/// <summary>
/// Setup the key properties specified in the key creation parameters
/// </summary>
private static void InitializeKeyProperties(SafeNCryptKeyHandle keyHandle, CngKeyCreationParameters creationParameters)
{
unsafe
{
if (creationParameters.ExportPolicy.HasValue)
{
CngExportPolicies exportPolicy = creationParameters.ExportPolicy.Value;
keyHandle.SetExportPolicy(exportPolicy);
}
if (creationParameters.KeyUsage.HasValue)
{
CngKeyUsages keyUsage = creationParameters.KeyUsage.Value;
ErrorCode errorCode = Interop.NCrypt.NCryptSetProperty(keyHandle, KeyPropertyName.KeyUsage, &keyUsage, sizeof(CngKeyUsages), CngPropertyOptions.Persist);
if (errorCode != ErrorCode.ERROR_SUCCESS)
{
throw errorCode.ToCryptographicException();
}
}
if (creationParameters.ParentWindowHandle != IntPtr.Zero)
{
IntPtr parentWindowHandle = creationParameters.ParentWindowHandle;
ErrorCode errorCode = Interop.NCrypt.NCryptSetProperty(keyHandle, KeyPropertyName.ParentWindowHandle, &parentWindowHandle, sizeof(IntPtr), CngPropertyOptions.None);
if (errorCode != ErrorCode.ERROR_SUCCESS)
{
throw errorCode.ToCryptographicException();
}
}
CngUIPolicy uiPolicy = creationParameters.UIPolicy;
if (uiPolicy != null)
{
InitializeKeyUiPolicyProperties(keyHandle, uiPolicy);
}
// Iterate over the custom properties, setting those as well.
foreach (CngProperty property in creationParameters.Parameters)
{
byte[] value = property.GetValueWithoutCopying();
int valueLength = (value == null) ? 0 : value.Length;
fixed(byte *pValue = value.MapZeroLengthArrayToNonNullPointer())
{
ErrorCode errorCode = Interop.NCrypt.NCryptSetProperty(keyHandle, property.Name, pValue, valueLength, property.Options);
if (errorCode != ErrorCode.ERROR_SUCCESS)
{
throw errorCode.ToCryptographicException();
}
}
}
}
}
/// <summary>
/// Setup the UIPolicy key properties specified in the key creation parameters
/// </summary>
private static void InitializeKeyUiPolicyProperties(SafeNCryptKeyHandle keyHandle, CngUIPolicy uiPolicy)
{
unsafe
{
fixed(char *pinnedCreationTitle = uiPolicy.CreationTitle,
pinnedFriendlyName = uiPolicy.FriendlyName,
pinnedDescription = uiPolicy.Description)
{
NCRYPT_UI_POLICY ncryptUiPolicy = new NCRYPT_UI_POLICY()
{
dwVersion = 1,
dwFlags = uiPolicy.ProtectionLevel,
pszCreationTitle = new IntPtr(pinnedCreationTitle),
pszFriendlyName = new IntPtr(pinnedFriendlyName),
pszDescription = new IntPtr(pinnedDescription),
};
ErrorCode errorCode = Interop.NCrypt.NCryptSetProperty(keyHandle, KeyPropertyName.UIPolicy, &ncryptUiPolicy, sizeof(NCRYPT_UI_POLICY), CngPropertyOptions.Persist);
if (errorCode != ErrorCode.ERROR_SUCCESS)
{
throw errorCode.ToCryptographicException();
}
}
string useContext = uiPolicy.UseContext;
if (useContext != null)
{
int useContextByteLength = checked ((useContext.Length + 1) * sizeof(char));
fixed(char *pinnedUseContext = useContext)
{
ErrorCode errorCode = Interop.NCrypt.NCryptSetProperty(keyHandle, KeyPropertyName.UseContext, pinnedUseContext, useContextByteLength, CngPropertyOptions.Persist);
if (errorCode != ErrorCode.ERROR_SUCCESS)
{
throw errorCode.ToCryptographicException();
}
}
}
}
}
/// <summary>
/// Setup the UIPolicy key properties specified in the key creation parameters
/// </summary>
private static void InitializeKeyUiPolicyProperties(SafeNCryptKeyHandle keyHandle, CngUIPolicy uiPolicy)
{
unsafe
{
fixed (char* pinnedCreationTitle = uiPolicy.CreationTitle,
pinnedFriendlyName = uiPolicy.FriendlyName,
pinnedDescription = uiPolicy.Description)
{
NCRYPT_UI_POLICY ncryptUiPolicy = new NCRYPT_UI_POLICY()
{
dwVersion = 1,
dwFlags = uiPolicy.ProtectionLevel,
pszCreationTitle = new IntPtr(pinnedCreationTitle),
pszFriendlyName = new IntPtr(pinnedFriendlyName),
pszDescription = new IntPtr(pinnedDescription),
};
ErrorCode errorCode = Interop.NCrypt.NCryptSetProperty(keyHandle, KeyPropertyName.UIPolicy, &ncryptUiPolicy, sizeof(NCRYPT_UI_POLICY), CngPropertyOptions.Persist);
if (errorCode != ErrorCode.ERROR_SUCCESS)
throw errorCode.ToCryptographicException();
}
string useContext = uiPolicy.UseContext;
if (useContext != null)
{
int useContextByteLength = checked((useContext.Length + 1) * sizeof(char));
fixed (char* pinnedUseContext = useContext)
{
ErrorCode errorCode = Interop.NCrypt.NCryptSetProperty(keyHandle, KeyPropertyName.UseContext, pinnedUseContext, useContextByteLength, CngPropertyOptions.Persist);
if (errorCode != ErrorCode.ERROR_SUCCESS)
throw errorCode.ToCryptographicException();
}
}
}
}
