private static extern int AppleCryptoNative_GenerateSignatureWithHashAlgorithm( SafeSecKeyRefHandle privateKey, ref byte pbDataHash, int cbDataHash, PAL_HashAlgorithm hashAlgorithm, out SafeCFDataHandle pSignatureOut, out SafeCFErrorHandle pErrorOut);
private static partial int RsaDecryptOaep( SafeSecKeyRefHandle publicKey, ReadOnlySpan <byte> pbData, int cbData, PAL_HashAlgorithm mgfAlgorithm, out SafeCFDataHandle pEncryptedOut, out SafeCFErrorHandle pErrorOut);
private static extern int RsaDecryptOaep( SafeSecKeyRefHandle publicKey, ref byte pbData, int cbData, PAL_HashAlgorithm mgfAlgorithm, out SafeCFDataHandle pEncryptedOut, out SafeCFErrorHandle pErrorOut);
private static SafeCFDataHandle NativeCreateSignature( SafeSecKeyRefHandle privateKey, ReadOnlySpan <byte> dataHash, PAL_HashAlgorithm hashAlgorithm, PAL_SignatureAlgorithm signatureAlgorithm) { int result = AppleCryptoNative_SecKeyCreateSignature( privateKey, dataHash, hashAlgorithm, signatureAlgorithm, out SafeCFDataHandle signature, out SafeCFErrorHandle errorHandle); using (errorHandle) { switch (result) { case kSuccess: return(signature); case kErrorSeeError: throw CreateExceptionForCFError(errorHandle); case kPlatformNotSupported: throw new PlatformNotSupportedException(); default: Debug.Fail($"create signature returned {result}"); throw new CryptographicException(); } } }
private static int RsaDecryptOaep( SafeSecKeyRefHandle publicKey, ReadOnlySpan <byte> pbData, int cbData, PAL_HashAlgorithm mgfAlgorithm, out SafeCFDataHandle pEncryptedOut, out SafeCFErrorHandle pErrorOut) => RsaDecryptOaep(publicKey, ref MemoryMarshal.GetReference(pbData), cbData, mgfAlgorithm, out pEncryptedOut, out pErrorOut);
private static int RsaDecryptOaep( SafeSecKeyRefHandle publicKey, ReadOnlySpan <byte> pbData, int cbData, PAL_HashAlgorithm mgfAlgorithm, out SafeCFDataHandle pEncryptedOut, out SafeCFErrorHandle pErrorOut) => RsaDecryptOaep(publicKey, ref pbData.DangerousGetPinnableReference(), cbData, mgfAlgorithm, out pEncryptedOut, out pErrorOut);
private static unsafe extern int AppleCryptoNative_SecKeyCreateSignature( SafeSecKeyRefHandle privateKey, byte *pbDataHash, int cbDataHash, PAL_HashAlgorithm hashAlgorithm, PAL_SignatureAlgorithm signatureAlgorithm, out SafeCFDataHandle pSignatureOut, out SafeCFErrorHandle pErrorOut);
private static extern int AppleCryptoNative_VerifySignatureWithHashAlgorithm( SafeSecKeyRefHandle publicKey, ref byte pbDataHash, int cbDataHash, ref byte pbSignature, int cbSignature, PAL_HashAlgorithm hashAlgorithm, out SafeCFErrorHandle pErrorOut);
private static int AppleCryptoNative_GenerateSignatureWithHashAlgorithm( SafeSecKeyRefHandle privateKey, ReadOnlySpan <byte> pbDataHash, int cbDataHash, PAL_HashAlgorithm hashAlgorithm, out SafeCFDataHandle pSignatureOut, out SafeCFErrorHandle pErrorOut) => AppleCryptoNative_GenerateSignatureWithHashAlgorithm( privateKey, ref pbDataHash.DangerousGetPinnableReference(), cbDataHash, hashAlgorithm, out pSignatureOut, out pErrorOut);
