public bool VerifyHash(byte[] hash, byte[] signature, CngAlgorithm hashAlgorithm) { if (hash == null) { throw new ArgumentNullException("hash"); } if (signature == null) { throw new ArgumentNullException("signature"); } if (hashAlgorithm == null) { throw new ArgumentNullException("hashAlgorithm"); } switch (SignaturePaddingMode) { case AsymmetricPaddingMode.Pkcs1: return(NCryptNative.VerifySignaturePkcs1(KeyHandle, hash, hashAlgorithm.Algorithm, signature)); case AsymmetricPaddingMode.Pss: return(NCryptNative.VerifySignaturePss(KeyHandle, hash, hashAlgorithm.Algorithm, SignatureSaltBytes, signature)); default: throw new InvalidOperationException(Properties.Resources.UnsupportedPaddingMode); } }
/// <summary> /// Get an enumerator containing a <see cref="CngProvider" /> for each of the installed NCrypt /// key storage providers on the current machine. /// </summary> public IEnumerator <CngProvider> GetEnumerator() { foreach (NCryptNative.NCryptProviderName providerName in NCryptNative.EnumerateStorageProviders()) { yield return(new CngProvider(providerName.pszName)); } }
public static IEnumerable <CngKey> GetKeys(this CngProvider provider, CngKeyOpenOptions openOptions) { using (SafeNCryptProviderHandle providerHandle = provider.OpenProvider()) { foreach (var key in NCryptNative.EnumerateKeys(providerHandle, openOptions)) { yield return(CngKey.Open(key.pszName, provider)); } } }
public static IEnumerable <CngAlgorithm> GetSupportedAlgorithms(this CngProvider provider, NCryptAlgorithmOperations operations) { using (SafeNCryptProviderHandle providerHandle = provider.OpenProvider()) { foreach (NCryptNative.NCryptAlgorithmName algorithm in NCryptNative.EnumerateAlgorithms(providerHandle, operations)) { yield return(new CngAlgorithm(algorithm.pszName)); } } }
public static IEnumerable <CngKey> GetKeys(this CngProvider provider, CngKeyOpenOptions openOptions) { using (SafeNCryptProviderHandle providerHandle = provider.OpenProvider()) { NCryptNative.NCryptKeyName[] keyNames = NCryptNative.EnumerateKeys(providerHandle, openOptions); CngKey[] keys = new CngKey[keyNames.Length]; for (int i = 0; i < keys.Length; ++i) { keys[i] = CngKey.Open(keyNames[i].pszName, provider); } return(keys); } }
public static IEnumerable <CngAlgorithm> GetSupportedAlgorithms(this CngProvider provider, NCryptAlgorithmOperations operations) { using (SafeNCryptProviderHandle providerHandle = provider.OpenProvider()) { NCryptNative.NCryptAlgorithmName[] algorithmNames = NCryptNative.EnumerateAlgorithms(providerHandle, operations); CngAlgorithm[] algorithms = new CngAlgorithm[algorithmNames.Length]; for (int i = 0; i < algorithmNames.Length; ++i) { algorithms[i] = new CngAlgorithm(algorithmNames[i].pszName); } return(algorithms); } }
public override byte[] EncryptValue(byte[] rgb) { if (rgb == null) { throw new ArgumentNullException("rgb"); } switch (EncryptionPaddingMode) { case AsymmetricPaddingMode.Pkcs1: return(NCryptNative.EncryptDataPkcs1(KeyHandle, rgb)); case AsymmetricPaddingMode.Oaep: return(NCryptNative.EncryptDataOaep(KeyHandle, rgb, EncryptionHashAlgorithm.Algorithm)); default: throw new InvalidOperationException(Properties.Resources.UnsupportedPaddingMode); } ; }
public byte[] SignHash(byte[] hash, CngAlgorithm hashAlgorithm) { if (hash == null) { throw new ArgumentNullException("hash"); } if (hashAlgorithm == null) { throw new ArgumentNullException("hashAlgorithm"); } // Keep a local copy of the key to prevent races with the key container that the key references // and the key container permission we're going to demand. CngKey key = Key; KeyContainerPermission kcp = BuildKeyContainerPermission(key, KeyContainerPermissionFlags.Sign); if (kcp != null) { kcp.Demand(); } new SecurityPermission(SecurityPermissionFlag.UnmanagedCode).Assert(); SafeNCryptKeyHandle keyHandle = key.Handle; CodeAccessPermission.RevertAssert(); switch (SignaturePaddingMode) { case AsymmetricPaddingMode.Pkcs1: return(NCryptNative.SignHashPkcs1(keyHandle, hash, hashAlgorithm.Algorithm)); case AsymmetricPaddingMode.Pss: return(NCryptNative.SignHashPss(keyHandle, hash, hashAlgorithm.Algorithm, SignatureSaltBytes)); default: throw new InvalidOperationException(Properties.Resources.UnsupportedPaddingMode); } }
public override byte[] DecryptValue(byte[] rgb) { if (rgb == null) { throw new ArgumentNullException("rgb"); } // Keep a local copy of the key to prevent races with the key container that the key references // and the key container permission we're going to demand. CngKey key = Key; // Make sure we have permission to use the private key to decrypt data KeyContainerPermission kcp = BuildKeyContainerPermission(key, KeyContainerPermissionFlags.Decrypt); if (kcp != null) { kcp.Demand(); } new SecurityPermission(SecurityPermissionFlag.UnmanagedCode).Assert(); SafeNCryptKeyHandle keyHandle = key.Handle; CodeAccessPermission.RevertAssert(); switch (EncryptionPaddingMode) { case AsymmetricPaddingMode.Pkcs1: return(NCryptNative.DecryptDataPkcs1(keyHandle, rgb)); case AsymmetricPaddingMode.Oaep: return(NCryptNative.DecryptDataOaep(keyHandle, rgb, EncryptionHashAlgorithm.Algorithm)); default: throw new InvalidOperationException(Properties.Resources.UnsupportedPaddingMode); } ; }
public static SafeNCryptProviderHandle OpenProvider(this CngProvider provider) { return(NCryptNative.OpenKeyStorageProvider(provider.Provider)); }