using System.Security.Cryptography;

/// <summary>
/// Method <c>GetAES</c> creates a custom AES object with the given key
/// and IV, and also specifies the cipher mode and padding mode as
/// with the supplier.
/// </summary>
/// <param name="key">The key to use for the AES object.</param>
/// <param name="iv">The initialization vector to use for the AES object.</param>
static Aes CreateAES(byte[] key, byte[] iv) {
	Aes aes = Aes.Create(); // Create a new instance of Aes
	aes.KeySize = key.Length * 8; // Key size is set to the length of the input key multiplied by 8
	aes.Key = key; // The Key and IV values are set from the parameters
	aes.IV = iv;
	aes.Mode = CipherMode.CBC; // Cipher mode is set to CBC (Cipher Block Chaining) mode
	aes.Padding = PaddingMode.PKCS7; // Padding mode is set to PKCS7 (Public Key Cryptography Standard #7) padding
	return aes;
}

/// <summary>
/// Method <c>Encrypt</c> encrypts the given plain text using the provided AES object.
/// </summary>
/// <param name="plainText">The plain text to encrypt.</param>
/// <param name="aes">The AES object to use for encryption.</param>
/// <returns>The encrypted text as a base64 string.</returns>
static string Encrypt(string plainText, Aes aes) {
	using MemoryStream memoryStream = new(); // Creates a new memory stream for writing data
	using CryptoStream cryptoStream = new(memoryStream, aes.CreateEncryptor(), CryptoStreamMode.Write); // Creates a new CryptoStream using the given Aes object and the memory stream for writing data
	using StreamWriter streamWriter = new(cryptoStream); // Creates a new StreamWriter using the above CryptoStream
	streamWriter.Write(plainText); // Writes the plain text to the StreamWriter
	cryptoStream.FlushFinalBlock(); // Writes the final block of data to the CryptoStream and closes the stream
	string output = Convert.ToBase64String(memoryStream.ToArray()); // Converts the contents of the memory stream to a byte array and returns the base64-encoded string representation of the array
	return output; // Returns the encrypted output as a base64 string
}

/// <summary>
/// Method <c>Decrypt</c> decrypts the given encrypted text using the provided AES object.
/// </summary>
/// <param name="encryptedText">The encrypted text to decrypt, as a Base64 string.</param>
/// <param name="aes">The AES object to use for decryption.</param>
/// <returns>The decrypted string, in plain-text</returns>
static string Decrypt(string encryptedText, Aes aes) {
	using MemoryStream memoryStream = new(Convert.FromBase64String(encryptedText)); // Creates a new memory stream using the given encrypted text, converted from a base64 string to a byte array
	using CryptoStream cryptoStream = new(memoryStream, aes.CreateDecryptor(), CryptoStreamMode.Read); // Creates a new CryptoStream using the given AES object and the memory stream for reading data
	using StreamReader streamReader = new(cryptoStream); // Creates a new StreamReader using the above CryptoStream
	string output = streamReader.ReadToEnd(); // Reads the entire stream and returns the contents as a string
	return output; // Returns the decrypted output as a string
}

byte[] key = Convert.FromBase64String("REDCATED");
byte[] iv  = Convert.FromBase64String("REDACTED");
using Aes aes = CreateAES(key, iv);

string plainText = "Hello, AES-CBC with PKCS7 padding!";
string encrypted = Encrypt(plainText, aes);
Console.WriteLine($"Encrypted text: '{encrypted}' (from '{plainText}')");
string decrypted = Decrypt(encrypted, aes);
Console.WriteLine($"Decrypted text: '{decrypted}' (from '{encrypted}')");

Console.WriteLine();
string secureText = "REDACTED";
try {
	string decrypted2 = Decrypt(secureText, aes);
	Console.WriteLine($"Previously encrypted decrypted text: '{decrypted2}' (from '{secureText}')");
} catch (Exception ex) {
	Console.WriteLine($"Error: {ex.Message}");
}