コード例 #1
0
        internal override unsafe NCryptKeyOrCryptProviderSafeHandle OpenExisting(string keyName, out KeySpec keySpec)
        {
            keySpec = KeySpec.NONE;
            const int DOES_NOT_EXIST = unchecked ((int)0x80090016);
            NCryptKeyOrCryptProviderSafeHandle provider;

            if (!AdvApi32.CryptAcquireContext(out provider, keyName, _providerName, ProviderType.PROV_RSA_AES, 0u))
            {
                var result = Marshal.GetLastWin32Error();
                if (result == DOES_NOT_EXIST)
                {
                    return(null);
                }
                throw new Win32Exception(Marshal.GetLastWin32Error());
            }
            const uint PP_KEYSPEC    = 0x27;
            uint *     keySpecBuffer = stackalloc uint[1];
            var        dataLength    = (uint)Marshal.SizeOf(typeof(uint));

            if (!AdvApi32.CryptGetProvParam(provider, PP_KEYSPEC, keySpecBuffer, ref dataLength, 0u))
            {
                throw new Win32Exception(Marshal.GetLastWin32Error());
            }
            keySpec = (KeySpec)(*keySpecBuffer);
            return(provider);
        }
コード例 #2
0
        internal override NCryptKeyOrCryptProviderSafeHandle CreateKey(string keyName, int keySize, Algorithm algorithm, bool overwrite, KeyUsage keyUsage, out KeySpec keySpec)
        {
            const int ALREADY_EXISTS = unchecked ((int)0x8009000f);

            if (algorithm != Algorithm.RSA)
            {
                throw new ArgumentException("CAPI does not support algorithms other than RSA.", nameof(algorithm));
            }
            NCryptKeyOrCryptProviderSafeHandle provider;

            if (!AdvApi32.CryptAcquireContext(out provider, keyName, _providerName, ProviderType.PROV_RSA_AES, CryptAcquireContextFlags.CRYPT_NEWKEYSET))
            {
                var lastError = Marshal.GetLastWin32Error();
                if (lastError == ALREADY_EXISTS && overwrite)
                {
                    if (!AdvApi32.CryptAcquireContext(out provider, keyName, _providerName, ProviderType.PROV_RSA_AES, CryptAcquireContextFlags.CRYPT_DELETEKEYSET))
                    {
                        throw new Win32Exception(Marshal.GetLastWin32Error());
                    }
                    if (!AdvApi32.CryptAcquireContext(out provider, keyName, _providerName, ProviderType.PROV_RSA_AES, CryptAcquireContextFlags.CRYPT_NEWKEYSET))
                    {
                        throw new Win32Exception(Marshal.GetLastWin32Error());
                    }
                }
                else
                {
                    throw new Win32Exception(Marshal.GetLastWin32Error());
                }
            }
            var flags        = CryptGenKeyFlags.CRYPT_EXPORTABLE;
            var keySizeFlags = ((uint)keySize & 0xFFFFU) << 16;
            var genKeyFlags  = ((ushort)flags) | keySizeFlags;
            CryptKeySafeHandle key;
            KeySpec            algorithmKeySpec;

            switch (keyUsage)
            {
            case KeyUsage.KeyExchange:
                algorithmKeySpec = KeySpec.AT_KEYEXCHANGE;
                break;

            case KeyUsage.Signature:
                algorithmKeySpec = KeySpec.AT_SIGNATURE;
                break;

            default:
                throw new ArgumentException(nameof(keyUsage));
            }
            if (!AdvApi32.CryptGenKey(provider, algorithmKeySpec, genKeyFlags, out key))
            {
                throw new Win32Exception(Marshal.GetLastWin32Error());
            }
            key.Close();
            keySpec = algorithmKeySpec;
            return(provider);
        }