public static Key Import(
Algorithm algorithm,
ReadOnlySpan <byte> blob,
KeyBlobFormat format,
KeyExportPolicies exportPolicy = KeyExportPolicies.None)
{
if (algorithm == null)
{
throw Error.ArgumentNull_Algorithm(nameof(algorithm));
}
SecureMemoryHandle keyHandle = null;
byte[] publicKeyBytes = null;
bool success = false;
try
{
success = algorithm.TryImportKey(blob, format, out keyHandle, out publicKeyBytes);
}
finally
{
if (!success && keyHandle != null)
{
keyHandle.Dispose();
}
}
if (!success)
{
throw Error.Format_InvalidBlob();
}
return(new Key(algorithm, exportPolicy, keyHandle, publicKeyBytes));
}
public Key DeriveKey(
SharedSecret sharedSecret,
ReadOnlySpan <byte> salt,
ReadOnlySpan <byte> info,
Algorithm algorithm,
KeyExportPolicies exportPolicy = KeyExportPolicies.None)
{
if (sharedSecret == null)
{
throw Error.ArgumentNull_SharedSecret(nameof(sharedSecret));
}
if (!_supportsSalt && !salt.IsEmpty)
{
throw Error.Argument_SaltNotSupported(nameof(salt));
}
if (algorithm == null)
{
throw Error.ArgumentNull_Algorithm(nameof(algorithm));
}
int seedSize = algorithm.GetDefaultSeedSize();
if (seedSize > MaxOutputSize)
{
throw Error.NotSupported_CreateKey();
}
Debug.Assert(seedSize <= 64);
SecureMemoryHandle keyHandle = null;
byte[] publicKeyBytes = null;
bool success = false;
try
{
Span <byte> seed = stackalloc byte[seedSize];
try
{
DeriveBytesCore(sharedSecret.Handle, salt, info, seed);
algorithm.CreateKey(seed, out keyHandle, out publicKeyBytes);
success = true;
}
finally
{
sodium_memzero(ref seed.DangerousGetPinnableReference(), (UIntPtr)seed.Length);
}
}
finally
{
if (!success && keyHandle != null)
{
keyHandle.Dispose();
}
}
return(new Key(algorithm, exportPolicy, keyHandle, publicKeyBytes));
}
internal Key(
Algorithm algorithm,
KeyExportPolicies exportPolicy,
SecureMemoryHandle keyHandle,
byte[] publicKeyBytes)
{
Debug.Assert(algorithm != null);
Debug.Assert(keyHandle != null);
keyHandle.MakeReadOnly();
_algorithm = algorithm;
_exportPolicy = exportPolicy;
_handle = keyHandle;
_publicKey = (publicKeyBytes) != null ? new PublicKey(algorithm, publicKeyBytes) : null;
}
public Key(
Algorithm algorithm,
KeyExportPolicies exportPolicy = KeyExportPolicies.None)
{
if (algorithm == null)
{
throw Error.ArgumentNull_Algorithm(nameof(algorithm));
}
int seedSize = algorithm.GetDefaultSeedSize();
Debug.Assert(seedSize <= 64);
SecureMemoryHandle keyHandle = null;
byte[] publicKeyBytes = null;
bool success = false;
try
{
Span <byte> seed = stackalloc byte[seedSize];
try
{
RandomGenerator.Default.GenerateBytes(seed);
algorithm.CreateKey(seed, out keyHandle, out publicKeyBytes);
success = true;
}
finally
{
sodium_memzero(ref seed.DangerousGetPinnableReference(), (UIntPtr)seed.Length);
}
}
finally
{
if (!success && keyHandle != null)
{
keyHandle.Dispose();
}
}
keyHandle.MakeReadOnly();
_algorithm = algorithm;
_exportPolicy = exportPolicy;
_handle = keyHandle;
_publicKey = (publicKeyBytes) != null ? new PublicKey(algorithm, publicKeyBytes) : null;
}
public Key GenerateKey(
Algorithm algorithm,
KeyExportPolicies exportPolicy = KeyExportPolicies.None)
{
if (algorithm == null)
{
throw Error.ArgumentNull_Algorithm(nameof(algorithm));
}
int seedSize = algorithm.GetDefaultSeedSize();
Debug.Assert(seedSize <= 64);
SecureMemoryHandle keyHandle = null;
byte[] publicKeyBytes = null;
bool success = false;
try
{
Span <byte> seed = stackalloc byte[seedSize];
try
{
GenerateBytesCore(seed);
algorithm.CreateKey(seed, out keyHandle, out publicKeyBytes);
success = true;
}
finally
{
sodium_memzero(ref MemoryMarshal.GetReference(seed), (UIntPtr)seed.Length);
}
}
finally
{
if (!success && keyHandle != null)
{
keyHandle.Dispose();
}
}
return(new Key(algorithm, exportPolicy, keyHandle, publicKeyBytes));
}
public static Key Create(
Algorithm algorithm,
KeyExportPolicies exportPolicy = KeyExportPolicies.None)
{
return(RandomGenerator.Default.GenerateKey(algorithm, exportPolicy));
}
