bool GetRsaEncryptDecryptParameters() { bool ok = true; if (Parms.Keys.Contains(__data)) { Data = Parms[__data]; Parms.Remove(__data); } else { Message += " * Data not specified.\r\n"; ok = false; } if (!Parms.Keys.Contains(__keycontainername) && !Parms.Keys.Contains(__keyfile)) { Message += " * Specify either key container name or key file"; ok = false; } if (Parms.Keys.Contains(__keycontainername)) { KeyContainerName = Parms[__keycontainername]; Parms.Remove(__keycontainername); } if (Parms.Keys.Contains(__keyfile)) { if (!System.IO.File.Exists(Parms[__keyfile])) { Message += " * Unable to resolve Key File as path.\r\n"; ok = false; } else { KeyFile = Parms[__keyfile]; } Parms.Remove(__keyfile); } if (Parms.Keys.Contains(__flags)) { if (Enum.TryParse <CspProviderFlags>(Parms[__flags], true, out CspProviderFlags f)) { Flags = f; } else { Message += " * Unknown CspProviderFlags.\r\n"; ok = false; } Parms.Remove(__flags); } else { Flags = CspProviderFlags.NoFlags; } return(ok); }
static void RsaDecrypt(string data, string keyContainerName, string keyFilePath, CspProviderFlags flags, bool showHelp) { if (showHelp) { List <Parameter> parms = new List <Parameter> { new Parameter { Key = "data", Type = typeof(string), HelpText = "Text to decrypt" }, new Parameter { Key = "[kcn]", Type = typeof(string), HelpText = "Key container name" }, new Parameter { Key = "[keyFile]", Type = typeof(string), HelpText = "Path to key file" } }; ConsoleColor defaultColor = Console.ForegroundColor; Console_WriteLine($"Parameter options for Rsa decrypt:\r\n", ConsoleColor.Green); WriteMethodParametersHelp(parms); Console.WriteLine("\r\nNote:"); Console.WriteLine("Specify either key container name or path to key file."); Console.ForegroundColor = defaultColor; } else { Console.WriteLine("Decrypting data using Rsa algorithm.\r\n"); Console.WriteLine(RsaHelpers.Decrypt(keyContainerName: keyContainerName, filePath: keyFilePath, flags: flags, value: data)); } }
private static void ValidateProviderParameters(CspProviderFlags flags) { // Ели информацию о провайдере нужно взять из текущего ключа if ((flags & CspProviderFlags.UseExistingKey) != CspProviderFlags.NoFlags) { const CspProviderFlags notExpectedFlags = CspProviderFlags.UseUserProtectedKey | CspProviderFlags.UseArchivableKey | CspProviderFlags.UseNonExportableKey; if ((flags & notExpectedFlags) != CspProviderFlags.NoFlags) { throw ExceptionUtility.Argument("flags", Resources.InvalidCspProviderFlags); } } // Если пользователь должен сам выбрать ключ (например, в диалоге) if ((flags & CspProviderFlags.UseUserProtectedKey) != CspProviderFlags.NoFlags) { if (!Environment.UserInteractive) { throw ExceptionUtility.CryptographicException(Resources.UserInteractiveNotSupported); } new UIPermission(UIPermissionWindow.SafeTopLevelWindows).Demand(); } }
public RSAKey(int keyLength, CspProviderFlags flags) { this.m_rsa = new RSACryptoServiceProvider(keyLength, new CspParameters { Flags = flags }); }
private CspParameters CreateDefaultProviderParameters(CspProviderFlags defaultFlags = CspProviderFlags.UseMachineKeyStore) { return(new CspParameters(ProviderType.ToInt()) { Flags = defaultFlags }); }
static void Main(string[] args) { CspProviderFlags flag = CspProviderFlags.UseMachineKeyStore; if (args.Length >= 1) { if (args[0].EndsWith(".pfx", StringComparison.OrdinalIgnoreCase) == true) { Console.WriteLine(GetKeyContainerName(args[0])); return; } flag = (CspProviderFlags)Enum.Parse(typeof(CspProviderFlags), args[0]); } foreach (var kc in KeyUtilities.EnumerateKeyContainers("Microsoft Strong Cryptographic Provider")) { CspParameters cspParams = new CspParameters(); cspParams.KeyContainerName = kc; cspParams.Flags = flag; using (RSACryptoServiceProvider prov = new RSACryptoServiceProvider(cspParams)) { if (prov.CspKeyContainerInfo.Exportable) { var blob = prov.ExportCspBlob(true); StrongNameKeyPair kp = new StrongNameKeyPair(prov.ExportCspBlob(false)); Console.WriteLine(kc + " pk length:" + kp.PublicKey.Length); } } Console.WriteLine(); } }
