/// <summary>
/// Создать <see cref="KeyContainer" />.
/// </summary>
/// <param name="keyContainerName">Название ключевого контейнера.</param>
/// <param name="keyNumber">Тип ключа.</param>
/// <returns>
/// Экземпляр <see cref="KeyContainer" />.
/// </returns>
public static KeyContainer Create(string keyContainerName, KeyNumber keyNumber)
{
var container = new KeyContainer();
container.AcquireContext(keyContainerName, ProviderName, ProviderType, Constants.NewKeySet);
container.GenerateRandomKey(keyNumber);
return container;
}
/// <summary>
/// Подпись хэша.
/// </summary>
/// <param name="hash">
/// Хэш.
/// </param>
/// <param name="keyNumber">
/// Тип ключа.
/// </param>
/// <returns>
/// Подпись хэша.
/// </returns>
public byte[] SignHash(byte[] hash, KeyNumber keyNumber)
{
using (var hashContext = CreateHash(null, Constants.CpcspHashId, 0))
{
hashContext.SetHashParameter(Constants.HpHashValue, hash, 0);
return(hashContext.SignHash(keyNumber, 0));
}
}
public GostCryptFacade Create(string keyContainerName, KeyNumber keyNumber)
{
var facade = new GostCryptFacade(ProviderParams);
facade.AcquireContext(keyContainerName, Constants.NewKeySet);
facade.GenerateRandomKey(keyNumber);
return(facade);
}
static public Color GetKeyColor(KeyNumber key)
{
if (key == KeyNumber.kKeyNumberNone)
{
Debug.LogError("GET DOWN MISTER OBAMA THIS IS A KEY WITHOUT A NUMBER");
}
return(Colors[(int)key - 1]);
}
public override string ToString()
{
return(string.Format("{0}<repeat{1},key{2}>:{3}",
Type.ToString(),
RepeatCount.ToString(),
KeyNumber.ToString(),
IterToString(Cards)));
}
/// <summary>
/// Создать <see cref="KeyContainer"/>.
/// </summary>
/// <param name="keyContainerName">
/// Название ключевого контейнера.
/// </param>
/// <param name="keyNumber">
/// Тип ключа.
/// </param>
/// <returns>
/// Экземпляр <see cref="KeyContainer"/>.
/// </returns>
public static KeyContainer Create(string keyContainerName, KeyNumber keyNumber)
{
var container = new KeyContainer();
container.AcquireContext(keyContainerName, ProviderName, ProviderType, Constants.NewKeySet);
container.GenerateRandomKey(keyNumber);
return(container);
}
/// <summary>
/// Создать <see cref="GostCryptFacade" />.
/// </summary>
/// <param name="keyContainerName">Название ключевого контейнера.</param>
/// <param name="keyNumber">Тип ключа.</param>
/// <returns>
/// Экземпляр <see cref="GostCryptFacade" />.
/// </returns>
public static GostCryptFacade Create(string keyContainerName, KeyNumber keyNumber)
{
var providerParams = gostProviderParams;
using (var kk = new GostCrypt(providerParams))
{
return(kk.Create(keyContainerName, keyNumber));
}
}
public static void Delete(bool machineLevel, string containerName, KeyNumber keyNumber)
{
using (var rspCsp = new RSACryptoServiceProvider(new CspParameters
{
KeyContainerName = containerName,
KeyNumber = (int)keyNumber,
Flags = machineLevel ? CspProviderFlags.UseMachineKeyStore : 0
}))
{
rspCsp.PersistKeyInCsp = false;
}
}
public static void ImportBlob(bool machineLevel, string containerName, KeyNumber keyNumber, byte[] blob)
{
using (var rspCsp = new RSACryptoServiceProvider(new CspParameters
{
KeyContainerName = containerName,
KeyNumber = (int)keyNumber,
Flags = machineLevel ? CspProviderFlags.UseMachineKeyStore : 0
}))
{
rspCsp.ImportCspBlob(blob);
}
}
public static byte[] ExportBlob(bool machineLevel, string containerName, KeyNumber keyNumber, bool includePrivateParameters)
{
using (var rspCsp = new RSACryptoServiceProvider(new CspParameters
{
KeyContainerName = containerName,
KeyNumber = (int)keyNumber,
Flags = CspProviderFlags.UseExistingKey | (machineLevel ? CspProviderFlags.UseMachineKeyStore : 0)
}))
{
return(rspCsp.ExportCspBlob(includePrivateParameters));
}
}
/// <summary>
/// The generate random key.
/// </summary>
/// <param name="keyNumber">
/// The key number.
/// </param>
/// <param name="flags">
/// The flags.
/// </param>
/// <returns>
/// The <see cref="KeyContext"/>.
/// </returns>
/// <exception cref="Win32Exception">
/// </exception>
private KeyContext GenerateRandomKey(KeyNumber keyNumber, int flags = 0)
{
var keyPiarHandler = IntPtr.Zero;
if (!CryptoApi.CryptGenKey(cspHandler, (int)keyNumber, flags, ref keyPiarHandler))
{
throw new Win32Exception();
}
var keyPairContext = new KeyContext(keyPiarHandler);
return(keyPairContext);
}
public static void AssociatePersistedKey_CAPI_RSA(int provType, KeyNumber keyNumber)
{
const string KeyName = nameof(AssociatePersistedKey_CAPI_RSA);
CspParameters cspParameters = new CspParameters(provType)
{
KeyNumber = (int)keyNumber,
KeyContainerName = KeyName,
Flags = CspProviderFlags.UseNonExportableKey,
};
using (RSACryptoServiceProvider rsaCsp = new RSACryptoServiceProvider(cspParameters))
{
rsaCsp.PersistKeyInCsp = false;
// Use SHA-1 because the FULL and SCHANNEL providers can't handle SHA-2.
