internal SafeEvpPKeyHandle DuplicateKeyHandle()
{
SafeEcKeyHandle currentKey = GetKey();
SafeEvpPKeyHandle pkeyHandle = Interop.Crypto.EvpPkeyCreate();
try
{
// Wrapping our key in an EVP_PKEY will up_ref our key.
// When the EVP_PKEY is Disposed it will down_ref the key.
// So everything should be copacetic.
if (!Interop.Crypto.EvpPkeySetEcKey(pkeyHandle, currentKey))
{
throw Interop.Crypto.CreateOpenSslCryptographicException();
}
return(pkeyHandle);
}
catch
{
pkeyHandle.Dispose();
throw;
}
}
/// <summary>
/// Create an ECDsaOpenSsl from an <see cref="SafeEvpPKeyHandle"/> whose value is an existing
/// OpenSSL <c>EVP_PKEY*</c> wrapping an <c>EC_KEY*</c>
/// </summary>
/// <param name="pkeyHandle">A SafeHandle for an OpenSSL <c>EVP_PKEY*</c></param>
/// <exception cref="ArgumentNullException"><paramref name="pkeyHandle"/> is <c>null</c></exception>
/// <exception cref="ArgumentException"><paramref name="pkeyHandle"/> <see cref="SafeHandle.IsInvalid" /></exception>
/// <exception cref="CryptographicException"><paramref name="pkeyHandle"/> is not a valid enveloped <c>EC_KEY*</c></exception>
public ECDsaOpenSsl(SafeEvpPKeyHandle pkeyHandle)
{
if (pkeyHandle == null)
{
throw new ArgumentNullException(nameof(pkeyHandle));
}
if (pkeyHandle.IsInvalid)
{
throw new ArgumentException(SR.Cryptography_OpenInvalidHandle, nameof(pkeyHandle));
}
// If ecKey is valid it has already been up-ref'd, so we can just use this handle as-is.
SafeEcKeyHandle ecKey = Interop.Crypto.EvpPkeyGetEcKey(pkeyHandle);
if (ecKey.IsInvalid)
{
throw Interop.Crypto.CreateOpenSslCryptographicException();
}
// Set base.KeySize rather than this.KeySize to avoid an unnecessary Lazy<> allocation.
base.KeySize = GetKeySize(ecKey);
_key = new Lazy <SafeEcKeyHandle>(() => ecKey);
}
/// <summary>
/// Create an ECDsaOpenSsl from an <see cref="SafeEvpPKeyHandle"/> whose value is an existing
/// OpenSSL <c>EVP_PKEY*</c> wrapping an <c>EC_KEY*</c>
/// </summary>
/// <param name="pkeyHandle">A SafeHandle for an OpenSSL <c>EVP_PKEY*</c></param>
/// <exception cref="ArgumentNullException"><paramref name="pkeyHandle"/> is <c>null</c></exception>
/// <exception cref="ArgumentException"><paramref name="pkeyHandle"/> <see cref="SafeHandle.IsInvalid" /></exception>
/// <exception cref="CryptographicException"><paramref name="pkeyHandle"/> is not a valid enveloped <c>EC_KEY*</c></exception>
public ECDsaOpenSsl(SafeEvpPKeyHandle pkeyHandle)
{
if (pkeyHandle == null)
{
throw new ArgumentNullException(nameof(pkeyHandle));
}
if (pkeyHandle.IsInvalid)
{
throw new ArgumentException(SR.Cryptography_OpenInvalidHandle, nameof(pkeyHandle));
}
// If ecKey is valid it has already been up-ref'd, so we can just use this handle as-is.
SafeEcKeyHandle key = Interop.Crypto.EvpPkeyGetEcKey(pkeyHandle);
if (key.IsInvalid)
{
key.Dispose();
throw Interop.Crypto.CreateOpenSslCryptographicException();
}
_key = new ECOpenSsl(key);
KeySizeValue = _key.KeySize;
}
/// <summary>
/// Obtain a SafeHandle version of an EVP_PKEY* which wraps an EC_KEY* equivalent
/// to the current key for this instance.
/// </summary>
/// <returns>A SafeHandle for the EC_KEY key in OpenSSL</returns>
public SafeEvpPKeyHandle DuplicateKeyHandle()
{
SafeEcKeyHandle currentKey = _key.Value;
SafeEvpPKeyHandle pkeyHandle = Interop.libcrypto.EVP_PKEY_new();
try
{
// Wrapping our key in an EVP_PKEY will up_ref our key.
// When the EVP_PKEY is Disposed it will down_ref the key.
// So everything should be copacetic.
if (!Interop.libcrypto.EVP_PKEY_set1_EC_KEY(pkeyHandle, currentKey))
{
throw Interop.libcrypto.CreateOpenSslCryptographicException();
}
return(pkeyHandle);
}
catch
{
pkeyHandle.Dispose();
throw;
}
}
public override bool TrySignHash(ReadOnlySpan <byte> source, Span <byte> destination, out int bytesWritten)
{
SafeEcKeyHandle key = _key.Value;
byte[] converted;
int signatureLength = Interop.Crypto.EcDsaSize(key);
byte[] signature = ArrayPool <byte> .Shared.Rent(signatureLength);
try
{
if (!Interop.Crypto.EcDsaSign(source, source.Length, new Span <byte>(signature, 0, signatureLength), ref signatureLength, key))
{
throw Interop.Crypto.CreateOpenSslCryptographicException();
}
converted = AsymmetricAlgorithmHelpers.ConvertDerToIeee1363(signature, 0, signatureLength, KeySize);
}
finally
{
Array.Clear(signature, 0, signatureLength);
ArrayPool <byte> .Shared.Return(signature);
}
if (converted.Length <= destination.Length)
{
new ReadOnlySpan <byte>(converted).CopyTo(destination);
bytesWritten = converted.Length;
return(true);
}
else
{
bytesWritten = 0;
return(false);
}
}
internal ECDiffieHellmanAndroidPublicKey(SafeEcKeyHandle ecKeyHandle !!)
{
if (ecKeyHandle.IsInvalid)
public static ECParameters ExportExplicitParameters(SafeEcKeyHandle currentKey, bool includePrivateParameters) => ExportExplicitCurveParameters(currentKey, includePrivateParameters);
public ECAndroid(SafeEcKeyHandle key)
{
_key = new Lazy <SafeEcKeyHandle>(key);
}
internal ECDsaAndroid(SafeEcKeyHandle ecKeyHandle)
{
_key = new ECAndroid(ecKeyHandle.DuplicateHandle());
ForceSetKeySize(_key.KeySize);
}
public ECOpenSsl(SafeEcKeyHandle key)
{
_key = new Lazy <SafeEcKeyHandle>(key);
}
internal ECDiffieHellmanAndroid(SafeEcKeyHandle ecKeyHandle)
{
_key = new ECAndroid(ecKeyHandle.DuplicateHandle());
KeySizeValue = _key.KeySize;
}