public bool VerifySignature(string keyContainerName, string filePath, CspProviderFlags flags) { SHA1Managed hash = new SHA1Managed(); RSACryptoServiceProvider rsa = CryptoHelpers.LoadRsaKeys(keyContainerName, filePath, flags); //the data was signed /without/ Signature having a value, so remove/cache the value string sig = Signature; Signature = null; byte[] signature = CryptoHelpers.DecodeToBytes(sig); byte[] planBytes = Encoding.UTF8.GetBytes(ToYaml()); bool ok = rsa.VerifyData(planBytes, CryptoConfig.MapNameToOID("SHA1"), signature); if (ok) { byte[] hashedData = hash.ComputeHash(planBytes); ok = rsa.VerifyHash(hashedData, CryptoConfig.MapNameToOID("SHA1"), signature); } //put the Signature back in place. Signature = sig; return(ok); }
public KeyContainerStore(string storeType) { flags = "machine".Equals(storeType) ? CspProviderFlags.UseMachineKeyStore : CspProviderFlags.UseUserProtectedKey; Log.Verbose($"using key container, flags: {flags}"); }
private CspParameters(int providerType, string providerName, string keyContainerName, CspProviderFlags flags) { ProviderType = providerType; ProviderName = providerName; KeyContainerName = keyContainerName; KeyNumber = -1; Flags = flags; }
internal CspParameters(int providerType, string providerName, string keyContainerName, CspProviderFlags flags) { this.ProviderType = providerType; this.ProviderName = providerName; this.KeyContainerName = keyContainerName; this.KeyNumber = -1; this.Flags = flags; }
private CspParameters(int providerType, string providerName, string keyContainerName, CspProviderFlags flags) { ProviderType = providerType; ProviderName = providerName; KeyContainerName = keyContainerName; KeyNumber = -1; Flags = flags; }
public KeyContainerStore(string storeType) { flags = "machine".Equals(storeType) ? CspProviderFlags.UseMachineKeyStore : CspProviderFlags.UseUserProtectedKey; Log.Verbose($"using key container, flags: {flags}"); }
//Copy constructor internal CspParameters(CspParameters parameters) { ProviderType = parameters.ProviderType; ProviderName = parameters.ProviderName; KeyContainerName = parameters.KeyContainerName; KeyNumber = parameters.KeyNumber; Flags = parameters.Flags; _parentWindowHandle = parameters._parentWindowHandle; }
//Copy constructor internal CspParameters(CspParameters parameters) { ProviderType = parameters.ProviderType; ProviderName = parameters.ProviderName; KeyContainerName = parameters.KeyContainerName; KeyNumber = parameters.KeyNumber; Flags = parameters.Flags; _parentWindowHandle = parameters._parentWindowHandle; }
public void CreateTest1() { CspParameters cspParam = SysKeyManager.Create(1024, "DSA", "Test Key Data"); CspProviderFlags flags = cspParam.Flags; Assert.AreEqual("UseArchivableKey", flags.ToString()); Assert.AreEqual("Test_Key_Data", cspParam.KeyContainerName); Assert.AreEqual <int>(13, cspParam.ProviderType); //CryptoKeySecurity sy = cspParam.CryptoKeySecurity; }
public void Flags() { CspProviderFlags cpf = CspProviderFlags.UseDefaultKeyContainer | CspProviderFlags.UseMachineKeyStore | CspProviderFlags.NoFlags | CspProviderFlags.NoPrompt | CspProviderFlags.UseArchivableKey | CspProviderFlags.UseExistingKey | CspProviderFlags.UseNonExportableKey | CspProviderFlags.UseUserProtectedKey; int expected = 127; Assert.AreEqual(expected, (int)cpf, "All"); }
/// <summary> /// Delete a RSA key from the Windows KeyStore /// </summary> /// <param name="ContainerName">Container name</param> /// <param name="csppf">CspProviderFlags</param> public static void DeleteFromWinKeyStore(string ContainerName, CspProviderFlags csppf = CspProviderFlags.UseMachineKeyStore) { CspParameters cp = new CspParameters(); cp.KeyContainerName = ContainerName; cp.Flags = csppf; using (RSACryptoServiceProvider rsa = new RSACryptoServiceProvider(cp)) { rsa.PersistKeyInCsp = false; rsa.Clear(); } }
