/// <summary> /// Setup the key properties specified in the key creation parameters /// </summary> private static void InitializeKeyProperties(SafeNCryptKeyHandle keyHandle, CngKeyCreationParameters creationParameters) { unsafe { if (creationParameters.ExportPolicy.HasValue) { CngExportPolicies exportPolicy = creationParameters.ExportPolicy.Value; keyHandle.SetExportPolicy(exportPolicy); } if (creationParameters.KeyUsage.HasValue) { CngKeyUsages keyUsage = creationParameters.KeyUsage.Value; ErrorCode errorCode = Interop.NCrypt.NCryptSetProperty(keyHandle, KeyPropertyName.KeyUsage, &keyUsage, sizeof(CngKeyUsages), CngPropertyOptions.Persist); if (errorCode != ErrorCode.ERROR_SUCCESS) { throw errorCode.ToCryptographicException(); } } if (creationParameters.ParentWindowHandle != IntPtr.Zero) { IntPtr parentWindowHandle = creationParameters.ParentWindowHandle; ErrorCode errorCode = Interop.NCrypt.NCryptSetProperty(keyHandle, KeyPropertyName.ParentWindowHandle, &parentWindowHandle, sizeof(IntPtr), CngPropertyOptions.None); if (errorCode != ErrorCode.ERROR_SUCCESS) { throw errorCode.ToCryptographicException(); } } CngUIPolicy uiPolicy = creationParameters.UIPolicy; if (uiPolicy != null) { InitializeKeyUiPolicyProperties(keyHandle, uiPolicy); } // Iterate over the custom properties, setting those as well. foreach (CngProperty property in creationParameters.Parameters) { byte[] value = property.GetValueWithoutCopying(); int valueLength = (value == null) ? 0 : value.Length; fixed(byte *pValue = value.MapZeroLengthArrayToNonNullPointer()) { ErrorCode errorCode = Interop.NCrypt.NCryptSetProperty(keyHandle, property.Name, pValue, valueLength, property.Options); if (errorCode != ErrorCode.ERROR_SUCCESS) { throw errorCode.ToCryptographicException(); } } } } }
/// <summary> /// Setup the UIPolicy key properties specified in the key creation parameters /// </summary> private static void InitializeKeyUiPolicyProperties(SafeNCryptKeyHandle keyHandle, CngUIPolicy uiPolicy) { unsafe { fixed(char *pinnedCreationTitle = uiPolicy.CreationTitle, pinnedFriendlyName = uiPolicy.FriendlyName, pinnedDescription = uiPolicy.Description) { NCRYPT_UI_POLICY ncryptUiPolicy = new NCRYPT_UI_POLICY() { dwVersion = 1, dwFlags = uiPolicy.ProtectionLevel, pszCreationTitle = new IntPtr(pinnedCreationTitle), pszFriendlyName = new IntPtr(pinnedFriendlyName), pszDescription = new IntPtr(pinnedDescription), }; ErrorCode errorCode = Interop.NCrypt.NCryptSetProperty(keyHandle, KeyPropertyName.UIPolicy, &ncryptUiPolicy, sizeof(NCRYPT_UI_POLICY), CngPropertyOptions.Persist); if (errorCode != ErrorCode.ERROR_SUCCESS) { throw errorCode.ToCryptographicException(); } } string useContext = uiPolicy.UseContext; if (useContext != null) { int useContextByteLength = checked ((useContext.Length + 1) * sizeof(char)); fixed(char *pinnedUseContext = useContext) { ErrorCode errorCode = Interop.NCrypt.NCryptSetProperty(keyHandle, KeyPropertyName.UseContext, pinnedUseContext, useContextByteLength, CngPropertyOptions.Persist); if (errorCode != ErrorCode.ERROR_SUCCESS) { throw errorCode.ToCryptographicException(); } } } } }
/// <summary> /// Setup the UIPolicy key properties specified in the key creation parameters /// </summary> private static void InitializeKeyUiPolicyProperties(SafeNCryptKeyHandle keyHandle, CngUIPolicy uiPolicy) { unsafe { fixed (char* pinnedCreationTitle = uiPolicy.CreationTitle, pinnedFriendlyName = uiPolicy.FriendlyName, pinnedDescription = uiPolicy.Description) { NCRYPT_UI_POLICY ncryptUiPolicy = new NCRYPT_UI_POLICY() { dwVersion = 1, dwFlags = uiPolicy.ProtectionLevel, pszCreationTitle = new IntPtr(pinnedCreationTitle), pszFriendlyName = new IntPtr(pinnedFriendlyName), pszDescription = new IntPtr(pinnedDescription), }; ErrorCode errorCode = Interop.NCrypt.NCryptSetProperty(keyHandle, KeyPropertyName.UIPolicy, &ncryptUiPolicy, sizeof(NCRYPT_UI_POLICY), CngPropertyOptions.Persist); if (errorCode != ErrorCode.ERROR_SUCCESS) throw errorCode.ToCryptographicException(); } string useContext = uiPolicy.UseContext; if (useContext != null) { int useContextByteLength = checked((useContext.Length + 1) * sizeof(char)); fixed (char* pinnedUseContext = useContext) { ErrorCode errorCode = Interop.NCrypt.NCryptSetProperty(keyHandle, KeyPropertyName.UseContext, pinnedUseContext, useContextByteLength, CngPropertyOptions.Persist); if (errorCode != ErrorCode.ERROR_SUCCESS) throw errorCode.ToCryptographicException(); } } } }