internal static byte[] DecryptDataAsBytes(byte[] encryptedData, string privateKeyPem)
{
using (var encryptedDataStream = new MemoryStream(encryptedData))
using (var encryptedDataWithoutKeyPair = new MemoryStream())
{
var encryptedKeyLengthBytes = new byte[4];
var bytesRead = encryptedDataStream.Read(encryptedKeyLengthBytes, 0, 4);
if (bytesRead == -1)
{
throw new Exception("Unexpected end of encrypted data (expected encrypted key size)");
}
var encryptedKeyLength = BitConverter.ToInt32(encryptedKeyLengthBytes, 0);
var encryptedKey = new byte[encryptedKeyLength];
bytesRead = encryptedDataStream.Read(encryptedKey, 0, encryptedKeyLength);
if (bytesRead != encryptedKeyLength)
{
throw new Exception("Unexpected end of encrypted data (expected encrypted key)");
}
encryptedDataStream.CopyTo(encryptedDataWithoutKeyPair);
var encryptionKey = AsymmetricCryptoUtil.DecryptDataWithPrivateKey(encryptedKey, privateKeyPem);
return(EncryptedData.DecryptDataAsBytes(encryptionKey, encryptedDataWithoutKeyPair.ToArray()));
}
}
private static byte[] DecryptDataAsBytes(byte[] encryptedData, string privateKeyPem, string publicKeyPem)
{
using (var encryptedDataStream = new MemoryStream(encryptedData))
using (var encryptedDataWithoutKeyPair = new MemoryStream())
{
var signatureLengthBytes = new byte[4];
var bytesRead = encryptedDataStream.Read(signatureLengthBytes, 0, 4);
if (bytesRead == -1)
{
throw new Exception("Unexpected end of encrypted data (expected encrypted key size)");
}
var signatureLength = BitConverter.ToInt32(signatureLengthBytes, 0);
var signature = new byte[signatureLength];
bytesRead = encryptedDataStream.Read(signature, 0, signatureLength);
if (bytesRead != signatureLength)
{
throw new Exception("Unexpected end of encrypted data (expected encrypted key)");
}
encryptedDataStream.CopyTo(encryptedDataWithoutKeyPair);
var decryptedData = EncryptedDataWithKeyPair.DecryptDataAsBytes(
encryptedDataWithoutKeyPair.ToArray(), privateKeyPem);
var signatureVerified = AsymmetricCryptoUtil.VerifySignature(decryptedData, signature, publicKeyPem);
if (!signatureVerified)
{
throw new Exception("Message could not be verified");
}
return(decryptedData);
}
}
private void EncryptData(byte[] dataToEncrypt, string publicKeyPem)
{
_encryptedData = new EncryptedData(dataToEncrypt);
var encryptedKeyString = AsymmetricCryptoUtil.EncryptDataWithPublicKey(
Convert.FromBase64String(_encryptedData.Key), publicKeyPem);
_encryptedKey = encryptedKeyString;
}
private void EncryptData(byte[] dataToEncrypt, string publicKeyPem, string privateKeyPem)
{
_signature = AsymmetricCryptoUtil.CreateSignature(dataToEncrypt, privateKeyPem);
_encryptedData = new EncryptedDataWithKeyPair(dataToEncrypt, publicKeyPem);
}