private byte[] SignHash(byte[] hash) { ValidateHashParameter(hash); if (IsPublicKeyOnly) { throw ExceptionUtility.CryptographicException(Resources.NoPrivateKey); } GetKeyPair(); if (!CspKeyContainerInfo.RandomlyGenerated) { var keyContainerPermission = new KeyContainerPermission(KeyContainerPermissionFlags.NoFlags); var keyContainerAccessEntry = new KeyContainerPermissionAccessEntry(_providerParameters, KeyContainerPermissionFlags.Sign); keyContainerPermission.AccessEntries.Add(keyContainerAccessEntry); keyContainerPermission.Demand(); } using (var hashAlgorithm = CreateHashAlgorithm()) { var hashHandleProvider = (ISafeHandleProvider <SafeHashHandleImpl>)hashAlgorithm; return(CryptoApiHelper.SignValue(_providerHandle, hashHandleProvider.SafeHandle, _providerParameters.KeyNumber, hash)); } }
public static CngKey Open(string keyName, CngProvider provider, CngKeyOpenOptions openOptions) { if (keyName == null) { throw new ArgumentNullException("keyName"); } if (provider == null) { throw new ArgumentNullException("provider"); } if (!NCryptNative.NCryptSupported) { throw new PlatformNotSupportedException(System.SR.GetString("Cryptography_PlatformNotSupported")); } KeyContainerPermissionAccessEntry accessEntry = new KeyContainerPermissionAccessEntry(keyName, KeyContainerPermissionFlags.Open) { ProviderName = provider.Provider }; KeyContainerPermission permission = new KeyContainerPermission(KeyContainerPermissionFlags.NoFlags); permission.AccessEntries.Add(accessEntry); permission.Demand(); SafeNCryptProviderHandle kspHandle = NCryptNative.OpenStorageProvider(provider.Provider); return(new CngKey(kspHandle, NCryptNative.OpenKey(kspHandle, keyName, openOptions))); }
public byte[] Decrypt(byte[] rgb, bool fOAEP) { if (rgb == null) { throw new ArgumentNullException("rgb"); } this.GetKeyPair(); if (rgb.Length > this.KeySize / 8) { throw new CryptographicException(Environment.GetResourceString("Cryptography_Padding_DecDataTooBig", new object[] { this.KeySize / 8 })); } if (!this.CspKeyContainerInfo.RandomlyGenerated && !CompatibilitySwitches.IsAppEarlierThanWindowsPhone8) { KeyContainerPermission keyContainerPermission = new KeyContainerPermission(KeyContainerPermissionFlags.NoFlags); KeyContainerPermissionAccessEntry accessEntry = new KeyContainerPermissionAccessEntry(this._parameters, KeyContainerPermissionFlags.Decrypt); keyContainerPermission.AccessEntries.Add(accessEntry); keyContainerPermission.Demand(); } byte[] result = null; RSACryptoServiceProvider.DecryptKey(this._safeKeyHandle, rgb, rgb.Length, fOAEP, JitHelpers.GetObjectHandleOnStack <byte[]>(ref result)); return(result); }
internal static SafeProvHandle CreateProvHandle(CspParameters parameters, bool randomKeyContainer) { SafeProvHandle invalidHandle = SafeProvHandle.InvalidHandle; int hr = Utils._OpenCSP(parameters, 0U, ref invalidHandle); KeyContainerPermission containerPermission = new KeyContainerPermission(KeyContainerPermissionFlags.NoFlags); if (hr != 0) { if ((parameters.Flags & CspProviderFlags.UseExistingKey) != CspProviderFlags.NoFlags || hr != -2146893799 && hr != -2146893802 && hr != -2147024894) { throw new CryptographicException(hr); } if (!randomKeyContainer && !CompatibilitySwitches.IsAppEarlierThanWindowsPhone8) { KeyContainerPermissionAccessEntry accessEntry = new KeyContainerPermissionAccessEntry(parameters, KeyContainerPermissionFlags.Create); containerPermission.AccessEntries.Add(accessEntry); containerPermission.Demand(); } Utils._CreateCSP(parameters, randomKeyContainer, ref invalidHandle); } else if (!randomKeyContainer && !CompatibilitySwitches.IsAppEarlierThanWindowsPhone8) { KeyContainerPermissionAccessEntry accessEntry = new KeyContainerPermissionAccessEntry(parameters, KeyContainerPermissionFlags.Open); containerPermission.AccessEntries.Add(accessEntry); containerPermission.Demand(); } return(invalidHandle); }
