private static extern void EncryptKey(SafeKeyHandle pKeyContext,
[MarshalAs(UnmanagedType.LPArray)] byte[] pbKey,
int cbKey,
[MarshalAs(UnmanagedType.Bool)] bool fOAEP,
ObjectHandleOnStack ohRetEncryptedKey);
[System.Security.SecurityCritical] // auto-generated
internal static byte[] ExportCspBlobHelper (bool includePrivateParameters, CspParameters parameters, SafeKeyHandle safeKeyHandle) {
if (includePrivateParameters) {
if (!CompatibilitySwitches.IsAppEarlierThanWindowsPhone8) {
KeyContainerPermission kp = new KeyContainerPermission(KeyContainerPermissionFlags.NoFlags);
KeyContainerPermissionAccessEntry entry = new KeyContainerPermissionAccessEntry(parameters, KeyContainerPermissionFlags.Export);
kp.AccessEntries.Add(entry);
kp.Demand();
}
}
byte[] blob = null;
Utils.ExportCspBlob(safeKeyHandle, includePrivateParameters ? Constants.PRIVATEKEYBLOB : Constants.PUBLICKEYBLOB, JitHelpers.GetObjectHandleOnStack(ref blob));
return blob;
}
[System.Security.SecurityCritical] // auto-generated
internal static void ImportCspBlobHelper (CspAlgorithmType keyType, byte[] keyBlob, bool publicOnly, ref CspParameters parameters, bool randomKeyContainer, ref SafeProvHandle safeProvHandle, ref SafeKeyHandle safeKeyHandle) {
// Free the current key handle
if (safeKeyHandle != null && !safeKeyHandle.IsClosed)
safeKeyHandle.Dispose();
safeKeyHandle = SafeKeyHandle.InvalidHandle;
if (publicOnly) {
parameters.KeyNumber = Utils._ImportCspBlob(keyBlob, keyType == CspAlgorithmType.Dss ? Utils.StaticDssProvHandle : Utils.StaticProvHandle, (CspProviderFlags) 0, ref safeKeyHandle);
} else {
if (!CompatibilitySwitches.IsAppEarlierThanWindowsPhone8) {
KeyContainerPermission kp = new KeyContainerPermission(KeyContainerPermissionFlags.NoFlags);
KeyContainerPermissionAccessEntry entry = new KeyContainerPermissionAccessEntry(parameters, KeyContainerPermissionFlags.Import);
kp.AccessEntries.Add(entry);
kp.Demand();
}
if (safeProvHandle == null)
safeProvHandle = Utils.CreateProvHandle(parameters, randomKeyContainer);
parameters.KeyNumber = Utils._ImportCspBlob(keyBlob, safeProvHandle, parameters.Flags, ref safeKeyHandle);
}
}
internal static extern int _GetUserKey(SafeProvHandle hProv, int keyNumber, ref SafeKeyHandle hKey);
internal static extern int _ImportCspBlob(byte[] keyBlob, SafeProvHandle hProv, CspProviderFlags flags, ref SafeKeyHandle hKey);
internal static extern int _EncryptData(SafeKeyHandle hKey, byte[] data, int ib, int cb, ref byte[] outputBuffer, int outputOffset, PaddingMode PaddingMode, bool fDone);
internal static extern void _GenerateKey(SafeProvHandle hProv, int algid, CspProviderFlags flags, int keySize, ref SafeKeyHandle hKey);
private void ImportKey(ReadOnlySpan <byte> key)
{
_keyHandle = Interop.BCrypt.BCryptImportKey(s_aesGcm, key);
}
public override void ImportParameters(RSAParameters parameters)
{
if ((this._safeKeyHandle != null) && !this._safeKeyHandle.IsClosed)
{
this._safeKeyHandle.Dispose();
this._safeKeyHandle = null;
}
