/// <summary>Creates a Secret Box</summary> /// <param name="message">The message.</param> /// <param name="nonce">The 24 byte nonce.</param> /// <param name="key">The 32 byte key.</param> /// <returns>The encrypted message.</returns> /// <exception cref="KeyOutOfRangeException"></exception> /// <exception cref="NonceOutOfRangeException"></exception> /// <exception cref="CryptographicException"></exception> public static byte[] Create(byte[] message, byte[] nonce, byte[] key) { //validate the length of the key if (key == null || key.Length != KEY_BYTES) { throw new KeyOutOfRangeException("key", key == null ? 0 : key.Length, string.Format("key must be {0} bytes in length.", KEY_BYTES)); } //validate the length of the nonce if (nonce == null || nonce.Length != NONCE_BYTES) { throw new NonceOutOfRangeException("nonce", nonce == null ? 0 : nonce.Length, string.Format("nonce must be {0} bytes in length.", NONCE_BYTES)); } byte[] buffer = new byte[MAC_BYTES + message.Length]; SodiumCore.Init(); int ret = SodiumLibrary.crypto_secretbox_easy(buffer, message, message.Length, nonce, key); if (ret != 0) { throw new CryptographicException("Failed to create SecretBox"); } return(buffer); }
/// <summary>Opens a Secret Box</summary> /// <param name="cipherText">The cipherText.</param> /// <param name="nonce">The 24 byte nonce.</param> /// <param name="key">The 32 byte nonce.</param> /// <returns>The decrypted text.</returns> /// <exception cref="KeyOutOfRangeException"></exception> /// <exception cref="NonceOutOfRangeException"></exception> /// <exception cref="CryptographicException"></exception> public static byte[] Open(byte[] cipherText, byte[] nonce, byte[] key) { //validate the length of the key if (key == null || key.Length != KEY_BYTES) { throw new KeyOutOfRangeException("key", key == null ? 0 : key.Length, string.Format("key must be {0} bytes in length.", KEY_BYTES)); } //validate the length of the nonce if (nonce == null || nonce.Length != NONCE_BYTES) { throw new NonceOutOfRangeException("nonce", nonce == null ? 0 : nonce.Length, string.Format("nonce must be {0} bytes in length.", NONCE_BYTES)); } //check to see if there are MAC_BYTES of leading nulls, if so, trim. //this is required due to an error in older versions. if (cipherText[0] == 0) { //check to see if trim is needed bool trim = true; for (int i = 0; i < MAC_BYTES - 1; i++) { if (cipherText[i] != 0) { trim = false; break; } } //if the leading MAC_BYTES are null, trim it off before going on. if (trim) { byte[] temp = new byte[cipherText.Length - MAC_BYTES]; Array.Copy(cipherText, MAC_BYTES, temp, 0, cipherText.Length - MAC_BYTES); cipherText = temp; } } byte[] buffer = new byte[cipherText.Length - MAC_BYTES]; SodiumCore.Init(); int ret = SodiumLibrary.crypto_secretbox_open_easy(buffer, cipherText, cipherText.Length, nonce, key); if (ret != 0) { throw new CryptographicException("Failed to open SecretBox"); } return(buffer); }