public Gost3411_2012_256Hmac()
{
HashName = DefaultHashName;
HashSizeValue = DefaultHashSize;
_keyAlgorithm = new Gost28147SymmetricAlgorithm();
_hashHandle = CryptoApiHelper.CreateHashHmac(CryptoApiHelper.ProviderHandle, _keyAlgorithm.InternalKeyHandle, Constants.CALG_GR3411_2012_256_HMAC);
}
public Gost3411Hmac()
{
HashName = DefaultHashName;
HashSizeValue = DefaultHashSize;
_keyAlgorithm = new Gost28147SymmetricAlgorithm();
_hashHandle = CryptoApiHelper.CreateHashHmac(CryptoApiHelper.ProviderHandle, _keyAlgorithm.InternalKeyHandle);
}
public Gost3411Hmac()
{
HashName = DefaultHashName;
HashSizeValue = DefaultHashSize;
_keyAlgorithm = new Gost28147SymmetricAlgorithm();
_hashHandle = CryptoApiHelper.CreateHashHmac(CryptoApiHelper.ProviderHandle, _keyAlgorithm.InternalKeyHandle, GostCryptoConfig.ProviderType == ProviderTypes.VipNet ? Constants.CALG_GR3411_HMAC34 : Constants.CALG_GR3411_HMAC);
}
public Gost3411Hmac()
{
HashName = DefaultHashName;
HashSizeValue = DefaultHashSize;
_keyAlgorithm = new Gost28147SymmetricAlgorithm();
_hashHandle = CryptoApiHelper.CreateHashHmac(CryptoApiHelper.ProviderHandle, _keyAlgorithm.InternalKeyHandle);
}
public void TearDown()
{
try
{
_sharedKey.Dispose();
}
finally
{
_sharedKey = null;
}
}
public Gost28147ImitHashAlgorithm(Gost28147SymmetricAlgorithmBase key)
{
if (key == null)
{
throw ExceptionUtility.ArgumentNull("key");
}
KeyValue = null;
HashSizeValue = DefaultHashSize;
_keyAlgorithm = DuplicateKeyAlg(key);
}
public Gost3411Hmac(byte[] key)
{
if (key == null)
{
throw ExceptionUtility.ArgumentNull("key");
}
HashName = DefaultHashName;
HashSizeValue = DefaultHashSize;
_keyAlgorithm = new Gost28147SymmetricAlgorithm { Key = key };
_hashHandle = CryptoApiHelper.CreateHashHmac(CryptoApiHelper.ProviderHandle, _keyAlgorithm.InternalKeyHandle);
}
private byte[] EncodeKeyExchangeInternal(Gost28147SymmetricAlgorithm keyExchangeAlgorithm, GostKeyExchangeExportMethod keyExchangeExportMethod)
{
switch (keyExchangeExportMethod)
{
case GostKeyExchangeExportMethod.GostKeyExport:
return(EncodeKeyExchangeInternal(keyExchangeAlgorithm, Constants.CALG_SIMPLE_EXPORT));
case GostKeyExchangeExportMethod.CryptoProKeyExport:
return(EncodeKeyExchangeInternal(keyExchangeAlgorithm, Constants.CALG_PRO_EXPORT));
}
throw ExceptionUtility.ArgumentOutOfRange("keyExchangeExportMethod");
}
public Gost3411Hmac(Gost28147SymmetricAlgorithmBase keyAlgorithm)
{
if (keyAlgorithm == null)
{
throw ExceptionUtility.ArgumentNull("keyAlgorithm");
}
HashName = DefaultHashName;
HashSizeValue = DefaultHashSize;
_keyAlgorithm = DuplicateKeyAlg(keyAlgorithm);
_hashHandle = CryptoApiHelper.CreateHashHmac(CryptoApiHelper.ProviderHandle, _keyAlgorithm.InternalKeyHandle);
}
/// <summary>
/// Шифрует общий секретный ключ.
/// </summary>
/// <param name="keyExchangeData">Общий секретный ключ.</param>
/// <exception cref="ArgumentNullException"></exception>
public override byte[] CreateKeyExchange(byte[] keyExchangeData)
{
if (keyExchangeData == null)
{
throw ExceptionUtility.ArgumentNull("keyExchangeData");
}
using (var keyExchangeAlgorithm = new Gost28147SymmetricAlgorithm())
{
keyExchangeAlgorithm.Key = keyExchangeData;
return CreateKeyExchangeData(keyExchangeAlgorithm);
}
}
/// <summary>
/// Шифрует общий секретный ключ.
