public byte[] Unwrap(byte[] encryptedCek, object key, int cekSizeBits, IDictionary <string, object> header) { var privateKey = Ensure.Type <RSACryptoServiceProvider>(key, "RsaKeyManagement alg expects key to be of RSACryptoServiceProvider type."); return(useSha256 ? RsaOaep.Decrypt(encryptedCek, RsaKey.New(privateKey.ExportParameters(true)), CngAlgorithm.Sha256) : privateKey.Decrypt(encryptedCek, useRsaOaepPadding)); }
public byte[] Unwrap(byte[] encryptedCek, object key, int cekSizeBits, IDictionary <string, object> header) { if (key is CngKey) { var privateKey = (CngKey)key; return(RsaOaep.Decrypt(encryptedCek, privateKey, CngAlgorithm.Sha256)); } if (key is RSACryptoServiceProvider) { //This is for backward compatibility only with 2.x //To be removed in 3.x var privateKey = RsaKey.New(((RSACryptoServiceProvider)key).ExportParameters(true)); return(RsaOaep.Decrypt(encryptedCek, privateKey, CngAlgorithm.Sha256)); } if (key is RSA) { var privateKey = (RSA)key; return(privateKey.Decrypt(encryptedCek, RSAEncryptionPadding.OaepSHA256)); } throw new ArgumentException("RsaKeyManagement algorithm expects key to be of either CngKey or RSA types."); }
public byte[][] WrapNewKey(int cekSizeBits, object key, IDictionary <string, object> header) { var cek = Arrays.Random(cekSizeBits); if (key is CngKey) { var publicKey = (CngKey)key; return(new[] { cek, RsaOaep.Encrypt(cek, publicKey, CngAlgorithm.Sha256) }); } if (key is RSACryptoServiceProvider) { //This is for backward compatibility only with 2.x //To be removed in 3.x var publicKey = RsaKey.New(((RSACryptoServiceProvider)key).ExportParameters(false)); return(new[] { cek, RsaOaep.Encrypt(cek, publicKey, CngAlgorithm.Sha256) }); } if (key is RSA) { var publicKey = (RSA)key; return(new[] { cek, publicKey.Encrypt(cek, RSAEncryptionPadding.OaepSHA256) }); } throw new ArgumentException("RsaKeyManagement algorithm expects key to be of either CngKey or RSA types."); }
public byte[] WrapKey(byte[] cek, object key, IDictionary <string, object> header) { #if NET40 if (key is CngKey cngKey) { return(RsaOaep.Encrypt(cek, cngKey, CngAlgorithm.Sha256)); } else if (key is RSACryptoServiceProvider rsaKey) { //This is for backward compatibility only with 2.x //To be removed in 3.x var publicKey = RsaKey.New(rsaKey.ExportParameters(false)); return(RsaOaep.Encrypt(cek, publicKey, CngAlgorithm.Sha256)); } throw new ArgumentException("RsaKeyManagement algorithm expects key to be of CngKey or RSACryptoServiceProvider types."); #elif NET461 || NET472 if (key is CngKey cngKey) { return(RsaOaep.Encrypt(cek, cngKey, CngAlgorithm.Sha256)); } else if (key is RSACryptoServiceProvider rsaKey) { //This is for backward compatibility only with 2.x //To be removed in 3.x var publicKey = RsaKey.New(rsaKey.ExportParameters(false)); return(RsaOaep.Encrypt(cek, publicKey, CngAlgorithm.Sha256)); } else if (key is RSA rsa) { return(rsa.Encrypt(cek, RSAEncryptionPadding.OaepSHA256)); } else if (key is Jwk jwk) { if (jwk.Kty == Jwk.KeyTypes.RSA) { return(jwk.RsaKey().Encrypt(cek, RSAEncryptionPadding.OaepSHA256)); } } throw new ArgumentException("RsaKeyManagement algorithm expects key to be of CngKey, RSACryptoServiceProvider, RSA types or Jwk type with kty='rsa'."); #elif NETSTANDARD if (key is RSA rsa) { return(rsa.Encrypt(cek, RSAEncryptionPadding.OaepSHA256)); } else if (key is Jwk jwk) { if (jwk.Kty == Jwk.KeyTypes.RSA) { return(jwk.RsaKey().Encrypt(cek, RSAEncryptionPadding.OaepSHA256)); } } throw new ArgumentException("RsaKeyManagement algorithm expects key to be of RSA types or Jwk type with kty='rsa'."); #endif }
