CngKeyCreationParameters, System.Security.Cryptography C# (CSharp)のコード例

コード例 #1

0

ファイルを表示

ファイル: CngAlgorithmCore.cs プロジェクト: pedrobsaila/runtime

        public CngKey GetOrGenerateKey(int keySize, CngAlgorithm algorithm)
        {
            ThrowIfDisposed();

            // If our key size was changed, we need to generate a new key.
            if (_lazyKey != null)
            {
                if (_lazyKey.KeySize != keySize)
                {
                    DisposeKey();
                }
            }

            // If we don't have a key yet, we need to generate one now.
            if (_lazyKey == null)
            {
                CngKeyCreationParameters creationParameters = new CngKeyCreationParameters()
                {
                    ExportPolicy = CngExportPolicies.AllowPlaintextExport,
                };

                Span <byte> keySizeBuffer = stackalloc byte[sizeof(int)];
                bool        success       = BitConverter.TryWriteBytes(keySizeBuffer, keySize);
                Debug.Assert(success);

                CngProperty keySizeProperty = new CngProperty(KeyPropertyName.Length, keySizeBuffer, CngPropertyOptions.None);
                creationParameters.Parameters.Add(keySizeProperty);

                _lazyKey = CngKey.Create(algorithm, null, creationParameters);
            }

            return(_lazyKey);
        }

コード例 #2

0

ファイルを表示

ファイル: CngAlgorithmCore.cs プロジェクト: z77ma/runtime

        public CngKey GetOrGenerateKey(int keySize, CngAlgorithm algorithm)
        {
            ThrowIfDisposed();

            // If our key size was changed, we need to generate a new key.
            if (_lazyKey != null)
            {
                if (_lazyKey.KeySize != keySize)
                {
                    DisposeKey();
                }
            }

            // If we don't have a key yet, we need to generate one now.
            if (_lazyKey == null)
            {
                CngKeyCreationParameters creationParameters = new CngKeyCreationParameters()
                {
                    ExportPolicy = CngExportPolicies.AllowPlaintextExport,
                };

                CngProperty keySizeProperty = new CngProperty(KeyPropertyName.Length, BitConverter.GetBytes(keySize), CngPropertyOptions.None);
                creationParameters.Parameters.Add(keySizeProperty);

                _lazyKey = CngKey.Create(algorithm, null, creationParameters);
            }

            return(_lazyKey);
        }

コード例 #3

0

ファイルを表示

ファイル: CngKey.cs プロジェクト: pritesh-mandowara-sp/DecompliedDotNetLibraries

 public static CngKey Create(CngAlgorithm algorithm, string keyName, CngKeyCreationParameters creationParameters)
 {
     if (algorithm == null)
     {
         throw new ArgumentNullException("algorithm");
     }
     if (creationParameters == null)
     {
         creationParameters = new CngKeyCreationParameters();
     }
     if (!NCryptNative.NCryptSupported)
     {
         throw new PlatformNotSupportedException(System.SR.GetString("Cryptography_PlatformNotSupported"));
     }
     if (keyName != null)
     {
         KeyContainerPermissionAccessEntry accessEntry = new KeyContainerPermissionAccessEntry(keyName, KeyContainerPermissionFlags.Create) {
             ProviderName = creationParameters.Provider.Provider
         };
         KeyContainerPermission permission = new KeyContainerPermission(KeyContainerPermissionFlags.NoFlags);
         permission.AccessEntries.Add(accessEntry);
         permission.Demand();
     }
     SafeNCryptProviderHandle provider = NCryptNative.OpenStorageProvider(creationParameters.Provider.Provider);
     SafeNCryptKeyHandle keyHandle = NCryptNative.CreatePersistedKey(provider, algorithm.Algorithm, keyName, creationParameters.KeyCreationOptions);
     SetKeyProperties(keyHandle, creationParameters);
     NCryptNative.FinalizeKey(keyHandle);
     CngKey key = new CngKey(provider, keyHandle);
     if (keyName == null)
     {
         key.IsEphemeral = true;
     }
     return key;
 }

コード例 #4

0

ファイルを表示

ファイル: Program.cs プロジェクト: zhf/Product_Activation

        static void Main(string[] args)
        {
            string keyName = "PA ECDSA Key";
            byte[] publicKeyBytes, privateKeyBytes;

            CngKey cngKey;

            if (CngKey.Exists(keyName))
            {
                cngKey = CngKey.Open(keyName);
                cngKey.Delete();
                Console.WriteLine("Existing key deleted.");
            }

            CngKeyCreationParameters creationParameters = new CngKeyCreationParameters();
            // Allow exporting private key as plaintext
            creationParameters.ExportPolicy = CngExportPolicies.AllowPlaintextExport;
            cngKey = CngKey.Create(CngAlgorithm.ECDsaP256, keyName, creationParameters);

            publicKeyBytes = cngKey.Export(CngKeyBlobFormat.EccPublicBlob);
            privateKeyBytes = cngKey.Export(CngKeyBlobFormat.EccPrivateBlob);

            Console.WriteLine("\n\nPrivate: " + Debugger.BytesToString(privateKeyBytes));
            Console.WriteLine("\n\nPublic: " + Debugger.BytesToString(publicKeyBytes));
            Console.WriteLine("\n\nPublic Base64: " + Convert.ToBase64String(publicKeyBytes));
            Console.ReadKey();
        }

コード例 #5

0

ファイルを表示

 private static void SetKeyProperties(SafeNCryptKeyHandle keyHandle, CngKeyCreationParameters creationParameters)
 {
     if (creationParameters.ExportPolicy.HasValue)
     {
         NCryptNative.SetProperty(keyHandle, "Export Policy", creationParameters.ExportPolicy.Value, CngPropertyOptions.None | CngPropertyOptions.Persist);
     }
     if (creationParameters.KeyUsage.HasValue)
     {
         NCryptNative.SetProperty(keyHandle, "Key Usage", creationParameters.KeyUsage.Value, CngPropertyOptions.None | CngPropertyOptions.Persist);
     }
     if (creationParameters.ParentWindowHandle != IntPtr.Zero)
     {
         NCryptNative.SetProperty <IntPtr>(keyHandle, "HWND Handle", creationParameters.ParentWindowHandle, CngPropertyOptions.None);
     }
     if (creationParameters.UIPolicy != null)
     {
         NCryptNative.NCRYPT_UI_POLICY ncrypt_ui_policy = new NCryptNative.NCRYPT_UI_POLICY {
             dwVersion        = 1,
             dwFlags          = creationParameters.UIPolicy.ProtectionLevel,
             pszCreationTitle = creationParameters.UIPolicy.CreationTitle,
             pszFriendlyName  = creationParameters.UIPolicy.FriendlyName,
             pszDescription   = creationParameters.UIPolicy.Description
         };
         NCryptNative.SetProperty <NCryptNative.NCRYPT_UI_POLICY>(keyHandle, "UI Policy", ncrypt_ui_policy, CngPropertyOptions.None | CngPropertyOptions.Persist);
         if (creationParameters.UIPolicy.UseContext != null)
         {
             NCryptNative.SetProperty(keyHandle, "Use Context", creationParameters.UIPolicy.UseContext, CngPropertyOptions.None | CngPropertyOptions.Persist);
         }
     }
     foreach (CngProperty property in creationParameters.ParametersNoDemand)
     {
         NCryptNative.SetProperty(keyHandle, property.Name, property.Value, property.Options);
     }
 }

コード例 #6

0

ファイルを表示

ファイル: CngAlgorithmCore.cs プロジェクト: ESgarbi/corefx

        public CngKey GetOrGenerateKey(int keySize, CngAlgorithm algorithm)
        {
            // If our key size was changed, we need to generate a new key.
            if (_lazyKey != null)
            {
                if (_lazyKey.KeySize != keySize)
                    DisposeKey();
            }

            // If we don't have a key yet, we need to generate one now.
            if (_lazyKey == null)
            {
                CngKeyCreationParameters creationParameters = new CngKeyCreationParameters()
                {
                    ExportPolicy = CngExportPolicies.AllowPlaintextExport,
                };

                CngProperty keySizeProperty = new CngProperty(KeyPropertyName.Length, BitConverter.GetBytes(keySize), CngPropertyOptions.None);
                creationParameters.Parameters.Add(keySizeProperty);

