/// <summary>
/// Performs AES encryption in GCM chaining mode over plain text
/// </summary>
/// <param name="key">aes key</param>
/// <param name="iv">initialization vector</param>
/// <param name="aad">additional authn data</param>
/// <param name="plainText">plain text message to be encrypted</param>
/// <returns>2 byte[] arrays: [0]=cipher text, [1]=authentication tag</returns>
/// /// <exception cref="CryptographicException">if encryption failed by any reason</exception>
public static byte[][] Encrypt(byte[] key, byte[] iv, byte[] aad, byte[] plainText)
{
IntPtr hAlg = OpenAlgorithmProvider(BCrypt.BCRYPT_AES_ALGORITHM, BCrypt.MS_PRIMITIVE_PROVIDER, BCrypt.BCRYPT_CHAIN_MODE_GCM);
IntPtr hKey, keyDataBuffer = ImportKey(hAlg, key, out hKey);
byte[] cipher;
byte[] tag = new byte[MaxAuthTagSize(hAlg)];
var authInfo = new BCrypt.BCRYPT_AUTHENTICATED_CIPHER_MODE_INFO(iv, aad, tag);
#pragma warning disable CS0728
using (authInfo)
{
byte[] ivData = new byte[tag.Length];
int cipherSize = 0;
uint status = BCrypt.BCryptEncrypt(hKey, plainText, plainText.Length, ref authInfo, ivData, ivData.Length, null, 0, ref cipherSize, 0x0);
if (status != BCrypt.ERROR_SUCCESS)
{
throw new CryptographicException(string.Format("BCrypt.BCryptEncrypt() (get size) failed with status code:{0}", status));
}
cipher = new byte[cipherSize];
status = BCrypt.BCryptEncrypt(hKey, plainText, plainText.Length, ref authInfo, ivData, ivData.Length,
cipher, cipher.Length, ref cipherSize, 0x0);
if (status != BCrypt.ERROR_SUCCESS)
{
throw new CryptographicException(string.Format("BCrypt.BCryptEncrypt() failed with status code:{0}", status));
}
Marshal.Copy(authInfo.pbTag, tag, 0, authInfo.cbTag);
}
#pragma warning restore CS0728
BCrypt.BCryptDestroyKey(hKey);
Marshal.FreeHGlobal(keyDataBuffer);
BCrypt.BCryptCloseAlgorithmProvider(hAlg, 0x0);
return(new[] { cipher, tag });
}
public static byte[][] Encrypt(byte[] key, byte[] iv, byte[] aad, byte[] plainText)
{
IntPtr intPtr;
byte[] numArray;
IntPtr intPtr1 = AesGcm.OpenAlgorithmProvider(BCrypt.BCRYPT_AES_ALGORITHM, BCrypt.MS_PRIMITIVE_PROVIDER, BCrypt.BCRYPT_CHAIN_MODE_GCM);
IntPtr intPtr2 = AesGcm.ImportKey(intPtr1, key, out intPtr);
byte[] numArray1 = new byte[AesGcm.MaxAuthTagSize(intPtr1)];
BCrypt.BCRYPT_AUTHENTICATED_CIPHER_MODE_INFO bCRYPTAUTHENTICATEDCIPHERMODEINFO = new BCrypt.BCRYPT_AUTHENTICATED_CIPHER_MODE_INFO(iv, aad, numArray1);
BCrypt.BCRYPT_AUTHENTICATED_CIPHER_MODE_INFO bCRYPTAUTHENTICATEDCIPHERMODEINFO1 = bCRYPTAUTHENTICATEDCIPHERMODEINFO;
try
{
byte[] numArray2 = new byte[(int)numArray1.Length];
int num = 0;
uint num1 = BCrypt.BCryptEncrypt(intPtr, plainText, (int)plainText.Length, ref bCRYPTAUTHENTICATEDCIPHERMODEINFO, numArray2, (int)numArray2.Length, null, 0, ref num, 0);
if (num1 != 0)
{
throw new CryptographicException(string.Format("BCrypt.BCryptEncrypt() (get size) failed with status code:{0}", num1));
}
numArray = new byte[num];
num1 = BCrypt.BCryptEncrypt(intPtr, plainText, (int)plainText.Length, ref bCRYPTAUTHENTICATEDCIPHERMODEINFO, numArray2, (int)numArray2.Length, numArray, (int)numArray.Length, ref num, 0);
if (num1 != 0)
{
throw new CryptographicException(string.Format("BCrypt.BCryptEncrypt() failed with status code:{0}", num1));
}
Marshal.Copy(bCRYPTAUTHENTICATEDCIPHERMODEINFO.pbTag, numArray1, 0, bCRYPTAUTHENTICATEDCIPHERMODEINFO.cbTag);
}
finally
{
((IDisposable)bCRYPTAUTHENTICATEDCIPHERMODEINFO1).Dispose();
}
BCrypt.BCryptDestroyKey(intPtr);
Marshal.FreeHGlobal(intPtr2);
BCrypt.BCryptCloseAlgorithmProvider(intPtr1, 0);
return(new byte[][] { numArray, numArray1 });
}