Ejemplo n.º 1
0
        internal static SafeCspHandle AcquireCsp(string keyContainer,
                                                 string providerName,
                                                 ProviderType providerType,
                                                 CryptAcquireContextFlags flags,
                                                 bool throwPlatformException)
        {
            Contract.Ensures(Contract.Result <SafeCspHandle>() != null &&
                             !Contract.Result <SafeCspHandle>().IsInvalid&&
                             !Contract.Result <SafeCspHandle>().IsClosed);

            SafeCspHandle cspHandle = null;

            if (!UnsafeNativeMethods.CryptAcquireContext(out cspHandle,
                                                         keyContainer,
                                                         providerName,
                                                         providerType,
                                                         flags))
            {
                // If the platform doesn't have the specified CSP, we'll either get a ProviderTypeNotDefined
                // or a KeysetNotDefined error depending on the CAPI version.
                int error = Marshal.GetLastWin32Error();

                if (throwPlatformException && (error == (int)CapiNative.ErrorCode.ProviderTypeNotDefined ||
                                               error == (int)CapiNative.ErrorCode.KeysetNotDefined))
                {
                    throw new PlatformNotSupportedException(SR.GetString(SR.Cryptography_PlatformNotSupported));
                }
                else
                {
                    throw new CryptographicException(error);
                }
            }

            return(cspHandle);
        }
Ejemplo n.º 2
0
 internal static void GenerateRandomBytes(SafeCspHandle cspHandle, byte[] buffer)
 {
     if (!CapiNative.UnsafeNativeMethods.CryptGenRandom(cspHandle, buffer.Length, buffer))
     {
         throw new CryptographicException(Marshal.GetLastWin32Error());
     }
 }
Ejemplo n.º 3
0
        internal static unsafe SafeCapiKeyHandle ImportSymmetricKey(SafeCspHandle provider, AlgorithmId algorithm, byte[] key)
        {
            int num = (Marshal.SizeOf(typeof(BLOBHEADER)) + Marshal.SizeOf(typeof(int))) + key.Length;

            byte[] dst = new byte[num];
            fixed(byte *numRef = dst)
            {
                BLOBHEADER *blobheaderPtr = (BLOBHEADER *)numRef;

                blobheaderPtr->bType    = KeyBlobType.PlainText;
                blobheaderPtr->bVersion = 2;
                blobheaderPtr->reserved = 0;
                blobheaderPtr->aiKeyAlg = algorithm;
                int *numPtr = (int *)(numRef + Marshal.SizeOf(blobheaderPtr[0]));

                numPtr[0] = key.Length;
            }

            Buffer.BlockCopy(key, 0, dst, Marshal.SizeOf(typeof(BLOBHEADER)) + Marshal.SizeOf(typeof(int)), key.Length);
            SafeCapiKeyHandle phKey = null;