/// <summary> /// Writes a copy of this key into the local Csp store with the given options /// </summary> public void WriteToStore(string name, CspProviderFlags flags) { CspParameters cp = new CspParameters(); cp.KeyContainerName = name; cp.Flags = flags; RSACryptoServiceProvider csp = new RSACryptoServiceProvider(cp); csp.ImportCspBlob(RSAKey.ExportCspBlob(IsPrivateKey)); csp.PersistKeyInCsp = true; csp.Clear(); }
internal CspParameters(CspParameters parameters) : this(parameters.ProviderType, parameters.ProviderName, parameters.KeyContainerName) { if (parameters.CryptoKeySecurity != null) { CryptoKeySecurity = parameters.CryptoKeySecurity; } _Flags = parameters.Flags; KeyNumber = parameters.KeyNumber; _password = parameters.KeyPassword; _windowHandle = parameters.ParentWindowHandle; }
internal DsaKeyLifetime(CspParameters cspParameters) { const CspProviderFlags CopyableFlags = CspProviderFlags.UseMachineKeyStore; _cspParameters = new CspParameters( cspParameters.ProviderType, cspParameters.ProviderName, cspParameters.KeyContainerName) { // If the test failed before creating the key, don't bother recreating it. Flags = (cspParameters.Flags & CopyableFlags) | CspProviderFlags.UseExistingKey, }; }
public void Sign(string keyContainerName, string filePath, CspProviderFlags flags) { SHA1Managed hash = new SHA1Managed(); RSACryptoServiceProvider rsa = CryptoHelpers.LoadRsaKeys(keyContainerName, filePath, flags); //initialize Signature to null so any existing value isn't computed into the hash. Signature = null; byte[] planBytes = Encoding.UTF8.GetBytes(ToYaml()); byte[] hashedData = hash.ComputeHash(planBytes); byte[] signature = rsa.SignHash(hashedData, CryptoConfig.MapNameToOID("SHA1")); Signature = CryptoHelpers.Encode(signature); }
private static uint MapCspProviderFlags(CspProviderFlags flags) { uint dwFlags = 0; if ((flags & CspProviderFlags.UseMachineKeyStore) != CspProviderFlags.NoFlags) { dwFlags |= Constants.CRYPT_MACHINE_KEYSET; } if ((flags & CspProviderFlags.NoPrompt) != CspProviderFlags.NoFlags) { dwFlags |= Constants.CRYPT_PREGEN; } return(dwFlags); }
private static void ValidateCspFlags(CspProviderFlags flags) { if ((flags & CspProviderFlags.UseExistingKey) != CspProviderFlags.NoFlags) { CspProviderFlags flags2 = CspProviderFlags.UseUserProtectedKey | CspProviderFlags.UseArchivableKey | CspProviderFlags.UseNonExportableKey; if ((flags & flags2) != CspProviderFlags.NoFlags) { throw new ArgumentException(Environment.GetResourceString("Argument_InvalidFlag")); } } if ((flags & CspProviderFlags.UseUserProtectedKey) != CspProviderFlags.NoFlags) { if (!Environment.UserInteractive) { throw new InvalidOperationException(Environment.GetResourceString("Cryptography_NotInteractive")); } new UIPermission(UIPermissionWindow.SafeTopLevelWindows).Demand(); } }
private static uint MapCspKeyFlags(CspProviderFlags flags) { uint dwFlags = 0; if ((flags & CspProviderFlags.UseNonExportableKey) == CspProviderFlags.NoFlags) { dwFlags |= Constants.CRYPT_EXPORTABLE; } if ((flags & CspProviderFlags.UseArchivableKey) != CspProviderFlags.NoFlags) { dwFlags |= Constants.CRYPT_ARCHIVABLE; } if ((flags & CspProviderFlags.UseUserProtectedKey) != CspProviderFlags.NoFlags) { dwFlags |= Constants.CRYPT_USER_PROTECTED; } return(dwFlags); }
/// <summary> /// Validates the CSP flags are expected /// </summary> /// <param name="flags">CSP provider flags</param> private static void ValidateCspFlags(CspProviderFlags flags) { // check that the flags are consistent. if (IsFlagBitSet((uint)flags, (uint)CspProviderFlags.UseExistingKey)) { CspProviderFlags keyFlags = (CspProviderFlags.UseNonExportableKey | CspProviderFlags.UseArchivableKey | CspProviderFlags.UseUserProtectedKey); if ((flags & keyFlags) != CspProviderFlags.NoFlags) { throw new ArgumentException(SR.Format(SR.Argument_InvalidValue, Convert.ToString(flags))); } } }
