/// <summary>
/// Performs the TPM-defined CFB encrypt using the associated algorithm. This routine assumes that
/// the integrity value has been prepended.
/// </summary>
/// <param name="x"></param>
/// <param name="iv"></param>
/// <returns></returns>
public byte[] Encrypt(byte[] data, byte[] iv = null)
{
byte[] paddedData;
int unpadded = data.Length % BlockSize;
paddedData = unpadded == 0 ? data : Globs.AddZeroToEnd(data, BlockSize - unpadded);
#if TSS_USE_BCRYPT
paddedData = Key.Encrypt(paddedData, null, iv ?? IV);
#else
if (iv != null && iv.Length > 0)
{
Alg.IV = iv;
}
ICryptoTransform enc = Alg.CreateEncryptor();
using (var outStream = new MemoryStream())
{
var s = new CryptoStream(outStream, enc, CryptoStreamMode.Write);
s.Write(paddedData, 0, paddedData.Length);
s.FlushFinalBlock();
paddedData = outStream.ToArray();
}
#endif
return(unpadded == 0 ? paddedData : Globs.CopyData(paddedData, 0, data.Length));
}
public byte[] Decrypt(byte[] data, byte[] iv = null)
{
byte[] paddedData;
int unpadded = data.Length % BlockSize;
paddedData = unpadded == 0 ? data : Globs.AddZeroToEnd(data, BlockSize - unpadded);
#if TSS_USE_BCRYPT
paddedData = Key.Decrypt(paddedData, null, iv ?? IV);
return(Globs.CopyData(paddedData, 0, data.Length));
#else
bool externalIV = iv != null && iv.Length > 0;
if (externalIV)
{
Alg.IV = iv;
}
var tempOut = new byte[data.Length];
ICryptoTransform dec = Alg.CreateDecryptor();
using (var outStream = new MemoryStream(paddedData))
{
var s = new CryptoStream(outStream, dec, CryptoStreamMode.Read);
int numPlaintextBytes = s.Read(tempOut, 0, data.Length);
Debug.Assert(numPlaintextBytes == data.Length);
}
if (externalIV)
{
var src = data;
var res = tempOut;
if (res.Length > iv.Length)
{
src = Globs.CopyData(paddedData, src.Length - iv.Length, iv.Length);
res = Globs.CopyData(tempOut, res.Length - iv.Length, iv.Length);
}
switch (Alg.Mode)
{
case CipherMode.CBC:
case CipherMode.CFB:
src.CopyTo(iv, 0);
break;
case CipherMode.OFB:
XorEngine.Xor(res, src).CopyTo(iv, 0);
break;
case CipherMode.ECB:
break;
case CipherMode.CTS:
Globs.Throw <ArgumentException>("Decrypt: Unsupported symmetric mode");
break;
}
}
return(tempOut);
#endif
}
/// <summary>
/// Performs the TPM-defined CFB encrypt using the associated algorithm.
/// This routine assumes that the integrity value has been prepended.
/// </summary>
/// <param name="data"></param>
/// <param name="iv"></param>
/// <returns></returns>
public byte[] Encrypt(byte[] data, byte[] iv = null)
{
byte[] paddedData;
int unpadded = data.Length % BlockSize;
paddedData = unpadded == 0 ? data : Globs.AddZeroToEnd(data, BlockSize - unpadded);
#if TSS_USE_BCRYPT
paddedData = Key.Encrypt(paddedData, null, iv ?? IV);
#else
bool externalIV = iv != null && iv.Length > 0;
if (externalIV)
{
Alg.IV = iv;
}
ICryptoTransform enc = Alg.CreateEncryptor();
using (var outStream = new MemoryStream())
{
var s = new CryptoStream(outStream, enc, CryptoStreamMode.Write);
s.Write(paddedData, 0, paddedData.Length);
s.FlushFinalBlock();
paddedData = outStream.ToArray();
}
if (externalIV)
{
var src = data;
var res = paddedData;
if (res.Length > iv.Length)
{
src = Globs.CopyData(data, src.Length - iv.Length, iv.Length);
res = Globs.CopyData(paddedData, res.Length - iv.Length, iv.Length);
}
switch (Alg.Mode)
{
case CipherMode.CBC:
case CipherMode.CFB:
res.CopyTo(iv, 0);
break;
case CipherMode.OFB:
XorEngine.Xor(res, src).CopyTo(iv, 0);
break;
case CipherMode.ECB:
break;
case CipherMode.CTS:
Globs.Throw <ArgumentException>("Encrypt: Unsupported symmetric mode");
break;
}
}
#endif
return(unpadded == 0 ? paddedData : Globs.CopyData(paddedData, 0, data.Length));
}
public byte[] Decrypt(byte[] data, byte[] iv = null)
{
byte[] paddedData;
int unpadded = data.Length % BlockSize;
paddedData = unpadded == 0 ? data : Globs.AddZeroToEnd(data, BlockSize - unpadded);
IBuffer buf = CryptographicEngine.Decrypt(Key, CryptographicBuffer.CreateFromByteArray(paddedData), CryptographicBuffer.CreateFromByteArray(iv ?? IV));
CryptographicBuffer.CopyToByteArray(buf, out paddedData);
return(paddedData);
}
public byte[] Decrypt(byte[] data, byte[] iv = null)
{
byte[] paddedData;
int unpadded = data.Length % BlockSize;
paddedData = unpadded == 0 ? data : Globs.AddZeroToEnd(data, BlockSize - unpadded);
#if TSS_USE_BCRYPT
paddedData = Key.Decrypt(paddedData, null, iv ?? IV);
return(Globs.CopyData(paddedData, 0, data.Length));
#else
ICryptoTransform dec = Alg.CreateDecryptor();
using (var outStream = new MemoryStream(paddedData))
{
var s = new CryptoStream(outStream, dec, CryptoStreamMode.Read);
var tempOut = new byte[data.Length];
int numPlaintextBytes = s.Read(tempOut, 0, data.Length);
Debug.Assert(numPlaintextBytes == data.Length);
return(tempOut);
}
#endif
}