本文整理汇总了C#中System.Security.Permissions.KeyContainerPermission类的典型用法代码示例。如果您正苦于以下问题:C# KeyContainerPermission类的具体用法?C# KeyContainerPermission怎么用?C# KeyContainerPermission使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。
KeyContainerPermission类属于System.Security.Permissions命名空间,在下文中一共展示了KeyContainerPermission类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的C#代码示例。
示例1: Create
public static CngKey Create(CngAlgorithm algorithm, string keyName, CngKeyCreationParameters creationParameters)
{
if (algorithm == null)
{
throw new ArgumentNullException("algorithm");
}
if (creationParameters == null)
{
creationParameters = new CngKeyCreationParameters();
}
if (!NCryptNative.NCryptSupported)
{
throw new PlatformNotSupportedException(System.SR.GetString("Cryptography_PlatformNotSupported"));
}
if (keyName != null)
{
KeyContainerPermissionAccessEntry accessEntry = new KeyContainerPermissionAccessEntry(keyName, KeyContainerPermissionFlags.Create) {
ProviderName = creationParameters.Provider.Provider
};
KeyContainerPermission permission = new KeyContainerPermission(KeyContainerPermissionFlags.NoFlags);
permission.AccessEntries.Add(accessEntry);
permission.Demand();
}
SafeNCryptProviderHandle provider = NCryptNative.OpenStorageProvider(creationParameters.Provider.Provider);
SafeNCryptKeyHandle keyHandle = NCryptNative.CreatePersistedKey(provider, algorithm.Algorithm, keyName, creationParameters.KeyCreationOptions);
SetKeyProperties(keyHandle, creationParameters);
NCryptNative.FinalizeKey(keyHandle);
CngKey key = new CngKey(provider, keyHandle);
if (keyName == null)
{
key.IsEphemeral = true;
}
return key;
}示例2: BuildKeyContainerPermission
internal KeyContainerPermission BuildKeyContainerPermission(KeyContainerPermissionFlags flags)
{
KeyContainerPermission permission = null;
if (this.IsEphemeral)
{
return permission;
}
string keyContainerName = null;
string str2 = null;
try
{
keyContainerName = this.KeyName;
str2 = NCryptNative.GetPropertyAsString(this.m_kspHandle, "Name", CngPropertyOptions.None);
}
catch (CryptographicException)
{
}
if (keyContainerName != null)
{
KeyContainerPermissionAccessEntry accessEntry = new KeyContainerPermissionAccessEntry(keyContainerName, flags) {
ProviderName = str2
};
permission = new KeyContainerPermission(KeyContainerPermissionFlags.NoFlags);
permission.AccessEntries.Add(accessEntry);
return permission;
}
return new KeyContainerPermission(flags);
}示例3: CreatePermission
public override IPermission CreatePermission()
{
if (base.m_unrestricted)
{
return new KeyContainerPermission(PermissionState.Unrestricted);
}
if (KeyContainerPermissionAccessEntry.IsUnrestrictedEntry(this.m_keyStore, this.m_providerName, this.m_providerType, this.m_keyContainerName, this.m_keySpec))
{
return new KeyContainerPermission(this.m_flags);
}
KeyContainerPermission permission = new KeyContainerPermission(KeyContainerPermissionFlags.NoFlags);
KeyContainerPermissionAccessEntry accessEntry = new KeyContainerPermissionAccessEntry(this.m_keyStore, this.m_providerName, this.m_providerType, this.m_keyContainerName, this.m_keySpec, this.m_flags);
permission.AccessEntries.Add(accessEntry);