/// <summary> /// Helper method to save the CSP parameters. /// </summary> /// <param name="keyType">CSP algorithm type</param> /// <param name="userParameters">CSP Parameters passed by user</param> /// <param name="defaultFlags">flags </param> /// <param name="randomKeyContainer">identifies if it is random key container</param> /// <returns></returns> internal static CspParameters SaveCspParameters( CspAlgorithmType keyType, CspParameters userParameters, CspProviderFlags defaultFlags, out bool randomKeyContainer) { CspParameters parameters; if (userParameters == null) { parameters = new CspParameters(keyType == CspAlgorithmType.Dss ? (int)ProviderType.PROV_DSS_DH : DefaultRsaProviderType, null, null, defaultFlags); } else { ValidateCspFlags(userParameters.Flags); parameters = new CspParameters(userParameters); } if (parameters.KeyNumber == -1) { parameters.KeyNumber = keyType == CapiHelper.CspAlgorithmType.Dss ? (int)KeyNumber.Signature : (int)KeyNumber.Exchange; } else if (parameters.KeyNumber == CALG_DSS_SIGN || parameters.KeyNumber == CALG_RSA_SIGN) { parameters.KeyNumber = (int)KeyNumber.Signature; } else if (parameters.KeyNumber == CALG_RSA_KEYX) { parameters.KeyNumber = (int)KeyNumber.Exchange; } // If no key container was specified and UseDefaultKeyContainer is not used, then use CRYPT_VERIFYCONTEXT // to generate an ephemeral key randomKeyContainer = IsFlagBitSet((uint)parameters.Flags, (uint)CspProviderFlags.CreateEphemeralKey); if (parameters.KeyContainerName == null && !IsFlagBitSet((uint)parameters.Flags, (uint)CspProviderFlags.UseDefaultKeyContainer)) { parameters.Flags |= CspProviderFlags.CreateEphemeralKey; randomKeyContainer = true; } return parameters; }
public static CspParameters GetProvParameters(this SafeProvOrNCryptKeyHandle handle) { // A normal key container name is a GUID (~34 bytes ASCII) // The longest standard provider name is 64 bytes (including the \0), // but we shouldn't have a CAPI call with a software CSP. // // In debug builds use a buffer which will need to be resized, but is big // enough to hold the DWORD "can't fail" values. Span <byte> stackSpan = stackalloc byte[ #if DEBUG sizeof(int) #else 64 #endif ]; stackSpan.Clear(); int size = stackSpan.Length; if (!Interop.Advapi32.CryptGetProvParam(handle, CryptProvParam.PP_PROVTYPE, stackSpan, ref size)) { throw Interop.CPError.GetLastWin32Error().ToCryptographicException(); } if (size != sizeof(int)) { Debug.Fail("PP_PROVTYPE writes a DWORD - enum misalignment?"); throw new CryptographicException(); } int provType = MemoryMarshal.Read <int>(stackSpan.Slice(0, size)); size = stackSpan.Length; if (!Interop.Advapi32.CryptGetProvParam(handle, CryptProvParam.PP_KEYSET_TYPE, stackSpan, ref size)) { throw Interop.CPError.GetLastWin32Error().ToCryptographicException(); } if (size != sizeof(int)) { Debug.Fail("PP_KEYSET_TYPE writes a DWORD - enum misalignment?"); throw new CryptographicException(); } int keysetType = MemoryMarshal.Read <int>(stackSpan.Slice(0, size)); // Only CRYPT_MACHINE_KEYSET is described as coming back, but be defensive. CspProviderFlags provFlags = ((CspProviderFlags)keysetType & CspProviderFlags.UseMachineKeyStore) | CspProviderFlags.UseExistingKey; byte[] rented = null; Span <byte> asciiStringBuf = stackSpan; string provName = GetStringProvParam(handle, CryptProvParam.PP_NAME, ref asciiStringBuf, ref rented, 0); int maxClear = provName.Length; string keyName = GetStringProvParam(handle, CryptProvParam.PP_CONTAINER, ref asciiStringBuf, ref rented, maxClear); maxClear = Math.Max(maxClear, keyName.Length); if (rented != null) { CryptoPool.Return(rented, maxClear); } return(new CspParameters(provType) { Flags = provFlags, KeyContainerName = keyName, ProviderName = provName, }); }
