public byte[] Decrypt(byte[] senderKeyMessageBytes, IDecryptionCallback callback)
{
lock(LOCK)
{
try
{
var record = _senderKeyStore.LoadSenderKey(_senderKeyId);
if(record.IsEmpty)
{
throw new Exception("No sender key for: " + _senderKeyId);
}
var senderKeyMessage = new SenderKeyMessage(senderKeyMessageBytes);
var senderKeyState = record.GetSenderKeyState(senderKeyMessage.KeyId);
senderKeyMessage.VerifySignature(senderKeyState.SigningKeyPublic);
var senderKey = GetSenderKey(senderKeyState, senderKeyMessage.Iteration);
byte[] plaintext = GetPlainText(senderKey.Iv, senderKey.CipherKey, senderKeyMessage.CipherText);
callback.HandlePlaintext(plaintext);
_senderKeyStore.StoreSenderKey(_senderKeyId, record);
return plaintext;
}
catch(Exception e)
{
throw new InvalidMessageException(e);
}
}
}
public byte[] Encrypt(byte[] paddedPlaintext)
{
lock(LOCK)
{
try
{
var record = _senderKeyStore.LoadSenderKey(_senderKeyId);
var senderKeyState = record.GetSenderKeyState();
var senderKey = senderKeyState.SenderChainKey.GetSenderMessageKey();
var ciphertext = GetCipherText(senderKey.Iv, senderKey.CipherKey, paddedPlaintext);
var senderKeyMessage = new SenderKeyMessage(senderKeyState.KeyId,
senderKey.Iteration,
ciphertext,
senderKeyState.SigningKeyPrivate);
senderKeyState.SenderChainKey = senderKeyState.SenderChainKey.GetNext();
_senderKeyStore.StoreSenderKey(_senderKeyId, record);
return senderKeyMessage.Serialize();
}
catch(InvalidKeyException e)
{
throw new NoSessionException(e);
}
}
}