            if (!UnsafeNativeMethods.CryptImportKey(provider, dst, dst.Length, SafeCapiKeyHandle.InvalidHandle, KeyFlags.Exportable, out phKey))
            {
                throw new CryptographicException(Marshal.GetLastWin32Error());
            }
            return(phKey);
        }
Ejemplo n.º 4
0
 [System.Security.SecuritySafeCritical] // auto-generated
 #endif
 public RNGCryptoServiceProvider()
 {
     m_cspHandle = CapiNative.AcquireCsp(null,
                                         CapiNative.ProviderNames.MicrosoftEnhanced,
                                         CapiNative.ProviderType.RsaFull,
                                         CapiNative.CryptAcquireContextFlags.VerifyContext);
 }
Ejemplo n.º 5
0
 internal static bool VerifySignature(SafeCspHandle cspHandle, SafeCspKeyHandle keyHandle, CapiNative.AlgorithmID signatureAlgorithm, CapiNative.AlgorithmID hashAlgorithm, byte[] hashValue, byte[] signature)
 {
     byte[] numArray = new byte[signature.Length];
     Array.Copy((Array)signature, (Array)numArray, numArray.Length);
     Array.Reverse((Array)numArray);
     using (SafeCspHashHandle hashAlgorithm1 = CapiNative.CreateHashAlgorithm(cspHandle, hashAlgorithm))
     {
         if (hashValue.Length != CapiNative.GetHashPropertyInt32(hashAlgorithm1, CapiNative.HashProperty.HashSize))
         {
             throw new CryptographicException(-2146893822);
         }
         CapiNative.SetHashProperty(hashAlgorithm1, CapiNative.HashProperty.HashValue, hashValue);
         SafeCspHashHandle hHash       = hashAlgorithm1;
         byte[]            pbSignature = numArray;
         int length = pbSignature.Length;
         SafeCspKeyHandle hPubKey = keyHandle;
         // ISSUE: variable of the null type
         __Null local   = null;
         int    dwFlags = 0;
         if (CapiNative.UnsafeNativeMethods.CryptVerifySignature(hHash, pbSignature, length, hPubKey, (string)local, dwFlags))
         {
             return(true);
         }
         int lastWin32Error = Marshal.GetLastWin32Error();
         if (lastWin32Error != -2146893818)
         {
             throw new CryptographicException(lastWin32Error);
         }
         return(false);
     }
 }
Ejemplo n.º 6
0
        internal static SafeCspHandle AcquireCsp(string keyContainer,
                                                 string providerName,
                                                 ProviderType providerType,
                                                 CryptAcquireContextFlags flags)
        {
            Contract.Assert(keyContainer == null, "Key containers are not supported");

            // Specifying both verify context (for an ephemeral key) and machine keyset (for a persisted machine key)
            // does not make sense.  Additionally, Widows is beginning to lock down against uses of MACHINE_KEYSET
            // (for instance in the app container), even if verify context is present.   Therefore, if we're using
            // an ephemeral key, strip out MACHINE_KEYSET from the flags.
            if (((flags & CryptAcquireContextFlags.VerifyContext) == CryptAcquireContextFlags.VerifyContext) &&
                ((flags & CryptAcquireContextFlags.MachineKeyset) == CryptAcquireContextFlags.MachineKeyset))
            {
                flags &= ~CryptAcquireContextFlags.MachineKeyset;
            }

            SafeCspHandle cspHandle = null;

            if (!UnsafeNativeMethods.CryptAcquireContext(out cspHandle,
                                                         keyContainer,
                                                         providerName,
                                                         providerType,
                                                         flags))
            {
                throw new CryptographicException(Marshal.GetLastWin32Error());
            }

            return(cspHandle);
        }
        internal static bool VerifySignature(SafeCspHandle cspHandle, SafeCspKeyHandle keyHandle, CapiNative.AlgorithmID signatureAlgorithm, CapiNative.AlgorithmID hashAlgorithm, byte[] hashValue, byte[] signature)
        {
            byte[] array = new byte[signature.Length];
            Array.Copy(signature, array, array.Length);
            Array.Reverse(array);
            bool result;

            using (SafeCspHashHandle safeCspHashHandle = CapiNative.CreateHashAlgorithm(cspHandle, hashAlgorithm))
            {
                if (hashValue.Length != CapiNative.GetHashPropertyInt32(safeCspHashHandle, CapiNative.HashProperty.HashSize))
                {
                    throw new CryptographicException(-2146893822);
                }
                CapiNative.SetHashProperty(safeCspHashHandle, CapiNative.HashProperty.HashValue, hashValue);
                if (CapiNative.UnsafeNativeMethods.CryptVerifySignature(safeCspHashHandle, array, array.Length, keyHandle, null, 0))
                {
                    result = true;
                }
                else
                {
                    int lastWin32Error = Marshal.GetLastWin32Error();
                    if (lastWin32Error != -2146893818)
                    {
                        throw new CryptographicException(lastWin32Error);
                    }
                    result = false;
                }
            }
            return(result);
        }
 public CapiSymmetricAlgorithm(int blockSize, int feedbackSize, SafeCspHandle provider, SafeCapiKeyHandle key, byte[] iv, CipherMode cipherMode, PaddingMode paddingMode, EncryptionMode encryptionMode)
 {
     this.m_blockSize      = blockSize;
     this.m_encryptionMode = encryptionMode;
     this.m_paddingMode    = paddingMode;
     this.m_provider       = provider.Duplicate();
     this.m_key            = SetupKey(key, ProcessIV(iv, blockSize, cipherMode), cipherMode, feedbackSize);
 }
Ejemplo n.º 9
0
        internal static T GetProviderParameterStruct <T>(SafeCspHandle provider,
                                                         ProviderParameter parameter,
                                                         ProviderParameterFlags flags) where T : struct
        {
            Contract.Requires(provider != null);
            Contract.Requires(parameter == ProviderParameter.EnumerateAlgorithms);

