namespace CryptoFile
+
+open System
open System.IO
-type internal Metadata (d : (string * string) list) =
- new (stream : Stream, size: int) =
- let binaryReader = new BinaryReader (stream)
- new Metadata ([])
+/// To read and write metadata.
+type internal Metadata (d: (string * string) list) =
+ /// Read metadata from a stream.
+ new (stream : Stream) =
+ let reader = new BinaryReader (stream)
+ let length = reader.ReadByte () |> int
+ Metadata ([for _ in 1 .. length -> reader.ReadString (), reader.ReadString ()])
+
+ /// Write metadata to a stream.
member this.WriteTo (stream : Stream) =
- let binaryWriter = new BinaryWriter (stream)
- List.iter (fun (key : string, value : string) -> binaryWriter.Write key; binaryWriter.Write value) d
+ let writer = new BinaryWriter (stream)
+ writer.Write (byte d.Length)
+ List.iter (fun (key : string, value : string) -> writer.Write key; writer.Write value) d
+
+ /// May raise 'KeyNotFoundException'.
+ member this.get (key: string) : string =
+ List.pick (function
+ | (k, v) when k = key -> Some (v)
+ | _ -> None) d
module API =
- let internal filename = "filename"
- let internal creationTimeKey = "file-creation-time"
+ module internal MetadataKeys =
+ let filename = "filename"
+ let modificationTime = "file-modification-time"
+
+ let internal (@@) a1 a2 = Array.append a1 a2
+
+ let hmacSize = 256 / 8 // [byte].
+ let signatureSize = Crypto.rsaKeySize / 8 // [byte].
+ let keysSize = Crypto.rsaKeySize / 8 // [byte].
- let generatKeysPair : Key * Key = Crypto.generateRSAKeysPair
+ let generatKeysPair () : Key * Key = Crypto.generateRSAKeysPair ()
+ /// Format of the container:
+ /// <mac><signature><encrypted keys><cyphertext>
+ /// Where the sizes of the three first parts are given by 'hmacSize', 'signatureSize' and 'keysSize'.
let encryptFile (inputFilePath : string) (outputFilePath : string) (signaturePrivKey: Key) (cryptPubKey : Key) =
- let keyAES, keyMAC, iv = Crypto.rand 32, Crypto.rand 32, Crypto.rand 16
- let fileInfo = new FileInfo (inputFilePath)
- use inputStream = new FileStream (inputFilePath, FileMode.Open, FileAccess.Read)
+ let keyAES, keyMAC, iv = Crypto.rand 16, Crypto.rand 32, Crypto.rand 16
+ let fileInfo = FileInfo (inputFilePath)
+ use inputStream = fileInfo.OpenRead ()
use outputStream = new FileStream (outputFilePath, FileMode.Create, FileAccess.Write)
- let writer = new BinaryWriter (outputStream)
+ use writer = new BinaryWriter (outputStream)
- ignore <| writer.Seek (8 + 32 + 256, SeekOrigin.Current) // Skips file-content-size, mac and signature. They will be written later.
+ outputStream.Position <- (int64 <| hmacSize + signatureSize) // Skips mac and signature. They will be written later.
- Crypto.encryptRSA cryptPubKey (Array.append keyAES <| Array.append keyMAC iv) |> writer.Write
+ Crypto.encryptRSA cryptPubKey (keyAES @@ keyMAC @@ iv) |> writer.Write
- printfn "pos: %A" outputStream.Position
+ // Plaintext -> cryptoStream -> hmacStream -> cyphertext.
+ let hmacStream, hmac = Crypto.HMACStream keyMAC outputStream
+ use cryptoStream = Crypto.encryptAES keyAES iv hmacStream
+ use cryptoWriter = new BinaryWriter (cryptoStream)
- use cryptoStream = Crypto.encryptAES keyAES iv outputStream
- let cryptoWriter = new BinaryWriter (cryptoStream)
+ // Write the file metadata.
+ let metaData = Metadata ([MetadataKeys.filename, fileInfo.Name
+ MetadataKeys.modificationTime, fileInfo.LastWriteTimeUtc.Ticks.ToString ()])
+ metaData.WriteTo cryptoStream
- // Write metadata.
- let metaData = new Metadata ([filename, fileInfo.Name; creationTimeKey, fileInfo.CreationTimeUtc.Ticks.ToString ()])
- let metaDataStream = new MemoryStream ()
- metaData.WriteTo metaDataStream
- cryptoWriter.Write (int metaDataStream.Length)
- printfn "meta size: %A" (int metaDataStream.Length)
- metaDataStream.Position <- 0L
- metaDataStream.CopyTo cryptoStream
- ()
+ // Write the content of the file.
+ inputStream.CopyTo cryptoStream
+ cryptoStream.FlushFinalBlock ()
+ // Write the HMAC at the begining of the file.
+ outputStream.Position <- 0L
+ writer.Write hmac.Hash
+
+ // Write the signature.
+ Crypto.signRSA signaturePrivKey hmac.Hash |> writer.Write
+
+ /// May raise one of the following error:
+ /// * IntegrityError
+ /// * SignatureMismatch
+ /// * UnableToDecryptAESKeys
let decryptFile (sourceFilePath : string) (targetDirPath : string) (signaturePubKey: Key) (decryptPrivKey : Key) =
- ()
+ use inputStream = new FileStream (sourceFilePath, FileMode.Open, FileAccess.Read)
+ use reader = new BinaryReader (inputStream)
+ let mac = reader.ReadBytes hmacSize
+ let signature = reader.ReadBytes signatureSize
+ let keys =
+ try reader.ReadBytes keysSize |> Crypto.decryptRSA decryptPrivKey
+ with
+ | :? Security.Cryptography.CryptographicException -> raise UnableToDecryptKeys
+ let keyAES = keys.[0 .. 15]
+ let keyMAC = keys.[16 .. 47]
+ let iv = keys.[48 .. 63]
+
+ // Integrity validation.
+ let mac' = Crypto.ComputeHMAC keyMAC inputStream
+ if mac' <> mac then
+ raise IntegrityError
+
+ // Authentication validation.
+ if not <| Crypto.verifySignRSA signaturePubKey mac' signature then
+ raise SignatureMismatch
+
+ // Decrypt metadata.
+ inputStream.Position <- (int64 <| hmacSize + signatureSize + keysSize)
+ use cryptoStream = Crypto.decryptAES keyAES iv inputStream
+ let metadata = Metadata cryptoStream
+
+ // Create the file and write its content and metadata.
+ let filePath = Path.Combine (targetDirPath, metadata.get MetadataKeys.filename)
+ let modificationTime = DateTime (metadata.get MetadataKeys.modificationTime |> int64)
+ let fileInfo = FileInfo filePath
+ using (fileInfo.Create ()) cryptoStream.CopyTo // We have to close the result file before updating the modification time.
+ fileInfo.LastWriteTimeUtc <- modificationTime
+
\ No newline at end of file