/
IAsymmetricCryptographyRSA.cs
109 lines (94 loc) · 7.16 KB
/
IAsymmetricCryptographyRSA.cs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
/*
Copyright 2020 Raphael Beck
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
using Org.BouncyCastle.Security;
namespace GlitchedPolygons.Services.Cryptography.Asymmetric
{
/// <summary>
/// Service interface for encrypting and decrypting <c>string</c>s and <c>byte</c>[] arrays.<para> </para>
/// Make sure that everything you encrypt with these methods will also be decrypted again using the same code.<para> </para>
/// DO NOT MIX crypto libraries under any circumstances!
/// <seealso cref="IAsymmetricKeygenRSA"/>
/// </summary>
public interface IAsymmetricCryptographyRSA
{
#region Encrypting and decrypting
/// <summary>
/// Encrypts the specified text using the provided RSA public key.
/// </summary>
/// <param name="text">The plain text to encrypt.</param>
/// <param name="publicKeyPem">The public RSA key for encryption. Needs to be a PEM-formatted <c>string</c>.</param>
/// <returns>The encrypted <c>string</c>; <c>string.Empty</c> if the passed key or plain text argument was <c>null</c> or empty; <c>null</c> if encryption failed.</returns>
string Encrypt(string text, string publicKeyPem);
/// <summary>
/// Decrypts the specified text using the provided RSA private key.
/// </summary>
/// <param name="encryptedText">The encrypted text to decrypt.</param>
/// <param name="privateKeyPem">The private RSA key needed for decryption (PEM-formatted <c>string</c>).</param>
/// <returns>Decrypted <c>string</c>; <c>null</c> if the passed key or encrypted text argument was <c>null</c> or empty; <c>null</c> if decryption failed.</returns>
string Decrypt(string encryptedText, string privateKeyPem);
/// <summary>
/// Encrypts the specified bytes using the provided RSA public key, which needs to be a PEM-formatted <c>string</c>.
/// </summary>
/// <param name="data">The data (<c>byte[]</c> array) to encrypt.</param>
/// <param name="publicKeyPem">The public key (PEM-formatted <c>string</c>) to use for encryption.</param>
/// <returns>The encrypted bytes (<c>System.Byte[]</c>) if successful; <c>Array.Empty<byte>()</c> if the passed data or key argument was <c>null</c> or empty; <c>null</c> if encryption failed.</returns>
byte[] Encrypt(byte[] data, string publicKeyPem);
/// <summary>
/// Decrypts the specified bytes using the provided private RSA key (the key needs to be a PEM-formatted <c>string</c>).
/// </summary>
/// <param name="encryptedData">The encrypted data bytes (<c>byte[]</c>).</param>
/// <param name="privateKeyPem">The private RSA key to use for decryption (PEM-formatted <c>string</c>).</param>
/// <returns>Decrypted bytes (System.Byte[]) if successful; an empty <c>byte[]</c> array if the passed data or key argument was <c>null</c> or empty; <c>null</c> if decryption failed.</returns>
byte[] Decrypt(byte[] encryptedData, string privateKeyPem);
#endregion
#region Signing and verifying
/// <summary>
/// Signs the specified <c>string</c> using the provided private RSA key.<para> </para>
/// If the procedure succeeds, the calculated signature <c>string</c> is returned (which is base-64 encoded). Otherwise,
/// an empty <c>string</c> is returned if the provided <paramref name="data"/> and/or <paramref name="privateKeyPem"/> parameters
/// were <c>null</c> or empty. If the procedure fails entirely, <c>null</c> is returned.
/// </summary>
/// <param name="data">The data to sign.</param>
/// <param name="privateKeyPem">The private RSA key to use for generating the signature (PEM-formatted <c>string</c>)</param>
/// <returns>The signature (base-64 encoded <c>string</c>) if successful. <c>string.Empty</c> is returned if the provided <paramref name="data"/> and/or <paramref name="privateKeyPem"/> parameters were <c>null</c> or empty. Returns <c>null</c> if signing failed entirely.</returns>
string Sign(string data, string privateKeyPem);
/// <summary>
/// Verifies a signature that was obtained using <see cref="Sign(string,string)"/> with a public RSA key (which needs to be a PEM-formatted <c>string</c>).<para> </para>
/// </summary>
/// <param name="data">The data whose signature you want to verify.</param>
/// <param name="signature">The passed <paramref name="data"/>'s signature (return value of <see cref="Sign(string,string)"/>).</param>
/// <param name="publicKeyPem">The public RSA key (PEM-formatted <c>string</c>) to use for signature verification.</param>
/// <returns>Whether the data's signature verification succeeded or not.</returns>
bool Verify(string data, string signature, string publicKeyPem);
/// <summary>
/// Signs the specified data <c>byte[]</c> array using the provided private RSA key (which needs to be a PEM-formatted <c>string</c>).<para> </para>
/// If the procedure succeeds, the calculated signature <c>byte[]</c> array is returned. Otherwise,
/// an empty <c>byte[]</c> array is returned if the provided <paramref name="data"/> and/or <paramref name="privateKeyPem"/> parameters
/// were <c>null</c> or empty. If the procedure fails entirely, <c>null</c> is returned.
/// </summary>
/// <param name="data">The data to sign.</param>
/// <param name="privateKeyPem">The private RSA key to use for generating the signature (PEM-formatted <c>string</c>)</param>
/// <returns>The signature (<c>byte[]</c>), <c>string.Empty</c> if the provided <paramref name="data"/> and/or <paramref name="privateKeyPem"/> parameters were <c>null</c> or empty. Returns <c>null</c> if signing failed entirely.</returns>
/// <seealso cref="SignerUtilities"/>
byte[] Sign(byte[] data, string privateKeyPem);
/// <summary>
/// Verifies a signature that was obtained using <see cref="Sign(byte[],string)"/> with a public RSA key (which needs to be a PEM-formatted <c>string</c>).<para> </para>
/// </summary>
/// <param name="data">The data whose signature you want to verify.</param>
/// <param name="signature">The passed <paramref name="data"/>'s signature (return value of <see cref="Sign(byte[],string)"/>).</param>
/// <param name="publicKeyPem">The public RSA key (PEM-formatted) to use for signature verification.</param>
/// <returns>Whether the data's signature verification succeeded or not.</returns>
bool Verify(byte[] data, byte[] signature, string publicKeyPem);
#endregion
}
}