src/mscorlib/src/System/Security/Cryptography/RijndaelManaged.cs


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82

// Copyright (c) Microsoft. All rights reserved.
// Licensed under the MIT license. See LICENSE file in the project root for full license information.
using System.Diagnostics.Contracts;

namespace System.Security.Cryptography
{
[System.Runtime.InteropServices.ComVisible(true)]
    public sealed class RijndaelManaged : Rijndael {
        public RijndaelManaged () {
#if FEATURE_CRYPTO
            if (CryptoConfig.AllowOnlyFipsAlgorithms)
                throw new InvalidOperationException(Environment.GetResourceString("Cryptography_NonCompliantFIPSAlgorithm"));
            Contract.EndContractBlock();
#endif // FEATURE_CRYPTO
        }

        // #CoreCLRRijndaelModes
        // 
        // On CoreCLR we limit the supported cipher modes and padding modes for the AES algorithm to a
        // single hard coded value.  This allows us to remove a lot of code by removing support for the
        // uncommon cases and forcing everyone to use the same common padding and ciper modes:
        // 
        //  - CipherMode: CipherMode.CBC
        //  - PaddingMode: PaddingMode.PKCS7
 
        public override ICryptoTransform CreateEncryptor (byte[] rgbKey, byte[] rgbIV) {
            return NewEncryptor(rgbKey,
                                ModeValue,
                                rgbIV,
                                FeedbackSizeValue,
                                RijndaelManagedTransformMode.Encrypt);
        }

        public override ICryptoTransform CreateDecryptor (byte[] rgbKey, byte[] rgbIV) {
            return NewEncryptor(rgbKey,
                                ModeValue,
                                rgbIV,
                                FeedbackSizeValue,
                                RijndaelManagedTransformMode.Decrypt);
        }

        public override void GenerateKey () {
            KeyValue = Utils.GenerateRandom(KeySizeValue / 8);
        }

        public override void GenerateIV () {
            IVValue = Utils.GenerateRandom(BlockSizeValue / 8);
        }

        private ICryptoTransform NewEncryptor (byte[] rgbKey,
                                               CipherMode mode,
                                               byte[] rgbIV,
                                               int feedbackSize,
                                               RijndaelManagedTransformMode encryptMode) {
            // Build the key if one does not already exist
            if (rgbKey == null) {
                rgbKey = Utils.GenerateRandom(KeySizeValue / 8);
            }

            // If not ECB mode, make sure we have an IV. In CoreCLR we do not support ECB, so we must have
            // an IV in all cases.
#if !FEATURE_CRYPTO
            if (mode != CipherMode.ECB) {
#endif // !FEATURE_CRYPTO
                if (rgbIV == null) {
                    rgbIV = Utils.GenerateRandom(BlockSizeValue / 8);
                }
#if !FEATURE_CRYPTO
            }
#endif // !FEATURE_CRYPTO

            // Create the encryptor/decryptor object
            return new RijndaelManagedTransform (rgbKey,
                                                 mode,
                                                 rgbIV,
                                                 BlockSizeValue,
                                                 feedbackSize,
                                                 PaddingValue,
                                                 encryptMode);
        }
    }
}