RSACspObject cspObject = RSAStructToObject(parameters);
this._safeKeyHandle = SafeKeyHandle.InvalidHandle;
if (IsPublic(parameters))
{
Utils._ImportKey(Utils.StaticProvHandle, 0xa400, CspProviderFlags.NoFlags, cspObject, ref this._safeKeyHandle);
}
else
{
KeyContainerPermission permission = new KeyContainerPermission(KeyContainerPermissionFlags.NoFlags);
KeyContainerPermissionAccessEntry accessEntry = new KeyContainerPermissionAccessEntry(this._parameters, KeyContainerPermissionFlags.Import);
permission.AccessEntries.Add(accessEntry);
permission.Demand();
if (this._safeProvHandle == null)
{
this._safeProvHandle = Utils.CreateProvHandle(this._parameters, this._randomKeyContainer);
}
Utils._ImportKey(this._safeProvHandle, 0xa400, this._parameters.Flags, cspObject, ref this._safeKeyHandle);
}
}
internal GostCryptoAPITransform(
int cArgs, int[] rgArgIds, object[] rgArgValues,
SafeKeyHandle hKey,
SafeProvHandle hProv,
PaddingMode padding,
CipherMode cipherChainingMode,
int blockSize,
bool encrypting)
{
_blockSizeValue = blockSize;
_modeValue = cipherChainingMode;
_isStream = _modeValue == CipherMode.OFB ||
_modeValue == CipherMode.CFB;
_paddingValue = padding;
this._encrypting = encrypting;
int[] numArray1 = new int[rgArgIds.Length];
Array.Copy(rgArgIds, numArray1, rgArgIds.Length);
object[] objArray1 = new object[rgArgValues.Length];
for (int num2 = 0; num2 < rgArgValues.Length; num2++)
{
if (rgArgValues[num2] is byte[])
{
byte[] buffer2 = (byte[])rgArgValues[num2];
byte[] buffer3 = new byte[buffer2.Length];
Array.Copy(buffer2, buffer3, buffer2.Length);
objArray1[num2] = buffer3;
}
else if (rgArgValues[num2] is int)
{
objArray1[num2] = (int)rgArgValues[num2];
}
else if (rgArgValues[num2] is CipherMode)
{
objArray1[num2] = (int)rgArgValues[num2];
}
else if (rgArgValues[num2] is PaddingMode)
{
objArray1[num2] = (int)rgArgValues[num2];
}
}
safeKeyHandle_ = hKey;
_safeProvHandle = hProv;
// Не добавляем ссылки на ключи и провайдеры
// провайдер передан уже с addRef
// ключ - получен через DuplicateKey
for (int num3 = 0; num3 < cArgs; num3++)
{
switch (rgArgIds[num3])
{
case GostConstants.KP_SV:
{
_ivValue = (byte[])objArray1[num3];
byte[] buffer1 = _ivValue;
CapiHelper.SetKeyParameter(safeKeyHandle_,
numArray1[num3], buffer1);
break;
}
case GostConstants.KP_PADDING:
{
CapiHelper.SetKeyParameter(safeKeyHandle_,
numArray1[num3], BitConverter.GetBytes((int)objArray1[num3]));
break;
}
case GostConstants.KP_MODE:
{
CapiHelper.SetKeyParameter(safeKeyHandle_,
numArray1[num3], BitConverter.GetBytes((int)objArray1[num3]));
break;
}
default:
{
throw new CryptographicException(SR.Argument_InvalidValue);
}
}
}
}
[System.Security.SecurityCritical] // auto-generated
internal CryptoAPITransform(int algid, int cArgs, int[] rgArgIds,
Object[] rgArgValues, byte[] rgbKey, PaddingMode padding,
CipherMode cipherChainingMode, int blockSize,
int feedbackSize, bool useSalt,
CryptoAPITransformMode encDecMode)
{
int dwValue;
byte[] rgbValue;
BlockSizeValue = blockSize;
