internal static bool VerifySignature(SafeCspHandle cspHandle, SafeCspKeyHandle keyHandle, CapiNative.AlgorithmID signatureAlgorithm, CapiNative.AlgorithmID hashAlgorithm, byte[] hashValue, byte[] signature)
{
byte[] array = new byte[signature.Length];
Array.Copy(signature, array, array.Length);
Array.Reverse(array);
bool result;
using (SafeCspHashHandle safeCspHashHandle = CapiNative.CreateHashAlgorithm(cspHandle, hashAlgorithm))
{
if (hashValue.Length != CapiNative.GetHashPropertyInt32(safeCspHashHandle, CapiNative.HashProperty.HashSize))
{
throw new CryptographicException(-2146893822);
}
CapiNative.SetHashProperty(safeCspHashHandle, CapiNative.HashProperty.HashValue, hashValue);
if (CapiNative.UnsafeNativeMethods.CryptVerifySignature(safeCspHashHandle, array, array.Length, keyHandle, null, 0))
{
result = true;
}
else
{
int lastWin32Error = Marshal.GetLastWin32Error();
if (lastWin32Error != -2146893818)
{
throw new CryptographicException(lastWin32Error);
}
result = false;
}
}
return(result);
}
public override ICryptoTransform CreateEncryptor(byte[] key, byte[] iv)
{
Contract.Ensures(Contract.Result <ICryptoTransform>() != null);
if (key == null)
{
throw new ArgumentNullException("key");
}
if (!ValidKeySize(key.Length * 8))
{
throw new ArgumentException(SR.GetString(SR.Cryptography_InvalidKeySize), "key");
}
if (iv != null && iv.Length * 8 != BlockSizeValue)
{
throw new ArgumentException(SR.GetString(SR.Cryptography_InvalidIVSize), "iv");
}
byte[] keyCopy = (byte[])key.Clone();
byte[] ivCopy = null;
if (iv != null)
{
ivCopy = (byte[])iv.Clone();
}
using (SafeCapiKeyHandle importedKey = CapiNative.ImportSymmetricKey(m_cspHandle, GetAlgorithmId(keyCopy.Length * 8), keyCopy)) {
return(CreateEncryptor(importedKey, ivCopy));
}
}
[System.Security.SecuritySafeCritical] // auto-generated
#endif
public RNGCryptoServiceProvider()
{
m_cspHandle = CapiNative.AcquireCsp(null,
CapiNative.ProviderNames.MicrosoftEnhanced,
CapiNative.ProviderType.RsaFull,
CapiNative.CryptAcquireContextFlags.VerifyContext);
}
public override ICryptoTransform CreateEncryptor(byte[] key, byte[] iv)
{
if (key == null)
{
throw new ArgumentNullException("key");
}
if (!base.ValidKeySize(key.Length * 8))
{
throw new ArgumentException(System.SR.GetString("Cryptography_InvalidKeySize"), "key");
}
if ((iv != null) && ((iv.Length * 8) != base.BlockSizeValue))
{
throw new ArgumentException(System.SR.GetString("Cryptography_InvalidIVSize"), "iv");
}
byte[] buffer = (byte[])key.Clone();
byte[] buffer2 = null;
if (iv != null)
{
buffer2 = (byte[])iv.Clone();
}
using (SafeCapiKeyHandle handle = CapiNative.ImportSymmetricKey(this.m_cspHandle, GetAlgorithmId(buffer.Length * 8), buffer))
{
return(this.CreateEncryptor(handle, buffer2));
}
}
private static SafeCapiKeyHandle SetupKey(SafeCapiKeyHandle key, byte[] iv, CipherMode cipherMode, int feedbackSize)
{
Contract.Requires(key != null);
Contract.Requires(cipherMode == CipherMode.ECB || iv != null);
Contract.Requires(0 <= feedbackSize);
Contract.Ensures(Contract.Result <SafeCapiKeyHandle>() != null &&
!Contract.Result <SafeCapiKeyHandle>().IsInvalid&&
!Contract.Result <SafeCapiKeyHandle>().IsClosed);
// Make a copy of the key so that we don't modify the properties of the caller's copy
SafeCapiKeyHandle encryptionKey = key.Duplicate();
// Setup the cipher mode first
CapiNative.SetKeyParameter(encryptionKey, CapiNative.KeyParameter.Mode, (int)cipherMode);
// If we're not in ECB mode then setup the IV
if (cipherMode != CipherMode.ECB)
{
CapiNative.SetKeyParameter(encryptionKey, CapiNative.KeyParameter.IV, iv);
}
// OFB and CFB require a feedback loop size
if (cipherMode == CipherMode.CFB || cipherMode == CipherMode.OFB)
{
CapiNative.SetKeyParameter(encryptionKey, CapiNative.KeyParameter.ModeBits, feedbackSize);
}
return(encryptionKey);
}
public byte[] HashFinal()
{
Contract.Ensures(Contract.Result <byte[]>() != null);
Contract.Assert(m_hashHandle != null);
