public static CngKey Open(string keyName, CngProvider provider, CngKeyOpenOptions openOptions) { Contract.Ensures(Contract.Result <CngKey>() != null); if (keyName == null) { throw new ArgumentNullException("keyName"); } if (provider == null) { throw new ArgumentNullException("provider"); } // Make sure that NCrypt is supported on this platform if (!NCryptNative.NCryptSupported) { throw new PlatformNotSupportedException(SR.GetString(SR.Cryptography_PlatformNotSupported)); } // Ensure the user has access to the key name KeyContainerPermissionAccessEntry access = new KeyContainerPermissionAccessEntry(keyName, KeyContainerPermissionFlags.Open); access.ProviderName = provider.Provider; KeyContainerPermission permission = new KeyContainerPermission(KeyContainerPermissionFlags.NoFlags); permission.AccessEntries.Add(access); permission.Demand(); // Open the key SafeNCryptProviderHandle kspHandle = NCryptNative.OpenStorageProvider(provider.Provider); SafeNCryptKeyHandle keyHandle = NCryptNative.OpenKey(kspHandle, keyName, openOptions); return(new CngKey(kspHandle, keyHandle)); }
public static CngKey Create(CngAlgorithm algorithm, string?keyName, CngKeyCreationParameters?creationParameters) { ArgumentNullException.ThrowIfNull(algorithm); creationParameters ??= new CngKeyCreationParameters(); SafeNCryptProviderHandle providerHandle = creationParameters.Provider !.OpenStorageProvider(); SafeNCryptKeyHandle keyHandle; ErrorCode errorCode = Interop.NCrypt.NCryptCreatePersistedKey(providerHandle, out keyHandle, algorithm.Algorithm, keyName, 0, creationParameters.KeyCreationOptions); if (errorCode != ErrorCode.ERROR_SUCCESS) { // For ecc, the exception may be caught and re-thrown as PlatformNotSupportedException throw errorCode.ToCryptographicException(); } InitializeKeyProperties(keyHandle, creationParameters); errorCode = Interop.NCrypt.NCryptFinalizeKey(keyHandle, 0); if (errorCode != ErrorCode.ERROR_SUCCESS) { // For ecc, the exception may be caught and re-thrown as PlatformNotSupportedException throw errorCode.ToCryptographicException(); } CngKey key = new CngKey(providerHandle, keyHandle); // No name translates to an ephemeral key if (keyName == null) { key.IsEphemeral = true; } return(key); }
public static extern Int32 NCryptEnumAlgorithms( SafeNCryptProviderHandle hProvider, UInt32 dwAlgOperations, ref Int32 pdwAlgCount, ref IntPtr ppAlgList, UInt32 dwFlags );
/// <summary> /// Gets all key containers from Cng provider. /// </summary> /// <param name="containers">List of containers</param> /// <param name="hProvider">Provider handle</param> /// <param name="getMachineKeys">Indicates whether to obtain machine keys</param> internal static void GetContainersFromCngProvider(List <string> containers, SafeNCryptProviderHandle hProvider, bool getMachineKeys) { int flags = getMachineKeys ? NCryptMethods.NCRYPT_MACHINE_KEY_FLAG : 0; unsafe { void *enumState = null; int status; while (true) { // Potentially display a UI. status = NCryptMethods.NCryptEnumKeys(hProvider, null, out NCryptMethods.NCryptKeyName * keyName, ref enumState, flags); if (status == NCryptMethods.NTE_NO_MORE_ITEMS || status == NCryptMethods.NTE_BAD_FLAGS || // some providers don't support Machine keys status == NCryptMethods.SCARD_E_NO_READERS_AVAILABLE || status == NCryptMethods.SCARD_W_CANCELLED_BY_USER) { // Done with this provider, or the user cancelled the UI. break; } else if (status != 0) { // Failed to read this one, read the next key. continue; } containers.Add(keyName[0].Name); NCryptMethods.NCryptFreeBuffer(keyName); } } }