internal static SafeProvHandle CreateProvHandle(CspParameters parameters, bool randomKeyContainer) { SafeProvHandle invalidHandle = SafeProvHandle.InvalidHandle; int hr = _OpenCSP(parameters, 0, ref invalidHandle); KeyContainerPermission permission = new KeyContainerPermission(KeyContainerPermissionFlags.NoFlags); if (hr != 0) { if (((parameters.Flags & CspProviderFlags.UseExistingKey) != CspProviderFlags.NoFlags) || (((hr != -2146893799) && (hr != -2146893802)) && (hr != -2147024894))) { throw new CryptographicException(hr); } if (!randomKeyContainer) { KeyContainerPermissionAccessEntry accessEntry = new KeyContainerPermissionAccessEntry(parameters, KeyContainerPermissionFlags.Create); permission.AccessEntries.Add(accessEntry); permission.Demand(); } _CreateCSP(parameters, randomKeyContainer, ref invalidHandle); return(invalidHandle); } if (!randomKeyContainer) { KeyContainerPermissionAccessEntry entry2 = new KeyContainerPermissionAccessEntry(parameters, KeyContainerPermissionFlags.Open); permission.AccessEntries.Add(entry2); permission.Demand(); } return(invalidHandle); }
private byte[] SignHash(byte[] hash) { if (hash == null) { throw ExceptionUtility.ArgumentNull("hash"); } if (hash.Length != 32) { throw ExceptionUtility.ArgumentOutOfRange("hash", Resources.InvalidHashSize); } if (IsPublicKeyOnly) { throw ExceptionUtility.CryptographicException(Resources.NoPrivateKey); } GetKeyPair(); if (!CspKeyContainerInfo.RandomlyGenerated) { var keyContainerPermission = new KeyContainerPermission(KeyContainerPermissionFlags.NoFlags); var keyContainerAccessEntry = new KeyContainerPermissionAccessEntry(_providerParameters, KeyContainerPermissionFlags.Sign); keyContainerPermission.AccessEntries.Add(keyContainerAccessEntry); keyContainerPermission.Demand(); } return(CryptoApiHelper.SignValue(_providerHandle, _providerParameters.KeyNumber, hash)); }
internal static void ImportCspBlobHelper(CspAlgorithmType keyType, byte[] keyBlob, bool publicOnly, ref CspParameters parameters, bool randomKeyContainer, ref SafeProvHandle safeProvHandle, ref SafeKeyHandle safeKeyHandle) { if (safeKeyHandle != null && !safeKeyHandle.IsClosed) { safeKeyHandle.Dispose(); } safeKeyHandle = SafeKeyHandle.InvalidHandle; if (publicOnly) { parameters.KeyNumber = Utils._ImportCspBlob(keyBlob, keyType == CspAlgorithmType.Dss ? Utils.StaticDssProvHandle : Utils.StaticProvHandle, CspProviderFlags.NoFlags, ref safeKeyHandle); } else { if (!CompatibilitySwitches.IsAppEarlierThanWindowsPhone8) { KeyContainerPermission containerPermission = new KeyContainerPermission(KeyContainerPermissionFlags.NoFlags); KeyContainerPermissionAccessEntry accessEntry = new KeyContainerPermissionAccessEntry(parameters, KeyContainerPermissionFlags.Import); containerPermission.AccessEntries.Add(accessEntry); containerPermission.Demand(); } if (safeProvHandle == null) { safeProvHandle = Utils.CreateProvHandle(parameters, randomKeyContainer); } parameters.KeyNumber = Utils._ImportCspBlob(keyBlob, safeProvHandle, parameters.Flags, ref safeKeyHandle); } }
public byte[] Decrypt(byte[] rgb, bool fOAEP) { if (rgb == null) { throw new ArgumentNullException("rgb"); } this.GetKeyPair(); if (rgb.Length > this.KeySize / 8) { throw new CryptographicException(Environment.GetResourceString("Cryptography_Padding_DecDataTooBig", (object)(this.KeySize / 8))); } if (!this.CspKeyContainerInfo.RandomlyGenerated && !CompatibilitySwitches.IsAppEarlierThanWindowsPhone8) { KeyContainerPermission containerPermission = new KeyContainerPermission(KeyContainerPermissionFlags.NoFlags); KeyContainerPermissionAccessEntry accessEntry = new KeyContainerPermissionAccessEntry(this._parameters, KeyContainerPermissionFlags.Decrypt); containerPermission.AccessEntries.Add(accessEntry); containerPermission.Demand(); } byte[] o = (byte[])null; SafeKeyHandle pKeyContext = this._safeKeyHandle; byte[] pbEncryptedKey = rgb; int length = pbEncryptedKey.Length; int num = fOAEP ? 1 : 0; ObjectHandleOnStack objectHandleOnStack = JitHelpers.GetObjectHandleOnStack <byte[]>(ref o); RSACryptoServiceProvider.DecryptKey(pKeyContext, pbEncryptedKey, length, num != 0, objectHandleOnStack); return(o); }
public override void ImportParameters(DSAParameters parameters) { DSACspObject cspObject = DSAStructToObject(parameters); if ((this._safeKeyHandle != null) && !this._safeKeyHandle.IsClosed) { this._safeKeyHandle.Dispose(); } this._safeKeyHandle = SafeKeyHandle.InvalidHandle; if (IsPublic(parameters)) { Utils._ImportKey(Utils.StaticDssProvHandle, 0x2200, CspProviderFlags.NoFlags, cspObject, ref this._safeKeyHandle); } else { KeyContainerPermission permission = new KeyContainerPermission(KeyContainerPermissionFlags.NoFlags); KeyContainerPermissionAccessEntry accessEntry = new KeyContainerPermissionAccessEntry(this._parameters, KeyContainerPermissionFlags.Import); permission.AccessEntries.Add(accessEntry); permission.Demand(); if (this._safeProvHandle == null) { this._safeProvHandle = Utils.CreateProvHandle(this._parameters, this._randomKeyContainer); } Utils._ImportKey(this._safeProvHandle, 0x2200, this._parameters.Flags, cspObject, ref this._safeKeyHandle); } }
