internal override bool TryImportPublicKey(
ReadOnlySpan <byte> blob,
KeyBlobFormat format,
out PublicKey publicKey)
{
publicKey = new PublicKey(this);
switch (format)
{
case KeyBlobFormat.RawPublicKey:
return(s_rawPublicKeyFormatter.TryImport(blob, out publicKey.GetPinnableReference()));
case KeyBlobFormat.NSecPublicKey:
return(s_nsecPublicKeyFormatter.TryImport(blob, out publicKey.GetPinnableReference()));
case KeyBlobFormat.PkixPublicKey:
return(s_pkixPublicKeyFormatter.TryImport(blob, out publicKey.GetPinnableReference()));
case KeyBlobFormat.PkixPublicKeyText:
return(s_pkixPublicKeyFormatter.TryImportText(blob, out publicKey.GetPinnableReference()));
default:
throw Error.Argument_FormatNotSupported(nameof(format), format.ToString());
}
}
internal override int GetKeyBlobSize(
KeyBlobFormat format)
{
switch (format)
{
case KeyBlobFormat.RawPrivateKey:
return(s_rawPrivateKeyFormatter.BlobSize);
case KeyBlobFormat.NSecPrivateKey:
return(s_nsecPrivateKeyFormatter.BlobSize);
case KeyBlobFormat.PkixPrivateKey:
return(s_pkixPrivateKeyFormatter.BlobSize);
case KeyBlobFormat.PkixPrivateKeyText:
return(s_pkixPrivateKeyFormatter.BlobTextSize);
case KeyBlobFormat.RawPublicKey:
return(s_rawPublicKeyFormatter.BlobSize);
case KeyBlobFormat.NSecPublicKey:
return(s_nsecPublicKeyFormatter.BlobSize);
case KeyBlobFormat.PkixPublicKey:
return(s_pkixPublicKeyFormatter.BlobSize);
case KeyBlobFormat.PkixPublicKeyText:
return(s_pkixPublicKeyFormatter.BlobTextSize);
default:
throw Error.Argument_FormatNotSupported(nameof(format), format.ToString());
}
}
internal override bool TryImportKey(
ReadOnlySpan <byte> blob,
KeyBlobFormat format,
out SecureMemoryHandle keyHandle,
out byte[] publicKeyBytes)
{
if (format != KeyBlobFormat.RawSymmetricKey)
{
throw Error.Argument_FormatNotSupported(nameof(format), format.ToString());
}
if (blob.Length < MinKeySize)
{
keyHandle = null;
publicKeyBytes = null;
return(false);
}
if (blob.Length > SHA256MessageBlockSize)
{
publicKeyBytes = null;
SecureMemoryHandle.Alloc(crypto_hash_sha256_BYTES, out keyHandle);
crypto_hash_sha256_init(out crypto_hash_sha256_state state);
crypto_hash_sha256_update(ref state, ref blob.DangerousGetPinnableReference(), (ulong)blob.Length);
crypto_hash_sha256_final(ref state, keyHandle);
}
else
{
publicKeyBytes = null;
SecureMemoryHandle.Alloc(blob.Length, out keyHandle);
keyHandle.Import(blob);
}
return(true);
}
internal override bool TryImportKey(
ReadOnlySpan <byte> blob,
KeyBlobFormat format,
MemoryPool <byte> memoryPool,
out ReadOnlyMemory <byte> memory,
out IMemoryOwner <byte>?owner,
out PublicKey?publicKey)
{
publicKey = new PublicKey(this);
switch (format)
{
case KeyBlobFormat.RawPrivateKey:
return(s_rawPrivateKeyFormatter.TryImport(blob, memoryPool, out memory, out owner, out publicKey.GetPinnableReference()));
case KeyBlobFormat.NSecPrivateKey:
return(s_nsecPrivateKeyFormatter.TryImport(blob, memoryPool, out memory, out owner, out publicKey.GetPinnableReference()));
case KeyBlobFormat.PkixPrivateKey:
return(s_pkixPrivateKeyFormatter.TryImport(blob, memoryPool, out memory, out owner, out publicKey.GetPinnableReference()));
case KeyBlobFormat.PkixPrivateKeyText:
return(s_pkixPrivateKeyFormatter.TryImportText(blob, memoryPool, out memory, out owner, out publicKey.GetPinnableReference()));
default:
throw Error.Argument_FormatNotSupported(nameof(format), format.ToString());
}
}
internal override int GetKeyBlobSize(
KeyBlobFormat format)
{
if (format != KeyBlobFormat.RawSymmetricKey)
throw Error.Argument_FormatNotSupported(nameof(format), format.ToString());
return MaxKeySize;
}
public byte[] Export(
KeyBlobFormat format)
{
byte[] blob;
