| public CreateKeyExchange ( byte rgbData ) : byte[] | ||
| rgbData | byte | |
| return | byte[] | |
public void ExchangeMin()
{
AsymmetricKeyExchangeFormatter keyex = new RSAOAEPKeyExchangeFormatter (key);
byte[] M = { 0x01 };
try {
byte[] EM = keyex.CreateKeyExchange (M);
AsymmetricKeyExchangeDeformatter keyback = new RSAOAEPKeyExchangeDeformatter (key);
byte[] Mback = keyback.DecryptKeyExchange (EM);
AssertEquals ("RSAOAEPKeyExchangeFormatter Min", M, Mback);
}
catch (CryptographicException ce) {
// not supported by every version of Windows - Minimum: Windows XP
Console.WriteLine (ce.Message + " (" + Environment.OSVersion.ToString () + ")");
}
}
/// <inheritdoc />
protected internal override byte[] Encrypt(byte[] data, byte[] iv)
{
var keyExchange = new RSAOAEPKeyExchangeFormatter(this.Rsa);
return keyExchange.CreateKeyExchange(data);
}
/// <summary>
/// Encrypts the symmetric key data.
/// </summary>
/// <param name="cert">The cert.</param>
/// <param name="keyData">The key data.</param>
/// <returns>The encrypted data.</returns>
public static byte[] EncryptSymmetricKeyData(X509Certificate2 cert, byte[] keyData)
{
if (cert == null)
{
throw new ArgumentNullException("cert");
}
if (keyData == null)
{
throw new ArgumentNullException("keyData");
}
RSACryptoServiceProvider rsaPublicKey = cert.PublicKey.Key as RSACryptoServiceProvider;
RSAOAEPKeyExchangeFormatter keyFormatter = new RSAOAEPKeyExchangeFormatter(rsaPublicKey);
return keyFormatter.CreateKeyExchange(keyData);
}
// encrypts the supplied input key data using an RSA key and specifies whether we want to use OAEP
// padding or PKCS#1 v1.5 padding as described in the PKCS specification
public static byte[] EncryptKey (byte[] keyData, RSA rsa, bool useOAEP) {
if (keyData == null)
throw new ArgumentNullException("keyData");
if (rsa == null)
throw new ArgumentNullException("rsa");
if (useOAEP) {
RSAOAEPKeyExchangeFormatter rsaFormatter = new RSAOAEPKeyExchangeFormatter(rsa);
return rsaFormatter.CreateKeyExchange(keyData);
} else {
RSAPKCS1KeyExchangeFormatter rsaFormatter = new RSAPKCS1KeyExchangeFormatter(rsa);
return rsaFormatter.CreateKeyExchange(keyData);
}
}
// FIXME [KeyContainerPermission (SecurityAction.Assert, KeyContainerName = "DAPI",
// Flags = KeyContainerPermissionFlags.Open | KeyContainerPermissionFlags.Create)]
public static byte[] Protect (byte[] userData, byte[] optionalEntropy, DataProtectionScope scope)
{
if (userData == null)
throw new ArgumentNullException ("userData");
Rijndael aes = Rijndael.Create ();
aes.KeySize = 128;
byte[] encdata = null;
using (MemoryStream ms = new MemoryStream ()) {
ICryptoTransform t = aes.CreateEncryptor ();
using (CryptoStream cs = new CryptoStream (ms, t, CryptoStreamMode.Write)) {
cs.Write (userData, 0, userData.Length);
cs.Close ();
encdata = ms.ToArray ();
}
}
byte[] key = null;
byte[] iv = null;
byte[] secret = null;
byte[] header = null;
SHA256 hash = SHA256.Create ();
try {
key = aes.Key;
iv = aes.IV;
secret = new byte[1 + 1 + 16 + 1 + 16 + 1 + 32];
byte[] digest = hash.ComputeHash (userData);
if ((optionalEntropy != null) && (optionalEntropy.Length > 0)) {
// the same optionalEntropy will be required to get the data back
byte[] mask = hash.ComputeHash (optionalEntropy);
for (int i = 0; i < 16; i++) {
key[i] ^= mask[i];
iv[i] ^= mask[i + 16];
}
secret[0] = 2; // entropy
} else {
secret[0] = 1; // without entropy
}
secret[1] = 16; // key size
Buffer.BlockCopy (key, 0, secret, 2, 16);
secret[18] = 16; // iv size
Buffer.BlockCopy (iv, 0, secret, 19, 16);
secret[35] = 32; // digest size
Buffer.BlockCopy (digest, 0, secret, 36, 32);
RSAOAEPKeyExchangeFormatter formatter = new RSAOAEPKeyExchangeFormatter (GetKey (scope));
header = formatter.CreateKeyExchange (secret);
}
finally {
if (key != null) {
Array.Clear (key, 0, key.Length);
key = null;
}
if (secret != null) {
Array.Clear (secret, 0, secret.Length);
secret = null;
}
if (iv != null) {
Array.Clear (iv, 0, iv.Length);
iv = null;
}
aes.Clear ();
hash.Clear ();
}
byte[] result = new byte[header.Length + encdata.Length];
Buffer.BlockCopy (header, 0, result, 0, header.Length);
Buffer.BlockCopy (encdata, 0, result, header.Length, encdata.Length);
return result;
}
public void Exchange128()
{
AsymmetricKeyExchangeFormatter keyex = new RSAOAEPKeyExchangeFormatter (key);
byte[] M = { 0xd4, 0x36, 0xe9, 0x95, 0x69, 0xfd, 0x32, 0xa7, 0xc8, 0xa0, 0x5b, 0xbc, 0x90, 0xd3, 0x2c, 0x49 };
try {
byte[] EM = keyex.CreateKeyExchange (M, typeof (Rijndael));
AsymmetricKeyExchangeDeformatter keyback = new RSAOAEPKeyExchangeDeformatter (key);
byte[] Mback = keyback.DecryptKeyExchange (EM);
AssertEquals ("RSAOAEPKeyExchangeFormatter 128", M, Mback);
}
catch (CryptographicException ce) {
// not supported by every version of Windows - Minimum: Windows XP
Console.WriteLine (ce.Message + " (" + Environment.OSVersion.ToString () + ")");
}
}
public void ExchangeNoKey ()
{
AsymmetricKeyExchangeFormatter keyex = new RSAOAEPKeyExchangeFormatter ();
byte[] M = keyex.CreateKeyExchange (new byte [16]);
}
public void ExchangeTooBig()
{
AsymmetricKeyExchangeFormatter keyex = new RSAOAEPKeyExchangeFormatter (key);
byte[] M = new byte [(key.KeySize >> 3)- 10];
byte[] EM = keyex.CreateKeyExchange (M);
}