private static extern SECURITY_STATUS NCryptGetProperty( SafeNCryptHandle hObject, string pszProperty, ref int pbOutput, int cbOutput, [Out] out int pcbResult, CngPropertyOptions dwFlags);
/// <summary> /// Returns a CNG key property. /// </summary> /// <returns> /// null - if property not defined on key. /// throws - for any other type of error. /// </returns> public static byte[] GetProperty(this SafeNCryptHandle ncryptHandle, string propertyName, CngPropertyOptions options) { unsafe { int numBytesNeeded; ErrorCode errorCode = Interop.NCrypt.NCryptGetProperty(ncryptHandle, propertyName, null, 0, out numBytesNeeded, options); if (errorCode == ErrorCode.NTE_NOT_FOUND) return null; if (errorCode != ErrorCode.ERROR_SUCCESS) throw errorCode.ToCryptographicException(); byte[] propertyValue = new byte[numBytesNeeded]; fixed (byte* pPropertyValue = propertyValue) { errorCode = Interop.NCrypt.NCryptGetProperty(ncryptHandle, propertyName, pPropertyValue, propertyValue.Length, out numBytesNeeded, options); } if (errorCode == ErrorCode.NTE_NOT_FOUND) return null; if (errorCode != ErrorCode.ERROR_SUCCESS) throw errorCode.ToCryptographicException(); Array.Resize(ref propertyValue, numBytesNeeded); return propertyValue; } }
private static extern int NCryptSetProperty( SafeNCryptHandle handle, string property, [In][MarshalAs(UnmanagedType.LPArray)] byte[] input1, int input2, CngPropertyOptions flags);
private static extern SECURITY_STATUS NCryptSetProperty( SafeNCryptHandle hObject, string pszProperty, [In][MarshalAs(UnmanagedType.LPArray)] byte[] pbInput, int cbInput, CngPropertyOptions dwFlags);
internal static unsafe partial ErrorCode NCryptGetProperty( SafeNCryptHandle hObject, string pszProperty, void *pbOutput, int cbOutput, out int pcbResult, CngPropertyOptions dwFlags);
internal static extern unsafe ErrorCode NCryptSetProperty( #endif SafeNCryptHandle hObject, string pszProperty, void *pbInput, int cbInput, CngPropertyOptions dwFlags);
public CngProperty(string name, byte[]?value, CngPropertyOptions options) : this() { ArgumentNullException.ThrowIfNull(name); Name = name; Options = options; _lazyHashCode = default(int?); _value = value.CloneByteArray(); }
internal CngProperty(string name, ReadOnlySpan <byte> value, CngPropertyOptions options) : this() { ArgumentNullException.ThrowIfNull(name); Name = name; Options = options; _lazyHashCode = default; _value = value.ToArray(); }
public bool HasProperty(string name, CngPropertyOptions options) { bool flag; if (name == null) { throw new ArgumentNullException("name"); } NCryptNative.GetProperty(this.m_keyHandle, name, options, out flag); return(flag); }
public CngProperty(string name, byte[] value, CngPropertyOptions options) { if (name == null) { throw new ArgumentNullException("name"); } this.name = name; this.val = (value != null) ? (byte[])value.Clone() : null; this.opts = options; }
public CngProperty(string name, byte[] value, CngPropertyOptions options) : this() { if (name == null) { throw new ArgumentNullException("name"); } Name = name; Options = options; _lazyHashCode = default(int?); _value = (value == null) ? null : value.CloneByteArray(); }
/// <summary> /// Get the value of an arbitrary property /// </summary> public CngProperty GetProperty(string name, CngPropertyOptions options) { if (name == null) throw new ArgumentNullException(nameof(name)); byte[] value = _keyHandle.GetProperty(name, options); if (value == null) throw ErrorCode.NTE_NOT_FOUND.ToCryptographicException(); if (value.Length == 0) value = null; // Desktop compat: For some reason, CngKey.GetProperty() morphs zero length property values to null. return new CngProperty(name, value, options); }
