public static extern uint NCryptDeriveKey(SafeNCryptSecretHandle hSharedSecret,
string kdf,
NCryptBufferDesc parameterList,
byte[] derivedKey,
uint derivedKeyByteSize,
out uint result,
uint flags);
private static unsafe byte[] DeriveKeyMaterial(SafeNCryptSecretHandle secretAgreement, string kdf, NCryptBuffer[] parameters, SecretAgreementFlags flags)
{
fixed(NCryptBuffer *bufferRef = parameters)
{
NCryptBufferDesc pParameterList = new NCryptBufferDesc {
ulVersion = 0,
cBuffers = parameters.Length,
pBuffers = new IntPtr((void *)bufferRef)
};
int pcbResult = 0;
ErrorCode code = UnsafeNativeMethods.NCryptDeriveKey(secretAgreement, kdf, ref pParameterList, null, 0, out pcbResult, flags);
if ((code != ErrorCode.Success) && (code != ErrorCode.BufferTooSmall))
{
throw new CryptographicException((int)code);
}
byte[] pbDerivedKey = new byte[pcbResult];
code = UnsafeNativeMethods.NCryptDeriveKey(secretAgreement, kdf, ref pParameterList, pbDerivedKey, pbDerivedKey.Length, out pcbResult, flags);
if (code != ErrorCode.Success)
{
throw new CryptographicException((int)code);
}
return(pbDerivedKey);
}
}
public static extern uint NCryptDeriveKey(SafeNCryptSecretHandle hSharedSecret,
string kdf,
NCryptBufferDesc parameterList,
byte[] derivedKey,
uint derivedKeyByteSize,
out uint result,
uint flags);
private static extern ErrorCode NCryptDeriveKey(
SafeNCryptSecretHandle hSharedSecret,
string pwszKDF,
[In] ref NCryptBufferDesc pParameterList,
[Out, MarshalAs(UnmanagedType.LPArray)] byte[]?pbDerivedKey,
int cbDerivedKey,
[Out] out int pcbResult,
SecretAgreementFlags dwFlags);
public static extern ErrorCode NCryptDeriveKey(
SafeNCryptSecretHandle hSharedSecret,
[In] string pwszKDF,
[In] ref NCryptBufferDesc pParameterList,
[MarshalAs(UnmanagedType.LPArray), In, Out] byte[] pbDerivedKey,
int cbDerivedKey,
[Out] out int pcbResult,
int dwFlags);
public static extern int NCryptExportKey(
SafeNCryptKeyHandle hKey,
IntPtr hExportKey,
string pszBlobType,
ref NCryptBufferDesc pParameterList,
byte[] pbOutput,
int cbOutput,
[Out] out int pcbResult,
int dwFlags);
public static extern int NCryptImportKey(
SafeNCryptProviderHandle hProvider,
IntPtr hImportKey,
string pszBlobType,
ref NCryptBufferDesc pParameterList,
out SafeNCryptKeyHandle phKey,
IntPtr pbData,
int cbData,
NCryptImportFlags dwFlags);
internal static extern int NCryptImportKey(
SafeNCryptProviderHandle hProvider,
IntPtr hImportKey, // NCRYPT_KEY_HANDLE
string pszBlobType,
ref NCryptBufferDesc pParameterList,
[Out] out SafeNCryptKeyHandle phKey,
[MarshalAs(UnmanagedType.LPArray)] byte[] pbData,
int cbData,
int dwFlags);
private static unsafe byte[] DeriveKeyMaterial(
SafeNCryptSecretHandle secretAgreement,
string kdf,
ReadOnlySpan <NCryptBuffer> parameters,
SecretAgreementFlags flags)
{
fixed(NCryptBuffer *pParameters = &MemoryMarshal.GetReference(parameters))
{
NCryptBufferDesc parameterDesc = default;
parameterDesc.ulVersion = 0;
parameterDesc.cBuffers = parameters.Length;
parameterDesc.pBuffers = new IntPtr(pParameters);
// Figure out how big the key material is
ErrorCode error = NCryptDeriveKey(
secretAgreement,
kdf,
ref parameterDesc,
null,
0,
out int keySize,
flags);
if (error != ErrorCode.ERROR_SUCCESS && error != ErrorCode.NTE_BUFFER_TOO_SMALL)
{
throw error.ToCryptographicException();
}
// Allocate memory for the key material and generate it
byte[] keyMaterial = new byte[keySize];
error = NCryptDeriveKey(
secretAgreement,
kdf,
ref parameterDesc,
keyMaterial,
keyMaterial.Length,
out keySize,
flags);
if (error != ErrorCode.ERROR_SUCCESS)
{
throw error.ToCryptographicException();
}
// Just in case it shrank the answer once it had a buffer.
Array.Resize(ref keyMaterial, Math.Min(keySize, keyMaterial.Length));
return(keyMaterial);
}
}
public static extern unsafe SECURITY_STATUS NCryptExportKey(
SafeKeyHandle hKey,
SafeKeyHandle hExportKey,
string pszBlobType,
NCryptBufferDesc* pParameterList,
byte[] pbOutput,
int cbOutput,
out int pcbResult,
NCryptExportKeyFlags dwFlags = NCryptExportKeyFlags.None);
internal static extern ErrorCode NCryptExportKey(SafeNCryptKeyHandle hKey, IntPtr hExportKey, string pszBlobType, ref NCryptBufferDesc pParameterList, ref byte pbOutput, int cbOutput, [Out] out int pcbResult, int dwFlags);
internal static extern ErrorCode NCryptImportKey(SafeNCryptProviderHandle hProvider, IntPtr hImportKey, string pszBlobType, ref NCryptBufferDesc pParameterList, [Out] out SafeNCryptKeyHandle phKey, ref byte pbData, int cbData, int dwFlags);
public static extern unsafe SECURITY_STATUS NCryptImportKey(
SafeProviderHandle hProvider,
SafeKeyHandle hImportKey,
string pszBlobType,
NCryptBufferDesc* pParameterList,
out SafeKeyHandle phKey,
byte* pbData,
int cbData,
NCryptExportKeyFlags dwFlags = NCryptExportKeyFlags.None);
public static extern unsafe SECURITY_STATUS NCryptDeriveKey(
SafeSecretHandle hSharedSecret,
string pwszKDF,
NCryptBufferDesc* pParameterList,
byte* pbDerivedKey,
int cbDerivedKey,
out int pcbResult,
NCryptDeriveKeyFlags dwFlags = NCryptDeriveKeyFlags.None);
public static extern unsafe SECURITY_STATUS NCryptKeyDerivation(
SafeKeyHandle hKey,
NCryptBufferDesc* pParameterList,
byte* pbDerivedKey,
int cbDerivedKey,
out int pcbResult,
NCryptKeyDerivationFlags dwFlags = NCryptKeyDerivationFlags.None);