ModeValue = cipherChainingMode;
PaddingValue = padding;
encryptOrDecrypt = encDecMode;
// Copy the input args
int _cArgs = cArgs;
int[] _rgArgIds = new int[rgArgIds.Length];
Array.Copy(rgArgIds, _rgArgIds, rgArgIds.Length);
_rgbKey = new byte[rgbKey.Length];
Array.Copy(rgbKey, _rgbKey, rgbKey.Length);
Object[] _rgArgValues = new Object[rgArgValues.Length];
// an element of rgArgValues can only be an int or a byte[]
for (int j = 0; j < rgArgValues.Length; j++)
{
if (rgArgValues[j] is byte[])
{
byte[] rgbOrig = (byte[])rgArgValues[j];
byte[] rgbNew = new byte[rgbOrig.Length];
Array.Copy(rgbOrig, rgbNew, rgbOrig.Length);
_rgArgValues[j] = rgbNew;
continue;
}
if (rgArgValues[j] is int)
{
_rgArgValues[j] = (int)rgArgValues[j];
continue;
}
if (rgArgValues[j] is CipherMode)
{
_rgArgValues[j] = (int)rgArgValues[j];
continue;
}
}
_safeProvHandle = Utils.AcquireProvHandle(new CspParameters(Utils.DefaultRsaProviderType));
SafeKeyHandle safeKeyHandle = SafeKeyHandle.InvalidHandle;
// _ImportBulkKey will check for failures and throw an exception
Utils._ImportBulkKey(_safeProvHandle, algid, useSalt, _rgbKey, ref safeKeyHandle);
_safeKeyHandle = safeKeyHandle;
for (int i = 0; i < cArgs; i++)
{
switch (rgArgIds[i])
{
case Constants.KP_IV:
IVValue = (byte[])_rgArgValues[i];
rgbValue = IVValue;
Utils.SetKeyParamRgb(_safeKeyHandle, _rgArgIds[i], rgbValue, rgbValue.Length);
break;
case Constants.KP_MODE:
ModeValue = (CipherMode)_rgArgValues[i];
dwValue = (Int32)_rgArgValues[i];
SetAsDWord:
Utils.SetKeyParamDw(_safeKeyHandle, _rgArgIds[i], dwValue);
break;
case Constants.KP_MODE_BITS:
dwValue = (Int32)_rgArgValues[i];
goto SetAsDWord;
case Constants.KP_EFFECTIVE_KEYLEN:
dwValue = (Int32)_rgArgValues[i];
goto SetAsDWord;
default:
throw new CryptographicException(Environment.GetResourceString("Cryptography_InvalidKeyParameter"), "_rgArgIds[i]");
}
}
}
private static extern void EncryptKey(SafeKeyHandle pKeyContext,
[MarshalAs(UnmanagedType.LPArray)] byte[] pbKey,
int cbKey,
[MarshalAs(UnmanagedType.Bool)] bool fOAEP,
ObjectHandleOnStack ohRetEncryptedKey);
private static ICryptoTransform CreateTransformCore(
SafeProvHandle hProv,
SafeKeyHandle hKey,
CipherMode mode,
PaddingMode padding,
byte[] rgbIV,
int blockSize,
int feedbackSize,
bool encrypting)
{
//#Q_ ToDo выжечь огнём этот ад с двумя масивами для передачи параметров в GostCryptoAPITransform
// переделать на словарь, или в идеале просто явно передавать параметры, но не этот ужас
int num1 = 0;
int[] numArray1 = new int[10];
object[] objArray1 = new object[10];
// Не поддерживаем CTS. Выдаем приличное исключение.
if (mode == CipherMode.CTS)
{
throw new ArgumentException(
SR.Argument_InvalidValue, nameof(mode)); //SR.Cryptography_CSP_CTSNotSupported
}
// Поддерживаем только правильные пары Padding - mode
if (mode == CipherMode.OFB || mode == CipherMode.CFB)
{
if (padding != PaddingMode.None)
{
throw new CryptographicException(
SR.Cryptography_InvalidPaddingMode);
}
}
// Сбрасываем Pading, мы сами его поддерживаем.
