6 // To read and write metadata.
7 type internal Metadata (d
: (string * string) list
) =
8 // Read metadata from a stream.
9 new (stream
: Stream) =
10 let reader = new BinaryReader (stream
)
11 let length = reader.ReadByte () |> int
12 new Metadata ([for i
in 1..length -> reader.ReadString (), reader.ReadString ()])
14 // Write metadata to a stream.
15 member this
.WriteTo (stream
: Stream) =
16 let writer = new BinaryWriter (stream
)
17 writer.Write (byte
d.Length)
18 List.iter
(fun (key
: string, value
: string) -> writer.Write key; writer.Write value) d
20 // May raise 'KeyNotFoundException'.
21 member this
.get
(key: string) : string =
23 | (k
, v
) when k
= key -> Some (v
)
27 module internal Metadata =
28 let filenameKey = "filename"
29 let modificationTimeKey = "file-modification-time"
31 let internal (@@) a1 a2
= Array.append a1 a2
33 let generatKeysPair : Key * Key = Crypto.generateRSAKeysPair
35 let encryptFile (inputFilePath
: string) (outputFilePath
: string) (signaturePrivKey
: Key) (cryptPubKey
: Key) =
36 let keyAES, keyMAC
, iv
= Crypto.rand
32, Crypto.rand
32, Crypto.rand
16
37 let fileInfo = new FileInfo (inputFilePath
)
38 use inputStream = fileInfo.OpenRead ()
39 use outputStream = new FileStream (outputFilePath
, FileMode.Create, FileAccess.Write, FileShare.Read, 4096 * 100)
40 let writer = new BinaryWriter (outputStream)
42 outputStream.Position <- 32L + 256L // Skips mac and signature. They will be written later.
44 Crypto.encryptRSA cryptPubKey
(keyAES @@ keyMAC
@@ iv
) |> writer.Write
46 // Plaintext -> cryptoStream -> hmacStream -> cyphertext.
47 let hmacStream, hmac
= Crypto.HMACStream keyMAC
outputStream
48 use cryptoStream = Crypto.encryptAES
keyAES iv
hmacStream
49 let cryptoWriter = new BinaryWriter (cryptoStream)
51 // Write the file metadata.
52 let metaData = new Metadata ([Metadata.filenameKey, fileInfo.Name
53 Metadata.modificationTimeKey, fileInfo.LastWriteTimeUtc.Ticks.ToString ()])
54 metaData.WriteTo cryptoStream
56 // Write the content of the file.
57 inputStream.CopyTo cryptoStream
58 cryptoStream.FlushFinalBlock ()
60 // Write the HMAC at the begining of the file.
61 outputStream.Position <- 0L
62 writer.Write hmac.Hash
64 // Write the signature.
65 Crypto.signRSA signaturePrivKey
hmac.Hash |> writer.Write
67 // May raise one of the following error:
69 // * SignatureMismatch
70 // * UnableToDecryptAESKeys
71 let decryptFile (sourceFilePath
: string) (targetDirPath
: string) (signaturePubKey
: Key) (decryptPrivKey
: Key) =
72 use inputStream = new FileStream (sourceFilePath
, FileMode.Open, FileAccess.Read)
73 use reader = new BinaryReader (inputStream)
74 let mac = reader.ReadBytes 32
75 let signature = reader.ReadBytes 256
77 try reader.ReadBytes 256 |> Crypto.decryptRSA decryptPrivKey
79 | :? Security.Cryptography.CryptographicException -> raise
UnableToDecryptAESKeys
80 let keyAES = keys.[0..31]
81 let keyMAC = keys.[32..63]
82 let iv = keys.[64..79]
84 // Integrity validation.
85 let mac' = Crypto.ComputeHMAC keyMAC inputStream
89 // Authentication validation.
90 if not
<| Crypto.verifySignRSA signaturePubKey
mac' signature then
91 raise SignatureMismatch
94 inputStream.Position <- 32L + 256L + 256L
95 use cryptoStream = Crypto.decryptAES keyAES iv inputStream
96 let metadata = new Metadata (cryptoStream)
98 // Create the file and write its content and metadata.
99 let filePath = Path.Combine (targetDirPath, metadata.get Metadata.filenameKey)
100 let modificationTime = new DateTime (metadata.get Metadata.modificationTimeKey |> int64)
101 let fileInfo = new FileInfo (filePath)
102 using (fileInfo.Create ()) <| fun outputStream -> cryptoStream.CopyTo outputStream
103 fileInfo.LastWriteTimeUtc <- modificationTime