/// <summary>
/// Encrypts data from byte array to byte array.
/// </summary>
/// <param name="dataToEncrypt"></param>
/// <param name="key">Key that will be used for encryption/decryption, must be 16, 24 or 32 bytes long.</param>
/// <param name="iv">Initialization vector, must be 16 bytes</param>
/// <param name="token">Optional token for progress reporting and canceling operation.</param>
/// <returns>Encrypted data in for of bytes</returns>
public static byte[] Encrypt(byte[] dataToEncrypt, byte[] key, byte[] iv, ReportAndCancellationToken token = null)
=> HandleByteToStream(dataToEncrypt, (inStream, outStream) =>
Encrypt(new CryptoRequest
{
EmbedIV = true,
InData = inStream,
OutData = outStream,
IV = iv,
Key = key,
Token = token
}));
/// <summary>
/// Decrypts data from stream to stream asynchronously.
/// </summary>
/// <param name="dataToDecrypt">Stream with data to encrypt.</param>
/// <param name="key">Key that will be used for encryption/decryption, must be 16, 24 or 32 bytes long.</param>
/// <param name="iv">Initialization vector, must be 16 bytes</param>
/// <param name="destination">Stream to which decrypted data will be wrote.</param>
/// <param name="token">Optional token for progress reporting and canceling operation.</param>
/// <returns>Task to await</returns>
public static Task DecryptAsync(Stream dataToDecrypt, byte[] key, byte[] iv, Stream destination, ReportAndCancellationToken token = null)
=> DecryptAsync(new CryptoRequest
{
IV = iv,
Key = key,
InData = dataToDecrypt,
OutData = destination,
SkipValidations = false,
Token = token
});
// TODO: consider moving regions in separate classes or partial classes
#region methods with password
/// <summary>
/// Encrypts string and returns string. Salt and IV will be embedded to encrypted string.
/// Can later be decrypted with <see cref="DecryptWithPassword(string, string, ReportAndCancellationToken)"/>
/// IV and salt are generated by <see cref="CryptoRandom"/> which is using System.Security.Cryptography.Rfc2898DeriveBytes.
/// IV size is 16 bytes (128 bits) and key size will be 32 bytes (256 bits).
/// </summary>
/// <param name="dataToEncrypt">String to encrypt</param>
/// <param name="password">Password that is used for generating key for encryption/decryption</param>
/// <param name="token">Optional token for progress reporting and canceling operation.</param>
/// <returns>Encrypted string</returns>
public static string EncryptWithPassword(string dataToEncrypt, string password, ReportAndCancellationToken token = null)
{
byte[] data = Encoding.UTF8.GetBytes(dataToEncrypt);
byte[] result = EncryptWithPassword(data, password, token);
return(Convert.ToBase64String(result));
}
/// <summary>
/// Encrypts data from stream to stream.
/// </summary>
/// <param name="dataToEncrypt">Stream with data to decrypt.</param>
/// <param name="key">Key that will be used for encryption/decryption, must be 16, 24 or 32 bytes long.</param>
/// <param name="iv">Initialization vector, must be 16 bytes</param>
/// <param name="destination">Stream to which encrypted data will be wrote.</param>
/// <param name="token">Optional token for progress reporting and canceling operation.</param>
public static void Encrypt(Stream dataToEncrypt, byte[] key, byte[] iv, Stream destination, ReportAndCancellationToken token = null)
=> Encrypt(new CryptoRequest
{
SkipValidations = false,
InData = dataToEncrypt,
OutData = destination,
Key = key,
IV = iv,
Token = token
});
/// <summary> /// Decrypts data from byte array to byte array. /// </summary> /// <param name="dataToDecrypt"></param> /// <param name="key">Key that will be used for encryption/decryption, must be 16, 24 or 32 bytes long.</param> /// <param name="iv">Initialization vector, must be 16 bytes</param> /// <param name="token">Optional token for progress reporting and canceling operation.</param> /// <returns>Decrypted data in for of bytes</returns> public static byte[] Decrypt(byte[] dataToDecrypt, byte[] key, byte[] iv, ReportAndCancellationToken token = null) => HandleByteToStream(dataToDecrypt, (inStream, outStream) => Decrypt(inStream, key, iv, outStream, token));