private static void ValidateCspFlags(CspProviderFlags flags) { if ((flags & CspProviderFlags.UseExistingKey) != CspProviderFlags.NoFlags) { CspProviderFlags flags2 = CspProviderFlags.UseUserProtectedKey | CspProviderFlags.UseArchivableKey | CspProviderFlags.UseNonExportableKey; if ((flags & flags2) != CspProviderFlags.NoFlags) { throw new ArgumentException(Environment.GetResourceString("Argument_InvalidFlag")); } } if ((flags & CspProviderFlags.UseUserProtectedKey) != CspProviderFlags.NoFlags) { if (!Environment.UserInteractive) { throw new InvalidOperationException(Environment.GetResourceString("Cryptography_NotInteractive")); } new UIPermission(UIPermissionWindow.SafeTopLevelWindows).Demand(); } }
internal static extern void _GenerateKey(SafeProvHandle hProv, int algid, CspProviderFlags flags, int keySize, ref SafeKeyHandle hKey);
internal static extern void _ImportKey(SafeProvHandle hCSP, int keyNumber, CspProviderFlags flags, object cspObject, ref SafeKeyHandle hKey);
public KeyContainerStore(string storeType) { flags = storeType == "machine" ? CspProviderFlags.UseMachineKeyStore : CspProviderFlags.UseUserProtectedKey; }
private static void ValidateProviderParameters(CspProviderFlags flags) { // Ели информацию о провайдере нужно взять из текущего ключа if ((flags & CspProviderFlags.UseExistingKey) != CspProviderFlags.NoFlags) { const CspProviderFlags notExpectedFlags = CspProviderFlags.UseUserProtectedKey | CspProviderFlags.UseArchivableKey | CspProviderFlags.UseNonExportableKey; if ((flags & notExpectedFlags) != CspProviderFlags.NoFlags) { throw ExceptionUtility.Argument("flags", Resources.InvalidCspProviderFlags); } } // Если пользователь должен сам выбрать ключ (например, в диалоге) if ((flags & CspProviderFlags.UseUserProtectedKey) != CspProviderFlags.NoFlags) { if (!Environment.UserInteractive) { throw ExceptionUtility.CryptographicException(Resources.UserInteractiveNotSupported); } new UIPermission(UIPermissionWindow.SafeTopLevelWindows).Demand(); } }
internal static extern void _GenerateKey(SafeProvHandle hProv, int algid, CspProviderFlags flags, int keySize, ref SafeKeyHandle hKey);
internal static CspParameters SaveCspParameters (CspAlgorithmType keyType, CspParameters userParameters, CspProviderFlags defaultFlags, ref bool randomKeyContainer) { #if SILVERLIGHT Contract.Assert(keyType == CspAlgorithmType.Rsa, "Only RSA is supported in Silverlight"); #endif // SILVERLIGHT CspParameters parameters; if (userParameters == null) { #if !SILVERLIGHT parameters = new CspParameters(keyType == CspAlgorithmType.Dss ? Constants.PROV_DSS_DH : DefaultRsaProviderType, null, null, defaultFlags); #else // !SILVERLIGHT parameters = new CspParameters(); #endif // !SILVERLIGHT } else { ValidateCspFlags(userParameters.Flags); parameters = new CspParameters(userParameters); } #if !SILVERLIGHT if (parameters.KeyNumber == -1) parameters.KeyNumber = keyType == CspAlgorithmType.Dss ? Constants.AT_SIGNATURE : Constants.AT_KEYEXCHANGE; else if (parameters.KeyNumber == Constants.CALG_DSS_SIGN || parameters.KeyNumber == Constants.CALG_RSA_SIGN) parameters.KeyNumber = Constants.AT_SIGNATURE; else if (parameters.KeyNumber == Constants.CALG_RSA_KEYX) parameters.KeyNumber = Constants.AT_KEYEXCHANGE; #else // !SILVERLIGHT if (parameters.KeyNumber == -1) { parameters.KeyNumber = (int)CapiNative.KeySpec.Signature; } #endif // !SILVERLIGHT // If no key container was specified and UseDefaultKeyContainer is not used, then use CRYPT_VERIFYCONTEXT // to generate an ephemeral key randomKeyContainer = (parameters.Flags & CspProviderFlags.CreateEphemeralKey) == CspProviderFlags.CreateEphemeralKey; if (parameters.KeyContainerName == null && (parameters.Flags & CspProviderFlags.UseDefaultKeyContainer) == 0) { parameters.Flags |= CspProviderFlags.CreateEphemeralKey; randomKeyContainer = true; } return parameters; }