public override void ImportParameters(RSAParameters parameters) { if (this._safeKeyHandle != null && !this._safeKeyHandle.IsClosed) { this._safeKeyHandle.Dispose(); this._safeKeyHandle = (SafeKeyHandle)null; } RSACspObject @object = RSACryptoServiceProvider.RSAStructToObject(parameters); this._safeKeyHandle = SafeKeyHandle.InvalidHandle; if (RSACryptoServiceProvider.IsPublic(parameters)) { Utils._ImportKey(Utils.StaticProvHandle, 41984, CspProviderFlags.NoFlags, (object)@object, ref this._safeKeyHandle); } else { if (!CompatibilitySwitches.IsAppEarlierThanWindowsPhone8) { KeyContainerPermission containerPermission = new KeyContainerPermission(KeyContainerPermissionFlags.NoFlags); KeyContainerPermissionAccessEntry accessEntry = new KeyContainerPermissionAccessEntry(this._parameters, KeyContainerPermissionFlags.Import); containerPermission.AccessEntries.Add(accessEntry); containerPermission.Demand(); } if (this._safeProvHandle == null) { this._safeProvHandle = Utils.CreateProvHandle(this._parameters, this._randomKeyContainer); } Utils._ImportKey(this._safeProvHandle, 41984, this._parameters.Flags, (object)@object, ref this._safeKeyHandle); } }
public byte[] SignHash(byte[] rgbHash, string str) { if (rgbHash == null) { throw new ArgumentNullException("rgbHash"); } if (this.PublicOnly) { throw new CryptographicException(Environment.GetResourceString("Cryptography_CSP_NoPrivateKey")); } int calgHash = X509Utils.OidToAlgId(str); if (rgbHash.Length != (this._sha1.HashSize / 8)) { throw new CryptographicException(Environment.GetResourceString("Cryptography_InvalidHashSize", new object[] { "SHA1", this._sha1.HashSize / 8 })); } this.GetKeyPair(); if (!this.CspKeyContainerInfo.RandomlyGenerated) { KeyContainerPermission permission = new KeyContainerPermission(KeyContainerPermissionFlags.NoFlags); KeyContainerPermissionAccessEntry accessEntry = new KeyContainerPermissionAccessEntry(this._parameters, KeyContainerPermissionFlags.Sign); permission.AccessEntries.Add(accessEntry); permission.Demand(); } return(Utils.SignValue(this._safeKeyHandle, this._parameters.KeyNumber, 0x2200, calgHash, rgbHash)); }
[System.Security.SecuritySafeCritical] // auto-generated public byte[] SignHash(byte[] rgbHash, string str) { if (rgbHash == null) { throw new ArgumentNullException("rgbHash"); } Contract.EndContractBlock(); if (PublicOnly) { throw new CryptographicException(Environment.GetResourceString("Cryptography_CSP_NoPrivateKey")); } int calgHash = X509Utils.NameOrOidToAlgId(str, OidGroup.HashAlgorithm); if (rgbHash.Length != _sha1.HashSize / 8) { throw new CryptographicException(Environment.GetResourceString("Cryptography_InvalidHashSize", "SHA1", _sha1.HashSize / 8)); } GetKeyPair(); if (!CspKeyContainerInfo.RandomlyGenerated) { KeyContainerPermission kp = new KeyContainerPermission(KeyContainerPermissionFlags.NoFlags); KeyContainerPermissionAccessEntry entry = new KeyContainerPermissionAccessEntry(_parameters, KeyContainerPermissionFlags.Sign); kp.AccessEntries.Add(entry); kp.Demand(); } return(Utils.SignValue(_safeKeyHandle, _parameters.KeyNumber, Constants.CALG_DSS_SIGN, calgHash, rgbHash)); }
[System.Security.SecuritySafeCritical] // auto-generated public override void ImportParameters(DSAParameters parameters) { DSACspObject dsaCspObject = DSAStructToObject(parameters); // Free the current key handle if (_safeKeyHandle != null && !_safeKeyHandle.IsClosed) { _safeKeyHandle.Dispose(); } _safeKeyHandle = SafeKeyHandle.InvalidHandle; if (IsPublic(parameters)) { // Use our CRYPT_VERIFYCONTEXT handle, CRYPT_EXPORTABLE is not applicable to public only keys, so pass false Utils._ImportKey(Utils.StaticDssProvHandle, Constants.CALG_DSS_SIGN, (CspProviderFlags)0, dsaCspObject, ref _safeKeyHandle); } else { KeyContainerPermission kp = new KeyContainerPermission(KeyContainerPermissionFlags.NoFlags); KeyContainerPermissionAccessEntry entry = new KeyContainerPermissionAccessEntry(_parameters, KeyContainerPermissionFlags.Import); kp.AccessEntries.Add(entry); kp.Demand(); if (_safeProvHandle == null) { _safeProvHandle = Utils.CreateProvHandle(_parameters, _randomKeyContainer); } // Now, import the key into the CSP; _ImportKey will check for failures. Utils._ImportKey(_safeProvHandle, Constants.CALG_DSS_SIGN, _parameters.Flags, dsaCspObject, ref _safeKeyHandle); } }