int blobSize;
if (format < 0)
{
if (_handle.IsClosed)
{
throw Error.ObjectDisposed_Key();
}
if ((_exportPolicy & KeyExportPolicies.AllowPlaintextExport) == 0)
{
if ((_exportPolicy & KeyExportPolicies.AllowPlaintextArchiving) == 0)
{
throw Error.InvalidOperation_ExportNotAllowed();
}
if (_exported)
{
throw Error.InvalidOperation_AlreadyArchived();
}
}
_exported = true;
_algorithm.TryExportKey(_handle, format, Span <byte> .Empty, out blobSize);
blob = new byte[blobSize];
if (!_algorithm.TryExportKey(_handle, format, blob, out blobSize))
{
throw Error.Cryptographic_InternalError();
}
Debug.Assert(blobSize == blob.Length);
return(blob);
}
else
{
if (_publicKey == null)
{
throw Error.Argument_FormatNotSupported(nameof(format), format.ToString());
}
_algorithm.TryExportPublicKey(_publicKey.Bytes, format, Span <byte> .Empty, out blobSize);
blob = new byte[blobSize];
if (!_algorithm.TryExportPublicKey(_publicKey.Bytes, format, blob, out blobSize))
{
throw Error.Cryptographic_InternalError();
}
Debug.Assert(blobSize == blob.Length);
return(blob);
}
}
internal override bool TryExportKey(
ReadOnlySpan <byte> key,
KeyBlobFormat format,
Span <byte> blob,
out int blobSize)
{
return(format switch
{
KeyBlobFormat.RawSymmetricKey => RawKeyFormatter.TryExport(key, blob, out blobSize),
KeyBlobFormat.NSecSymmetricKey => NSecKeyFormatter.TryExport(NSecBlobHeader, KeySize, MacSize, key, blob, out blobSize),
_ => throw Error.Argument_FormatNotSupported(nameof(format), format.ToString()),
});
internal override int ExportKey(
SecureMemoryHandle keyHandle,
KeyBlobFormat format,
Span<byte> blob)
{
if (format != KeyBlobFormat.RawSymmetricKey)
throw Error.Argument_FormatNotSupported(nameof(format), format.ToString());
if (blob.Length < keyHandle.Length)
throw Error.Argument_SpanBlob(nameof(blob));
Debug.Assert(keyHandle != null);
return keyHandle.Export(blob);
}
internal override bool TryExportKey(
ReadOnlySpan <byte> key,
KeyBlobFormat format,
Span <byte> blob,
out int blobSize)
{
return(format switch
{
KeyBlobFormat.RawPrivateKey => s_rawPrivateKeyFormatter.TryExport(key, blob, out blobSize),
KeyBlobFormat.NSecPrivateKey => s_nsecPrivateKeyFormatter.TryExport(key, blob, out blobSize),
KeyBlobFormat.PkixPrivateKey => s_pkixPrivateKeyFormatter.TryExport(key, blob, out blobSize),
KeyBlobFormat.PkixPrivateKeyText => s_pkixPrivateKeyFormatter.TryExportText(key, blob, out blobSize),
_ => throw Error.Argument_FormatNotSupported(nameof(format), format.ToString()),
});
internal override int GetKeyBlobSize(
KeyBlobFormat format)
{
switch (format)
{
case KeyBlobFormat.RawSymmetricKey:
return(s_rawKeyFormatter.BlobSize);
case KeyBlobFormat.NSecSymmetricKey:
return(s_nsecKeyFormatter.BlobSize);
default:
throw Error.Argument_FormatNotSupported(nameof(format), format.ToString());
}
}
internal override bool TryImportKey(
ReadOnlySpan <byte> blob,
KeyBlobFormat format,
out SecureMemoryHandle keyHandle,
out byte[] publicKeyBytes)
{
switch (format)
{
case KeyBlobFormat.RawSymmetricKey:
return(s_rawKeyFormatter.TryImport(blob, out keyHandle, out publicKeyBytes));
case KeyBlobFormat.NSecSymmetricKey:
return(s_nsecKeyFormatter.TryImport(blob, out keyHandle, out publicKeyBytes));
default:
throw Error.Argument_FormatNotSupported(nameof(format), format.ToString());
}
}
internal override bool TryExportKey(
ReadOnlySpan <byte> key,
KeyBlobFormat format,
Span <byte> blob,
out int blobSize)
{
switch (format)
{
case KeyBlobFormat.RawSymmetricKey:
return(RawKeyFormatter.TryExport(key, blob, out blobSize));
case KeyBlobFormat.NSecSymmetricKey:
return(NSecKeyFormatter.TryExport(NSecBlobHeader, KeySize, MacSize, key, blob, out blobSize));
