private CryptographicKey GenerateCryptographicKey(string configAttributeName, string configAttributeValue, int autogenKeyOffset, int autogenKeyCount, string errorResourceString)
{
byte[] array = CryptoUtil.HexToBinary(configAttributeValue);
if (array != null && array.Length != 0)
{
return(new CryptographicKey(array));
}
bool flag = false;
bool flag2 = false;
bool flag3 = false;
if (configAttributeValue != null)
{
string[] array2 = configAttributeValue.Split(new char[]
{
','
});
for (int i = 0; i < array2.Length; i++)
{
string a = array2[i];
if (!(a == "AutoGenerate"))
{
if (!(a == "IsolateApps"))
{
if (!(a == "IsolateByAppId"))
{
throw new InvalidOperationException(SR.GetString(errorResourceString), null);
}
flag3 = true;
}
else
{
flag2 = true;
}
}
else
{
flag = true;
}
}
}
if (!flag)
{
throw new InvalidOperationException(SR.GetString(errorResourceString), null);
}
CryptographicKey keyDerivationKey = this.AutogenKeys.ExtractBits(autogenKeyOffset, autogenKeyCount);
List <string> list = new List <string>();
if (flag2)
{
MachineKeyMasterKeyProvider.AddSpecificPurposeString(list, "IsolateApps", this.ApplicationName);
}
if (flag3)
{
MachineKeyMasterKeyProvider.AddSpecificPurposeString(list, "IsolateByAppId", this.ApplicationId);
}
Purpose purpose = new Purpose("MachineKeyDerivation", list.ToArray());
return(this.KeyDerivationFunction(keyDerivationKey, purpose));
}
public DataProtector GetDataProtector(Purpose purpose)
{
if (this._dataProtectorFactory == null)
{
this._dataProtectorFactory = this.GetDataProtectorFactory();
}
return(this._dataProtectorFactory(purpose));
}
private NetFXCryptoService GetNetFXCryptoService(Purpose purpose, CryptoServiceOptions options)
{
// Extract the encryption and validation keys from the provided Purpose object
CryptographicKey encryptionKey = purpose.GetDerivedEncryptionKey(_masterKeyProvider, _keyDerivationFunction);
CryptographicKey validationKey = purpose.GetDerivedValidationKey(_masterKeyProvider, _keyDerivationFunction);
// and return the ICryptoService
// (predictable IV turned on if the caller requested cacheable output)
return(new NetFXCryptoService(_cryptoAlgorithmFactory, encryptionKey, validationKey, predictableIV: (options == CryptoServiceOptions.CacheableOutput)));
}
public static CryptographicKey DeriveKey(CryptographicKey keyDerivationKey, Purpose purpose)
{
CryptographicKey result;
using (HMACSHA512 hMACSHA = CryptoAlgorithms.CreateHMACSHA512(keyDerivationKey.GetKeyMaterial()))
{
byte[] label;
byte[] context;
purpose.GetKeyDerivationParameters(out label, out context);
result = new CryptographicKey(SP800_108.DeriveKeyImpl(hMACSHA, label, context, keyDerivationKey.KeyLength));
}
return(result);
}
public ICryptoService GetCryptoService(Purpose purpose, CryptoServiceOptions options = CryptoServiceOptions.None)
{
ICryptoService cryptoService;
if (_isDataProtectorEnabled && options == CryptoServiceOptions.None)
{
// We can only use DataProtector if it's configured and the caller didn't ask for any special behavior like cacheability
cryptoService = GetDataProtectorCryptoService(purpose);
}
else
{
// Otherwise we fall back to using the <machineKey> algorithms for cryptography
cryptoService = GetNetFXCryptoService(purpose, options);
}
// always homogenize errors returned from the crypto service
return(new HomogenizingCryptoServiceWrapper(cryptoService));
}
public DataProtectorCryptoService(IDataProtectorFactory dataProtectorFactory, Purpose purpose)
{
this._dataProtectorFactory = dataProtectorFactory;
this._purpose = purpose;
}
private DataProtectorCryptoService GetDataProtectorCryptoService(Purpose purpose)
{
// just return the ICryptoService directly
return(new DataProtectorCryptoService(_dataProtectorFactory, purpose));
}