HashAlgorithmName hashAlgorithm = HashAlgorithmName.SHA1;
var generator = new RSASha1Pkcs1SignatureGenerator(rsaCsp);
byte[] signature;
CertificateRequest request = new CertificateRequest(
new X500DistinguishedName($"CN={KeyName}-{provType}-{keyNumber}"),
generator.PublicKey,
hashAlgorithm);
DateTimeOffset now = DateTimeOffset.UtcNow;
using (X509Certificate2 cert = request.Create(request.SubjectName, generator, now, now.AddDays(1), new byte[1]))
using (X509Certificate2 withPrivateKey = cert.CopyWithPrivateKey(rsaCsp))
using (RSA rsa = withPrivateKey.GetRSAPrivateKey())
{
signature = rsa.SignData(Array.Empty <byte>(), hashAlgorithm, RSASignaturePadding.Pkcs1);
Assert.True(
rsaCsp.VerifyData(Array.Empty <byte>(), signature, hashAlgorithm, RSASignaturePadding.Pkcs1));
}
// Some certs have disposed, did they delete the key?
cspParameters.Flags = CspProviderFlags.UseExistingKey;
using (RSACryptoServiceProvider stillPersistedKey = new RSACryptoServiceProvider(cspParameters))
{
byte[] signature2 = stillPersistedKey.SignData(
Array.Empty <byte>(),
hashAlgorithm,
RSASignaturePadding.Pkcs1);
Assert.Equal(signature, signature2);
}
}
}
/// <summary>
/// Создаёт подпись данных хэша.
/// </summary>
/// <param name="keyNumber">
/// Тип ключа.
/// </param>
/// <param name="flags">
/// Дополнительные управляющие флаги.
/// </param>
/// <returns>
/// Результат операции.
/// </returns>
public byte[] SignHash(KeyNumber keyNumber, int flags)
{
var signatureSize = 0;
if (!CryptoApi.CryptSignHash(handler, (int)keyNumber, null, flags, null, ref signatureSize))
{
throw new Win32Exception(Marshal.GetLastWin32Error());
}
var signature = new byte[signatureSize];
if (!CryptoApi.CryptSignHash(handler, (int)keyNumber, null, flags, signature, ref signatureSize))
{
throw new Win32Exception(Marshal.GetLastWin32Error());
}
return(signature);
}
private static AsymmetricAlgorithm GenerateProvider(KeyNumber selectedKeyNumber, string selectedAlgorithm)
{
var keyNumber = selectedKeyNumber == KeyNumber.Exchange ? (int)KeyNumber.Exchange : (int)KeyNumber.Signature;
switch (selectedAlgorithm)
{
case Constants.Algorithms.Gost3410_2001:
{
CspParameters cpsParams = new CspParameters(
75,
"Crypto-Pro GOST R 34.10-2001 Cryptographic Service Provider",
"\\\\.\\HDIMAGE\\G2001256");
return(new Gost3410CryptoServiceProvider(cpsParams));
}
case Constants.Algorithms.Gost3410_2012_256:
{
CspParameters cpsParams = new CspParameters(
80,
"",
"\\\\.\\HDIMAGE\\G2012256");
return(new Gost3410_2012_256CryptoServiceProvider(cpsParams));
}
case Constants.Algorithms.Gost3410_2012_512:
{
CspParameters cpsParams = new CspParameters(
81,
"",
"\\\\.\\HDIMAGE\\G2012512");
return(new Gost3410_2012_512CryptoServiceProvider(cpsParams));
}
case Constants.Algorithms.RSA:
{
return(RSA.Create());
}
default:
{
throw new ArgumentException();
}
}
}
/// <summary>
/// Создаёт подпись данных хэша.
/// </summary>
/// <param name="keyNumber">Тип ключа.</param>
/// <param name="flags">Дополнительные управляющие флаги.</param>
/// <returns>Результат операции.</returns>
public byte[] SignHash(KeyNumber keyNumber, int flags)
{
int signatureSize = 0;
if (!CryptoApi.CryptSignHash(handler, (int)keyNumber, null, flags, null, ref signatureSize))
{
throw new Win32Exception(Marshal.GetLastWin32Error());
}
var signature = new byte[signatureSize];
if (!CryptoApi.CryptSignHash(handler, (int)keyNumber, null, flags, signature, ref signatureSize))
{
throw new Win32Exception(Marshal.GetLastWin32Error());
}
return signature;
}
private KeyContext GenerateRandomKey(KeyNumber keyNumber, int flags = 0)
{
IntPtr keyPiarHandler = IntPtr.Zero;
if (!CryptoApi.CryptGenKey(cspHandler, (int)keyNumber, flags, ref keyPiarHandler))
{
throw new Win32Exception();
}
var keyPairContext = new KeyContext(keyPiarHandler);
return keyPairContext;
}
/// <summary>
/// Подпись хэша.
/// </summary>
/// <param name="hash">Хэш.</param>
/// <param name="keyNumber">Тип ключа.</param>
/// <returns>Подпись хэша.</returns>
public byte[] SignHash(byte[] hash, KeyNumber keyNumber)
{
using (HashContext hashContext = CreateHash(null, Constants.CpcspHashId, 0))
{
hashContext.SetHashParameter(Constants.HpHashValue, hash, 0);
return hashContext.SignHash(keyNumber, 0);
}
}
public virtual void Add(KeyNumber key)
{
}
/// <summary>
/// 排序比较,在类型相同时可以用于大小比较
/// </summary>
public int CompareTo(CardSet other)
{
return(Type == other.Type ? KeyNumber.CompareTo(other.KeyNumber) : Type.CompareTo(other.Type));
}
public override void Add(KeyNumber key)
{
keys.Add(key);
}
