Rijndael-->Aes (#4456)

Author: tdykstra

samples/snippets/cpp/VS_Snippets_CLR/Cryptography.XML.XMLEncImbedKey/CPP/sample.cpp

@@ -40,8 +40,8 @@ static void Encrypt( XmlDocument^ Doc, String^ ElementToEncrypt, RSA^ Alg, Strin
    // and use it to encrypt the XmlElement with the
    // a new random symmetric key.
    //////////////////////////////////////////////////
-   // Create a 256 bit Rijndael key.
-   RijndaelManaged^ sessionKey = gcnew RijndaelManaged;
+   // Create a 256 bit Aes key.
+   Aes^ sessionKey = Aes::Create();
    sessionKey->KeySize = 256;
    EncryptedXml^ eXml = gcnew EncryptedXml;
    array<Byte>^encryptedElement = eXml->EncryptData( elementToEncrypt, sessionKey, false );

samples/snippets/cpp/VS_Snippets_CLR/Cryptography.XML.XMLEncMapKey/CPP/Cryptography.XML.XMLEncMapKey.cpp

@@ -65,7 +65,7 @@ static void Encrypt( XmlDocument^ Doc, String^ ElementToEncrypt, SymmetricAlgori
       encryptionMethod = EncryptedXml::XmlEncDESUrl;
    }
    else
-   if ( dynamic_cast<Rijndael^>(Alg) )
+   if ( dynamic_cast<Aes^>(Alg) )
    {
       switch ( Alg->KeySize )
       {

samples/snippets/cpp/VS_Snippets_CLR/Cryptography.XML.XMLEncMinimalDecryptData/CPP/Cryptography.XML.XMLEncMinimalDecryptData.cpp

@@ -65,7 +65,7 @@ static void Encrypt( XmlDocument^ Doc, String^ ElementToEncrypt, SymmetricAlgori
       encryptionMethod = EncryptedXml::XmlEncDESUrl;
    }
    else
-   if ( dynamic_cast<Rijndael^>(Alg) )
+   if ( dynamic_cast<Aes^>(Alg) )
    {
       switch ( Alg->KeySize )
       {

samples/snippets/cpp/VS_Snippets_CLR_Classic/classic CryptoStream Example/CPP/source.cpp

@@ -8,7 +8,7 @@ using namespace System::ComponentModel;
 using namespace System::Security::Cryptography;
 
 // <Snippet1>
-void EncryptData( String^ inName, String^ outName, array<Byte>^rijnKey, array<Byte>^rijnIV )
+void EncryptData( String^ inName, String^ outName, array<Byte>^aesKey, array<Byte>^aesIV )
 {
 
    //Create the file streams to handle the input and output files.
@@ -24,9 +24,9 @@ void EncryptData( String^ inName, String^ outName, array<Byte>^rijnKey, array<By
 
    int len; //This is the number of bytes to be written at a time.
 
-   SymmetricAlgorithm^ rijn = SymmetricAlgorithm::Create(); //Creates the default implementation, which is RijndaelManaged.         
+   Aes^ aes = Aes::Create();
 
-   CryptoStream^ encStream = gcnew CryptoStream( fout,rijn->CreateEncryptor( rijnKey, rijnIV ),CryptoStreamMode::Write );
+   CryptoStream^ encStream = gcnew CryptoStream( fout,aes->CreateEncryptor( aesKey, aesIV ),CryptoStreamMode::Write );
    Console::WriteLine( "Encrypting..." );
 
    //Read from the input file, then encrypt and write to the output file.

samples/snippets/cpp/VS_Snippets_CLR_System/system.Security.Cryptography.KeySizes/CPP/members.cpp

@@ -27,19 +27,17 @@ namespace CryptographySample
 
             // Create a new symmetric algorithm and display its 
             // key values.
-            SymmetricAlgorithm^ symAlg = 
-                SymmetricAlgorithm::Create();
-            ShowKeys(symAlg->LegalKeySizes, symAlg->ToString());
-            Console::WriteLine("rijn.blocksize:{0}", 
-                    symAlg->BlockSize);
+            Aes^ aes = Aes::Create();
+            ShowKeys(aes->LegalKeySizes, aes->ToString());
+            Console::WriteLine("aes.blocksize:{0}", 
+                    aes->BlockSize);
 