            // Figure out how big the parameter is
            int    bufferSize = 0;
            IntPtr buffer     = IntPtr.Zero;

            if (!UnsafeNativeMethods.CryptGetProvParam(provider, parameter, buffer, ref bufferSize, flags))
            {
                int errorCode = Marshal.GetLastWin32Error();

                // NoMoreItems means that we've finished the enumeration we're currently working on, this is
                // not a real error, so return an empty structure to mark the end.
                if (errorCode == (int)ErrorCode.NoMoreItems)
                {
                    return(new T());
                }
                else if (errorCode != (int)ErrorCode.MoreData)
                {
                    throw new CryptographicException(errorCode);
                }
            }

            Debug.Assert(Marshal.SizeOf(typeof(T)) <= bufferSize, "Buffer size does not match structure size");

            //
            // Pull the parameter back and marshal it into the return structure
            //

            RuntimeHelpers.PrepareConstrainedRegions();
            try {
                // Allocate in a CER because we could fail between the alloc and the assignment
                RuntimeHelpers.PrepareConstrainedRegions();
                try { }
                finally {
                    buffer = Marshal.AllocCoTaskMem(bufferSize);
                }

                if (!UnsafeNativeMethods.CryptGetProvParam(provider, parameter, buffer, ref bufferSize, flags))
                {
                    throw new CryptographicException(Marshal.GetLastWin32Error());
                }

                return((T)Marshal.PtrToStructure(buffer, typeof(T)));
            }
            finally {
                if (buffer != IntPtr.Zero)
                {
                    Marshal.FreeCoTaskMem(buffer);
                }
            }
        }
Ejemplo n.º 10
0
 internal static unsafe void GenerateRandomBytes(SafeCspHandle cspHandle, byte[] buffer, int offset, int count)
 {
     fixed(byte *pbBuffer = &buffer[offset])
     {
         if (!CapiNative.UnsafeNativeMethods.CryptGenRandom(cspHandle, count, pbBuffer))
         {
             throw new CryptographicException(Marshal.GetLastWin32Error());
         }
     }
 }
Ejemplo n.º 11
0
        internal static SafeCspHashHandle CreateHashAlgorithm(SafeCspHandle cspHandle, CapiNative.AlgorithmID algorithm)
        {
            SafeCspHashHandle phHash = (SafeCspHashHandle)null;

            if (!CapiNative.UnsafeNativeMethods.CryptCreateHash(cspHandle, algorithm, IntPtr.Zero, 0, out phHash))
            {
                throw new CryptographicException(Marshal.GetLastWin32Error());
            }
            return(phHash);
        }
Ejemplo n.º 12
0
        internal static void GenerateRandomBytes(SafeCspHandle cspHandle, byte[] buffer)
        {
            Contract.Assert(cspHandle != null && !cspHandle.IsInvalid, "cspHandle != null && !cspHandle.IsInvalid");
            Contract.Assert(buffer != null && buffer.Length > 0, "buffer != null && buffer.Length > 0");

