private static EncryptionInstructions EncryptEnvelopeKeyUsingAsymmetricKeyPairV2(EncryptionMaterialsV2 materials) { var rsa = materials.AsymmetricProvider as RSA; if (rsa == null) { throw new NotSupportedException("RSA is the only supported algorithm with this method."); } switch (materials.AsymmetricProviderType) { case AsymmetricAlgorithmType.RsaOaepSha1: { var aesObject = Aes.Create(); var nonce = aesObject.IV.Take(DefaultNonceSize).ToArray(); var envelopeKeyToEncrypt = EnvelopeKeyForDataKey(aesObject.Key); var cipher = RsaUtils.CreateRsaOaepSha1Cipher(true, rsa); var encryptedEnvelopeKey = cipher.DoFinal(envelopeKeyToEncrypt); var instructions = new EncryptionInstructions(materials.MaterialsDescription, aesObject.Key, encryptedEnvelopeKey, nonce, XAmzWrapAlgRsaOaepSha1, XAmzAesGcmCekAlgValue); return(instructions); } default: { throw new NotSupportedException($"{materials.AsymmetricProviderType} isn't supported with AsymmetricProvider"); } } }
private static byte[] DecryptEnvelopeKeyUsingAsymmetricKeyPairV2(AsymmetricAlgorithm asymmetricAlgorithm, byte[] encryptedEnvelopeKey) { var rsa = asymmetricAlgorithm as RSA; if (rsa == null) { throw new NotSupportedException("RSA-OAEP-SHA1 is the only supported algorithm with AsymmetricProvider."); } var cipher = RsaUtils.CreateRsaOaepSha1Cipher(false, rsa); var decryptedEnvelopeKey = cipher.DoFinal(encryptedEnvelopeKey); return(DecryptedDataKeyFromDecryptedEnvelopeKey(decryptedEnvelopeKey)); }