public override WrapResult WrapKey(KeyWrapAlgorithm algorithm, byte[] key, CancellationToken cancellationToken)
{
Argument.AssertNotNull(key, nameof(key));
ThrowIfTimeInvalid();
RSAEncryptionPadding padding = algorithm.GetRsaEncryptionPadding();
if (padding is null)
{
KeysEventSource.Singleton.AlgorithmNotSupported(nameof(WrapKey), algorithm);
return(null);
}
byte[] encryptedKey = Encrypt(key, padding);
WrapResult result = null;
if (encryptedKey != null)
{
result = new WrapResult
{
Algorithm = algorithm,
EncryptedKey = encryptedKey,
KeyId = KeyMaterial.Id,
};
}
return(result);
}
/// <summary>
/// Encrypts the specified key.
/// </summary>
/// <param name="algorithm">The <see cref="KeyWrapAlgorithm"/> to use.</param>
/// <param name="key">The key to encrypt.</param>
/// <param name="cancellationToken">A <see cref="CancellationToken"/> to cancel the operation.</param>
/// <returns>
/// The result of the wrap operation. The returned <see cref="WrapResult"/> contains the wrapped key
/// along with all other information needed to unwrap it. This information should be stored with the wrapped key.
/// </returns>
/// <exception cref="ArgumentException">The specified <paramref name="algorithm"/> does not match the key corresponding to the key identifier.</exception>
/// <exception cref="CryptographicException">The local cryptographic provider threw an exception.</exception>
/// <exception cref="InvalidOperationException">The key is invalid for the current operation.</exception>
/// <exception cref="NotSupportedException">The operation is not supported with the specified key.</exception>
public virtual WrapResult WrapKey(KeyWrapAlgorithm algorithm, byte[] key, CancellationToken cancellationToken = default)
{
WrapResult result = null;
if (_provider.SupportsOperation(KeyOperation.WrapKey))
{
result = _provider.WrapKey(algorithm, key, cancellationToken);
}
return(result ?? throw LocalCryptographyProvider.CreateOperationNotSupported(nameof(KeyOperation.WrapKey)));
}
/// <summary>
/// Encrypts the specified key.
/// </summary>
/// <param name="algorithm">The <see cref="KeyWrapAlgorithm"/> to use.</param>
/// <param name="key">The key to encrypt.</param>
/// <param name="cancellationToken">A <see cref="CancellationToken"/> to cancel the operation.</param>
/// <returns>
/// The result of the wrap operation. The returned <see cref="WrapResult"/> contains the wrapped key
/// along with all other information needed to unwrap it. This information should be stored with the wrapped key.
/// </returns>
/// <exception cref="ArgumentException">The specified <paramref name="algorithm"/> does not match the key corresponding to the key identifier.</exception>
/// <exception cref="CryptographicException">The local cryptographic provider threw an exception.</exception>
/// <exception cref="InvalidOperationException">The key is invalid for the current operation.</exception>
/// <exception cref="NotSupportedException">The operation is not supported with the specified key.</exception>
public virtual async Task <WrapResult> WrapKeyAsync(KeyWrapAlgorithm algorithm, byte[] key, CancellationToken cancellationToken = default)
{
WrapResult result = null;
if (_provider.SupportsOperation(KeyOperation.WrapKey))
{
result = await _provider.WrapKeyAsync(algorithm, key, cancellationToken).ConfigureAwait(false);
}
return(result ?? throw LocalCryptographyProvider.CreateOperationNotSupported(nameof(KeyOperation.WrapKey)));
}
public WrapResult WrapKey(KeyWrapAlgorithm algorithm, byte[] key, CancellationToken cancellationToken)
{
Argument.AssertNotNull(key, nameof(key));
RSAEncryptionPadding padding = algorithm.GetRsaEncryptionPadding();
byte[] encryptedKey = Encrypt(key, padding);
WrapResult result = null;
if (encryptedKey != null)
{
result = new WrapResult
{
Algorithm = algorithm,
EncryptedKey = encryptedKey,
KeyId = _jwk.Id,
};
}
return(result);
}
public virtual Task <WrapResult> WrapKeyAsync(KeyWrapAlgorithm algorithm, byte[] key, CancellationToken cancellationToken = default)
{
WrapResult result = WrapKey(algorithm, key, cancellationToken);
return(Task.FromResult(result));
}
/// <inheritdoc/>
async Task <byte[]> IKeyEncryptionKey.WrapKeyAsync(string algorithm, ReadOnlyMemory <byte> key, CancellationToken cancellationToken)
{
WrapResult result = await WrapKeyAsync(new KeyWrapAlgorithm(algorithm), key.ToArray(), cancellationToken).ConfigureAwait(false);
return(result.EncryptedKey);
}
/// <inheritdoc/>
byte[] IKeyEncryptionKey.WrapKey(string algorithm, ReadOnlyMemory <byte> key, CancellationToken cancellationToken)
{
WrapResult result = WrapKey(new KeyWrapAlgorithm(algorithm), key.ToArray(), cancellationToken);
return(result.EncryptedKey);
}