/// <summary>
/// Verifies the specified signature.
/// </summary>
/// <param name="algorithm">The <see cref="SignatureAlgorithm"/> to use. This must be the same algorithm used to sign the digest.</param>
/// <param name="digest">The pre-hashed digest corresponding to the signature. The hash algorithm used to compute the digest must be compatable with the specified algorithm.</param>
/// <param name="signature">The signature to verify.</param>
/// <param name="cancellationToken">A <see cref="CancellationToken"/> to cancel the operation.</param>
/// <returns>
/// The result of the verify operation. If the signature is valid the <see cref="VerifyResult.IsValid"/> property of the returned <see cref="VerifyResult"/> will be set to true.
/// </returns>
/// <exception cref="ArgumentException">The specified <paramref name="algorithm"/> does not match the key corresponding to the key identifier.</exception>
/// <exception cref="CryptographicException">The local cryptographic provider threw an exception.</exception>
/// <exception cref="InvalidOperationException">The key is invalid for the current operation.</exception>
/// <exception cref="NotSupportedException">The operation is not supported with the specified key.</exception>
public virtual async Task <VerifyResult> VerifyAsync(SignatureAlgorithm algorithm, byte[] digest, byte[] signature, CancellationToken cancellationToken = default)
{
VerifyResult result = null;
if (_provider.SupportsOperation(KeyOperation.Verify))
{
result = await _provider.VerifyAsync(algorithm, digest, signature, cancellationToken).ConfigureAwait(false);
}
return(result ?? throw LocalCryptographyProvider.CreateOperationNotSupported(nameof(KeyOperation.Verify)));
}
/// <summary>
/// Verifies the specified signature.
/// </summary>
/// <param name="algorithm">The <see cref="SignatureAlgorithm"/> to use. This must be the same algorithm used to sign the digest.</param>
/// <param name="digest">The pre-hashed digest corresponding to the signature. The hash algorithm used to compute the digest must be compatable with the specified algorithm.</param>
/// <param name="signature">The signature to verify.</param>
/// <param name="cancellationToken">A <see cref="CancellationToken"/> to cancel the operation.</param>
/// <returns>
/// The result of the verify operation. If the signature is valid the <see cref="VerifyResult.IsValid"/> property of the returned <see cref="VerifyResult"/> will be set to true.
/// </returns>
/// <exception cref="ArgumentException">The specified <paramref name="algorithm"/> does not match the key corresponding to the key identifier.</exception>
/// <exception cref="CryptographicException">The local cryptographic provider threw an exception.</exception>
/// <exception cref="InvalidOperationException">The key is invalid for the current operation.</exception>
/// <exception cref="NotSupportedException">The operation is not supported with the specified key.</exception>
public virtual VerifyResult Verify(SignatureAlgorithm algorithm, byte[] digest, byte[] signature, CancellationToken cancellationToken = default)
{
VerifyResult result = null;
if (_provider.SupportsOperation(KeyOperation.Verify))
{
result = _provider.Verify(algorithm, digest, signature, cancellationToken);
}
return(result ?? throw LocalCryptographyProvider.CreateOperationNotSupported(nameof(KeyOperation.Verify)));
}
/// <summary>
/// Decrypts the specified encrypted key.
/// </summary>
/// <param name="algorithm">The <see cref="KeyWrapAlgorithm"/> to use.</param>
/// <param name="encryptedKey">The encrypted key.</param>
/// <param name="cancellationToken">A <see cref="CancellationToken"/> to cancel the operation.</param>
/// <returns>
/// The result of the unwrap operation. The returned <see cref="UnwrapResult"/> contains the key
/// along with information regarding the algorithm and key used to unwrap it.
/// </returns>
/// <exception cref="ArgumentException">The specified <paramref name="algorithm"/> does not match the key corresponding to the key identifier.</exception>
/// <exception cref="CryptographicException">The local cryptographic provider threw an exception.</exception>
/// <exception cref="InvalidOperationException">The key is invalid for the current operation.</exception>
/// <exception cref="NotSupportedException">The operation is not supported with the specified key.</exception>
public virtual async Task <UnwrapResult> UnwrapKeyAsync(KeyWrapAlgorithm algorithm, byte[] encryptedKey, CancellationToken cancellationToken = default)
{
UnwrapResult result = null;
if (_provider.SupportsOperation(KeyOperation.UnwrapKey))
{
result = await _provider.UnwrapKeyAsync(algorithm, encryptedKey, cancellationToken).ConfigureAwait(false);
}
return(result ?? throw LocalCryptographyProvider.CreateOperationNotSupported(nameof(KeyOperation.UnwrapKey)));
}
/// <summary>
/// Decrypts the specified encrypted key.
