/// <summary> /// Initializes a new instance of the <see cref="AeadAes256CbcHmac256EncryptionAlgorithm"/> class. /// </summary> /// <param name="dataEncryptionKey">an encryption key is used to encrypt data</param> /// <param name="encryptionType">Determines whether this algorithm should work in Deterministic mode or Randomized mode.</param> public AeadAes256CbcHmac256EncryptionAlgorithm(DataEncryptionKey dataEncryptionKey, EncryptionType encryptionType) { ValidateEncryptionKeySize(dataEncryptionKey.RootKeyBytes.Length); this.dataEncryptionKey = dataEncryptionKey; isDeterministicEncryptionType = encryptionType == Deterministic; }
/// <summary> /// Returns a cached instance of the <see cref="AeadAes256CbcHmac256EncryptionAlgorithm"/> or, if not present, creates a new one. /// </summary> /// <param name="dataEncryptionKey">The encryption key that is used to encrypt data.</param> /// <param name="encryptionType">The type of encryption.</param> /// <returns>An <see cref="AeadAes256CbcHmac256EncryptionAlgorithm"/> object.</returns> public static AeadAes256CbcHmac256EncryptionAlgorithm GetOrCreate(DataEncryptionKey dataEncryptionKey, EncryptionType encryptionType) { dataEncryptionKey.ValidateNotNull(nameof(dataEncryptionKey)); return(algorithmCache.GetOrCreate( key: Tuple.Create(dataEncryptionKey, encryptionType), createItem: () => new AeadAes256CbcHmac256EncryptionAlgorithm(dataEncryptionKey, encryptionType) )); }
/// <summary> /// Decrypts the provided <paramref name="ciphertext"/> value using the provided <see cref="DataEncryptionKey"/>. /// </summary> /// <typeparam name="T">The plaintext value <see cref="Type"/>.</typeparam> /// <param name="ciphertext">The encrypted value.</param> /// <param name="encryptionKey">The key used to decrypt the <paramref name="ciphertext"/> value.</param> /// <returns>The decrypted <paramref name="ciphertext"/> value.</returns> /// <remarks> /// This method decrypts data that was encrypted using <see cref="EncryptionType.Randomized"/> encryption and the /// default serializer registered under type <typeparamref name="T"/> with the <see cref="StandardSerializerFactory"/> /// </remarks> /// <exception cref="MicrosoftDataEncryptionException"><paramref name="encryptionKey"/> is null.</exception> public static T Decrypt <T>(this byte[] ciphertext, DataEncryptionKey encryptionKey) { encryptionKey.ValidateNotNull(nameof(encryptionKey)); DataProtector encryptionAlgorithm = AeadAes256CbcHmac256EncryptionAlgorithm.GetOrCreate(encryptionKey, EncryptionType.Randomized); Serializer <T> serializer = StandardSerializerFactory.Default.GetDefaultSerializer <T>(); byte[] plaintextData = encryptionAlgorithm.Decrypt(ciphertext); return(serializer.Deserialize(plaintextData)); }
/// <summary> /// Encrypts each plaintext value of a sequence using the provided <see cref="DataEncryptionKey"/>. /// </summary> /// <typeparam name="T">The type of the plaintext elements of <paramref name="source"/>.</typeparam> /// <param name="source">A sequence of values to encrypt.</param> /// <param name="encryptionKey">The key used to encrypt the plaintext values of <paramref name="source"/>.</param> /// <returns>An <see cref="IEnumerable{T}"/> of <see cref="T:Byte[]"/> whose elements are the result of encrypting each element of <paramref name="source"/>.</returns> /// <remarks> /// This method encrypts using <see cref="EncryptionType.Randomized"/> encryption and the /// default serializer registered under type <typeparamref name="T"/> with the <see cref="StandardSerializerFactory"/> /// </remarks> /// <exception cref="MicrosoftDataEncryptionException"><paramref name="encryptionKey"/> is null.</exception> public static IEnumerable <byte[]> Encrypt <T>(this IEnumerable <T> source, DataEncryptionKey encryptionKey) { encryptionKey.ValidateNotNull(nameof(encryptionKey)); DataProtector encryptionAlgorithm = AeadAes256CbcHmac256EncryptionAlgorithm.GetOrCreate(encryptionKey, EncryptionType.Randomized); Serializer <T> serializer = StandardSerializerFactory.Default.GetDefaultSerializer <T>(); foreach (T item in source) { byte[] serializedData = serializer.Serialize(item); yield return(encryptionAlgorithm.Encrypt(serializedData)); } }
