/// <summary> /// Import a public key into the provider whose context /// has been obtained. /// </summary> /// <param name="publicKey">Base64 encoded public key to import.</param> internal void ImportPublicKeyFromBase64EncodedString(string publicKey) { Dbg.Assert(!string.IsNullOrEmpty(publicKey), "key cannot be null or empty"); byte[] publicKeyBlob = Convert.FromBase64String(publicKey); _rsa = PSCryptoNativeConverter.FromCapiPublicKeyBlob(publicKeyBlob); }
/// <summary> /// Get the public key, in CAPI-compatible form, as a base64 encoded string. /// </summary> /// <returns>Public key as base64 encoded string.</returns> internal string GetPublicKeyAsBase64EncodedString() { Dbg.Assert(_rsa != null, "No public key available."); byte[] capiPublicKeyBlob = PSCryptoNativeConverter.ToCapiPublicKeyBlob(_rsa); return(Convert.ToBase64String(capiPublicKeyBlob)); }
/// <summary> /// Import a session key from the remote side into /// the current CSP. /// </summary> /// <param name="sessionKey">encrypted session key as a /// base64 encoded string</param> internal void ImportSessionKeyFromBase64EncodedString(string sessionKey) { Dbg.Assert(!string.IsNullOrEmpty(sessionKey), "key cannot be null or empty"); byte[] sessionKeyBlob = Convert.FromBase64String(sessionKey); byte[] rsaEncryptedKey = PSCryptoNativeConverter.FromCapiSimpleKeyBlob(sessionKeyBlob); _aes.Key = _rsa.Decrypt(rsaEncryptedKey, RSAEncryptionPadding.Pkcs1); // now we have imported the key and will be able to // encrypt using the session key _canEncrypt = true; }
/// <summary> /// 1. Generate a AES-256 session key /// 2. Encrypt the session key with the Imported /// RSA public key /// 3. Encode result above as base 64 string and export. /// </summary> /// <returns>Session key encrypted with receivers public key /// and encoded as a base 64 string.</returns> internal string SafeExportSessionKey() { Dbg.Assert(_rsa != null, "No public key available."); // generate one if not already done. GenerateSessionKey(); // encrypt it byte[] encryptedKey = _rsa.Encrypt(_aes.Key, RSAEncryptionPadding.Pkcs1); // convert the key to capi simpleblob format before exporting byte[] simpleKeyBlob = PSCryptoNativeConverter.ToCapiSimpleKeyBlob(encryptedKey); return(Convert.ToBase64String(simpleKeyBlob)); }