internal LiteHash(string algorithm)
{
BCryptOpenAlgorithmProviderFlags algorithmFlags =
BCryptOpenAlgorithmProviderFlags.None;
// This is a shared handle, do not put this in a using.
SafeBCryptAlgorithmHandle algorithmHandle = Interop.BCrypt.BCryptAlgorithmCache.GetCachedBCryptAlgorithmHandle(
algorithm,
algorithmFlags,
out _hashSizeInBytes);
SafeBCryptHashHandle hashHandle;
NTSTATUS ntStatus = Interop.BCrypt.BCryptCreateHash(
algorithmHandle,
out hashHandle,
pbHashObject: IntPtr.Zero,
cbHashObject: 0,
secret: ReadOnlySpan <byte> .Empty,
cbSecret: 0,
BCryptCreateHashFlags.None);
if (ntStatus != NTSTATUS.STATUS_SUCCESS)
{
hashHandle.Dispose();
throw Interop.BCrypt.CreateCryptographicException(ntStatus);
}
_hashHandle = hashHandle;
}
private static unsafe void FillDeriveKeyPBKDF2(
ReadOnlySpan <byte> password,
ReadOnlySpan <byte> salt,
int iterations,
string hashAlgorithmName,
Span <byte> destination)
{
const BCryptOpenAlgorithmProviderFlags OpenAlgorithmFlags = BCryptOpenAlgorithmProviderFlags.BCRYPT_ALG_HANDLE_HMAC_FLAG;
// This code path will only be taken on Windows 7, so we can assume pseudo handles are not supported.
// Do not dispose handle since it is shared and cached.
SafeBCryptAlgorithmHandle handle =
Interop.BCrypt.BCryptAlgorithmCache.GetCachedBCryptAlgorithmHandle(hashAlgorithmName, OpenAlgorithmFlags, out _);
fixed(byte *pPassword = password)
fixed(byte *pSalt = salt)
fixed(byte *pDestination = destination)
{
NTSTATUS status = Interop.BCrypt.BCryptDeriveKeyPBKDF2(
handle,
pPassword,
password.Length,
pSalt,
salt.Length,
(ulong)iterations,
pDestination,
destination.Length,
dwFlags: 0);
if (status != NTSTATUS.STATUS_SUCCESS)
{
throw Interop.BCrypt.CreateCryptographicException(status);
}
}
}
public static unsafe int MacData(
string hashAlgorithmId,
ReadOnlySpan <byte> key,
ReadOnlySpan <byte> source,
Span <byte> destination)
{
int hashSize; // in bytes
// Use a pseudo-handle if available.
if (Interop.BCrypt.PseudoHandlesSupported)
{
HashDataUsingPseudoHandle(hashAlgorithmId, source, key, isHmac: true, destination, out hashSize);
return(hashSize);
}
else
{
// Pseudo-handle not available. Fall back to a shared handle with no using or dispose.
