let rsaKeySize = 2048
let aesKeySize = 128
+ exception KeySizeError
+ exception IVSizeError
+
/// Returns a cryptographically strong sequence of bytes.
let rand size : byte[] =
let result = Array.zeroCreate size
/// Returns an encrypted output stream.
let encryptAES (key: byte[]) (iv: byte[]) (outputStream: Stream) : CryptoStream =
- assert (key.Length = aesKeySize / 8 && iv.Length = 16)
- use aes = new AesCryptoServiceProvider () // Default mode is CBC.
- aes.KeySize <- aesKeySize
+ if key.Length <> aesKeySize / 8 then raise KeySizeError
+ if iv.Length <> 16 then raise IVSizeError
+ use aes = new AesCryptoServiceProvider (KeySize = aesKeySize) // Default mode is CBC.
let encryptor = aes.CreateEncryptor (key, iv)
new CryptoStream (outputStream, encryptor, CryptoStreamMode.Write)
/// Returns a decrypted input stream.
let decryptAES (key: byte[]) (iv: byte[]) (inputStream: Stream) : CryptoStream =
- assert (key.Length = aesKeySize / 8 && iv.Length = 16)
- use aes = new AesCryptoServiceProvider ()
- aes.KeySize <- aesKeySize
+ if key.Length <> aesKeySize / 8 then raise KeySizeError
+ if iv.Length <> 16 then raise IVSizeError
+ use aes = new AesCryptoServiceProvider (KeySize = aesKeySize)
let decryptor = aes.CreateDecryptor (key, iv)
new CryptoStream (inputStream, decryptor, CryptoStreamMode.Read)
// Create a stream to compute the HMAC-SHA256 against all data being written.
let HMACStream (key: byte[]) (outputStream: Stream) : Stream * HMACSHA256 =
- assert (key.Length = 32)
+ if key.Length <> 32 then raise KeySizeError
let hmac = new HMACSHA256 (key)
new CryptoStream (outputStream, hmac, CryptoStreamMode.Write) :> Stream, hmac
let ComputeHMAC (key: byte[]) (inputStream: Stream) : byte[] =
- assert (key.Length = 32)
+ if key.Length <> 32 then raise KeySizeError
let hmac = new HMACSHA256 (key)
hmac.ComputeHash inputStream
\ No newline at end of file