public byte[][] WrapNewKey(int cekSizeBits, object key, IDictionary <string, object> header) { var publicKey = Ensure.Type <RSACryptoServiceProvider>(key, "RsaKeyManagement alg expects key to be of RSACryptoServiceProvider type."); var cek = Arrays.Random(cekSizeBits); return(useSha256 ? new[] { cek, RsaOaep.Encrypt(cek, RsaKey.New(publicKey.ExportParameters(false)), CngAlgorithm.Sha256) } : new[] { cek, publicKey.Encrypt(cek, useRsaOaepPadding) }); }
public byte[] Unwrap(byte[] encryptedCek, object key, int cekSizeBits, IDictionary <string, object> header) { RSACryptoServiceProvider rSACryptoServiceProvider = Ensure.Type <RSACryptoServiceProvider>(key, "RsaKeyManagement alg expects key to be of RSACryptoServiceProvider type.", new object[0]); if (!this.useSha256) { return(rSACryptoServiceProvider.Decrypt(encryptedCek, this.useRsaOaepPadding)); } return(RsaOaep.Decrypt(encryptedCek, RsaKey.New(rSACryptoServiceProvider.ExportParameters(true)), CngAlgorithm.Sha256)); }
public byte[][] WrapNewKey(int cekSizeBits, object key, IDictionary <string, object> header) { byte[] numArray = Arrays.Random(cekSizeBits); RSACryptoServiceProvider rSACryptoServiceProvider = Ensure.Type <RSACryptoServiceProvider>(key, "RsaKeyManagement alg expects key to be of RSACryptoServiceProvider type.", new object[0]); if (!this.useSha256) { return(new byte[][] { numArray, rSACryptoServiceProvider.Encrypt(numArray, this.useRsaOaepPadding) }); } return(new byte[][] { numArray, RsaOaep.Encrypt(numArray, RsaKey.New(rSACryptoServiceProvider.ExportParameters(false)), CngAlgorithm.Sha256) }); }
public bool Verify(byte[] signature, byte[] securedInput, object key) { var publicKey = Ensure.Type <RSACryptoServiceProvider>(key, "RsaUsingSha with PSS padding alg expects key to be of RSACryptoServiceProvider type."); try { return(RsaPss.Verify(securedInput, signature, RsaKey.New(publicKey.ExportParameters(false)), Hash, saltSize)); } catch (CryptographicException e) { return(false); } }
public byte[] Sign(byte[] securedInput, object key) { var privateKey = Ensure.Type <RSACryptoServiceProvider>(key, "RsaUsingSha with PSS padding alg expects key to be of RSACryptoServiceProvider type."); try { return(RsaPss.Sign(securedInput, RsaKey.New(privateKey.ExportParameters(true)), Hash, saltSize)); } catch (CryptographicException e) { throw new JoseException("Unable to sign content.", e); } }
public byte[] WrapKey(byte[] cek, object key, IDictionary <string, object> header) { #if NET40 if (key is CngKey) { var publicKey = (CngKey)key; return(RsaOaep.Encrypt(cek, publicKey, CngAlgorithm.Sha256)); } if (key is RSACryptoServiceProvider) { //This is for backward compatibility only with 2.x //To be removed in 3.x var publicKey = RsaKey.New(((RSACryptoServiceProvider)key).ExportParameters(false)); return(RsaOaep.Encrypt(cek, publicKey, CngAlgorithm.Sha256)); } throw new ArgumentException("RsaKeyManagement algorithm expects key to be of CngKey or RSACryptoServiceProvider types."); #elif NET461 if (key is CngKey) { var publicKey = (CngKey)key; return(RsaOaep.Encrypt(cek, publicKey, CngAlgorithm.Sha256)); } if (key is RSACryptoServiceProvider) { //This is for backward compatibility only with 2.x //To be removed in 3.x var publicKey = RsaKey.New(((RSACryptoServiceProvider)key).ExportParameters(false)); return(RsaOaep.Encrypt(cek, publicKey, CngAlgorithm.Sha256)); } if (key is RSA) { var publicKey = (RSA)key; return(publicKey.Encrypt(cek, RSAEncryptionPadding.OaepSHA256)); } throw new ArgumentException("RsaKeyManagement algorithm expects key to be of either CngKey or RSA types."); #elif NETSTANDARD var publicKey = Ensure.Type <RSA>(key, "RsaKeyManagement algorithm expects key to be of RSA type."); return(publicKey.Encrypt(cek, RSAEncryptionPadding.OaepSHA256)); #endif }
