public RSACryptoServiceProvider(KeySpec keySpec, bool genKey) { IntPtr prov = IntPtr.Zero; IntPtr rsaKey = IntPtr.Zero; try { this.keySpec = keySpec; if(genKey == false) //faster { prov = Context.AcquireContext("rSaContainer"); rsaKey = Key.GetUserKey(prov, keySpec); } else //new key { prov = Context.AcquireContext("rSaContainerImp"); Calg calg = Calg.RSA_KEYX; if(keySpec == KeySpec.SIGNATURE) {calg = Calg.RSA_SIGN;} rsaKey = Key.GenKey(prov, calg, GenKeyParam.EXPORTABLE); } byte [] baPrivKey = Key.ExportKey(rsaKey, IntPtr.Zero, KeyBlob.PRIVATEKEYBLOB); _rsa = new Rsa(baPrivKey); } finally { Key.DestroyKey(rsaKey); Context.ReleaseContext(prov); } }
public override PrivateKey GeneratePrivate (KeySpec key) { DSAPrivateKeySpec spec = (DSAPrivateKeySpec) key; DSAParameters dsp = new DSAParameters (); dsp.G = spec.GetG ().GetBytes (); dsp.P = spec.GetP ().GetBytes (); dsp.Q = spec.GetQ ().GetBytes (); dsp.X = spec.GetX ().GetBytes (); return new DSAPrivateKey (dsp); }
internal override NCryptKeyOrCryptProviderSafeHandle CreateKey(string keyName, int keySize, Algorithm algorithm, bool overwrite, KeyUsage keyUsage, out KeySpec keySpec) { const int ALREADY_EXISTS = unchecked((int)0x8009000f); if (algorithm != Algorithm.RSA) { throw new ArgumentException("CAPI does not support algorithms other than RSA.", nameof(algorithm)); } NCryptKeyOrCryptProviderSafeHandle provider; if (!AdvApi32.CryptAcquireContext(out provider, keyName, _providerName, ProviderType.PROV_RSA_AES, CryptAcquireContextFlags.CRYPT_NEWKEYSET)) { var lastError = Marshal.GetLastWin32Error(); if (lastError == ALREADY_EXISTS && overwrite) { if (!AdvApi32.CryptAcquireContext(out provider, keyName, _providerName, ProviderType.PROV_RSA_AES, CryptAcquireContextFlags.CRYPT_DELETEKEYSET)) { throw new Win32Exception(Marshal.GetLastWin32Error()); } if (!AdvApi32.CryptAcquireContext(out provider, keyName, _providerName, ProviderType.PROV_RSA_AES, CryptAcquireContextFlags.CRYPT_NEWKEYSET)) { throw new Win32Exception(Marshal.GetLastWin32Error()); } } else { throw new Win32Exception(Marshal.GetLastWin32Error()); } } var flags = CryptGenKeyFlags.CRYPT_EXPORTABLE; var keySizeFlags = ((uint)keySize & 0xFFFFU) << 16; var genKeyFlags = ((ushort)flags) | keySizeFlags; CryptKeySafeHandle key; KeySpec algorithmKeySpec; switch (keyUsage) { case KeyUsage.KeyExchange: algorithmKeySpec = KeySpec.AT_KEYEXCHANGE; break; case KeyUsage.Signature: algorithmKeySpec = KeySpec.AT_SIGNATURE; break; default: throw new ArgumentException(nameof(keyUsage)); } if (!AdvApi32.CryptGenKey(provider, algorithmKeySpec, genKeyFlags, out key)) { throw new Win32Exception(Marshal.GetLastWin32Error()); } key.Close(); keySpec = algorithmKeySpec; return provider; }
internal override NCryptKeyOrCryptProviderSafeHandle OpenExisting(string keyName, out KeySpec keySpec) { keySpec = KeySpec.NONE; NCryptKeyOrCryptProviderSafeHandle keyHandle; var result = NCrypt.NCryptOpenKey(_storageProvider.Handle, out keyHandle, keyName, KeySpec.NONE, 0u); if (result == SECURITY_STATUS.ERROR_SUCCESS) { return keyHandle; } if (result == SECURITY_STATUS.NTE_BAD_KEYSET) { return null; } throw new InvalidOperationException("Failed to open key."); }
