| public static Encrypt ( byte plainText, System.Security.Cryptography.CngKey key, CngAlgorithm hash ) : byte[] | ||
| plainText | byte | |
| key | System.Security.Cryptography.CngKey | |
| hash | CngAlgorithm | |
| return | byte[] | |
public byte[] WrapKey(byte[] cek, object key, IDictionary <string, object> header)
{
#if NET40
if (key is CngKey cngKey)
{
return(RsaOaep.Encrypt(cek, cngKey, CngAlgorithm.Sha256));
}
else if (key is RSACryptoServiceProvider rsaKey)
{
//This is for backward compatibility only with 2.x
//To be removed in 3.x
var publicKey = RsaKey.New(rsaKey.ExportParameters(false));
return(RsaOaep.Encrypt(cek, publicKey, CngAlgorithm.Sha256));
}
throw new ArgumentException("RsaKeyManagement algorithm expects key to be of CngKey or RSACryptoServiceProvider types.");
#elif NET461 || NET472
if (key is CngKey cngKey)
{
return(RsaOaep.Encrypt(cek, cngKey, CngAlgorithm.Sha256));
}
else if (key is RSACryptoServiceProvider rsaKey)
{
//This is for backward compatibility only with 2.x
//To be removed in 3.x
var publicKey = RsaKey.New(rsaKey.ExportParameters(false));
return(RsaOaep.Encrypt(cek, publicKey, CngAlgorithm.Sha256));
}
else if (key is RSA rsa)
{
return(rsa.Encrypt(cek, RSAEncryptionPadding.OaepSHA256));
}
else if (key is Jwk jwk)
{
if (jwk.Kty == Jwk.KeyTypes.RSA)
{
return(jwk.RsaKey().Encrypt(cek, RSAEncryptionPadding.OaepSHA256));
}
}
throw new ArgumentException("RsaKeyManagement algorithm expects key to be of CngKey, RSACryptoServiceProvider, RSA types or Jwk type with kty='rsa'.");
#elif NETSTANDARD
if (key is RSA rsa)
{
return(rsa.Encrypt(cek, RSAEncryptionPadding.OaepSHA256));
}
else if (key is Jwk jwk)
{
if (jwk.Kty == Jwk.KeyTypes.RSA)
{
return(jwk.RsaKey().Encrypt(cek, RSAEncryptionPadding.OaepSHA256));
}
}
throw new ArgumentException("RsaKeyManagement algorithm expects key to be of RSA types or Jwk type with kty='rsa'.");
#endif
}
public byte[][] WrapNewKey(int cekSizeBits, object key, IDictionary <string, object> header)
{
var publicKey = Ensure.Type <RSACryptoServiceProvider>(key, "RsaKeyManagement alg expects key to be of RSACryptoServiceProvider type.");
var cek = Arrays.Random(cekSizeBits);
return(useSha256 ? new[] { cek, RsaOaep.Encrypt(cek, RsaKey.New(publicKey.ExportParameters(false)), CngAlgorithm.Sha256) }
: new[] { cek, publicKey.Encrypt(cek, useRsaOaepPadding) });
}
public byte[][] WrapNewKey(int cekSizeBits, object key, IDictionary <string, object> header)
{
byte[] numArray = Arrays.Random(cekSizeBits);
RSACryptoServiceProvider rSACryptoServiceProvider = Ensure.Type <RSACryptoServiceProvider>(key, "RsaKeyManagement alg expects key to be of RSACryptoServiceProvider type.", new object[0]);
if (!this.useSha256)
{
return(new byte[][] { numArray, rSACryptoServiceProvider.Encrypt(numArray, this.useRsaOaepPadding) });
}
return(new byte[][] { numArray, RsaOaep.Encrypt(numArray, RsaKey.New(rSACryptoServiceProvider.ExportParameters(false)), CngAlgorithm.Sha256) });
}
public byte[][] WrapNewKey(int cekSizeBits, object key, IDictionary <string, object> header)
{
var cek = Arrays.Random(cekSizeBits);
#if NET40
if (key is CngKey)
{
var publicKey = Ensure.Type <CngKey>(key, "RsaOaep256KeyManagement alg expects key to be of CngKey type.");
return(new[] { cek, RsaOaep.Encrypt(cek, publicKey, CngAlgorithm.Sha256) });
}
if (key is RSACryptoServiceProvider)
{
//This is for backward compatibility only with 2.x
//To be removed in 3.x
var publicKey = RsaKey.New(((RSACryptoServiceProvider)key).ExportParameters(false));
return(new[] { cek, RsaOaep.Encrypt(cek, publicKey, CngAlgorithm.Sha256) });
}
throw new ArgumentException("RsaKeyManagement algorithm expects key to be of CngKey type.");
#elif NET461
if (key is CngKey)
{
var publicKey = (CngKey)key;
return(new[] { cek, RsaOaep.Encrypt(cek, publicKey, CngAlgorithm.Sha256) });
}
if (key is RSACryptoServiceProvider)
{
//This is for backward compatibility only with 2.x
//To be removed in 3.x
var publicKey = RsaKey.New(((RSACryptoServiceProvider)key).ExportParameters(false));
return(new[] { cek, RsaOaep.Encrypt(cek, publicKey, CngAlgorithm.Sha256) });
}
if (key is RSA)
{
var publicKey = (RSA)key;
return(new[] { cek, publicKey.Encrypt(cek, RSAEncryptionPadding.OaepSHA256) });
}
throw new ArgumentException("RsaKeyManagement algorithm expects key to be of either CngKey or RSA types.");
#elif NETSTANDARD
var publicKey = Ensure.Type <RSA>(key, "RsaKeyManagement algorithm expects key to be of RSA type.");
return(new[] { cek, publicKey.Encrypt(cek, RSAEncryptionPadding.OaepSHA256) });
#endif
}
public byte[][] WrapNewKey(int cekSizeBits, object key, IDictionary <string, object> header)
{
var cek = Arrays.Random(cekSizeBits);
#if NET40
var publicKey = Ensure.Type <CngKey>(key, "RsaOaep256KeyManagement alg expects key to be of CngKey type.");
return(new[] { cek, RsaOaep.Encrypt(cek, publicKey, CngAlgorithm.Sha256) });
#elif NETSTANDARD1_4
var publicKey = Ensure.Type <RSA>(key, "RsaKeyManagement alg expects key to be of RSA type.");
return(new[] { cek, publicKey.Encrypt(cek, RSAEncryptionPadding.OaepSHA256) });
#endif
}
public byte[][] WrapNewKey(int cekSizeBits, object key, IDictionary <string, object> header)
{
var cek = Arrays.Random(cekSizeBits);
#if NET40
var publicKey = Ensure.Type <RSACryptoServiceProvider>(key, "RsaKeyManagement alg expects key to be of RSACryptoServiceProvider type.");
return(useSha256 ? new[] { cek, RsaOaep.Encrypt(cek, RsaKey.New(publicKey.ExportParameters(false)), CngAlgorithm.Sha256) }
: new[] { cek, publicKey.Encrypt(cek, useRsaOaepPadding) });
#elif NETSTANDARD1_4
var publicKey = Ensure.Type <RSA>(key, "RsaKeyManagement alg expects key to be of RSA type.");
var padding = useSha256 ? RSAEncryptionPadding.OaepSHA256 :
useRsaOaepPadding ? RSAEncryptionPadding.OaepSHA1 :
RSAEncryptionPadding.Pkcs1;
return(new[] { cek, publicKey.Encrypt(cek, padding) });
#endif
}
