/// <summary>
/// Encrypt the specified clearText.
/// </summary>
/// <param name="context">Your Android Context, likely your Activity or Service</param>
/// <param name="alias">Alias is the name you are using for the key, use sensible name</param>
/// <param name="clearText">The content you want to encrypt</param>
public static EncryptedTuple Encrypt(Context context, string alias, string clearText)
{
var secretKeys = AesCbcWithIntegrity.GenerateKey();
var confidentialKeyWrapper = new SecretKeyWrapper(context, alias);
var encryptedSymmetricKey = confidentialKeyWrapper.EncryptedThenMac(secretKeys);
var encryptedBundle = AesCbcWithIntegrity.Encrypt(Encoding.UTF8.GetBytes(clearText), secretKeys);
return(new EncryptedTuple(encryptedBundle.ToString(), encryptedSymmetricKey));
}
public void TestAesCbcWithIntegrityRoundTrip()
{
var privateKey = AesCbcWithIntegrity.GenerateKey();
var mySecretText = "This is my secret";
var mySecretBytes = Encoding.UTF8.GetBytes(mySecretText);
var cipherText = AesCbcWithIntegrity.Encrypt(mySecretBytes, privateKey);
Assert.False(AesCbcWithIntegrity.ConstantTimeEq(mySecretBytes, cipherText.GetCipherText()));
var decryptedBytes = AesCbcWithIntegrity.Decrypt(cipherText, privateKey);
var decryptedText = Encoding.UTF8.GetString(decryptedBytes);
Assert.True(mySecretText == decryptedText,
string.Format("Expect {0} but got {1}", mySecretText, decryptedText));
}