private static unsafe extern int AppleCryptoNative_SecKeyVerifySignature( SafeSecKeyRefHandle publicKey, byte *pbDataHash, int cbDataHash, byte *pbSignature, int cbSignature, PAL_HashAlgorithm hashAlgorithm, PAL_SignatureAlgorithm signatureAlgorithm, out SafeCFErrorHandle pErrorOut);
internal static unsafe partial int HmacOneShot( PAL_HashAlgorithm algorithm, byte *pKey, int cbKey, byte *pData, int cbData, byte *pOutput, int cbOutput, int *cbDigest);
private static int AppleCryptoNative_GenerateSignatureWithHashAlgorithm( SafeSecKeyRefHandle privateKey, ReadOnlySpan <byte> pbDataHash, int cbDataHash, PAL_HashAlgorithm hashAlgorithm, out SafeCFDataHandle pSignatureOut, out SafeCFErrorHandle pErrorOut) => AppleCryptoNative_GenerateSignatureWithHashAlgorithm( privateKey, ref MemoryMarshal.GetReference(pbDataHash), cbDataHash, hashAlgorithm, out pSignatureOut, out pErrorOut);
private static extern unsafe int AppleCryptoNative_Pbkdf2( PAL_HashAlgorithm prfAlgorithm, byte *password, int passwordLen, byte *salt, int saltLen, int iterations, byte *derivedKey, int derivedKeyLen, out int errorCode);
internal static byte[] CreateSignature( SafeSecKeyRefHandle privateKey, ReadOnlySpan <byte> dataHash, PAL_HashAlgorithm hashAlgorithm, PAL_SignatureAlgorithm signatureAlgorithm) { using (SafeCFDataHandle signature = NativeCreateSignature(privateKey, dataHash, hashAlgorithm, signatureAlgorithm)) { return(CoreFoundation.CFGetData(signature)); } }
internal static bool TryCreateSignature( SafeSecKeyRefHandle privateKey, ReadOnlySpan <byte> dataHash, Span <byte> destination, PAL_HashAlgorithm hashAlgorithm, PAL_SignatureAlgorithm signatureAlgorithm, out int bytesWritten) { using (SafeCFDataHandle signature = NativeCreateSignature(privateKey, dataHash, hashAlgorithm, signatureAlgorithm)) { return(CoreFoundation.TryCFWriteData(signature, destination, out bytesWritten)); } }
private static unsafe int RsaDecryptOaep( SafeSecKeyRefHandle publicKey, ReadOnlySpan <byte> pbData, int cbData, PAL_HashAlgorithm mgfAlgorithm, out SafeCFDataHandle pEncryptedOut, out SafeCFErrorHandle pErrorOut) { fixed(byte *pbDataPtr = &pbData.DangerousGetPinnableReference()) { return(RsaDecryptOaep(publicKey, pbDataPtr, cbData, mgfAlgorithm, out pEncryptedOut, out pErrorOut)); } }
private static unsafe int AppleCryptoNative_GenerateSignatureWithHashAlgorithm( SafeSecKeyRefHandle privateKey, ReadOnlySpan <byte> pbDataHash, int cbDataHash, PAL_HashAlgorithm hashAlgorithm, out SafeCFDataHandle pSignatureOut, out SafeCFErrorHandle pErrorOut) { fixed(byte *pbDataHashPtr = &pbDataHash.DangerousGetPinnableReference()) { return(AppleCryptoNative_GenerateSignatureWithHashAlgorithm( privateKey, pbDataHashPtr, cbDataHash, hashAlgorithm, out pSignatureOut, out pErrorOut)); } }
private static int AppleCryptoNative_VerifySignatureWithHashAlgorithm( SafeSecKeyRefHandle publicKey, ReadOnlySpan <byte> pbDataHash, ReadOnlySpan <byte> pbSignature, PAL_HashAlgorithm hashAlgorithm, out SafeCFErrorHandle pErrorOut) => AppleCryptoNative_VerifySignatureWithHashAlgorithm( publicKey, ref MemoryMarshal.GetReference(pbDataHash), pbDataHash.Length, ref MemoryMarshal.GetReference(pbSignature), pbSignature.Length, hashAlgorithm, out pErrorOut);