/// </summary>
/// <param name="keyExchangeData">Общий секретный ключ.</param>
/// <exception cref="ArgumentNullException"></exception>
public override byte[] CreateKeyExchange(byte[] keyExchangeData)
{
if (keyExchangeData == null)
{
throw ExceptionUtility.ArgumentNull("keyExchangeData");
}
using (var keyExchangeAlgorithm = new Gost28147SymmetricAlgorithm())
{
keyExchangeAlgorithm.Key = keyExchangeData;
return(CreateKeyExchangeData(keyExchangeAlgorithm));
}
}
private byte[] EncodePrivateKeyInternal(Gost28147SymmetricAlgorithm sessionKey, int keyExchangeExportAlgId)
{
var hSessionKey = sessionKey.InternalKeyHandle;
using (var keyHandle = CryptoApiHelper.DuplicateKey(InternalKeyHandle))
{
CryptoApiHelper.SetKeyParameterInt32(keyHandle, Constants.KP_ALGID, keyExchangeExportAlgId);
CryptoApiHelper.SetKeyParameter(keyHandle, Constants.KP_IV, IV);
var keyExchangeInfo = CryptoApiHelper.ExportKeyExchange(hSessionKey, keyHandle);
return(keyExchangeInfo.Encode());
}
}
public Gost3411Hmac(byte[] key)
{
if (key == null)
{
throw ExceptionUtility.ArgumentNull("key");
}
HashName = DefaultHashName;
HashSizeValue = DefaultHashSize;
_keyAlgorithm = new Gost28147SymmetricAlgorithm {
Key = key
};
_hashHandle = CryptoApiHelper.CreateHashHmac(CryptoApiHelper.ProviderHandle, _keyAlgorithm.InternalKeyHandle);
}
public Gost3411Hmac(byte[] key)
{
if (key == null)
{
throw ExceptionUtility.ArgumentNull("key");
}
HashName = DefaultHashName;
HashSizeValue = DefaultHashSize;
_keyAlgorithm = new Gost28147SymmetricAlgorithm {
Key = key
};
_hashHandle = CryptoApiHelper.CreateHashHmac(CryptoApiHelper.ProviderHandle, _keyAlgorithm.InternalKeyHandle, GostCryptoConfig.ProviderType == ProviderTypes.VipNet ? Constants.CALG_GR3411_HMAC34 : Constants.CALG_GR3411_HMAC);
}
public Gost3411Prf(Gost28147SymmetricAlgorithmBase key, byte[] label, byte[] seed)
: this(label, seed)
{
if (key == null)
{
throw ExceptionUtility.ArgumentNull("key");
}
_hashHmacHandle = SafeHashHandleImpl.InvalidHandle;
_buffer = new byte[_labelAndSeed.Length + 32];
var gostSymmetricAlgorithm = key as Gost28147SymmetricAlgorithm;
_key = (gostSymmetricAlgorithm != null)
? new Gost28147SymmetricAlgorithm(gostSymmetricAlgorithm.InternalProvHandle, gostSymmetricAlgorithm.InternalKeyHandle)
: new Gost28147SymmetricAlgorithm { Key = key.Key };
}
public override byte[] EncodeKeyExchange(SymmetricAlgorithm keyExchangeAlgorithm, GostKeyExchangeExportMethod keyExchangeExportMethod)
{
if (keyExchangeAlgorithm is Gost28147SymmetricAlgorithm)
{
return(EncodeKeyExchangeInternal((Gost28147SymmetricAlgorithm)keyExchangeAlgorithm, keyExchangeExportMethod));
}
if (keyExchangeAlgorithm is Gost28147SymmetricAlgorithmBase)
{
using (var gostKeyExchangeAlgorithm = new Gost28147SymmetricAlgorithm())
{
return(gostKeyExchangeAlgorithm.EncodePrivateKey((Gost28147SymmetricAlgorithmBase)keyExchangeAlgorithm, keyExchangeExportMethod));
}
}
throw ExceptionUtility.Argument("keyExchangeAlgorithm", Resources.RequiredGost28147);
}
public Gost3411Prf(byte[] key, byte[] label, byte[] seed) : this(label, seed)
{
if (key == null)
{
throw ExceptionUtility.ArgumentNull("key");
}
if (key.Length != 32)
{
throw ExceptionUtility.Argument("key", Resources.InvalidHashSize);
}
_hashHmacHandle = SafeHashHandleImpl.InvalidHandle;
_buffer = new byte[_labelAndSeed.Length + 32];
using (var keyHandle = CryptoApiHelper.ImportBulkSessionKey(CryptoApiHelper.ProviderHandle, key, CryptoApiHelper.RandomNumberGenerator))
