< Summary

Class:	Azure.Security.KeyVault.Keys.Cryptography.AesKw
Assembly:	Azure.Security.KeyVault.Keys
File(s):	C:\Git\azure-sdk-for-net\sdk\keyvault\Azure.Security.KeyVault.Keys\src\Cryptography\AesKw.cs
Covered lines:	106
Uncovered lines:	29
Coverable lines:	135
Total lines:	422
Line coverage:	78.5% (106 of 135)
Covered branches:	55
Total branches:	76
Branch coverage:	72.3% (55 of 76)

Metrics

Method	Cyclomatic complexity	Line coverage	Branch coverage
.cctor()	-	100%	100%
Create(...)	-	100%	100%
CreateEncryptor(...)	-	100%	100%
CreateEncryptor(...)	-	57.14%	71.43%
CreateDecryptor(...)	-	100%	100%
CreateDecryptor(...)	-	57.14%	71.43%
get_DefaultIv()	-	100%	100%
GetBytes(...)	-	100%	100%
.ctor(...)	-	100%	100%
get_CanReuseTransform()	-	0%	100%
get_CanTransformMultipleBlocks()	-	0%	100%
get_InputBlockSize()	-	0%	100%
get_OutputBlockSize()	-	0%	100%
TransformBlock(...)	-	0%	100%
TransformFinalBlock(...)	-	81.25%	66.67%
Dispose()	-	100%	100%
Dispose(...)	-	100%	100%
.ctor(...)	-	100%	100%
get_CanReuseTransform()	-	0%	100%
get_CanTransformMultipleBlocks()	-	0%	100%
get_InputBlockSize()	-	0%	100%
get_OutputBlockSize()	-	0%	100%
TransformBlock(...)	-	0%	100%
TransformFinalBlock(...)	-	79.41%	65%
Dispose()	-	100%	100%
Dispose(...)	-	100%	100%

File(s)

C:\Git\azure-sdk-for-net\sdk\keyvault\Azure.Security.KeyVault.Keys\src\Cryptography\AesKw.cs