/// </summary>
/// <param name="algorithm">The <see cref="KeyWrapAlgorithm"/> to use.</param>
/// <param name="encryptedKey">The encrypted key.</param>
/// <param name="cancellationToken">A <see cref="CancellationToken"/> to cancel the operation.</param>
/// <returns>
/// The result of the unwrap operation. The returned <see cref="UnwrapResult"/> contains the key
/// along with information regarding the algorithm and key used to unwrap it.
/// </returns>
/// <exception cref="ArgumentException">The specified <paramref name="algorithm"/> does not match the key corresponding to the key identifier.</exception>
/// <exception cref="CryptographicException">The local cryptographic provider threw an exception.</exception>
/// <exception cref="InvalidOperationException">The key is invalid for the current operation.</exception>
/// <exception cref="NotSupportedException">The operation is not supported with the specified key.</exception>
public virtual UnwrapResult UnwrapKey(KeyWrapAlgorithm algorithm, byte[] encryptedKey, CancellationToken cancellationToken = default)
{
UnwrapResult result = null;
if (_provider.SupportsOperation(KeyOperation.UnwrapKey))
{
result = _provider.UnwrapKey(algorithm, encryptedKey, cancellationToken);
}
return(result ?? throw LocalCryptographyProvider.CreateOperationNotSupported(nameof(KeyOperation.UnwrapKey)));
}
/// <summary>
/// Encrypts the specified plain text.
/// </summary>
/// <param name="algorithm">The <see cref="EncryptionAlgorithm"/> to use.</param>
/// <param name="plaintext">The data to encrypt.</param>
/// <param name="cancellationToken">A <see cref="CancellationToken"/> to cancel the operation.</param>
/// <returns>
/// The result of the encrypt operation. The returned <see cref="EncryptResult"/> contains the encrypted data
/// along with all other information needed to decrypt it. This information should be stored with the encrypted data.
/// </returns>
/// <exception cref="ArgumentException">The specified <paramref name="algorithm"/> does not match the key corresponding to the key identifier.</exception>
/// <exception cref="CryptographicException">The local cryptographic provider threw an exception.</exception>
/// <exception cref="InvalidOperationException">The key is invalid for the current operation.</exception>
/// <exception cref="NotSupportedException">The operation is not supported with the specified key.</exception>
public virtual EncryptResult Encrypt(EncryptionAlgorithm algorithm, byte[] plaintext, CancellationToken cancellationToken = default)
{
EncryptResult result = null;
if (_provider.SupportsOperation(KeyOperation.Encrypt))
{
result = _provider.Encrypt(algorithm, plaintext, cancellationToken);
}
return(result ?? throw LocalCryptographyProvider.CreateOperationNotSupported(nameof(KeyOperation.Encrypt)));
}
/// <summary>
/// Encrypts the specified plain text.
/// </summary>
/// <param name="algorithm">The <see cref="EncryptionAlgorithm"/> to use.</param>
/// <param name="plaintext">The data to encrypt.</param>
/// <param name="cancellationToken">A <see cref="CancellationToken"/> to cancel the operation.</param>
/// <returns>
/// The result of the encrypt operation. The returned <see cref="EncryptResult"/> contains the encrypted data
/// along with all other information needed to decrypt it. This information should be stored with the encrypted data.
/// </returns>
/// <exception cref="ArgumentException">The specified <paramref name="algorithm"/> does not match the key corresponding to the key identifier.</exception>
/// <exception cref="CryptographicException">The local cryptographic provider threw an exception.</exception>
/// <exception cref="InvalidOperationException">The key is invalid for the current operation.</exception>
/// <exception cref="NotSupportedException">The operation is not supported with the specified key.</exception>
public virtual async Task <EncryptResult> EncryptAsync(EncryptionAlgorithm algorithm, byte[] plaintext, CancellationToken cancellationToken = default)
{
EncryptResult result = null;
if (_provider.SupportsOperation(KeyOperation.Encrypt))
{
result = await _provider.EncryptAsync(algorithm, plaintext, cancellationToken).ConfigureAwait(false);
}
return(result ?? throw LocalCryptographyProvider.CreateOperationNotSupported(nameof(KeyOperation.Encrypt)));
}
/// <summary>
/// Encrypts plaintext.