public static bool Exists(string keyName, CngProvider provider, CngKeyOpenOptions options) { bool flag2; if (keyName == null) { throw new ArgumentNullException("keyName"); } if (provider == null) { throw new ArgumentNullException("provider"); } if (!NCryptNative.NCryptSupported) { throw new PlatformNotSupportedException(System.SR.GetString("Cryptography_PlatformNotSupported")); } using (SafeNCryptProviderHandle handle = NCryptNative.OpenStorageProvider(provider.Provider)) { using (SafeNCryptKeyHandle handle2 = null) { NCryptNative.ErrorCode code = NCryptNative.UnsafeNativeMethods.NCryptOpenKey(handle, out handle2, keyName, 0, options); bool flag = (code == NCryptNative.ErrorCode.KeyDoesNotExist) || (code == NCryptNative.ErrorCode.NotFound); if ((code != NCryptNative.ErrorCode.Success) && !flag) { throw new CryptographicException((int)code); } flag2 = code == NCryptNative.ErrorCode.Success; } } return(flag2); }
public static extern Int32 NCryptOpenKey( [In] SafeNCryptProviderHandle hProvider, [Out] out SafeNCryptKeyHandle phKey, [MarshalAs(UnmanagedType.LPWStr)][In] String pszKeyName, [In] UInt32 dwLegacyKeySpec, [In] UInt32 dwFlags );
public static CngKey Import(byte[] keyBlob, CngKeyBlobFormat format, CngProvider provider) { if (keyBlob == null) { throw new ArgumentNullException("keyBlob"); } if (format == null) { throw new ArgumentNullException("format"); } if (provider == null) { throw new ArgumentNullException("provider"); } if (!NCryptNative.NCryptSupported) { throw new PlatformNotSupportedException(System.SR.GetString("Cryptography_PlatformNotSupported")); } if ((format != CngKeyBlobFormat.EccPublicBlob) && (format != CngKeyBlobFormat.GenericPublicBlob)) { new KeyContainerPermission(KeyContainerPermissionFlags.Import).Demand(); } SafeNCryptProviderHandle kspHandle = NCryptNative.OpenStorageProvider(provider.Provider); return(new CngKey(kspHandle, NCryptNative.ImportKey(kspHandle, keyBlob, format.Format)) { IsEphemeral = format != CngKeyBlobFormat.OpaqueTransportBlob }); }
public static CngKey Open(string keyName, CngProvider provider, CngKeyOpenOptions openOptions) { if (keyName == null) { throw new ArgumentNullException("keyName"); } if (provider == null) { throw new ArgumentNullException("provider"); } if (!NCryptNative.NCryptSupported) { throw new PlatformNotSupportedException(System.SR.GetString("Cryptography_PlatformNotSupported")); } KeyContainerPermissionAccessEntry accessEntry = new KeyContainerPermissionAccessEntry(keyName, KeyContainerPermissionFlags.Open) { ProviderName = provider.Provider }; KeyContainerPermission permission = new KeyContainerPermission(KeyContainerPermissionFlags.NoFlags); permission.AccessEntries.Add(accessEntry); permission.Demand(); SafeNCryptProviderHandle kspHandle = NCryptNative.OpenStorageProvider(provider.Provider); return(new CngKey(kspHandle, NCryptNative.OpenKey(kspHandle, keyName, openOptions))); }