#	Line	Line coverage
	`1`	`// Copyright (c) Microsoft Corporation. All rights reserved.`
	`2`	`// Licensed under the MIT License.`
	`3`
	`4`	`using System;`
	`5`	`using System.Security.Cryptography;`
	`6`
	`7`	`namespace Azure.Security.KeyVault.Keys.Cryptography`
	`8`	`{`
	`9`	`/// <summary>`
	`10`	`/// AES Key Wrap algoritm as defined in https://tools.ietf.org/html/rfc3394`
	`11`	`/// </summary>`
	`12`	`internal abstract class AesKw`
	`13`	`{`
	`14`	`private const int BlockSizeInBits = 64;`
	`15`	`private const int BlockSizeInBytes = BlockSizeInBits >> 3;`
	`16`
2	`17`	`private static readonly byte[] _defaultIv = new byte[] { 0xA6, 0xA6, 0xA6, 0xA6, 0xA6, 0xA6, 0xA6, 0xA6 };`
	`18`
2	`19`	`protected static RandomNumberGenerator Rng = RandomNumberGenerator.Create();`
	`20`
	`21`	`internal static Aes Create(byte[] key)`
	`22`	`{`
20	`23`	`var aes = Aes.Create();`
	`24`
20	`25`	`aes.Mode = CipherMode.ECB;`
20	`26`	`aes.Padding = PaddingMode.None;`
20	`27`	`aes.KeySize = key.Length * 8;`
20	`28`	`aes.Key = key;`
	`29`
20	`30`	`return aes;`
	`31`	`}`
	`32`
	`33`	`public static ICryptoTransform CreateEncryptor(byte[] key)`
	`34`	`{`
10	`35`	`return CreateEncryptor(key, null);`
	`36`	`}`
	`37`
	`38`	`public static ICryptoTransform CreateEncryptor(byte[] key, byte[] iv)`
	`39`	`{`
10	`40`	`if (key == null)`
0	`41`	`throw new ArgumentNullException(nameof(key));`
	`42`
10	`43`	`if (key.Length != 128 >> 3 && key.Length != 192 >> 3 && key.Length != 256 >> 3)`
0	`44`	`throw new ArgumentException("key length must be 128, 192 or 256 bits");`
	`45`
10	`46`	`if (iv != null && iv.Length != 8)`
0	`47`	`throw new ArgumentException("iv length must be 64 bits");`
	`48`
10	`49`	`return new AesKwEncryptor(key, iv ?? DefaultIv);`
	`50`	`}`
	`51`
	`52`	`public static ICryptoTransform CreateDecryptor(byte[] key)`
	`53`	`{`
10	`54`	`return CreateDecryptor(key, null);`
	`55`	`}`
	`56`
	`57`	`public static ICryptoTransform CreateDecryptor(byte[] key, byte[] iv)`
	`58`	`{`
10	`59`	`if (key == null)`
0	`60`	`throw new ArgumentNullException(nameof(key));`
	`61`
10	`62`	`if (key.Length != 128 >> 3 && key.Length != 192 >> 3 && key.Length != 256 >> 3)`
0	`63`	`throw new ArgumentException("key length must be 128, 192 or 256 bits");`
	`64`
10	`65`	`if (iv != null && iv.Length != 8)`
0	`66`	`throw new ArgumentException("iv length must be 64 bits");`
	`67`
10	`68`	`return new AesKwDecryptor(key, iv ?? DefaultIv);`
	`69`	`}`
	`70`
	`71`	`private static byte[] DefaultIv`
	`72`	`{`
20	`73`	`get { return (byte[])_defaultIv.Clone(); }`
	`74`	`}`
	`75`
	`76`	`private static byte[] GetBytes(UInt64 i)`
	`77`	`{`
336	`78`	`byte[] temp = BitConverter.GetBytes(i);`
	`79`
336	`80`	`if (BitConverter.IsLittleEndian)`
	`81`	`{`
336	`82`	`Array.Reverse(temp);`
	`83`	`}`
	`84`
336	`85`	`return temp;`
	`86`	`}`
	`87`
	`88`	`private class AesKwEncryptor : ICryptoTransform`
	`89`	`{`
	`90`	`private Aes _aes;`
	`91`	`private byte[] _iv;`
	`92`
10	`93`	`internal AesKwEncryptor(byte[] keyBytes, byte[] iv)`
	`94`	`{`
	`95`	`// Create the AES provider`
10	`96`	`_aes = AesKw.Create(keyBytes);`
	`97`
	`98`	`// Set the AES IV to Zeroes`