/// </summary>
/// <param name="parameters">An <see cref="EncryptParameters"/> containing the data to encrypt and other parameters for algorithm-dependent encryption.</param>
/// <param name="cancellationToken">A <see cref="CancellationToken"/> to cancel the operation.</param>
/// <returns>
/// The result of the encrypt operation. The returned <see cref="EncryptResult"/> contains the encrypted data
/// along with all other information needed to decrypt it. This information should be stored with the encrypted data.
/// </returns>
/// <exception cref="ArgumentException">The specified algorithm does not match the key corresponding to the key identifier.</exception>
/// <exception cref="ArgumentNullException"><paramref name="parameters"/> is null.</exception>
/// <exception cref="CryptographicException">The local cryptographic provider threw an exception.</exception>
/// <exception cref="InvalidOperationException">The key is invalid for the current operation.</exception>
/// <exception cref="NotSupportedException">The operation is not supported with the specified key.</exception>
public virtual async Task <EncryptResult> EncryptAsync(EncryptParameters parameters, CancellationToken cancellationToken = default)
{
Argument.AssertNotNull(parameters, nameof(parameters));
EncryptResult result = null;
if (_provider.SupportsOperation(KeyOperation.Encrypt))
{
result = await _provider.EncryptAsync(parameters, cancellationToken).ConfigureAwait(false);
}
return(result ?? throw LocalCryptographyProvider.CreateOperationNotSupported(nameof(KeyOperation.Encrypt)));
}
/// <summary>
/// Decrypts the specified ciphertext.
/// </summary>
/// <param name="parameters">A <see cref="DecryptParameters"/> containing the data to decrypt and other parameters for algorithm-dependent decryption.</param>
/// <param name="cancellationToken">A <see cref="CancellationToken"/> to cancel the operation.</param>
/// <returns>
/// The result of the decrypt operation. The returned <see cref="DecryptResult"/> contains the encrypted data
/// along with information regarding the algorithm and key used to decrypt it.
/// </returns>
/// <exception cref="ArgumentException">The specified algorithm does not match the key corresponding to the key identifier.</exception>
/// <exception cref="ArgumentNullException"><paramref name="parameters"/> is null.</exception>
/// <exception cref="CryptographicException">The local cryptographic provider threw an exception.</exception>
/// <exception cref="InvalidOperationException">The key is invalid for the current operation.</exception>
/// <exception cref="NotSupportedException">The operation is not supported with the specified key.</exception>
public virtual DecryptResult Decrypt(DecryptParameters parameters, CancellationToken cancellationToken = default)
{
Argument.AssertNotNull(parameters, nameof(parameters));
DecryptResult result = null;
if (_provider.SupportsOperation(KeyOperation.Decrypt))
{
result = _provider.Decrypt(parameters, cancellationToken);
}
return(result ?? throw LocalCryptographyProvider.CreateOperationNotSupported(nameof(KeyOperation.Decrypt)));
}
/// <summary>
/// Decrypts ciphertext.
/// </summary>
/// <param name="options">A <see cref="DecryptOptions"/> containing the data to decrypt and other options for algorithm-dependent decryption.</param>
/// <param name="cancellationToken">A <see cref="CancellationToken"/> to cancel the operation.</param>
/// <returns>
/// The result of the decrypt operation. The returned <see cref="DecryptResult"/> contains the encrypted data
/// along with information regarding the algorithm and key used to decrypt it.
/// </returns>
/// <exception cref="ArgumentException">The specified algorithm does not match the key corresponding to the key identifier.</exception>
/// <exception cref="ArgumentNullException"><paramref name="options"/> is null.</exception>
/// <exception cref="CryptographicException">The local cryptographic provider threw an exception.</exception>
/// <exception cref="InvalidOperationException">The key is invalid for the current operation.</exception>
/// <exception cref="NotSupportedException">The operation is not supported with the specified key.</exception>
public virtual async Task <DecryptResult> DecryptAsync(DecryptOptions options, CancellationToken cancellationToken = default)
{
Argument.AssertNotNull(options, nameof(options));
DecryptResult result = null;
if (_provider.SupportsOperation(KeyOperation.Decrypt))
{
result = await _provider.DecryptAsync(options, cancellationToken).ConfigureAwait(false);
}
return(result ?? throw LocalCryptographyProvider.CreateOperationNotSupported(nameof(KeyOperation.Decrypt)));
}
/// <summary>
/// Encrypts plaintext.
/// </summary>
/// <param name="options">An <see cref="EncryptOptions"/> containing the data to encrypt and other options for algorithm-dependent encryption.</param>
/// <param name="cancellationToken">A <see cref="CancellationToken"/> to cancel the operation.</param>
/// <returns>
/// The result of the encrypt operation. The returned <see cref="EncryptResult"/> contains the encrypted data
/// along with all other information needed to decrypt it. This information should be stored with the encrypted data.