            if (!UnsafeNativeMethods.CryptGenRandom(cspHandle, buffer.Length, buffer))
            {
                throw new CryptographicException(Marshal.GetLastWin32Error());
            }
        }
Ejemplo n.º 13
0
        internal static bool VerifySignature(SafeCspHandle cspHandle,
                                             SafeCspKeyHandle keyHandle,
                                             AlgorithmID signatureAlgorithm,
                                             AlgorithmID hashAlgorithm,
                                             byte[] hashValue,
                                             byte[] signature)
        {
            Contract.Assert(cspHandle != null && !cspHandle.IsInvalid, "cspHandle != null && !cspHandle.IsInvalid");
            Contract.Assert(keyHandle != null && !keyHandle.IsInvalid, "keyHandle != null && !keyHandle.IsInvalid");
            Contract.Assert(((AlgorithmClass)signatureAlgorithm & AlgorithmClass.Signature) == AlgorithmClass.Signature, "Invalid signature algorithm");
            Contract.Assert(((AlgorithmClass)hashAlgorithm & AlgorithmClass.Hash) == AlgorithmClass.Hash, "Invalid hash algorithm");
            Contract.Assert(hashValue != null, "hashValue != null");
            Contract.Assert(signature != null, "signature != null");

            // CAPI and the CLR have inverse byte orders for signatures, so we need to reverse before verifying
            byte[] signatureValue = new byte[signature.Length];
            Array.Copy(signature, signatureValue, signatureValue.Length);
            Array.Reverse(signatureValue);

            using (SafeCspHashHandle hashHandle = CreateHashAlgorithm(cspHandle, hashAlgorithm)) {
                // Make sure the hash value is the correct size and import it into the CSP
                if (hashValue.Length != GetHashPropertyInt32(hashHandle, HashProperty.HashSize))
                {
                    throw new CryptographicException((int)ErrorCode.BadHash);
                }
                SetHashProperty(hashHandle, HashProperty.HashValue, hashValue);

                // Do the signature verification.  A TRUE result means that the signature was valid.  A FALSE
                // result either means an invalid signature or some other error, so we need to check the last
                // error to see which occured.
                if (UnsafeNativeMethods.CryptVerifySignature(hashHandle,
                                                             signatureValue,
                                                             signatureValue.Length,
                                                             keyHandle,
                                                             null,
                                                             0))
                {
                    return(true);
                }
                else
                {
                    int error = Marshal.GetLastWin32Error();

                    if (error != (int)ErrorCode.BadSignature)
                    {
                        throw new CryptographicException(error);
                    }

                    return(false);
                }
            }
        }
Ejemplo n.º 14
0
        internal static SafeCspHandle AcquireCsp(string keyContainer, string providerName, CapiNative.ProviderType providerType, CapiNative.CryptAcquireContextFlags flags)
        {
            if ((flags & CapiNative.CryptAcquireContextFlags.VerifyContext) == CapiNative.CryptAcquireContextFlags.VerifyContext && (flags & CapiNative.CryptAcquireContextFlags.MachineKeyset) == CapiNative.CryptAcquireContextFlags.MachineKeyset)
            {
                flags &= ~CapiNative.CryptAcquireContextFlags.MachineKeyset;
            }
            SafeCspHandle phProv = (SafeCspHandle)null;

            if (!CapiNative.UnsafeNativeMethods.CryptAcquireContext(out phProv, keyContainer, providerName, providerType, flags))
            {
                throw new CryptographicException(Marshal.GetLastWin32Error());
            }
            return(phProv);
        }
Ejemplo n.º 15
0
        internal static SafeCspHashHandle CreateHashAlgorithm(SafeCspHandle cspHandle, AlgorithmID algorithm)
        {
            Contract.Assert(cspHandle != null && !cspHandle.IsInvalid, "cspHandle != null && !cspHandle.IsInvalid");
            Contract.Assert(((AlgorithmClass)algorithm & AlgorithmClass.Hash) == AlgorithmClass.Hash, "Invalid hash algorithm");