{
_key = new Gost28147SymmetricAlgorithm(CryptoApiHelper.ProviderHandle, keyHandle);
}
}
private byte[] EncodeKeyExchangeInternal(Gost28147SymmetricAlgorithm keyExchangeAlgorithm, int keyExchangeExportAlgId)
{
GostKeyExchangeInfo keyExchangeInfo;
SafeKeyHandleImpl keyExchangeHandle = null;
try
{
keyExchangeHandle = CryptoApiHelper.ImportAndMakeKeyExchange(_provHandle, _keyExchangeParameters, _keyHandle);
CryptoApiHelper.SetKeyParameterInt32(keyExchangeHandle, Constants.KP_ALGID, keyExchangeExportAlgId);
var symKeyHandle = keyExchangeAlgorithm.InternalKeyHandle;
keyExchangeInfo = CryptoApiHelper.ExportKeyExchange(symKeyHandle, keyExchangeHandle);
}
finally
{
keyExchangeHandle.TryDispose();
}
return(keyExchangeInfo.Encode());
}
public override byte[] EncodePrivateKey(Gost28147 keyExchangeAlgorithm, GostKeyExchangeExportMethod keyExchangeExportMethod)
{
if (keyExchangeAlgorithm == null)
{
throw ExceptionUtility.ArgumentNull("keyExchangeAlgorithm");
}
int keyExchangeExportAlgId;
if (keyExchangeExportMethod == GostKeyExchangeExportMethod.GostKeyExport)
{
keyExchangeExportAlgId = Constants.CALG_SIMPLE_EXPORT;
}
else if (keyExchangeExportMethod == GostKeyExchangeExportMethod.CryptoProKeyExport)
{
keyExchangeExportAlgId = Constants.CALG_PRO_EXPORT;
}
else
{
throw ExceptionUtility.ArgumentOutOfRange("keyExchangeExportMethod");
}
var currentSessionKey = keyExchangeAlgorithm as Gost28147SymmetricAlgorithm;
if (currentSessionKey == null)
{
using (var derivedSessinKey = new Gost28147SymmetricAlgorithm())
{
derivedSessinKey.Key = keyExchangeAlgorithm.Key;
return(EncodePrivateKeyInternal(derivedSessinKey, keyExchangeExportAlgId));
}
}
return(EncodePrivateKeyInternal(currentSessionKey, keyExchangeExportAlgId));
}
public Gost28147ImitHashAlgorithm()
{
HashSizeValue = DefaultHashSize;
_keyAlgorithm = new Gost28147SymmetricAlgorithm();
}
private static Stream SendEncryptedDataStream(AsymmetricAlgorithm publicKey, Stream dataStream, out byte[] iv, out byte[] sessionKey)
{
var encryptedDataStream = new MemoryStream();
// Отправитель создает случайный сессионный ключ для шифрации данных
using (var senderSessionKey = new Gost28147SymmetricAlgorithm())
{
// Отправитель передает получателю вектор инициализации
iv = senderSessionKey.IV;
// Отправитель шифрует сессионный ключ и передает его получателю
var formatter = new GostKeyExchangeFormatter(publicKey);
sessionKey = formatter.CreateKeyExchangeData(senderSessionKey);
// Отправитель шифрует данные с использованием сессионного ключа
using (var encryptor = senderSessionKey.CreateEncryptor())
{
var cryptoStream = new CryptoStream(encryptedDataStream, encryptor, CryptoStreamMode.Write);
dataStream.CopyTo(cryptoStream);
}
}
encryptedDataStream.Position = 0;
return encryptedDataStream;
}
private static XmlDocument EncryptXmlDocument(XmlDocument xmlDocument, IEnumerable<X509Certificate2> certificates)
{
// Создание объекта для шифрации XML
var encryptedXml = new GostEncryptedXml();
// Поиск элементов для шифрации
var elements = xmlDocument.SelectNodes("//SomeElement[@Encrypt='true']");
if (elements != null)
{
var elementIndex = 0;
foreach (XmlElement element in elements)
{
// Формирование элемента EncryptedData
var elementEncryptedData = new EncryptedData();
elementEncryptedData.Id = "EncryptedElement" + elementIndex++;
elementEncryptedData.Type = EncryptedXml.XmlEncElementUrl;