10	`99`	`var aesIv = new byte[_aes.BlockSize >> 3];`
	`100`
10	`101`	`aesIv.Zero();`
	`102`
10	`103`	`_aes.IV = aesIv;`
	`104`
	`105`	`// Remember the real IV`
10	`106`	`_iv = iv.Clone() as byte[];`
10	`107`	`}`
	`108`
	`109`	`public bool CanReuseTransform`
	`110`	`{`
0	`111`	`get { throw new NotImplementedException(); }`
	`112`	`}`
	`113`
	`114`	`public bool CanTransformMultipleBlocks`
	`115`	`{`
0	`116`	`get { throw new NotImplementedException(); }`
	`117`	`}`
	`118`
	`119`	`public int InputBlockSize`
	`120`	`{`
0	`121`	`get { throw new NotImplementedException(); }`
	`122`	`}`
	`123`
	`124`	`public int OutputBlockSize`
	`125`	`{`
0	`126`	`get { throw new NotImplementedException(); }`
	`127`	`}`
	`128`
	`129`	`public int TransformBlock(byte[] inputBuffer, int inputOffset, int inputCount, byte[] outputBuffer, int outp`
	`130`	`{`
	`131`	`// No support for block-by-block transformation`
0	`132`	`throw new NotImplementedException();`
	`133`	`}`
	`134`
	`135`	`public byte[] TransformFinalBlock(byte[] inputBuffer, int inputOffset, int inputCount)`
	`136`	`{`
10	`137`	`if (inputBuffer == null)`
0	`138`	`throw new ArgumentNullException(nameof(inputBuffer));`
	`139`
10	`140`	`if (inputBuffer.Length == 0)`
0	`141`	`throw new ArgumentNullException(nameof(inputBuffer), "The length of the inputBuffer parameter cannot`
	`142`
10	`143`	`if (inputCount <= 0)`
0	`144`	`throw new ArgumentOutOfRangeException(nameof(inputCount), "The inputCount parameter must not be zero`
	`145`
10	`146`	`if (inputCount % 8 != 0)`
0	`147`	`throw new ArgumentOutOfRangeException(nameof(inputCount), "The inputCount parameter must be a multip`
	`148`
10	`149`	`if (inputOffset < 0)`
0	`150`	`throw new ArgumentOutOfRangeException(nameof(inputOffset), "The inputOffset parameter must not be ne`
	`151`
10	`152`	`if (inputOffset + inputCount > inputBuffer.Length)`
0	`153`	`throw new ArgumentOutOfRangeException(nameof(inputCount), "The sum of inputCount and inputOffset par`
	`154`
	`155`	`/*`
	`156`	`1) Initialize variables.`
	`157`
	`158`	`Set A = IV, an initial value (see 2.2.3)`
	`159`	`For i = 1 to n`
	`160`	`R[i] = P[i]`
	`161`
	`162`	`2) Calculate intermediate values.`
	`163`
	`164`	`For j = 0 to 5`
	`165`	`For i=1 to n`
	`166`	`B = AES(K, A \| R[i])`
	`167`	`A = MSB(64, B) ^ t where t = (n*j)+i`
	`168`	`R[i] = LSB(64, B)`
	`169`
	`170`	`3) Output the results.`
	`171`
	`172`	`Set C[0] = A`
	`173`	`For i = 1 to n`
	`174`	`C[i] = R[i]`
	`175`	`*/`
	`176`
	`177`	`// The default initialization vector from RFC3394`
10	`178`	`byte[] a = _iv;`
	`179`
	`180`	`// The number of input blocks`
10	`181`	`var n = inputCount >> 3;`
	`182`
	`183`	`// The set of input blocks`
10	`184`	`byte[] r = new byte[n << 3];`
	`185`
10	`186`	`Array.Copy(inputBuffer, inputOffset, r, 0, inputCount);`
	`187`
10	`188`	`var encryptor = _aes.CreateEncryptor();`
10	`189`	`byte[] block = new byte[16];`
	`190`
	`191`	`// Calculate intermediate values`
140	`192`	`for (var j = 0; j < 6; j++)`
	`193`	`{`
456	`194`	`for (var i = 0; i < n; i++)`
	`195`	`{`
	`196`	`// T = ( n * j ) + i`
168	`197`	`var t = (ulong)((n * j) + i + 1);`
	`198`
	`199`	`// B = AES( K, A \| R[i] )`
	`200`