            SafeCspHashHandle hashHandle = null;

            if (!UnsafeNativeMethods.CryptCreateHash(cspHandle, algorithm, IntPtr.Zero, 0, out hashHandle))
            {
                throw new CryptographicException(Marshal.GetLastWin32Error());
            }

            return(hashHandle);
        }
Ejemplo n.º 16
0
        internal static unsafe void GenerateRandomBytes(SafeCspHandle cspHandle, byte[] buffer, int offset, int count)
        {
            Contract.Assert(cspHandle != null && !cspHandle.IsInvalid, "cspHandle != null && !cspHandle.IsInvalid");
            Contract.Assert(buffer != null && buffer.Length > 0, "buffer != null && buffer.Length > 0");
            Contract.Assert(offset >= 0 && count > 0, "offset >= 0 && count > 0");
            Contract.Assert(buffer.Length >= offset + count, "buffer.Length >= offset + count");

            fixed(byte *pBuffer = &buffer[offset])
            {
                if (!UnsafeNativeMethods.CryptGenRandom(cspHandle, count, pBuffer))
                {
                    throw new CryptographicException(Marshal.GetLastWin32Error());
                }
            }
        }
Ejemplo n.º 17
0
        internal static SafeCspHandle AcquireCsp(string keyContainer, string providerName, ProviderType providerType, CryptAcquireContextFlags flags, bool throwPlatformException)
        {
            SafeCspHandle phProv = null;

            if (UnsafeNativeMethods.CryptAcquireContext(out phProv, keyContainer, providerName, providerType, flags))
            {
                return(phProv);
            }
            int hr = Marshal.GetLastWin32Error();

            if (!throwPlatformException || ((hr != -2146893801) && (hr != -2146893799)))
            {
                throw new CryptographicException(hr);
            }
            throw new PlatformNotSupportedException(System.SR.GetString("Cryptography_PlatformNotSupported"));
        }
        // SafeCritical - we're not exposing out anything that we want to prevent untrusted code from getting at
        public CapiHashAlgorithm(string provider,
                                 CapiNative.ProviderType providerType,
                                 CapiNative.AlgorithmId algorithm)
        {
            Contract.Requires(!String.IsNullOrEmpty(provider));
            Contract.Requires((CapiNative.AlgorithmClass)((uint)algorithm & (uint)CapiNative.AlgorithmClass.Hash) == CapiNative.AlgorithmClass.Hash);
            Contract.Ensures(m_cspHandle != null && !m_cspHandle.IsInvalid && !m_cspHandle.IsClosed);
            Contract.Ensures(m_hashHandle != null && !m_hashHandle.IsInvalid && !m_hashHandle.IsClosed);

            m_algorithmId = algorithm;
            m_cspHandle   = CapiNative.AcquireCsp(null,
                                                  provider,
                                                  providerType,
                                                  CapiNative.CryptAcquireContextFlags.VerifyContext,
                                                  true);
            Initialize();
        }
        public AesCryptoServiceProvider()
        {
            string providerName = "Microsoft Enhanced RSA and AES Cryptographic Provider";

            if ((Environment.OSVersion.Version.Major == 5) && (Environment.OSVersion.Version.Minor == 1))
            {
                providerName = "Microsoft Enhanced RSA and AES Cryptographic Provider (Prototype)";
            }
            this.m_cspHandle       = CapiNative.AcquireCsp(null, providerName, CapiNative.ProviderType.RsaAes, CapiNative.CryptAcquireContextFlags.None | CapiNative.CryptAcquireContextFlags.VerifyContext, true);
            base.FeedbackSizeValue = 8;
            int defaultKeySize = 0;

            if (FindSupportedKeySizes(this.m_cspHandle, out defaultKeySize).Length == 0)
            {
                throw new PlatformNotSupportedException(System.SR.GetString("Cryptography_PlatformNotSupported"));
            }
            base.KeySizeValue = defaultKeySize;
        }
Ejemplo n.º 20
0
        internal static T GetProviderParameterStruct <T>(SafeCspHandle provider, ProviderParameter parameter, ProviderParameterFlags flags) where T : struct
        {
            T      local;
            int    pdwDataLen = 0;
            IntPtr zero       = IntPtr.Zero;