public CngProperty GetProperty(string name, CngPropertyOptions options) { bool flag; if (name == null) { throw new ArgumentNullException("name"); } byte[] buffer = NCryptNative.GetProperty(this.m_keyHandle, name, options, out flag); if (!flag) { throw new CryptographicException(-2146893807); } return(new CngProperty(name, buffer, options)); }
public bool HasProperty(string name, CngPropertyOptions options) { Contract.Assert(m_keyHandle != null); if (name == null) { throw new ArgumentNullException("name"); } bool foundProperty; NCryptNative.GetProperty(m_keyHandle, name, options, out foundProperty); return(foundProperty); }
/// <summary> /// Determine if a property exists on the key /// </summary> public bool HasProperty(string name, CngPropertyOptions options) { if (name == null) throw new ArgumentNullException(nameof(name)); unsafe { int numBytesNeeded; ErrorCode errorCode = Interop.NCrypt.NCryptGetProperty(_keyHandle, name, null, 0, out numBytesNeeded, options); if (errorCode == ErrorCode.NTE_NOT_FOUND) return false; if (errorCode != ErrorCode.ERROR_SUCCESS) throw errorCode.ToCryptographicException(); return true; } }
/// <summary> /// Get the value of an arbitrary property /// </summary> public CngProperty GetProperty(string name, CngPropertyOptions options) { ArgumentNullException.ThrowIfNull(name); byte[]? value = _keyHandle.GetProperty(name, options); if (value == null) { throw ErrorCode.NTE_NOT_FOUND.ToCryptographicException(); } if (value.Length == 0) { value = null; // .NET Framework compat: For some reason, CngKey.GetProperty() morphs zero length property values to null. } return(new CngProperty(name, value, options)); }
public CngProperty(string name, byte[] value, CngPropertyOptions options) { if (name == null) { throw new ArgumentNullException("name"); } this.m_name = name; this.m_propertyOptions = options; this.m_hashCode = null; if (value != null) { this.m_value = value.Clone() as byte[]; } else { this.m_value = null; } }
/// <summary> /// Determine if a property exists on the key /// </summary> public bool HasProperty(string name, CngPropertyOptions options) { ArgumentNullException.ThrowIfNull(name); unsafe { ErrorCode errorCode = Interop.NCrypt.NCryptGetProperty(_keyHandle, name, null, 0, out _, options); if (errorCode == ErrorCode.NTE_NOT_FOUND) { return(false); } if (errorCode != ErrorCode.ERROR_SUCCESS) { throw errorCode.ToCryptographicException(); } return(true); } }
/// <summary> /// Get the value of an arbitrary property /// </summary> public CngProperty GetProperty(string name, CngPropertyOptions options) { if (name == null) { throw new ArgumentNullException("name"); } byte[] value = _keyHandle.GetProperty(name, options); if (value == null) { throw ErrorCode.NTE_NOT_FOUND.ToCryptographicException(); } if (value.Length == 0) { value = null; // Desktop compat: For some reason, CngKey.GetProperty() morphs zero length property values to null. } return(new CngProperty(name, value, options)); }
internal static void SetAccessRuleOnKSPKey(CngKey key, string accountName, CryptoKeyRights keyAccessMask) { const string NCRYPT_SECURITY_DESCR_PROPERTY = "Security Descr"; const CngPropertyOptions DACL_SECURITY_INFORMATION = (CngPropertyOptions)4; // retrieve existing permissions var existingACL = key.GetProperty(NCRYPT_SECURITY_DESCR_PROPERTY, DACL_SECURITY_INFORMATION); // add new rule CryptoKeySecurity keySec = new CryptoKeySecurity(); keySec.SetSecurityDescriptorBinaryForm(existingACL.GetValue()); keySec.AddAccessRule(new CryptoKeyAccessRule(accountName, keyAccessMask, AccessControlType.Allow)); // put back CngProperty updatedACL = new CngProperty(existingACL.Name, keySec.GetSecurityDescriptorBinaryForm(), CngPropertyOptions.Persist | DACL_SECURITY_INFORMATION); key.SetProperty(updatedACL); }
