X-Git-Url: http://git.euphorik.ch/?p=crypto_lab2.git;a=blobdiff_plain;f=labo2-fsharp%2FCryptoFile%2FCrypto.fs;fp=labo2-fsharp%2FCryptoFile%2FCrypto.fs;h=c81475b9e24cc6096fb04f07c1e4762ed160ccc8;hp=560cd1316378b366fe731f3acbf07a55d2dee2b2;hb=f88f22ebc8d780fbd86358bf95dffcfb3803f509;hpb=aa6da23b467f0fad1344c6dd29972f56cad7175c diff --git a/labo2-fsharp/CryptoFile/Crypto.fs b/labo2-fsharp/CryptoFile/Crypto.fs index 560cd13..c81475b 100644 --- a/labo2-fsharp/CryptoFile/Crypto.fs +++ b/labo2-fsharp/CryptoFile/Crypto.fs @@ -9,6 +9,7 @@ module internal Crypto = type Data = byte[] let rsaKeySize = 2048 + let aesKeySize = 128 /// Returns a cryptographically strong sequence of bytes. let rand size : byte[] = @@ -20,58 +21,43 @@ module internal Crypto = /// Generate a new RSA key pair: (public * private). let generateRSAKeysPair : Key * Key = use rsa = new RSACryptoServiceProvider (rsaKeySize) - try - rsa.ToXmlString false, rsa.ToXmlString true - finally - rsa.PersistKeyInCsp <- false + rsa.ToXmlString false, rsa.ToXmlString true let encryptRSA (publicKey: Key) (plaindata: Data) : Data = use rsa = new RSACryptoServiceProvider (rsaKeySize) - try - rsa.FromXmlString publicKey - rsa.Encrypt (plaindata, false) // Uses PKCS#1 v1.5 padding. - finally - rsa.PersistKeyInCsp <- false + rsa.FromXmlString publicKey + rsa.Encrypt (plaindata, false) // Uses PKCS#1 v1.5 padding. let decryptRSA (privateKey: Key) (cipherdata: Data) : Data = use rsa = new RSACryptoServiceProvider (rsaKeySize) - try - rsa.FromXmlString privateKey - rsa.Decrypt (cipherdata, false) // Uses PKCS#1 v1.5 padding. - finally - rsa.PersistKeyInCsp <- false + rsa.FromXmlString privateKey + rsa.Decrypt (cipherdata, false) // Uses PKCS#1 v1.5 padding. /// Produces a signature from a given hash. let signRSA (privKey: Key) (sha256: Data) : Data = use rsa = new RSACryptoServiceProvider (rsaKeySize) - try - rsa.FromXmlString privKey - rsa.SignHash (sha256, CryptoConfig.MapNameToOID "SHA256") - finally - rsa.PersistKeyInCsp <- false + rsa.FromXmlString privKey + rsa.SignHash (sha256, CryptoConfig.MapNameToOID "SHA256") /// Verify a signature against a given hash. let verifySignRSA (pubKey: Key) (sha256: Data) (signature: Data) : bool = use rsa = new RSACryptoServiceProvider (rsaKeySize) - try - rsa.FromXmlString pubKey - rsa.VerifyHash (sha256, CryptoConfig.MapNameToOID "SHA256", signature) - finally - rsa.PersistKeyInCsp <- false + rsa.FromXmlString pubKey + rsa.VerifyHash (sha256, CryptoConfig.MapNameToOID "SHA256", signature) /// Returns an encrypted output stream. let encryptAES (key: byte[]) (iv: byte[]) (outputStream: Stream) : CryptoStream = - assert (key.Length = 32 && iv.Length = 16) + assert (key.Length = aesKeySize / 8 && iv.Length = 16) use aes = new AesCryptoServiceProvider () // Default mode is CBC. - aes.KeySize <- 256 + aes.KeySize <- aesKeySize let encryptor = aes.CreateEncryptor (key, iv) new CryptoStream (outputStream, encryptor, CryptoStreamMode.Write) /// Returns a decrypted input stream. let decryptAES (key: byte[]) (iv: byte[]) (inputStream: Stream) : CryptoStream = - assert (key.Length = 32 && iv.Length = 16) + assert (key.Length = aesKeySize / 8 && iv.Length = 16) use aes = new AesCryptoServiceProvider () - aes.KeySize <- 256 + aes.KeySize <- aesKeySize let decryptor = aes.CreateDecryptor (key, iv) new CryptoStream (inputStream, decryptor, CryptoStreamMode.Read)