private static void SymmetricDecrypt(
TcpChannelToken token,
ArraySegment<byte> dataToDecrypt,
bool useClientKeys)
{
// get the decrypting key.
SymmetricAlgorithm decryptingKey = (useClientKeys)?token.ClientEncryptor:token.ServerEncryptor;
if (decryptingKey == null)
{
throw ServiceResultException.Create(StatusCodes.BadSecurityChecksFailed, "Token missing symmetric key object.");
}
using (ICryptoTransform decryptor = decryptingKey.CreateDecryptor())
{
byte[] blockToDecrypt = dataToDecrypt.Array;
int start = dataToDecrypt.Offset;
int count = dataToDecrypt.Count;
if (count % decryptor.InputBlockSize != 0)
{
throw ServiceResultException.Create(StatusCodes.BadSecurityChecksFailed, "Input data is not an even number of encryption blocks.");
}
decryptor.TransformBlock(blockToDecrypt, start, count, blockToDecrypt, start);
}
}
#endregion