public override DecryptResult Decrypt(DecryptParameters parameters, CancellationToken cancellationToken)
{
Argument.AssertNotNull(parameters, nameof(parameters));
if (MustRemote)
{
// A private key is required to decrypt. Send to the server.
KeysEventSource.Singleton.PrivateKeyRequired(nameof(Decrypt));
return(null);
}
EncryptionAlgorithm algorithm = parameters.Algorithm;
RSAEncryptionPadding padding = algorithm.GetRsaEncryptionPadding();
if (padding is null)
{
KeysEventSource.Singleton.AlgorithmNotSupported(nameof(Decrypt), algorithm);
return(null);
}
byte[] plaintext = Decrypt(parameters.Ciphertext, padding);
DecryptResult result = null;
if (plaintext != null)
{
result = new DecryptResult
{
Algorithm = algorithm,
KeyId = KeyMaterial.Id,
Plaintext = plaintext,
};
}
return(result);
}
/// <summary>
/// Decrypts the specified cipher text.
/// </summary>
/// <param name="algorithm">The <see cref="EncryptionAlgorithm"/> to use.</param>
/// <param name="ciphertext">The encrypted data to decrypt.</param>
/// <param name="cancellationToken">A <see cref="CancellationToken"/> to cancel the operation.</param>
/// <returns>
/// The result of the decrypt operation. The returned <see cref="DecryptResult"/> contains the encrypted data
/// along with information regarding the algorithm and key used to decrypt it.
/// </returns>
/// <exception cref="ArgumentException">The specified <paramref name="algorithm"/> does not match the key corresponding to the key identifier.</exception>
/// <exception cref="CryptographicException">The local cryptographic provider threw an exception.</exception>
/// <exception cref="InvalidOperationException">The key is invalid for the current operation.</exception>
/// <exception cref="NotSupportedException">The operation is not supported with the specified key.</exception>
public virtual DecryptResult Decrypt(EncryptionAlgorithm algorithm, byte[] ciphertext, CancellationToken cancellationToken = default)
{
DecryptResult result = null;
if (_provider.SupportsOperation(KeyOperation.Decrypt))
{
result = _provider.Decrypt(algorithm, ciphertext, cancellationToken);
}
return(result ?? throw LocalCryptographyProvider.CreateOperationNotSupported(nameof(KeyOperation.Decrypt)));
}
/// <summary>
/// Decrypts the specified cipher text.
/// </summary>
/// <param name="algorithm">The <see cref="EncryptionAlgorithm"/> to use.</param>
/// <param name="ciphertext">The encrypted data to decrypt.</param>
/// <param name="cancellationToken">A <see cref="CancellationToken"/> to cancel the operation.</param>
/// <returns>
/// The result of the decrypt operation. The returned <see cref="DecryptResult"/> contains the encrypted data
/// along with information regarding the algorithm and key used to decrypt it.
/// </returns>
/// <exception cref="ArgumentException">The specified <paramref name="algorithm"/> does not match the key corresponding to the key identifier.</exception>
/// <exception cref="CryptographicException">The local cryptographic provider threw an exception.</exception>
/// <exception cref="InvalidOperationException">The key is invalid for the current operation.</exception>
/// <exception cref="NotSupportedException">The operation is not supported with the specified key.</exception>
public virtual async Task <DecryptResult> DecryptAsync(EncryptionAlgorithm algorithm, byte[] ciphertext, CancellationToken cancellationToken = default)
{
DecryptResult result = null;
if (_provider.SupportsOperation(KeyOperation.Decrypt))
{
result = await _provider.DecryptAsync(algorithm, ciphertext, cancellationToken).ConfigureAwait(false);
}
return(result ?? throw LocalCryptographyProvider.CreateOperationNotSupported(nameof(KeyOperation.Decrypt)));
}
/// <summary>
/// Decrypts the specified ciphertext.
/// </summary>
/// <param name="parameters">A <see cref="DecryptParameters"/> containing the data to decrypt and other parameters for algorithm-dependent decryption.</param>
/// <param name="cancellationToken">A <see cref="CancellationToken"/> to cancel the operation.</param>
/// <returns>
/// The result of the decrypt operation. The returned <see cref="DecryptResult"/> contains the encrypted data
/// along with information regarding the algorithm and key used to decrypt it.