            if (!UnsafeNativeMethods.CryptGetProvParam(provider, parameter, zero, ref pdwDataLen, flags))
            {
                int hr = Marshal.GetLastWin32Error();
                if (hr == 0x103)
                {
                    return(default(T));
                }
                if (hr != 0xea)
                {
                    throw new CryptographicException(hr);
                }
            }
            RuntimeHelpers.PrepareConstrainedRegions();
            try
            {
                RuntimeHelpers.PrepareConstrainedRegions();
                try
                {
                }
                finally
                {
                    zero = Marshal.AllocCoTaskMem(pdwDataLen);
                }
                if (!UnsafeNativeMethods.CryptGetProvParam(provider, parameter, zero, ref pdwDataLen, flags))
                {
                    throw new CryptographicException(Marshal.GetLastWin32Error());
                }
                local = (T)Marshal.PtrToStructure(zero, typeof(T));
            }
            finally
            {
                if (zero != IntPtr.Zero)
                {
                    Marshal.FreeCoTaskMem(zero);
                }
            }
            return(local);
        }
        private static KeySizes[] FindSupportedKeySizes(SafeCspHandle csp, out int defaultKeySize)
        {
            if (s_supportedKeySizes == null)
            {
                List <KeySizes> list = new List <KeySizes>();
                int             num  = 0;
                for (CapiNative.PROV_ENUMALGS prov_enumalgs = CapiNative.GetProviderParameterStruct <CapiNative.PROV_ENUMALGS>(csp, CapiNative.ProviderParameter.EnumerateAlgorithms, CapiNative.ProviderParameterFlags.RestartEnumeration); prov_enumalgs.aiAlgId != CapiNative.AlgorithmId.None; prov_enumalgs = CapiNative.GetProviderParameterStruct <CapiNative.PROV_ENUMALGS>(csp, CapiNative.ProviderParameter.EnumerateAlgorithms, CapiNative.ProviderParameterFlags.None))
                {
                    switch (prov_enumalgs.aiAlgId)
                    {
                    case CapiNative.AlgorithmId.Aes128:
                        list.Add(new KeySizes(0x80, 0x80, 0));
                        if (0x80 > num)
                        {
                            num = 0x80;
                        }
                        break;

                    case CapiNative.AlgorithmId.Aes192:
                        list.Add(new KeySizes(0xc0, 0xc0, 0));
                        if (0xc0 > num)
                        {
                            num = 0xc0;
                        }
                        break;

                    case CapiNative.AlgorithmId.Aes256:
                        list.Add(new KeySizes(0x100, 0x100, 0));
                        if (0x100 > num)
                        {
                            num = 0x100;
                        }
                        break;
                    }
                }
                s_supportedKeySizes = list.ToArray();
                s_defaultKeySize    = num;
            }
            defaultKeySize = s_defaultKeySize;
            return(s_supportedKeySizes);
        }
Ejemplo n.º 22
0
        public CapiSymmetricAlgorithm(int blockSize,
                                      int feedbackSize,
                                      SafeCspHandle provider,
                                      SafeCapiKeyHandle key,
                                      byte[] iv,
                                      CipherMode cipherMode,
                                      PaddingMode paddingMode,
                                      EncryptionMode encryptionMode)
        {
            Contract.Requires(0 < blockSize && blockSize % 8 == 0);
            Contract.Requires(0 <= feedbackSize);
            Contract.Requires(provider != null && !provider.IsInvalid && !provider.IsClosed);
            Contract.Requires(key != null && !key.IsInvalid && !key.IsClosed);
            Contract.Ensures(m_provider != null && !m_provider.IsInvalid && !m_provider.IsClosed);

            m_blockSize      = blockSize;
            m_encryptionMode = encryptionMode;
            m_paddingMode    = paddingMode;
            m_provider       = provider.Duplicate();
            m_key            = SetupKey(key, ProcessIV(iv, blockSize, cipherMode), cipherMode, feedbackSize);
        }
        public AesCryptoServiceProvider()
        {
            Contract.Ensures(m_cspHandle != null && !m_cspHandle.IsInvalid && !m_cspHandle.IsClosed);

