- try
- rsa.FromXmlString pubKey
- rsa.VerifyHash (sha256, CryptoConfig.MapNameToOID "SHA256", signature)
- finally
- rsa.PersistKeyInCsp <- false
+ rsa.FromXmlString pubKey
+ rsa.VerifyHash (data, CryptoConfig.MapNameToOID "SHA256", signature)
+
+ /// Return an encrypted output stream.
+ let encryptAES (key: byte[]) (iv: byte[]) (outputStream: Stream) : CryptoStream =
+ if key.Length <> aesKeySize / 8 then raise KeySizeError
+ if iv.Length <> 16 then raise IVSizeError
+ use aes = new AesCryptoServiceProvider (KeySize = aesKeySize) // Default mode is CBC.
+ new CryptoStream (outputStream, aes.CreateEncryptor (key, iv), CryptoStreamMode.Write)
+
+ /// Return a decrypted input stream.
+ let decryptAES (key: byte[]) (iv: byte[]) (inputStream: Stream) : CryptoStream =
+ if key.Length <> aesKeySize / 8 then raise KeySizeError
+ if iv.Length <> 16 then raise IVSizeError
+ use aes = new AesCryptoServiceProvider (KeySize = aesKeySize)
+ new CryptoStream (inputStream, aes.CreateDecryptor (key, iv), CryptoStreamMode.Read)