/// </returns>
/// <exception cref="ArgumentException">The specified algorithm does not match the key corresponding to the key identifier.</exception>
/// <exception cref="ArgumentNullException"><paramref name="parameters"/> is null.</exception>
/// <exception cref="CryptographicException">The local cryptographic provider threw an exception.</exception>
/// <exception cref="InvalidOperationException">The key is invalid for the current operation.</exception>
/// <exception cref="NotSupportedException">The operation is not supported with the specified key.</exception>
public virtual DecryptResult Decrypt(DecryptParameters parameters, CancellationToken cancellationToken = default)
{
Argument.AssertNotNull(parameters, nameof(parameters));
DecryptResult result = null;
if (_provider.SupportsOperation(KeyOperation.Decrypt))
{
result = _provider.Decrypt(parameters, cancellationToken);
}
return(result ?? throw LocalCryptographyProvider.CreateOperationNotSupported(nameof(KeyOperation.Decrypt)));
}
/// <summary>
/// Decrypts ciphertext.
/// </summary>
/// <param name="parameters">A <see cref="DecryptParameters"/> containing the data to decrypt and other parameters for algorithm-dependent decryption.</param>
/// <param name="cancellationToken">A <see cref="CancellationToken"/> to cancel the operation.</param>
/// <returns>
/// The result of the decrypt operation. The returned <see cref="DecryptResult"/> contains the encrypted data
/// along with information regarding the algorithm and key used to decrypt it.
/// </returns>
/// <exception cref="ArgumentException">The specified algorithm does not match the key corresponding to the key identifier.</exception>
/// <exception cref="ArgumentNullException"><paramref name="parameters"/> is null.</exception>
/// <exception cref="CryptographicException">The local cryptographic provider threw an exception.</exception>
/// <exception cref="InvalidOperationException">The key is invalid for the current operation.</exception>
/// <exception cref="NotSupportedException">The operation is not supported with the specified key.</exception>
public virtual async Task <DecryptResult> DecryptAsync(DecryptParameters parameters, CancellationToken cancellationToken = default)
{
Argument.AssertNotNull(parameters, nameof(parameters));
DecryptResult result = null;
if (_provider.SupportsOperation(KeyOperation.Decrypt))
{
result = await _provider.DecryptAsync(parameters, cancellationToken).ConfigureAwait(false);
}
return(result ?? throw LocalCryptographyProvider.CreateOperationNotSupported(nameof(KeyOperation.Decrypt)));
}
public override DecryptResult Decrypt(EncryptionAlgorithm algorithm, byte[] ciphertext, CancellationToken cancellationToken)
{
Argument.AssertNotNull(ciphertext, nameof(ciphertext));
RSAEncryptionPadding padding = algorithm.GetRsaEncryptionPadding();
byte[] plaintext = Decrypt(ciphertext, padding);
DecryptResult result = null;
if (plaintext != null)
{
result = new DecryptResult
{
Algorithm = algorithm,
KeyId = KeyMaterial.Id,
Plaintext = plaintext,
};
}
return(result);
}
public DecryptResult Decrypt(EncryptionAlgorithm algorithm, byte[] ciphertext, byte[] iv, byte[] authenticationData, byte[] authenticationTag, CancellationToken cancellationToken)
{
Argument.AssertNotNull(ciphertext, nameof(ciphertext));
RSAEncryptionPadding padding = algorithm.GetRsaEncryptionPadding();
byte[] plaintext = Decrypt(ciphertext, padding);
DecryptResult result = null;
if (plaintext != null)
{
result = new DecryptResult
{
Algorithm = algorithm,
KeyId = _jwk.Id,
Plaintext = plaintext,
};
}
return(result);
}
public virtual Task <DecryptResult> DecryptAsync(DecryptParameters parameters, CancellationToken cancellationToken = default)
{
DecryptResult result = Decrypt(parameters, cancellationToken);
return(Task.FromResult(result));
}
public virtual Task <DecryptResult> DecryptAsync(EncryptionAlgorithm algorithm, byte[] ciphertext, CancellationToken cancellationToken = default)
{
DecryptResult result = Decrypt(algorithm, ciphertext, cancellationToken);
return(Task.FromResult(result));
}
public Task <DecryptResult> DecryptAsync(EncryptionAlgorithm algorithm, byte[] ciphertext, byte[] iv, byte[] authenticationData, byte[] authenticationTag, CancellationToken cancellationToken)
{
DecryptResult result = Decrypt(algorithm, ciphertext, iv, authenticationData, authenticationTag, cancellationToken);
return(Task.FromResult(result));
}
public virtual Task <DecryptResult> DecryptAsync(DecryptOptions options, CancellationToken cancellationToken = default)
{
DecryptResult result = Decrypt(options, cancellationToken);
return(Task.FromResult(result));
}