/// <summary> /// Performs the TPM-defined CFB encrypt using the associated algorithm. This routine assumes that /// the integrity value has been prepended. /// </summary> /// <param name="x"></param> /// <param name="iv"></param> /// <returns></returns> public byte[] Encrypt(byte[] data, byte[] iv = null) { byte[] paddedData; int unpadded = data.Length % BlockSize; paddedData = unpadded == 0 ? data : Globs.AddZeroToEnd(data, BlockSize - unpadded); #if TSS_USE_BCRYPT paddedData = Key.Encrypt(paddedData, null, iv ?? IV); #else if (iv != null && iv.Length > 0) { Alg.IV = iv; } ICryptoTransform enc = Alg.CreateEncryptor(); using (var outStream = new MemoryStream()) { var s = new CryptoStream(outStream, enc, CryptoStreamMode.Write); s.Write(paddedData, 0, paddedData.Length); s.FlushFinalBlock(); paddedData = outStream.ToArray(); } #endif return(unpadded == 0 ? paddedData : Globs.CopyData(paddedData, 0, data.Length)); }
/// <summary> /// Encrypt dataToEncrypt using the specified encodingParams (RSA only). /// </summary> /// <param name="plainText"></param> /// <param name="label"></param> /// <returns></returns> public byte[] EncryptOaep(byte[] plainText, byte[] label) { if (plainText == null) { plainText = new byte[0]; } if (label == null) { label = new byte[0]; } #if TSS_USE_BCRYPT var paddingInfo = new BCryptOaepPaddingInfo(OaepHash, label); byte[] cipherText = Key.Encrypt(plainText, paddingInfo); #elif false var rr = new RawRsa(RsaProvider.ExportParameters(false), RsaProvider.KeySize); byte[] cipherText = rr.OaepEncrypt(plainText, OaepHash, label); #else RSAParameters parms = RsaProvider.ExportParameters(false); var alg = new BCryptAlgorithm(Native.BCRYPT_RSA_ALGORITHM); var key = alg.LoadRSAKey(parms.Exponent, parms.Modulus); var paddingInfo = new BCryptOaepPaddingInfo(OaepHash, label); byte[] cipherText = key.Encrypt(plainText, paddingInfo); key.Destroy(); alg.Close(); #endif return(cipherText); }
/// <summary> /// Performs the TPM-defined CFB encrypt using the associated algorithm. /// This routine assumes that the integrity value has been prepended. /// </summary> /// <param name="data"></param> /// <param name="iv"></param> /// <returns></returns> public byte[] Encrypt(byte[] data, byte[] iv = null) { byte[] paddedData; int unpadded = data.Length % BlockSize; paddedData = unpadded == 0 ? data : Globs.AddZeroToEnd(data, BlockSize - unpadded); #if TSS_USE_BCRYPT paddedData = Key.Encrypt(paddedData, null, iv ?? IV); #else bool externalIV = iv != null && iv.Length > 0; if (externalIV) { Alg.IV = iv; } ICryptoTransform enc = Alg.CreateEncryptor(); using (var outStream = new MemoryStream()) { var s = new CryptoStream(outStream, enc, CryptoStreamMode.Write); s.Write(paddedData, 0, paddedData.Length); s.FlushFinalBlock(); paddedData = outStream.ToArray(); } if (externalIV) { var src = data; var res = paddedData; if (res.Length > iv.Length) { src = Globs.CopyData(data, src.Length - iv.Length, iv.Length); res = Globs.CopyData(paddedData, res.Length - iv.Length, iv.Length); } switch (Alg.Mode) { case CipherMode.CBC: case CipherMode.CFB: res.CopyTo(iv, 0); break; case CipherMode.OFB: XorEngine.Xor(res, src).CopyTo(iv, 0); break; case CipherMode.ECB: break; case CipherMode.CTS: Globs.Throw <ArgumentException>("Encrypt: Unsupported symmetric mode"); break; } } #endif return(unpadded == 0 ? paddedData : Globs.CopyData(paddedData, 0, data.Length)); }