                _lazyKey = CngKey.Create(algorithm, null, creationParameters);
            }

            return _lazyKey;
        }

コード例 #7

0

ファイルを表示

ファイル: CngKey.Create.cs プロジェクト: noahfalk/corefx

        public static CngKey Create(CngAlgorithm algorithm, string keyName, CngKeyCreationParameters creationParameters)
        {
            if (algorithm == null)
                throw new ArgumentNullException("algorithm");

            if (creationParameters == null)
                creationParameters = new CngKeyCreationParameters();

            SafeNCryptProviderHandle providerHandle = creationParameters.Provider.OpenStorageProvider();
            SafeNCryptKeyHandle keyHandle;
            ErrorCode errorCode = Interop.NCrypt.NCryptCreatePersistedKey(providerHandle, out keyHandle, algorithm.Algorithm, keyName, 0, creationParameters.KeyCreationOptions);
            if (errorCode != ErrorCode.ERROR_SUCCESS)
                throw errorCode.ToCryptographicException();

            InitializeKeyProperties(keyHandle, creationParameters);

            errorCode = Interop.NCrypt.NCryptFinalizeKey(keyHandle, 0);
            if (errorCode != ErrorCode.ERROR_SUCCESS)
                throw errorCode.ToCryptographicException();

            CngKey key = new CngKey(providerHandle, keyHandle);

            // No name translates to an ephemeral key
            if (keyName == null)
            {
                key.IsEphemeral = true;
            }

            return key;
        }

コード例 #8

0

ファイルを表示

ファイル: AcmeUnitTest.cs プロジェクト: animetauren/ACMESharp

        public void TestEcdhKeys()
        {
            // To make sure keys are exportable:
            //    http://stackoverflow.com/questions/20505325/how-to-export-private-key-for-ecdiffiehellmancng/20505976#20505976

            var ecdhKeyParams = new CngKeyCreationParameters
            {
                KeyUsage = CngKeyUsages.AllUsages,
                ExportPolicy = CngExportPolicies.AllowPlaintextExport
            };
            var ecdhKey = CngKey.Create(CngAlgorithm.ECDiffieHellmanP256, null, ecdhKeyParams);
            var ecdh = new ECDiffieHellmanCng(ecdhKey);
            ecdh.KeySize = 256;

            //Export the keys
            var privateKey = ecdh.Key.Export(CngKeyBlobFormat.EccPrivateBlob);

            // This returns:
            //   [ { MinSize = 256; MaxSize = 384; SkipSize = 128 }
            //     { MinSize = 521; MaxSize = 521; SkipSize = 0   } ]
            var keySizes = ecdh.LegalKeySizes;
            // Example of this:
            //      <ECDHKeyValue xmlns="http://www.w3.org/2001/04/xmldsig-more#">
            //        <DomainParameters>
            //          <NamedCurve URN="urn:oid:1.3.132.0.35" />
            //        </DomainParameters>
            //        <PublicKey>
            //          <X Value="6338036285454860977775086861655185721418051140960904673987863656163882965225521398319125216217757952736756437624751684728661860413862054254572205453827782795" xsi:type="PrimeFieldElemType" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" />
            //          <Y Value="2429739115523607678822648112222739155064474393176967830414279652115290771735466025346855521196073509912224542851147234378090051353981358078708633637907317343" xsi:type="PrimeFieldElemType" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" />
            //        </PublicKey>
            //      </ECDHKeyValue>
            var pubKeyXml = ecdh.PublicKey.ToXmlString();
        }

コード例 #9

0

ファイルを表示

ファイル: CngAlgorithmCore.cs プロジェクト: z77ma/runtime

        public CngKey GetOrGenerateKey(ECCurve?curve)
        {
            ThrowIfDisposed();

            if (_lazyKey != null)
            {
                return(_lazyKey);
            }

            // We don't have a key yet so generate
            Debug.Assert(curve.HasValue);

            CngKeyCreationParameters creationParameters = new CngKeyCreationParameters()
            {
                ExportPolicy = CngExportPolicies.AllowPlaintextExport,
            };

            if (curve.Value.IsNamed)
            {
                creationParameters.Parameters.Add(CngKey.GetPropertyFromNamedCurve(curve.Value));
            }
            else if (curve.Value.IsPrime)
            {
                ECCurve     eccurve        = curve.Value;
                byte[]      parametersBlob = ECCng.GetPrimeCurveParameterBlob(ref eccurve);
                CngProperty prop           = new CngProperty(
                    Interop.BCrypt.BCryptPropertyStrings.BCRYPT_ECC_PARAMETERS,
                    parametersBlob,
                    CngPropertyOptions.None);
                creationParameters.Parameters.Add(prop);
            }
            else
            {
                throw new PlatformNotSupportedException(SR.Format(SR.Cryptography_CurveNotSupported, curve.Value.CurveType.ToString()));
            }

            try
            {
                _lazyKey = CngKey.Create(DefaultKeyType ?? CngAlgorithm.ECDsa, null, creationParameters);
            }
            catch (CryptographicException e)
            {
                // Map to PlatformNotSupportedException if appropriate
                ErrorCode errorCode = (ErrorCode)e.HResult;

                if (curve.Value.IsNamed &&
                    errorCode == ErrorCode.NTE_INVALID_PARAMETER || errorCode == ErrorCode.NTE_NOT_SUPPORTED)
                {
                    throw new PlatformNotSupportedException(SR.Format(SR.Cryptography_CurveNotSupported, curve.Value.Oid.FriendlyName), e);
                }
                throw;
            }

            return(_lazyKey);
        }

コード例 #10

0

ファイルを表示

        public static CngKey Create(CngAlgorithm algorithm, string keyName, CngKeyCreationParameters creationParameters)
        {
            Contract.Ensures(Contract.Result <CngKey>() != null);

            if (algorithm == null)
            {
                throw new ArgumentNullException("algorithm");
            }

            if (creationParameters == null)
            {
                creationParameters = new CngKeyCreationParameters();
            }

            // Make sure that NCrypt is supported on this platform
            if (!NCryptNative.NCryptSupported)
            {
                throw new PlatformNotSupportedException(SR.GetString(SR.Cryptography_PlatformNotSupported));
            }

            // If we're not creating an ephemeral key, then we need to ensure the user has access to the key name
            if (keyName != null)
            {
                KeyContainerPermissionAccessEntry access = new KeyContainerPermissionAccessEntry(keyName, KeyContainerPermissionFlags.Create);
                access.ProviderName = creationParameters.Provider.Provider;

                KeyContainerPermission permission = new KeyContainerPermission(KeyContainerPermissionFlags.NoFlags);
                permission.AccessEntries.Add(access);
                permission.Demand();
            }

            //
            // Create the native handles representing the new key, setup the creation parameters on it, and
            // finalize it for use.
            //

            SafeNCryptProviderHandle kspHandle = NCryptNative.OpenStorageProvider(creationParameters.Provider.Provider);
            SafeNCryptKeyHandle      keyHandle = NCryptNative.CreatePersistedKey(kspHandle,
                                                                                 algorithm.Algorithm,
                                                                                 keyName,
                                                                                 creationParameters.KeyCreationOptions);

            SetKeyProperties(keyHandle, creationParameters);
            NCryptNative.FinalizeKey(keyHandle);

            CngKey key = new CngKey(kspHandle, keyHandle);

            // No name translates to an ephemeral key
            if (keyName == null)
            {
                key.IsEphemeral = true;
            }

            return(key);
        }

コード例 #11

0

ファイルを表示

ファイル: ECDSASigner.cs プロジェクト: rybak194/BitcoinNode

 public ECDSASigner() //konstruktor do generowania klucza
 {
     keyCreationParameters = new CngKeyCreationParameters();
     keyCreationParameters.ExportPolicy = CngExportPolicies.AllowExport;
     keyCreationParameters.KeyUsage = CngKeyUsages.Signing;
     keyCreationParameters.ExportPolicy = CngExportPolicies.AllowPlaintextExport;
     CngPrivateKey = CngKey.Create(CngAlgorithm.ECDsaP256, null, keyCreationParameters);
     ECDSA = new ECDsaCng(CngPrivateKey);
     this.privateKey = ECDSA.Key.Export(CngKeyBlobFormat.EccPrivateBlob);
     ECDSA.HashAlgorithm = CngAlgorithm.Sha256;
 }

