internal static string Encrypt()

in sdk/PowerBI.Api/Extensions/AsymmetricHigherKeyEncryptionHelper.cs [20:51]

• 21 lines of code
• 1 McCabe index (conditional complexity)

        internal static string Encrypt(byte[] plainTextBytes, byte[] modulusBytes, byte[] exponentBytes)
        {
            // Generate ephemeral keys for encryption (32 bytes), hmac (64 bytes)
            var keyEnc = GetRandomBytes(AES_KEY_SIZE_BYTES);
            var keyMac = GetRandomBytes(HMAC_KEY_SIZE_BYTES);

            // Encrypt message using ephemeral keys and Authenticated Encryption
            var ciphertext = AuthenticatedEncryption.Encrypt(keyEnc, keyMac, plainTextBytes);

            // Encrypt ephemeral keys using RSA
            var keys = new byte[KEY_LENGTHS_PREFIX + keyEnc.Length + keyMac.Length];

            // Prefixing length of Keys. Symmetric Key length followed by HMAC key length
            keys[0] = (byte)KeyLengths.KeyLength32;
            keys[1] = (byte)KeyLengths.KeyLength64;

            Buffer.BlockCopy(keyEnc, 0, keys, 2, keyEnc.Length);
            Buffer.BlockCopy(keyMac, 0, keys, keyEnc.Length + 2, keyMac.Length);
            byte[] encryptedKeys;

            using (var rsa = RSA.Create())
            {
                var rsaKeyInfo = rsa.ExportParameters(false);
                rsaKeyInfo.Modulus = modulusBytes;
                rsaKeyInfo.Exponent = exponentBytes;
                rsa.ImportParameters(rsaKeyInfo);
                encryptedKeys = rsa.Encrypt(keys, RSAEncryptionPadding.OaepSHA256);
            }

            // prepare final payload
            return Convert.ToBase64String(encryptedKeys) + Convert.ToBase64String(ciphertext);
        }