numArray1[num1] = GostConstants.KP_PADDING;
objArray1[num1] = GostConstants.WINCRYPT_PADDING_ZERO;
num1++;
// Поддерживаем только CFB с feedback по ГОСТ.
if ((mode == CipherMode.CFB) &&
(feedbackSize != DefFeedbackSize))
{
throw new ArgumentException(SR.Argument_InvalidValue, nameof(feedbackSize));
}
// Нет ключа, генерим.
if (hKey == null)
{
CapiHelper.GenerateKey(hProv,
GostConstants.CALG_G28147,
(int)CspProviderFlags.NoFlags, GostConstants.G28147_KEYLEN * BitsPerByte,
out hKey);
}
// Ключ приходит как Handle, поэтому длины не проверяем.
// Mode ставим всегда, так как при создании ключа по Handle
// он может быть другим.
numArray1[num1] = GostConstants.KP_MODE;
objArray1[num1] = mode;
num1++;
// Для всех mode кроме ECB требуется синхропосылка. Устанавливаем.
if (mode != CipherMode.ECB)
{
// Если ее нет, то генерим.
if (rgbIV == null)
{
if (!encrypting)
{
// при расшифровании IV должен быть задан
throw new CryptographicException(SR.Cryptography_MissingIV);
}
// Не используем GenerateIV: классовая и переданная
// IV могут отличаться.
rgbIV = new byte[IVSize / 8];
using (var rng = new GostRngCryptoServiceProvider(hProv))
{
rng.GetBytes(rgbIV);
}
}
// проверяем достаточность по длине.
if (rgbIV.Length < IVSize / BitsPerByte)
{
throw new CryptographicException(
SR.Cryptography_InvalidIVSize);
}
numArray1[num1] = GostConstants.KP_SV;
objArray1[num1] = rgbIV;
num1++;
}
// Можно еще установить для CFB количество бит зацепления, но
// оно всегда равно 64 и его установка не поддерживается CSP.
return(new GostCryptoAPITransform(num1, numArray1, objArray1, hKey, hProv,
padding, mode, blockSize, encrypting));
}
internal static void ImportCspBlobHelper(CspAlgorithmType keyType, byte[] keyBlob, bool publicOnly, ref CspParameters parameters, bool randomKeyContainer, ref SafeProvHandle safeProvHandle, ref SafeKeyHandle safeKeyHandle)
{
if ((safeKeyHandle != null) && !safeKeyHandle.IsClosed)
{
safeKeyHandle.Dispose();
}
safeKeyHandle = SafeKeyHandle.InvalidHandle;
if (publicOnly)
{
parameters.KeyNumber = _ImportCspBlob(keyBlob, (keyType == CspAlgorithmType.Dss) ? StaticDssProvHandle : StaticProvHandle, CspProviderFlags.NoFlags, ref safeKeyHandle);
}
else
{
KeyContainerPermission permission = new KeyContainerPermission(KeyContainerPermissionFlags.NoFlags);
KeyContainerPermissionAccessEntry accessEntry = new KeyContainerPermissionAccessEntry(parameters, KeyContainerPermissionFlags.Import);
permission.AccessEntries.Add(accessEntry);
permission.Demand();
if (safeProvHandle == null)
{
safeProvHandle = CreateProvHandle(parameters, randomKeyContainer);
}
parameters.KeyNumber = _ImportCspBlob(keyBlob, safeProvHandle, parameters.Flags, ref safeKeyHandle);
}
}
internal static void GetKeyPairHelper(CspAlgorithmType keyType, CspParameters parameters, bool randomKeyContainer, int dwKeySize, ref SafeProvHandle safeProvHandle, ref SafeKeyHandle safeKeyHandle)
{
SafeProvHandle hProv = CreateProvHandle(parameters, randomKeyContainer);
if (parameters.CryptoKeySecurity != null)
{
