public BCRYPT_AUTHENTICATED_CIPHER_MODE_INFO(byte[] iv, byte[] aad, byte[] tag)
{
this = new BCrypt.BCRYPT_AUTHENTICATED_CIPHER_MODE_INFO()
{
dwInfoVersion = BCrypt.BCRYPT_INIT_AUTH_MODE_INFO_VERSION,
cbSize = Marshal.SizeOf(typeof(BCrypt.BCRYPT_AUTHENTICATED_CIPHER_MODE_INFO))
};
if (iv != null)
{
this.cbNonce = (int)iv.Length;
this.pbNonce = Marshal.AllocHGlobal(this.cbNonce);
Marshal.Copy(iv, 0, this.pbNonce, this.cbNonce);
}
if (aad != null)
{
this.cbAuthData = (int)aad.Length;
this.pbAuthData = Marshal.AllocHGlobal(this.cbAuthData);
Marshal.Copy(aad, 0, this.pbAuthData, this.cbAuthData);
}
if (tag != null)
{
this.cbTag = (int)tag.Length;
this.pbTag = Marshal.AllocHGlobal(this.cbTag);
Marshal.Copy(tag, 0, this.pbTag, this.cbTag);
this.cbMacContext = (int)tag.Length;
this.pbMacContext = Marshal.AllocHGlobal(this.cbMacContext);
}
}
/// <summary>
/// Performs AES encryption in GCM chaining mode over plain text
/// </summary>
/// <param name="key">aes key</param>
/// <param name="iv">initialization vector</param>
/// <param name="aad">additional authn data</param>
/// <param name="plainText">plain text message to be encrypted</param>
/// <returns>2 byte[] arrays: [0]=cipher text, [1]=authentication tag</returns>
/// /// <exception cref="CryptographicException">if encryption failed by any reason</exception>
public static byte[][] Encrypt(byte[] key, byte[] iv, byte[] aad, byte[] plainText)
{
IntPtr hAlg = OpenAlgorithmProvider(BCrypt.BCRYPT_AES_ALGORITHM, BCrypt.MS_PRIMITIVE_PROVIDER, BCrypt.BCRYPT_CHAIN_MODE_GCM);
IntPtr hKey, keyDataBuffer = ImportKey(hAlg, key, out hKey);
byte[] cipher;
byte[] tag = new byte[MaxAuthTagSize(hAlg)];
var authInfo = new BCrypt.BCRYPT_AUTHENTICATED_CIPHER_MODE_INFO(iv, aad, tag);
using (authInfo)
{
byte[] ivData = new byte[tag.Length];
int cipherSize = 0;
uint status = BCrypt.BCryptEncrypt(hKey, plainText, plainText.Length, ref authInfo, ivData, ivData.Length, null, 0, ref cipherSize, 0x0);
if (status != BCrypt.ERROR_SUCCESS)
throw new CryptographicException(string.Format("BCrypt.BCryptEncrypt() (get size) failed with status code:{0}", status));
cipher = new byte[cipherSize];
status = BCrypt.BCryptEncrypt(hKey, plainText, plainText.Length, ref authInfo, ivData, ivData.Length,
cipher, cipher.Length, ref cipherSize, 0x0);
if (status != BCrypt.ERROR_SUCCESS)
throw new CryptographicException(string.Format("BCrypt.BCryptEncrypt() failed with status code:{0}", status));
Marshal.Copy(authInfo.pbTag, tag, 0, authInfo.cbTag);
}
BCrypt.BCryptDestroyKey(hKey);
Marshal.FreeHGlobal(keyDataBuffer);
BCrypt.BCryptCloseAlgorithmProvider(hAlg, 0x0);
return new[] {cipher, tag};
}
/// <summary>
/// Performs AES decryption in GCM chaning mode over cipher text
/// </summary>
/// <param name="key">aes key</param>
/// <param name="iv">initialization vector</param>
/// <param name="aad">additional authn data</param>
/// <param name="plainText">plain text message to be encrypted</param>
/// <returns>decrypted plain text messages</returns>
/// <exception cref="CryptographicException">if decryption failed by any reason</exception>
public static byte[] Decrypt(byte[] key, byte[] iv, byte[] aad, byte[] cipherText, byte[] authTag)
{
IntPtr hAlg = OpenAlgorithmProvider(BCrypt.BCRYPT_AES_ALGORITHM, BCrypt.MS_PRIMITIVE_PROVIDER, BCrypt.BCRYPT_CHAIN_MODE_GCM);
IntPtr hKey,keyDataBuffer = ImportKey(hAlg, key, out hKey);
byte[] plainText;
var authInfo = new BCrypt.BCRYPT_AUTHENTICATED_CIPHER_MODE_INFO(iv, aad, authTag);
using (authInfo)
{
byte[] ivData = new byte[MaxAuthTagSize(hAlg)];
int plainTextSize = 0;
uint status = BCrypt.BCryptDecrypt(hKey, cipherText, cipherText.Length, ref authInfo, ivData, ivData.Length, null, 0, ref plainTextSize, 0x0);
if (status != BCrypt.ERROR_SUCCESS)
throw new CryptographicException(string.Format("BCrypt.BCryptDecrypt() (get size) failed with status code: {0}", status));
plainText = new byte[plainTextSize];
status = BCrypt.BCryptDecrypt(hKey, cipherText, cipherText.Length, ref authInfo, ivData, ivData.Length, plainText, plainText.Length, ref plainTextSize, 0x0);
if(status==BCrypt.STATUS_AUTH_TAG_MISMATCH)
throw new CryptographicException("BCrypt.BCryptDecrypt(): authentication tag mismatch");
if (status != BCrypt.ERROR_SUCCESS)
throw new CryptographicException(string.Format("BCrypt.BCryptDecrypt() failed with status code:{0}", status));
}
BCrypt.BCryptDestroyKey(hKey);
Marshal.FreeHGlobal(keyDataBuffer);
BCrypt.BCryptCloseAlgorithmProvider(hAlg, 0x0);
return plainText;
}
public static extern uint BCryptEncrypt(IntPtr hKey, byte[] pbInput, int cbInput, ref BCrypt.BCRYPT_AUTHENTICATED_CIPHER_MODE_INFO pPaddingInfo, byte[] pbIV, int cbIV, byte[] pbOutput, int cbOutput, ref int pcbResult, uint dwFlags);