extern public static byte[] GetKey(int algorithm, String name, CspProviderFlags flag, out int result);
public static SafeKeyHandleImpl GenerateKey(SafeProvHandleImpl providerHandle, int algId, CspProviderFlags flags) { var keyHandle = SafeKeyHandleImpl.InvalidHandle; var dwFlags = MapCspKeyFlags(flags); if (!CryptoApi.CryptGenKey(providerHandle, (uint)algId, dwFlags, ref keyHandle)) { throw CreateWin32Error(); } return(keyHandle); }
internal static extern int _ImportCspBlob(byte[] keyBlob, SafeProvHandle hProv, CspProviderFlags flags, ref SafeKeyHandle hKey);
/// <summary> /// Validates the CSP flags are expected /// </summary> /// <param name="flags">CSP provider flags</param> private static void ValidateCspFlags(CspProviderFlags flags) { // check that the flags are consistent. if (IsFlagBitSet((uint)flags, (uint)CspProviderFlags.UseExistingKey)) { CspProviderFlags keyFlags = (CspProviderFlags.UseNonExportableKey | CspProviderFlags.UseArchivableKey | CspProviderFlags.UseUserProtectedKey); if ((flags & keyFlags) != CspProviderFlags.NoFlags) { throw new ArgumentException(SR.Format(SR.Argument_InvalidValue, Convert.ToString(flags))); } } //TODO : I don't think we need following commented code. Leaving it now for confirming the same // during code review. Reviewers please let me kn know? // make sure we are allowed to display the key protection UI if a user protected key is requested. //if ((flags & CspProviderFlags.UseUserProtectedKey) != 0) //{ // // UI only allowed in interactive session. // if (!System.Environment.UserInteractive) // { // throw new InvalidOperationException(("Cryptography_NotInteractive")); // } // // we need to demand UI permission here. // UIPermission uiPermission = new UIPermission(UIPermissionWindow.SafeTopLevelWindows); // uiPermission.Demand(); //} }
internal static CspParameters SaveCspParameters(CspAlgorithmType keyType, CspParameters userParameters, CspProviderFlags defaultFlags, ref bool randomKeyContainer) { CspParameters parameters; if (userParameters == null) { parameters = new CspParameters((keyType == CspAlgorithmType.Dss) ? 13 : DefaultRsaProviderType, null, null, defaultFlags); } else { ValidateCspFlags(userParameters.Flags); parameters = new CspParameters(userParameters); } if (parameters.KeyNumber == -1) { parameters.KeyNumber = (keyType == CspAlgorithmType.Dss) ? 2 : 1; } else if ((parameters.KeyNumber == 0x2200) || (parameters.KeyNumber == 0x2400)) { parameters.KeyNumber = 2; } else if (parameters.KeyNumber == 0xa400) { parameters.KeyNumber = 1; } randomKeyContainer = (parameters.Flags & CspProviderFlags.CreateEphemeralKey) == CspProviderFlags.CreateEphemeralKey; if ((parameters.KeyContainerName == null) && ((parameters.Flags & CspProviderFlags.UseDefaultKeyContainer) == CspProviderFlags.NoFlags)) { parameters.Flags |= CspProviderFlags.CreateEphemeralKey; randomKeyContainer = true; } return(parameters); }
/// <summary> /// Helper for Import CSP /// </summary> internal static void ImportKeyBlob(SafeProvHandle saveProvHandle, CspProviderFlags flags, byte[] keyBlob, out SafeKeyHandle safeKeyHandle) { // Compat note: This isn't the same check as the one done by the CLR _ImportCspBlob QCall, // but this does match the desktop CLR behavior and the only scenarios it // affects are cases where a corrupt blob is passed in. bool isPublic = keyBlob.Length > 0 && keyBlob[0] == CapiHelper.PUBLICKEYBLOB; int dwCapiFlags = MapCspKeyFlags((int)flags); if (isPublic) { dwCapiFlags &= ~(int)(CryptGenKeyFlags.CRYPT_EXPORTABLE); } SafeKeyHandle hKey; if (!Interop.CryptImportKey(saveProvHandle, keyBlob, keyBlob.Length, SafeKeyHandle.InvalidHandle, dwCapiFlags, out hKey)) { int hr = Marshal.GetHRForLastWin32Error(); hKey.Dispose(); throw hr.ToCryptographicException(); } hKey.PublicOnly = isPublic; safeKeyHandle = hKey; return; }
