public static CngKey Import(byte[] keyBlob, CngKeyBlobFormat format, CngProvider provider)
{
if (keyBlob == null)
{
throw new ArgumentNullException("keyBlob");
}
if (format == null)
{
throw new ArgumentNullException("format");
}
if (provider == null)
{
throw new ArgumentNullException("provider");
}
if (!NCryptNative.NCryptSupported)
{
throw new PlatformNotSupportedException(System.SR.GetString("Cryptography_PlatformNotSupported"));
}
if ((format != CngKeyBlobFormat.EccPublicBlob) && (format != CngKeyBlobFormat.GenericPublicBlob))
{
new KeyContainerPermission(KeyContainerPermissionFlags.Import).Demand();
}
SafeNCryptProviderHandle kspHandle = NCryptNative.OpenStorageProvider(provider.Provider);
return(new CngKey(kspHandle, NCryptNative.ImportKey(kspHandle, keyBlob, format.Format))
{
IsEphemeral = format != CngKeyBlobFormat.OpaqueTransportBlob
});
}
internal static SafeNCryptKeyHandle ImportKeyBlob(
string blobType,
byte[] keyBlob,
string curveName,
SafeNCryptProviderHandle provider)
{
SafeNCryptKeyHandle keyHandle;
var desc = new Interop.BCrypt.BCryptBufferDesc();
var buff = new Interop.BCrypt.BCryptBuffer();
IntPtr descPtr = IntPtr.Zero;
IntPtr buffPtr = IntPtr.Zero;
IntPtr curveNamePtr = IntPtr.Zero;
try
{
curveNamePtr = Marshal.StringToHGlobalUni(curveName);
descPtr = Marshal.AllocHGlobal(Marshal.SizeOf(desc));
buffPtr = Marshal.AllocHGlobal(Marshal.SizeOf(buff));
buff.cbBuffer = (curveName.Length + 1) * 2; // Add 1 for null terminator
buff.BufferType = Interop.BCrypt.NCryptBufferDescriptors.NCRYPTBUFFER_ECC_CURVE_NAME;
buff.pvBuffer = curveNamePtr;
Marshal.StructureToPtr(buff, buffPtr, false);
desc.cBuffers = 1;
desc.pBuffers = buffPtr;
desc.ulVersion = Interop.BCrypt.BCRYPTBUFFER_VERSION;
Marshal.StructureToPtr(desc, descPtr, false);
keyHandle = NCryptNative.ImportKey(
provider,
keyBlob,
blobType,
descPtr);
}
catch (CryptographicException e)
{
if (e.HResult == (int)ErrorCode.NTE_INVALID_PARAMETER)
{
throw new PlatformNotSupportedException(
SR.GetString(SR.Cryptography_CurveNotSupported, curveName),
e);
}
throw;
}
finally
{
Marshal.FreeHGlobal(descPtr);
Marshal.FreeHGlobal(buffPtr);
Marshal.FreeHGlobal(curveNamePtr);
}
return(keyHandle);
}
internal static CngKey Import(byte[] keyBlob, string curveName, CngKeyBlobFormat format, CngProvider provider)
{
Contract.Ensures(Contract.Result <CngKey>() != null);
if (keyBlob == null)
{
throw new ArgumentNullException("keyBlob");
}
if (format == null)
{
throw new ArgumentNullException("format");
}
if (provider == null)
{
throw new ArgumentNullException("provider");
}
// Make sure that NCrypt is supported on this platform
if (!NCryptNative.NCryptSupported)
{
throw new PlatformNotSupportedException(SR.GetString(SR.Cryptography_PlatformNotSupported));
}
// If we don't know for sure that the key will be ephemeral, then we need to demand Import
// permission. Since we won't know the name of the key until it's too late, we demand a full Import
// rather than one scoped to the key.
bool safeKeyImport = format == CngKeyBlobFormat.EccPublicBlob ||
format == CngKeyBlobFormat.EccFullPublicBlob ||
format == CngKeyBlobFormat.GenericPublicBlob;
if (!safeKeyImport)
{
new KeyContainerPermission(KeyContainerPermissionFlags.Import).Demand();
}
// Import the key into the KSP
SafeNCryptProviderHandle kspHandle = NCryptNative.OpenStorageProvider(provider.Provider);
SafeNCryptKeyHandle keyHandle;
if (curveName == null)
{
keyHandle = NCryptNative.ImportKey(kspHandle, keyBlob, format.Format);
}
else
{
keyHandle = ECCng.ImportKeyBlob(format.Format, keyBlob, curveName, kspHandle);
}
// Prepare the key for use
CngKey key = new CngKey(kspHandle, keyHandle);
// We can't tell directly if an OpaqueTransport blob imported as an ephemeral key or not
key.IsEphemeral = format != CngKeyBlobFormat.OpaqueTransportBlob;
return(key);
}