コード例 #12

0

ファイルを表示

ファイル: RSACertificateBuilder.cs プロジェクト: KalixHealth/Kalix.ApiCrypto

        /// <summary>
        /// Create a RSA based certificate (to be used with encryption) with the given options
        /// </summary>
        /// <param name="buildOptions">Allows for more advanced configuration</param>
        /// <returns>An exportable X509Certificate2 object (with private key)</returns>
        public static X509Certificate2 CreateNewCertificate(RSACertificateBuilderOptions buildOptions)
        {
            if (buildOptions == null)
            {
                throw new ArgumentNullException("buildOptions");
            }

            string keyName = buildOptions.RSAKeyName ?? "RSAKey";

            CngKey objCngKey = null;
            if (CngKey.Exists(keyName))
            {
                objCngKey = CngKey.Open(keyName);
                objCngKey.Delete();
            }

            var creationParameters = new CngKeyCreationParameters();
            creationParameters.ExportPolicy = CngExportPolicies.AllowExport;
            creationParameters.KeyUsage = CngKeyUsages.AllUsages;
            creationParameters.Provider = CngProvider.MicrosoftSoftwareKeyStorageProvider;
            var keySizeProperty = new CngProperty("Length", BitConverter.GetBytes(buildOptions.KeySize ?? 4096), CngPropertyOptions.None);
            creationParameters.Parameters.Add(keySizeProperty);

            objCngKey = CngKey.Create(CngAlgorithm2.Rsa, keyName, creationParameters);

            var name = new X500DistinguishedName(buildOptions.FullSubjectName);

            X509CertificateSignatureAlgorithm certAlg;
            switch (buildOptions.HashingMethod ?? HashingMethods.Sha256)
            {
                case HashingMethods.Sha1:
                    certAlg = X509CertificateSignatureAlgorithm.RsaSha1;
                    break;
                case HashingMethods.Sha256:
                    certAlg = X509CertificateSignatureAlgorithm.RsaSha256;
                    break;
                case HashingMethods.Sha384:
                    certAlg = X509CertificateSignatureAlgorithm.RsaSha384;
                    break;
                case HashingMethods.Sha512:
                    certAlg = X509CertificateSignatureAlgorithm.RsaSha512;
                    break;
                default:
                    throw new InvalidOperationException("Selected hashing method is not supported");
            }

            var options = new X509CertificateCreationParameters(name)
            {
                SignatureAlgorithm = certAlg,
                TakeOwnershipOfKey = true
            };

            return objCngKey.CreateSelfSignedCertificate(options);
        }

コード例 #13

0

ファイルを表示

ファイル: CngKey.Create.cs プロジェクト: lodejard/AllNetCore

        /// <summary>
        ///     Setup the key properties specified in the key creation parameters
        /// </summary>
        private static void InitializeKeyProperties(SafeNCryptKeyHandle keyHandle, CngKeyCreationParameters creationParameters)
        {
            unsafe
            {
                if (creationParameters.ExportPolicy.HasValue)
                {
                    CngExportPolicies exportPolicy = creationParameters.ExportPolicy.Value;
                    keyHandle.SetExportPolicy(exportPolicy);
                }

                if (creationParameters.KeyUsage.HasValue)
                {
                    CngKeyUsages keyUsage  = creationParameters.KeyUsage.Value;
                    ErrorCode    errorCode = Interop.NCrypt.NCryptSetProperty(keyHandle, KeyPropertyName.KeyUsage, &keyUsage, sizeof(CngKeyUsages), CngPropertyOptions.Persist);
                    if (errorCode != ErrorCode.ERROR_SUCCESS)
                    {
                        throw errorCode.ToCryptographicException();
                    }
                }

                if (creationParameters.ParentWindowHandle != IntPtr.Zero)
                {
                    IntPtr    parentWindowHandle = creationParameters.ParentWindowHandle;
                    ErrorCode errorCode          = Interop.NCrypt.NCryptSetProperty(keyHandle, KeyPropertyName.ParentWindowHandle, &parentWindowHandle, sizeof(IntPtr), CngPropertyOptions.None);
                    if (errorCode != ErrorCode.ERROR_SUCCESS)
                    {
                        throw errorCode.ToCryptographicException();
                    }
                }

                CngUIPolicy uiPolicy = creationParameters.UIPolicy;
                if (uiPolicy != null)
                {
                    InitializeKeyUiPolicyProperties(keyHandle, uiPolicy);
                }

                // Iterate over the custom properties, setting those as well.
                foreach (CngProperty property in creationParameters.Parameters)
                {
                    byte[] value       = property.GetValueWithoutCopying();
                    int    valueLength = (value == null) ? 0 : value.Length;
                    fixed(byte *pValue = value.MapZeroLengthArrayToNonNullPointer())
                    {
                        ErrorCode errorCode = Interop.NCrypt.NCryptSetProperty(keyHandle, property.Name, pValue, valueLength, property.Options);

                        if (errorCode != ErrorCode.ERROR_SUCCESS)
                        {
                            throw errorCode.ToCryptographicException();
                        }
                    }
                }
            }
        }

コード例 #14

0

ファイルを表示

ファイル: CngAsymmetricKeyAlgorithmProvider.cs プロジェクト: martijn00/PCLCrypto

        /// <inheritdoc/>
        public ICryptographicKey CreateKeyPair(int keySize)
        {
            Requires.Range(keySize > 0, "keySize");

            var keyParameters = new CngKeyCreationParameters
            {
                ExportPolicy = CngExportPolicies.AllowExport | CngExportPolicies.AllowPlaintextExport,
                KeyUsage = CngKeyUsages.AllUsages,
            };
            string keyName = "PclCrypto_" + Guid.NewGuid().ToString();
            CngKey key = CngKey.Create(GetCngAlgorithm(this.algorithm), keyName, keyParameters);
            return new CngCryptographicKey(key, null);
        }

コード例 #15

0

ファイルを表示

ファイル: SingleCngKey.cs プロジェクト: aaron-clark-aic/WebApplication_Collection

 /// <summary>
 /// [aaron.clark.aic][2015-06-10][需要验证为什么CngKey会把当前实例保存下来?存放方法和位置]
 /// </summary>
 private SingleCngKey()
 {
     CngKeyCreationParameters creationParameters = new CngKeyCreationParameters();
     // 允许以明文的形式导出私钥
     creationParameters.ExportPolicy = CngExportPolicies.AllowPlaintextExport;
     if (!CngKey.Exists("ecc"))
     {
         ck = CngKey.Create(CngAlgorithm.ECDsaP521, "ecc", creationParameters);
     }
     else {
         ck = CngKey.Open("ecc");
     }
 }

コード例 #16

0

ファイルを表示

ファイル: CertUtils.cs プロジェクト: FrankSiegemund/azure-powershell

        /// <summary>
        /// Windows Azure Service Management API requires 2048bit RSA keys.
        /// The private key needs to be exportable so we can save it to .pfx for sharing with team members.
        /// </summary>
        /// <returns>A 2048 bit RSA key</returns>
        private static CngKey Create2048RsaKey()
        {
            var keyCreationParameters = new CngKeyCreationParameters
            {
                ExportPolicy = CngExportPolicies.AllowExport,
                KeyCreationOptions = CngKeyCreationOptions.None,
                KeyUsage = CngKeyUsages.AllUsages,
                Provider = new CngProvider(MsEnhancedProv)
            };

            keyCreationParameters.Parameters.Add(new CngProperty("Length", BitConverter.GetBytes(KeySize2048), CngPropertyOptions.None));

            return CngKey.Create(CngAlgorithm2.Rsa, null, keyCreationParameters);
        }

コード例 #17

0

ファイルを表示

ファイル: CertHelper.cs プロジェクト: bstearns/VipSwapper

        private static CngKey Create2048RsaKey()
        {
            var keyCreationParameters = new CngKeyCreationParameters
            {
                ExportPolicy = CngExportPolicies.AllowExport,
                KeyCreationOptions = CngKeyCreationOptions.None,
                KeyUsage = CngKeyUsages.AllUsages,
                Provider = CngProvider.MicrosoftSoftwareKeyStorageProvider
            };

            const int KeySize = 2048;
            keyCreationParameters.Parameters.Add(new CngProperty("Length", BitConverter.GetBytes(KeySize), CngPropertyOptions.None));

            return CngKey.Create(new CngAlgorithm("RSA"), null, keyCreationParameters);
        }

