public override DecryptResult Decrypt(DecryptParameters parameters, CancellationToken cancellationToken)
        {
            Argument.AssertNotNull(parameters, nameof(parameters));

            if (MustRemote)
            {
                // A private key is required to decrypt. Send to the server.
                KeysEventSource.Singleton.PrivateKeyRequired(nameof(Decrypt));
                return(null);
            }

            EncryptionAlgorithm  algorithm = parameters.Algorithm;
            RSAEncryptionPadding padding   = algorithm.GetRsaEncryptionPadding();

            if (padding is null)
            {
                KeysEventSource.Singleton.AlgorithmNotSupported(nameof(Decrypt), algorithm);
                return(null);
            }

            byte[]        plaintext = Decrypt(parameters.Ciphertext, padding);
            DecryptResult result    = null;

            if (plaintext != null)
            {
                result = new DecryptResult
                {
                    Algorithm = algorithm,
                    KeyId     = KeyMaterial.Id,
                    Plaintext = plaintext,
                };
            }

            return(result);
        }
Example #2
0
        public override DecryptResult Decrypt(DecryptParameters parameters, CancellationToken cancellationToken = default)
        {
            Argument.AssertNotNull(parameters, nameof(parameters));

            ThrowIfTimeInvalid();

            EncryptionAlgorithm algorithm = parameters.Algorithm;

            if (algorithm.GetAesCbcEncryptionAlgorithm() is AesCbc aesCbc)
            {
                using ICryptoTransform decryptor = aesCbc.CreateDecryptor(KeyMaterial.K, parameters.Iv);

                byte[] ciphertext = parameters.Ciphertext;
                byte[] plaintext  = decryptor.TransformFinalBlock(ciphertext, 0, ciphertext.Length);

                return(new DecryptResult
                {
                    Algorithm = algorithm,
                    KeyId = KeyMaterial.Id,
                    Plaintext = plaintext,
                });
            }
            else
            {
                KeysEventSource.Singleton.AlgorithmNotSupported(nameof(Decrypt), algorithm);
                return(null);
            }
        }
Example #3
0
        /// <summary>
        /// Decrypts the specified ciphertext.
        /// </summary>
        /// <param name="parameters">A <see cref="DecryptParameters"/> containing the data to decrypt and other parameters for algorithm-dependent decryption.</param>
        /// <param name="cancellationToken">A <see cref="CancellationToken"/> to cancel the operation.</param>
        /// <returns>
        /// The result of the decrypt operation. The returned <see cref="DecryptResult"/> contains the encrypted data
        /// along with information regarding the algorithm and key used to decrypt it.
        /// </returns>
        /// <exception cref="ArgumentException">The specified algorithm does not match the key corresponding to the key identifier.</exception>
        /// <exception cref="ArgumentNullException"><paramref name="parameters"/> is null.</exception>
        /// <exception cref="CryptographicException">The local cryptographic provider threw an exception.</exception>
        /// <exception cref="InvalidOperationException">The key is invalid for the current operation.</exception>
        /// <exception cref="NotSupportedException">The operation is not supported with the specified key.</exception>
        public virtual DecryptResult Decrypt(DecryptParameters parameters, CancellationToken cancellationToken = default)
        {
            Argument.AssertNotNull(parameters, nameof(parameters));

            DecryptResult result = null;

            if (_provider.SupportsOperation(KeyOperation.Decrypt))
            {
                result = _provider.Decrypt(parameters, cancellationToken);
            }

            return(result ?? throw LocalCryptographyProvider.CreateOperationNotSupported(nameof(KeyOperation.Decrypt)));
        }
Example #4
0
        /// <summary>
        /// Decrypts ciphertext.
        /// </summary>
        /// <param name="parameters">A <see cref="DecryptParameters"/> containing the data to decrypt and other parameters for algorithm-dependent decryption.</param>
        /// <param name="cancellationToken">A <see cref="CancellationToken"/> to cancel the operation.</param>
        /// <returns>
        /// The result of the decrypt operation. The returned <see cref="DecryptResult"/> contains the encrypted data
        /// along with information regarding the algorithm and key used to decrypt it.
        /// </returns>
        /// <exception cref="ArgumentException">The specified algorithm does not match the key corresponding to the key identifier.</exception>
        /// <exception cref="ArgumentNullException"><paramref name="parameters"/> is null.</exception>
        /// <exception cref="CryptographicException">The local cryptographic provider threw an exception.</exception>
        /// <exception cref="InvalidOperationException">The key is invalid for the current operation.</exception>
        /// <exception cref="NotSupportedException">The operation is not supported with the specified key.</exception>
        public virtual async Task <DecryptResult> DecryptAsync(DecryptParameters parameters, CancellationToken cancellationToken = default)
        {
            Argument.AssertNotNull(parameters, nameof(parameters));

            DecryptResult result = null;

            if (_provider.SupportsOperation(KeyOperation.Decrypt))
            {
                result = await _provider.DecryptAsync(parameters, cancellationToken).ConfigureAwait(false);
            }

            return(result ?? throw LocalCryptographyProvider.CreateOperationNotSupported(nameof(KeyOperation.Decrypt)));
        }
        public virtual async Task <Response <DecryptResult> > DecryptAsync(DecryptParameters parameters, CancellationToken cancellationToken = default)
        {
            using DiagnosticScope scope = Pipeline.CreateScope($"{nameof(RemoteCryptographyClient)}.{nameof(Decrypt)}");
            scope.AddAttribute("key", _keyId);
            scope.Start();

            try
            {
                return(await Pipeline.SendRequestAsync(RequestMethod.Post, parameters, () => new DecryptResult { Algorithm = parameters.Algorithm }, cancellationToken, "/decrypt").ConfigureAwait(false));
            }
            catch (Exception e)
            {
                scope.Failed(e);
                throw;
            }
        }
Example #6
0
        public virtual Task <DecryptResult> DecryptAsync(DecryptParameters parameters, CancellationToken cancellationToken = default)
        {
            DecryptResult result = Decrypt(parameters, cancellationToken);

            return(Task.FromResult(result));
        }
Example #7
0
 public virtual DecryptResult Decrypt(DecryptParameters parameters, CancellationToken cancellationToken = default)
 {
     throw CreateOperationNotSupported(nameof(Decrypt));
 }
 DecryptResult ICryptographyProvider.Decrypt(DecryptParameters parameters, CancellationToken cancellationToken)
 {
     return(Decrypt(parameters, cancellationToken));
 }
 async Task <DecryptResult> ICryptographyProvider.DecryptAsync(DecryptParameters parameters, CancellationToken cancellationToken)
 {
     return(await DecryptAsync(parameters, cancellationToken).ConfigureAwait(false));
 }