SearchRetrieveEncryptedFiles demonstrates the use of searchable policies and hashing feature of the Trust Services SDK to build a search index on encrypted files, such as those created in the EncryptedFiles sample. The search words to look up the index are hashed, so it can be stored in the cloud without exposing the contents of the encrypted files.

The HelperFiles directory contains:

(a) The certificate files for the TSPA (Admin.*), Publisher (Pub.*), and Subscriber (Sub.*) roles. [1] See Note below.
(b) .\Trusted directory with text files

The sample performs the following steps:

(a) The TSPA creates an encrypt data policy for each text file under the Trusted directory, and a search data policy that can be applied to all the text files
(b) The TSPA authorizes the Publisher to all the policies
(c) The TSPA authorizes the Subscriber to the search data policy and to the encrypt data policy for one file.
(d) The Publisher encrypts all the files under .\Trusted and uploads them to the untrusted/remote directory. In this sample, this is .\Untrusted, a local directory.
(e) The Publisher creates an inverted search index of the text files, i.e. a dictionary with each word found in the text files, and the corresponding files that contain it. This data structures lets one look up which files contain a given word. The keys to this search index are hashed using the search data policy, so that it can be securely stored in the .\Untrusted directory.
(f) The sample now enters a loop that demonstrates actions that can be taken by the Subscriber role - e.g. find a file that contains a given word and then download it.
Note: As search and encrypt data policies defined on the protected files are different, even though the subscriber can see the name of the file that contains a given word, he may not be able to access the file contents (i.e. decrypt it) if he is not authorized to the encrypt data policy used to protect it.

To run the sample:

Prepare the trust server:
1. Login to trust portal (
2. Create trust server
3. Set TSPA (upload Admin.cer from under HelperFiles directory)

Prepare sample:
4. Open the solution in VS2010
5. Edit the program's App.config with the trust server name created in step 2.
6. Build and run the solution

Play with the Search API demo loop (as the Subscriber role):
 (f) (F)ind files containing word
 (g) (G)et file
 (e) (E)xit

Scenario (f) returns the names of the files that contain the word, or indicates no matching files were found.
Scenario (g) returns the decrypted contents of the file requested for download. This can fail in two scenarios with an error indicating that no policy is found for the file: (1) If you request a file you are not authorized to, or (2) If you request a non-existant file, or a file that is not encrypted as part of this sample.

[1] Note: The certificate files are provided to keep minimal the overhead of getting started with the sample. Do not reuse these certificates in critical security related scenarios. To create your own self-signed certificates, run the following commands from a Visual Studio command prompt to create a self-signed certificate in .pfx format.

makecert -r -pe -n "CN=Alice" -sky exchange "Alice.cer" -sv "Alice.pvk"

You will be prompted for a password to secure the private key three times. Enter a password of your choice. (NOTE: You must also modify the filename and password as appropriate in the App.config)

Then enter the following command to create the .pfx file. After the –pi switch, enter the password you chose.

pvk2pfx -pvk "Alice.pvk" -spc "Alice.cer" -pfx "Alice.pfx" -pi password-entered-in-previous-step

You can verify that the certificate has been created by looking in the current directory in the Visual Studio command prompt.

Quick Links