KeyContainerPermission permission = new KeyContainerPermission(KeyContainerPermissionFlags.NoFlags);
KeyContainerPermissionAccessEntry accessEntry = new KeyContainerPermissionAccessEntry(parameters, KeyContainerPermissionFlags.ChangeAcl);
permission.AccessEntries.Add(accessEntry);
permission.Demand();
SetKeySetSecurityInfo(hProv, parameters.CryptoKeySecurity, parameters.CryptoKeySecurity.ChangedAccessControlSections);
}
if (parameters.ParentWindowHandle != IntPtr.Zero)
{
SetProviderParameter(hProv, parameters.KeyNumber, 10, parameters.ParentWindowHandle);
}
else if (parameters.KeyPassword != null)
{
IntPtr pbData = Marshal.SecureStringToCoTaskMemAnsi(parameters.KeyPassword);
try
{
SetProviderParameter(hProv, parameters.KeyNumber, 11, pbData);
}
finally
{
if (pbData != IntPtr.Zero)
{
Marshal.ZeroFreeCoTaskMemAnsi(pbData);
}
}
}
safeProvHandle = hProv;
SafeKeyHandle invalidHandle = SafeKeyHandle.InvalidHandle;
int hr = _GetUserKey(safeProvHandle, parameters.KeyNumber, ref invalidHandle);
if (hr != 0)
{
if (((parameters.Flags & CspProviderFlags.UseExistingKey) != CspProviderFlags.NoFlags) || (hr != -2146893811))
{
throw new CryptographicException(hr);
}
_GenerateKey(safeProvHandle, parameters.KeyNumber, parameters.Flags, dwKeySize, ref invalidHandle);
}
byte[] buffer = _GetKeyParameter(invalidHandle, 9);
int num2 = ((buffer[0] | (buffer[1] << 8)) | (buffer[2] << 0x10)) | (buffer[3] << 0x18);
if ((((keyType == CspAlgorithmType.Rsa) && (num2 != 0xa400)) && (num2 != 0x2400)) || ((keyType == CspAlgorithmType.Dss) && (num2 != 0x2200)))
{
invalidHandle.Dispose();
throw new CryptographicException(Environment.GetResourceString("Cryptography_CSP_WrongKeySpec"));
}
safeKeyHandle = invalidHandle;
}
internal CryptoAPITransform(int algid, int cArgs, int[] rgArgIds, object[] rgArgValues, byte[] rgbKey, PaddingMode padding, CipherMode cipherChainingMode, int blockSize, int feedbackSize, bool useSalt, CryptoAPITransformMode encDecMode)
{
this.BlockSizeValue = blockSize;
this.ModeValue = cipherChainingMode;
this.PaddingValue = padding;
this.encryptOrDecrypt = encDecMode;
int[] destinationArray = new int[rgArgIds.Length];
Array.Copy(rgArgIds, destinationArray, rgArgIds.Length);
this._rgbKey = new byte[rgbKey.Length];
Array.Copy(rgbKey, this._rgbKey, rgbKey.Length);
object[] objArray = new object[rgArgValues.Length];
for (int i = 0; i < rgArgValues.Length; i++)
{
if (rgArgValues[i] is byte[])
{
byte[] sourceArray = (byte[]) rgArgValues[i];
byte[] buffer3 = new byte[sourceArray.Length];
Array.Copy(sourceArray, buffer3, sourceArray.Length);
objArray[i] = buffer3;
}
else if (rgArgValues[i] is int)
{
objArray[i] = (int) rgArgValues[i];
}
else if (rgArgValues[i] is CipherMode)
{
objArray[i] = (int) rgArgValues[i];
}
}
this._safeProvHandle = Utils.AcquireProvHandle(new CspParameters(Utils.DefaultRsaProviderType));
SafeKeyHandle invalidHandle = SafeKeyHandle.InvalidHandle;
Utils._ImportBulkKey(this._safeProvHandle, algid, useSalt, this._rgbKey, ref invalidHandle);