return(CapiNative.GetHashParameter(m_hashHandle, CapiNative.HashParameter.HashValue));
}
internal static bool VerifySignature(SafeCspHandle cspHandle, SafeCspKeyHandle keyHandle, CapiNative.AlgorithmID signatureAlgorithm, CapiNative.AlgorithmID hashAlgorithm, byte[] hashValue, byte[] signature)
{
byte[] numArray = new byte[signature.Length];
Array.Copy((Array)signature, (Array)numArray, numArray.Length);
Array.Reverse((Array)numArray);
using (SafeCspHashHandle hashAlgorithm1 = CapiNative.CreateHashAlgorithm(cspHandle, hashAlgorithm))
{
if (hashValue.Length != CapiNative.GetHashPropertyInt32(hashAlgorithm1, CapiNative.HashProperty.HashSize))
{
throw new CryptographicException(-2146893822);
}
CapiNative.SetHashProperty(hashAlgorithm1, CapiNative.HashProperty.HashValue, hashValue);
SafeCspHashHandle hHash = hashAlgorithm1;
byte[] pbSignature = numArray;
int length = pbSignature.Length;
SafeCspKeyHandle hPubKey = keyHandle;
// ISSUE: variable of the null type
__Null local = null;
int dwFlags = 0;
if (CapiNative.UnsafeNativeMethods.CryptVerifySignature(hHash, pbSignature, length, hPubKey, (string)local, dwFlags))
{
return(true);
}
int lastWin32Error = Marshal.GetLastWin32Error();
if (lastWin32Error != -2146893818)
{
throw new CryptographicException(lastWin32Error);
}
return(false);
}
}
internal static SafeLocalAllocHandle StringToAnsiPtr(string s)
{
byte[] arr = new byte[s.Length + 1];
Encoding.ASCII.GetBytes(s, 0, s.Length, arr, 0);
SafeLocalAllocHandle pb = CapiNative.LocalAlloc(CapiNative.LMEM_FIXED, new IntPtr(arr.Length));
Marshal.Copy(arr, 0, pb.DangerousGetHandle(), arr.Length);
return(pb);
}
internal static int GetKeyPropertyInt32(SafeCspKeyHandle keyHandle, CapiNative.KeyProperty property)
{
byte[] keyProperty = CapiNative.GetKeyProperty(keyHandle, property);
if (keyProperty.Length != 4)
{
return(0);
}
return(BitConverter.ToInt32(keyProperty, 0));
}
internal static int GetHashPropertyInt32(SafeCspHashHandle hashHandle, CapiNative.HashProperty property)
{
byte[] hashProperty = CapiNative.GetHashProperty(hashHandle, property);
if (hashProperty.Length != 4)
{
return(0);
}
return(BitConverter.ToInt32(hashProperty, 0));
}
[System.Security.SecuritySafeCritical] // auto-generated
public override void GetBytes(byte[] data, int offset, int count) {
if (data == null) throw new ArgumentNullException("data");
if (offset < 0) throw new ArgumentOutOfRangeException("offset", Environment.GetResourceString("ArgumentOutOfRange_NeedNonNegNum"));
if (count < 0) throw new ArgumentOutOfRangeException("count", Environment.GetResourceString("ArgumentOutOfRange_NeedNonNegNum"));
if (offset + count > data.Length) throw new ArgumentException(Environment.GetResourceString("Argument_InvalidOffLen"));
if (count > 0) {
CapiNative.GenerateRandomBytes(m_cspHandle, data, offset, count);
}
}
[System.Security.SecuritySafeCritical] // auto-generated
public override void GetBytes(byte[] data) {
if (data == null) {
throw new ArgumentNullException("data");
}
Contract.EndContractBlock();
if (data.Length > 0) {
CapiNative.GenerateRandomBytes(m_cspHandle, data);
}
}
private static SafeCapiKeyHandle SetupKey(SafeCapiKeyHandle key, byte[] iv, CipherMode cipherMode, int feedbackSize)
{
SafeCapiKeyHandle handle = key.Duplicate();
CapiNative.SetKeyParameter(handle, CapiNative.KeyParameter.Mode, (int)cipherMode);
if (cipherMode != CipherMode.ECB)
{
CapiNative.SetKeyParameter(handle, CapiNative.KeyParameter.IV, iv);
}
if ((cipherMode == CipherMode.CFB) || (cipherMode == CipherMode.OFB))
{
CapiNative.SetKeyParameter(handle, CapiNative.KeyParameter.ModeBits, feedbackSize);
}
return(handle);
}
// SafeCritical - we're not exposing out anything that we want to prevent untrusted code from getting at
public CapiHashAlgorithm(string provider,
CapiNative.ProviderType providerType,
CapiNative.AlgorithmId algorithm) {
Contract.Requires(!String.IsNullOrEmpty(provider));
