/// <summary> /// Encrypt Data using AED /// </summary> /// <param name="plainTextData"></param> /// <returns></returns> internal static byte[] EncryptDataUsingAED(byte[] plainTextData, byte[] key, CColumnEncryptionType encryptionType) { Assert.True(plainTextData != null); Assert.True(key != null && key.Length > 0); byte[] encryptedData = null; Object columnEncryptionKey = sqlColumnEncryptionKeyConstructor.Invoke(new object[] { key }); Assert.True(columnEncryptionKey != null); Object aesFactory = Activator.CreateInstance(sqlAeadAes256CbcHmac256Factory); Assert.True(aesFactory != null); object[] parameters = new object[] { columnEncryptionKey, encryptionType, ColumnEncryptionAlgorithmName }; Object authenticatedAES = sqlAeadAes256CbcHmac256FactoryCreate.Invoke(aesFactory, parameters); Assert.True(authenticatedAES != null); parameters = new object[] { plainTextData }; Object finalCellBlob = sqlClientEncryptionAlgorithmEncryptData.Invoke(authenticatedAES, parameters); Assert.True(finalCellBlob != null); encryptedData = (byte[])finalCellBlob; return(encryptedData); }
/// <summary> /// Decrypt Data using AEAD /// </summary> internal static byte[] DecryptDataUsingAED(byte[] encryptedCellBlob, byte[] key, CColumnEncryptionType encryptionType) { Assert.True(encryptedCellBlob != null && encryptedCellBlob.Length > 0); Assert.True(key != null && key.Length > 0); byte[] decryptedData = null; Object columnEncryptionKey = sqlColumnEncryptionKeyConstructor.Invoke(new object[] { key }); Assert.True(columnEncryptionKey != null); Object aesFactory = Activator.CreateInstance(sqlAeadAes256CbcHmac256Factory); Assert.True(aesFactory != null); object[] parameters = new object[] { columnEncryptionKey, encryptionType, ColumnEncryptionAlgorithmName }; Object authenticatedAES = sqlAeadAes256CbcHmac256FactoryCreate.Invoke(aesFactory, parameters); Assert.True(authenticatedAES != null); parameters = new object[] { encryptedCellBlob }; Object decryptedValue = sqlClientEncryptionAlgorithmDecryptData.Invoke(authenticatedAES, parameters); Assert.True(decryptedValue != null); decryptedData = (byte[])decryptedValue; return(decryptedData); }