this._safeKeyHandle = invalidHandle;
for (int j = 0; j < cArgs; j++)
{
int num;
switch (rgArgIds[j])
{
case 1:
{
this.IVValue = (byte[]) objArray[j];
byte[] iVValue = this.IVValue;
Utils.SetKeyParamRgb(this._safeKeyHandle, destinationArray[j], iVValue, iVValue.Length);
continue;
}
case 4:
this.ModeValue = (CipherMode) objArray[j];
num = (int) objArray[j];
break;
case 5:
num = (int) objArray[j];
break;
case 0x13:
num = (int) objArray[j];
break;
default:
throw new CryptographicException(Environment.GetResourceString("Cryptography_InvalidKeyParameter"), "_rgArgIds[i]");
}
Utils.SetKeyParamDw(this._safeKeyHandle, destinationArray[j], num);
}
}
[System.Security.SecurityCritical] // auto-generated
internal static bool VerifySign(SafeKeyHandle hKey, int calgKey, int calgHash, byte[] hash, byte[] signature)
{
return VerifySign(hKey, calgKey, calgHash, hash, hash.Length, signature, signature.Length);
}
private static int GetMinimumKeySize(SafeKeyHandle key)
{
var keyLengths = NCryptGetProperty<NCRYPT_SUPPORTED_LENGTHS>(key, KeyStoragePropertyIdentifiers.NCRYPT_LENGTHS_PROPERTY);
return keyLengths.dwMinLength;
}
internal static extern void _ExportKey(SafeKeyHandle hKey, int blobType, object cspObject);
private static extern void ExportCspBlob(SafeKeyHandle hKey, int blobType, ObjectHandleOnStack retBlob);
internal static extern byte[] _GetKeyParameter(SafeKeyHandle hKey, uint paramID);
internal static extern void SetKeyParamDw(SafeKeyHandle hKey, int param, int dwValue);
internal static extern void _ImportBulkKey(SafeProvHandle hProv, int algid, bool useSalt, byte[] key, ref SafeKeyHandle hKey);
internal static extern void SetKeyParamRgb(SafeKeyHandle hKey, int param, byte[] value, int cbValue);
internal static extern void _ImportKey(SafeProvHandle hCSP, int keyNumber, CspProviderFlags flags, object cspObject, ref SafeKeyHandle hKey);
private static extern void SignValue(SafeKeyHandle hKey, int keyNumber, int calgKey, int calgHash, byte[] hash, int cbHash, ObjectHandleOnStack retSignature);
internal static void GetKeyPairHelper (CspAlgorithmType keyType, CspParameters parameters, bool randomKeyContainer, int dwKeySize, ref SafeProvHandle safeProvHandle, ref SafeKeyHandle safeKeyHandle) {
SafeProvHandle TempFetchedProvHandle = Utils.CreateProvHandle(parameters, randomKeyContainer);
#if FEATURE_MACL
// If the user wanted to set the security descriptor on the provider context, apply it now.
if (parameters.CryptoKeySecurity != null) {
KeyContainerPermission kp = new KeyContainerPermission(KeyContainerPermissionFlags.NoFlags);
KeyContainerPermissionAccessEntry entry = new KeyContainerPermissionAccessEntry(parameters, KeyContainerPermissionFlags.ChangeAcl);
kp.AccessEntries.Add(entry);
kp.Demand();
SetKeySetSecurityInfo(TempFetchedProvHandle, parameters.CryptoKeySecurity, parameters.CryptoKeySecurity.ChangedAccessControlSections);
}
#endif //FEATURE_MACL
#if FEATURE_X509_SECURESTRINGS
// If the user wanted to specify a PIN or HWND for a smart card CSP, apply those settings now.