/// <summary> /// Decrypts each ciphertext value of a sequence using the provided <see cref="DataEncryptionKey"/>. /// </summary> /// <typeparam name="T">The type of the plaintext elements of <paramref name="source"/></typeparam> /// <param name="source">A sequence of encrypted values to decrypt.</param> /// <param name="encryptionKey">The key used to decrypt the ciphertext values of <paramref name="source"/>.</param> /// <returns>An <see cref="IEnumerable{T}"/> whose elements are the result of decrypting each element of <paramref name="source"/>.</returns> /// <remarks> /// This method decrypts data that was encrypted using <see cref="EncryptionType.Randomized"/> encryption and the /// default serializer registered under type <typeparamref name="T"/> with the <see cref="StandardSerializerFactory"/> /// </remarks> /// <exception cref="MicrosoftDataEncryptionException"><paramref name="encryptionKey"/> is null.</exception> public static IEnumerable <T> Decrypt <T>(this IEnumerable <byte[]> source, DataEncryptionKey encryptionKey) { encryptionKey.ValidateNotNull(nameof(encryptionKey)); DataProtector encryptionAlgorithm = AeadAes256CbcHmac256EncryptionAlgorithm.GetOrCreate(encryptionKey, EncryptionType.Randomized); Serializer <T> serializer = StandardSerializerFactory.Default.GetDefaultSerializer <T>(); StandardSerializerFactory myFactory = new StandardSerializerFactory(); myFactory.RegisterSerializer(typeof(string), new SqlNCharSerializer()); foreach (byte[] item in source) { byte[] plaintextData = encryptionAlgorithm.Decrypt(item); yield return(serializer.Deserialize(plaintextData)); } }
/// <summary> /// Initializes a new instance of the <see cref="EncryptionSettings{T}"/> class. /// </summary> /// <param name="dataEncryptionKey">An encryption key is used to encrypt and decrypt data.</param> /// <param name="encryptionType">The type of encryption.</param> /// <param name="serializer">A serializer is used for serializing and deserializing data objects to and from an array of bytes.</param> public EncryptionSettings(DataEncryptionKey dataEncryptionKey, EncryptionType encryptionType, Serializer <T> serializer) { DataEncryptionKey = dataEncryptionKey; EncryptionType = encryptionType; Serializer = serializer; }
/// <summary> /// Initializes a new instance of the <see cref="EncryptionSettings{T}"/> class. /// </summary> /// <param name="dataEncryptionKey">An encryption key is used to encrypt and decrypt data.</param> /// <param name="serializer">A serializer is used for serializing and deserializing data objects to and from an array of bytes.</param> public EncryptionSettings(DataEncryptionKey dataEncryptionKey, Serializer <T> serializer) : this(dataEncryptionKey, GetDefaultEncryptionType(dataEncryptionKey), serializer) { }
/// <summary> /// Initializes a new instance of the <see cref="AeadAes256CbcHmac256EncryptionAlgorithm"/> class. /// </summary> /// <param name="dataEncryptionKey">an encryption key is used to encrypt data</param> /// <param name="encryptionType">Determines whether this algorithm should work in Deterministic mode or Randomized mode.</param> public AeadAes256CbcHmac256EncryptionAlgorithm(DataEncryptionKey dataEncryptionKey, EncryptionType encryptionType) { this.dataEncryptionKey = dataEncryptionKey; isDeterministicEncryptionType = encryptionType == Deterministic; }