namespace CryptoFile
+open System
+open System.IO
+open System.Security.Cryptography
+
// Some cryptography primitives specific to CryptoFile.
module internal Crypto =
- open System.Security.Cryptography
- open System.IO
-
type Data = byte[]
let rsaKeySize = 2048
finally
rsa.PersistKeyInCsp <- false
- let encryptRSA (publicKey : Key) (plaindata : Data) : Data =
+ let encryptRSA (publicKey: Key) (plaindata: Data) : Data =
use rsa = new RSACryptoServiceProvider (rsaKeySize)
try
rsa.FromXmlString publicKey
finally
rsa.PersistKeyInCsp <- false
- let decryptRSA (privateKey : Key) (cipherdata : Data) : Data =
+ let decryptRSA (privateKey: Key) (cipherdata: Data) : Data =
use rsa = new RSACryptoServiceProvider (rsaKeySize)
try
rsa.FromXmlString privateKey
rsa.PersistKeyInCsp <- false
/// Produces a signature from a given hash.
- let signRSA (privKey : Key) (sha256 : Data) : Data =
+ let signRSA (privKey: Key) (sha256: Data) : Data =
use rsa = new RSACryptoServiceProvider (rsaKeySize)
try
rsa.FromXmlString privKey
rsa.PersistKeyInCsp <- false
/// Verify a signature against a given hash.
- let verifySignRSA (pubKey : Key) (sha256 : Data) (signature : Data) : bool =
+ let verifySignRSA (pubKey: Key) (sha256: Data) (signature: Data) : bool =
use rsa = new RSACryptoServiceProvider (rsaKeySize)
try
rsa.FromXmlString pubKey
rsa.PersistKeyInCsp <- false
/// Returns an encrypted output stream.
- let encryptAES (key : byte[]) (iv : byte[]) (outputStream : Stream) : Stream =
+ let encryptAES (key: byte[]) (iv: byte[]) (outputStream: Stream) : CryptoStream =
assert (key.Length = 32 && iv.Length = 16)
use aes = new AesManaged ()
aes.KeySize <- 256
let encryptor = aes.CreateEncryptor (key, iv)
- new CryptoStream (outputStream, encryptor, CryptoStreamMode.Write) :> Stream
+ new CryptoStream (outputStream, encryptor, CryptoStreamMode.Write)
/// Returns a decrypted input stream.
- let decryptAES (key : byte[]) (iv : byte[]) (inputStream : Stream) : Stream =
+ let decryptAES (key: byte[]) (iv: byte[]) (inputStream: Stream) : CryptoStream =
assert (key.Length = 32 && iv.Length = 16)
use aes = new AesManaged ()
aes.KeySize <- 256
let decryptor = aes.CreateDecryptor (key, iv)
- new CryptoStream (inputStream, decryptor, CryptoStreamMode.Read) :> Stream
+ new CryptoStream (inputStream, decryptor, CryptoStreamMode.Read)
+
+ // Create a stream to compute the HMAC-SHA256 against all data being written.
+ let HMACStream (key: byte[]) (outputStream: Stream) : Stream * HMACSHA256 =
+ assert (key.Length = 32)
+ let hmac = new HMACSHA256 (key)
+ new CryptoStream (outputStream, hmac, CryptoStreamMode.Write) :> Stream, hmac
+
+ let ComputeHMAC (key: byte[]) (inputStream: Stream) : byte[] =
+ assert (key.Length = 32)
+ let hmac = new HMACSHA256 (key)
+ hmac.ComputeHash inputStream
\ No newline at end of file