private byte[] EncryptContent(
ContentInfo contentInfo,
AlgorithmIdentifier contentEncryptionAlgorithm,
out byte[] cek,
out byte[] parameterBytes)
{
using (SymmetricAlgorithm alg = OpenAlgorithm(contentEncryptionAlgorithm))
using (ICryptoTransform encryptor = alg.CreateEncryptor())
{
cek = alg.Key;
if (alg is RC2)
{
Rc2CbcParameters rc2Params = new Rc2CbcParameters(alg.IV, alg.KeySize);
using (AsnWriter writer = AsnSerializer.Serialize(rc2Params, AsnEncodingRules.DER))
{
parameterBytes = writer.Encode();
}
}
else
{
parameterBytes = EncodeOctetString(alg.IV);
}
byte[] toEncrypt = contentInfo.Content;
if (contentInfo.ContentType.Value == Oids.Pkcs7Data)
{
toEncrypt = EncodeOctetString(toEncrypt);
}
return(encryptor.OneShot(toEncrypt));
}
}
private byte[] EncryptContent(
ContentInfo contentInfo,
AlgorithmIdentifier contentEncryptionAlgorithm,
out byte[] cek,
out byte[] parameterBytes)
{
using (SymmetricAlgorithm alg = OpenAlgorithm(contentEncryptionAlgorithm))
using (ICryptoTransform encryptor = alg.CreateEncryptor())
{
cek = alg.Key;
if (alg is RC2)
{
Rc2CbcParameters rc2Params = new Rc2CbcParameters(alg.IV, alg.KeySize);
using (AsnWriter writer = new AsnWriter(AsnEncodingRules.DER))
{
rc2Params.Encode(writer);
parameterBytes = writer.Encode();
}
}
else
{
parameterBytes = EncodeOctetString(alg.IV);
}
byte[] toEncrypt = contentInfo.Content;
if (contentInfo.ContentType.Value == Oids.Pkcs7Data)
{
toEncrypt = EncodeOctetString(toEncrypt);
return(encryptor.OneShot(toEncrypt));
}
else
{
if (contentInfo.Content.Length == 0)
{
return(encryptor.OneShot(contentInfo.Content));
}
else
{
AsnReader reader = new AsnReader(contentInfo.Content, AsnEncodingRules.BER);
return(encryptor.OneShot(reader.PeekContentBytes().ToArray()));
}
}
}
}
private static byte[]? DecryptContent(
ReadOnlyMemory <byte> encryptedContent,
byte[] cek,
AlgorithmIdentifierAsn contentEncryptionAlgorithm,
out Exception?exception)
{
exception = null;
int encryptedContentLength = encryptedContent.Length;
byte[]? encryptedContentArray = CryptoPool.Rent(encryptedContentLength);
try
{
encryptedContent.CopyTo(encryptedContentArray);
using (SymmetricAlgorithm alg = OpenAlgorithm(contentEncryptionAlgorithm))
using (ICryptoTransform decryptor = alg.CreateDecryptor(cek, alg.IV))
{
// If we extend this library to accept additional algorithm providers
// then a different array pool needs to be used.
Debug.Assert(alg.GetType().Assembly == typeof(Aes).Assembly);
return(decryptor.OneShot(
encryptedContentArray,
0,
encryptedContentLength));
}
}
catch (CryptographicException e)
{
exception = e;
return(null);
}
finally
{
CryptoPool.Return(encryptedContentArray, encryptedContentLength);
encryptedContentArray = null;
}
}
private static byte[] DecryptContent(
ReadOnlyMemory <byte> encryptedContent,
byte[] cek,
AlgorithmIdentifierAsn contentEncryptionAlgorithm,
out Exception exception)
{
exception = null;
int encryptedContentLength = encryptedContent.Length;
byte[] encryptedContentArray = ArrayPool <byte> .Shared.Rent(encryptedContentLength);
try
{
encryptedContent.CopyTo(encryptedContentArray);
using (SymmetricAlgorithm alg = OpenAlgorithm(contentEncryptionAlgorithm))
using (ICryptoTransform decryptor = alg.CreateDecryptor(cek, alg.IV))
{
return(decryptor.OneShot(
encryptedContentArray,
0,
encryptedContentLength));
}
}
catch (CryptographicException e)
{
exception = e;
return(null);
}
finally
{
Array.Clear(encryptedContentArray, 0, encryptedContentLength);
ArrayPool <byte> .Shared.Return(encryptedContentArray);
encryptedContentArray = null;
}
}