public static bool Exists(string keyName, CngProvider provider, CngKeyOpenOptions options) { ArgumentNullException.ThrowIfNull(keyName); ArgumentNullException.ThrowIfNull(provider); using (SafeNCryptProviderHandle providerHandle = provider.OpenStorageProvider()) { SafeNCryptKeyHandle?keyHandle = null; try { ErrorCode errorCode = Interop.NCrypt.NCryptOpenKey(providerHandle, out keyHandle, keyName, 0, options); if (errorCode == ErrorCode.NTE_BAD_KEYSET) { return(false); } if (errorCode != ErrorCode.ERROR_SUCCESS) { throw errorCode.ToCryptographicException(); } return(true); } finally { if (keyHandle != null) { keyHandle.Dispose(); } } } }
public static CngKey Import(byte[] keyBlob, CngKeyBlobFormat format, CngProvider provider) { if (keyBlob == null) { throw new ArgumentNullException(nameof(keyBlob)); } if (format == null) { throw new ArgumentNullException(nameof(format)); } if (provider == null) { throw new ArgumentNullException(nameof(provider)); } SafeNCryptProviderHandle providerHandle = provider.OpenStorageProvider(); SafeNCryptKeyHandle keyHandle; ErrorCode errorCode = Interop.NCrypt.NCryptImportKey(providerHandle, IntPtr.Zero, format.Format, IntPtr.Zero, out keyHandle, keyBlob, keyBlob.Length, 0); if (errorCode != ErrorCode.ERROR_SUCCESS) { throw errorCode.ToCryptographicException(); } CngKey key = new CngKey(providerHandle, keyHandle); // We can't tell directly if an OpaqueTransport blob imported as an ephemeral key or not key.IsEphemeral = format != CngKeyBlobFormat.OpaqueTransportBlob; return(key); }
private static extern SECURITY_STATUS NCryptCreatePersistedKey( SafeNCryptProviderHandle hProvider, [Out] out SafeNCryptKeyHandle phKey, string pszAlgId, string pszKeyName, int dwLegacyKeySpec, CngKeyCreationOptions dwFlags);
internal static SafeNCryptKeyHandle ImportKeyBlob( string blobType, ReadOnlySpan <byte> keyBlob, string curveName, SafeNCryptProviderHandle provider) { ErrorCode errorCode; SafeNCryptKeyHandle keyHandle; using (SafeUnicodeStringHandle safeCurveName = new SafeUnicodeStringHandle(curveName)) { var desc = new Interop.BCrypt.BCryptBufferDesc(); var buff = new Interop.BCrypt.BCryptBuffer(); IntPtr descPtr = IntPtr.Zero; IntPtr buffPtr = IntPtr.Zero; try { descPtr = Marshal.AllocHGlobal(Marshal.SizeOf(desc)); buffPtr = Marshal.AllocHGlobal(Marshal.SizeOf(buff)); buff.cbBuffer = (curveName.Length + 1) * 2; // Add 1 for null terminator buff.BufferType = Interop.BCrypt.NCryptBufferDescriptors.NCRYPTBUFFER_ECC_CURVE_NAME; buff.pvBuffer = safeCurveName.DangerousGetHandle(); Marshal.StructureToPtr(buff, buffPtr, false); desc.cBuffers = 1; desc.pBuffers = buffPtr; desc.ulVersion = Interop.BCrypt.BCRYPTBUFFER_VERSION; Marshal.StructureToPtr(desc, descPtr, false); errorCode = Interop.NCrypt.NCryptImportKey( provider, IntPtr.Zero, blobType, descPtr, out keyHandle, ref MemoryMarshal.GetReference(keyBlob), keyBlob.Length, 0); } finally { Marshal.FreeHGlobal(descPtr); Marshal.FreeHGlobal(buffPtr); } } if (errorCode != ErrorCode.ERROR_SUCCESS) { Exception e = errorCode.ToCryptographicException(); if (errorCode == ErrorCode.NTE_INVALID_PARAMETER) { throw new PlatformNotSupportedException(string.Format(SR.Cryptography_CurveNotSupported, curveName), e); } throw e; } return(keyHandle); }
internal static extern int NCryptImportKey(SafeNCryptProviderHandle hProvider, IntPtr hImportKey, [MarshalAs(UnmanagedType.LPWStr)] string pszBlobType, [In, MarshalAs(UnmanagedType.LPArray)] byte[] pParameterList, out SafeNCryptKeyHandle phKey, [In, MarshalAs(UnmanagedType.LPArray)] byte[] pbData, int cbData, int dwFlags);
