X-Git-Url: http://git.euphorik.ch/?p=crypto_lab2.git;a=blobdiff_plain;f=labo2-fsharp%2FCryptoFile%2FCrypto.fs;h=a7ba53ccf31c8c8c3de3484441f98c86e60ac453;hp=8ea0629fb0f8c732aa98afaef256316c0a07517b;hb=a29300558755d533aff12a6fb668c7e985ca4617;hpb=f704549d66e764b5ea1223a80509b2c8e6061355

diff --git a/labo2-fsharp/CryptoFile/Crypto.fs b/labo2-fsharp/CryptoFile/Crypto.fs
index 8ea0629..a7ba53c 100644
--- a/labo2-fsharp/CryptoFile/Crypto.fs
+++ b/labo2-fsharp/CryptoFile/Crypto.fs
@@ -17,11 +17,11 @@ module internal Crypto =
     /// Returns a cryptographically strong sequence of bytes.
     let rand size : byte[] =
         let result = Array.zeroCreate size
-        let generator = new RNGCryptoServiceProvider ()
+        use generator = new RNGCryptoServiceProvider ()
         generator.GetBytes result
         result
 
-    /// Generate a new RSA key pair: (public * private).
+    /// Generates a new RSA key pair: (public * private).
     let generateRSAKeysPair : Key * Key =
         use rsa = new RSACryptoServiceProvider (rsaKeySize)
         rsa.ToXmlString false, rsa.ToXmlString true
@@ -29,12 +29,12 @@ module internal Crypto =
     let encryptRSA (publicKey: Key) (plaindata: Data) : Data =
         use rsa = new RSACryptoServiceProvider (rsaKeySize)
         rsa.FromXmlString publicKey
-        rsa.Encrypt (plaindata, false) // Uses PKCS#1 v1.5 padding.
+        rsa.Encrypt (plaindata, true) // Uses padding OAEP (PKCS#1 v2).
 
     let decryptRSA (privateKey: Key) (cipherdata: Data) : Data =
         use rsa = new RSACryptoServiceProvider (rsaKeySize)
         rsa.FromXmlString privateKey
-        rsa.Decrypt (cipherdata, false) // Uses PKCS#1 v1.5 padding.
+        rsa.Decrypt (cipherdata, true) // Uses padding OAEP (PKCS#1 v2).
 
     /// Produces a signature from a given hash.
     let signRSA (privKey: Key) (sha256: Data) : Data = 
@@ -53,18 +53,16 @@ module internal Crypto =
         if key.Length <> aesKeySize / 8 then raise KeySizeError
         if iv.Length <> 16 then raise IVSizeError
         use aes = new AesCryptoServiceProvider (KeySize = aesKeySize) // Default mode is CBC.
-        let encryptor = aes.CreateEncryptor (key, iv)
-        new CryptoStream (outputStream, encryptor, CryptoStreamMode.Write)
+        new CryptoStream (outputStream, aes.CreateEncryptor (key, iv), CryptoStreamMode.Write)
 
     /// Returns a decrypted input stream.
     let decryptAES (key: byte[]) (iv: byte[]) (inputStream: Stream) : CryptoStream =
         if key.Length <> aesKeySize / 8 then raise KeySizeError
         if iv.Length <> 16 then raise IVSizeError
         use aes = new AesCryptoServiceProvider (KeySize = aesKeySize)
-        let decryptor = aes.CreateDecryptor (key, iv)
-        new CryptoStream (inputStream, decryptor, CryptoStreamMode.Read)
+        new CryptoStream (inputStream, aes.CreateDecryptor (key, iv), CryptoStreamMode.Read)
 
-    // Create a stream to compute the HMAC-SHA256 against all data being written.
+    // Creates a stream to compute the HMAC-SHA256 against all data being written.
     let HMACStream (key: byte[]) (outputStream: Stream) : Stream * HMACSHA256 = 
         if key.Length <> 32 then raise KeySizeError
         let hmac = new HMACSHA256 (key)
@@ -72,5 +70,5 @@ module internal Crypto =
 
     let ComputeHMAC (key: byte[]) (inputStream: Stream) : byte[] =
         if key.Length <> 32 then raise KeySizeError
-        let hmac = new HMACSHA256 (key)
+        use hmac = new HMACSHA256 (key)
         hmac.ComputeHash inputStream
\ No newline at end of file