/// <summary>
/// Create an AES key that is encrypted using a RSA certificate, this is the parsed version for increased efficiancy
///
/// To create the parsed cert <see cref="Kalix.ApiCrypto.RSA.RSACertificateParser.ParsePublicCertificate"/>
/// </summary>
/// <param name="keySize">Required AES key size</param>
/// <param name="rsaCert">RSA parsed public certificate used to sign</param>
/// <returns>data that can be stored</returns>
public static byte[] CreateBlob(AESKeySize keySize, RSAServiceProvider rsaCert)
{
int intKeySize;
switch (keySize)
{
case AESKeySize.AES128:
intKeySize = 128;
break;
case AESKeySize.AES192:
intKeySize = 192;
break;
case AESKeySize.AES256:
intKeySize = 256;
break;
default:
throw new ArgumentOutOfRangeException("keySize", "Unknown key size");
}
var aesProvider = new RijndaelManaged();
aesProvider.KeySize = intKeySize;
aesProvider.GenerateKey();
// Encrypt using the RSA cert and return
return rsaCert.EncryptValue(aesProvider.Key);
}
/// <summary>
/// Create an AES key that is encrypted using a RSA certificate, this is the parsed version for increased efficiancy
///
/// To create the parsed cert <see cref="Kalix.ApiCrypto.RSA.RSACertificateParser.ParsePublicCertificate"/>
/// </summary>
/// <param name="keySize">Required AES key size</param>
/// <param name="rsaCert">RSA parsed public certificate used to sign</param>
/// <returns>data that can be stored</returns>
public static byte[] CreateBlob(AESKeySize keySize, RSAServiceProvider rsaCert)
{
int intKeySize;
switch (keySize)
{
case AESKeySize.AES128:
intKeySize = 128;
break;
case AESKeySize.AES192:
intKeySize = 192;
break;
case AESKeySize.AES256:
intKeySize = 256;
break;
default:
throw new ArgumentOutOfRangeException("keySize", "Unknown key size");
}
var aesProvider = new RijndaelManaged();
aesProvider.KeySize = intKeySize;
aesProvider.GenerateKey();
// Encrypt using the RSA cert and return
return(rsaCert.EncryptValue(aesProvider.Key));
}
/// <summary>
/// Generates a key to be used in AES encryption (either a key or an initialization vector).
/// The AESKeySize value dictates how a key is generated (and its length), as follows:<para/>
/// AESKeySize._128Bit: a SHA256 hash is generated from key of which the first
/// 16 bytes (= 128 bits) are returned.<para/>
/// AESKeySize._256Bit: a SHA256 hash is generated from key; the full 32 byte (256 bit)
/// hash is returned;<para/>
/// AESKeySize._192Bit: a SHA256 hash is generated from key and the first
/// 24 bytes (= 192 bits) are returned.
/// </summary>
/// <param name="keyStr">The string to generate the key from.</param>
/// <param name="keySize">The AESKeySize.</param>
/// <returns>A key which is 16, 24, or 32 bytes in length.</returns>
public static byte[] GetAESKey(string keyStr, AESKeySize keySize)
{
switch (keySize)
{
case AESKeySize._128Bit:
// returns a 128 bit (16 byte) key, composed of the first 16 bytes of a SHA256 hash of strKey
return(keyStr.GetSHA(SHALevel.SHA256).Copy(0, 16));
case AESKeySize._256Bit:
// returns a 256 bit (32 byte) key, being a SHA256 hash of strKey
return(keyStr.GetSHA(SHALevel.SHA256));
case AESKeySize._192Bit:
// returns a 192 bit (24 byte) key, composed of the first 24 bytes of a SHA256 hash of strKey
return(keyStr.GetSHA(SHALevel.SHA256).Copy(0, 24));
}
throw new Exception();
}
/// <summary>
/// Create an AES key that is encrypted using a RSA certificate
/// </summary>
/// <param name="keySize">Required AES key size</param>
/// <param name="rsaPublicCert">RSA public certificate used to sign</param>
/// <returns>data that can be stored</returns>
public static byte[] CreateBlob(AESKeySize keySize, X509Certificate2 rsaPublicCert)
{
var cert = RSACertificateParser.ParsePublicCertificate(rsaPublicCert);
return CreateBlob(keySize, cert);
}
public AES(AESKeySize keySize)
{
this.aes = new AesCryptoServiceProvider();
this.aes.KeySize = (int)keySize;
}
/// <summary>
/// Create an AES key that is encrypted using a RSA certificate
/// </summary>
/// <param name="keySize">Required AES key size</param>
/// <param name="rsaPublicCert">RSA public certificate used to sign</param>
/// <returns>data that can be stored</returns>
public static byte[] CreateBlob(AESKeySize keySize, X509Certificate2 rsaPublicCert)
{
var cert = RSACertificateParser.ParsePublicCertificate(rsaPublicCert);
return(CreateBlob(keySize, cert));
}