private CngKey(SafeNCryptProviderHandle providerHandle, SafeNCryptKeyHandle keyHandle) { Debug.Assert(keyHandle != null && !keyHandle.IsInvalid && !keyHandle.IsClosed); Debug.Assert(providerHandle != null && !providerHandle.IsInvalid && !providerHandle.IsClosed); _providerHandle = providerHandle; _keyHandle = keyHandle; }
internal static extern int NCryptImportKey( SafeNCryptProviderHandle hProvider, IntPtr hImportKey, // NCRYPT_KEY_HANDLE string pszBlobType, IntPtr pParameterList, // NCryptBufferDesc * [Out] out SafeNCryptKeyHandle phKey, [MarshalAs(UnmanagedType.LPArray)] byte[] pbData, int cbData, int dwFlags);
public static extern int NCryptImportKey( SafeNCryptProviderHandle hProvider, IntPtr hImportKey, string pszBlobType, ref NCryptBufferDesc pParameterList, out SafeNCryptKeyHandle phKey, IntPtr pbData, int cbData, NCryptImportFlags dwFlags);
internal static SafeNCryptKeyHandle ImportKeyBlob( string blobType, byte[] keyBlob, string curveName, SafeNCryptProviderHandle provider) { SafeNCryptKeyHandle keyHandle; var desc = new Interop.BCrypt.BCryptBufferDesc(); var buff = new Interop.BCrypt.BCryptBuffer(); IntPtr descPtr = IntPtr.Zero; IntPtr buffPtr = IntPtr.Zero; IntPtr curveNamePtr = IntPtr.Zero; try { curveNamePtr = Marshal.StringToHGlobalUni(curveName); descPtr = Marshal.AllocHGlobal(Marshal.SizeOf(desc)); buffPtr = Marshal.AllocHGlobal(Marshal.SizeOf(buff)); buff.cbBuffer = (curveName.Length + 1) * 2; // Add 1 for null terminator buff.BufferType = Interop.BCrypt.NCryptBufferDescriptors.NCRYPTBUFFER_ECC_CURVE_NAME; buff.pvBuffer = curveNamePtr; Marshal.StructureToPtr(buff, buffPtr, false); desc.cBuffers = 1; desc.pBuffers = buffPtr; desc.ulVersion = Interop.BCrypt.BCRYPTBUFFER_VERSION; Marshal.StructureToPtr(desc, descPtr, false); keyHandle = NCryptNative.ImportKey( provider, keyBlob, blobType, descPtr); } catch (CryptographicException e) { if (e.HResult == (int)ErrorCode.NTE_INVALID_PARAMETER) { throw new PlatformNotSupportedException( SR.GetString(SR.Cryptography_CurveNotSupported, curveName), e); } throw; } finally { Marshal.FreeHGlobal(descPtr); Marshal.FreeHGlobal(buffPtr); Marshal.FreeHGlobal(curveNamePtr); } return(keyHandle); }
public static IEnumerable <CngKey> GetKeys(this CngProvider provider, CngKeyOpenOptions openOptions) { using (SafeNCryptProviderHandle providerHandle = provider.OpenProvider()) { foreach (var key in NCryptNative.EnumerateKeys(providerHandle, openOptions)) { yield return(CngKey.Open(key.pszName, provider)); } } }
private CngKey(SafeNCryptProviderHandle kspHandle, SafeNCryptKeyHandle keyHandle) { Contract.Requires(keyHandle != null && !keyHandle.IsInvalid && !keyHandle.IsClosed); Contract.Requires(kspHandle != null && !kspHandle.IsInvalid && !kspHandle.IsClosed); Contract.Ensures(m_keyHandle != null && !m_keyHandle.IsInvalid && !m_keyHandle.IsClosed); Contract.Ensures(kspHandle != null && !kspHandle.IsInvalid && !kspHandle.IsClosed); m_keyHandle = keyHandle; m_kspHandle = kspHandle; }