private unsafe void CounterSign(CmsSigner signer) { // Sanity check. Debug.Assert(signer != null); // CspParameters parameters = new CspParameters(); if (X509Utils.GetPrivateKeyInfo(X509Utils.GetCertContext(signer.Certificate), ref parameters) == false) { throw new CryptographicException(Marshal.GetLastWin32Error()); } KeyContainerPermission kp = new KeyContainerPermission(KeyContainerPermissionFlags.NoFlags); KeyContainerPermissionAccessEntry entry = new KeyContainerPermissionAccessEntry(parameters, KeyContainerPermissionFlags.Open | KeyContainerPermissionFlags.Sign); kp.AccessEntries.Add(entry); kp.Demand(); // Get the signer's index. uint index = (uint)PkcsUtils.GetSignerIndex(m_signedCms.GetCryptMsgHandle(), this, 0); // Create CMSG_SIGNER_ENCODE_INFO structure. SafeLocalAllocHandle pSignerEncodeInfo = CAPI.LocalAlloc(CAPI.LPTR, new IntPtr(Marshal.SizeOf(typeof(CAPI.CMSG_SIGNER_ENCODE_INFO)))); CAPI.CMSG_SIGNER_ENCODE_INFO signerEncodeInfo = PkcsUtils.CreateSignerEncodeInfo(signer); try { // Marshal to unmanaged memory. Marshal.StructureToPtr(signerEncodeInfo, pSignerEncodeInfo.DangerousGetHandle(), false); // Counter sign. if (!CAPI.CryptMsgCountersign(m_signedCms.GetCryptMsgHandle(), index, 1, pSignerEncodeInfo.DangerousGetHandle())) { throw new CryptographicException(Marshal.GetLastWin32Error()); } // CAPI requires that the messge be re-encoded if any unauthenticated // attribute has been added. So, let's re-open it to decode to work // around this limitation. m_signedCms.ReopenToDecode(); } finally { Marshal.DestroyStructure(pSignerEncodeInfo.DangerousGetHandle(), typeof(CAPI.CMSG_SIGNER_ENCODE_INFO)); pSignerEncodeInfo.Dispose(); // and don't forget to dispose of resources allocated for the structure. signerEncodeInfo.Dispose(); } // Finally, add certs to bag of certs. PkcsUtils.AddCertsToMessage(m_signedCms.GetCryptMsgHandle(), m_signedCms.Certificates, PkcsUtils.CreateBagOfCertificates(signer)); return; }
private void CounterSign(CmsSigner signer) { CspParameters parameters = new CspParameters(); if (!X509Utils.GetPrivateKeyInfo(X509Utils.GetCertContext(signer.Certificate), ref parameters)) { throw new CryptographicException(Marshal.GetLastWin32Error()); } KeyContainerPermission containerPermission = new KeyContainerPermission(KeyContainerPermissionFlags.NoFlags); KeyContainerPermissionAccessEntry accessEntry = new KeyContainerPermissionAccessEntry(parameters, KeyContainerPermissionFlags.Open | KeyContainerPermissionFlags.Sign); containerPermission.AccessEntries.Add(accessEntry); containerPermission.Demand(); uint dwIndex = (uint)PkcsUtils.GetSignerIndex(this.m_signedCms.GetCryptMsgHandle(), this, 0); SafeLocalAllocHandle localAllocHandle = CAPI.LocalAlloc(64U, new IntPtr(Marshal.SizeOf(typeof(CAPI.CMSG_SIGNER_ENCODE_INFO)))); CAPI.CMSG_SIGNER_ENCODE_INFO signerEncodeInfo = PkcsUtils.CreateSignerEncodeInfo(signer); try { Marshal.StructureToPtr((object)signerEncodeInfo, localAllocHandle.DangerousGetHandle(), false); if (!CAPI.CryptMsgCountersign(this.m_signedCms.GetCryptMsgHandle(), dwIndex, 1U, localAllocHandle.DangerousGetHandle())) { throw new CryptographicException(Marshal.GetLastWin32Error()); } this.m_signedCms.ReopenToDecode(); } finally { Marshal.DestroyStructure(localAllocHandle.DangerousGetHandle(), typeof(CAPI.CMSG_SIGNER_ENCODE_INFO)); localAllocHandle.Dispose(); signerEncodeInfo.Dispose(); } int num = (int)PkcsUtils.AddCertsToMessage(this.m_signedCms.GetCryptMsgHandle(), this.m_signedCms.Certificates, PkcsUtils.CreateBagOfCertificates(signer)); }