internal CspParameters(int providerType, string providerName, string keyContainerName, CspProviderFlags flags) { this.ProviderType = providerType; this.ProviderName = providerName; this.KeyContainerName = keyContainerName; this.KeyNumber = -1; this.Flags = flags; }
private static CspParameters CreateProviderParameters(CspParameters providerParameters, CspProviderFlags defaultFlags, out bool randomKeyContainer) { CspParameters parameters; if (providerParameters == null) { parameters = new CspParameters(GostCryptoConfig.ProviderType) { Flags = defaultFlags }; } else { ValidateProviderParameters(providerParameters.Flags); parameters = new CspParameters(providerParameters.ProviderType, providerParameters.ProviderName, providerParameters.KeyContainerName) { Flags = providerParameters.Flags, KeyNumber = providerParameters.KeyNumber }; } // Установка типа ключа if (parameters.KeyNumber == -1) { parameters.KeyNumber = (int)KeyNumber.Exchange; } else if (parameters.KeyNumber == Constants.CALG_GR3410EL) { parameters.KeyNumber = (int)KeyNumber.Signature; } else if (parameters.KeyNumber == Constants.CALG_DH_EL_SF) { parameters.KeyNumber = (int)KeyNumber.Exchange; } // Использовать автогенерированный контейнер randomKeyContainer = ((parameters.KeyContainerName == null) && ((parameters.Flags & CspProviderFlags.UseDefaultKeyContainer) == CspProviderFlags.NoFlags)); if (randomKeyContainer) { parameters.KeyContainerName = Guid.NewGuid().ToString(); } return parameters; }
/// <summary> /// Writes a copy of this key into the local Csp store with the given options /// </summary> public void WriteToStore(string name, CspProviderFlags flags) { CspParameters cp = new CspParameters(); cp.KeyContainerName = name; cp.Flags = flags; RSACryptoServiceProvider csp = new RSACryptoServiceProvider(cp); csp.ImportCspBlob(RSAKey.ExportCspBlob(IsPrivateKey)); csp.PersistKeyInCsp = true; csp.Clear(); }
internal static extern int _ImportCspBlob(byte[] keyBlob, SafeProvHandle hProv, CspProviderFlags flags, ref SafeKeyHandle hKey);
public static RSACryptoServiceProvider LoadRsaKeys(string keyContainerName = null, string filePath = null, CspProviderFlags flags = CspProviderFlags.NoFlags) { CspParameters cspParams = new CspParameters { KeyContainerName = keyContainerName, Flags = flags }; return(LoadRsaKeys(cspParams, !string.IsNullOrWhiteSpace(keyContainerName) ? null : filePath)); }
internal static CspParameters SaveCspParameters(CspAlgorithmType keyType, CspParameters userParameters, CspProviderFlags defaultFlags, ref bool randomKeyContainer) { CspParameters cspParameters; if (userParameters == null) { cspParameters = new CspParameters(keyType == CspAlgorithmType.Dss ? 13 : 24, (string)null, (string)null, defaultFlags); } else { Utils.ValidateCspFlags(userParameters.Flags); cspParameters = new CspParameters(userParameters); } if (cspParameters.KeyNumber == -1) { cspParameters.KeyNumber = keyType == CspAlgorithmType.Dss ? 2 : 1; } else if (cspParameters.KeyNumber == 8704 || cspParameters.KeyNumber == 9216) { cspParameters.KeyNumber = 2; } else if (cspParameters.KeyNumber == 41984) { cspParameters.KeyNumber = 1; } randomKeyContainer = (cspParameters.Flags & CspProviderFlags.CreateEphemeralKey) == CspProviderFlags.CreateEphemeralKey; if (cspParameters.KeyContainerName == null && (cspParameters.Flags & CspProviderFlags.UseDefaultKeyContainer) == CspProviderFlags.NoFlags) { cspParameters.Flags |= CspProviderFlags.CreateEphemeralKey; randomKeyContainer = true; } return(cspParameters); }