return permission;
}开发者ID:pritesh-mandowara-sp,项目名称:DecompliedDotNetLibraries,代码行数:15,代码来源:KeyContainerPermissionAttribute.cs
示例4: CspKeyContainerInfo
[System.Security.SecurityCritical] // auto-generated
internal CspKeyContainerInfo (CspParameters parameters, bool randomKeyContainer) {
KeyContainerPermission kp = new KeyContainerPermission(KeyContainerPermissionFlags.NoFlags);
KeyContainerPermissionAccessEntry entry = new KeyContainerPermissionAccessEntry(parameters, KeyContainerPermissionFlags.Open);
kp.AccessEntries.Add(entry);
kp.Demand();
m_parameters = new CspParameters(parameters);
if (m_parameters.KeyNumber == -1) {
if (m_parameters.ProviderType == Constants.PROV_RSA_FULL || m_parameters.ProviderType == Constants.PROV_RSA_AES)
m_parameters.KeyNumber = Constants.AT_KEYEXCHANGE;
else if (m_parameters.ProviderType == Constants.PROV_DSS_DH)
m_parameters.KeyNumber = Constants.AT_SIGNATURE;
}
m_randomKeyContainer = randomKeyContainer;
}示例5: CspKeyContainerInfo
internal CspKeyContainerInfo(CspParameters parameters, bool randomKeyContainer)
{
KeyContainerPermission permission = new KeyContainerPermission(KeyContainerPermissionFlags.NoFlags);
KeyContainerPermissionAccessEntry accessEntry = new KeyContainerPermissionAccessEntry(parameters, KeyContainerPermissionFlags.Open);
permission.AccessEntries.Add(accessEntry);
permission.Demand();
this.m_parameters = new CspParameters(parameters);
if (this.m_parameters.KeyNumber == -1)
{
if ((this.m_parameters.ProviderType == 1) || (this.m_parameters.ProviderType == 0x18))
{
this.m_parameters.KeyNumber = 1;
}
else if (this.m_parameters.ProviderType == 13)
{
this.m_parameters.KeyNumber = 2;
}
}
this.m_randomKeyContainer = randomKeyContainer;
}示例6: Decrypt
public byte[] Decrypt(byte[] rgb, bool fOAEP)
{
if (rgb == null)
{
throw new ArgumentNullException("rgb");
}
this.GetKeyPair();
if (rgb.Length > (this.KeySize / 8))
{
throw new CryptographicException(Environment.GetResourceString("Cryptography_Padding_DecDataTooBig", new object[] { this.KeySize / 8 }));
}
if (!this.CspKeyContainerInfo.RandomlyGenerated)
{
KeyContainerPermission permission = new KeyContainerPermission(KeyContainerPermissionFlags.NoFlags);
KeyContainerPermissionAccessEntry accessEntry = new KeyContainerPermissionAccessEntry(this._parameters, KeyContainerPermissionFlags.Decrypt);
permission.AccessEntries.Add(accessEntry);
permission.Demand();
}
byte[] o = null;
DecryptKey(this._safeKeyHandle, rgb, rgb.Length, fOAEP, JitHelpers.GetObjectHandleOnStack<byte[]>(ref o));
return o;
}示例7: LoadCertificateFromBlob
[System.Security.SecuritySafeCritical] // auto-generated
private void LoadCertificateFromBlob (byte[] rawData, object password, X509KeyStorageFlags keyStorageFlags) {
if (rawData == null || rawData.Length == 0)
throw new ArgumentException(Environment.GetResourceString("Arg_EmptyOrNullArray"), "rawData");
Contract.EndContractBlock();
X509ContentType contentType = X509Utils.MapContentType(X509Utils._QueryCertBlobType(rawData));
#if !FEATURE_CORECLR && !FEATURE_PAL
if (contentType == X509ContentType.Pkcs12 &&
(keyStorageFlags & X509KeyStorageFlags.PersistKeySet) == X509KeyStorageFlags.PersistKeySet) {
