/// <summary>
/// Decrypts a cipher with an authentication tag and additional data using AES-GCM.
/// </summary>
/// <param name="cipher">The cipher to be decrypted.</param>
/// <param name="nonce">The 12 byte nonce.</param>
/// <param name="key">The 32 byte key.</param>
/// <param name="additionalData">The additional data; may be null, otherwise between 0 and 16 bytes.</param>
/// <returns>The decrypted cipher.</returns>
/// <exception cref="KeyOutOfRangeException"></exception>
/// <exception cref="NonceOutOfRangeException"></exception>
/// <exception cref="AdditionalDataOutOfRangeException"></exception>
/// <exception cref="CryptographicException"></exception>
public static byte[] Decrypt(byte[] cipher, byte[] nonce, byte[] key, byte[] additionalData = null)
{
//additionalData can be null
if (additionalData == null)
{
additionalData = new byte[0x00];
}
//validate the length of the key
if (key == null || key.Length != KEYBYTES)
{
throw new KeyOutOfRangeException("key", key == null ? 0 : key.Length,
string.Format("key must be {0} bytes in length.", KEYBYTES));
}
//validate the length of the nonce
if (nonce == null || nonce.Length != NPUBBYTES)
{
throw new NonceOutOfRangeException("nonce", nonce == null ? 0 : nonce.Length,
string.Format("nonce must be {0} bytes in length.", NPUBBYTES));
}
//validate the length of the additionalData
if (additionalData.Length > ABYTES || additionalData.Length < 0)
{
throw new AdditionalDataOutOfRangeException(
string.Format("additionalData must be between {0} and {1} bytes in length.", 0, ABYTES));
}
var message = new byte[cipher.Length - ABYTES];
var bin = Marshal.AllocHGlobal(message.Length);
long messageLength;
var ret = SodiumLibrary.crypto_aead_aes256gcm_decrypt(bin, out messageLength, null, cipher, cipher.Length,
additionalData, additionalData.Length, nonce, key);
Marshal.Copy(bin, message, 0, (int)messageLength);
Marshal.FreeHGlobal(bin);
if (ret != 0)
{
throw new CryptographicException("Error decrypting message.");
}
if (message.Length == messageLength)
{
return(message);
}
//remove the trailing nulls from the array
var tmp = new byte[messageLength];
Array.Copy(message, 0, tmp, 0, messageLength);
return(tmp);
}
public static byte[] Decrypt(byte[] cipher, byte[] nonce, byte[] key, byte[] additionalData = null)
{
if (additionalData == null)
{
additionalData = new byte[0];
}
if (key == null || key.Length != 32)
{
throw new ArgumentOutOfRangeException(nameof(key), (object)(key == null ? 0 : key.Length), string.Format("key must be {0} bytes in length.", (object)32));
}
if (nonce == null || nonce.Length != 12)
{
throw new ArgumentOutOfRangeException(nameof(nonce), (object)(nonce == null ? 0 : nonce.Length), string.Format("nonce must be {0} bytes in length.", (object)12));
}
byte[] destination = additionalData.Length <= 16 && additionalData.Length >= 0 ? new byte[cipher.Length - 16] : throw new ArgumentOutOfRangeException(string.Format("additionalData must be between {0} and {1} bytes in length.", (object)0, (object)16));
IntPtr num1 = Marshal.AllocHGlobal(destination.Length);
long messageLength;
int num2 = SodiumLibrary.crypto_aead_aes256gcm_decrypt(num1, out messageLength, (byte[])null, cipher, (long)cipher.Length, additionalData, (long)additionalData.Length, nonce, key);
Marshal.Copy(num1, destination, 0, (int)messageLength);
Marshal.FreeHGlobal(num1);
if (num2 != 0)
{
throw new CryptographicException("Error decrypting message.");
}
if ((long)destination.Length == messageLength)
{
return(destination);
}
byte[] numArray = new byte[messageLength];
Array.Copy((Array)destination, 0L, (Array)numArray, 0L, messageLength);
return(numArray);
}