private static unsafe int AppleCryptoNative_VerifySignatureWithHashAlgorithm( SafeSecKeyRefHandle publicKey, ReadOnlySpan <byte> pbDataHash, int cbDataHash, ReadOnlySpan <byte> pbSignature, int cbSignature, PAL_HashAlgorithm hashAlgorithm, out SafeCFErrorHandle pErrorOut) { fixed(byte *pbDataHashPtr = &pbDataHash.DangerousGetPinnableReference()) fixed(byte *pbSignaturePtr = &pbSignature.DangerousGetPinnableReference()) { return(AppleCryptoNative_VerifySignatureWithHashAlgorithm(publicKey, pbDataHashPtr, cbDataHash, pbSignaturePtr, cbSignature, hashAlgorithm, out pErrorOut)); } }
private static int AppleCryptoNative_VerifySignatureWithHashAlgorithm( SafeSecKeyRefHandle publicKey, ReadOnlySpan <byte> pbDataHash, int cbDataHash, ReadOnlySpan <byte> pbSignature, int cbSignature, PAL_HashAlgorithm hashAlgorithm, out SafeCFErrorHandle pErrorOut) => AppleCryptoNative_VerifySignatureWithHashAlgorithm( publicKey, ref pbDataHash.DangerousGetPinnableReference(), cbDataHash, ref pbSignature.DangerousGetPinnableReference(), cbSignature, hashAlgorithm, out pErrorOut);
internal static bool VerifySignature( SafeSecKeyRefHandle publicKey, byte[] dataHash, byte[] signature, PAL_HashAlgorithm hashAlgorithm) { Debug.Assert(publicKey != null, "publicKey != null"); Debug.Assert(dataHash != null, "dataHash != null"); Debug.Assert(signature != null, "signature != null"); Debug.Assert(hashAlgorithm != PAL_HashAlgorithm.Unknown); SafeCFErrorHandle error; int ret = AppleCryptoNative_VerifySignatureWithHashAlgorithm( publicKey, dataHash, dataHash.Length, signature, signature.Length, hashAlgorithm, out error); const int True = 1; const int False = 0; const int kErrorSeeError = -2; using (error) { switch (ret) { case True: return(true); case False: return(false); case kErrorSeeError: throw CreateExceptionForCFError(error); default: Debug.Fail($"VerifySignature returned {ret}"); throw new CryptographicException(); } } }
internal static byte[] GenerateSignature( SafeSecKeyRefHandle privateKey, ReadOnlySpan <byte> dataHash, PAL_HashAlgorithm hashAlgorithm) { Debug.Assert(privateKey != null, "privateKey != null"); Debug.Assert(hashAlgorithm != PAL_HashAlgorithm.Unknown, "hashAlgorithm != PAL_HashAlgorithm.Unknown"); return(ExecuteTransform( dataHash, (ReadOnlySpan <byte> source, out SafeCFDataHandle signature, out SafeCFErrorHandle error) => AppleCryptoNative_GenerateSignatureWithHashAlgorithm( privateKey, source, hashAlgorithm, out signature, out error))); }
internal static bool TryGenerateSignature( SafeSecKeyRefHandle privateKey, ReadOnlySpan <byte> source, Span <byte> destination, PAL_HashAlgorithm hashAlgorithm, out int bytesWritten) { Debug.Assert(privateKey != null, "privateKey != null"); Debug.Assert(hashAlgorithm != PAL_HashAlgorithm.Unknown, "hashAlgorithm != PAL_HashAlgorithm.Unknown"); return(TryExecuteTransform( source, destination, out bytesWritten, delegate(ReadOnlySpan <byte> innerSource, out SafeCFDataHandle outputHandle, out SafeCFErrorHandle errorHandle) { return AppleCryptoNative_GenerateSignatureWithHashAlgorithm( privateKey, innerSource, hashAlgorithm, out outputHandle, out errorHandle); })); }
