internal BCryptAuthenticatedSymmetricAlgorithm(CngAlgorithm algorithm,
CngProvider implementation,
KeySizes[] legalBlockSizes,
KeySizes[] legalKeySizes)
{
Debug.Assert(algorithm != null, "algorithm != null");
Debug.Assert(implementation != null, "implementation != null");
Debug.Assert(legalBlockSizes != null, "legalBlockSizes != null");
Debug.Assert(legalKeySizes != null, "legalKeySizes != null");
m_algorithm = algorithm;
m_implementation = implementation;
m_chainingMode = CngChainingMode.Gcm;
LegalBlockSizesValue = legalBlockSizes;
LegalKeySizesValue = legalKeySizes;
// Create a temporary algorithm handle so that we can query it for some properties - such as the
// block and tag sizes.
using (SafeBCryptAlgorithmHandle algorithmHandle = SetupAlgorithm())
{
// Get block size in bits
BlockSize = BCryptNative.GetInt32Property(algorithmHandle, BCryptNative.ObjectPropertyName.BlockLength) * 8;
UpdateLegalTagSizes(algorithmHandle);
}
}
internal BCryptHMAC(CngAlgorithm algorithm,
CngProvider algorithmProvider,
string hashName,
int blockSize,
byte[] key)
{
Debug.Assert(algorithm != null, "algorithm != null");
Debug.Assert(algorithmProvider != null, "algorithmProvider != null");
Debug.Assert(!String.IsNullOrEmpty(hashName), "!String.IsNullOrEmpty(hashName)");
Debug.Assert(blockSize > 0, "blockSize > 0");
Debug.Assert(key != null, "key != null");
BlockSizeValue = blockSize;
// We set the HashName up to be the CNG version of the hash, since the base type will instantiate
// the algorithm, and the CNG versions have different FIPS characteristics than the standard implementations.
HashName = String.Format(CultureInfo.InvariantCulture,
"System.Security.Cryptography.{0}Cng, {1}",
hashName,
typeof(SHA256Cng).Assembly.FullName);
m_implementation = algorithmProvider;
m_algorithm = BCryptNative.OpenAlgorithm(algorithm.Algorithm,
algorithmProvider.Provider,
BCryptNative.AlgorithmProviderOptions.HmacAlgorithm);
// Resetting the key will call Initialize for us, and get us setup with a hash handle,
// so we don't need to create the hash handle ourselves
Key = key;
HashSizeValue = BCryptNative.GetInt32Property(m_hash, BCryptNative.HashPropertyName.HashLength) * 8;
}
private SafeBCryptAlgorithmHandle SetupAlgorithm()
{
SafeBCryptAlgorithmHandle algorithmHandle = BCryptNative.OpenAlgorithm(m_algorithm.Algorithm, m_algorithmProvider.Provider);
// If we've selected a different block size than the default, set that now
if (BlockSize / 8 != BCryptNative.GetInt32Property(algorithmHandle, BCryptNative.ObjectPropertyName.BlockLength))
{
BCryptNative.SetInt32Property(algorithmHandle, BCryptNative.ObjectPropertyName.BlockLength, BlockSize / 8);
}
BCryptNative.SetStringProperty(algorithmHandle, BCryptNative.ObjectPropertyName.ChainingMode, m_chainingMode.ChainingMode);
return(algorithmHandle);
}
internal BCryptSymmetricCryptoTransform(SafeBCryptAlgorithmHandle algorithm,
byte[] key,
byte[] iv,
PaddingMode paddingMode,
bool encrypting)
{
Debug.Assert(algorithm != null, "algorithm != null");
Debug.Assert(!algorithm.IsClosed && !algorithm.IsInvalid, "!algorithm.IsClosed && !algorithm.IsInvalid");
Debug.Assert(key != null, "key != null");
m_algorithm = algorithm;
m_encrypting = encrypting;
m_paddingMode = BlockPaddingMethod.Create(paddingMode,
BCryptNative.GetInt32Property(algorithm, BCryptNative.ObjectPropertyName.BlockLength));
m_iv = ProcessIV(iv, BCryptNative.GetInt32Property(algorithm,
BCryptNative.ObjectPropertyName.BlockLength),
BCryptNative.MapChainingMode(BCryptNative.GetStringProperty(algorithm, BCryptNative.ObjectPropertyName.ChainingMode)));
m_key = BCryptNative.ImportSymmetricKey(algorithm, key);
}