SafeBCryptAlgorithmHandle cachedAlgorithmHandle = BCryptAlgorithmCache.GetCachedBCryptAlgorithmHandle(
hashAlgorithmId,
BCryptOpenAlgorithmProviderFlags.BCRYPT_ALG_HANDLE_HMAC_FLAG,
out hashSize);
if (destination.Length < hashSize)
{
Debug.Fail("Caller should have checked length.");
throw new CryptographicException();
}
HashUpdateAndFinish(cachedAlgorithmHandle, hashSize, key, source, destination);
return(hashSize);
}
}
internal static extern ErrorCode BCryptCreateHash(SafeBCryptAlgorithmHandle hAlgorithm,
[Out] out SafeBCryptHashHandle phHash,
IntPtr pbHashObject,
int cbHashObject,
IntPtr pbSecret,
int cbSecret,
int dwFlags);
public BCryptHashAlgorithm(CngAlgorithm algorithm, string implementation)
{
if (!BCryptNative.BCryptSupported)
{
throw new PlatformNotSupportedException(System.SR.GetString("Cryptography_PlatformNotSupported"));
}
this.m_algorithmHandle = BCryptNative.OpenAlgorithm(algorithm.Algorithm, implementation);
this.Initialize();
}
private static SafeBCryptAlgorithmHandle OpenAesAlgorithm(string cipherMode)
{
const string BCRYPT_3DES_ALGORITHM = "3DES";
SafeBCryptAlgorithmHandle hAlg = OpenAlgorithm(BCRYPT_3DES_ALGORITHM, null);
SetCipherMode(hAlg, cipherMode);
return(hAlg);
}
internal static extern ErrorCode BCryptImportKey(
SafeBCryptAlgorithmHandle hAlgorithm,
IntPtr hImportKey,
string pszBlobType,
out SafeBCryptKeyHandle hKey,
IntPtr pbKeyObject,
int cbKeyObject,
byte[] pbInput,
int cbInput,
int dwFlags);
internal static SafeBCryptAlgorithmHandle OpenAlgorithm(string algorithm, string implementation)
{
SafeBCryptAlgorithmHandle phAlgorithm = null;
ErrorCode code = UnsafeNativeMethods.BCryptOpenAlgorithmProvider(out phAlgorithm, algorithm, implementation, 0);
if (code != ErrorCode.Success)
{
throw new CryptographicException((int)code);
}
return(phAlgorithm);
}
public void Dispose()
{
Contract.Ensures(m_hashHandle == null || m_hashHandle.IsClosed);
Contract.Ensures(m_algorithmHandle == null || m_algorithmHandle.IsClosed);
if (m_hashHandle != null)
{
m_hashHandle.Dispose();
}
if (m_algorithmHandle != null)
{
m_algorithmHandle = null;
}
}
public BCryptHashAlgorithm(CngAlgorithm algorithm, string implementation)
{
Contract.Requires(algorithm != null);
Contract.Requires(!String.IsNullOrEmpty(implementation));
Contract.Ensures(m_algorithmHandle != null && !m_algorithmHandle.IsInvalid && !m_algorithmHandle.IsClosed);
Contract.Ensures(m_hashHandle != null && !m_hashHandle.IsInvalid && !m_hashHandle.IsClosed);
if (_algorithmCache == null)
{
_algorithmCache = new BCryptAlgorithmHandleCache();
}
m_algorithmHandle = _algorithmCache.GetCachedAlgorithmHandle(algorithm.Algorithm, implementation);
Initialize();
}
public static void SetCipherMode(SafeBCryptAlgorithmHandle hAlg, string cipherMode)
{
const string BCRYPT_CHAINING_MODE = "ChainingMode";
ErrorCode error = UnsafeNativeMethods.BCryptSetProperty(
hAlg,
BCRYPT_CHAINING_MODE,
cipherMode,
// Explicit \0 terminator, UCS-2
(cipherMode.Length 1) * 2,
0);
if (error != ErrorCode.Success)
{
throw new CryptographicException((int)error);
}
}
public SafeBCryptAlgorithmHandle GetCachedAlgorithmHandle(string algorithm, string implementation)
{
string handleKey = algorithm + implementation;
SafeBCryptAlgorithmHandle algorithmHandle = null;
if (m_algorithmHandles.ContainsKey(handleKey))
{
algorithmHandle = m_algorithmHandles[handleKey].Target as SafeBCryptAlgorithmHandle;