コード例 #18

0

ファイルを表示

ファイル: EcDsaP521_Sha512.cs プロジェクト: Alliance-Network/Library

        /// <summary>
        /// 公開鍵と秘密鍵を作成して返す
        /// </summary>
        /// <param name="publicKey">作成された公開鍵</param>
        /// <param name="privateKey">作成された秘密鍵</param>
        public static void CreateKeys(out byte[] publicKey, out byte[] privateKey)
        {
            #if Windows
            var ckcp = new CngKeyCreationParameters();
            ckcp.ExportPolicy = CngExportPolicies.AllowPlaintextExport;
            ckcp.KeyUsage = CngKeyUsages.Signing;

            using (CngKey ck = CngKey.Create(CngAlgorithm.ECDsaP521, null, ckcp))
            using (ECDsaCng ecdsa = new ECDsaCng(ck))
            {
                publicKey = Encoding.ASCII.GetBytes(ecdsa.ToXmlString(ECKeyXmlFormat.Rfc4050));
                privateKey = ecdsa.Key.Export(CngKeyBlobFormat.Pkcs8PrivateBlob);
            }
            #else
            throw new NotSupportedException();
            #endif
        }

コード例 #19

0

ファイルを表示

ファイル: EcDiffieHellmanP521_Sha512.cs プロジェクト: networkelements/Library

        /// <summary>
        /// 公開鍵と秘密鍵を作成して返す
        /// </summary>
        /// <param name="publicKey">作成された公開鍵</param>
        /// <param name="privateKey">作成された秘密鍵</param>
        public static void CreateKeys(out byte[] publicKey, out byte[] privateKey)
        {
            #if Mono
            throw new NotSupportedException();
            #else
            CngKeyCreationParameters ckcp = new CngKeyCreationParameters();
            ckcp.ExportPolicy = CngExportPolicies.AllowPlaintextExport;
            ckcp.KeyUsage = CngKeyUsages.KeyAgreement;

            using (CngKey ck = CngKey.Create(CngAlgorithm.ECDiffieHellmanP521, null, ckcp))
            using (ECDiffieHellmanCng ecdh = new ECDiffieHellmanCng(ck))
            {
                publicKey = Encoding.ASCII.GetBytes(ecdh.ToXmlString(ECKeyXmlFormat.Rfc4050));
                privateKey = ecdh.Key.Export(CngKeyBlobFormat.Pkcs8PrivateBlob);
            }
            #endif
        }

コード例 #20

0

ファイルを表示

ファイル: CngKey.Create.cs プロジェクト: noahfalk/corefx

        /// <summary>
        ///     Setup the key properties specified in the key creation parameters
        /// </summary>
        private static void InitializeKeyProperties(SafeNCryptKeyHandle keyHandle, CngKeyCreationParameters creationParameters)
        {
            unsafe
            {
                if (creationParameters.ExportPolicy.HasValue)
                {
                    CngExportPolicies exportPolicy = creationParameters.ExportPolicy.Value;
                    keyHandle.SetExportPolicy(exportPolicy);
                }

                if (creationParameters.KeyUsage.HasValue)
                {
                    CngKeyUsages keyUsage = creationParameters.KeyUsage.Value;
                    ErrorCode errorCode = Interop.NCrypt.NCryptSetProperty(keyHandle, KeyPropertyName.KeyUsage, &keyUsage, sizeof(CngKeyUsages), CngPropertyOptions.Persist);
                    if (errorCode != ErrorCode.ERROR_SUCCESS)
                        throw errorCode.ToCryptographicException();
                }

                if (creationParameters.ParentWindowHandle != IntPtr.Zero)
                {
                    IntPtr parentWindowHandle = creationParameters.ParentWindowHandle;
                    ErrorCode errorCode = Interop.NCrypt.NCryptSetProperty(keyHandle, KeyPropertyName.ParentWindowHandle, &parentWindowHandle, sizeof(IntPtr), CngPropertyOptions.None);
                    if (errorCode != ErrorCode.ERROR_SUCCESS)
                        throw errorCode.ToCryptographicException();
                }

                CngUIPolicy uiPolicy = creationParameters.UIPolicy;
                if (uiPolicy != null)
                {
                    InitializeKeyUiPolicyProperties(keyHandle, uiPolicy);
                }

                // Iterate over the custom properties, setting those as well.
                foreach (CngProperty property in creationParameters.Parameters)
                {
                    byte[] value = property.GetValueWithoutCopying();
                    int valueLength = (value == null) ? 0 : value.Length;
                    fixed (byte* pValue = value.MapZeroLengthArrayToNonNullPointer())
                    {
                        ErrorCode errorCode = Interop.NCrypt.NCryptSetProperty(keyHandle, property.Name, pValue, valueLength, property.Options);
                        if (errorCode != ErrorCode.ERROR_SUCCESS)
                            throw errorCode.ToCryptographicException();
                    }
                }
            }
        }

コード例 #21

0

ファイルを表示

        public static CngKey Create(CngAlgorithm algorithm, string?keyName, CngKeyCreationParameters?creationParameters)
        {
            if (algorithm == null)
            {
                throw new ArgumentNullException(nameof(algorithm));
            }

            if (creationParameters == null)
            {
                creationParameters = new CngKeyCreationParameters();
            }

            SafeNCryptProviderHandle providerHandle = creationParameters.Provider !.OpenStorageProvider();
            SafeNCryptKeyHandle      keyHandle;
            ErrorCode errorCode = Interop.NCrypt.NCryptCreatePersistedKey(providerHandle, out keyHandle, algorithm.Algorithm, keyName, 0, creationParameters.KeyCreationOptions);

            if (errorCode != ErrorCode.ERROR_SUCCESS)
            {
                // For ecc, the exception may be caught and re-thrown as PlatformNotSupportedException
                throw errorCode.ToCryptographicException();
            }

            InitializeKeyProperties(keyHandle, creationParameters);

            errorCode = Interop.NCrypt.NCryptFinalizeKey(keyHandle, 0);
            if (errorCode != ErrorCode.ERROR_SUCCESS)
            {
                // For ecc, the exception may be caught and re-thrown as PlatformNotSupportedException
                throw errorCode.ToCryptographicException();
            }

            CngKey key = new CngKey(providerHandle, keyHandle);

            // No name translates to an ephemeral key
            if (keyName == null)
            {
                key.IsEphemeral = true;
            }

            return(key);
        }

コード例 #22

0

ファイルを表示

        public static CngKey Create(CngAlgorithm algorithm, string keyName, CngKeyCreationParameters creationParameters)
        {
            if (algorithm == null)
            {
                throw new ArgumentNullException("algorithm");
            }
            if (creationParameters == null)
            {
                creationParameters = new CngKeyCreationParameters();
            }
            if (!NCryptNative.NCryptSupported)
            {
                throw new PlatformNotSupportedException(System.SR.GetString("Cryptography_PlatformNotSupported"));
            }
            if (keyName != null)
            {
                KeyContainerPermissionAccessEntry accessEntry = new KeyContainerPermissionAccessEntry(keyName, KeyContainerPermissionFlags.Create)
                {
                    ProviderName = creationParameters.Provider.Provider
                };
                KeyContainerPermission permission = new KeyContainerPermission(KeyContainerPermissionFlags.NoFlags);
                permission.AccessEntries.Add(accessEntry);
                permission.Demand();
            }
            SafeNCryptProviderHandle provider  = NCryptNative.OpenStorageProvider(creationParameters.Provider.Provider);
            SafeNCryptKeyHandle      keyHandle = NCryptNative.CreatePersistedKey(provider, algorithm.Algorithm, keyName, creationParameters.KeyCreationOptions);

            SetKeyProperties(keyHandle, creationParameters);
            NCryptNative.FinalizeKey(keyHandle);
            CngKey key = new CngKey(provider, keyHandle);

            if (keyName == null)
            {
                key.IsEphemeral = true;
            }
            return(key);
        }