KeyContainerPermission kp = new KeyContainerPermission(KeyContainerPermissionFlags.Create);
kp.Demand();
}
#endif // !FEATURE_CORECLR && !FEATURE_PAL
uint dwFlags = X509Utils.MapKeyStorageFlags(keyStorageFlags);
IntPtr szPassword = IntPtr.Zero;
RuntimeHelpers.PrepareConstrainedRegions();
try {
szPassword = X509Utils.PasswordToHGlobalUni(password);
X509Utils._LoadCertFromBlob(rawData,
szPassword,
dwFlags,
#if FEATURE_CORECLR
false,
#else // FEATURE_CORECLR
(keyStorageFlags & X509KeyStorageFlags.PersistKeySet) == 0 ? false : true,
#endif // FEATURE_CORECLR else
ref m_safeCertContext);
}
finally {
if (szPassword != IntPtr.Zero)
Marshal.ZeroFreeGlobalAllocUnicode(szPassword);
}
}示例8: CounterSign
private void CounterSign(CmsSigner signer)
{
CspParameters parameters = new CspParameters();
if (!System.Security.Cryptography.X509Certificates.X509Utils.GetPrivateKeyInfo(System.Security.Cryptography.X509Certificates.X509Utils.GetCertContext(signer.Certificate), ref parameters))
{
throw new CryptographicException(Marshal.GetLastWin32Error());
}
KeyContainerPermission permission = new KeyContainerPermission(KeyContainerPermissionFlags.NoFlags);
KeyContainerPermissionAccessEntry accessEntry = new KeyContainerPermissionAccessEntry(parameters, KeyContainerPermissionFlags.Sign | KeyContainerPermissionFlags.Open);
permission.AccessEntries.Add(accessEntry);
permission.Demand();
uint dwIndex = (uint) PkcsUtils.GetSignerIndex(this.m_signedCms.GetCryptMsgHandle(), this, 0);
System.Security.Cryptography.SafeLocalAllocHandle handle = System.Security.Cryptography.CAPI.LocalAlloc(0x40, new IntPtr(Marshal.SizeOf(typeof(System.Security.Cryptography.CAPI.CMSG_SIGNER_ENCODE_INFO))));
System.Security.Cryptography.CAPI.CMSG_SIGNER_ENCODE_INFO structure = PkcsUtils.CreateSignerEncodeInfo(signer);
try
{
Marshal.StructureToPtr(structure, handle.DangerousGetHandle(), false);
if (!System.Security.Cryptography.CAPI.CryptMsgCountersign(this.m_signedCms.GetCryptMsgHandle(), dwIndex, 1, handle.DangerousGetHandle()))
{
throw new CryptographicException(Marshal.GetLastWin32Error());
}
this.m_signedCms.ReopenToDecode();
}
finally
{
Marshal.DestroyStructure(handle.DangerousGetHandle(), typeof(System.Security.Cryptography.CAPI.CMSG_SIGNER_ENCODE_INFO));
handle.Dispose();
structure.Dispose();
}
PkcsUtils.AddCertsToMessage(this.m_signedCms.GetCryptMsgHandle(), this.m_signedCms.Certificates, PkcsUtils.CreateBagOfCertificates(signer));
}示例9: PFXImportCertStore
SafeCertStoreHandle PFXImportCertStore(
[In] uint dwObjectType,
[In] object pvObject,
[In] string szPassword,
[In] uint dwFlags,
[In] bool persistKeyContainers) {
if (pvObject == null)
throw new ArgumentNullException("pvObject");
byte[] pbData = null;
if (dwObjectType == CERT_QUERY_OBJECT_FILE) {
pbData = File.ReadAllBytes((string)pvObject);
} else {
pbData = (byte[]) pvObject;
}
#if !FEATURE_CORESYSTEM
if (persistKeyContainers) {
//
// Right now, we always demand KeyContainerPermission regardless of whether the PFX contains a private key or not.
// We could avoid that by looping through the certs in the store and find out whether there are actually private keys.
