Fixing invalid file encryption (#11)

* Fixed setting AES key + tests

* bump version

Author: Agrabski

.github/workflows/release.yml

@@ -11,8 +11,8 @@ jobs:
   build:
     runs-on: ubuntu-latest  
     env:
-      VERSION_TAG: JPKv0_0_9
-      VERSION: '0.0.9'
+      VERSION_TAG: JPKv0_0_10
+      VERSION: '0.0.10'
 
     steps:
     - name: Checkout

JpkHelper/Commads/MakeManifestCommand.cs

@@ -71,7 +71,7 @@ public async Task Execute()
             var compressed = await Compress(file);
             var parts = compressed.Chunk(CompressedFileSizeLimit).Select((chunk, index) =>
             {
-                var result = Encrypt(aesKey, iv, chunk);
+                var result = EncryptionHelper.Encrypt(aesKey, iv, chunk);
                 var partName = $"{fileName}.zip.{index + 1:D3}.aes";
                 using var destination = File.Create(Path.Combine(OutputPath, partName));
                 destination.Write(result);
@@ -80,7 +80,9 @@ public async Task Execute()
                     result.Length,
                     HashHelpers.CalculateMD5(new MemoryStream(result))
                 );
-            });
+            }).ToArray();
+            foreach (var part in parts)
+                AssertPartCanBeDecrypted(part, aesKey, iv);
             var compressedAndZippedFile = new CompressedFileInfo(
                 fileName,
                 new FileInfo(file).Length,
@@ -98,7 +100,7 @@ public async Task Execute()
             switch (AESKeyBehaviour)
             {
                 case AESKeyBehaviour.ToFile:
-                    var path = Path.Combine(OutputPath, "aes_key.base64.txt");
+                    var path = Path.Combine(OutputPath, $"{fileName}.aeskey.base64.txt");
                     Console.WriteLine(string.Format(Strings.SavingBase64AesKey, path));
                     await File.WriteAllTextAsync(path, Convert.ToBase64String(aesKey));
                     break;
@@ -119,6 +121,15 @@ public async Task Execute()
         }
     }
 
+    private void AssertPartCanBeDecrypted(CompressedFilePartInfo part, byte[] aesKey, byte[] iv)
+    {
+        var bytes = File.ReadAllBytes(Path.Combine(OutputPath, part.Name));
+        using var aes = Aes.Create();
+        aes.BlockSize = EncryptionHelper.BlockSize;
+        aes.Key = aesKey;
+        aes.DecryptCbc(bytes, iv, PaddingMode.PKCS7);
+    }
+
     private string PickFileName(bool multipleFiles, string file)
     {
         if (!multipleFiles)
@@ -329,25 +340,15 @@ private byte[] CalculateSha256Hash(string file)
         return hash.ComputeHash(f);
     }
 
-    private static byte[] Encrypt(byte[] aesKey, byte[] iv, byte[] compressed)
-    {
-        using var aes = Aes.Create();
-        aes.Key = aesKey;
-        aes.KeySize = 256;
-        aes.BlockSize = 128;
-        aes.Mode = CipherMode.CBC;
-        return aes.EncryptCbc(compressed.AsSpan(), iv, PaddingMode.PKCS7);
-    }
-
     private static async Task<byte[]> Compress(string filePath)
     {
         var entryName = Path.GetFileName(filePath);
         using var buffer = new MemoryStream();
         using (var archive = new ZipArchive(buffer, ZipArchiveMode.Create, true))
         {
             var entry = archive.CreateEntry(entryName);
-            using var entryStream = entry.Open();
-            using var sourceStream = File.OpenRead(filePath);
+            await using var entryStream = entry.Open();
+            await using var sourceStream = File.OpenRead(filePath);
             await sourceStream.CopyToAsync(entryStream);
             entryStream.Close();
         }

JpkHelper/EncryptionHelper.cs

@@ -4,17 +4,18 @@ namespace JpkHelper;
 
 public static class EncryptionHelper
 {
+    public const int BlockSize = 128;
     public static string ToHex(byte[] bytes) => BitConverter.ToString(bytes).Replace("-", "").ToLower();
 
     public static byte[] Encrypt(byte[] aesKey, byte[] iv, byte[] plaintext)
     {
         using var aes = Aes.Create();
         aes.KeySize = 256;
-        aes.BlockSize = 128;
+        aes.BlockSize = BlockSize;
         aes.Mode = CipherMode.CBC;
         aes.Key = aesKey;
         aes.IV = iv;
-        return aes.CreateEncryptor().TransformFinalBlock(plaintext, 0, plaintext.Length);
+        return aes.EncryptCbc(plaintext,iv);
 
     }
 }

Tests/MakeManifestTests.cs

@@ -1,3 +1,4 @@
+using System.IO.Compression;
 using System.Security.Cryptography;
 using System.Text;
 using System.Xml.Linq;
@@ -14,7 +15,8 @@ public async Task MakingManifestOfTwoFilesWorks()
         {
             FilePaths = ["MakeManifestTestFiles/ITP_1.xml", "MakeManifestTestFiles/ITP_2.xml"],
             OutputPath = "./two-files",
-            EnvironmentType = EnvironmentType.Test
+            EnvironmentType = EnvironmentType.Test,
+            AESKeyBehaviour = AESKeyBehaviour.ToFile
         };
         await command.Execute();
         Assert.True(File.Exists($"./two-files/ITP_1-{MakeManifestCommand.ManifestFileName}"));
@@ -62,5 +64,17 @@ private static void AssertFileCorectnes(string manifest, string file, string enc
             .First(d => d.Name.LocalName == "ContentLength" && d.Parent.Name.LocalName == "Document")
             .Value;
         Assert.Equal(new FileInfo(file).Length, long.Parse(originalFileLength));
+        var iv = Convert.FromBase64String(m.Descendants().First(d => d.Name.LocalName == "IV").Value);
+        var aesKey = Convert.FromBase64String(File.ReadAllText($"two-files/{Path.GetFileName(file)}.aeskey.base64.txt"));
+        var encryptedFiles = File.ReadAllBytes(encryptedFile);
+        using var aes = Aes.Create();
+        aes.BlockSize = 128;
+        aes.Key = aesKey;
+        var unencryptedArchiveStream = new MemoryStream(aes.DecryptCbc(encryptedFiles, iv, PaddingMode.PKCS7));
+        using var archive = new ZipArchive(unencryptedArchiveStream, ZipArchiveMode.Read);
+        var unencryptedStream = archive.Entries.First().Open();
+        var unencrypted = new MemoryStream();
+        unencryptedStream.CopyTo(unencrypted);
+        Assert.Equal(File.ReadAllBytes(file), unencrypted.ToArray());
     }
 }