public static byte[] DekrypterLmrEikNøkkel(string keyCipherValue, StoreName storeName, StoreLocation storeLocation, string thumbprint) { var forventetPrefix = "eik:"; var certificate = CertificateHelper.GetCertificate(storeName, storeLocation, thumbprint); // Decode keyCipherValue from base64 var keyEncryptedBytes = Convert.FromBase64String(keyCipherValue); // Decrypt AES key with certificate byte[] dekryptert = X509RsaHelper.DecryptWithPrivateX509(keyEncryptedBytes, certificate); var dekryptertString = Encoding.UTF8.GetString(dekryptert); if (!dekryptertString.StartsWith(forventetPrefix)) { throw new Exception($"Symmetrisk nøkkel var ikke prefikset med \"{forventetPrefix}\""); } var base64 = dekryptertString.Substring(forventetPrefix.Length); var aesKey = Convert.FromBase64String(base64); if (aesKey.Length != AesGcmHelper.KEY_BYTES) { throw new Exception($"Wrong AES key size: {aesKey.Length} bytes. It should be {AesGcmHelper.KEY_BYTES} bytes"); } return(aesKey); }
public static byte[] DekrypterNøkkel(string keyCipherValue, StoreName storeName, StoreLocation storeLocation, string thumbprint) { var certificate = CertificateHelper.GetCertificate(storeName, storeLocation, thumbprint); // Decode keyCipherValue from base64 var keyEncryptedBytes = Convert.FromBase64String(keyCipherValue); // Decrypt AES key with certificate byte[] aesKey = X509RsaHelper.DecryptWithPrivateX509(keyEncryptedBytes, certificate); if (aesKey.Length != AesGcmHelper.KEY_BYTES) { throw new Exception($"Wrong AES key size: {aesKey.Length} bytes. It should be {AesGcmHelper.KEY_BYTES} bytes"); } return(aesKey); }