public CngProperty GetProperty(string name, CngPropertyOptions options) { Contract.Assert(m_keyHandle != null); if (name == null) { throw new ArgumentNullException("name"); } bool foundProperty; byte[] value = NCryptNative.GetProperty(m_keyHandle, name, options, out foundProperty); if (!foundProperty) { throw new CryptographicException((int)NCryptNative.ErrorCode.NotFound); } return(new CngProperty(name, value, options)); }
/// <summary> /// Determine if a property exists on the key /// </summary> public bool HasProperty(string name, CngPropertyOptions options) { if (name == null) { throw new ArgumentNullException(nameof(name)); } unsafe { int numBytesNeeded; ErrorCode errorCode = Interop.NCrypt.NCryptGetProperty(_keyHandle, name, null, 0, out numBytesNeeded, options); if (errorCode == ErrorCode.NTE_NOT_FOUND) { return(false); } if (errorCode != ErrorCode.ERROR_SUCCESS) { throw errorCode.ToCryptographicException(); } return(true); } }
/// <summary> /// Retrieve a well-known CNG dword property. (Note: .NET Framework compat: this helper likes to return special values rather than throw exceptions for missing /// or ill-formatted property values. Only use it for well-known properties that are unlikely to be ill-formatted.) /// </summary> public static int GetPropertyAsDword(this SafeNCryptHandle ncryptHandle, string propertyName, CngPropertyOptions options) { byte[]? value = ncryptHandle.GetProperty(propertyName, options); if (value == null) { return(0); // .NET Framework compat: return 0 if key not present. } return(BitConverter.ToInt32(value, 0)); }
/// <summary> /// Retrieve a well-known CNG string property. (Note: .NET Framework compat: this helper likes to return special values rather than throw exceptions for missing /// or ill-formatted property values. Only use it for well-known properties that are unlikely to be ill-formatted.) /// </summary> internal static string?GetPropertyAsString(SafeNCryptHandle ncryptHandle, string propertyName, CngPropertyOptions options) { Debug.Assert(!ncryptHandle.IsInvalid); byte[]? value = GetProperty(ncryptHandle, propertyName, options); if (value == null) { return(null); // .NET Framework compat: return null if key not present. } if (value.Length == 0) { return(string.Empty); // .NET Framework compat: return empty if property value is 0-length. } unsafe { fixed(byte *pValue = &value[0]) { string valueAsString = Marshal.PtrToStringUni((IntPtr)pValue) !; return(valueAsString); } } }
/// <summary> /// Returns a CNG key property. /// </summary> /// <returns> /// null - if property not defined on key. /// throws - for any other type of error. /// </returns> private static byte[]? GetProperty(SafeNCryptHandle ncryptHandle, string propertyName, CngPropertyOptions options) { Debug.Assert(!ncryptHandle.IsInvalid); unsafe { int numBytesNeeded; ErrorCode errorCode = Interop.NCrypt.NCryptGetProperty(ncryptHandle, propertyName, null, 0, out numBytesNeeded, options); if (errorCode == ErrorCode.NTE_NOT_FOUND) { return(null); } if (errorCode != ErrorCode.ERROR_SUCCESS) { throw errorCode.ToCryptographicException(); } byte[] propertyValue = new byte[numBytesNeeded]; fixed(byte *pPropertyValue = propertyValue) { errorCode = Interop.NCrypt.NCryptGetProperty(ncryptHandle, propertyName, pPropertyValue, propertyValue.Length, out numBytesNeeded, options); } if (errorCode == ErrorCode.NTE_NOT_FOUND) { return(null); } if (errorCode != ErrorCode.ERROR_SUCCESS) { throw errorCode.ToCryptographicException(); } Array.Resize(ref propertyValue, numBytesNeeded); return(propertyValue); } }
