// Note: input and output are allowed to be the same buffer. BCryptDecrypt will correctly do the decryption in place according to CNG documentation.
public static int BCryptDecrypt(this SafeKeyHandleBCrypt hKey, byte[] input, int inputOffset, int inputCount, byte[] iv, byte[] output, int outputOffset, int outputCount)
{
Debug.Assert(input != null);
Debug.Assert(inputOffset >= 0);
Debug.Assert(inputCount >= 0);
Debug.Assert(inputCount <= input.Length - inputOffset);
Debug.Assert(output != null);
Debug.Assert(outputOffset >= 0);
Debug.Assert(outputCount >= 0);
Debug.Assert(outputCount <= output.Length - outputOffset);
unsafe
{
fixed(byte *pbInput = input)
{
fixed(byte *pbOutput = output)
{
int cbResult;
NTSTATUS ntStatus = Interop.BCryptDecrypt(hKey, pbInput + inputOffset, inputCount, IntPtr.Zero, iv, iv == null ? 0 : iv.Length, pbOutput + outputOffset, outputCount, out cbResult, 0);
if (ntStatus != NTSTATUS.STATUS_SUCCESS)
{
throw CreateCryptographicException(ntStatus);
}
return(cbResult);
}
}
}
}
public static extern unsafe NTSTATUS BCryptDecrypt(SafeKeyHandleBCrypt hKey, byte *pbInput, int cbInput, IntPtr paddingInfo, [In, Out] byte[] pbIV, int cbIV, byte *pbOutput, int cbOutput, out int cbResult, int dwFlags);
public static extern NTSTATUS BCryptImportKey(SafeAlgorithmHandle hAlgorithm, IntPtr hImportKey, string pszBlobType, out SafeKeyHandleBCrypt hKey, IntPtr pbKeyObject, int cbKeyObject, byte[] pbInput, int cbInput, int dwFlags);