2 * Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License
19 namespace Tizen.Security.SecureRepository.Crypto
22 /// This class provides the methods for encrypting and decrypting data.
24 /// <since_tizen> 3 </since_tizen>
27 private readonly CipherParameters _parameters;
30 /// A constructor of Cipher that takes the algorithm specific parameters.
32 /// <since_tizen> 3 </since_tizen>
33 /// <param name="parameters">The algorithm specific parameters.</param>
34 public Cipher(CipherParameters parameters)
36 _parameters = parameters;
40 /// The algorithm specific parameters.
42 /// <since_tizen> 3 </since_tizen>
43 public CipherParameters Parameters
45 get { return _parameters; }
49 /// Decrypts data using the selected key and the algorithm.
51 /// <since_tizen> 3 </since_tizen>
52 /// <param name="keyAlias">Alias of the key to be used for decryption.</param>
53 /// <param name="password">
54 /// The password used in decrypting a key value. If password of policy is
55 /// provided in SaveKey(), the same password should be provided.
57 /// <param name="cipherText">
58 /// Data to be decrypted (some algorithms may require additional information
59 /// embedded in encrypted data.AES GCM is an example).
61 /// <returns>Decrypted data.</returns>
62 /// <exception cref="ArgumentNullException">
63 /// The keyAlias or cipherText is null.
65 /// <exception cref="ArgumentException">
66 /// The mandatory algorithm parameter is missing or invalid.
67 /// The optional algorithm parameter is invalid.
69 /// <exception cref="InvalidOperationException">
70 /// The key-protecting password isn't matched.
71 /// The key does not exist with the keyAlias.
74 /// The key type specified by keyAlias should be compatible with the algorithm
75 /// specified in Parameters.
77 public byte[] Decrypt(string keyAlias, string password, byte[] cipherText)
79 if (keyAlias == null || cipherText == null)
80 throw new ArgumentNullException("alias and ciphertxt should not be null");
82 IntPtr ptr = IntPtr.Zero;
86 Interop.CheckNThrowException(
87 Interop.CkmcManager.DecryptData(
88 Parameters.Ptr, keyAlias, password,
89 new Interop.CkmcRawBuffer(
90 new PinnedObject(cipherText), cipherText.Length),
92 "Failed to decrypt data");
93 return new SafeRawBufferHandle(ptr).Data;
97 if (ptr != IntPtr.Zero)
98 Interop.CkmcTypes.BufferFree(ptr);
103 /// Encrypts data using selected key and algorithm.
105 /// <since_tizen> 3 </since_tizen>
106 /// <param name="keyAlias">Alias of the key to be used for encryption.</param>
107 /// <param name="password">
108 /// The password used in decrypting a key value. If password of policy is
109 /// provided in SaveKey(), the same password should be provided.
111 /// <param name="plainText">
112 /// Data to be encrypted. In case of the AES algorithm, there are no restrictions on
113 /// the size of data. For RSA, the size must be smaller or equal to (key_size_in
114 /// bytes - 42). Example: For 1024 RSA key, the maximum data size is
115 /// 1024/8 - 42 = 86.
117 /// <returns>Encrypted data.</returns>
118 /// <exception cref="ArgumentNullException">
119 /// The keyAlias or plainText is null.
121 /// <exception cref="ArgumentException">
122 /// The mandatory algorithm parameter is missing or invalid.
123 /// The optional algorithm parameter is invalid.
125 /// <exception cref="InvalidOperationException">
126 /// The key-protecting password isn't matched.
127 /// The key does not exist with the keyAlias.
130 /// The key type specified by the keyAlias should be compatible with the algorithm
131 /// specified in Parameters.
133 public byte[] Encrypt(string keyAlias, string password, byte[] plainText)
135 if (keyAlias == null || plainText == null)
136 throw new ArgumentNullException("alias or plaintxt should not be null");
138 IntPtr ptr = IntPtr.Zero;
142 Interop.CheckNThrowException(
143 Interop.CkmcManager.EncryptData(
144 Parameters.Ptr, keyAlias, password,
145 new Interop.CkmcRawBuffer(
146 new PinnedObject(plainText), plainText.Length),
148 "Failed to encrypt data");
149 return new SafeRawBufferHandle(ptr).Data;
153 if (ptr != IntPtr.Zero)
154 Interop.CkmcTypes.BufferFree(ptr);