internal static unsafe ErrorCode NCryptGetByteProperty(SafeNCryptHandle hObject, string pszProperty, ref byte result, CngPropertyOptions options = CngPropertyOptions.None) { fixed(byte *pResult = &result) { ErrorCode errorCode = Interop.NCrypt.NCryptGetProperty( hObject, pszProperty, pResult, sizeof(byte), out int cbResult, options); if (errorCode == ErrorCode.ERROR_SUCCESS) { Debug.Assert(cbResult == sizeof(byte)); } return(errorCode); } }
internal static unsafe partial ErrorCode NCryptSetProperty( SafeNCryptHandle hObject, string pszProperty, void *pbInput, int cbInput, CngPropertyOptions dwFlags);
public bool HasProperty(string name, CngPropertyOptions options) { throw new NotImplementedException (); }
public CngProperty GetProperty(string name, CngPropertyOptions options) { Contract.Assert(m_keyHandle != null); if (name == null) { throw new ArgumentNullException("name"); } bool foundProperty; byte[] value = NCryptNative.GetProperty(m_keyHandle, name, options, out foundProperty); if (!foundProperty) { throw new CryptographicException((int)NCryptNative.ErrorCode.NotFound); } return new CngProperty(name, value, options); }
/// <summary> /// Returns a CNG key property. /// </summary> /// <returns> /// null - if property not defined on key. /// throws - for any other type of error. /// </returns> private static byte[]? GetProperty(SafeNCryptHandle ncryptHandle, string propertyName, CngPropertyOptions options) { return(CngHelpers.GetProperty(ncryptHandle, propertyName, options)); }
/// <summary> /// Tries to generate and RSA Key in the given provider with this keyName. /// </summary> /// <param name="providerName">Name of the provider</param> /// <param name="keyName">Name of the key</param> /// <param name="keyLength">Length of the key to generate</param> /// <returns>true if successful, false if that key already exists.</returns> public bool TryGenerateLocalRSAKey(string providerName, string keyName, int keyLength = 2048) { CngProvider provider = new CngProvider(providerName); bool keyExists = doesKeyExists(provider, keyName); if (keyExists) { //Key already exists. Can't create it. return(false); } CryptoKeySecurity sec = new CryptoKeySecurity(); CngKeyCreationParameters keyParams = null; if (IsMicrosoftSoftwareKSP(provider)) { sec.AddAccessRule( new CryptoKeyAccessRule( new SecurityIdentifier(sidType: WellKnownSidType.BuiltinAdministratorsSid, domainSid: null), cryptoKeyRights: CryptoKeyRights.FullControl, type: AccessControlType.Allow)); sec.AddAccessRule( new CryptoKeyAccessRule( new SecurityIdentifier(sidType: WellKnownSidType.BuiltinSystemOperatorsSid, domainSid: null), cryptoKeyRights: CryptoKeyRights.GenericRead, type: AccessControlType.Allow)); const string NCRYPT_SECURITY_DESCR_PROPERTY = "Security Descr"; const CngPropertyOptions DACL_SECURITY_INFORMATION = (CngPropertyOptions)4; CngProperty permissions = new CngProperty( NCRYPT_SECURITY_DESCR_PROPERTY, sec.GetSecurityDescriptorBinaryForm(), CngPropertyOptions.Persist | DACL_SECURITY_INFORMATION); keyParams = new CngKeyCreationParameters() { ExportPolicy = CngExportPolicies.None, Provider = provider, Parameters = { new CngProperty("Length", BitConverter.GetBytes(keyLength), CngPropertyOptions.None), permissions }, KeyCreationOptions = CngKeyCreationOptions.MachineKey }; using (CngKey key = CngKey.Create(CngAlgorithm.Rsa, keyName, keyParams)) { if (key == null) { return(false); } return(true); } } else { keyParams = new CngKeyCreationParameters() { ExportPolicy = CngExportPolicies.None, Provider = provider, Parameters = { new CngProperty("Length", BitConverter.GetBytes(keyLength), CngPropertyOptions.None) } }; using (CngKey key = CngKey.Create(CngAlgorithm.Rsa, keyName, keyParams)) { if (key == null) { return(false); } // nothing to do inside here, except to return without throwing an exception return(true); } } }
