public override UnwrapResult UnwrapKey(KeyWrapAlgorithm algorithm, byte[] encryptedKey, CancellationToken cancellationToken)
{
Argument.AssertNotNull(encryptedKey, nameof(encryptedKey));
if (MustRemote)
{
// A private key is required to decrypt. Send to the server.
KeysEventSource.Singleton.PrivateKeyRequired(nameof(UnwrapKey));
return(null);
}
RSAEncryptionPadding padding = algorithm.GetRsaEncryptionPadding();
if (padding is null)
{
KeysEventSource.Singleton.AlgorithmNotSupported(nameof(UnwrapKey), algorithm);
return(null);
}
byte[] key = Decrypt(encryptedKey, padding);
UnwrapResult result = null;
if (key != null)
{
result = new UnwrapResult
{
Algorithm = algorithm,
Key = key,
KeyId = KeyMaterial.Id,
};
}
return(result);
}
public override WrapResult WrapKey(KeyWrapAlgorithm algorithm, byte[] key, CancellationToken cancellationToken)
{
Argument.AssertNotNull(key, nameof(key));
ThrowIfTimeInvalid();
RSAEncryptionPadding padding = algorithm.GetRsaEncryptionPadding();
if (padding is null)
{
KeysEventSource.Singleton.AlgorithmNotSupported(nameof(WrapKey), algorithm);
return(null);
}
byte[] encryptedKey = Encrypt(key, padding);
WrapResult result = null;
if (encryptedKey != null)
{
result = new WrapResult
{
Algorithm = algorithm,
EncryptedKey = encryptedKey,
KeyId = KeyMaterial.Id,
};
}
return(result);
}
public UnwrapResult UnwrapKey(KeyWrapAlgorithm algorithm, byte[] encryptedKey, CancellationToken cancellationToken)
{
Argument.AssertNotNull(encryptedKey, nameof(encryptedKey));
RSAEncryptionPadding padding = algorithm.GetRsaEncryptionPadding();
byte[] key = Decrypt(encryptedKey, padding);
return(new UnwrapResult
{
Algorithm = algorithm,
Key = key,
KeyId = _jwk.KeyId,
});
}
public override UnwrapResult UnwrapKey(KeyWrapAlgorithm algorithm, byte[] encryptedKey, CancellationToken cancellationToken)
{
Argument.AssertNotNull(encryptedKey, nameof(encryptedKey));
RSAEncryptionPadding padding = algorithm.GetRsaEncryptionPadding();
byte[] key = Decrypt(encryptedKey, padding);
UnwrapResult result = null;
if (key != null)
{
result = new UnwrapResult
{
Algorithm = algorithm,
Key = key,
KeyId = KeyMaterial.Id,
};
}
return(result);
}
public WrapResult WrapKey(KeyWrapAlgorithm algorithm, byte[] key, CancellationToken cancellationToken)
{
Argument.AssertNotNull(key, nameof(key));
RSAEncryptionPadding padding = algorithm.GetRsaEncryptionPadding();
byte[] encryptedKey = Encrypt(key, padding);
WrapResult result = null;
if (encryptedKey != null)
{
result = new WrapResult
{
Algorithm = algorithm,
EncryptedKey = encryptedKey,
KeyId = _jwk.Id,
};
}
return(result);
}