if (parameters.ParentWindowHandle != IntPtr.Zero)
SetProviderParameter(TempFetchedProvHandle, parameters.KeyNumber, Constants.CLR_PP_CLIENT_HWND, parameters.ParentWindowHandle);
else if (parameters.KeyPassword != null) {
IntPtr szPassword = Marshal.SecureStringToCoTaskMemAnsi(parameters.KeyPassword);
try {
SetProviderParameter(TempFetchedProvHandle, parameters.KeyNumber, Constants.CLR_PP_PIN, szPassword);
}
finally {
if (szPassword != IntPtr.Zero)
Marshal.ZeroFreeCoTaskMemAnsi(szPassword);
}
}
#endif //FEATURE_X509_SECURESTRINGS
safeProvHandle = TempFetchedProvHandle;
// If the key already exists, use it, else generate a new one
SafeKeyHandle TempFetchedKeyHandle = SafeKeyHandle.InvalidHandle;
int hr = Utils._GetUserKey(safeProvHandle, parameters.KeyNumber, ref TempFetchedKeyHandle);
if (hr != Constants.S_OK) {
if ((parameters.Flags & CspProviderFlags.UseExistingKey) != 0 || hr != Constants.NTE_NO_KEY)
throw new CryptographicException(hr);
// _GenerateKey will check for failures and throw an exception
Utils._GenerateKey(safeProvHandle, parameters.KeyNumber, parameters.Flags, dwKeySize, ref TempFetchedKeyHandle);
}
// check that this is indeed an RSA/DSS key.
byte[] algid = (byte[]) Utils._GetKeyParameter(TempFetchedKeyHandle, Constants.CLR_ALGID);
int dwAlgId = (algid[0] | (algid[1] << 8) | (algid[2] << 16) | (algid[3] << 24));
if ((keyType == CspAlgorithmType.Rsa && dwAlgId != Constants.CALG_RSA_KEYX && dwAlgId != Constants.CALG_RSA_SIGN) ||
(keyType == CspAlgorithmType.Dss && dwAlgId != Constants.CALG_DSS_SIGN)) {
TempFetchedKeyHandle.Dispose();
throw new CryptographicException(Environment.GetResourceString("Cryptography_CSP_WrongKeySpec"));
}
safeKeyHandle = TempFetchedKeyHandle;
}
[System.Security.SecurityCritical] // auto-generated
internal static byte[] SignValue(SafeKeyHandle hKey, int keyNumber, int calgKey, int calgHash, byte[] hash)
{
byte[] signature = null;
SignValue(hKey, keyNumber, calgKey, calgHash, hash, hash.Length, JitHelpers.GetObjectHandleOnStack(ref signature));
return signature;
}
[System.Security.SecuritySafeCritical] // auto-generated
public override void ImportParameters(RSAParameters parameters) {
// Free the current key handle
if (_safeKeyHandle != null && !_safeKeyHandle.IsClosed) {
_safeKeyHandle.Dispose();
_safeKeyHandle = null;
}
RSACspObject rsaCspObject = RSAStructToObject(parameters);
_safeKeyHandle = SafeKeyHandle.InvalidHandle;
if (IsPublic(parameters)) {
// Use our CRYPT_VERIFYCONTEXT handle, CRYPT_EXPORTABLE is not applicable to public only keys, so pass false
Utils._ImportKey(Utils.StaticProvHandle, Constants.CALG_RSA_KEYX, (CspProviderFlags) 0, rsaCspObject, ref _safeKeyHandle);
} else {
if (!CompatibilitySwitches.IsAppEarlierThanWindowsPhone8) {
KeyContainerPermission kp = new KeyContainerPermission(KeyContainerPermissionFlags.NoFlags);
KeyContainerPermissionAccessEntry entry = new KeyContainerPermissionAccessEntry(_parameters, KeyContainerPermissionFlags.Import);
kp.AccessEntries.Add(entry);
kp.Demand();
}
if (_safeProvHandle == null)
_safeProvHandle = Utils.CreateProvHandle(_parameters, _randomKeyContainer);
// Now, import the key into the CSP; _ImportKey will check for failures.