elementEncryptedData.EncryptionMethod = new EncryptionMethod(GostEncryptedXml.XmlEncGost28147Url);
elementEncryptedData.KeyInfo = new KeyInfo();
using (var sessionKey = new Gost28147SymmetricAlgorithm())
{
// Шифрация элемента с использованием симметричного ключа
var encryptedElement = encryptedXml.EncryptData(element, sessionKey, false);
foreach (var certificate in certificates)
{
// Шифрация сессионного ключа с использованием открытого ключа сертификата
var encryptedSessionKeyData = GostEncryptedXml.EncryptKey(sessionKey, (Gost3410AsymmetricAlgorithmBase)certificate.GetPublicKeyAlgorithm());
// Формирование информации о зашифрованном сессионном ключе
var encryptedSessionKey = new EncryptedKey();
encryptedSessionKey.CipherData = new CipherData(encryptedSessionKeyData);
encryptedSessionKey.EncryptionMethod = new EncryptionMethod(GostEncryptedXml.XmlEncGostCryptoProKeyExportUrl);
encryptedSessionKey.AddReference(new DataReference { Uri = "#" + elementEncryptedData.Id });
encryptedSessionKey.KeyInfo.AddClause(new KeyInfoX509Data(certificate));
// Добавление ссылки на зашифрованный ключ, используемый при шифровании данных
elementEncryptedData.KeyInfo.AddClause(new KeyInfoEncryptedKey(encryptedSessionKey));
}
// Установка зашифрованных данных у объекта EncryptedData
elementEncryptedData.CipherData.CipherValue = encryptedElement;
}
// Замена элемента его зашифрованным представлением
GostEncryptedXml.ReplaceElement(element, elementEncryptedData, false);
}
}
return xmlDocument;
}
public void SetUp()
{
_sharedKey = new Gost28147SymmetricAlgorithm();
}
public Gost28147ImitHashAlgorithm()
{
HashSizeValue = DefaultHashSize;
_keyAlgorithm = new Gost28147SymmetricAlgorithm();
}
public Gost3411Prf(byte[] key, byte[] label, byte[] seed)
: this(label, seed)
{
if (key == null)
{
throw ExceptionUtility.ArgumentNull("key");
}
if (key.Length != 32)
{
throw ExceptionUtility.Argument("key", Resources.InvalidHashSize);
}
_hashHmacHandle = SafeHashHandleImpl.InvalidHandle;
_buffer = new byte[_labelAndSeed.Length + 32];
using (var keyHandle = CryptoApiHelper.ImportBulkSessionKey(CryptoApiHelper.ProviderHandle, key, CryptoApiHelper.RandomNumberGenerator))
{
_key = new Gost28147SymmetricAlgorithm(CryptoApiHelper.ProviderHandle, keyHandle);
}
}
public override byte[] EncodePrivateKey(Gost28147SymmetricAlgorithmBase keyExchangeAlgorithm, GostKeyExchangeExportMethod keyExchangeExportMethod)
{
if (keyExchangeAlgorithm == null)
{
throw ExceptionUtility.ArgumentNull("keyExchangeAlgorithm");
}
int keyExchangeExportAlgId;
if (keyExchangeExportMethod == GostKeyExchangeExportMethod.GostKeyExport)
{
keyExchangeExportAlgId = Constants.CALG_SIMPLE_EXPORT;
}
else if (keyExchangeExportMethod == GostKeyExchangeExportMethod.CryptoProKeyExport)
{
keyExchangeExportAlgId = Constants.CALG_PRO_EXPORT;
}
else
{
throw ExceptionUtility.ArgumentOutOfRange("keyExchangeExportMethod");
}
var currentSessionKey = keyExchangeAlgorithm as Gost28147SymmetricAlgorithm;
if (currentSessionKey == null)
{
using (var derivedSessinKey = new Gost28147SymmetricAlgorithm())
{
derivedSessinKey.Key = keyExchangeAlgorithm.Key;
return EncodePrivateKeyInternal(derivedSessinKey, keyExchangeExportAlgId);
}
}
return EncodePrivateKeyInternal(currentSessionKey, keyExchangeExportAlgId);
}
private byte[] EncodePrivateKeyInternal(Gost28147SymmetricAlgorithm sessionKey, int keyExchangeExportAlgId)
{
var hSessionKey = sessionKey.InternalKeyHandle;
