private ICryptoTransform CreateTransform(byte[] rgbKey, byte[]?rgbIV, bool encrypting)
{
// note: rgbIV is guaranteed to be cloned before this method, so no need to clone it again
long keySize = rgbKey.Length * (long)BitsPerByte;
if (keySize > int.MaxValue || !((int)keySize).IsLegalSize(this.LegalKeySizes))
{
throw new ArgumentException(SR.Cryptography_InvalidKeySize, nameof(rgbKey));
}
if (rgbIV == null)
{
if (Mode.UsesIv())
{
rgbIV = RandomNumberGenerator.GetBytes(8);
}
}
else
{
// We truncate IV's that are longer than the block size to 8 bytes : this is
// done to maintain backward .NET Framework compatibility with the behavior shipped in V1.x.
// The call to set the IV in CryptoAPI will ignore any bytes after the first 8
// bytes. We'll still reject IV's that are shorter than the block size though.
if (rgbIV.Length < 8)
{
throw new CryptographicException(SR.Cryptography_InvalidIVSize);
}
}
Debug.Assert(EffectiveKeySize == KeySize);
BasicSymmetricCipher cipher = new BasicSymmetricCipherCsp(CapiHelper.CALG_RC2, Mode, BlockSize / BitsPerByte, rgbKey, !UseSalt, rgbIV, encrypting, 0, 0);
return(UniversalCryptoTransform.Create(Padding, cipher, encrypting));
}
private static UniversalCryptoTransform CreateTransformCore(
CipherMode cipherMode,
PaddingMode paddingMode,
byte[] key,
byte[]?iv,
int blockSize,
int paddingSize,
int feedbackSize,
bool encrypting)
{
ValidateCipherMode(cipherMode);
if (iv is null)
{
throw new CryptographicException(SR.Cryptography_MissingIV);
}
Debug.Assert(blockSize == BlockSizeBytes);
Debug.Assert(paddingSize == blockSize);
BasicSymmetricCipher cipher = Interop.BrowserCrypto.CanUseSubtleCrypto ?
new AesSubtleCryptoTransform(key, iv, encrypting) :
new AesManagedTransform(key, iv, encrypting);
return(UniversalCryptoTransform.Create(paddingMode, cipher, encrypting));
}
private ICryptoTransform CreateTransform(byte[] rgbKey, byte[] rgbIV, bool encrypting)
{
// note: rgbIV is guaranteed to be cloned before this method, so no need to clone it again
if (rgbKey == null)
{
throw new ArgumentNullException(nameof(rgbKey));
}
long keySize = rgbKey.Length * (long)BitsPerByte;
if (keySize > int.MaxValue || !((int)keySize).IsLegalSize(LegalKeySizes))
{
throw new ArgumentException(SR.Cryptography_InvalidKeySize, nameof(rgbKey));
}
if (IsWeakKey(rgbKey))
{
throw new CryptographicException(SR.Cryptography_InvalidKey_Weak, "DES");
}
if (IsSemiWeakKey(rgbKey))
{
throw new CryptographicException(SR.Cryptography_InvalidKey_SemiWeak, "DES");
}
if (rgbIV == null)
{
if (Mode.UsesIv())
{
rgbIV = new byte[8];
RandomNumberGenerator.Fill(rgbIV);
}
}
else
{
// We truncate IV's that are longer than the block size to 8 bytes : this is
// done to maintain backward desktop compatibility with the behavior shipped in V1.x.
// The call to set the IV in CryptoAPI will ignore any bytes after the first 8
// bytes. We'll still reject IV's that are shorter than the block size though.
if (rgbIV.Length < 8)
{
throw new CryptographicException(SR.Cryptography_InvalidIVSize);
}
}
BasicSymmetricCipher cipher = new BasicSymmetricCipherCsp(CapiHelper.CALG_DES, Mode, BlockSize / BitsPerByte, rgbKey, 0, false, rgbIV, encrypting);
return(UniversalCryptoTransform.Create(Padding, cipher, encrypting));
}
private static UniversalCryptoTransform CreateTransformCore(
CipherMode cipherMode,
PaddingMode paddingMode,
byte[] key,
byte[]?iv,
int blockSize,
int paddingSize,
int feedbackSize,
bool encrypting)
{
SafeAlgorithmHandle algorithm = AesBCryptModes.GetSharedHandle(cipherMode, feedbackSize);
BasicSymmetricCipher cipher = new BasicSymmetricCipherBCrypt(algorithm, cipherMode, blockSize, paddingSize, key, false, iv, encrypting);
return(UniversalCryptoTransform.Create(paddingMode, cipher, encrypting));
}
private static UniversalCryptoTransform CreateTransformCore(
CipherMode cipherMode,
PaddingMode paddingMode,
byte[] key,
byte[]?iv,
int blockSize,
int feedbackSize,
int paddingSize,
bool encrypting)
{
using (SafeAlgorithmHandle algorithm = RC2BCryptModes.GetHandle(cipherMode, key.Length * 8))
{
// The BasicSymmetricCipherBCrypt ctor will increase algorithm reference count and take ownership.