             // Create a new RSA algorithm and display its key values.
-            RSACryptoServiceProvider^ rsaCSP = 
-                   gcnew RSACryptoServiceProvider(384);
-            ShowKeys(rsaCSP->LegalKeySizes, rsaCSP->ToString());
-            Console::WriteLine("RSACryptoServiceProvider KeySize ="
+            RSA^ rsa = RSA::Create();
+            ShowKeys(rsa->LegalKeySizes, rsa->ToString());
+            Console::WriteLine("RSA KeySize ="
                 " {0}",
-                    rsaCSP->KeySize);
+                    rsa->KeySize);
 
             Console::WriteLine("This sample completed successfully; " 
                    "press Enter to exit.");
@@ -96,17 +94,17 @@ int main()
 // Interval between key size bits: 64
 // 
 // KeySizes retrieved from the 
-//  System.Security.Cryptography.RijndaelManaged object.
+//  System.Security.Cryptography.Aes object.
 // Minimum key size bits: 128
 // Maximum key size bits: 256
 // Interval between key size bits: 64
-// rijn.blocksize:128
+// aes.blocksize:128
 // 
 // KeySizes retrieved from the
-// System.Security.Cryptography.RSACryptoServiceProvider object.
-// Minimum key size bits: 384
+// System.Security.Cryptography.RSA object.
+// Minimum key size bits: 512
 // Maximum key size bits: 16384
-// Interval between key size bits: 8
-// RSACryptoServiceProvider KeySize = 384
+// Interval between key size bits: 64
+// RSA KeySize = 2048
 // This sample completed successfully; press Enter to exit.
-//</Snippet1>
+//</Snippet1>

samples/snippets/cpp/VS_Snippets_CLR_System/system.Security.Cryptography.RSACryptoServiceProvider.Encrypt/CPP/sample.cpp

@@ -32,7 +32,7 @@ int main()
       RSA->ImportParameters( RSAKeyInfo );
 
       //Create a new instance of the Aes class.
-      Aes^ aes = gcnew Aes;
+      Aes^ aes = Aes::Create();
 
       //Encrypt the symmetric key and IV.
       EncryptedSymmetricKey = RSA->Encrypt( aes->Key, false );

samples/snippets/csharp/VS_Snippets_CFX/s_ue_secureconversationservicecredential/cs/source.cs

@@ -76,9 +76,9 @@ static void Configure(ServiceHost serviceHost)
     }
     public class CertificateSecurityStateEncoder : SecurityStateEncoder
     {
-        RSACryptoServiceProvider rsaCryptoServiceProvider;
+        RSA rsa;
         CookieContainerSerializer serializer;
-        RijndaelManaged aesAlg;
+        Aes aesAlg;
 
         public CertificateSecurityStateEncoder(X509Certificate2 protectionCertificate)
         {
@@ -92,24 +92,24 @@ public CertificateSecurityStateEncoder(X509Certificate2 protectionCertificate)
                 throw new ArgumentException("protectionCertificate does not contain the private key which is required for performing encypt / decrypt operations.");
             }
 
-            rsaCryptoServiceProvider = protectionCertificate.PrivateKey as RSACryptoServiceProvider;
-            if (rsaCryptoServiceProvider == null)
+            rsa = protectionCertificate.GetRSAPrivateKey();
+            if (rsa == null)
             {
-                throw new NotSupportedException("protectionCertificate must have a private key of type RSACryptoServiceProvider.");
+                throw new NotSupportedException("protectionCertificate must have a private key of type RSA.");
             }
 
             serializer = new CookieContainerSerializer();
 
             // The symmetric key algorithm used to protect the cookie.
-            aesAlg = new RijndaelManaged();
+            aesAlg = Aes.Create();
         }
 
         protected override byte[] EncodeSecurityState(byte[] data)
         {
             // Create a new cookie container that will protect the WCF cookie.
             // Possible improvement: use a caching scheme so that a new cookie container
             // need not be created each time to improve performance.
-            CookieContainer cookieContainer = new CookieContainer(rsaCryptoServiceProvider, aesAlg);
+            CookieContainer cookieContainer = new CookieContainer(rsa, aesAlg);
 
             // Encrypt the cookie from WCF with our own scheme so that any of the backend services
             // can decrypt it.
@@ -123,7 +123,7 @@ protected override byte[] DecodeSecurityState(byte[] data)
         {
             // Possible improvement: use a caching scheme so that a new cookie container
             // need not be created each time to improve performance.
-            CookieContainer cookieContainer = serializer.Deserialize(rsaCryptoServiceProvider, aesAlg, data);
+            CookieContainer cookieContainer = serializer.Deserialize(rsa, aesAlg, data);
 