if (algorithmHandle != null)
{
return(algorithmHandle);
}
}
algorithmHandle = BCryptNative.OpenAlgorithm(algorithm, implementation);
m_algorithmHandles[handleKey] = new WeakReference(algorithmHandle);
return(algorithmHandle);
}
internal static SafeBCryptAlgorithmHandle OpenAlgorithm(string algorithm, string implementation)
{
Contract.Requires(!String.IsNullOrEmpty(algorithm));
Contract.Requires(!String.IsNullOrEmpty(implementation));
Contract.Ensures(Contract.Result <SafeBCryptAlgorithmHandle>() != null &&
!Contract.Result <SafeBCryptAlgorithmHandle>().IsInvalid&&
!Contract.Result <SafeBCryptAlgorithmHandle>().IsClosed);
SafeBCryptAlgorithmHandle algorithmHandle = null;
ErrorCode error = UnsafeNativeMethods.BCryptOpenAlgorithmProvider(out algorithmHandle,
algorithm,
implementation,
0);
if (error != ErrorCode.Success)
{
throw new CryptographicException((int)error);
}
return(algorithmHandle);
}
internal static SafeBCryptKeyHandle BCryptImportKey(SafeBCryptAlgorithmHandle hAlg, byte[] key)
{
unsafe
{
const String BCRYPT_KEY_DATA_BLOB = "KeyDataBlob";
int keySize = key.Length;
int blobSize = sizeof(BCRYPT_KEY_DATA_BLOB_HEADER)keySize;
byte[] blob = new byte[blobSize];
fixed(byte *pbBlob = blob)
{
BCRYPT_KEY_DATA_BLOB_HEADER *pBlob = (BCRYPT_KEY_DATA_BLOB_HEADER *)pbBlob;
pBlob->dwMagic = BCRYPT_KEY_DATA_BLOB_HEADER.BCRYPT_KEY_DATA_BLOB_MAGIC;
pBlob->dwVersion = BCRYPT_KEY_DATA_BLOB_HEADER.BCRYPT_KEY_DATA_BLOB_VERSION1;
pBlob->cbKeyData = (uint)keySize;
}
Buffer.BlockCopy(key, 0, blob, sizeof(BCRYPT_KEY_DATA_BLOB_HEADER), keySize);
SafeBCryptKeyHandle hKey;
ErrorCode error = UnsafeNativeMethods.BCryptImportKey(
hAlg,
IntPtr.Zero,
BCRYPT_KEY_DATA_BLOB,
out hKey,
IntPtr.Zero,
0,
blob,
blobSize,
0);
if (error != ErrorCode.Success)
{
throw new CryptographicException((int)error);
}
return(hKey);
}
}
public BCryptHashAlgorithm(CngAlgorithm algorithm, string implementation)
{
Contract.Requires(algorithm != null);
Contract.Requires(!String.IsNullOrEmpty(implementation));
Contract.Ensures(m_algorithmHandle != null && !m_algorithmHandle.IsInvalid && !m_algorithmHandle.IsClosed);
Contract.Ensures(m_hashHandle != null && !m_hashHandle.IsInvalid && !m_hashHandle.IsClosed);
// Make sure CNG is supported on this platform
if (!BCryptNative.BCryptSupported)
{
throw new PlatformNotSupportedException("SR.Cryptography_PlatformNotSupported");
}
if (_algorithmCache == null)
{
_algorithmCache = new BCryptAlgorithmHandleCache();
}
m_algorithmHandle = _algorithmCache.GetCachedAlgorithmHandle(algorithm.Algorithm, implementation);
Initialize();
}
internal static extern ErrorCode BCryptOpenAlgorithmProvider([Out] out SafeBCryptAlgorithmHandle phAlgorithm,
string pszAlgId, // BCryptAlgorithm
string pszImplementation, // ProviderNames
int dwFlags);
internal static extern ErrorCode BCryptGetAlgorithmProperty(SafeBCryptAlgorithmHandle hObject,
string pszProperty,
[MarshalAs(UnmanagedType.LPArray), In, Out] byte[] pbOutput,
int cbOutput,
[In, Out] ref int pcbResult,
int flags);
internal static extern BCryptNative.ErrorCode BCryptOpenAlgorithmProvider(out SafeBCryptAlgorithmHandle phAlgorithm, string pszAlgId, string pszImplementation, int dwFlags);
public static extern ErrorCode BCryptSetProperty(
SafeBCryptAlgorithmHandle hObject,
string pszProperty,
string pbInput,
int cbInput,
int dwFlags);