コード例 #23

0

ファイルを表示

ファイル: EcDsaPrivateKeyProvider.cs プロジェクト: j3parker/D2L.Security.OAuth2

		Task<D2LSecurityToken> IPrivateKeyProvider.GetSigningCredentialsAsync() {
			var creationParams = new CngKeyCreationParameters() {
				ExportPolicy = CngExportPolicies.AllowPlaintextExport,
				KeyUsage = CngKeyUsages.Signing
			};

			byte[] privateBlob;
			using( var cngKey = CngKey.Create( m_algorithm, null, creationParams ) ) {
				using( ECDsaCng ecDsa = new ECDsaCng( cngKey ) ) {
					privateBlob = ecDsa.Key.Export( CngKeyBlobFormat.EccPrivateBlob );
				}
			}

			D2LSecurityToken result = m_d2lSecurityTokenFactory.Create( () => {
				using( var cng = CngKey.Import( privateBlob, CngKeyBlobFormat.EccPrivateBlob ) ) {
					// ECDsaCng copies the CngKey, hence the using
					var ecDsa = new ECDsaCng( cng );
					var key = new EcDsaSecurityKey( ecDsa );
					return new Tuple<AsymmetricSecurityKey, IDisposable>( key, ecDsa );
				}
			} );

			return Task.FromResult( result );
		}

コード例 #24

0

ファイルを表示

ファイル: CngKey.cs プロジェクト: PlumpMath/CIL2Java

 public static CngKey Create(CngAlgorithm algorithm, string keyName, CngKeyCreationParameters creationParameters)
 {
     throw new NotImplementedException();
 }

コード例 #25

0

ファイルを表示

ファイル: System.Security.Cryptography.CngKey.cs プロジェクト: asvishnyakov/CodeContracts

    public static CngKey Create(CngAlgorithm algorithm, string keyName, CngKeyCreationParameters creationParameters)
    {
      Contract.Ensures(Contract.Result<System.Security.Cryptography.CngKey>() != null);

      return default(CngKey);
    }

コード例 #26

0

ファイルを表示

ファイル: CngAlgorithmCore.cs プロジェクト: ESgarbi/corefx

        public CngKey GetOrGenerateKey(ECCurve? curve)
        {
            if (_lazyKey != null)
            {
                return _lazyKey;
            }

            // We don't have a key yet so generate
            Debug.Assert(curve.HasValue);

            CngKeyCreationParameters creationParameters = new CngKeyCreationParameters()
            {
                ExportPolicy = CngExportPolicies.AllowPlaintextExport,
            };

            if (curve.Value.IsNamed)
            {
                creationParameters.Parameters.Add(CngKey.GetPropertyFromNamedCurve(curve.Value));
            }
            else if (curve.Value.IsPrime)
            {
                ECCurve eccurve = curve.Value;
                byte[] parametersBlob = ECCng.GetPrimeCurveParameterBlob(ref eccurve);
                CngProperty prop = new CngProperty(
                    Interop.BCrypt.BCryptPropertyStrings.BCRYPT_ECC_PARAMETERS,
                    parametersBlob,
                    CngPropertyOptions.None);
                creationParameters.Parameters.Add(prop);
            }
            else
            {
                throw new PlatformNotSupportedException(string.Format(SR.Cryptography_CurveNotSupported, curve.Value.CurveType.ToString()));
            }

            try
            {
                _lazyKey = CngKey.Create(CngAlgorithm.ECDsa, null, creationParameters);
            }
            catch (CryptographicException e)
            {
                // Map to PlatformNotSupportedException if appropriate
                ErrorCode errorCode = (ErrorCode)e.HResult;

                if (curve.Value.IsNamed &&
                    errorCode == ErrorCode.NTE_INVALID_PARAMETER || errorCode == ErrorCode.NTE_NOT_SUPPORTED)
                {
                    throw new PlatformNotSupportedException(string.Format(SR.Cryptography_CurveNotSupported, curve.Value.Oid.FriendlyName), e);
                }
                throw;
            }

            return _lazyKey;
        }

コード例 #27

0

ファイルを表示

ファイル: UserLoadBalancerTests.cs プロジェクト: justinsaraceno/openstack.net

        public async Task TestSslTermination()
        {
            ILoadBalancerService provider = CreateProvider();
            using (CancellationTokenSource cancellationTokenSource = new CancellationTokenSource(TestTimeout(TimeSpan.FromSeconds(240))))
            {
                IEnumerable<LoadBalancingProtocol> protocols = await provider.ListProtocolsAsync(cancellationTokenSource.Token);
                LoadBalancingProtocol httpProtocol = protocols.First(i => i.Name.Equals("HTTP", StringComparison.OrdinalIgnoreCase));

                string loadBalancerName = CreateRandomLoadBalancerName();

                LoadBalancerConfiguration configuration = new LoadBalancerConfiguration(
                    name: loadBalancerName,
                    nodes: null,
                    protocol: httpProtocol,
                    virtualAddresses: new[] { new LoadBalancerVirtualAddress(LoadBalancerVirtualAddressType.ServiceNet) },
                    algorithm: LoadBalancingAlgorithm.RoundRobin);
                LoadBalancer tempLoadBalancer = await provider.CreateLoadBalancerAsync(configuration, AsyncCompletionOption.RequestCompleted, cancellationTokenSource.Token, null);

                string privateKey;
                string certificate;

                CngKeyCreationParameters keyParams = new CngKeyCreationParameters();
                keyParams.ExportPolicy = CngExportPolicies.AllowExport | CngExportPolicies.AllowPlaintextExport;
                keyParams.KeyUsage = CngKeyUsages.AllUsages;
                keyParams.Provider = CngProvider.MicrosoftSoftwareKeyStorageProvider;
                using (CngKey key = CngKey.Create(CngAlgorithm2.Rsa, Guid.NewGuid().ToString(), keyParams))
                {
                    byte[] exported = key.Export(CngKeyBlobFormat.Pkcs8PrivateBlob);

                    StringBuilder formatted = new StringBuilder();
                    formatted.AppendLine("-----BEGIN RSA PRIVATE KEY-----");
                    formatted.AppendLine(Convert.ToBase64String(exported, Base64FormattingOptions.InsertLineBreaks));
                    formatted.Append("-----END RSA PRIVATE KEY-----");
                    Console.WriteLine(formatted.ToString());
                    privateKey = formatted.ToString();

                    X509CertificateCreationParameters certParams = new X509CertificateCreationParameters(new X500DistinguishedName(string.Format("CN={0}, OU=Integration Testing, O=openstacknetsdk, L=San Antonio, S=Texas, C=US", loadBalancerName)));
                    certParams.SignatureAlgorithm = X509CertificateSignatureAlgorithm.RsaSha1;
                    certParams.StartTime = DateTime.Now;
                    certParams.EndTime = DateTime.Now.AddYears(10);
                    certParams.TakeOwnershipOfKey = true;

                    X509Certificate signed = key.CreateSelfSignedCertificate(certParams);
                    exported = signed.Export(X509ContentType.Cert);

                    formatted = new StringBuilder();
                    formatted.AppendLine("-----BEGIN CERTIFICATE-----");
                    formatted.AppendLine(Convert.ToBase64String(exported, Base64FormattingOptions.InsertLineBreaks));
                    formatted.Append("-----END CERTIFICATE-----");
                    Console.WriteLine(formatted.ToString());
                    certificate = formatted.ToString();
                }

                string intermediateCertificate = null;
                LoadBalancerSslConfiguration sslConfiguration = new LoadBalancerSslConfiguration(true, false, 443, privateKey, certificate, intermediateCertificate);

                await provider.UpdateSslConfigurationAsync(tempLoadBalancer.Id, sslConfiguration, AsyncCompletionOption.RequestCompleted, cancellationTokenSource.Token, null);

                LoadBalancerSslConfiguration updatedConfiguration = new LoadBalancerSslConfiguration(true, true, 443);
                await provider.UpdateSslConfigurationAsync(tempLoadBalancer.Id, updatedConfiguration, AsyncCompletionOption.RequestCompleted, cancellationTokenSource.Token, null);

                await provider.RemoveSslConfigurationAsync(tempLoadBalancer.Id, AsyncCompletionOption.RequestCompleted, cancellationTokenSource.Token, null);

                /* Cleanup
                 */

                await provider.RemoveLoadBalancerAsync(tempLoadBalancer.Id, AsyncCompletionOption.RequestCompleted, cancellationTokenSource.Token, null);
            }
        }

コード例 #28

0

ファイルを表示

        internal static CngKey Create(ECCurve curve, Func <string, CngAlgorithm> algorithmResolver)
        {
            System.Diagnostics.Debug.Assert(algorithmResolver != null);

            curve.Validate();