public virtual object Get(KeySpec spec) { lock (this) { var value = _delegate.Get(spec); if (value == null) { value = spec.DefaultValue(); if (value != null) { _delegate.Put(spec, value); } } return value; } }
internal override NCryptKeyOrCryptProviderSafeHandle CreateKey(string keyName, int keySize, Algorithm algorithm, bool overwrite, KeyUsage keyUsage, out KeySpec keySpec) { NCryptKeyOrCryptProviderSafeHandle keyHandle; var flags = overwrite ? NCryptCreatePersistedKeyFlags.NCRYPT_OVERWRITE_KEY_FLAG : NCryptCreatePersistedKeyFlags.NONE; var result = NCrypt.NCryptCreatePersistedKey(_storageProvider.Handle, out keyHandle, algorithm.Name, keyName, KeySpec.NONE, flags); if (result != SECURITY_STATUS.ERROR_SUCCESS) { throw new InvalidOperationException("Failed to generate a key."); } if (algorithm == Algorithm.RSA) { NCryptPropertyWriter.WriteUInt32(keyHandle, CngProperties.NCRYPT_LENGTH_PROPERTY, (uint) keySize); } NCryptPropertyWriter.WriteEnum(keyHandle, CngProperties.NCRYPT_EXPORT_POLICY_PROPERTY, CngExportPolicy.NCRYPT_ALLOW_EXPORT_FLAG); var finalizeResult = NCrypt.NCryptFinalizeKey(keyHandle, 0u); if (finalizeResult != SECURITY_STATUS.ERROR_SUCCESS) { throw new InvalidOperationException("Failed to finalize key."); } keySpec = KeySpec.NONE; return keyHandle; }
public virtual byte GetAsByte(KeySpec spec) { return((byte)Get(spec)); }
public virtual void Put(KeySpec spec, bool value) { _delegate.Put(spec, value); }
internal abstract NCryptKeyOrCryptProviderSafeHandle OpenExisting(string keyName, out KeySpec keySpec);
public override PrivateKey GeneratePrivate(KeySpec key) { throw new NotSupportedException(); }
public PublicKey generatePublic(KeySpec keySpec) { return default(PublicKey); }
public static extern bool CryptAcquireCertificatePrivateKey([In] SafeHandle pCert, [In] uint dwFlags, [In] IntPtr pvReserved, [In, Out] ref IntPtr phCryptProv, [In, Out] ref KeySpec pdwKeySpec, [In, Out] ref bool pfCallerFreeProv);
internal abstract NCryptKeyOrCryptProviderSafeHandle CreateKey(string keyName, int keySize, Algorithm algorithm, bool overwrite, KeyUsage keyUsage, out KeySpec keySpec);
internal PrivateKey(NCryptKeyOrCryptProviderSafeHandle handle, KeyProviderBase keyProvider, KeySpec keySpec) { _handle = handle; _keyProvider = keyProvider; _keySpec = keySpec; }
public void Init(KeySpec key) { SecretKeySpec k = (SecretKeySpec)key; mac.Key = k.Key; }
public override PublicKey GeneratePublic(KeySpec key) { DSAPublicKeySpec spec = (DSAPublicKeySpec) key; DSAParameters dsp = new DSAParameters (); dsp.G = spec.GetG ().ToByteArray(); dsp.P = spec.GetP().ToByteArray(); dsp.Q = spec.GetQ().ToByteArray(); dsp.Y = spec.GetY().ToByteArray(); return new DSAPublicKey (dsp); }
public override PrivateKey GeneratePrivate(KeySpec key) { RSAPrivateKeySpec spec = (RSAPrivateKeySpec) key; RSAParameters dparams = new RSAParameters (); dparams.Modulus = spec.GetModulus().ToByteArray(); dparams.D = spec.GetPrivateExponent().ToByteArray(); dparams.Exponent = spec.GetPublicExponent().ToByteArray(); return new RSAPrivateKey (dparams); }