//
if (!CompatibilitySwitches.IsAppEarlierThanWindowsPhone8) {
KeyContainerPermission kp = new KeyContainerPermission(KeyContainerPermissionFlags.Create);
kp.Demand();
}
}
#endif
SafeCertStoreHandle safeCertStoreHandle = SafeCertStoreHandle.InvalidHandle;
GCHandle handle = GCHandle.Alloc(pbData, GCHandleType.Pinned);
IntPtr ptr = handle.AddrOfPinnedObject();
try {
CRYPTOAPI_BLOB certBlob;
certBlob.cbData = (uint) pbData.Length;
certBlob.pbData = ptr;
safeCertStoreHandle = CAPIMethods.PFXImportCertStore(new IntPtr(&certBlob),
szPassword,
dwFlags);
}
finally {
if (handle.IsAllocated)
handle.Free();
}
if (!safeCertStoreHandle.IsInvalid) {
//
// If the user did not want us to persist private keys, then we should loop through all
// the certificates in the collection and set our custom CERT_DELETE_KEYSET_PROP_ID property
// so the key container will be deleted when the cert contexts will go away.
//
if (persistKeyContainers == false) {
IntPtr pEnumContext = CAPI.CertEnumCertificatesInStore(safeCertStoreHandle, IntPtr.Zero);
while (pEnumContext != IntPtr.Zero) {
CAPI.CRYPTOAPI_BLOB blob = new CAPI.CRYPTOAPI_BLOB();
if (!CAPI.CertSetCertificateContextProperty(pEnumContext,
CERT_DELETE_KEYSET_PROP_ID,
CERT_SET_PROPERTY_INHIBIT_PERSIST_FLAG, // we don't want this property to be persisted.
new IntPtr(&blob)))
throw new CryptographicException(Marshal.GetLastWin32Error());
pEnumContext = CAPI.CertEnumCertificatesInStore(safeCertStoreHandle, pEnumContext);
}
}
}
return safeCertStoreHandle;
}示例10: GetApplicableFlags
private static KeyContainerPermissionFlags GetApplicableFlags (KeyContainerPermissionAccessEntry accessEntry, KeyContainerPermission target) {
KeyContainerPermissionFlags flags = KeyContainerPermissionFlags.NoFlags;
bool applyDefaultFlags = true;
// If the entry exists in the target, return the flag of the target entry.
int index = target.AccessEntries.IndexOf(accessEntry);
if (index != -1) {
flags = ((KeyContainerPermissionAccessEntry)target.AccessEntries[index]).Flags;
return flags;
}
// Intersect the flags in all the target entries that apply to the current access entry,
foreach (KeyContainerPermissionAccessEntry targetAccessEntry in target.AccessEntries) {
if (accessEntry.IsSubsetOf(targetAccessEntry)) {
if (applyDefaultFlags == false) {
flags &= targetAccessEntry.Flags;
} else {
flags = targetAccessEntry.Flags;
applyDefaultFlags = false;
}
}
}
// If no target entry applies to the current entry, the default global flag applies.
