AES 256 -> AES 128.

[crypto_lab2.git] / labo2-fsharp / CryptoFile / Crypto.fs

diff --git a/labo2-fsharp/CryptoFile/Crypto.fs b/labo2-fsharp/CryptoFile/Crypto.fs
index 560cd13..c81475b 100644 (file)
--- a/labo2-fsharp/CryptoFile/Crypto.fs
+++ b/labo2-fsharp/CryptoFile/Crypto.fs
@@ -9,6 +9,7 @@ module internal Crypto =
     type Data = byte[]
 
     let rsaKeySize = 2048
+    let aesKeySize = 128
 
     /// Returns a cryptographically strong sequence of bytes.
     let rand size : byte[] =
@@ -20,58 +21,43 @@ module internal Crypto =
     /// Generate a new RSA key pair: (public * private).
     let generateRSAKeysPair : Key * Key =
         use rsa = new RSACryptoServiceProvider (rsaKeySize)
-        try
-            rsa.ToXmlString false, rsa.ToXmlString true
-        finally
-            rsa.PersistKeyInCsp <- false
+        rsa.ToXmlString false, rsa.ToXmlString true
 
     let encryptRSA (publicKey: Key) (plaindata: Data) : Data =
         use rsa = new RSACryptoServiceProvider (rsaKeySize)
-        try
-            rsa.FromXmlString publicKey
-            rsa.Encrypt (plaindata, false) // Uses PKCS#1 v1.5 padding.
-        finally
-            rsa.PersistKeyInCsp <- false
+        rsa.FromXmlString publicKey
+        rsa.Encrypt (plaindata, false) // Uses PKCS#1 v1.5 padding.
 
     let decryptRSA (privateKey: Key) (cipherdata: Data) : Data =
         use rsa = new RSACryptoServiceProvider (rsaKeySize)
-        try
-            rsa.FromXmlString privateKey
-            rsa.Decrypt (cipherdata, false) // Uses PKCS#1 v1.5 padding.
-        finally
-            rsa.PersistKeyInCsp <- false
+        rsa.FromXmlString privateKey
+        rsa.Decrypt (cipherdata, false) // Uses PKCS#1 v1.5 padding.
 
     /// Produces a signature from a given hash.
     let signRSA (privKey: Key) (sha256: Data) : Data = 
         use rsa = new RSACryptoServiceProvider (rsaKeySize)
-        try
-            rsa.FromXmlString privKey
-            rsa.SignHash (sha256, CryptoConfig.MapNameToOID "SHA256")
-        finally
-            rsa.PersistKeyInCsp <- false
+        rsa.FromXmlString privKey
+        rsa.SignHash (sha256, CryptoConfig.MapNameToOID "SHA256")
 
     /// Verify a signature against a given hash.
     let verifySignRSA (pubKey: Key) (sha256: Data) (signature: Data) : bool =
         use rsa = new RSACryptoServiceProvider (rsaKeySize)
-        try
-            rsa.FromXmlString pubKey
-            rsa.VerifyHash (sha256, CryptoConfig.MapNameToOID "SHA256", signature)
-        finally
-            rsa.PersistKeyInCsp <- false
+        rsa.FromXmlString pubKey
+        rsa.VerifyHash (sha256, CryptoConfig.MapNameToOID "SHA256", signature)
 
     /// Returns an encrypted output stream.
     let encryptAES (key: byte[]) (iv: byte[]) (outputStream: Stream) : CryptoStream =
-        assert (key.Length = 32 && iv.Length = 16)
+        assert (key.Length = aesKeySize / 8 && iv.Length = 16)
         use aes = new AesCryptoServiceProvider () // Default mode is CBC.
-        aes.KeySize <- 256
+        aes.KeySize <- aesKeySize
         let encryptor = aes.CreateEncryptor (key, iv)
         new CryptoStream (outputStream, encryptor, CryptoStreamMode.Write)
 
     /// Returns a decrypted input stream.
     let decryptAES (key: byte[]) (iv: byte[]) (inputStream: Stream) : CryptoStream =
-        assert (key.Length = 32 && iv.Length = 16)
+        assert (key.Length = aesKeySize / 8 && iv.Length = 16)
         use aes = new AesCryptoServiceProvider ()
-        aes.KeySize <- 256
+        aes.KeySize <- aesKeySize
         let decryptor = aes.CreateDecryptor (key, iv)
         new CryptoStream (inputStream, decryptor, CryptoStreamMode.Read)