public bool HasProperty(string name, CngPropertyOptions options) { throw new NotImplementedException(); }
public CngProperty GetProperty(string name, CngPropertyOptions options) { return default(CngProperty); }
public bool HasProperty(string name, CngPropertyOptions options) { return default(bool); }
public bool HasProperty(string name, CngPropertyOptions options) { Contract.Assert(m_keyHandle != null); if (name == null) { throw new ArgumentNullException("name"); } bool foundProperty; NCryptNative.GetProperty(m_keyHandle, name, options, out foundProperty); return foundProperty; }
internal static extern unsafe ErrorCode NCryptSetProperty(SafeNCryptHandle hObject, string pszProperty, [In] void* pbInput, int cbInput, CngPropertyOptions dwFlags);
/// <summary> /// Retrieve a well-known CNG pointer property. (Note: desktop compat: this helper likes to return special values rather than throw exceptions for missing /// or ill-formatted property values. Only use it for well-known properties that are unlikely to be ill-formatted.) /// </summary> public static IntPtr GetPropertyAsIntPtr(this SafeNCryptHandle ncryptHandle, string propertyName, CngPropertyOptions options) { unsafe { int numBytesNeeded; IntPtr value; ErrorCode errorCode = Interop.NCrypt.NCryptGetProperty(ncryptHandle, propertyName, &value, IntPtr.Size, out numBytesNeeded, options); if (errorCode == ErrorCode.NTE_NOT_FOUND) return IntPtr.Zero; if (errorCode != ErrorCode.ERROR_SUCCESS) throw errorCode.ToCryptographicException(); return value; } }
internal static extern unsafe ErrorCode NCryptGetProperty(SafeNCryptHandle hObject, string pszProperty, [Out] void* pbOutput, int cbOutput, out int pcbResult, CngPropertyOptions dwFlags);
/// <summary> /// Retrieve a well-known CNG pointer property. (Note: .NET Framework compat: this helper likes to return special values rather than throw exceptions for missing /// or ill-formatted property values. Only use it for well-known properties that are unlikely to be ill-formatted.) /// </summary> public static IntPtr GetPropertyAsIntPtr(this SafeNCryptHandle ncryptHandle, string propertyName, CngPropertyOptions options) { unsafe { IntPtr value; ErrorCode errorCode = Interop.NCrypt.NCryptGetProperty(ncryptHandle, propertyName, &value, IntPtr.Size, out _, options); if (errorCode == ErrorCode.NTE_NOT_FOUND) { return(IntPtr.Zero); } if (errorCode != ErrorCode.ERROR_SUCCESS) { throw errorCode.ToCryptographicException(); } return(value); } }
/// <summary> /// Retrieve a well-known CNG dword property. (Note: desktop compat: this helper likes to return special values rather than throw exceptions for missing /// or ill-formatted property values. Only use it for well-known properties that are unlikely to be ill-formatted.) /// </summary> public static int GetPropertyAsDword(this SafeNCryptHandle ncryptHandle, string propertyName, CngPropertyOptions options) { byte[] value = ncryptHandle.GetProperty(propertyName, options); if (value == null) return 0; // Desktop compat: return 0 if key not present. return BitConverter.ToInt32(value, 0); }
