public static bool Verify(Signature s, Keypair kp)
{
IAsymmetricEncryptionProvider provider = GetRsaProvider(kp.RsaProvider);
provider.SetKeyPair(kp.ToPublic());
return(provider.VerifyData(s.Data, s.SignatureData));
}
public static Signature Sign(byte[] data, string password, Keypair kp)
{
IAsymmetricEncryptionProvider provider = GetRsaProvider(kp.RsaProvider);
provider.SetKeyPair(kp, password);
var signature = new Signature {
Data = new byte[data.Length]
};
Array.Copy(data, signature.Data, data.Length);
// todo include salt
signature.SignatureData = provider.SignData(signature.Data);
signature.AuthorId = kp.ShortId;
return(signature);
}
public static byte[] Decrypt(Message m, string password, Keypair kp)
{
if (m.RecipientId != kp.ShortId)
{
throw new InvalidOperationException("Keypair does not match the recipient");
}
IAsymmetricEncryptionProvider provider = GetRsaProvider(kp.RsaProvider);
provider.SetKeyPair(kp, password);
byte[] key = provider.Decrypt(m.EncryptedKey);
var aes = new AesSymmetricEncryptionProvider {
Key = key, Iv = m.Iv
};
return(aes.TransformAsync(m.Content, false).Result);
}
/// <summary>
/// Encrypts <paramref name="data" /> for <paramref name="recipient" />. <paramref name="recipient" /> can be a public
/// key.
/// </summary>
/// <param name="recipient"></param>
/// <param name="data"></param>
/// <returns></returns>
public static Message Encrypt(Keypair recipient, byte[] data)
{
IAsymmetricEncryptionProvider provider = GetRsaProvider(recipient.RsaProvider);
provider.SetKeyPair(recipient.ToPublic());
var aes = new AesSymmetricEncryptionProvider();
byte[] cipher = aes.TransformAsync(data).Result;
byte[] encryptedKey = provider.Encrypt(aes.Key);
var m = new Message {
Content = cipher,
EncryptedKey = encryptedKey,
Iv = aes.Iv,
RecipientId = recipient.ShortId
};
return(m);
}