public static byte[] EncryptByteBlock(byte[] dataToEncrypt, byte[] password)
{
if (dataToEncrypt == null)
{
throw new ArgumentNullException("dataToEncrypt");
}
if (password == null)
{
throw new ArgumentNullException("password");
}
var aes = new Aes();
using (var rngCsp = new RNGCryptoServiceProvider())
{
var salt = new byte[32];
rngCsp.GetBytes(salt);
var compressed = Compressor.Compress(dataToEncrypt);
var encrpytedMessage = aes.Encrypt(compressed, password, salt, PBKDF2_ITERATIONS);
var fullMessage = ByteHelpers.Combine(salt, encrpytedMessage);
return(fullMessage);
}
}
private static byte[] CreateHmac(byte[] salt, AesCryptoServiceProvider aes, byte[] encryptedMessage)
{
using (var hmacsha256 = new HMACSHA256(aes.Key))
{
var messagePlusSalt = ByteHelpers.Combine(encryptedMessage, salt);
return(hmacsha256.ComputeHash(messagePlusSalt));
}
}
public byte[] Encrypt(byte[] dataToEncrypt, byte[] password, byte[] salt, int pbkdfRounds)
{
if (dataToEncrypt == null)
{
throw new ArgumentNullException("dataToEncrypt");
}
if (dataToEncrypt.Length == 0)
{
throw new InvalidOperationException("dataToEncrypt");
}
if (password == null)
{
throw new ArgumentNullException("password");
}
try
{
using (var rfc2898 = new Rfc2898DeriveBytes(password, salt, pbkdfRounds))
{
using (var aes = new AesCryptoServiceProvider())
{
aes.Mode = CipherMode.CBC;
aes.Padding = PaddingMode.PKCS7;
aes.Key = rfc2898.GetBytes(32);
aes.IV = rfc2898.GetBytes(16);
using (var memoryStream = new MemoryStream())
{
var cryptoStream = new CryptoStream(memoryStream, aes.CreateEncryptor(), CryptoStreamMode.Write);
cryptoStream.Write(dataToEncrypt, 0, dataToEncrypt.Length);
cryptoStream.FlushFinalBlock();
var encryptedMessage = memoryStream.ToArray();
byte[] hmac = CreateHmac(salt, aes, encryptedMessage);
byte[] messagePlusHmac = ByteHelpers.Combine(hmac, encryptedMessage);
return(messagePlusHmac);
}
}
}
}
catch
{
return(null);
}
}