stefangordon / azure-encryption-extensions Goto Github PK
View Code? Open in Web Editor NEWSimplifies encryption for Azure Blob Storage
License: MIT License
Simplifies encryption for Azure Blob Storage
License: MIT License
Your extensions is very useful !!
Could you please implement the Async methods as well?
Thanks
Hi,
when change the Samples.cs from
blob.UploadFromFileEncrypted(provider, path, FileMode.Open);
to
blob.UploadFromFileEncryptedAsync(provider, path, FileMode.Open).GetAwaiter().GetResult();
and run the program i get this error:
"Stream does not support reading."
Is there some issue or do i use it wrong? I debugged and checked and both streams (Memory and Crypto) have CanRead "true".
Thanks!
Hi there,
we are using this extension in our project and it's really nice, but want to check if there is any plan to migrate this solution to .net core, or do you mind if I do the migration based on your code?
Thanks and regards,
Nick
Hi Stefan,
I found out one issue with the Asymmetric sample
The RunAsymmetricUploadAndDownload is using the Symmetric functions instead of the Asymmetric ones. After changing it to use the Asymmetric functions, I found out that you have to load the certificate twice, one time to upload the file and again to download it. Here are my changes:
private static void RunAsymmetricUploadAndDownload()
{
// Get container
Console.WriteLine("Uploading an image to blob storage and encrypting using a 4096bit certificate.");
Console.WriteLine("Retrieving blob container...");
var container = Samples.GetAzureContainer();
// Upload
X509Certificate2 uploadCert = new X509Certificate2(@"SampleCertificates\4096.pfx", string.Empty, X509KeyStorageFlags.Exportable);
Console.WriteLine(@"Encrypting and uploading image \SampleFiles\catbread.jpg");
Samples.UploadEncryptedFileAsymmetric(@"SampleFiles\catbread.jpg", uploadCert, container);
// Download
X509Certificate2 downloadCert = new X509Certificate2(@"SampleCertificates\4096.pfx", string.Empty, X509KeyStorageFlags.Exportable);
Console.WriteLine("Downloading and decrypting file using saved key");
Samples.DownloadEncryptedFileAsymmetric(@"decrypted_catbread2.jpg", downloadCert, container);
}
Regards,
Santiago
What about storing the key into a stream? on the SymmetricBlobCryptoProvider class I have added the following code
public void WriteKeyStream(System.IO.Stream stream)
{
System.IO.StreamWriter writer = new System.IO.StreamWriter(stream);
writer.Write(ToKeyFileString());
writer.Flush();
}
We have encrypting file and storing in the Azure blob using AesCryptoServiceProvider, no issues in storing the file in the Azure blob.
When we try to decrypt and download the file using MemomryStream, file is not downloading from the blob.
Always, MemoryStream will be empty. Please let us know if any solution to decrypt and download Azure Blob using MemoryStream
Below code is being used.
CloudStorageAccount storageAccount = CloudStorageAccount.Parse(ConfigurationManager.AppSettings["TestConnectionString"]);
CloudBlobClient blobClient = storageAccount.CreateCloudBlobClient();
CloudBlobContainer container = blobClient.GetContainerReference("TestStorage");
container.CreateIfNotExists();
CloudBlockBlob blockBlob = container.GetBlockBlobReference(blobName);
using (Stream blobStream = blockBlob.OpenRead(AccessCondition.GenerateEmptyCondition(), null, null))
{
Stream st = DecryptAzureBlob(blobStream, KeyIdentifier);
using (var memoryStream = new MemoryStream())
{
fileStream.Write(memoryStream);
}
Response.Clear();
Response.ContentType = blockBlob.Properties.ContentType;
Response.AddHeader("content-disposition", "attachment; filename=" + blobName.ToString());
Response.BinaryWrite(memoryStream.ToArray());
Response.End();
}
Decryption Code
Public Stream DecryptAzureBlob(Stream blobStream, string KeyIdentifier)
{
using (AesCryptoServiceProvider aesAlg = new AesCryptoServiceProvider())
{
byte[] ivBytes = new byte[aesAlg.BlockSize / 8];
streamToDecrypt.Read(ivBytes, 0, ivBytes.Length);
aesAlg.Key = GetEncryptedKey(KeyIdentifier); // getting the key from Azure Blob
aesAlg.IV = ivBytes;
ICryptoTransform decryptor = aesAlg.CreateDecryptor();
CryptoStream cryptoStream = new CryptoStream(streamToDecrypt, decryptor, CryptoStreamMode.Read);
return cryptoStream;
}
}
I am using the DownloadToStreamEncrypted extension and it works fine for small files. I've noticed that it loads the entire stream into memory however.
I am using ASP.Net WebAPI. Here is my code:
var stream = new MemoryStream();
//some code
await blob.DownloadToStreamEncryptedAsync(provider, stream);
stream.Seek(0, SeekOrigin.Begin);
response.StatusCode = HttpStatusCode.OK;
response.Content = new StreamContent(stream, 1024 * 1024);
response.Content.Headers.ContentLength = doc.Length;
response.Content.Headers.ContentType = new MediaTypeHeaderValue(doc.MimeType);
response.Content.Headers.ContentDisposition = new ContentDispositionHeaderValue("attachment")
{
FileName = "somefilename",
Size = doc.Length
};
return response;
This works, but the memory used goes up by however big the file is. It doesn't actually stream the file back. Is there something I am doing wrong with the stream that is causing this high memory use? Ideally, it just streams back from the server without first getting loaded into memory in its entirety. I suspect the problem is the CopyToAsync method within the DownloadToStreamEncrypted but am not sure.
Using the memory stream download, the file stop downloading at 90%
Using the file download version, the file is downloaded correctly.
Any suggestion?
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.