            CngKeyCreationParameters creationParameters = new CngKeyCreationParameters
            {
                ExportPolicy = CngExportPolicies.AllowPlaintextExport,
            };

            CngAlgorithm alg;

            if (curve.IsNamed)
            {
                if (string.IsNullOrEmpty(curve.Oid.FriendlyName))
                {
                    throw new PlatformNotSupportedException(string.Format(SR.Cryptography_InvalidCurveOid, curve.Oid.Value));
                }

                // Map curve name to algorithm to support pre-Win10 curves
                alg = algorithmResolver(curve.Oid.FriendlyName);

                if (CngKey.IsECNamedCurve(alg.Algorithm))
                {
                    creationParameters.Parameters.Add(GetPropertyFromNamedCurve(curve));
                }
                else
                {
                    if (alg == CngAlgorithm.ECDsaP256 || alg == CngAlgorithm.ECDiffieHellmanP256 ||
                        alg == CngAlgorithm.ECDsaP384 || alg == CngAlgorithm.ECDiffieHellmanP384 ||
                        alg == CngAlgorithm.ECDsaP521 || alg == CngAlgorithm.ECDiffieHellmanP521)
                    {
                        // No parameters required, the algorithm ID has everything built-in.
                    }
                    else
                    {
                        Debug.Fail(string.Format("Unknown algorithm {0}", alg.ToString()));
                        throw new ArgumentException(SR.Cryptography_InvalidKeySize);
                    }
                }
            }
            else if (curve.IsPrime)
            {
                byte[] parametersBlob = ECCng.GetPrimeCurveParameterBlob(ref curve);

                CngProperty prop = new CngProperty(
                    KeyPropertyName.ECCParameters,
                    parametersBlob,
                    CngPropertyOptions.None);

                creationParameters.Parameters.Add(prop);
                alg = algorithmResolver(null);
            }
            else
            {
                throw new PlatformNotSupportedException(string.Format(SR.Cryptography_CurveNotSupported, curve.CurveType.ToString()));
            }

            try
            {
                return(Create(alg, null, creationParameters));
            }
            catch (CryptographicException e)
            {
                Interop.NCrypt.ErrorCode errorCode = (Interop.NCrypt.ErrorCode)e.HResult;

                if (errorCode == Interop.NCrypt.ErrorCode.NTE_INVALID_PARAMETER ||
                    errorCode == Interop.NCrypt.ErrorCode.NTE_NOT_SUPPORTED)
                {
                    string target = curve.IsNamed ? curve.Oid.FriendlyName : curve.CurveType.ToString();
                    throw new PlatformNotSupportedException(string.Format(SR.Cryptography_CurveNotSupported, target), e);
                }

                throw;
            }
        }

コード例 #29

0

ファイルを表示

        public static CngKey Create(CngAlgorithm algorithm, string keyName, CngKeyCreationParameters creationParameters)
        {
            Contract.Ensures(Contract.Result <System.Security.Cryptography.CngKey>() != null);

            return(default(CngKey));
        }

コード例 #30

0

ファイルを表示

ファイル: DnsResponseToBinExample.cs プロジェクト: DM-TOR/nhin-d

        public X509Certificate2  CreateNamedKeyCertificate(CertData data)
        {
            try
            {
                CngKeyCreationParameters keyCreationParameters
                    = new CngKeyCreationParameters
                          {
                              ExportPolicy =
                                  CngExportPolicies.AllowExport |
                                  CngExportPolicies.AllowPlaintextExport |
                                  CngExportPolicies.AllowPlaintextArchiving |
                                  CngExportPolicies.AllowArchiving,
                              KeyUsage = CngKeyUsages.AllUsages
                          };

                X509Certificate2 cert;
                X509CertificateCreationParameters configCreate
                    = new X509CertificateCreationParameters(new X500DistinguishedName(data.DistinguishedName))
                          {
                              EndTime =
                                  DateTime.Parse("01/01/2020",
                                                 System.Globalization.
                                                     DateTimeFormatInfo.
                                                     InvariantInfo),
                              StartTime =
                                  DateTime.Parse("01/01/2010",
                                                 System.Globalization.
                                                     DateTimeFormatInfo.
                                                     InvariantInfo)
                          };

                using (CngKey namedKey = CngKey.Create(CngAlgorithm2.Rsa, data.Key, keyCreationParameters))
                {
                    cert = namedKey.CreateSelfSignedCertificate(configCreate);
                    cert.FriendlyName = data.Friendlyname;
                    Assert.True(cert.HasPrivateKey);
                    Assert.True(cert.HasCngKey());
                    using (CngKey certKey = cert.GetCngPrivateKey())
                    {
                        Assert.Equal(CngAlgorithm2.Rsa, certKey.Algorithm);
                    }
                }
                return cert;
            }
            finally
            {
                if (CngKey.Exists(data.Key))
                {
                    using (CngKey key = CngKey.Open(data.Key))
                    {
                        key.Delete();
                    }
                }
            }
        }

コード例 #31

0

ファイルを表示

ファイル: CngKey.cs プロジェクト: pritesh-mandowara-sp/DecompliedDotNetLibraries

 private static void SetKeyProperties(SafeNCryptKeyHandle keyHandle, CngKeyCreationParameters creationParameters)
 {
     if (creationParameters.ExportPolicy.HasValue)
     {
         NCryptNative.SetProperty(keyHandle, "Export Policy", creationParameters.ExportPolicy.Value, CngPropertyOptions.None | CngPropertyOptions.Persist);
     }
     if (creationParameters.KeyUsage.HasValue)
     {
         NCryptNative.SetProperty(keyHandle, "Key Usage", creationParameters.KeyUsage.Value, CngPropertyOptions.None | CngPropertyOptions.Persist);
     }
     if (creationParameters.ParentWindowHandle != IntPtr.Zero)
     {
         NCryptNative.SetProperty<IntPtr>(keyHandle, "HWND Handle", creationParameters.ParentWindowHandle, CngPropertyOptions.None);
     }
     if (creationParameters.UIPolicy != null)
     {
         NCryptNative.NCRYPT_UI_POLICY ncrypt_ui_policy = new NCryptNative.NCRYPT_UI_POLICY {
             dwVersion = 1,
             dwFlags = creationParameters.UIPolicy.ProtectionLevel,
             pszCreationTitle = creationParameters.UIPolicy.CreationTitle,
             pszFriendlyName = creationParameters.UIPolicy.FriendlyName,
             pszDescription = creationParameters.UIPolicy.Description
         };
         NCryptNative.SetProperty<NCryptNative.NCRYPT_UI_POLICY>(keyHandle, "UI Policy", ncrypt_ui_policy, CngPropertyOptions.None | CngPropertyOptions.Persist);
         if (creationParameters.UIPolicy.UseContext != null)
         {
             NCryptNative.SetProperty(keyHandle, "Use Context", creationParameters.UIPolicy.UseContext, CngPropertyOptions.None | CngPropertyOptions.Persist);
         }
     }
     foreach (CngProperty property in creationParameters.ParametersNoDemand)
     {
         NCryptNative.SetProperty(keyHandle, property.Name, property.Value, property.Options);
     }
 }

コード例 #32

0

ファイルを表示

ファイル: CngKey.cs プロジェクト: ItsVeryWindy/mono

        private static void SetKeyProperties(SafeNCryptKeyHandle keyHandle,
                                             CngKeyCreationParameters creationParameters) {
            Contract.Requires(keyHandle != null && !keyHandle.IsInvalid && !keyHandle.IsClosed);
            Contract.Requires(creationParameters != null);