/// </returns>
/// <exception cref="ArgumentException">The specified algorithm does not match the key corresponding to the key identifier.</exception>
/// <exception cref="ArgumentNullException"><paramref name="options"/> is null.</exception>
/// <exception cref="CryptographicException">The local cryptographic provider threw an exception.</exception>
/// <exception cref="InvalidOperationException">The key is invalid for the current operation.</exception>
/// <exception cref="NotSupportedException">The operation is not supported with the specified key.</exception>
public virtual EncryptResult Encrypt(EncryptOptions options, CancellationToken cancellationToken = default)
{
Argument.AssertNotNull(options, nameof(options));
EncryptResult result = null;
if (_provider.SupportsOperation(KeyOperation.Encrypt))
{
result = _provider.Encrypt(options, cancellationToken);
}
return(result ?? throw LocalCryptographyProvider.CreateOperationNotSupported(nameof(KeyOperation.Encrypt)));
}
/// <summary>
/// Verifies the specified signature.
/// </summary>
/// <param name="algorithm">The <see cref="SignatureAlgorithm"/> to use. This must be the same algorithm used to sign the data.</param>
/// <param name="data">The data corresponding to the signature.</param>
/// <param name="signature">The signature to verify.</param>
/// <param name="cancellationToken">A <see cref="CancellationToken"/> to cancel the operation.</param>
/// <returns>
/// The result of the verify operation. If the signature is valid the <see cref="VerifyResult.IsValid"/> property of the returned <see cref="VerifyResult"/> will be set to true.
/// </returns>
/// <exception cref="ArgumentException">The specified <paramref name="algorithm"/> does not match the key corresponding to the key identifier.</exception>
/// <exception cref="ArgumentNullException"><paramref name="data"/> is null.</exception>
/// <exception cref="CryptographicException">The local cryptographic provider threw an exception.</exception>
/// <exception cref="InvalidOperationException">The key is invalid for the current operation.</exception>
/// <exception cref="NotSupportedException">The operation is not supported with the specified key.</exception>
public virtual VerifyResult VerifyData(SignatureAlgorithm algorithm, Stream data, byte[] signature, CancellationToken cancellationToken = default)
{
Argument.AssertNotNull(data, nameof(data));
VerifyResult result = null;
if (_provider.SupportsOperation(KeyOperation.Verify))
{
byte[] digest = CryptographyClient.CreateDigest(algorithm, data);
result = _provider.Verify(algorithm, digest, signature, cancellationToken);
}
return(result ?? throw LocalCryptographyProvider.CreateOperationNotSupported(nameof(KeyOperation.Verify)));
}
/// <summary>
/// Verifies the specified signature.
/// </summary>
/// <param name="algorithm">The <see cref="SignatureAlgorithm"/> to use. This must be the same algorithm used to sign the data.</param>
/// <param name="data">The data corresponding to the signature.</param>
/// <param name="signature">The signature to verify.</param>
/// <param name="cancellationToken">A <see cref="CancellationToken"/> to cancel the operation.</param>
/// <returns>
/// The result of the verify operation. If the signature is valid the <see cref="VerifyResult.IsValid"/> property of the returned <see cref="VerifyResult"/> will be set to true.
/// </returns>
/// <exception cref="ArgumentException">The specified <paramref name="algorithm"/> does not match the key corresponding to the key identifier.</exception>
/// <exception cref="ArgumentNullException"><paramref name="data"/> is null.</exception>
/// <exception cref="CryptographicException">The local cryptographic provider threw an exception.</exception>
/// <exception cref="InvalidOperationException">The key is invalid for the current operation.</exception>
/// <exception cref="NotSupportedException">The operation is not supported with the specified key.</exception>
public virtual async Task <VerifyResult> VerifyDataAsync(SignatureAlgorithm algorithm, byte[] data, byte[] signature, CancellationToken cancellationToken = default)
{
Argument.AssertNotNull(data, nameof(data));
VerifyResult result = null;
if (_provider.SupportsOperation(KeyOperation.Verify))
{
byte[] digest = CryptographyClient.CreateDigest(algorithm, data);
result = await _provider.VerifyAsync(algorithm, digest, signature, cancellationToken).ConfigureAwait(false);
}
return(result ?? throw LocalCryptographyProvider.CreateOperationNotSupported(nameof(KeyOperation.Verify)));
}