public static CngKey Open(string keyName, CngProvider provider, CngKeyOpenOptions openOptions) { Contract.Ensures(Contract.Result <CngKey>() != null); if (keyName == null) { throw new ArgumentNullException("keyName"); } if (provider == null) { throw new ArgumentNullException("provider"); } // Make sure that NCrypt is supported on this platform if (!NCryptNative.NCryptSupported) { throw new PlatformNotSupportedException(SR.GetString(SR.Cryptography_PlatformNotSupported)); } // Ensure the user has access to the key name KeyContainerPermissionAccessEntry access = new KeyContainerPermissionAccessEntry(keyName, KeyContainerPermissionFlags.Open); access.ProviderName = provider.Provider; KeyContainerPermission permission = new KeyContainerPermission(KeyContainerPermissionFlags.NoFlags); permission.AccessEntries.Add(access); permission.Demand(); // Open the key SafeNCryptProviderHandle kspHandle = NCryptNative.OpenStorageProvider(provider.Provider); SafeNCryptKeyHandle keyHandle = NCryptNative.OpenKey(kspHandle, keyName, openOptions); return(new CngKey(kspHandle, keyHandle)); }
[System.Security.SecuritySafeCritical] // auto-generated public byte [] Decrypt(byte[] rgb, bool fOAEP) { if (rgb == null) { throw new ArgumentNullException("rgb"); } Contract.EndContractBlock(); GetKeyPair(); // size check -- must be at most the modulus size if (rgb.Length > (KeySize / 8)) { throw new CryptographicException(Environment.GetResourceString("Cryptography_Padding_DecDataTooBig", KeySize / 8)); } if (!CspKeyContainerInfo.RandomlyGenerated) { if (!CompatibilitySwitches.IsAppEarlierThanWindowsPhone8) { KeyContainerPermission kp = new KeyContainerPermission(KeyContainerPermissionFlags.NoFlags); KeyContainerPermissionAccessEntry entry = new KeyContainerPermissionAccessEntry(_parameters, KeyContainerPermissionFlags.Decrypt); kp.AccessEntries.Add(entry); kp.Demand(); } } byte[] decryptedKey = null; DecryptKey(_safeKeyHandle, rgb, rgb.Length, fOAEP, JitHelpers.GetObjectHandleOnStack(ref decryptedKey)); return(decryptedKey); }
internal KeyContainerPermission BuildKeyContainerPermission(KeyContainerPermissionFlags flags) { KeyContainerPermission permission = null; if (this.IsEphemeral) { return(permission); } string keyContainerName = null; string str2 = null; try { keyContainerName = this.KeyName; str2 = NCryptNative.GetPropertyAsString(this.m_kspHandle, "Name", CngPropertyOptions.None); } catch (CryptographicException) { } if (keyContainerName != null) { KeyContainerPermissionAccessEntry accessEntry = new KeyContainerPermissionAccessEntry(keyContainerName, flags) { ProviderName = str2 }; permission = new KeyContainerPermission(KeyContainerPermissionFlags.NoFlags); permission.AccessEntries.Add(accessEntry); return(permission); } return(new KeyContainerPermission(flags)); }
internal unsafe static void GetKeyPairHelper(CspAlgorithmType keyType, CspParameters parameters, bool randomKeyContainer, int dwKeySize, ref SafeProvHandle safeProvHandle, ref SafeKeyHandle safeKeyHandle) { SafeProvHandle safeProvHandle2 = Utils.CreateProvHandle(parameters, randomKeyContainer); if (parameters.CryptoKeySecurity != null) { KeyContainerPermission keyContainerPermission = new KeyContainerPermission(KeyContainerPermissionFlags.NoFlags); KeyContainerPermissionAccessEntry accessEntry = new KeyContainerPermissionAccessEntry(parameters, KeyContainerPermissionFlags.ChangeAcl); keyContainerPermission.AccessEntries.Add(accessEntry); keyContainerPermission.Demand(); Utils.SetKeySetSecurityInfo(safeProvHandle2, parameters.CryptoKeySecurity, parameters.CryptoKeySecurity.ChangedAccessControlSections); } if (parameters.ParentWindowHandle != IntPtr.Zero) { IntPtr parentWindowHandle = parameters.ParentWindowHandle; IntPtr pbData = parentWindowHandle; if (!AppContextSwitches.DoNotAddrOfCspParentWindowHandle) { pbData = new IntPtr((void *)(&parentWindowHandle)); } Utils.SetProviderParameter(safeProvHandle2, parameters.KeyNumber, 10U, pbData); } else if (parameters.KeyPassword != null) { IntPtr intPtr = Marshal.SecureStringToCoTaskMemAnsi(parameters.KeyPassword); try { Utils.SetProviderParameter(safeProvHandle2, parameters.KeyNumber, 11U, intPtr); } finally { if (intPtr != IntPtr.Zero) { Marshal.ZeroFreeCoTaskMemAnsi(intPtr); } } } safeProvHandle = safeProvHandle2; SafeKeyHandle invalidHandle = SafeKeyHandle.InvalidHandle; int num = Utils._GetUserKey(safeProvHandle, parameters.KeyNumber, ref invalidHandle); if (num != 0) { if ((parameters.Flags & CspProviderFlags.UseExistingKey) != CspProviderFlags.NoFlags || num != -2146893811) { throw new CryptographicException(num); } Utils._GenerateKey(safeProvHandle, parameters.KeyNumber, parameters.Flags, dwKeySize, ref invalidHandle); } byte[] array = Utils._GetKeyParameter(invalidHandle, 9U); int num2 = (int)array[0] | (int)array[1] << 8 | (int)array[2] << 16 | (int)array[3] << 24; if ((keyType == CspAlgorithmType.Rsa && num2 != 41984 && num2 != 9216) || (keyType == CspAlgorithmType.Dss && num2 != 8704)) { invalidHandle.Dispose(); throw new CryptographicException(Environment.GetResourceString("Cryptography_CSP_WrongKeySpec")); } safeKeyHandle = invalidHandle; }
