- let decryptAES (key : byte[]) (iv : byte[]) (inputStream : Stream) : Stream =
- assert (key.Length = 32 && iv.Length = 16)
- use aes = new AesManaged ()
- aes.KeySize <- 256
- let decryptor = aes.CreateDecryptor (key, iv)
- new CryptoStream (inputStream, decryptor, CryptoStreamMode.Read) :> Stream
+ let decryptAES (key: byte[]) (iv: byte[]) (inputStream: Stream) : CryptoStream =
+ if key.Length <> aesKeySize / 8 then raise KeySizeError
+ if iv.Length <> 16 then raise IVSizeError
+ use aes = new AesCryptoServiceProvider (KeySize = aesKeySize)
+ new CryptoStream (inputStream, aes.CreateDecryptor (key, iv), CryptoStreamMode.Read)
+
+ // Creates a stream to compute the HMAC-SHA256 against all data being written.
+ let HMACStream (key: byte[]) (outputStream: Stream) : Stream * HMACSHA256 =
+ if key.Length <> 32 then raise KeySizeError
+ let hmac = new HMACSHA256 (key)
+ new CryptoStream (outputStream, hmac, CryptoStreamMode.Write) :> Stream, hmac
+
+ let ComputeHMAC (key: byte[]) (inputStream: Stream) : byte[] =
+ if key.Length <> 32 then raise KeySizeError
+ use hmac = new HMACSHA256 (key)
+ hmac.ComputeHash inputStream
\ No newline at end of file