default:
throw Error.Argument_FormatNotSupported(nameof(format), format.ToString());
}
}
internal override bool TryExportKey(
SecureMemoryHandle keyHandle,
KeyBlobFormat format,
Span <byte> blob,
out int blobSize)
{
switch (format)
{
case KeyBlobFormat.RawSymmetricKey:
return(s_rawKeyFormatter.TryExport(keyHandle, blob, out blobSize));
case KeyBlobFormat.NSecSymmetricKey:
return(s_nsecKeyFormatter.TryExport(keyHandle, blob, out blobSize));
default:
throw Error.Argument_FormatNotSupported(nameof(format), format.ToString());
}
}
internal override int ExportKey(
SecureMemoryHandle keyHandle,
KeyBlobFormat format,
Span <byte> blob)
{
Debug.Assert(keyHandle != null);
switch (format)
{
case KeyBlobFormat.RawSymmetricKey:
return(s_rawKeyFormatter.Export(keyHandle, blob));
case KeyBlobFormat.NSecSymmetricKey:
return(s_nsecKeyFormatter.Export(keyHandle, blob));
default:
throw Error.Argument_FormatNotSupported(nameof(format), format.ToString());
}
}
public int Export(
KeyBlobFormat format,
Span <byte> blob)
{
if (format < 0)
{
if (_handle.IsClosed)
{
throw Error.ObjectDisposed_Key();
}
bool allowExport = (_flags & KeyFlags.AllowExport) != 0;
bool allowArchiving = (_flags & KeyFlags.AllowArchiving) != 0;
if (!allowExport)
{
if (!allowArchiving)
{
throw Error.InvalidOperation_ExportNotAllowed();
}
if (_exported)
{
throw Error.InvalidOperation_AlreadyArchived();
}
}
_exported = true;
return(_algorithm.ExportKey(_handle, format, blob));
}
else
{
if (_publicKey == null)
{
throw Error.Argument_FormatNotSupported(nameof(format), format.ToString());
}
return(_algorithm.ExportPublicKey(_publicKey.Bytes, format, blob));
}
}
internal override bool TryImportKey(
ReadOnlySpan <byte> blob,
KeyBlobFormat format,
MemoryPool <byte> memoryPool,
out ReadOnlyMemory <byte> memory,
out IMemoryOwner <byte>?owner,
out PublicKey?publicKey)
{
publicKey = null;
switch (format)
{
case KeyBlobFormat.RawSymmetricKey:
return(RawKeyFormatter.TryImport(KeySize, blob, memoryPool, out memory, out owner));
case KeyBlobFormat.NSecSymmetricKey:
return(NSecKeyFormatter.TryImport(NSecBlobHeader, KeySize, MacSize, blob, memoryPool, out memory, out owner));
default:
throw Error.Argument_FormatNotSupported(nameof(format), format.ToString());
}
}
internal override bool TryImportPublicKey(
ReadOnlySpan <byte> blob,
KeyBlobFormat format,
out byte[] result)
{
switch (format)
{
case KeyBlobFormat.RawPublicKey:
return(s_rawPublicKeyFormatter.TryImport(blob, out result));
case KeyBlobFormat.NSecPublicKey:
return(s_nsecPublicKeyFormatter.TryImport(blob, out result));
case KeyBlobFormat.PkixPublicKey:
return(s_pkixPublicKeyFormatter.TryImport(blob, out result));
case KeyBlobFormat.PkixPublicKeyText:
return(s_pkixPublicKeyFormatter.TryImportText(blob, out result));
default:
throw Error.Argument_FormatNotSupported(nameof(format), format.ToString());
}
}
internal override int ExportPublicKey(
ReadOnlySpan <byte> publicKeyBytes,
KeyBlobFormat format,
Span <byte> blob)
{
switch (format)
{
case KeyBlobFormat.RawPublicKey:
return(s_rawPublicKeyFormatter.Export(publicKeyBytes, blob));
case KeyBlobFormat.NSecPublicKey:
return(s_nsecPublicKeyFormatter.Export(publicKeyBytes, blob));
case KeyBlobFormat.PkixPublicKey:
return(s_pkixPublicKeyFormatter.Export(publicKeyBytes, blob));
case KeyBlobFormat.PkixPublicKeyText:
return(s_pkixPublicKeyFormatter.ExportText(publicKeyBytes, blob));
default:
throw Error.Argument_FormatNotSupported(nameof(format), format.ToString());
}
}
internal override int ExportKey(
SecureMemoryHandle keyHandle,
KeyBlobFormat format,
Span <byte> blob)
{
switch (format)
{
case KeyBlobFormat.RawPrivateKey:
return(s_rawPrivateKeyFormatter.Export(keyHandle, blob));
case KeyBlobFormat.NSecPrivateKey:
return(s_nsecPrivateKeyFormatter.Export(keyHandle, blob));
case KeyBlobFormat.PkixPrivateKey:
return(s_pkixPrivateKeyFormatter.Export(keyHandle, blob));
case KeyBlobFormat.PkixPrivateKeyText:
return(s_pkixPrivateKeyFormatter.ExportText(keyHandle, blob));
default:
throw Error.Argument_FormatNotSupported(nameof(format), format.ToString());
}
}
internal override bool TryImportKey(
ReadOnlySpan <byte> blob,
KeyBlobFormat format,
out SecureMemoryHandle keyHandle,
out byte[] publicKeyBytes)
{
if (format != KeyBlobFormat.RawSymmetricKey)
{
throw Error.Argument_FormatNotSupported(nameof(format), format.ToString());
}
if (blob.Length < MinKeySize || blob.Length > MaxKeySize)
{
keyHandle = null;
publicKeyBytes = null;
return(false);
}
publicKeyBytes = null;
SecureMemoryHandle.Alloc(blob.Length, out keyHandle);
keyHandle.Import(blob);
return(true);
}
internal override bool TryExportPublicKey(
PublicKey publicKey,
KeyBlobFormat format,
Span <byte> blob,
out int blobSize)
{
switch (format)
{
case KeyBlobFormat.RawPublicKey:
return(s_rawPublicKeyFormatter.TryExport(in publicKey.GetPinnableReference(), blob, out blobSize));
case KeyBlobFormat.NSecPublicKey:
return(s_nsecPublicKeyFormatter.TryExport(in publicKey.GetPinnableReference(), blob, out blobSize));
case KeyBlobFormat.PkixPublicKey:
return(s_pkixPublicKeyFormatter.TryExport(in publicKey.GetPinnableReference(), blob, out blobSize));
case KeyBlobFormat.PkixPublicKeyText:
return(s_pkixPublicKeyFormatter.TryExportText(in publicKey.GetPinnableReference(), blob, out blobSize));
default:
throw Error.Argument_FormatNotSupported(nameof(format), format.ToString());
}
}
internal override bool TryExportKey(
ReadOnlySpan <byte> key,
KeyBlobFormat format,
Span <byte> blob,
out int blobSize)
{
switch (format)
{
case KeyBlobFormat.RawPrivateKey:
return(s_rawPrivateKeyFormatter.TryExport(key, blob, out blobSize));
case KeyBlobFormat.NSecPrivateKey:
return(s_nsecPrivateKeyFormatter.TryExport(key, blob, out blobSize));
case KeyBlobFormat.PkixPrivateKey:
return(s_pkixPrivateKeyFormatter.TryExport(key, blob, out blobSize));
case KeyBlobFormat.PkixPrivateKeyText:
return(s_pkixPrivateKeyFormatter.TryExportText(key, blob, out blobSize));
default:
throw Error.Argument_FormatNotSupported(nameof(format), format.ToString());
}
}
public byte[] Export(
KeyBlobFormat format)
{
byte[] blob;
int blobSize;
if (format < 0)
{
if (_handle.IsClosed)
{
throw Error.ObjectDisposed_Key();
}
bool allowExport = (_flags & KeyFlags.AllowExport) != 0;
bool allowArchiving = (_flags & KeyFlags.AllowArchiving) != 0;
if (!allowExport)
{
if (!allowArchiving)
{
throw Error.InvalidOperation_ExportNotAllowed();
}
if (_exported)
{
throw Error.InvalidOperation_AlreadyArchived();
}
}
_exported = true;
if (_algorithm.TryExportKey(_handle, format, Span <byte> .Empty, out blobSize))
{
Debug.Assert(blobSize == 0);
return(Utilities.Empty <byte>());
}
blob = new byte[blobSize];
if (_algorithm.TryExportKey(_handle, format, blob, out blobSize))
{
Debug.Assert(blobSize == blob.Length);
return(blob);
}
throw Error.Cryptographic_InternalError();
}
else
{
if (_publicKey == null)
{
throw Error.Argument_FormatNotSupported(nameof(format), format.ToString());
}
if (_algorithm.TryExportPublicKey(_publicKey.Bytes, format, Span <byte> .Empty, out blobSize))
{
Debug.Assert(blobSize == 0);
return(Utilities.Empty <byte>());
}
blob = new byte[blobSize];
if (_algorithm.TryExportPublicKey(_publicKey.Bytes, format, blob, out blobSize))
{
Debug.Assert(blobSize == blob.Length);
return(blob);
}
throw Error.Cryptographic_InternalError();
}
}