private static void TestEncryptDecryptRoundTrip(byte[] plainText, RSAEncryptionPadding paddingMode, int expectedCipherSize)
{
using (RSA rsaCng = new RSACng())
{
byte[] cipher = rsaCng.Encrypt(plainText, paddingMode);
// RSACng.Encrypt() is intentionally non-deterministic so we can verify that we got back a cipher of the right length
// but nothing about the contents.
Assert.Equal(expectedCipherSize, cipher.Length);
// But we can test to see that it decrypts back to the original.
byte[] plainTextAgain = rsaCng.Decrypt(cipher, paddingMode);
Assert.Equal<byte>(plainText, plainTextAgain);
}
}
/// <summary>
/// Encrypt the text using specified CNG key.
/// </summary>
/// <param name="rsaCngProvider">RSA CNG Provider.</param>
/// <param name="columnEncryptionKey">Plain text Column Encryption Key.</param>
/// <returns>Returns an encrypted blob or throws an exception if there are any errors.</returns>
private byte[] RSAEncrypt(RSACng rsaCngProvider, byte[] columnEncryptionKey)
{
Debug.Assert(columnEncryptionKey != null);
Debug.Assert(rsaCngProvider != null);
return rsaCngProvider.Encrypt(columnEncryptionKey, RSAEncryptionPadding.OaepSHA1);
}
static byte[] Encrypt(CngKey key, byte[] plainText)
{
var rsa = new RSACng(key);
return rsa.Encrypt(plainText, RSAEncryptionPadding.Pkcs1);
}