public void Init (KeySpec key) { SecretKeySpec k = (SecretKeySpec) key; mac.Key = k.Key; }
public virtual int GetAsInt(KeySpec spec) { return((int)Get(spec)); }
internal override unsafe NCryptKeyOrCryptProviderSafeHandle OpenExisting(string keyName, out KeySpec keySpec) { keySpec = KeySpec.NONE; const int DOES_NOT_EXIST = unchecked ((int)0x80090016); NCryptKeyOrCryptProviderSafeHandle provider; if (!AdvApi32.CryptAcquireContext(out provider, keyName, _providerName, ProviderType.PROV_RSA_AES, 0u)) { var result = Marshal.GetLastWin32Error(); if (result == DOES_NOT_EXIST) { return(null); } throw new Win32Exception(Marshal.GetLastWin32Error()); } const uint PP_KEYSPEC = 0x27; uint * keySpecBuffer = stackalloc uint[1]; var dataLength = (uint)Marshal.SizeOf(typeof(uint)); if (!AdvApi32.CryptGetProvParam(provider, PP_KEYSPEC, keySpecBuffer, ref dataLength, 0u)) { throw new Win32Exception(Marshal.GetLastWin32Error()); } keySpec = (KeySpec)(*keySpecBuffer); return(provider); }
public virtual string GetAsString(KeySpec spec) { return((string)Get(spec)); }
internal override NCryptKeyOrCryptProviderSafeHandle CreateKey(string keyName, int keySize, Algorithm algorithm, bool overwrite, KeyUsage keyUsage, out KeySpec keySpec) { const int ALREADY_EXISTS = unchecked ((int)0x8009000f); if (algorithm != Algorithm.RSA) { throw new ArgumentException("CAPI does not support algorithms other than RSA.", nameof(algorithm)); } NCryptKeyOrCryptProviderSafeHandle provider; if (!AdvApi32.CryptAcquireContext(out provider, keyName, _providerName, ProviderType.PROV_RSA_AES, CryptAcquireContextFlags.CRYPT_NEWKEYSET)) { var lastError = Marshal.GetLastWin32Error(); if (lastError == ALREADY_EXISTS && overwrite) { if (!AdvApi32.CryptAcquireContext(out provider, keyName, _providerName, ProviderType.PROV_RSA_AES, CryptAcquireContextFlags.CRYPT_DELETEKEYSET)) { throw new Win32Exception(Marshal.GetLastWin32Error()); } if (!AdvApi32.CryptAcquireContext(out provider, keyName, _providerName, ProviderType.PROV_RSA_AES, CryptAcquireContextFlags.CRYPT_NEWKEYSET)) { throw new Win32Exception(Marshal.GetLastWin32Error()); } } else { throw new Win32Exception(Marshal.GetLastWin32Error()); } } var flags = CryptGenKeyFlags.CRYPT_EXPORTABLE; var keySizeFlags = ((uint)keySize & 0xFFFFU) << 16; var genKeyFlags = ((ushort)flags) | keySizeFlags; CryptKeySafeHandle key; KeySpec algorithmKeySpec; switch (keyUsage) { case KeyUsage.KeyExchange: algorithmKeySpec = KeySpec.AT_KEYEXCHANGE; break; case KeyUsage.Signature: algorithmKeySpec = KeySpec.AT_SIGNATURE; break; default: throw new ArgumentException(nameof(keyUsage)); } if (!AdvApi32.CryptGenKey(provider, algorithmKeySpec, genKeyFlags, out key)) { throw new Win32Exception(Marshal.GetLastWin32Error()); } key.Close(); keySpec = algorithmKeySpec; return(provider); }
public override SecretKey GenerateSecret(KeySpec key) { DESedeKeySpec ks = (DESedeKeySpec)key; return(new SecretKey(ks.Key)); }
protected virtual void PutThreeValued(KeySpec spec, bool flag) { _config.Put(spec, TernaryBool.ForBoolean(flag)); }