internal CspParameters(CspParameters parameters) : this(parameters.ProviderType, parameters.ProviderName, parameters.KeyContainerName) { if (parameters.CryptoKeySecurity != null) CryptoKeySecurity = parameters.CryptoKeySecurity; _Flags = parameters.Flags; KeyNumber = parameters.KeyNumber; _password = parameters.KeyPassword; _windowHandle = parameters.ParentWindowHandle; }
internal static CspParameters SaveCspParameters (CspAlgorithmType keyType, CspParameters userParameters, CspProviderFlags defaultFlags, ref bool randomKeyContainer) { CspParameters parameters; if (userParameters == null) { parameters = new CspParameters(keyType == CspAlgorithmType.Dss ? Constants.PROV_DSS_DH : DefaultRsaProviderType, null, null, defaultFlags); } else { ValidateCspFlags(userParameters.Flags); parameters = new CspParameters(userParameters); } if (parameters.KeyNumber == -1) parameters.KeyNumber = keyType == CspAlgorithmType.Dss ? Constants.AT_SIGNATURE : Constants.AT_KEYEXCHANGE; else if (parameters.KeyNumber == Constants.CALG_DSS_SIGN || parameters.KeyNumber == Constants.CALG_RSA_SIGN) parameters.KeyNumber = Constants.AT_SIGNATURE; else if (parameters.KeyNumber == Constants.CALG_RSA_KEYX) parameters.KeyNumber = Constants.AT_KEYEXCHANGE; // If no key container was specified and UseDefaultKeyContainer is not used, then use CRYPT_VERIFYCONTEXT // to generate an ephemeral key randomKeyContainer = (parameters.Flags & CspProviderFlags.CreateEphemeralKey) == CspProviderFlags.CreateEphemeralKey; if (parameters.KeyContainerName == null && (parameters.Flags & CspProviderFlags.UseDefaultKeyContainer) == 0) { parameters.Flags |= CspProviderFlags.CreateEphemeralKey; randomKeyContainer = true; } return parameters; }
internal static extern void _ImportKey(SafeProvHandle hCSP, int keyNumber, CspProviderFlags flags, object cspObject, ref SafeKeyHandle hKey);
[System.Security.SecurityCritical] // auto-generated private static void ValidateCspFlags (CspProviderFlags flags) { // check that the flags are consistent. if ((flags & CspProviderFlags.UseExistingKey) != 0) { CspProviderFlags keyFlags = (CspProviderFlags.UseNonExportableKey | CspProviderFlags.UseArchivableKey | CspProviderFlags.UseUserProtectedKey); if ((flags & keyFlags) != CspProviderFlags.NoFlags) throw new ArgumentException(Environment.GetResourceString("Argument_InvalidFlag")); } // make sure we are allowed to display the key protection UI if a user protected key is requested. if ((flags & CspProviderFlags.UseUserProtectedKey) != 0) { // UI only allowed in interactive session. if (!System.Environment.UserInteractive) throw new InvalidOperationException(Environment.GetResourceString("Cryptography_NotInteractive")); // we need to demand UI permission here. UIPermission uiPermission = new UIPermission(UIPermissionWindow.SafeTopLevelWindows); uiPermission.Demand(); } }
internal static CspParameters SaveCspParameters(CspAlgorithmType keyType, CspParameters userParameters, CspProviderFlags defaultFlags, ref bool randomKeyContainer) { CspParameters parameters; if (userParameters == null) { parameters = new CspParameters((keyType == CspAlgorithmType.Dss) ? 13 : DefaultRsaProviderType, null, null, defaultFlags); } else { ValidateCspFlags(userParameters.Flags); parameters = new CspParameters(userParameters); } if (parameters.KeyNumber == -1) { parameters.KeyNumber = (keyType == CspAlgorithmType.Dss) ? 2 : 1; } else if ((parameters.KeyNumber == 0x2200) || (parameters.KeyNumber == 0x2400)) { parameters.KeyNumber = 2; } else if (parameters.KeyNumber == 0xa400) { parameters.KeyNumber = 1; } randomKeyContainer = (parameters.Flags & CspProviderFlags.CreateEphemeralKey) == CspProviderFlags.CreateEphemeralKey; if ((parameters.KeyContainerName == null) && ((parameters.Flags & CspProviderFlags.UseDefaultKeyContainer) == CspProviderFlags.NoFlags)) { parameters.Flags |= CspProviderFlags.CreateEphemeralKey; randomKeyContainer = true; } return parameters; }