            //
            // Setup the well-known properties.
            //

            if (creationParameters.ExportPolicy.HasValue) {
                NCryptNative.SetProperty(keyHandle,
                                         NCryptNative.KeyPropertyName.ExportPolicy,
                                         (int)creationParameters.ExportPolicy.Value,
                                         CngPropertyOptions.Persist);
            }

            if (creationParameters.KeyUsage.HasValue) {
                NCryptNative.SetProperty(keyHandle,
                                         NCryptNative.KeyPropertyName.KeyUsage,
                                         (int)creationParameters.KeyUsage.Value,
                                         CngPropertyOptions.Persist);
            }

            if (creationParameters.ParentWindowHandle != IntPtr.Zero) {
                NCryptNative.SetProperty(keyHandle,
                                         NCryptNative.KeyPropertyName.ParentWindowHandle,
                                         creationParameters.ParentWindowHandle,
                                         CngPropertyOptions.None);
            }

            if (creationParameters.UIPolicy != null) {
                NCryptNative.NCRYPT_UI_POLICY uiPolicy = new NCryptNative.NCRYPT_UI_POLICY();
                uiPolicy.dwVersion = 1;
                uiPolicy.dwFlags = creationParameters.UIPolicy.ProtectionLevel;
                uiPolicy.pszCreationTitle = creationParameters.UIPolicy.CreationTitle;
                uiPolicy.pszFriendlyName = creationParameters.UIPolicy.FriendlyName;
                uiPolicy.pszDescription = creationParameters.UIPolicy.Description;

                NCryptNative.SetProperty(keyHandle,
                                         NCryptNative.KeyPropertyName.UIPolicy,
                                         uiPolicy,
                                         CngPropertyOptions.Persist);

                // The use context is a seperate property from the standard UI context
                if (creationParameters.UIPolicy.UseContext != null) {
                    NCryptNative.SetProperty(keyHandle,
                                             NCryptNative.KeyPropertyName.UseContext,
                                             creationParameters.UIPolicy.UseContext,
                                             CngPropertyOptions.Persist);
                }
            }

            // Iterate over the custom properties, setting those as well.
            foreach (CngProperty property in creationParameters.ParametersNoDemand) {
                NCryptNative.SetProperty(keyHandle, property.Name, property.Value, property.Options);
            }
        }

コード例 #33

0

ファイルを表示

ファイル: CngKey.cs プロジェクト: ItsVeryWindy/mono

        public static CngKey Create(CngAlgorithm algorithm, string keyName, CngKeyCreationParameters creationParameters) {
            Contract.Ensures(Contract.Result<CngKey>() != null);

            if (algorithm == null) {
                throw new ArgumentNullException("algorithm");
            }

            if (creationParameters == null) {
                creationParameters = new CngKeyCreationParameters();
            }

            // Make sure that NCrypt is supported on this platform
            if (!NCryptNative.NCryptSupported) {
                throw new PlatformNotSupportedException(SR.GetString(SR.Cryptography_PlatformNotSupported));
            }

            // If we're not creating an ephemeral key, then we need to ensure the user has access to the key name
            if (keyName != null) {
                KeyContainerPermissionAccessEntry access = new KeyContainerPermissionAccessEntry(keyName, KeyContainerPermissionFlags.Create);
                access.ProviderName = creationParameters.Provider.Provider;

                KeyContainerPermission permission = new KeyContainerPermission(KeyContainerPermissionFlags.NoFlags);
                permission.AccessEntries.Add(access);
                permission.Demand();
            }

            //
            // Create the native handles representing the new key, setup the creation parameters on it, and
            // finalize it for use.
            //

            SafeNCryptProviderHandle kspHandle = NCryptNative.OpenStorageProvider(creationParameters.Provider.Provider);
            SafeNCryptKeyHandle keyHandle = NCryptNative.CreatePersistedKey(kspHandle,
                                                                            algorithm.Algorithm,
                                                                            keyName,
                                                                            creationParameters.KeyCreationOptions);

            SetKeyProperties(keyHandle, creationParameters);
            NCryptNative.FinalizeKey(keyHandle);
            
            CngKey key = new CngKey(kspHandle, keyHandle);

            // No name translates to an ephemeral key
            if (keyName == null) {
                key.IsEphemeral = true;
            }

            return key;
        }

コード例 #34

0

ファイルを表示

ファイル: CngKey.cs プロジェクト: ItsVeryWindy/mono

 public static CngKey Create(CngAlgorithm algorithm, string keyName, CngKeyCreationParameters creationParameters) {
     throw new NotImplementedException ();
 }

コード例 #35

0

ファイルを表示

ファイル: EcdhP521.cs プロジェクト: cons0las/FBICRY

        /// <summary>
        /// Инициализация экземпляра класса
        /// </summary>
        /// <param name="seed">Инициализирующее случайное значение.</param>
        /// <param name="privateKey">Закрытый ключ.</param>
        /// <param name="hmacKey">Код аутентичности сообщения на базе хеш-функции.</param>
        public void Initialize(Object seed, string privateKey, Object hmacKey = null)
        {
            // Защита от потери конфиденциальных данных при многократном вызове Initialize
            Clear();

            // Ключ для алгоритма ECDH
            CngKey cngKeyECDH;

            // Ключ для алгоритма ECDSA
            CngKey cngKeyECDSA;

            // Задаем параметры создания ключа
            _cngKeyCreationParameters = new CngKeyCreationParameters();
            _cngKeyCreationParameters.ExportPolicy = CngExportPolicies.AllowPlaintextExport;
            _cngKeyCreationParameters.KeyCreationOptions = CngKeyCreationOptions.OverwriteExistingKey;
            _cngKeyCreationParameters.KeyUsage = CngKeyUsages.AllUsages;
            _cngKeyCreationParameters.Provider = CngProvider.MicrosoftSoftwareKeyStorageProvider;

            // Если закрытый ключ не задан...
            if(privateKey == null)
            {
                // - создаем его...
                cngKeyECDH = CngKey.Create(CngAlgorithm.ECDiffieHellmanP521, "CngKey", _cngKeyCreationParameters);

                //...и экспортируя в двоичные данные подготовленный ключ DH, задаем на его основе ключ для ЭЦП
                cngKeyECDSA = ImportKeyBinData(ExportKeyBinData(cngKeyECDH, false), false, true);
            }
            else //...а иначе используем предоставленный...
            {
                //...импортируя его из строки в формате Base64
                cngKeyECDH = ImportKeyBinData(Convert.FromBase64String(privateKey.Base64String().Substring(0, PRIVATE_KEY_SIZE)), false, false); // Не ЭЦП

                // Строка с ключом для ЭЦП
                string stringECDSA;

                try
                {
                    // Пытаемся грузить расширенную часть ключа...
                    stringECDSA = privateKey.Base64String().Substring(PRIVATE_KEY_SIZE, PRIVATE_KEY_SIZE);
                }
                catch
                {
                    //...если не получилось - формируем ключ для ECDSA на основе ключа для ECDH
                    stringECDSA = privateKey.Base64String().Substring(0, PRIVATE_KEY_SIZE);
                }

                // Формируем ключ для ЭЦП на основе тех данных, что удалось добыть
                cngKeyECDSA = ImportKeyBinData(Convert.FromBase64String(stringECDSA), false, true); // ЭЦП
            }

            // Инициализируем криптографические сущности ключом
            _ECDiffieHellmanCng = new ECDiffieHellmanCng(cngKeyECDH);
            _ECDsaCng = new ECDsaCng(cngKeyECDSA);
            if(seed != null)
            {
                _ECDiffieHellmanCng.Seed = CryforceUtilities.ExtractByteArrayFromObject(seed);
            }

            // Если требуется использование кода аутентичности сообщения на основе хеша
            if(hmacKey != null)
            {
                _ECDiffieHellmanCng.HmacKey = CryforceUtilities.ExtractByteArrayFromObject(hmacKey);
                _ECDiffieHellmanCng.KeyDerivationFunction = ECDiffieHellmanKeyDerivationFunction.Hmac;
            }
            else
            {
                _ECDiffieHellmanCng.KeyDerivationFunction = ECDiffieHellmanKeyDerivationFunction.Hash;
            }

            // Задаем функцию хеширования
            _ECDiffieHellmanCng.HashAlgorithm = _ECDsaCng.HashAlgorithm = CngAlgorithm.Sha512;

            // Указываем, что инициализация прошла успешно
            IsInitialized = true;
        }

コード例 #36

0

ファイルを表示

ファイル: SubscriptionServiceHost.cs プロジェクト: nothrow/OrionSDK

        public void OpenSubscriber()
        {
            try
            {

                if (IsListening())
                    return;

                log.InfoFormat("Opening subscriber endpoint at {0}", netTcpAddress);

                log.InfoFormat("Opening http subscriber endpoint at {0}", httpAddress);

                NotificationSubscriber notificationSubscriber = new NotificationSubscriber();
                notificationSubscriber.IndicationReceived += OnIndication;

