public static CngKey Import(byte[] keyBlob, CngKeyBlobFormat format, CngProvider provider) { if (keyBlob == null) { throw new ArgumentNullException(nameof(keyBlob)); } if (format == null) { throw new ArgumentNullException(nameof(format)); } if (provider == null) { throw new ArgumentNullException(nameof(provider)); } SafeNCryptProviderHandle providerHandle = provider.OpenStorageProvider(); SafeNCryptKeyHandle keyHandle; ErrorCode errorCode = Interop.NCrypt.NCryptImportKey(providerHandle, IntPtr.Zero, format.Format, IntPtr.Zero, out keyHandle, keyBlob, keyBlob.Length, 0); if (errorCode != ErrorCode.ERROR_SUCCESS) { throw errorCode.ToCryptographicException(); } CngKey key = new CngKey(providerHandle, keyHandle); // We can't tell directly if an OpaqueTransport blob imported as an ephemeral key or not key.IsEphemeral = format != CngKeyBlobFormat.OpaqueTransportBlob; return(key); }
public static bool Exists(string keyName, CngProvider provider, CngKeyOpenOptions options) { ArgumentNullException.ThrowIfNull(keyName); ArgumentNullException.ThrowIfNull(provider); using (SafeNCryptProviderHandle providerHandle = provider.OpenStorageProvider()) { SafeNCryptKeyHandle?keyHandle = null; try { ErrorCode errorCode = Interop.NCrypt.NCryptOpenKey(providerHandle, out keyHandle, keyName, 0, options); if (errorCode == ErrorCode.NTE_BAD_KEYSET) { return(false); } if (errorCode != ErrorCode.ERROR_SUCCESS) { throw errorCode.ToCryptographicException(); } return(true); } finally { if (keyHandle != null) { keyHandle.Dispose(); } } } }
internal static unsafe CngKey ImportEncryptedPkcs8( ReadOnlySpan <byte> keyBlob, ReadOnlySpan <char> password, CngProvider provider) { SafeNCryptProviderHandle providerHandle = provider.OpenStorageProvider(); SafeNCryptKeyHandle keyHandle; using (SafeUnicodeStringHandle passwordHandle = new SafeUnicodeStringHandle(password)) { Interop.NCrypt.NCryptBuffer *buffers = stackalloc Interop.NCrypt.NCryptBuffer[1]; buffers[0] = new Interop.NCrypt.NCryptBuffer { BufferType = Interop.NCrypt.BufferType.PkcsSecret, cbBuffer = checked (2 * (password.Length + 1)), pvBuffer = passwordHandle.DangerousGetHandle(), }; if (buffers[0].pvBuffer == IntPtr.Zero) { buffers[0].cbBuffer = 0; } Interop.NCrypt.NCryptBufferDesc desc = new Interop.NCrypt.NCryptBufferDesc { cBuffers = 1, pBuffers = (IntPtr)buffers, ulVersion = 0, }; ErrorCode errorCode = Interop.NCrypt.NCryptImportKey( providerHandle, IntPtr.Zero, Interop.NCrypt.NCRYPT_PKCS8_PRIVATE_KEY_BLOB, ref desc, out keyHandle, ref MemoryMarshal.GetReference(keyBlob), keyBlob.Length, 0); if (errorCode != ErrorCode.ERROR_SUCCESS) { keyHandle.Dispose(); providerHandle.Dispose(); throw errorCode.ToCryptographicException(); } } CngKey key = new CngKey(providerHandle, keyHandle); key.IsEphemeral = true; return(key); }
internal static CngKey Import( ReadOnlySpan <byte> keyBlob, string?curveName, CngKeyBlobFormat format, CngProvider provider) { ArgumentNullException.ThrowIfNull(format); ArgumentNullException.ThrowIfNull(provider); SafeNCryptProviderHandle providerHandle = provider.OpenStorageProvider(); SafeNCryptKeyHandle? keyHandle = null; try { ErrorCode errorCode; if (curveName == null) { errorCode = Interop.NCrypt.NCryptImportKey( providerHandle, IntPtr.Zero, format.Format, IntPtr.Zero, out keyHandle, ref MemoryMarshal.GetReference(keyBlob), keyBlob.Length, 0); if (errorCode != ErrorCode.ERROR_SUCCESS) { providerHandle.Dispose(); keyHandle.Dispose(); throw errorCode.ToCryptographicException(); } } else { keyHandle = ECCng.ImportKeyBlob(format.Format, keyBlob, curveName, providerHandle); } CngKey key = new CngKey(providerHandle, keyHandle); // We can't tell directly if an OpaqueTransport blob imported as an ephemeral key or not key.IsEphemeral = format != CngKeyBlobFormat.OpaqueTransportBlob; return(key); } catch { keyHandle?.Dispose(); providerHandle.Dispose(); throw; } }
