public byte[] Encrypt(string value)
{
// when encrypting, you need a 'nonce' - 'number once'. By changing this on each encryption, you end up with different output each time
// without it you apply identical encryption for each key which would be a vulnerability. It's like seeding a random number generator.
byte[] nonce = new byte[12];
// shouldn't use this, not random enough, but its good enough for this demo
new Random().NextBytes(nonce);
// initialise the algorithm with the key (password) and nonce
_streamCipher.SetState(_key, nonce);
// convert our string to a byte array
byte[] data = Encoding.UTF8.GetBytes(value);
// encrypt it
_streamCipher.Transform(data);
// now return the nonce (first 12 bytes) and the encrypted data as one array
return(nonce.Concat(data).ToArray());
}