Contract.Requires((CapiNative.AlgorithmClass)((uint)algorithm & (uint)CapiNative.AlgorithmClass.Hash) == CapiNative.AlgorithmClass.Hash);
Contract.Ensures(m_cspHandle != null && !m_cspHandle.IsInvalid && !m_cspHandle.IsClosed);
Contract.Ensures(m_hashHandle != null && !m_hashHandle.IsInvalid && !m_hashHandle.IsClosed);
m_algorithmId = algorithm;
m_cspHandle = CapiNative.AcquireCsp(null,
provider,
providerType,
CapiNative.CryptAcquireContextFlags.VerifyContext,
true);
Initialize();
}
// SafeCritical - we're not exposing out anything that we want to prevent untrusted code from getting at
public CapiHashAlgorithm(string provider,
CapiNative.ProviderType providerType,
CapiNative.AlgorithmId algorithm)
{
Contract.Requires(!String.IsNullOrEmpty(provider));
Contract.Requires((CapiNative.AlgorithmClass)((uint)algorithm & (uint)CapiNative.AlgorithmClass.Hash) == CapiNative.AlgorithmClass.Hash);
Contract.Ensures(m_cspHandle != null && !m_cspHandle.IsInvalid && !m_cspHandle.IsClosed);
Contract.Ensures(m_hashHandle != null && !m_hashHandle.IsInvalid && !m_hashHandle.IsClosed);
m_algorithmId = algorithm;
m_cspHandle = CapiNative.AcquireCsp(null,
provider,
providerType,
CapiNative.CryptAcquireContextFlags.VerifyContext,
true);
Initialize();
}
public AesCryptoServiceProvider()
{
string providerName = "Microsoft Enhanced RSA and AES Cryptographic Provider";
if ((Environment.OSVersion.Version.Major == 5) && (Environment.OSVersion.Version.Minor == 1))
{
providerName = "Microsoft Enhanced RSA and AES Cryptographic Provider (Prototype)";
}
this.m_cspHandle = CapiNative.AcquireCsp(null, providerName, CapiNative.ProviderType.RsaAes, CapiNative.CryptAcquireContextFlags.None | CapiNative.CryptAcquireContextFlags.VerifyContext, true);
base.FeedbackSizeValue = 8;
int defaultKeySize = 0;
if (FindSupportedKeySizes(this.m_cspHandle, out defaultKeySize).Length == 0)
{
throw new PlatformNotSupportedException(System.SR.GetString("Cryptography_PlatformNotSupported"));
}
base.KeySizeValue = defaultKeySize;
}
private static KeySizes[] FindSupportedKeySizes(SafeCspHandle csp, out int defaultKeySize)
{
if (s_supportedKeySizes == null)
{
List <KeySizes> list = new List <KeySizes>();
int num = 0;
for (CapiNative.PROV_ENUMALGS prov_enumalgs = CapiNative.GetProviderParameterStruct <CapiNative.PROV_ENUMALGS>(csp, CapiNative.ProviderParameter.EnumerateAlgorithms, CapiNative.ProviderParameterFlags.RestartEnumeration); prov_enumalgs.aiAlgId != CapiNative.AlgorithmId.None; prov_enumalgs = CapiNative.GetProviderParameterStruct <CapiNative.PROV_ENUMALGS>(csp, CapiNative.ProviderParameter.EnumerateAlgorithms, CapiNative.ProviderParameterFlags.None))
{
switch (prov_enumalgs.aiAlgId)
{
case CapiNative.AlgorithmId.Aes128:
list.Add(new KeySizes(0x80, 0x80, 0));
if (0x80 > num)
{
num = 0x80;
}
break;
case CapiNative.AlgorithmId.Aes192:
list.Add(new KeySizes(0xc0, 0xc0, 0));
if (0xc0 > num)
{
num = 0xc0;
}
break;
case CapiNative.AlgorithmId.Aes256:
list.Add(new KeySizes(0x100, 0x100, 0));
if (0x100 > num)
{
num = 0x100;
}
break;
}
}
s_supportedKeySizes = list.ToArray();
s_defaultKeySize = num;
}
defaultKeySize = s_defaultKeySize;
return(s_supportedKeySizes);
}
public AesCryptoServiceProvider()
{
Contract.Ensures(m_cspHandle != null && !m_cspHandle.IsInvalid && !m_cspHandle.IsClosed);
// On Windows XP the AES CSP has the prototype name, but on newer operating systems it has the
// standard name
string providerName = CapiNative.ProviderNames.MicrosoftEnhancedRsaAes;
if (Environment.OSVersion.Version.Major == 5 && Environment.OSVersion.Version.Minor == 1)
{
providerName = CapiNative.ProviderNames.MicrosoftEnhancedRsaAesPrototype;
}
m_cspHandle = CapiNative.AcquireCsp(null,
providerName,
CapiNative.ProviderType.RsaAes,
CapiNative.CryptAcquireContextFlags.VerifyContext,
true);
// CAPI will not allow feedback sizes greater than 64 bits
FeedbackSizeValue = 8;
// Get the different AES key sizes supported by this platform, raising an error if there are no
// supported key sizes.