public static CngKey Create(CngAlgorithm algorithm, string keyName, CngKeyCreationParameters creationParameters) { Contract.Ensures(Contract.Result <CngKey>() != null); if (algorithm == null) { throw new ArgumentNullException("algorithm"); } if (creationParameters == null) { creationParameters = new CngKeyCreationParameters(); } // Make sure that NCrypt is supported on this platform if (!NCryptNative.NCryptSupported) { throw new PlatformNotSupportedException(SR.GetString(SR.Cryptography_PlatformNotSupported)); } // If we're not creating an ephemeral key, then we need to ensure the user has access to the key name if (keyName != null) { KeyContainerPermissionAccessEntry access = new KeyContainerPermissionAccessEntry(keyName, KeyContainerPermissionFlags.Create); access.ProviderName = creationParameters.Provider.Provider; KeyContainerPermission permission = new KeyContainerPermission(KeyContainerPermissionFlags.NoFlags); permission.AccessEntries.Add(access); permission.Demand(); } // // Create the native handles representing the new key, setup the creation parameters on it, and // finalize it for use. // SafeNCryptProviderHandle kspHandle = NCryptNative.OpenStorageProvider(creationParameters.Provider.Provider); SafeNCryptKeyHandle keyHandle = NCryptNative.CreatePersistedKey(kspHandle, algorithm.Algorithm, keyName, creationParameters.KeyCreationOptions); SetKeyProperties(keyHandle, creationParameters); NCryptNative.FinalizeKey(keyHandle); CngKey key = new CngKey(kspHandle, keyHandle); // No name translates to an ephemeral key if (keyName == null) { key.IsEphemeral = true; } return(key); }
internal static void GetKeyPairHelper(CspAlgorithmType keyType, CspParameters parameters, bool randomKeyContainer, int dwKeySize, ref SafeProvHandle safeProvHandle, ref SafeKeyHandle safeKeyHandle) { SafeProvHandle provHandle = Utils.CreateProvHandle(parameters, randomKeyContainer); if (parameters.CryptoKeySecurity != null) { KeyContainerPermission containerPermission = new KeyContainerPermission(KeyContainerPermissionFlags.NoFlags); KeyContainerPermissionAccessEntry accessEntry = new KeyContainerPermissionAccessEntry(parameters, KeyContainerPermissionFlags.ChangeAcl); containerPermission.AccessEntries.Add(accessEntry); containerPermission.Demand(); Utils.SetKeySetSecurityInfo(provHandle, parameters.CryptoKeySecurity, parameters.CryptoKeySecurity.ChangedAccessControlSections); } if (parameters.ParentWindowHandle != IntPtr.Zero) { Utils.SetProviderParameter(provHandle, parameters.KeyNumber, 10U, parameters.ParentWindowHandle); } else if (parameters.KeyPassword != null) { IntPtr coTaskMemAnsi = Marshal.SecureStringToCoTaskMemAnsi(parameters.KeyPassword); try { Utils.SetProviderParameter(provHandle, parameters.KeyNumber, 11U, coTaskMemAnsi); } finally { if (coTaskMemAnsi != IntPtr.Zero) { Marshal.ZeroFreeCoTaskMemAnsi(coTaskMemAnsi); } } } safeProvHandle = provHandle; SafeKeyHandle invalidHandle = SafeKeyHandle.InvalidHandle; int userKey = Utils._GetUserKey(safeProvHandle, parameters.KeyNumber, ref invalidHandle); if (userKey != 0) { if ((parameters.Flags & CspProviderFlags.UseExistingKey) != CspProviderFlags.NoFlags || userKey != -2146893811) { throw new CryptographicException(userKey); } Utils._GenerateKey(safeProvHandle, parameters.KeyNumber, parameters.Flags, dwKeySize, ref invalidHandle); } byte[] keyParameter = Utils._GetKeyParameter(invalidHandle, 9U); int num = (int)keyParameter[0] | (int)keyParameter[1] << 8 | (int)keyParameter[2] << 16 | (int)keyParameter[3] << 24; if (keyType == CspAlgorithmType.Rsa && num != 41984 && num != 9216 || keyType == CspAlgorithmType.Dss && num != 8704) { invalidHandle.Dispose(); throw new CryptographicException(Environment.GetResourceString("Cryptography_CSP_WrongKeySpec")); } safeKeyHandle = invalidHandle; }