BasicSymmetricCipher cipher = new BasicSymmetricCipherBCrypt(algorithm, cipherMode, blockSize, paddingSize, key, true, iv, encrypting);
return(UniversalCryptoTransform.Create(paddingMode, cipher, encrypting));
}
}
private UniversalCryptoTransform CreateEphemeralCryptoTransformCore(byte[] key, byte[]?iv, bool encrypting, PaddingMode padding, CipherMode mode, int feedbackSizeInBits)
{
int blockSizeInBytes = AsymmetricAlgorithmHelpers.BitsToBytes(_outer.BlockSize);
SafeAlgorithmHandle algorithmModeHandle = _outer.GetEphemeralModeHandle(mode, feedbackSizeInBits);
BasicSymmetricCipher cipher = new BasicSymmetricCipherBCrypt(
algorithmModeHandle,
mode,
blockSizeInBytes,
_outer.GetPaddingSize(mode, feedbackSizeInBits),
key,
ownsParentHandle: false,
iv,
encrypting);
return(UniversalCryptoTransform.Create(padding, cipher, encrypting));
}
private static UniversalCryptoTransform CreateTransformCore(
CipherMode cipherMode,
PaddingMode paddingMode,
byte[] key,
byte[]?iv,
int blockSize,
int paddingSize,
int feedbackSize,
bool encrypting)
{
// The algorithm pointer is a static pointer, so not having any cleanup code is correct.
IntPtr algorithm = GetAlgorithm(cipherMode, feedbackSize);
BasicSymmetricCipher cipher = new OpenSslCipher(algorithm, cipherMode, blockSize, paddingSize, key, iv, encrypting);
return(UniversalCryptoTransform.Create(paddingMode, cipher, encrypting));
}
private static UniversalCryptoTransform CreateTransformCore(
CipherMode cipherMode,
PaddingMode paddingMode,
byte[] key,
byte[]?iv,
int blockSize,
int paddingSize,
int feedbackSize,
bool encrypting)
{
ValidateCipherMode(cipherMode);
Debug.Assert(blockSize == AesManagedTransform.BlockSizeBytes);
Debug.Assert(paddingSize == blockSize);
return(UniversalCryptoTransform.Create(paddingMode, new AesManagedTransform(key, iv, encrypting), encrypting));
}
private UniversalCryptoTransform CreatePersistedCryptoTransformCore(Func <CngKey> cngKeyFactory, byte[]?iv, bool encrypting, PaddingMode padding, CipherMode mode, int feedbackSizeInBits)
{
// note: iv is guaranteed to be cloned before this method, so no need to clone it again
ValidateFeedbackSize(mode, feedbackSizeInBits);
Debug.Assert(mode == CipherMode.CFB ? feedbackSizeInBits == 8 : true);
int blockSizeInBytes = AsymmetricAlgorithmHelpers.BitsToBytes(_outer.BlockSize);
BasicSymmetricCipher cipher = new BasicSymmetricCipherNCrypt(
cngKeyFactory,
mode,
blockSizeInBytes,
iv,
encrypting,
_outer.GetPaddingSize(mode, feedbackSizeInBits));
return(UniversalCryptoTransform.Create(padding, cipher, encrypting));
}
private static UniversalCryptoTransform CreateTransformCore(
CipherMode cipherMode,
PaddingMode paddingMode,
byte[] key,
byte[]?iv,
int blockSize,
int feedbackSizeInBytes,
int paddingSize,
bool encrypting)
{
BasicSymmetricCipher cipher = new AppleCCCryptor(
Interop.AppleCrypto.PAL_SymmetricAlgorithm.RC2,
cipherMode,
blockSize,
key,
iv,
encrypting,
feedbackSizeInBytes,
paddingSize);
return(UniversalCryptoTransform.Create(paddingMode, cipher, encrypting));
}