public byte[] Sign(byte[] securedInput, object key) { byte[] numArray; RSACryptoServiceProvider rSACryptoServiceProvider = Ensure.Type <RSACryptoServiceProvider>(key, "RsaUsingSha with PSS padding alg expects key to be of RSACryptoServiceProvider type.", new object[0]); try { numArray = RsaPss.Sign(securedInput, RsaKey.New(rSACryptoServiceProvider.ExportParameters(true)), this.Hash, this.saltSize); } catch (CryptographicException cryptographicException) { throw new JoseException("Unable to sign content.", cryptographicException); } return(numArray); }
public bool Verify(byte[] signature, byte[] securedInput, object key) { bool flag; RSACryptoServiceProvider rSACryptoServiceProvider = Ensure.Type <RSACryptoServiceProvider>(key, "RsaUsingSha with PSS padding alg expects key to be of RSACryptoServiceProvider type.", new object[0]); try { flag = RsaPss.Verify(securedInput, signature, RsaKey.New(rSACryptoServiceProvider.ExportParameters(false)), this.Hash, this.saltSize); } catch (CryptographicException cryptographicException) { flag = false; } return(flag); }
public byte[] Unwrap(byte[] encryptedCek, object key, int cekSizeBits, IDictionary <string, object> header) { #if NET40 var privateKey = Ensure.Type <RSACryptoServiceProvider>(key, "RsaKeyManagement alg expects key to be of RSACryptoServiceProvider type."); return(useSha256 ? RsaOaep.Decrypt(encryptedCek, RsaKey.New(privateKey.ExportParameters(true)), CngAlgorithm.Sha256) : privateKey.Decrypt(encryptedCek, useRsaOaepPadding)); #elif NETSTANDARD1_4 var privateKey = Ensure.Type <RSA>(key, "RsaKeyManagement alg expects key to be of RSA type."); var padding = useSha256 ? RSAEncryptionPadding.OaepSHA256 : useRsaOaepPadding ? RSAEncryptionPadding.OaepSHA1 : RSAEncryptionPadding.Pkcs1; return(privateKey.Decrypt(encryptedCek, padding)); #endif }
public byte[] Sign(byte[] securedInput, object key) { #if NET40 var privateKey = Ensure.Type <RSACryptoServiceProvider>(key, "RsaUsingSha with PSS padding alg expects key to be of RSACryptoServiceProvider type."); try { return(RsaPss.Sign(securedInput, RsaKey.New(privateKey.ExportParameters(true)), Hash, saltSize)); } catch (CryptographicException e) { throw new JoseException("Unable to sign content.", e); } #elif NETSTANDARD1_4 var privateKey = Ensure.Type <RSA>(key, "RsaUsingSha with PSS padding alg expects key to be of RSA type."); return(privateKey.SignData(securedInput, HashAlgorithm, RSASignaturePadding.Pss)); #endif }
public byte[][] WrapNewKey(int cekSizeBits, object key, IDictionary <string, object> header) { var cek = Arrays.Random(cekSizeBits); #if NET40 var publicKey = Ensure.Type <RSACryptoServiceProvider>(key, "RsaKeyManagement alg expects key to be of RSACryptoServiceProvider type."); return(useSha256 ? new[] { cek, RsaOaep.Encrypt(cek, RsaKey.New(publicKey.ExportParameters(false)), CngAlgorithm.Sha256) } : new[] { cek, publicKey.Encrypt(cek, useRsaOaepPadding) }); #elif NETSTANDARD1_4 var publicKey = Ensure.Type <RSA>(key, "RsaKeyManagement alg expects key to be of RSA type."); var padding = useSha256 ? RSAEncryptionPadding.OaepSHA256 : useRsaOaepPadding ? RSAEncryptionPadding.OaepSHA1 : RSAEncryptionPadding.Pkcs1; return(new[] { cek, publicKey.Encrypt(cek, padding) }); #endif }
public bool Verify(byte[] signature, byte[] securedInput, object key) { #if NET40 var publicKey = Ensure.Type <RSACryptoServiceProvider>(key, "RsaUsingSha with PSS padding alg expects key to be of RSACryptoServiceProvider type."); try { return(RsaPss.Verify(securedInput, signature, RsaKey.New(publicKey.ExportParameters(false)), Hash, saltSize)); } catch (CryptographicException e) { return(false); } #elif NETSTANDARD1_4 var publicKey = Ensure.Type <RSA>(key, "RsaUsingSha with PSS padding alg expects key to be of RSA type."); return(publicKey.VerifyData(securedInput, signature, HashAlgorithm, RSASignaturePadding.Pss)); #endif }