	`201`	`// First, block = A \| R[i]`
168	`202`	`Array.Copy(a, block, a.Length);`
168	`203`	`Array.Copy(r, i << 3, block, 64 >> 3, 64 >> 3);`
	`204`
	`205`	`// Second, AES( K, block )`
168	`206`	`var b = encryptor.TransformFinalBlock(block, 0, 16);`
	`207`
	`208`	`// A = MSB( 64, B )`
168	`209`	`Array.Copy(b, a, 64 >> 3);`
	`210`
	`211`	`// A = A ^ t`
168	`212`	`a.Xor(GetBytes(t), true);`
	`213`
	`214`	`// R[i] = LSB( 64, B )`
168	`215`	`Array.Copy(b, 64 >> 3, r, i << 3, 64 >> 3);`
	`216`	`}`
	`217`	`}`
	`218`
10	`219`	`var c = new byte[(n + 1) << 3];`
	`220`
10	`221`	`Array.Copy(a, c, a.Length);`
	`222`
76	`223`	`for (var i = 0; i < n; i++)`
	`224`	`{`
28	`225`	`Array.Copy(r, i << 3, c, (i + 1) << 3, 8);`
	`226`	`}`
	`227`
10	`228`	`return c;`
	`229`	`}`
	`230`
	`231`	`public void Dispose()`
	`232`	`{`
10	`233`	`Dispose(true);`
10	`234`	`GC.SuppressFinalize(this);`
10	`235`	`}`
	`236`
	`237`	`protected virtual void Dispose(bool disposing)`
	`238`	`{`
10	`239`	`if (disposing)`
	`240`	`{`
10	`241`	`if (_aes != null)`
	`242`	`{`
10	`243`	`_aes.Dispose();`
10	`244`	`_aes = null;`
	`245`	`}`
	`246`	`}`
10	`247`	`}`
	`248`	`}`
	`249`
	`250`	`private class AesKwDecryptor : ICryptoTransform`
	`251`	`{`
	`252`	`private Aes _aes;`
	`253`	`private byte[] _iv;`
	`254`
10	`255`	`internal AesKwDecryptor(byte[] keyBytes, byte[] iv)`
	`256`	`{`
	`257`	`// Create the AES provider`
10	`258`	`_aes = AesKw.Create(keyBytes);`
	`259`
	`260`	`// Set the AES IV to Zeroes`
10	`261`	`var aesIv = new byte[_aes.BlockSize >> 3];`
	`262`
10	`263`	`aesIv.Zero();`
	`264`
10	`265`	`_aes.IV = aesIv;`
	`266`
	`267`	`// Remember the real IV`
10	`268`	`_iv = iv.Clone() as byte[];`
10	`269`	`}`
	`270`
	`271`	`public bool CanReuseTransform`
	`272`	`{`
0	`273`	`get { throw new NotImplementedException(); }`
	`274`	`}`
	`275`
	`276`	`public bool CanTransformMultipleBlocks`
	`277`	`{`
0	`278`	`get { throw new NotImplementedException(); }`
	`279`	`}`
	`280`
	`281`	`public int InputBlockSize`
	`282`	`{`
0	`283`	`get { throw new NotImplementedException(); }`
	`284`	`}`
	`285`
	`286`	`public int OutputBlockSize`
	`287`	`{`
0	`288`	`get { throw new NotImplementedException(); }`
	`289`	`}`
	`290`
	`291`	`public int TransformBlock(byte[] inputBuffer, int inputOffset, int inputCount, byte[] outputBuffer, int outp`
	`292`	`{`
	`293`	`// No support for block-by-block transformation`
0	`294`	`throw new NotImplementedException();`
	`295`	`}`
	`296`
	`297`	`public byte[] TransformFinalBlock(byte[] inputBuffer, int inputOffset, int inputCount)`
	`298`	`{`
10	`299`	`if (inputBuffer == null)`
0	`300`	`throw new ArgumentNullException(nameof(inputBuffer));`
	`301`
10	`302`	`if (inputBuffer.Length == 0)`
0	`303`	`throw new ArgumentNullException(nameof(inputBuffer), "The length of the inputBuffer parameter cannot`
	`304`
10	`305`	`if (inputCount <= 0)`
0	`306`	`throw new ArgumentOutOfRangeException(nameof(inputCount), "The inputCount parameter must not be zero`
	`307`
10	`308`	`if (inputCount % 8 != 0)`
0	`309`	`throw new ArgumentOutOfRangeException(nameof(inputCount), "The inputCount parameter must be a multip`
	`310`
10	`311`	`if (inputOffset < 0)`