private static unsafe int AppleCryptoNative_SecKeyCreateSignature( SafeSecKeyRefHandle privateKey, ReadOnlySpan <byte> dataHash, PAL_HashAlgorithm hashAlgorithm, PAL_SignatureAlgorithm signatureAlgorithm, out SafeCFDataHandle pSignatureOut, out SafeCFErrorHandle pErrorOut) { fixed(byte *pDataHash = dataHash) { return(AppleCryptoNative_SecKeyCreateSignature( privateKey, pDataHash, dataHash.Length, hashAlgorithm, signatureAlgorithm, out pSignatureOut, out pErrorOut)); } }
internal static bool VerifySignature( SafeSecKeyRefHandle publicKey, ReadOnlySpan <byte> dataHash, ReadOnlySpan <byte> signature, PAL_HashAlgorithm hashAlgorithm, PAL_SignatureAlgorithm signatureAlgorithm) { const int Valid = 1; const int Invalid = 0; int result = AppleCryptoNative_SecKeyVerifySignature( publicKey, dataHash, signature, hashAlgorithm, signatureAlgorithm, out SafeCFErrorHandle errorHandle); using (errorHandle) { switch (result) { case Valid: return(true); case Invalid: return(false); case kErrorSeeError: throw CreateExceptionForCFError(errorHandle); case kPlatformNotSupported: throw new PlatformNotSupportedException(); default: Debug.Fail($"verify signature returned {result}"); throw new CryptographicException(); } } }
private static unsafe int AppleCryptoNative_SecKeyVerifySignature( SafeSecKeyRefHandle publicKey, ReadOnlySpan <byte> dataHash, ReadOnlySpan <byte> signature, PAL_HashAlgorithm hashAlgorithm, PAL_SignatureAlgorithm signatureAlgorithm, out SafeCFErrorHandle pErrorOut) { fixed(byte *pDataHash = dataHash) fixed(byte *pSignature = signature) { return(AppleCryptoNative_SecKeyVerifySignature( publicKey, pDataHash, dataHash.Length, pSignature, signature.Length, hashAlgorithm, signatureAlgorithm, out pErrorOut)); } }
internal static unsafe void Pbkdf2( PAL_HashAlgorithm prfAlgorithm, ReadOnlySpan <byte> password, ReadOnlySpan <byte> salt, int iterations, Span <byte> destination) { fixed(byte *pPassword = password) fixed(byte *pSalt = salt) fixed(byte *pDestination = destination) { int ccStatus; int ret = AppleCryptoNative_Pbkdf2( prfAlgorithm, pPassword, password.Length, pSalt, salt.Length, iterations, pDestination, destination.Length, &ccStatus); if (ret == 0) { throw Interop.AppleCrypto.CreateExceptionForCCError( ccStatus, Interop.AppleCrypto.CCCryptorStatus); } if (ret != 1) { Debug.Fail($"Pbkdf2 failed with invalid input {ret}"); throw new CryptographicException(); } } }
internal static unsafe extern int DigestOneShot(PAL_HashAlgorithm algorithm, byte *pbData, int cbData, byte *pbOutput, int cbOutput, out int cbDigest);
internal static extern SafeDigestCtxHandle DigestCreate(PAL_HashAlgorithm algorithm, out int cbDigest);
internal static unsafe partial int DigestOneShot(PAL_HashAlgorithm algorithm, byte *pbData, int cbData, byte *pbOutput, int cbOutput, int *cbDigest);
internal static extern SafeHmacHandle HmacCreate(PAL_HashAlgorithm algorithm, ref int cbDigest);