             // Decrypt the cookie and return it to WCF so that WCF can use the cookie to
             // perform its own cryptographic operations.
@@ -139,7 +139,7 @@ class CookieContainerSerializer
         /// <param name="aesAlg">The symmetric key algorithm to use to decrypt the cookie block.</param>
         /// <param name="data">The byte array to deserialize.</param>
         /// <returns>The deserialized cookie container instance.</returns>
-        public CookieContainer Deserialize(RSACryptoServiceProvider rsaKey, RijndaelManaged aesAlg, byte[] data)
+        public CookieContainer Deserialize(RSA rsaKey, Aes aesAlg, byte[] data)
         {
             CookieContainer cookieContainer = new CookieContainer(rsaKey, aesAlg);
             // Length of the IV according to the AES algorithm (in bytes).
@@ -221,23 +221,23 @@ class CookieContainer
         byte[] encryptedCookie;
         ICryptoTransform encryptor;
         ICryptoTransform decryptor;
-        RijndaelManaged aesAlg;
-        RSACryptoServiceProvider protectionRsaKey;
+        Aes aesAlg;
+        RSA protectionRsaKey;
 
         /// <summary>
         /// Creates a new cookie container and auto-generate a symmetric key protected
         /// with the RSA key.
         /// </summary>
         /// <param name="rsaKey">The RSA key to protect the generated symmetric key.</param>
         /// <param name="aesAlg">The symmetric key algorithm to use.</param>
-        public CookieContainer(RSACryptoServiceProvider rsaKey, RijndaelManaged aesAlg)
+        public CookieContainer(RSA rsaKey, Aes aesAlg)
         {
             this.aesAlg = aesAlg;
             this.iv = aesAlg.IV;
 
             // Use the RSA key in the X509Certificate to protect the symmetric key.
             this.protectionRsaKey = rsaKey;
-            this.encryptedSymmetricKey = protectionRsaKey.Encrypt(aesAlg.Key, true);
+            this.encryptedSymmetricKey = protectionRsaKey.Encrypt(aesAlg.Key, RSAEncryptionPadding.OaepSHA1);
 
             // Create the enryptor and decryptor that will perform the actual
             // cryptographic operations.
@@ -266,7 +266,7 @@ public void CreateCryptoTransformers()
         {
             // Only a service configured with the right X509 certificate
             // can decrypt the symmetric key.
-            byte[] symmetricKey = protectionRsaKey.Decrypt(encryptedSymmetricKey, true);
+            byte[] symmetricKey = protectionRsaKey.Decrypt(encryptedSymmetricKey, RSAEncryptionPadding.OaepSHA1);
 
             // Create an encryptor based on the symmetric key which can be used to encrypt SCT cookie blob.
             this.encryptor = aesAlg.CreateEncryptor(symmetricKey, iv);

samples/snippets/csharp/VS_Snippets_CLR/Cryptography.XML.DataReference/cs/sample.cs

@@ -96,8 +96,8 @@ public static void Encrypt(XmlDocument Doc, string ElementToEncrypt, string Encr
         // a new random symmetric key.
         //////////////////////////////////////////////////
 
-        // Create a 256 bit Rijndael key.
-        RijndaelManaged sessionKey = new RijndaelManaged();
+        // Create a 256 bit Aes key.
+        Aes sessionKey = Aes.Create();
         sessionKey.KeySize = 256;
 
         EncryptedXml eXml = new EncryptedXml();

samples/snippets/csharp/VS_Snippets_CLR/Cryptography.XML.EncryptedData/cs/sample.cs

@@ -78,8 +78,8 @@ public static void Encrypt(XmlDocument Doc, string ElementToEncrypt, RSA Alg, st
 		// a new random symmetric key.
 		//////////////////////////////////////////////////
 
-		// Create a 256 bit Rijndael key.
-		RijndaelManaged sessionKey = new RijndaelManaged();
+		// Create a 256 bit Aes key.
+		Aes sessionKey = Aes.Create();
 		sessionKey.KeySize = 256;
 
 		EncryptedXml eXml = new EncryptedXml();

samples/snippets/csharp/VS_Snippets_CLR/Cryptography.XML.EncryptedKey/cs/example.cs

@@ -78,8 +78,8 @@ public static void Encrypt(XmlDocument Doc, string ElementToEncrypt, RSA Alg, st
 		// a new random symmetric key.
 		//////////////////////////////////////////////////
 
-		// Create a 256 bit Rijndael key.
-		RijndaelManaged sessionKey = new RijndaelManaged();
+		// Create a 256 bit Aes key.
+		Aes sessionKey = Aes.Create();
 		sessionKey.KeySize = 256;
 
 		EncryptedXml eXml = new EncryptedXml();