public static bool TryDecryptArchiveKey( this UserKeyAuthorization authorization, UserKey userKey, SecuritySettings securitySettings, out ArchiveKey archiveKey) { ArgCheck.NotNull(authorization, nameof(authorization)); ArgCheck.NotNull(userKey, nameof(userKey)); ArgCheck.IsValid(securitySettings, nameof(securitySettings)); archiveKey = null; if (!CryptoHelpers.SecureEquals(userKey.KeyId, authorization.KeyId)) { return(false); } try { // The SecureArchive file format requires that the friendly name and keyId be // checked for tampering when using authenticated cyphers. var additionalData = Encoding.UTF8.GetBytes(authorization.FriendlyName + authorization.KeyId); var cryptoStrategy = CryptoHelpers.GetCryptoStrategy(securitySettings.EncryptionAlgo); var decryptedArchiveKey = userKey.Decrypt(cryptoStrategy, authorization.EncryptedArchiveKey, additionalData); if (!decryptedArchiveKey.IsEmpty) { archiveKey = new ArchiveKey(decryptedArchiveKey.ToArray()); } } catch { return(false); } return(archiveKey != null); }