using (var keyHandle = CryptoApiHelper.DuplicateKey(InternalKeyHandle))
{
CryptoApiHelper.SetKeyParameterInt32(keyHandle, Constants.KP_ALGID, keyExchangeExportAlgId);
CryptoApiHelper.SetKeyParameter(keyHandle, Constants.KP_IV, IV);
var keyExchangeInfo = CryptoApiHelper.ExportKeyExchange(hSessionKey, keyHandle);
return keyExchangeInfo.Encode();
}
}
private static XmlDocument EncryptXmlDocument(XmlDocument xmlDocument, Gost3410AsymmetricAlgorithmBase publicKey)
{
// Создание объекта для шифрации XML
var encryptedXml = new GostEncryptedXml();
// Поиск элементов для шифрации
var elements = xmlDocument.SelectNodes("//SomeElement[@Encrypt='true']");
if (elements != null)
{
var elementIndex = 0;
foreach (XmlElement element in elements)
{
// Создание случайного сессионного ключа
using (var sessionKey = new Gost28147SymmetricAlgorithm())
{
// Шифрация элемента
var encryptedData = encryptedXml.EncryptData(element, sessionKey, false);
// Шифрация сессионного ключа с использованием публичного асимметричного ключа
var encryptedSessionKeyData = GostEncryptedXml.EncryptKey(sessionKey, publicKey);
// Формирование элемента EncryptedData
var elementEncryptedData = new EncryptedData();
elementEncryptedData.Id = "EncryptedElement" + elementIndex++;
elementEncryptedData.Type = EncryptedXml.XmlEncElementUrl;
elementEncryptedData.EncryptionMethod = new EncryptionMethod(GostEncryptedXml.XmlEncGost28147Url);
elementEncryptedData.CipherData.CipherValue = encryptedData;
elementEncryptedData.KeyInfo = new KeyInfo();
// Формирование информации о зашифрованном сессионном ключе
var encryptedSessionKey = new EncryptedKey();
encryptedSessionKey.CipherData = new CipherData(encryptedSessionKeyData);
encryptedSessionKey.EncryptionMethod = new EncryptionMethod(GostEncryptedXml.XmlEncGostKeyTransportUrl);
encryptedSessionKey.AddReference(new DataReference { Uri = "#" + elementEncryptedData.Id });
encryptedSessionKey.KeyInfo.AddClause(new KeyInfoName { Value = "KeyName1" });
// Добавление ссылки на зашифрованный ключ, используемый при шифровании данных
elementEncryptedData.KeyInfo.AddClause(new KeyInfoEncryptedKey(encryptedSessionKey));
// Замена элемента его зашифрованным представлением
GostEncryptedXml.ReplaceElement(element, elementEncryptedData, false);
}
}
}
return xmlDocument;
}
public new EncryptedData Encrypt(XmlElement element, X509Certificate2 certificate)
{
if (element == null)
{
return base.Encrypt(element, certificate);
}
if (certificate == null)
{
return base.Encrypt(element, certificate);
}
if (!string.Equals(certificate.PublicKey.Oid.Value, GostCryptoConfig.DefaultSignOid, StringComparison.OrdinalIgnoreCase))
{
return base.Encrypt(element, certificate);
}
var encryptedKey = new EncryptedKey
{
EncryptionMethod = new EncryptionMethod(GostEncryptedXml.XmlEncGostKeyTransportUrl)
};
encryptedKey.KeyInfo.AddClause(new KeyInfoX509Data(certificate));
var encriptionKey = new Gost28147SymmetricAlgorithm();
var publicKey = certificate.GetPublicKeyAlgorithm();
encryptedKey.CipherData.CipherValue = EncryptKey(encriptionKey, publicKey as Gost3410AsymmetricAlgorithmBase);
var encryptedData = new EncryptedData
{
Type = XmlEncElementUrl,
EncryptionMethod = new EncryptionMethod(GostEncryptedXml.XmlEncGost28147Url)
};
encryptedData.KeyInfo.AddClause(new KeyInfoEncryptedKey(encryptedKey));
encryptedData.CipherData.CipherValue = EncryptData(element, encriptionKey, false);
return encryptedData;
}