                CngKeyCreationParameters keyCreationParameters = new CngKeyCreationParameters();
                keyCreationParameters.ExportPolicy = CngExportPolicies.AllowExport | CngExportPolicies.AllowPlaintextExport | CngExportPolicies.AllowPlaintextArchiving | CngExportPolicies.AllowArchiving;
                keyCreationParameters.KeyUsage = CngKeyUsages.AllUsages;

                X509CertificateCreationParameters configCreate = new X509CertificateCreationParameters(new X500DistinguishedName("CN=SolarWinds-SwqlStudio"));
                configCreate.EndTime = DateTime.Now.AddYears(1);
                configCreate.StartTime = DateTime.Now;

                using (CngKey cngKey = CngKey.Create(CngAlgorithm2.Rsa))
                {
                    X509Certificate2 certificate = cngKey.CreateSelfSignedCertificate(configCreate);
                    ServiceHost host = new ServiceHost(notificationSubscriber, new Uri(netTcpAddress), new Uri(httpAddress));
                    host.Credentials.ServiceCertificate.Certificate = certificate;
                    // SetCertificate(StoreLocation.LocalMachine, StoreName.My, X509FindType.FindBySubjectDistinguishedName, "CN=SolarWinds-Orion");
                    host.Open();
                    subscriberHosts.Add(host);
                }

                log.Info("Http Subscriber endpoint opened");
            }
            catch (Exception ex)
            {
                log.ErrorFormat("Exception opening subscriber host with address {0}.\n{1}", httpAddress, ex);
            }

            foreach (ServiceHost serviceHost in subscriberHosts)
            {
                foreach (ChannelDispatcherBase channelDispatcher in serviceHost.ChannelDispatchers)
                {
                    log.InfoFormat("Listening on {0}", channelDispatcher.Listener.Uri.AbsoluteUri);
                }
            }

            ListenerOpened?.Invoke();
        }

コード例 #37

0

ファイルを表示

ファイル: Program.cs プロジェクト: stormcrow79/FrameworkTests

        static CngKey RecreateKey(string name, int length)
        {
            var createParams = new CngKeyCreationParameters()
              {
            KeyCreationOptions = CngKeyCreationOptions.OverwriteExistingKey,
            ExportPolicy = CngExportPolicies.AllowPlaintextExport
              };

              createParams.Parameters.Add(new CngProperty("Length", BitConverter.GetBytes(length), CngPropertyOptions.None));
              var exists = CngKey.Exists(name, CngProvider.MicrosoftSoftwareKeyStorageProvider, CngKeyOpenOptions.None);
              var key = CngKey.Create(CngAlgorithm.Rsa, name, createParams);

              File.WriteAllBytes(@"C:\Connect\key\" + name + "-private", key.Export(CngKeyBlobFormat.GenericPrivateBlob));
              File.WriteAllBytes(@"C:\Connect\key\" + name + "-public",  key.Export(CngKeyBlobFormat.GenericPublicBlob));

              return key;
        }

コード例 #38

0

ファイルを表示

ファイル: ECCertificateBuilder.cs プロジェクト: KalixHealth/Kalix.ApiCrypto

        /// <summary>
        /// Create a ECDSA based certificate with the given options
        /// </summary>
        /// <param name="buildOptions">Allows for more advanced configuration</param>
        /// <returns>An exportable X509Certificate2 object (with private key)</returns>
        public static X509Certificate2 CreateNewSigningCertificate(ECCertificateBuilderOptions buildOptions)
        {
            if(buildOptions == null)
            {
                throw new ArgumentNullException("buildOptions");
            }

            string keyName = buildOptions.ECKeyName ?? "ECDSAKey";

            CngKey objCngKey = null;
            if (CngKey.Exists(keyName))
            {
                objCngKey = CngKey.Open(keyName);
                objCngKey.Delete();
            }

            var creationParameters = new CngKeyCreationParameters();
            creationParameters.ExportPolicy = CngExportPolicies.AllowExport;
            creationParameters.KeyUsage = CngKeyUsages.Signing;

            CngAlgorithm keyAlg;
            switch(buildOptions.ECCurve ?? ECNamedCurves.P521)
            {
                case ECNamedCurves.P521:
                    keyAlg = CngAlgorithm.ECDsaP521;
                    break;
                case ECNamedCurves.P384:
                    keyAlg = CngAlgorithm.ECDsaP384;
                    break;
                case ECNamedCurves.P256:
                    keyAlg = CngAlgorithm.ECDsaP256;
                    break;
                default:
                    throw new InvalidOperationException("Selected curve is not supported");
            }

            objCngKey = CngKey.Create(keyAlg, keyName, creationParameters);

            var name = new X500DistinguishedName(buildOptions.FullSubjectName);

            X509CertificateSignatureAlgorithm certAlg;
            switch(buildOptions.HashingMethod ?? HashingMethods.Sha256)
            {
                case HashingMethods.Sha1:
                    certAlg = X509CertificateSignatureAlgorithm.ECDsaSha1;
                    break;
                case HashingMethods.Sha256:
                    certAlg = X509CertificateSignatureAlgorithm.ECDsaSha256;
                    break;
                case HashingMethods.Sha384:
                    certAlg = X509CertificateSignatureAlgorithm.ECDsaSha384;
                    break;
                case HashingMethods.Sha512:
                    certAlg = X509CertificateSignatureAlgorithm.ECDsaSha512;
                    break;
                default:
                    throw new InvalidOperationException("Selected hashing method is not supported");
            }

            var options = new X509CertificateCreationParameters(name)
            {
                SignatureAlgorithm = certAlg,
                TakeOwnershipOfKey = true
            };

            return objCngKey.CreateSelfSignedCertificate(options);
        }

コード例 #39

0

ファイルを表示

        private static void SetKeyProperties(SafeNCryptKeyHandle keyHandle,
                                             CngKeyCreationParameters creationParameters)
        {
            Contract.Requires(keyHandle != null && !keyHandle.IsInvalid && !keyHandle.IsClosed);
            Contract.Requires(creationParameters != null);

            //
            // Setup the well-known properties.
            //

            if (creationParameters.ExportPolicy.HasValue)
            {
                NCryptNative.SetProperty(keyHandle,
                                         NCryptNative.KeyPropertyName.ExportPolicy,
                                         (int)creationParameters.ExportPolicy.Value,
                                         CngPropertyOptions.Persist);
            }

            if (creationParameters.KeyUsage.HasValue)
            {
                NCryptNative.SetProperty(keyHandle,
                                         NCryptNative.KeyPropertyName.KeyUsage,
                                         (int)creationParameters.KeyUsage.Value,
                                         CngPropertyOptions.Persist);
            }

            if (creationParameters.ParentWindowHandle != IntPtr.Zero)
            {
                NCryptNative.SetProperty(keyHandle,
                                         NCryptNative.KeyPropertyName.ParentWindowHandle,
                                         creationParameters.ParentWindowHandle,
                                         CngPropertyOptions.None);
            }

            if (creationParameters.UIPolicy != null)
            {
                NCryptNative.NCRYPT_UI_POLICY uiPolicy = new NCryptNative.NCRYPT_UI_POLICY();
                uiPolicy.dwVersion        = 1;
                uiPolicy.dwFlags          = creationParameters.UIPolicy.ProtectionLevel;
                uiPolicy.pszCreationTitle = creationParameters.UIPolicy.CreationTitle;
                uiPolicy.pszFriendlyName  = creationParameters.UIPolicy.FriendlyName;
                uiPolicy.pszDescription   = creationParameters.UIPolicy.Description;

                NCryptNative.SetProperty(keyHandle,
                                         NCryptNative.KeyPropertyName.UIPolicy,
                                         uiPolicy,
                                         CngPropertyOptions.Persist);

                // The use context is a seperate property from the standard UI context
                if (creationParameters.UIPolicy.UseContext != null)
                {
                    NCryptNative.SetProperty(keyHandle,
                                             NCryptNative.KeyPropertyName.UseContext,
                                             creationParameters.UIPolicy.UseContext,
                                             CngPropertyOptions.Persist);
                }
            }

            // Iterate over the custom properties, setting those as well.
            foreach (CngProperty property in creationParameters.ParametersNoDemand)
            {
                NCryptNative.SetProperty(keyHandle, property.Name, property.Value, property.Options);
            }
        }

C# (CSharp) System.Security.Cryptography CngKeyCreationParametersの例