public bool Verify(byte[] signature, byte[] securedInput, object key) { if (key is CngKey) { var publicKey = (CngKey)key; try { return(RsaPss.Verify(securedInput, signature, publicKey, Hash, saltSize)); } catch (CryptographicException e) { return(false); } } if (key is RSACryptoServiceProvider) { //This is for backward compatibility only with 2.x //To be removed in 3.x var publicKey = RsaKey.New(((RSACryptoServiceProvider)key).ExportParameters(false)); try { return(RsaPss.Verify(securedInput, signature, publicKey, Hash, saltSize)); } catch (CryptographicException e) { return(false); } } if (key is RSA) { var publicKey = (RSA)key; return(publicKey.VerifyData(securedInput, signature, HashAlgorithm, RSASignaturePadding.Pss)); } throw new ArgumentException("RsaUsingSha with PSS padding alg expects key to be of either CngKey or RSA types."); }
public byte[] Sign(byte[] securedInput, object key) { if (key is CngKey) { var privateKey = (CngKey)key; try { return(RsaPss.Sign(securedInput, privateKey, Hash, saltSize)); } catch (CryptographicException e) { throw new JoseException("Unable to sign content.", e); } } if (key is RSACryptoServiceProvider) { //This is for backward compatibility only with 2.x //To be removed in 3.x var privateKey = RsaKey.New(((RSACryptoServiceProvider)key).ExportParameters(true)); try { return(RsaPss.Sign(securedInput, privateKey, Hash, saltSize)); } catch (CryptographicException e) { throw new JoseException("Unable to sign content.", e); } } if (key is RSA) { var privateKey = (RSA)key; return(privateKey.SignData(securedInput, HashAlgorithm, RSASignaturePadding.Pss)); } throw new ArgumentException("RsaUsingSha with PSS padding alg expects key to be of either CngKey or RSA types."); }
public byte[] Sign(byte[] securedInput, object key) { #if NET40 if (key is CngKey cngKey) { try { return(RsaPss.Sign(securedInput, cngKey, Hash, saltSize)); } catch (CryptographicException e) { throw new JoseException("Unable to sign content.", e); } } else if (key is RSACryptoServiceProvider rsaKey) { //This is for backward compatibility only with 2.x //To be removed in 3.x var privateKey = RsaKey.New(rsaKey.ExportParameters(true)); try { return(RsaPss.Sign(securedInput, privateKey, Hash, saltSize)); } catch (CryptographicException e) { throw new JoseException("Unable to sign content.", e); } } throw new ArgumentException("RsaUsingSha with PSS padding alg expects key to be of CngKey type."); #elif NET461 || NET472 if (key is CngKey cngKey) { try { return(RsaPss.Sign(securedInput, cngKey, Hash, saltSize)); } catch (CryptographicException e) { throw new JoseException("Unable to sign content.", e); } } else if (key is RSACryptoServiceProvider rsaKey) { //This is for backward compatibility only with 2.x //To be removed in 3.x var privateKey = RsaKey.New(rsaKey.ExportParameters(true)); try { return(RsaPss.Sign(securedInput, privateKey, Hash, saltSize)); } catch (CryptographicException e) { throw new JoseException("Unable to sign content.", e); } } else if (key is RSA rsa) { return(rsa.SignData(securedInput, HashAlgorithm, RSASignaturePadding.Pss)); } else if (key is Jwk jwk) { if (jwk.Kty == Jwk.KeyTypes.RSA) { return(jwk.RsaKey().SignData(securedInput, HashAlgorithm, RSASignaturePadding.Pss)); } } throw new ArgumentException("RsaUsingSha with PSS padding alg expects key to be of either CngKey or RSA types or Jwk type with kty='RSA'"); #elif NETSTANDARD if (key is RSA rsa) { return(rsa.SignData(securedInput, HashAlgorithm, RSASignaturePadding.Pss)); } else if (key is Jwk jwk) { if (jwk.Kty == Jwk.KeyTypes.RSA) { return(jwk.RsaKey().SignData(securedInput, HashAlgorithm, RSASignaturePadding.Pss)); } } throw new ArgumentException("RsaUsingSha with PSS padding alg expects key to be of either RSA type or Jwk type with kty='RSA'"); #endif }