Utils._ImportKey(_safeProvHandle, Constants.CALG_RSA_KEYX, _parameters.Flags, rsaCspObject, ref _safeKeyHandle);
}
}
private static extern bool VerifySign(SafeKeyHandle hKey, int calgKey, int calgHash, byte[] hash, int cbHash, byte[] signature, int cbSignature);
[System.Security.SecurityCritical] // auto-generated
internal CryptoAPITransform(int algid, int cArgs, int[] rgArgIds,
Object[] rgArgValues, byte[] rgbKey, PaddingMode padding,
CipherMode cipherChainingMode, int blockSize,
int feedbackSize, bool useSalt,
CryptoAPITransformMode encDecMode) {
int dwValue;
byte[] rgbValue;
BlockSizeValue = blockSize;
ModeValue = cipherChainingMode;
PaddingValue = padding;
encryptOrDecrypt = encDecMode;
// Copy the input args
int _cArgs = cArgs;
int[] _rgArgIds = new int[rgArgIds.Length];
Array.Copy(rgArgIds, _rgArgIds, rgArgIds.Length);
_rgbKey = new byte[rgbKey.Length];
Array.Copy(rgbKey, _rgbKey, rgbKey.Length);
Object[] _rgArgValues = new Object[rgArgValues.Length];
// an element of rgArgValues can only be an int or a byte[]
for (int j = 0; j < rgArgValues.Length; j++) {
if (rgArgValues[j] is byte[]) {
byte[] rgbOrig = (byte[]) rgArgValues[j];
byte[] rgbNew = new byte[rgbOrig.Length];
Array.Copy(rgbOrig, rgbNew, rgbOrig.Length);
_rgArgValues[j] = rgbNew;
continue;
}
if (rgArgValues[j] is int) {
_rgArgValues[j] = (int) rgArgValues[j];
continue;
}
if (rgArgValues[j] is CipherMode) {
_rgArgValues[j] = (int) rgArgValues[j];
continue;
}
}
_safeProvHandle = Utils.AcquireProvHandle(new CspParameters(Utils.DefaultRsaProviderType));
SafeKeyHandle safeKeyHandle = SafeKeyHandle.InvalidHandle;
// _ImportBulkKey will check for failures and throw an exception
Utils._ImportBulkKey(_safeProvHandle, algid, useSalt, _rgbKey, ref safeKeyHandle);
_safeKeyHandle = safeKeyHandle;
for (int i=0; i<cArgs; i++) {
switch (rgArgIds[i]) {
case Constants.KP_IV:
IVValue = (byte[]) _rgArgValues[i];
rgbValue = IVValue;
Utils.SetKeyParamRgb(_safeKeyHandle, _rgArgIds[i], rgbValue, rgbValue.Length);
break;
case Constants.KP_MODE:
ModeValue = (CipherMode) _rgArgValues[i];
dwValue = (Int32) _rgArgValues[i];
SetAsDWord:
Utils.SetKeyParamDw(_safeKeyHandle, _rgArgIds[i], dwValue);
break;
case Constants.KP_MODE_BITS:
dwValue = (Int32) _rgArgValues[i];
goto SetAsDWord;
case Constants.KP_EFFECTIVE_KEYLEN:
dwValue = (Int32) _rgArgValues[i];
goto SetAsDWord;
default:
throw new CryptographicException(Environment.GetResourceString("Cryptography_InvalidKeyParameter"), "_rgArgIds[i]");
}
}
}
internal static byte[] ExportCspBlobHelper(bool includePrivateParameters, CspParameters parameters, SafeKeyHandle safeKeyHandle)
{
if (includePrivateParameters)
{
KeyContainerPermission permission = new KeyContainerPermission(KeyContainerPermissionFlags.NoFlags);
KeyContainerPermissionAccessEntry accessEntry = new KeyContainerPermissionAccessEntry(parameters, KeyContainerPermissionFlags.Export);
permission.AccessEntries.Add(accessEntry);
permission.Demand();
}
byte[] o = null;
ExportCspBlob(safeKeyHandle, includePrivateParameters ? 7 : 6, JitHelpers.GetObjectHandleOnStack<byte[]>(ref o));
return o;
}