public static CngKey Open(string keyName, CngProvider provider, CngKeyOpenOptions openOptions) { ArgumentNullException.ThrowIfNull(keyName); ArgumentNullException.ThrowIfNull(provider); SafeNCryptProviderHandle providerHandle = provider.OpenStorageProvider(); SafeNCryptKeyHandle keyHandle; ErrorCode errorCode = Interop.NCrypt.NCryptOpenKey(providerHandle, out keyHandle, keyName, 0, openOptions); if (errorCode != ErrorCode.ERROR_SUCCESS) { throw errorCode.ToCryptographicException(); } return(new CngKey(providerHandle, keyHandle)); }
internal static CngKey Import(byte[] keyBlob, ECCurve?curve, CngKeyBlobFormat format, CngProvider provider) { #endif //!NETNATIVE if (keyBlob == null) { throw new ArgumentNullException(nameof(keyBlob)); } if (format == null) { throw new ArgumentNullException(nameof(format)); } if (provider == null) { throw new ArgumentNullException(nameof(provider)); } SafeNCryptProviderHandle providerHandle = provider.OpenStorageProvider(); SafeNCryptKeyHandle keyHandle; ErrorCode errorCode; #if !NETNATIVE if (curve == null) #endif //!NETNATIVE { errorCode = Interop.NCrypt.NCryptImportKey(providerHandle, IntPtr.Zero, format.Format, IntPtr.Zero, out keyHandle, keyBlob, keyBlob.Length, 0); if (errorCode != ErrorCode.ERROR_SUCCESS) { throw errorCode.ToCryptographicException(); } } #if !NETNATIVE else { // Call with Oid.FriendlyName because .Value will result in an invalid parameter error Debug.Assert(curve.Value.IsNamed); string curveName = curve.Value.Oid.FriendlyName; using (SafeUnicodeStringHandle safeCurveName = new SafeUnicodeStringHandle(curveName)) { var desc = new Interop.BCrypt.BCryptBufferDesc(); var buff = new Interop.BCrypt.BCryptBuffer(); IntPtr descPtr = IntPtr.Zero; IntPtr buffPtr = IntPtr.Zero; try { descPtr = Marshal.AllocHGlobal(Marshal.SizeOf(desc)); buffPtr = Marshal.AllocHGlobal(Marshal.SizeOf(buff)); buff.cbBuffer = (curveName.Length + 1) * 2; // Add 1 for null terminator buff.BufferType = Interop.BCrypt.NCryptBufferDescriptors.NCRYPTBUFFER_ECC_CURVE_NAME; buff.pvBuffer = safeCurveName.DangerousGetHandle(); Marshal.StructureToPtr(buff, buffPtr, false); desc.cBuffers = 1; desc.pBuffers = buffPtr; desc.ulVersion = Interop.BCrypt.BCRYPTBUFFER_VERSION; Marshal.StructureToPtr(desc, descPtr, false); errorCode = Interop.NCrypt.NCryptImportKey(providerHandle, IntPtr.Zero, format.Format, descPtr, out keyHandle, keyBlob, keyBlob.Length, 0); } finally { Marshal.FreeHGlobal(descPtr); Marshal.FreeHGlobal(buffPtr); } } if (errorCode != ErrorCode.ERROR_SUCCESS) { Exception e = errorCode.ToCryptographicException(); if (errorCode == ErrorCode.NTE_INVALID_PARAMETER) { throw new PlatformNotSupportedException(string.Format(SR.Cryptography_CurveNotSupported, curveName), e); } throw e; } } #endif //!NETNATIVE CngKey key = new CngKey(providerHandle, keyHandle); // We can't tell directly if an OpaqueTransport blob imported as an ephemeral key or not key.IsEphemeral = format != CngKeyBlobFormat.OpaqueTransportBlob; return(key); }