6 // To read and write metadata.
7 type internal Metadata (d
: (string * string) list
) =
8 // Read metadata from a stream.
9 new (stream
: Stream) =
10 let reader = new BinaryReader (stream
)
11 let length = reader.ReadByte () |> int
12 new Metadata ([for i
in 1..length -> reader.ReadString (), reader.ReadString ()])
14 // Write metadata to a stream.
15 member this
.WriteTo (stream
: Stream) =
16 let writer = new BinaryWriter (stream
)
17 writer.Write (byte
d.Length)
18 List.iter
(fun (key
: string, value
: string) -> writer.Write key; writer.Write value) d
20 // May raise 'KeyNotFoundException'.
21 member this
.get
(key: string) : string =
23 | (k
, v
) when k
= key -> Some (v
)
27 module internal Metadata =
28 let filenameKey = "filename"
29 let modificationTimeKey = "file-modification-time"
31 let generatKeysPair : Key * Key = Crypto.generateRSAKeysPair
33 let encryptFile (inputFilePath
: string) (outputFilePath
: string) (signaturePrivKey
: Key) (cryptPubKey
: Key) =
34 let keyAES, keyMAC
, iv
= Crypto.rand
32, Crypto.rand
32, Crypto.rand
16
35 let fileInfo = new FileInfo (inputFilePath
)
36 use inputStream = new FileStream (inputFilePath
, FileMode.Open, FileAccess.Read)
37 use outputStream = new FileStream (outputFilePath
, FileMode.Create, FileAccess.Write)
38 let writer = new BinaryWriter (outputStream)
40 writer.Seek (32 + 256, SeekOrigin.Current) |> ignore
// Skips mac and signature. They will be written later.
42 Crypto.encryptRSA cryptPubKey
(Array.append
keyAES <| Array.append keyMAC iv
) |> writer.Write
44 // Plaintext -> cryptoStream -> hmacStream -> cyphertext.
45 let hmacStream, hmac
= Crypto.HMACStream keyMAC
outputStream
46 use cryptoStream = Crypto.encryptAES
keyAES iv
hmacStream
47 let cryptoWriter = new BinaryWriter (cryptoStream)
49 // Write the file metadata.
50 let metaData = new Metadata ([Metadata.filenameKey, fileInfo.Name
51 Metadata.modificationTimeKey, fileInfo.LastWriteTimeUtc.Ticks.ToString ()])
52 metaData.WriteTo cryptoStream
54 // Write the content of the file.
55 inputStream.CopyTo cryptoStream
56 cryptoStream.FlushFinalBlock ()
58 // Write the HMAC at the begining of the file.
59 outputStream.Position <- 0L
60 writer.Write hmac.Hash
62 // Write the signature.
63 Crypto.signRSA signaturePrivKey
hmac.Hash |> writer.Write
65 let decryptFile (sourceFilePath
: string) (targetDirPath
: string) (signaturePubKey
: Key) (decryptPrivKey
: Key) =
66 use inputStream = new FileStream (sourceFilePath
, FileMode.Open, FileAccess.Read)
67 use reader = new BinaryReader (inputStream)
68 let mac = reader.ReadBytes 32
69 let signature = reader.ReadBytes 256
71 try reader.ReadBytes 256 |> Crypto.decryptRSA decryptPrivKey
73 | :? Security.Cryptography.CryptographicException -> raise
UnableToDecryptAESKeys
74 let keyAES = keys.[0..31]
75 let keyMAC = keys.[32..63]
76 let iv = keys.[64..79]
78 // Integrity validation.
79 let mac' = Crypto.ComputeHMAC keyMAC inputStream
83 // Authentication validation.
84 if not
<| Crypto.verifySignRSA signaturePubKey
mac' signature then
85 raise SignatureMismatch
88 inputStream.Position <- 32L + 256L + 256L
89 use cryptoStream = Crypto.decryptAES keyAES iv inputStream
90 let metadata = new Metadata (cryptoStream)
92 // Create the file and write its content and metadata.
93 let filePath = Path.Combine (targetDirPath, metadata.get Metadata.filenameKey)
94 let modificationTime = new DateTime (metadata.get Metadata.modificationTimeKey |> int64)
95 let fileInfo = new FileInfo (filePath)
96 using (fileInfo.Create ()) <| fun outputStream -> cryptoStream.CopyTo outputStream
97 fileInfo.LastWriteTimeUtc <- modificationTime