/// <summary>
/// Unwrap an AES Key Wrapped-key
/// </summary>
/// <param name="wrapped">The full wrapped data, the length of a key + 8 bytes</param>
/// <returns>The unwrapped key data, or a zero-length array if the unwrap was unsuccessful due to wrong key</returns>
public byte[] Unwrap(ICrypto crypto, byte[] wrapped)
{
if (wrapped == null)
{
throw new ArgumentNullException("wrapped");
}
if (crypto == null)
{
throw new ArgumentNullException("crypto");
}
if (wrapped.Length % (crypto.BlockLength / 2) != 0)
{
throw new InternalErrorException("The length of the wrapped data must a multiple of half the algorithm block size.");
}
if (wrapped.Length < 24)
{
throw new InternalErrorException("The length of the wrapped data must be large enough to accommodate at least a 128-bit key.");
}
using (IKeyWrapTransform decryptor = crypto.CreateKeyWrapTransform(_salt, KeyWrapDirection.Decrypt))
{
return(UnwrapInternal(wrapped, decryptor));
}
}
public byte[] Wrap(ICrypto crypto, byte[] keyMaterial)
{
if (crypto == null)
{
throw new ArgumentNullException("crypto");
}
if (keyMaterial == null)
{
throw new ArgumentNullException("keyMaterial");
}
using (IKeyWrapTransform encryptor = crypto.CreateKeyWrapTransform(_salt, KeyWrapDirection.Encrypt))
{
return(WrapInternal(keyMaterial, encryptor));
}
}