            // On Windows XP the AES CSP has the prototype name, but on newer operating systems it has the
            // standard name
            string providerName = CapiNative.ProviderNames.MicrosoftEnhancedRsaAes;

            if (Environment.OSVersion.Version.Major == 5 && Environment.OSVersion.Version.Minor == 1)
            {
                providerName = CapiNative.ProviderNames.MicrosoftEnhancedRsaAesPrototype;
            }

            m_cspHandle = CapiNative.AcquireCsp(null,
                                                providerName,
                                                CapiNative.ProviderType.RsaAes,
                                                CapiNative.CryptAcquireContextFlags.VerifyContext,
                                                true);

            // CAPI will not allow feedback sizes greater than 64 bits
            FeedbackSizeValue = 8;

            // Get the different AES key sizes supported by this platform, raising an error if there are no
            // supported key sizes.
            int defaultKeySize = 0;

            KeySizes[] keySizes = FindSupportedKeySizes(m_cspHandle, out defaultKeySize);
            if (keySizes.Length != 0)
            {
                Debug.Assert(defaultKeySize > 0, "defaultKeySize > 0");
                KeySizeValue = defaultKeySize;
            }
            else
            {
                throw new PlatformNotSupportedException(SR.GetString(SR.Cryptography_PlatformNotSupported));
            }
        }
Ejemplo n.º 24
0
 public static extern bool CryptGenRandom(SafeCspHandle hProv,
                                          int dwLen,
                                          [Out, MarshalAs(UnmanagedType.LPArray)] byte[] pbBuffer);
Ejemplo n.º 25
0
 public static extern bool CryptCreateHash(SafeCspHandle hProv,
                                           AlgorithmId Algid,
                                           SafeCapiKeyHandle hKey,
                                           int dwFlags,
                                           [Out] out SafeCapiHashHandle phHash);
        private static KeySizes[] FindSupportedKeySizes(SafeCspHandle csp, out int defaultKeySize)
        {
            Contract.Requires(csp != null);
            Contract.Ensures(Contract.Result <KeySizes[]>() != null);

            // If this platform has any supported algorithm sizes, then the default key size should be set to a
            // reasonable value.
            Contract.Ensures(Contract.Result <KeySizes[]>().Length == 0 ||
                             (Contract.ValueAtReturn <int>(out defaultKeySize) > 0 && Contract.ValueAtReturn <int>(out defaultKeySize) % 8 == 0));

            if (s_supportedKeySizes == null)
            {
                List <KeySizes> keySizes   = new List <KeySizes>();
                int             maxKeySize = 0;

                //
                // Enumerate the CSP's supported algorithms to see what key sizes it supports for AES
                //

                CapiNative.PROV_ENUMALGS algorithm =
                    CapiNative.GetProviderParameterStruct <CapiNative.PROV_ENUMALGS>(csp,
                                                                                     CapiNative.ProviderParameter.EnumerateAlgorithms,
                                                                                     CapiNative.ProviderParameterFlags.RestartEnumeration);

                // Translate between CAPI AES algorithm IDs and supported key sizes
                while (algorithm.aiAlgId != CapiNative.AlgorithmId.None)
                {
                    switch (algorithm.aiAlgId)
                    {
                    case CapiNative.AlgorithmId.Aes128:
                        keySizes.Add(new KeySizes(128, 128, 0));
                        if (128 > maxKeySize)
                        {
                            maxKeySize = 128;
                        }

                        break;

                    case CapiNative.AlgorithmId.Aes192:
                        keySizes.Add(new KeySizes(192, 192, 0));
                        if (192 > maxKeySize)
                        {
                            maxKeySize = 192;
                        }
                        break;

                    case CapiNative.AlgorithmId.Aes256:
                        keySizes.Add(new KeySizes(256, 256, 0));
                        if (256 > maxKeySize)
                        {
                            maxKeySize = 256;
                        }
                        break;

                    default:
                        break;
                    }

                    algorithm = CapiNative.GetProviderParameterStruct <CapiNative.PROV_ENUMALGS>(csp,
                                                                                                 CapiNative.ProviderParameter.EnumerateAlgorithms,
                                                                                                 CapiNative.ProviderParameterFlags.None);
                }