/// <summary> /// Retrieve a well-known CNG string property. (Note: desktop compat: this helper likes to return special values rather than throw exceptions for missing /// or ill-formatted property values. Only use it for well-known properties that are unlikely to be ill-formatted.) /// </summary> public static string GetPropertyAsString(this SafeNCryptHandle ncryptHandle, string propertyName, CngPropertyOptions options) { byte[] value = ncryptHandle.GetProperty(propertyName, options); if (value == null) return null; // Desktop compat: return null if key not present. if (value.Length == 0) return string.Empty; // Desktop compat: return empty if property value is 0-length. unsafe { fixed (byte* pValue = value) { string valueAsString = Marshal.PtrToStringUni((IntPtr)pValue); return valueAsString; } } }
public CngProperty GetProperty(string name, CngPropertyOptions options) { bool flag; if (name == null) { throw new ArgumentNullException("name"); } byte[] buffer = NCryptNative.GetProperty(this.m_keyHandle, name, options, out flag); if (!flag) { throw new CryptographicException(-2146893807); } return new CngProperty(name, buffer, options); }
public bool HasProperty(string name, CngPropertyOptions options) { bool flag; if (name == null) { throw new ArgumentNullException("name"); } NCryptNative.GetProperty(this.m_keyHandle, name, options, out flag); return flag; }
/// <summary> /// Import a key from a file for use on the machine. /// </summary> /// <param name="providerName"></param> /// <param name="filePath"></param> public bool ImportKeyToKSP(string providerName, string keyName, string filePath, bool makeExportable = false) { CngProvider provider = new CngProvider(providerName); bool keyExists = doesKeyExists(provider, keyName); if (keyExists) { //Key already exists. Can't create it. return(false); } CryptoKeySecurity sec = new CryptoKeySecurity(); CngKeyCreationParameters keyParams = null; byte[] keyBlob = File.ReadAllBytes(filePath); CngProperty keyBlobProp = new CngProperty(new CngKeyBlobFormat("RSAFULLPRIVATEBLOB").Format, keyBlob, CngPropertyOptions.None); if (IsMicrosoftSoftwareKSP(provider)) { sec.AddAccessRule( new CryptoKeyAccessRule( new SecurityIdentifier(sidType: WellKnownSidType.BuiltinAdministratorsSid, domainSid: null), cryptoKeyRights: CryptoKeyRights.FullControl, type: AccessControlType.Allow)); sec.AddAccessRule( new CryptoKeyAccessRule( new SecurityIdentifier(sidType: WellKnownSidType.BuiltinSystemOperatorsSid, domainSid: null), cryptoKeyRights: CryptoKeyRights.GenericRead, type: AccessControlType.Allow)); const string NCRYPT_SECURITY_DESCR_PROPERTY = "Security Descr"; const CngPropertyOptions DACL_SECURITY_INFORMATION = (CngPropertyOptions)4; CngProperty permissions = new CngProperty( NCRYPT_SECURITY_DESCR_PROPERTY, sec.GetSecurityDescriptorBinaryForm(), CngPropertyOptions.Persist | DACL_SECURITY_INFORMATION); keyParams = new CngKeyCreationParameters() { ExportPolicy = makeExportable ? CngExportPolicies.AllowExport | CngExportPolicies.AllowPlaintextExport : CngExportPolicies.None, Provider = provider, Parameters = { permissions, keyBlobProp }, KeyCreationOptions = CngKeyCreationOptions.MachineKey }; using (CngKey key = CngKey.Create(CngAlgorithm.Rsa, keyName, keyParams)) { if (key == null) { return(false); } return(true); } } else { keyParams = new CngKeyCreationParameters() { ExportPolicy = makeExportable ? CngExportPolicies.AllowExport | CngExportPolicies.AllowPlaintextExport : CngExportPolicies.None, Provider = provider, Parameters = { keyBlobProp }, KeyCreationOptions = CngKeyCreationOptions.MachineKey }; using (CngKey key = CngKey.Create(CngAlgorithm.Rsa, keyName, keyParams)) { if (key == null) { return(false); } // nothing to do inside here, except to return without throwing an exception return(true); } } }
private static extern SECURITY_STATUS NCryptSetProperty( SafeNCryptHandle hObject, string pszProperty, string pbInput, int cbInput, CngPropertyOptions dwFlags);