internal byte[] SignHash(byte[] rgbHash, int calgHash) { this.GetKeyPair(); if (!this.CspKeyContainerInfo.RandomlyGenerated && !CompatibilitySwitches.IsAppEarlierThanWindowsPhone8) { KeyContainerPermission containerPermission = new KeyContainerPermission(KeyContainerPermissionFlags.NoFlags); KeyContainerPermissionAccessEntry accessEntry = new KeyContainerPermissionAccessEntry(this._parameters, KeyContainerPermissionFlags.Sign); containerPermission.AccessEntries.Add(accessEntry); containerPermission.Demand(); } return(Utils.SignValue(this._safeKeyHandle, this._parameters.KeyNumber, 9216, calgHash, rgbHash)); }
internal static void GetKeyPairHelper(CspAlgorithmType keyType, CspParameters parameters, bool randomKeyContainer, int dwKeySize, ref SafeProvHandle safeProvHandle, ref SafeKeyHandle safeKeyHandle) { SafeProvHandle hProv = CreateProvHandle(parameters, randomKeyContainer); if (parameters.CryptoKeySecurity != null) { KeyContainerPermission permission = new KeyContainerPermission(KeyContainerPermissionFlags.NoFlags); KeyContainerPermissionAccessEntry accessEntry = new KeyContainerPermissionAccessEntry(parameters, KeyContainerPermissionFlags.ChangeAcl); permission.AccessEntries.Add(accessEntry); permission.Demand(); SetKeySetSecurityInfo(hProv, parameters.CryptoKeySecurity, parameters.CryptoKeySecurity.ChangedAccessControlSections); } if (parameters.ParentWindowHandle != IntPtr.Zero) { SetProviderParameter(hProv, parameters.KeyNumber, 10, parameters.ParentWindowHandle); } else if (parameters.KeyPassword != null) { IntPtr pbData = Marshal.SecureStringToCoTaskMemAnsi(parameters.KeyPassword); try { SetProviderParameter(hProv, parameters.KeyNumber, 11, pbData); } finally { if (pbData != IntPtr.Zero) { Marshal.ZeroFreeCoTaskMemAnsi(pbData); } } } safeProvHandle = hProv; SafeKeyHandle invalidHandle = SafeKeyHandle.InvalidHandle; int hr = _GetUserKey(safeProvHandle, parameters.KeyNumber, ref invalidHandle); if (hr != 0) { if (((parameters.Flags & CspProviderFlags.UseExistingKey) != CspProviderFlags.NoFlags) || (hr != -2146893811)) { throw new CryptographicException(hr); } _GenerateKey(safeProvHandle, parameters.KeyNumber, parameters.Flags, dwKeySize, ref invalidHandle); } byte[] buffer = _GetKeyParameter(invalidHandle, 9); int num2 = ((buffer[0] | (buffer[1] << 8)) | (buffer[2] << 0x10)) | (buffer[3] << 0x18); if ((((keyType == CspAlgorithmType.Rsa) && (num2 != 0xa400)) && (num2 != 0x2400)) || ((keyType == CspAlgorithmType.Dss) && (num2 != 0x2200))) { invalidHandle.Dispose(); throw new CryptographicException(Environment.GetResourceString("Cryptography_CSP_WrongKeySpec")); } safeKeyHandle = invalidHandle; }
internal static byte[] ExportCspBlobHelper(bool includePrivateParameters, CspParameters parameters, SafeKeyHandle safeKeyHandle) { if (includePrivateParameters && !CompatibilitySwitches.IsAppEarlierThanWindowsPhone8) { KeyContainerPermission containerPermission = new KeyContainerPermission(KeyContainerPermissionFlags.NoFlags); KeyContainerPermissionAccessEntry accessEntry = new KeyContainerPermissionAccessEntry(parameters, KeyContainerPermissionFlags.Export); containerPermission.AccessEntries.Add(accessEntry); containerPermission.Demand(); } byte[] o = (byte[])null; Utils.ExportCspBlob(safeKeyHandle, includePrivateParameters ? 7 : 6, JitHelpers.GetObjectHandleOnStack <byte[]>(ref o)); return(o); }
internal static byte[] ExportCspBlobHelper(bool includePrivateParameters, CspParameters parameters, SafeKeyHandle safeKeyHandle) { if (includePrivateParameters) { KeyContainerPermission permission = new KeyContainerPermission(KeyContainerPermissionFlags.NoFlags); KeyContainerPermissionAccessEntry accessEntry = new KeyContainerPermissionAccessEntry(parameters, KeyContainerPermissionFlags.Export); permission.AccessEntries.Add(accessEntry); permission.Demand(); } byte[] o = null; ExportCspBlob(safeKeyHandle, includePrivateParameters ? 7 : 6, JitHelpers.GetObjectHandleOnStack <byte[]>(ref o)); return(o); }
