Replace AESManager by AesCryptoServiceProvider.

[crypto_lab2.git] / labo2-fsharp / CryptoFile / Crypto.fs

diff --git a/labo2-fsharp/CryptoFile/Crypto.fs b/labo2-fsharp/CryptoFile/Crypto.fs
index 34d54fa..560cd13 100644 (file)
--- a/labo2-fsharp/CryptoFile/Crypto.fs
+++ b/labo2-fsharp/CryptoFile/Crypto.fs
@@ -1,10 +1,11 @@
 namespace CryptoFile
 
+open System
+open System.IO
+open System.Security.Cryptography
+
 // Some cryptography primitives specific to CryptoFile.
 module internal Crypto =
-    open System.Security.Cryptography
-    open System.IO
-
     type Data = byte[]
 
     let rsaKeySize = 2048
@@ -24,7 +25,7 @@ module internal Crypto =
         finally
             rsa.PersistKeyInCsp <- false
 
-    let encryptRSA (publicKey : Key) (plaindata : Data) : Data =
+    let encryptRSA (publicKey: Key) (plaindata: Data) : Data =
         use rsa = new RSACryptoServiceProvider (rsaKeySize)
         try
             rsa.FromXmlString publicKey
@@ -32,7 +33,7 @@ module internal Crypto =
         finally
             rsa.PersistKeyInCsp <- false
 
-    let decryptRSA (privateKey : Key) (cipherdata : Data) : Data =
+    let decryptRSA (privateKey: Key) (cipherdata: Data) : Data =
         use rsa = new RSACryptoServiceProvider (rsaKeySize)
         try
             rsa.FromXmlString privateKey
@@ -41,7 +42,7 @@ module internal Crypto =
             rsa.PersistKeyInCsp <- false
 
     /// Produces a signature from a given hash.
-    let signRSA (privKey : Key) (sha256 : Data) : Data = 
+    let signRSA (privKey: Key) (sha256: Data) : Data = 
         use rsa = new RSACryptoServiceProvider (rsaKeySize)
         try
             rsa.FromXmlString privKey
@@ -50,7 +51,7 @@ module internal Crypto =
             rsa.PersistKeyInCsp <- false
 
     /// Verify a signature against a given hash.
-    let verifySignRSA (pubKey : Key) (sha256 : Data) (signature : Data) : bool =
+    let verifySignRSA (pubKey: Key) (sha256: Data) (signature: Data) : bool =
         use rsa = new RSACryptoServiceProvider (rsaKeySize)
         try
             rsa.FromXmlString pubKey
@@ -59,17 +60,28 @@ module internal Crypto =
             rsa.PersistKeyInCsp <- false
 
     /// Returns an encrypted output stream.
-    let encryptAES (key : byte[]) (iv : byte[]) (outputStream : Stream) : Stream =
+    let encryptAES (key: byte[]) (iv: byte[]) (outputStream: Stream) : CryptoStream =
         assert (key.Length = 32 && iv.Length = 16)
-        use aes = new AesManaged ()
+        use aes = new AesCryptoServiceProvider () // Default mode is CBC.
         aes.KeySize <- 256
         let encryptor = aes.CreateEncryptor (key, iv)
-        new CryptoStream (outputStream, encryptor, CryptoStreamMode.Write) :> Stream
+        new CryptoStream (outputStream, encryptor, CryptoStreamMode.Write)
 
     /// Returns a decrypted input stream.
-    let decryptAES (key : byte[]) (iv : byte[]) (inputStream : Stream) : Stream =
+    let decryptAES (key: byte[]) (iv: byte[]) (inputStream: Stream) : CryptoStream =
         assert (key.Length = 32 && iv.Length = 16)
-        use aes = new AesManaged ()
+        use aes = new AesCryptoServiceProvider ()
         aes.KeySize <- 256
         let decryptor = aes.CreateDecryptor (key, iv)
-        new CryptoStream (inputStream, decryptor, CryptoStreamMode.Read) :> Stream
+        new CryptoStream (inputStream, decryptor, CryptoStreamMode.Read)
+
+    // Create a stream to compute the HMAC-SHA256 against all data being written.
+    let HMACStream (key: byte[]) (outputStream: Stream) : Stream * HMACSHA256 = 
+        assert (key.Length = 32)
+        let hmac = new HMACSHA256 (key)
+        new CryptoStream (outputStream, hmac, CryptoStreamMode.Write) :> Stream, hmac
+
+    let ComputeHMAC (key: byte[]) (inputStream: Stream) : byte[] =
+        assert (key.Length = 32)
+        let hmac = new HMACSHA256 (key)
+        hmac.ComputeHash inputStream
\ No newline at end of file