int defaultKeySize = 0;
KeySizes[] keySizes = FindSupportedKeySizes(m_cspHandle, out defaultKeySize);
if (keySizes.Length != 0)
{
Debug.Assert(defaultKeySize > 0, "defaultKeySize > 0");
KeySizeValue = defaultKeySize;
}
else
{
throw new PlatformNotSupportedException(SR.GetString(SR.Cryptography_PlatformNotSupported));
}
}
public CapiHashAlgorithm(string provider, CapiNative.ProviderType providerType, CapiNative.AlgorithmId algorithm)
{
this.m_algorithmId = algorithm;
this.m_cspHandle = CapiNative.AcquireCsp(null, provider, providerType, CapiNative.CryptAcquireContextFlags.None | CapiNative.CryptAcquireContextFlags.VerifyContext, true);
this.Initialize();
}
private static KeySizes[] FindSupportedKeySizes(SafeCspHandle csp, out int defaultKeySize)
{
Contract.Requires(csp != null);
Contract.Ensures(Contract.Result <KeySizes[]>() != null);
// If this platform has any supported algorithm sizes, then the default key size should be set to a
// reasonable value.
Contract.Ensures(Contract.Result <KeySizes[]>().Length == 0 ||
(Contract.ValueAtReturn <int>(out defaultKeySize) > 0 && Contract.ValueAtReturn <int>(out defaultKeySize) % 8 == 0));
if (s_supportedKeySizes == null)
{
List <KeySizes> keySizes = new List <KeySizes>();
int maxKeySize = 0;
//
// Enumerate the CSP's supported algorithms to see what key sizes it supports for AES
//
CapiNative.PROV_ENUMALGS algorithm =
CapiNative.GetProviderParameterStruct <CapiNative.PROV_ENUMALGS>(csp,
CapiNative.ProviderParameter.EnumerateAlgorithms,
CapiNative.ProviderParameterFlags.RestartEnumeration);
// Translate between CAPI AES algorithm IDs and supported key sizes
while (algorithm.aiAlgId != CapiNative.AlgorithmId.None)
{
switch (algorithm.aiAlgId)
{
case CapiNative.AlgorithmId.Aes128:
keySizes.Add(new KeySizes(128, 128, 0));
if (128 > maxKeySize)
{
maxKeySize = 128;
}
break;
case CapiNative.AlgorithmId.Aes192:
keySizes.Add(new KeySizes(192, 192, 0));
if (192 > maxKeySize)
{
maxKeySize = 192;
}
break;
case CapiNative.AlgorithmId.Aes256:
keySizes.Add(new KeySizes(256, 256, 0));
if (256 > maxKeySize)
{
maxKeySize = 256;
}
break;
default:
break;
}
algorithm = CapiNative.GetProviderParameterStruct <CapiNative.PROV_ENUMALGS>(csp,
CapiNative.ProviderParameter.EnumerateAlgorithms,
CapiNative.ProviderParameterFlags.None);
}
s_supportedKeySizes = keySizes.ToArray();
s_defaultKeySize = maxKeySize;
}
defaultKeySize = s_defaultKeySize;
return(s_supportedKeySizes);
}
public static extern int CertVerifyAuthenticodeLicense(ref CapiNative.CRYPTOAPI_BLOB pLicenseBlob, X509Native.AxlVerificationFlags dwFlags, [In, Out] ref X509Native.AXL_AUTHENTICODE_SIGNER_INFO pSignerInfo, [In, Out] ref X509Native.AXL_AUTHENTICODE_TIMESTAMPER_INFO pTimestamperInfo);
public byte[] HashFinal()
{
return(CapiNative.GetHashParameter(this.m_hashHandle, CapiNative.HashParameter.HashValue));
}
public CapiHashAlgorithm(string provider, CapiNative.ProviderType providerType, CapiNative.AlgorithmId algorithm)
{
this.m_algorithmId = algorithm;
this.m_cspHandle = CapiNative.AcquireCsp(null, provider, providerType, CapiNative.CryptAcquireContextFlags.None | CapiNative.CryptAcquireContextFlags.VerifyContext, true);
this.Initialize();
}