public static byte[] SignHash(IntPtr hash, KeySpec keySpec) { string desc = null; //String.Empty uint flags = 0; byte [] sig = new byte[0]; uint sigLen = 0; //length bool retVal = Crypto.CryptSignHash(hash, (uint) keySpec, desc, flags, sig, ref sigLen); ErrCode ec = Error.HandleRetVal(retVal, ErrCode.MORE_DATA); if(ec == ErrCode.MORE_DATA) { //sign sig = new byte[sigLen]; retVal = Crypto.CryptSignHash(hash, (uint) keySpec, desc, flags, sig, ref sigLen); ec = Error.HandleRetVal(retVal); } return sig; }
protected virtual void PutThreeValuedInt(KeySpec spec, bool flag) { _config.Put(spec, flag ? 1 : -1); }
public abstract PrivateKey GeneratePrivate(KeySpec key);
private TernaryBool Cascade(KeySpec spec) { return(_config.GetAsTernaryBool(spec)); }
public virtual string GetAsString(KeySpec spec) { return (string) Get(spec); }
public PublicKey generatePublic(KeySpec keySpec) { return(default(PublicKey)); }
internal override NCryptKeyOrCryptProviderSafeHandle OpenExisting(string keyName, out KeySpec keySpec) { keySpec = KeySpec.NONE; NCryptKeyOrCryptProviderSafeHandle keyHandle; var result = NCrypt.NCryptOpenKey(_storageProvider.Handle, out keyHandle, keyName, KeySpec.NONE, 0u); if (result == SECURITY_STATUS.ERROR_SUCCESS) { return(keyHandle); } if (result == SECURITY_STATUS.NTE_BAD_KEYSET) { return(null); } throw new InvalidOperationException("Failed to open key."); }
internal override unsafe NCryptKeyOrCryptProviderSafeHandle OpenExisting(string keyName, out KeySpec keySpec) { keySpec = KeySpec.NONE; const int DOES_NOT_EXIST = unchecked((int)0x80090016); NCryptKeyOrCryptProviderSafeHandle provider; if (!AdvApi32.CryptAcquireContext(out provider, keyName, _providerName, ProviderType.PROV_RSA_AES, 0u)) { var result = Marshal.GetLastWin32Error(); if (result == DOES_NOT_EXIST) { return null; } throw new Win32Exception(Marshal.GetLastWin32Error()); } const uint PP_KEYSPEC = 0x27; uint* keySpecBuffer = stackalloc uint[1]; var dataLength = (uint)Marshal.SizeOf(typeof(uint)); if (!AdvApi32.CryptGetProvParam(provider, PP_KEYSPEC, keySpecBuffer, ref dataLength, 0u)) { throw new Win32Exception(Marshal.GetLastWin32Error()); } keySpec = (KeySpec)(*keySpecBuffer); return provider; }
public virtual void Put(KeySpec spec, object value) { _delegate.Put(spec, value); }
public virtual bool GetAsBoolean(KeySpec spec) { return((bool)Get(spec)); }
generatePrivate(KeySpec keySpec);
public virtual TernaryBool GetAsTernaryBool(KeySpec spec) { return((TernaryBool)Get(spec)); }
generatePublic(KeySpec keySpec);
public GenerateDataKeyRequest(string keyId, KeySpec keySpec, JsonObject encryptionContext) { KeyId = keyId ?? throw new ArgumentNullException(nameof(keyId)); KeySpec = keySpec; EncryptionContext = encryptionContext; }
public abstract SecretKey GenerateSecret(KeySpec key);
public abstract PublicKey GeneratePublic (KeySpec key);
public override PublicKey GeneratePublic(KeySpec key) { DHPublicKeySpec spec = (DHPublicKeySpec)key; return(new DHPublicKey(spec.Y)); }
public abstract PrivateKey GeneratePrivate (KeySpec key);