private static Task DecryptWithEmbeddedIvAsync(Stream dataToDecrypt, byte[] key, Stream destination, string password, ReportAndCancellationToken token = null)
{
return(DecryptAsync(new CryptoRequest
{
EmbedIV = true,
InData = dataToDecrypt,
OutData = destination,
Key = key,
Password = password,
EmbedSalt = password != null,
Token = token
}));
}
/// <summary> /// Decrypts data with embedded IV, that is encrypted with <see cref="EncryptAndEmbedIv(Stream, byte[], Stream, ReportAndCancellationToken)"/>, into result. /// Data is read from stream and decrypted data is wrote to stream. /// </summary> /// <param name="dataToDecrypt">Stream containing data to decrypt.</param> /// <param name="key">Key that will be used for encryption/decryption, must be 16, 24 or 32 bytes long.</param> /// <param name="destination">Stream to which decrypted data will be wrote.</param> /// <param name="token">Optional token for progress reporting and canceling operation.</param> public static void DecryptWithEmbeddedIv(Stream dataToDecrypt, byte[] key, Stream destination, ReportAndCancellationToken token = null) => DecryptWithEmbeddedIv(dataToDecrypt, key, destination, null, token);
private static Task EncryptAndEmbedIvAsync(Stream dataToEncrypt, byte[] key, Stream destination, byte[] salt, ReportAndCancellationToken token = null)
{
byte[] iv = CryptoRandom.NextBytesStatic(16);
return(EncryptAsync(new CryptoRequest
{
EmbedIV = true,
InData = dataToEncrypt,
OutData = destination,
IV = iv,
Key = key,
EmbedSalt = salt != null,
Salt = salt,
Token = token
}));
}
/// <summary> /// Encrypts and embeds IV into result. Data is read from stream and encrypted data is wrote to stream. /// Can be decrypted with <see cref="DecryptWithEmbeddedIv(Stream, byte[], Stream, ReportAndCancellationToken)"/> /// IV is generated by <see cref="CryptoRandom"/> which is using System.Security.Cryptography.Rfc2898DeriveBytes. /// IV size is 16 bytes (128 bits). /// </summary> /// <param name="dataToEncrypt">Stream containing data to encrypt</param> /// <param name="key">Key that will be used for encryption/decryption, must be 16, 24 or 32 bytes long.</param> /// <param name="destination"></param> /// <param name="token">Optional token for progress reporting and canceling operation.</param> public static void EncryptAndEmbedIv(Stream dataToEncrypt, byte[] key, Stream destination, ReportAndCancellationToken token = null) => EncryptAndEmbedIv(dataToEncrypt, key, destination, null, token);
/// <summary> /// Decrypts bytes with embedded IV encrypted with <see cref="EncryptAndEmbedIv(byte[], byte[], ReportAndCancellationToken)"/> /// </summary> /// <param name="dataToDecrypt">Bytes, data with embedded IV, to decrypt</param> /// <param name="key">Key that will be used for encryption/decryption, must be 16, 24 or 32 bytes long.</param> /// <param name="token">Optional token for progress reporting and canceling operation.</param> /// <returns>Byte array, encrypted data</returns> public static byte[] DecryptWithEmbeddedIv(byte[] dataToDecrypt, byte[] key, ReportAndCancellationToken token = null) => HandleByteToStream(dataToDecrypt, (inStream, outStream) => DecryptWithEmbeddedIv(inStream, key, outStream, token));
/// <summary> /// Decrypts the with password asynchronously data that was encrypted with <see cref="EncryptWithPasswordAsync(Stream, string, Stream, ReportAndCancellationToken)"/> /// </summary> /// <param name="dataToDecrypt">The data to decrypt.</param> /// <param name="password">The password.</param> /// <param name="destination">The destination stream.</param> /// <param name="token">Optional token for progress reporting and canceling operation.</param> public static Task DecryptWithPasswordAsync(Stream dataToDecrypt, string password, Stream destination, ReportAndCancellationToken token = null) => DecryptWithEmbeddedIvAsync(dataToDecrypt, null, destination, password, token);
