryptionParameter != null)
{
cryptoId = decryptionParameter.CryptoId;
return(knownKey);
}
}
return(null);
}
private static string DecryptPrivateKeyPem(string privateEncryptedPem, Passphrase passphrase)
{
if (privateEncryptedPem.Length == 0)
{
return(String.Empty);
}
byte[] privateKeyEncryptedPem = Convert.FromBase64String(privateEncryptedPem);
byte[] decryptedPrivateKeyBytes = New <IProtectedData>().Unprotect(privateKeyEncryptedPem, null);
if (decryptedPrivateKeyBytes != null)
{
return(Encoding.UTF8.GetString(decryptedPrivateKeyBytes, 0, decryptedPrivateKeyBytes.Length));
}
if (passphrase == Passphrase.Empty)
{
return(null);
}
using (MemoryStream encryptedPrivateKeyStream = new MemoryStream(privateKeyEncryptedPem))
{
using (MemoryStream decryptedPrivateKeyStream = new MemoryStream())
{
DecryptionParameter decryptionParameter = new DecryptionParameter(passphrase, Resolve.CryptoFactory.Preferred.CryptoId);
try
{
if (!New <AxCryptFile>().Decrypt(encryptedPrivateKeyStream, decryptedPrivateKeyStream, new DecryptionParameter[] { decryptionParameter }).IsValid)
{
return(null);
}
}
catch (FileFormatException ffex)
{
New <IReport>().Exception(ffex);
return(null);
}
return(Encoding.UTF8.GetString(decryptedPrivateKeyStream.ToArray(), 0, (int)decryptedPrivateKeyStream.Length));
}
}
}
public static DecryptInfo Decrypt(Stream input, Stream output, DecryptionParameter parameter)
{
byte[] DeriveSecretFromHsm(EllipticCurveEncryptionInformation information)
{
var keys = Encryption.NitroKey.EllipticCurveCryptographer.GetEcKeyPairInfos();
var ecIdentifier = keys.FirstOrDefault(info => information.DerivedSecrets.Any(secret => info.PublicKey.CheckPublicKeyHash(secret.PublicKeyHash, secret.PublicKeyHashSalt)))?.EcIdentifier;
if (ecIdentifier == null)
{
throw new Exception("Couldn't find any key on any token");
}
return(GetSecretKey(ecIdentifier, information, parameter.Password));
}
var internalParameter = new DecryptInternalParameter
{
EllipticCurveDeriveKeyAction = information => parameter.PrivateKey == null?DeriveSecretFromHsm(information) : GetSecretKey(parameter.PrivateKey, information),
Progress = parameter.Progress,
IsCanceled = parameter.IsCanceled
};
return(SymmetricEncryption.DecryptInternal(input, output, null, null, internalParameter));
}
public static IEnumerable <DecryptionParameter> DecryptionParameters(this LogOnIdentity identity)
{
IEnumerable <DecryptionParameter> decryptionParameters = DecryptionParameter.CreateAll(new Passphrase[] { identity.Passphrase }, identity.PrivateKeys, Resolve.CryptoFactory.OrderedIds);
return(decryptionParameters);
}
public static DecryptInfo Decrypt(string inputPath, string outputPath, DecryptionParameter parameter)
{
using (var input = File.OpenRead(inputPath))
using (var output = File.Open(outputPath, FileMode.Open, FileAccess.ReadWrite, FileShare.ReadWrite))
return(Decrypt(input, output, parameter));
}