public static IntPtr GetUserKey(IntPtr prov, KeySpec keySpec) { IntPtr key; bool retVal = Crypto.CryptGetUserKey(prov, (uint) keySpec, out key); ErrCode ec = Error.HandleRetVal(retVal, ErrCode.NTE_NO_KEY); if(ec == ErrCode.NTE_NO_KEY) //2148073485 { retVal = Crypto.CryptGenKey(prov, (uint)keySpec, (uint)GenKeyParam.EXPORTABLE, out key); ec = Error.HandleRetVal(retVal); //is this necessary? why not just use key from GenKey? //retVal = Crypto.CryptGetUserKey(prov, (uint) keySpec, out key); } if(key == IntPtr.Zero) throw new Exception(ec.ToString()); return key; }
public PrivateKey generatePrivate(KeySpec keySpec) { throw null; }
public virtual byte GetAsByte(KeySpec spec) { return ((byte) Get(spec)); }
public abstract PublicKey GeneratePublic(KeySpec key);
public virtual int GetAsInt(KeySpec spec) { return ((int) Get(spec)); }
public static extern bool CryptSignHash(SafeHashHandle hHash, KeySpec dwKeySpec, String sDescription, CryptSignAndVerifyHashFlags dwFlags, [Out] byte[] pbSignature, [In, Out] ref int pdwSigLen);
public override PrivateKey GeneratePrivate (KeySpec key) { RSAPrivateKeySpec spec = (RSAPrivateKeySpec) key; RSAParameters dparams = new RSAParameters (); dparams.Modulus = spec.GetModulus ().GetBytes (); dparams.D = spec.GetPrivateExponent ().GetBytes (); dparams.Exponent = new BigInteger (35).GetBytes (); return new RSAPrivateKey (dparams); }
public override PublicKey GeneratePublic (KeySpec key) { DHPublicKeySpec spec = (DHPublicKeySpec) key; return new DHPublicKey (spec.Y); }
public virtual bool GetAsBoolean(KeySpec spec) { return ((bool) Get(spec)); }
public override PrivateKey GeneratePrivate (KeySpec key) { throw new NotSupportedException (); }
public virtual TernaryBool GetAsTernaryBool(KeySpec spec) { return (TernaryBool) Get(spec); }
public override PublicKey GeneratePublic (KeySpec key) { RSAPublicKeySpec spec = (RSAPublicKeySpec) key; RSAParameters dparams = new RSAParameters (); dparams.Modulus = spec.GetModulus ().GetBytes (); dparams.Exponent = spec.GetPublicExponent ().GetBytes (); return new RSAPublicKey (dparams); }
internal override NCryptKeyOrCryptProviderSafeHandle CreateKey(string keyName, int keySize, Algorithm algorithm, bool overwrite, KeyUsage keyUsage, out KeySpec keySpec) { NCryptKeyOrCryptProviderSafeHandle keyHandle; var flags = overwrite ? NCryptCreatePersistedKeyFlags.NCRYPT_OVERWRITE_KEY_FLAG : NCryptCreatePersistedKeyFlags.NONE; var result = NCrypt.NCryptCreatePersistedKey(_storageProvider.Handle, out keyHandle, algorithm.Name, keyName, KeySpec.NONE, flags); if (result != SECURITY_STATUS.ERROR_SUCCESS) { throw new InvalidOperationException("Failed to generate a key."); } if (algorithm == Algorithm.RSA) { NCryptPropertyWriter.WriteUInt32(keyHandle, CngProperties.NCRYPT_LENGTH_PROPERTY, (uint)keySize); } NCryptPropertyWriter.WriteEnum(keyHandle, CngProperties.NCRYPT_EXPORT_POLICY_PROPERTY, CngExportPolicy.NCRYPT_ALLOW_EXPORT_FLAG); var finalizeResult = NCrypt.NCryptFinalizeKey(keyHandle, 0u); if (finalizeResult != SECURITY_STATUS.ERROR_SUCCESS) { throw new InvalidOperationException("Failed to finalize key."); } keySpec = KeySpec.NONE; return(keyHandle); }
internal static extern bool CryptGetUserKey([In] IntPtr CryptProv, [In] KeySpec KeySpec, [In, Out] ref IntPtr Key);