                s_supportedKeySizes = keySizes.ToArray();
                s_defaultKeySize    = maxKeySize;
            }

            defaultKeySize = s_defaultKeySize;
            return(s_supportedKeySizes);
        }
 [System.Security.SecuritySafeCritical] // auto-generated
 public RNGCryptoServiceProvider() {
     m_cspHandle = CapiNative.AcquireCsp(null,
                                         CapiNative.ProviderNames.MicrosoftEnhanced,
                                         CapiNative.ProviderType.RsaFull,
                                         CapiNative.CryptAcquireContextFlags.VerifyContext);
 }
Ejemplo n.º 28
0
        internal static SafeCapiKeyHandle ImportSymmetricKey(SafeCspHandle provider, AlgorithmId algorithm, byte[] key)
        {
            Contract.Requires(provider != null);
            Contract.Requires(((int)algorithm & (int)AlgorithmClass.DataEncryption) == (int)AlgorithmClass.DataEncryption);
            Contract.Requires(key != null);
            Contract.Ensures(Contract.Result <SafeCapiKeyHandle>() != null &&
                             !Contract.Result <SafeCapiKeyHandle>().IsInvalid&&
                             !Contract.Result <SafeCapiKeyHandle>().IsClosed);

            //
            // Setup a PLAINTEXTKEYBLOB (v2) which has the following format:
            //   BLOBHEADER hdr
            //   DWORD      cbKeySize
            //   BYTE       rbgKeyData[]
            //

            int blobSize = Marshal.SizeOf(typeof(BLOBHEADER)) + Marshal.SizeOf(typeof(int)) + key.Length;

            byte[] keyBlob = new byte[blobSize];

            unsafe
            {
                fixed(byte *pBlob = keyBlob)
                {
                    BLOBHEADER *pHeader = (BLOBHEADER *)pBlob;

                    pHeader->bType    = KeyBlobType.PlainText;
                    pHeader->bVersion = 2;
                    pHeader->reserved = 0;
                    pHeader->aiKeyAlg = algorithm;

                    int *pSize = (int *)(pBlob + Marshal.SizeOf(*pHeader));

                    *pSize = key.Length;
                }
            }

            Buffer.BlockCopy(key, 0, keyBlob, Marshal.SizeOf(typeof(BLOBHEADER)) + Marshal.SizeOf(typeof(int)), key.Length);

            // Import the PLAINTEXTKEYBLOB into the CSP
            SafeCapiKeyHandle importedKey = null;

            RuntimeHelpers.PrepareConstrainedRegions();
            try {
                if (!UnsafeNativeMethods.CryptImportKey(provider,
                                                        keyBlob,
                                                        keyBlob.Length,
                                                        SafeCapiKeyHandle.InvalidHandle,
                                                        KeyFlags.Exportable,
                                                        out importedKey))
                {
                    throw new CryptographicException(Marshal.GetLastWin32Error());
                }
            }
            finally {
                if (importedKey != null && !importedKey.IsInvalid)
                {
                    importedKey.SetParentCsp(provider);
                }
            }
            return(importedKey);
        }
Ejemplo n.º 29
0
 public static extern bool CryptGenKey(SafeCspHandle hProv,
                                       AlgorithmId Algid,
                                       KeyFlags dwFlags,
                                       [Out] out SafeCapiKeyHandle phKey);
Ejemplo n.º 30
0
 public static extern bool CryptGetProvParam(SafeCspHandle hProv,
                                             ProviderParameter dwParam,
                                             IntPtr pbData,
                                             [In, Out] ref int pdwDataLen,
                                             ProviderParameterFlags dwFlags);
Ejemplo n.º 31
0
 public static extern bool CryptImportKey(SafeCspHandle hProv,
                                          [MarshalAs(UnmanagedType.LPArray)] byte[] pbData,
                                          int dwDataLen,
                                          SafeCapiKeyHandle hPubKey,
                                          KeyFlags dwFlags,
                                          [Out] out SafeCapiKeyHandle phKey);