0	`312`	`throw new ArgumentOutOfRangeException(nameof(inputOffset), "The inputOffset parameter must not be ne`
	`313`
10	`314`	`if (inputOffset + inputCount > inputBuffer.Length)`
0	`315`	`throw new ArgumentOutOfRangeException(nameof(inputCount), "The sum of inputCount and inputOffset par`
	`316`
	`317`	`/*`
	`318`	`1) Initialize variables.`
	`319`
	`320`	`Set A = C[0]`
	`321`	`For i = 1 to n`
	`322`	`R[i] = C[i]`
	`323`
	`324`	`2) Compute intermediate values.`
	`325`
	`326`	`For j = 5 to 0`
	`327`	`For i = n to 1`
	`328`	`B = AES-1(K, (A ^ t) \| R[i]) where t = n*j+i`
	`329`	`A = MSB(64, B)`
	`330`	`R[i] = LSB(64, B)`
	`331`
	`332`	`3) Output results.`
	`333`
	`334`	`If A is an appropriate initial value (see 2.2.3),`
	`335`	`Then`
	`336`	`For i = 1 to n`
	`337`	`P[i] = R[i]`
	`338`	`Else`
	`339`	`Return an error`
	`340`	`*/`
	`341`
	`342`	`// A = C[0]`
10	`343`	`byte[] a = new byte[BlockSizeInBytes];`
	`344`
10	`345`	`Array.Copy(inputBuffer, inputOffset, a, 0, BlockSizeInBytes);`
	`346`
	`347`	`// The number of input blocks`
10	`348`	`var n = (inputCount - BlockSizeInBytes) >> 3;`
	`349`
	`350`	`// The set of input blocks`
10	`351`	`byte[] r = new byte[n << 3];`
	`352`
10	`353`	`Array.Copy(inputBuffer, inputOffset + BlockSizeInBytes, r, 0, inputCount - BlockSizeInBytes);`
	`354`
10	`355`	`var encryptor = _aes.CreateDecryptor();`
10	`356`	`byte[] block = new byte[16];`
	`357`
	`358`	`// Calculate intermediate values`
140	`359`	`for (var j = 5; j >= 0; j--)`
	`360`	`{`
456	`361`	`for (var i = n; i > 0; i--)`
	`362`	`{`
	`363`	`// T = ( n * j ) + i`
168	`364`	`var t = (ulong)((n * j) + i);`
	`365`
	`366`	`// B = AES-1(K, (A ^ t) \| R[i] )`
	`367`
	`368`	`// First, A = ( A ^ t )`
168	`369`	`a.Xor(GetBytes(t), true);`
	`370`
	`371`	`// Second, block = ( A \| R[i] )`
168	`372`	`Array.Copy(a, block, BlockSizeInBytes);`
168	`373`	`Array.Copy(r, (i - 1) << 3, block, BlockSizeInBytes, BlockSizeInBytes);`
	`374`
	`375`	`// Third, b = AES-1( block )`
168	`376`	`var b = encryptor.TransformFinalBlock(block, 0, 16);`
	`377`
	`378`	`// A = MSB(64, B)`
168	`379`	`Array.Copy(b, a, BlockSizeInBytes);`
	`380`
	`381`	`// R[i] = LSB(64, B)`
168	`382`	`Array.Copy(b, BlockSizeInBytes, r, (i - 1) << 3, BlockSizeInBytes);`
	`383`	`}`
	`384`	`}`
	`385`
10	`386`	`if (a.SequenceEqualConstantTime(_iv))`
	`387`	`{`
10	`388`	`var c = new byte[n << 3];`
	`389`
76	`390`	`for (var i = 0; i < n; i++)`
	`391`	`{`
28	`392`	`Array.Copy(r, i << 3, c, i << 3, 8);`
	`393`	`}`
	`394`
10	`395`	`return c;`
	`396`	`}`
	`397`	`else`
	`398`	`{`
0	`399`	`throw new CryptographicException("Data is not authentic");`
	`400`	`}`
	`401`	`}`
	`402`
	`403`	`public void Dispose()`
	`404`	`{`
10	`405`	`Dispose(true);`
10	`406`	`GC.SuppressFinalize(this);`
10	`407`	`}`
	`408`
	`409`	`protected virtual void Dispose(bool disposing)`
	`410`	`{`
10	`411`	`if (disposing)`
	`412`	`{`
10	`413`	`if (_aes != null)`
	`414`	`{`
10	`415`	`_aes.Dispose();`
10	`416`	`_aes = null;`
	`417`	`}`
	`418`	`}`
10	`419`	`}`
	`420`	`}`
	`421`	`}`
	`422`	`}`

< Summary

Metrics

File(s)

C:\Git\azure-sdk-for-net\sdk\keyvault\Azure.Security.KeyVault.Keys\src\Cryptography\AesKw.cs

Methods/Properties