public byte[] WrapKey(byte[] cek, object key, IDictionary <string, object> header) { byte[] sharedKey = Ensure.Type <byte[]>(key, "AesGcmKeyWrapManagement alg expectes key to be byte[] array."); Ensure.BitSize(sharedKey, keyLengthBits, string.Format("AesGcmKeyWrapManagement management algorithm expected key of size {0} bits, but was given {1} bits", keyLengthBits, sharedKey.Length * 8L)); byte[] iv = Arrays.Random(96); byte[][] cipherAndTag = AesGcm.Encrypt(sharedKey, iv, null, cek); header["iv"] = Base64Url.Encode(iv); header["tag"] = Base64Url.Encode(cipherAndTag[1]); return(cipherAndTag[0]); }
public byte[][] Encrypt(byte[] aad, byte[] plainText, byte[] cek) { byte[][] numArray; Ensure.BitSize(cek, this.keyLength, string.Format("AES-GCM algorithm expected key of size {0} bits, but was given {1} bits", this.keyLength, (int)cek.Length * 8), new object[0]); byte[] numArray1 = Arrays.Random(96); try { byte[][] numArray2 = AesGcm.Encrypt(cek, numArray1, aad, plainText); numArray = new byte[][] { numArray1, numArray2[0], numArray2[1] }; } catch (CryptographicException cryptographicException) { throw new EncryptionException("Unable to encrypt content.", cryptographicException); } return(numArray); }
public byte[][] Encrypt(byte[] aad, byte[] plainText, byte[] cek) { Ensure.BitSize(cek, keyLength, string.Format("AES-GCM algorithm expected key of size {0} bits, but was given {1} bits", keyLength, cek.Length * 8L)); byte[] iv = Arrays.Random(96); try { byte[][] cipherAndTag = AesGcm.Encrypt(cek, iv, aad, plainText); return(new[] { iv, cipherAndTag[0], cipherAndTag[1] }); } catch (CryptographicException e) { throw new EncryptionException("Unable to encrypt content.", e); } }