/// <summary>
/// Converts a plain <paramref name="message"/> to a ciphertext
/// which can be decrypted with the corresponding <see cref="PrivateKey"
/// />.
/// </summary>
/// <param name="message">A binary data to be encrypted.</param>
/// <returns>
/// A ciphertext that was encrypted from the <paramref name="message"/>
/// and can be decrypted with the corresponding <see cref="PrivateKey"
/// />. (Although the word “ciphertext” has the word
/// “text”, a returned ciphertext is not a Unicode
/// <see cref="string"/>, but a <see cref="byte"/> array.)
/// </returns>
/// <seealso cref="PrivateKey.Decrypt(byte[])"/>
public byte[] Encrypt(byte[] message)
{
PrivateKey disposablePrivateKey = new PrivateKey();
byte[] aesKey = disposablePrivateKey.ExchangeKey(this);
var aes = new Aesgcm(aesKey);
return(aes.Encrypt(
message,
disposablePrivateKey.PublicKey.Format(true)
));
}
public byte[] Decrypt(byte[] ciphertext)
{
PublicKey pubKey = new PublicKey(ciphertext.Take(33).ToArray());
byte[] aesKey = ExchangeKey(pubKey);
var aes = new Aesgcm(aesKey);
// FIXME: This merely returns null when the given ciphertext is
// invalid (which means it is not encrypted with the corresponding
// public key for the most part). This should become to throw
// an appropriate exception instead and also reflected to docs
// comment (to add <exception> tag) as well.
return(aes.Decrypt(ciphertext, 33));
}