internal static CngKey Import(byte[] keyBlob, string curveName, CngKeyBlobFormat format, CngProvider provider) { Contract.Ensures(Contract.Result <CngKey>() != null); if (keyBlob == null) { throw new ArgumentNullException("keyBlob"); } if (format == null) { throw new ArgumentNullException("format"); } if (provider == null) { throw new ArgumentNullException("provider"); } // Make sure that NCrypt is supported on this platform if (!NCryptNative.NCryptSupported) { throw new PlatformNotSupportedException(SR.GetString(SR.Cryptography_PlatformNotSupported)); } // If we don't know for sure that the key will be ephemeral, then we need to demand Import // permission. Since we won't know the name of the key until it's too late, we demand a full Import // rather than one scoped to the key. bool safeKeyImport = format == CngKeyBlobFormat.EccPublicBlob || format == CngKeyBlobFormat.EccFullPublicBlob || format == CngKeyBlobFormat.GenericPublicBlob; if (!safeKeyImport) { new KeyContainerPermission(KeyContainerPermissionFlags.Import).Demand(); } // Import the key into the KSP SafeNCryptProviderHandle kspHandle = NCryptNative.OpenStorageProvider(provider.Provider); SafeNCryptKeyHandle keyHandle; if (curveName == null) { keyHandle = NCryptNative.ImportKey(kspHandle, keyBlob, format.Format); } else { keyHandle = ECCng.ImportKeyBlob(format.Format, keyBlob, curveName, kspHandle); } // Prepare the key for use CngKey key = new CngKey(kspHandle, keyHandle); // We can't tell directly if an OpaqueTransport blob imported as an ephemeral key or not key.IsEphemeral = format != CngKeyBlobFormat.OpaqueTransportBlob; return(key); }
public static CngKey Create(CngAlgorithm algorithm, string keyName, CngKeyCreationParameters creationParameters) { Contract.Ensures(Contract.Result <CngKey>() != null); if (algorithm == null) { throw new ArgumentNullException("algorithm"); } if (creationParameters == null) { creationParameters = new CngKeyCreationParameters(); } // Make sure that NCrypt is supported on this platform if (!NCryptNative.NCryptSupported) { throw new PlatformNotSupportedException(SR.GetString(SR.Cryptography_PlatformNotSupported)); } // If we're not creating an ephemeral key, then we need to ensure the user has access to the key name if (keyName != null) { KeyContainerPermissionAccessEntry access = new KeyContainerPermissionAccessEntry(keyName, KeyContainerPermissionFlags.Create); access.ProviderName = creationParameters.Provider.Provider; KeyContainerPermission permission = new KeyContainerPermission(KeyContainerPermissionFlags.NoFlags); permission.AccessEntries.Add(access); permission.Demand(); } // // Create the native handles representing the new key, setup the creation parameters on it, and // finalize it for use. // SafeNCryptProviderHandle kspHandle = NCryptNative.OpenStorageProvider(creationParameters.Provider.Provider); SafeNCryptKeyHandle keyHandle = NCryptNative.CreatePersistedKey(kspHandle, algorithm.Algorithm, keyName, creationParameters.KeyCreationOptions); SetKeyProperties(keyHandle, creationParameters); NCryptNative.FinalizeKey(keyHandle); CngKey key = new CngKey(kspHandle, keyHandle); // No name translates to an ephemeral key if (keyName == null) { key.IsEphemeral = true; } return(key); }
public static IEnumerable <CngAlgorithm> GetSupportedAlgorithms(this CngProvider provider, NCryptAlgorithmOperations operations) { using (SafeNCryptProviderHandle providerHandle = provider.OpenProvider()) { foreach (NCryptNative.NCryptAlgorithmName algorithm in NCryptNative.EnumerateAlgorithms(providerHandle, operations)) { yield return(new CngAlgorithm(algorithm.pszName)); } } }