public void ComputeSignature(CmsSigner signer, bool silent) { if (signer == null) { throw new ArgumentNullException("signer"); } if (this.ContentInfo.Content.Length == 0) { throw new CryptographicException(SecurityResources.GetResourceString("Cryptography_Cms_Sign_Empty_Content")); } if (SubjectIdentifierType.NoSignature == signer.SignerIdentifierType) { if (this.m_safeCryptMsgHandle != null && !this.m_safeCryptMsgHandle.IsInvalid) { throw new CryptographicException(SecurityResources.GetResourceString("Cryptography_Cms_Sign_No_Signature_First_Signer")); } this.Sign(signer, silent); } else { if (signer.Certificate == null) { if (silent) { throw new InvalidOperationException(SecurityResources.GetResourceString("Cryptography_Cms_RecipientCertificateNotFound")); } signer.Certificate = PkcsUtils.SelectSignerCertificate(); } if (!signer.Certificate.HasPrivateKey) { throw new CryptographicException(-2146893811); } CspParameters parameters = new CspParameters(); if (!X509Utils.GetPrivateKeyInfo(X509Utils.GetCertContext(signer.Certificate), ref parameters)) { throw new CryptographicException(SignedCms.SafeGetLastWin32Error()); } KeyContainerPermission containerPermission = new KeyContainerPermission(KeyContainerPermissionFlags.NoFlags); KeyContainerPermissionAccessEntry accessEntry = new KeyContainerPermissionAccessEntry(parameters, KeyContainerPermissionFlags.Open | KeyContainerPermissionFlags.Sign); containerPermission.AccessEntries.Add(accessEntry); containerPermission.Demand(); if (this.m_safeCryptMsgHandle == null || this.m_safeCryptMsgHandle.IsInvalid) { this.Sign(signer, silent); } else { this.CoSign(signer, silent); } } }
public override DSAParameters ExportParameters(bool includePrivateParameters) { this.GetKeyPair(); if (includePrivateParameters) { KeyContainerPermission containerPermission = new KeyContainerPermission(KeyContainerPermissionFlags.NoFlags); KeyContainerPermissionAccessEntry accessEntry = new KeyContainerPermissionAccessEntry(this._parameters, KeyContainerPermissionFlags.Export); containerPermission.AccessEntries.Add(accessEntry); containerPermission.Demand(); } DSACspObject dsaCspObject = new DSACspObject(); Utils._ExportKey(this._safeKeyHandle, includePrivateParameters ? 7 : 6, (object)dsaCspObject); return(DSACryptoServiceProvider.DSAObjectToStruct(dsaCspObject)); }
public override RSAParameters ExportParameters(bool includePrivateParameters) { this.GetKeyPair(); if (includePrivateParameters && !CompatibilitySwitches.IsAppEarlierThanWindowsPhone8) { KeyContainerPermission containerPermission = new KeyContainerPermission(KeyContainerPermissionFlags.NoFlags); KeyContainerPermissionAccessEntry accessEntry = new KeyContainerPermissionAccessEntry(this._parameters, KeyContainerPermissionFlags.Export); containerPermission.AccessEntries.Add(accessEntry); containerPermission.Demand(); } RSACspObject rsaCspObject = new RSACspObject(); Utils._ExportKey(this._safeKeyHandle, includePrivateParameters ? 7 : 6, (object)rsaCspObject); return(RSACryptoServiceProvider.RSAObjectToStruct(rsaCspObject)); }
public override RSAParameters ExportParameters(bool includePrivateParameters) { this.GetKeyPair(); if (includePrivateParameters) { KeyContainerPermission permission = new KeyContainerPermission(KeyContainerPermissionFlags.NoFlags); KeyContainerPermissionAccessEntry accessEntry = new KeyContainerPermissionAccessEntry(this._parameters, KeyContainerPermissionFlags.Export); permission.AccessEntries.Add(accessEntry); permission.Demand(); } RSACspObject cspObject = new RSACspObject(); int blobType = includePrivateParameters ? 7 : 6; Utils._ExportKey(this._safeKeyHandle, blobType, cspObject); return RSAObjectToStruct(cspObject); }
[System.Security.SecuritySafeCritical] // auto-generated public override DSAParameters ExportParameters(bool includePrivateParameters) { GetKeyPair(); if (includePrivateParameters) { KeyContainerPermission kp = new KeyContainerPermission(KeyContainerPermissionFlags.NoFlags); KeyContainerPermissionAccessEntry entry = new KeyContainerPermissionAccessEntry(_parameters, KeyContainerPermissionFlags.Export); kp.AccessEntries.Add(entry); kp.Demand(); } DSACspObject dsaCspObject = new DSACspObject(); int blobType = includePrivateParameters ? Constants.PRIVATEKEYBLOB : Constants.PUBLICKEYBLOB; // _ExportKey will check for failures and throw an exception Utils._ExportKey(_safeKeyHandle, blobType, dsaCspObject); return(DSAObjectToStruct(dsaCspObject)); }
public void CopyTo(KeyContainerPermissionAccessEntry[] array, int index) {}
public void Remove(KeyContainerPermissionAccessEntry accessEntry) {}
public int IndexOf(KeyContainerPermissionAccessEntry accessEntry) {}
// Methods public int Add(KeyContainerPermissionAccessEntry accessEntry) {}
public KeyContainerPermission(KeyContainerPermissionFlags flags, KeyContainerPermissionAccessEntry[] accessList) {}