Beispiel #1
0
        public bool VerifyHash(byte[] hash, byte[] signature, CngAlgorithm hashAlgorithm)
        {
            if (hash == null)
            {
                throw new ArgumentNullException("hash");
            }
            if (signature == null)
            {
                throw new ArgumentNullException("signature");
            }
            if (hashAlgorithm == null)
            {
                throw new ArgumentNullException("hashAlgorithm");
            }

            switch (SignaturePaddingMode)
            {
            case AsymmetricPaddingMode.Pkcs1:
                return(NCryptNative.VerifySignaturePkcs1(KeyHandle, hash, hashAlgorithm.Algorithm, signature));

            case AsymmetricPaddingMode.Pss:
                return(NCryptNative.VerifySignaturePss(KeyHandle, hash, hashAlgorithm.Algorithm, SignatureSaltBytes, signature));

            default:
                throw new InvalidOperationException(Properties.Resources.UnsupportedPaddingMode);
            }
        }
Beispiel #2
0
 /// <summary>
 ///     Get an enumerator containing a <see cref="CngProvider" /> for each of the installed NCrypt
 ///     key storage providers on the current machine.
 /// </summary>
 public IEnumerator <CngProvider> GetEnumerator()
 {
     foreach (NCryptNative.NCryptProviderName providerName in NCryptNative.EnumerateStorageProviders())
     {
         yield return(new CngProvider(providerName.pszName));
     }
 }
Beispiel #3
0
 public static IEnumerable <CngKey> GetKeys(this CngProvider provider, CngKeyOpenOptions openOptions)
 {
     using (SafeNCryptProviderHandle providerHandle = provider.OpenProvider())
     {
         foreach (var key in NCryptNative.EnumerateKeys(providerHandle, openOptions))
         {
             yield return(CngKey.Open(key.pszName, provider));
         }
     }
 }
Beispiel #4
0
 public static IEnumerable <CngAlgorithm> GetSupportedAlgorithms(this CngProvider provider,
                                                                 NCryptAlgorithmOperations operations)
 {
     using (SafeNCryptProviderHandle providerHandle = provider.OpenProvider())
     {
         foreach (NCryptNative.NCryptAlgorithmName algorithm in NCryptNative.EnumerateAlgorithms(providerHandle, operations))
         {
             yield return(new CngAlgorithm(algorithm.pszName));
         }
     }
 }
        public static IEnumerable <CngKey> GetKeys(this CngProvider provider, CngKeyOpenOptions openOptions)
        {
            using (SafeNCryptProviderHandle providerHandle = provider.OpenProvider())
            {
                NCryptNative.NCryptKeyName[] keyNames = NCryptNative.EnumerateKeys(providerHandle, openOptions);
                CngKey[] keys = new CngKey[keyNames.Length];

                for (int i = 0; i < keys.Length; ++i)
                {
                    keys[i] = CngKey.Open(keyNames[i].pszName, provider);
                }

                return(keys);
            }
        }
        public static IEnumerable <CngAlgorithm> GetSupportedAlgorithms(this CngProvider provider,
                                                                        NCryptAlgorithmOperations operations)
        {
            using (SafeNCryptProviderHandle providerHandle = provider.OpenProvider())
            {
                NCryptNative.NCryptAlgorithmName[] algorithmNames = NCryptNative.EnumerateAlgorithms(providerHandle, operations);
                CngAlgorithm[] algorithms = new CngAlgorithm[algorithmNames.Length];

                for (int i = 0; i < algorithmNames.Length; ++i)
                {
                    algorithms[i] = new CngAlgorithm(algorithmNames[i].pszName);
                }

                return(algorithms);
            }
        }
Beispiel #7
0
        public override byte[] EncryptValue(byte[] rgb)
        {
            if (rgb == null)
            {
                throw new ArgumentNullException("rgb");
            }

            switch (EncryptionPaddingMode)
            {
            case AsymmetricPaddingMode.Pkcs1:
                return(NCryptNative.EncryptDataPkcs1(KeyHandle, rgb));

            case AsymmetricPaddingMode.Oaep:
                return(NCryptNative.EncryptDataOaep(KeyHandle, rgb, EncryptionHashAlgorithm.Algorithm));

            default:
                throw new InvalidOperationException(Properties.Resources.UnsupportedPaddingMode);
            }
            ;
        }
Beispiel #8
0
        public byte[] SignHash(byte[] hash, CngAlgorithm hashAlgorithm)
        {
            if (hash == null)
            {
                throw new ArgumentNullException("hash");
            }
            if (hashAlgorithm == null)
            {
                throw new ArgumentNullException("hashAlgorithm");
            }

            // Keep a local copy of the key to prevent races with the key container that the key references
            // and the key container permission we're going to demand.
            CngKey key = Key;

            KeyContainerPermission kcp = BuildKeyContainerPermission(key, KeyContainerPermissionFlags.Sign);

            if (kcp != null)
            {
                kcp.Demand();
            }

            new SecurityPermission(SecurityPermissionFlag.UnmanagedCode).Assert();
            SafeNCryptKeyHandle keyHandle = key.Handle;

            CodeAccessPermission.RevertAssert();

            switch (SignaturePaddingMode)
            {
            case AsymmetricPaddingMode.Pkcs1:
                return(NCryptNative.SignHashPkcs1(keyHandle, hash, hashAlgorithm.Algorithm));

            case AsymmetricPaddingMode.Pss:
                return(NCryptNative.SignHashPss(keyHandle, hash, hashAlgorithm.Algorithm, SignatureSaltBytes));

            default:
                throw new InvalidOperationException(Properties.Resources.UnsupportedPaddingMode);
            }
        }
Beispiel #9
0
        public override byte[] DecryptValue(byte[] rgb)
        {
            if (rgb == null)
            {
                throw new ArgumentNullException("rgb");
            }

            // Keep a local copy of the key to prevent races with the key container that the key references
            // and the key container permission we're going to demand.
            CngKey key = Key;

            // Make sure we have permission to use the private key to decrypt data
            KeyContainerPermission kcp = BuildKeyContainerPermission(key, KeyContainerPermissionFlags.Decrypt);

            if (kcp != null)
            {
                kcp.Demand();
            }

            new SecurityPermission(SecurityPermissionFlag.UnmanagedCode).Assert();
            SafeNCryptKeyHandle keyHandle = key.Handle;

            CodeAccessPermission.RevertAssert();

            switch (EncryptionPaddingMode)
            {
            case AsymmetricPaddingMode.Pkcs1:
                return(NCryptNative.DecryptDataPkcs1(keyHandle, rgb));

            case AsymmetricPaddingMode.Oaep:
                return(NCryptNative.DecryptDataOaep(keyHandle, rgb, EncryptionHashAlgorithm.Algorithm));

            default:
                throw new InvalidOperationException(Properties.Resources.UnsupportedPaddingMode);
            }
            ;
        }
Beispiel #10
0
 public static SafeNCryptProviderHandle OpenProvider(this CngProvider provider)
 {
     return(NCryptNative.OpenKeyStorageProvider(provider.Provider));
 }