public static extern Int32 NCryptImportKey( [In] SafeNCryptProviderHandle hProvider, [In, Optional] IntPtr hImportKey, [MarshalAs(UnmanagedType.LPWStr)] [In] String pszBlobType, [In, Optional] IntPtr pParameterList, [Out] out SafeNCryptKeyHandle phKey, [In] Byte[] pbData, [In] Int32 cbData, [In] UInt32 dwFlags );
internal static SafeNCryptKeyHandle OpenKey(SafeNCryptProviderHandle provider, string name, CngKeyOpenOptions options) { SafeNCryptKeyHandle phKey = null; ErrorCode code = UnsafeNativeMethods.NCryptOpenKey(provider, out phKey, name, 0, options); if (code != ErrorCode.Success) { throw new CryptographicException((int)code); } return(phKey); }
internal static SafeNCryptKeyHandle ImportKey(SafeNCryptProviderHandle provider, byte[] keyBlob, string format) { SafeNCryptKeyHandle phKey = null; ErrorCode code = UnsafeNativeMethods.NCryptImportKey(provider, IntPtr.Zero, format, IntPtr.Zero, out phKey, keyBlob, keyBlob.Length, 0); if (code != ErrorCode.Success) { throw new CryptographicException((int)code); } return(phKey); }
internal static unsafe CngKey ImportEncryptedPkcs8( ReadOnlySpan <byte> keyBlob, ReadOnlySpan <char> password, CngProvider provider) { SafeNCryptProviderHandle providerHandle = provider.OpenStorageProvider(); SafeNCryptKeyHandle keyHandle; using (SafeUnicodeStringHandle passwordHandle = new SafeUnicodeStringHandle(password)) { Interop.NCrypt.NCryptBuffer *buffers = stackalloc Interop.NCrypt.NCryptBuffer[1]; buffers[0] = new Interop.NCrypt.NCryptBuffer { BufferType = Interop.NCrypt.BufferType.PkcsSecret, cbBuffer = checked (2 * (password.Length + 1)), pvBuffer = passwordHandle.DangerousGetHandle(), }; if (buffers[0].pvBuffer == IntPtr.Zero) { buffers[0].cbBuffer = 0; } Interop.NCrypt.NCryptBufferDesc desc = new Interop.NCrypt.NCryptBufferDesc { cBuffers = 1, pBuffers = (IntPtr)buffers, ulVersion = 0, }; ErrorCode errorCode = Interop.NCrypt.NCryptImportKey( providerHandle, IntPtr.Zero, Interop.NCrypt.NCRYPT_PKCS8_PRIVATE_KEY_BLOB, ref desc, out keyHandle, ref MemoryMarshal.GetReference(keyBlob), keyBlob.Length, 0); if (errorCode != ErrorCode.ERROR_SUCCESS) { keyHandle.Dispose(); providerHandle.Dispose(); throw errorCode.ToCryptographicException(); } } CngKey key = new CngKey(providerHandle, keyHandle); key.IsEphemeral = true; return(key); }
internal static CngKey Import( ReadOnlySpan <byte> keyBlob, string?curveName, CngKeyBlobFormat format, CngProvider provider) { ArgumentNullException.ThrowIfNull(format); ArgumentNullException.ThrowIfNull(provider); SafeNCryptProviderHandle providerHandle = provider.OpenStorageProvider(); SafeNCryptKeyHandle? keyHandle = null; try { ErrorCode errorCode; if (curveName == null) { errorCode = Interop.NCrypt.NCryptImportKey( providerHandle, IntPtr.Zero, format.Format, IntPtr.Zero, out keyHandle, ref MemoryMarshal.GetReference(keyBlob), keyBlob.Length, 0); if (errorCode != ErrorCode.ERROR_SUCCESS) { providerHandle.Dispose(); keyHandle.Dispose(); throw errorCode.ToCryptographicException(); } } else { keyHandle = ECCng.ImportKeyBlob(format.Format, keyBlob, curveName, providerHandle); } CngKey key = new CngKey(providerHandle, keyHandle); // We can't tell directly if an OpaqueTransport blob imported as an ephemeral key or not key.IsEphemeral = format != CngKeyBlobFormat.OpaqueTransportBlob; return(key); } catch { keyHandle?.Dispose(); providerHandle.Dispose(); throw; } }
