// http://msdn.microsoft.com/en-us/library/windows/desktop/aa376249(v=vs.85).aspx
internal static extern int NCryptDecrypt(
[In] SafeNCryptKeyHandle hKey,
[In] byte *pbInput,
[In] uint cbInput,
[In] void *pPaddingInfo,
[In] byte *pbOutput,
[In] uint cbOutput,
[Out] out uint pcbResult,
[In] NCryptEncryptFlags dwFlags);
public static unsafe extern SECURITY_STATUS NCryptDecrypt(
SafeKeyHandle hKey,
byte *pbInput,
int cbInput,
void *pPaddingInfo,
byte *pbOutput,
int cbOutput,
out int pcbResult,
NCryptEncryptFlags dwFlags);
public static unsafe extern SECURITY_STATUS NCryptDecrypt(
SafeKeyHandle hKey,
[Friendly(FriendlyFlags.Array | FriendlyFlags.In, ArrayLengthParameter = 2)] byte *pbInput,
int cbInput,
void *pPaddingInfo,
[Friendly(FriendlyFlags.Array | FriendlyFlags.Out | FriendlyFlags.Optional, ArrayLengthParameter = 5)] byte *pbOutput,
int cbOutput,
out int pcbResult,
NCryptEncryptFlags dwFlags);
public unsafe void EncryptDecryptRSA()
{
using (var provider = NCryptOpenStorageProvider(KeyStorageProviders.MS_KEY_STORAGE_PROVIDER))
{
using (var key = NCryptCreatePersistedKey(provider, BCrypt.AlgorithmIdentifiers.BCRYPT_RSA_ALGORITHM))
{
NCryptSetProperty(key, KeyStoragePropertyIdentifiers.NCRYPT_LENGTH_PROPERTY, 512);
NCryptFinalizeKey(key).ThrowOnError();
const NCryptEncryptFlags flags = NCryptEncryptFlags.NCRYPT_PAD_PKCS1_FLAG;
byte[] plaintext = new byte[] { 0x1, 0x2, 0x3 };
ArraySegment <byte> cipherText = NCryptEncrypt(key, plaintext, flags: flags);
Assert.NotEqual(plaintext, cipherText.Array.Take(cipherText.Count));
ArraySegment <byte> decryptedPlaintext = NCryptDecrypt(key, cipherText.ToArray(), flags: flags);
Assert.Equal(plaintext, decryptedPlaintext.Take(decryptedPlaintext.Count));
}
}
}
/// <summary>
/// Decrypts a block of data.
/// </summary>
/// <param name="key">
/// The handle of the key to use to decrypt the data.
/// </param>
/// <param name="ciphertext">
/// The address of a buffer that contains the ciphertext to be decrypted. The <paramref name="ciphertext"/> parameter contains the size of the ciphertext to decrypt. For more information, see Remarks.
/// </param>
/// <param name="paddingInfo">
/// A pointer to a structure that contains padding information. This parameter is only used with asymmetric keys and authenticated encryption modes. If an authenticated encryption mode is used, this parameter must point to a BCRYPT_AUTHENTICATED_CIPHER_MODE_INFO structure. If asymmetric keys are used, the type of structure this parameter points to is determined by the value of the <paramref name="flags"/> parameter. Otherwise, the parameter must be set to NULL.
/// </param>
/// <param name="flags">
/// A set of flags that modify the behavior of this function. The allowed set of flags depends on the type of key specified by the <paramref name="key"/> parameter.
/// </param>
/// <returns>Returns the plaintext.</returns>
public static unsafe ArraySegment <byte> NCryptDecrypt(SafeKeyHandle key, byte[] ciphertext, void *paddingInfo = null, NCryptEncryptFlags flags = NCryptEncryptFlags.None)
{
fixed(byte *pCiphertext = ciphertext)
{
int pcbResult;
NCryptDecrypt(key, pCiphertext, ciphertext.Length, paddingInfo, null, 0, out pcbResult, flags).ThrowOnError();
byte[] plaintext = new byte[pcbResult];
fixed(byte *pPlaintext = plaintext)
{
NCryptDecrypt(key, pCiphertext, ciphertext.Length, paddingInfo, pPlaintext, pcbResult, out pcbResult, flags).ThrowOnError();
return(new ArraySegment <byte>(plaintext, 0, pcbResult));
}
}
}
public static unsafe extern SECURITY_STATUS NCryptDecrypt(
SafeKeyHandle hKey,
byte* pbInput,
int cbInput,
void* pPaddingInfo,
byte* pbOutput,
int cbOutput,
out int pcbResult,
NCryptEncryptFlags dwFlags);
