namespace CryptoFile
+
+open System
open System.IO
+// To read and write metadata.
type internal Metadata (d: (string * string) list) =
+ // Read metadata from a stream.
new (stream : Stream) =
let reader = new BinaryReader (stream)
let length = reader.ReadByte () |> int
new Metadata ([for i in 1..length -> reader.ReadString (), reader.ReadString ()])
+ // Write metadata to a stream.
+ member this.WriteTo (stream : Stream) =
+ let writer = new BinaryWriter (stream)
+ writer.Write (byte d.Length)
+ List.iter (fun (key : string, value : string) -> writer.Write key; writer.Write value) d
+
// May raise 'KeyNotFoundException'.
member this.get (key: string) : string =
List.pick (function
| (k, v) when k = key -> Some (v)
| _ -> None) d
- member this.WriteTo (stream : Stream) =
- let writer = new BinaryWriter (stream)
- writer.Write (byte d.Length)
- List.iter (fun (key : string, value : string) -> writer.Write key; writer.Write value) d
-
module API =
module internal Metadata =
- let filename = "filename"
- let creationTimeKey = "file-creation-time"
+ let filenameKey = "filename"
+ let modificationTimeKey = "file-modification-time"
let generatKeysPair : Key * Key = Crypto.generateRSAKeysPair
- // Encrypt a given file
let encryptFile (inputFilePath : string) (outputFilePath : string) (signaturePrivKey: Key) (cryptPubKey : Key) =
let keyAES, keyMAC, iv = Crypto.rand 32, Crypto.rand 32, Crypto.rand 16
let fileInfo = new FileInfo (inputFilePath)
Crypto.encryptRSA cryptPubKey (Array.append keyAES <| Array.append keyMAC iv) |> writer.Write
- let (hmacStream, hmac) = Crypto.HMACStream keyMAC outputStream
+ // Plaintext -> cryptoStream -> hmacStream -> cyphertext.
+ let hmacStream, hmac = Crypto.HMACStream keyMAC outputStream
use cryptoStream = Crypto.encryptAES keyAES iv hmacStream
let cryptoWriter = new BinaryWriter (cryptoStream)
// Write the file metadata.
- let metaData = new Metadata ([Metadata.filename, fileInfo.Name
- Metadata.creationTimeKey, fileInfo.CreationTimeUtc.Ticks.ToString ()])
+ let metaData = new Metadata ([Metadata.filenameKey, fileInfo.Name
+ Metadata.modificationTimeKey, fileInfo.LastWriteTimeUtc.Ticks.ToString ()])
metaData.WriteTo cryptoStream
// Write the content of the file.
// Write the signature.
Crypto.signRSA signaturePrivKey hmac.Hash |> writer.Write
- ()
let decryptFile (sourceFilePath : string) (targetDirPath : string) (signaturePubKey: Key) (decryptPrivKey : Key) =
use inputStream = new FileStream (sourceFilePath, FileMode.Open, FileAccess.Read)
use reader = new BinaryReader (inputStream)
let mac = reader.ReadBytes 32
let signature = reader.ReadBytes 256
- let keys = reader.ReadBytes 256 |> Crypto.decryptRSA decryptPrivKey
+ let keys =
+ try reader.ReadBytes 256 |> Crypto.decryptRSA decryptPrivKey
+ with
+ | :? Security.Cryptography.CryptographicException -> raise UnableToDecryptAESKeys
let keyAES = keys.[0..31]
let keyMAC = keys.[32..63]
let iv = keys.[64..79]
let mac' = Crypto.ComputeHMAC keyMAC inputStream
if mac' <> mac then
raise IntegrityError
-
+
// Authentication validation.
if not <| Crypto.verifySignRSA signaturePubKey mac' signature then
raise SignatureMismatch
use cryptoStream = Crypto.decryptAES keyAES iv inputStream
let metadata = new Metadata (cryptoStream)
- // Create the file and write.
- let filename = metadata.get Metadata.filename
- use outputStream = new FileStream (Path.Combine (targetDirPath, filename), FileMode.Create, FileAccess.Write)
- cryptoStream.CopyTo outputStream
- ()
+ // Create the file and write its content and metadata.
+ let filePath = Path.Combine (targetDirPath, metadata.get Metadata.filenameKey)
+ let modificationTime = new DateTime (metadata.get Metadata.modificationTimeKey |> int64)
+ let fileInfo = new FileInfo (filePath)
+ using (fileInfo.Create ()) <| fun outputStream -> cryptoStream.CopyTo outputStream
+ fileInfo.LastWriteTimeUtc <- modificationTime
+
\ No newline at end of file