internal static SafeNCryptProviderHandle OpenStorageProvider(string providerName) { SafeNCryptProviderHandle phProvider = null; ErrorCode code = UnsafeNativeMethods.NCryptOpenStorageProvider(out phProvider, providerName, 0); if (code != ErrorCode.Success) { throw new CryptographicException((int)code); } return(phProvider); }
internal static CngKey OpenNoDuplicate(SafeNCryptKeyHandle keyHandle, CngKeyHandleOpenOptions keyHandleOpenOptions) { SafeNCryptProviderHandle?providerHandle = null; try { // Get a handle to the key's provider. providerHandle = new SafeNCryptProviderHandle(); IntPtr rawProviderHandle = keyHandle.GetPropertyAsIntPtr(KeyPropertyName.ProviderHandle, CngPropertyOptions.None); Marshal.InitHandle(providerHandle, rawProviderHandle); // If we're wrapping a handle to an ephemeral key, we need to make sure that IsEphemeral is // set up to return true. In the case that the handle is for an ephemeral key that was created // by the CLR, then we don't have anything to do as the IsEphemeral CLR property will already // be setup. However, if the key was created outside of the CLR we will need to setup our // ephemeral detection property. // // This enables consumers of CngKey objects to always be able to rely on the result of // calling IsEphemeral, and also allows them to safely access the Name property. // // Finally, if we detect that this is an ephemeral key that the CLR created but we were not // told that it was an ephemeral key we'll throw an exception. This prevents us from having // to decide who to believe -- the key property or the caller of the API. Since other code // relies on the ephemeral flag being set properly to avoid tripping over bugs in CNG, we // need to reject the case that we suspect that the flag is incorrect. var key = new CngKey(providerHandle, keyHandle); bool openingEphemeralKey = (keyHandleOpenOptions & CngKeyHandleOpenOptions.EphemeralKey) == CngKeyHandleOpenOptions.EphemeralKey; if (!key.IsEphemeral) { if (openingEphemeralKey) { key.IsEphemeral = true; } } else if (!openingEphemeralKey) { throw new ArgumentException(SR.Cryptography_OpenEphemeralKeyHandleWithoutEphemeralFlag, nameof(keyHandleOpenOptions)); } return(key); } catch { // Make sure that we don't leak the handles providerHandle?.Dispose(); keyHandle.Dispose(); throw; } }
internal static NCryptKeyName[] EnumerateKeys(SafeNCryptProviderHandle provider, CngKeyOpenOptions openOptions) { Debug.Assert(provider != null && !provider.IsClosed && !provider.IsInvalid, "Invalid provider"); IntPtr enumState = IntPtr.Zero; SafeNCryptBuffer algorithmBuffer = null; RuntimeHelpers.PrepareConstrainedRegions(); try { List <NCryptKeyName> keys = new List <NCryptKeyName>(); ErrorCode enumStatus = ErrorCode.Success; // Loop over the NCryptEnumKeys until it tells us that there are no more keys to enumerate do { enumStatus = UnsafeNativeMethods.NCryptEnumKeys(provider, null, out algorithmBuffer, ref enumState, openOptions); if (enumStatus == ErrorCode.Success) { keys.Add(algorithmBuffer.ReadArray <NCryptKeyName>(0)); } else if (enumStatus != ErrorCode.NoMoreItems) { throw new CryptographicException((int)enumStatus); } }while (enumStatus == ErrorCode.Success); return(keys.ToArray()); } finally { if (enumState != IntPtr.Zero) { UnsafeNativeMethods.NCryptFreeBuffer(enumState); } if (algorithmBuffer != null) { algorithmBuffer.Dispose(); } } }