if (applyDefaultFlags)
flags = target.Flags;
return flags;
}示例11: Copy
public override IPermission Copy () {
if (this.IsEmpty())
return null;
KeyContainerPermission cp = new KeyContainerPermission((KeyContainerPermissionFlags)m_flags);
foreach (KeyContainerPermissionAccessEntry accessEntry in AccessEntries) {
cp.AccessEntries.Add(accessEntry);
}
return cp;
}示例12: Intersect
public override IPermission Intersect (IPermission target) {
if (target == null)
return null;
if (!VerifyType(target))
throw new ArgumentException(Environment.GetResourceString("Argument_WrongType", this.GetType().FullName));
KeyContainerPermission operand = (KeyContainerPermission) target;
if (this.IsEmpty() || operand.IsEmpty())
return null;
KeyContainerPermissionFlags flags_intersect = operand.m_flags & this.m_flags;
KeyContainerPermission cp = new KeyContainerPermission(flags_intersect);
foreach (KeyContainerPermissionAccessEntry accessEntry in AccessEntries) {
cp.AddAccessEntryAndIntersect(accessEntry, operand);
}
foreach (KeyContainerPermissionAccessEntry accessEntry in operand.AccessEntries) {
cp.AddAccessEntryAndIntersect(accessEntry, this);
}
return cp.IsEmpty() ? null : cp;
}示例13: SignHash
[System.Security.SecuritySafeCritical] // auto-generated
public byte[] SignHash(byte[] rgbHash, string str) {
if (rgbHash == null)
throw new ArgumentNullException("rgbHash");
Contract.EndContractBlock();
if (PublicOnly)
throw new CryptographicException(Environment.GetResourceString("Cryptography_CSP_NoPrivateKey"));
int calgHash = X509Utils.NameOrOidToAlgId(str, OidGroup.HashAlgorithm);
if (rgbHash.Length != _sha1.HashSize / 8)
throw new CryptographicException(Environment.GetResourceString("Cryptography_InvalidHashSize", "SHA1", _sha1.HashSize / 8));
GetKeyPair();
if (!CspKeyContainerInfo.RandomlyGenerated) {
KeyContainerPermission kp = new KeyContainerPermission(KeyContainerPermissionFlags.NoFlags);
KeyContainerPermissionAccessEntry entry = new KeyContainerPermissionAccessEntry(_parameters, KeyContainerPermissionFlags.Sign);
kp.AccessEntries.Add(entry);
kp.Demand();
}
return Utils.SignValue(_safeKeyHandle, _parameters.KeyNumber, Constants.CALG_DSS_SIGN, calgHash, rgbHash);
}示例14: ExportParameters
[System.Security.SecuritySafeCritical] // auto-generated
public override DSAParameters ExportParameters (bool includePrivateParameters) {
GetKeyPair();
if (includePrivateParameters) {
KeyContainerPermission kp = new KeyContainerPermission(KeyContainerPermissionFlags.NoFlags);
KeyContainerPermissionAccessEntry entry = new KeyContainerPermissionAccessEntry(_parameters, KeyContainerPermissionFlags.Export);
kp.AccessEntries.Add(entry);
kp.Demand();
}
DSACspObject dsaCspObject = new DSACspObject();
int blobType = includePrivateParameters ? Constants.PRIVATEKEYBLOB : Constants.PUBLICKEYBLOB;
// _ExportKey will check for failures and throw an exception
Utils._ExportKey(_safeKeyHandle, blobType, dsaCspObject);
return DSAObjectToStruct(dsaCspObject);
}示例15: ComputeSignature
public void ComputeSignature(CmsSigner signer, bool silent)
{
if (signer == null)
throw new ArgumentNullException("signer");
if (this.ContentInfo.Content.Length == 0)
throw new CryptographicException(SecurityResources.GetResourceString("Cryptography_Cms_Sign_Empty_Content"));
if (SubjectIdentifierType.NoSignature == signer.SignerIdentifierType)
{
if (this.m_safeCryptMsgHandle != null && !this.m_safeCryptMsgHandle.IsInvalid)
throw new CryptographicException(SecurityResources.GetResourceString("Cryptography_Cms_Sign_No_Signature_First_Signer"));
this.Sign(signer, silent);
}
else
{
if (signer.Certificate == null)
{
if (silent)
throw new InvalidOperationException(SecurityResources.GetResourceString("Cryptography_Cms_RecipientCertificateNotFound"));
signer.Certificate = PkcsUtils.SelectSignerCertificate();
}
if (!signer.Certificate.HasPrivateKey)
throw new CryptographicException(-2146893811);
CspParameters parameters = new CspParameters();
if (!X509Utils.GetPrivateKeyInfo(X509Utils.GetCertContext(signer.Certificate), ref parameters))
throw new CryptographicException(SignedCms.SafeGetLastWin32Error());
KeyContainerPermission containerPermission = new KeyContainerPermission(KeyContainerPermissionFlags.NoFlags);
KeyContainerPermissionAccessEntry accessEntry = new KeyContainerPermissionAccessEntry(parameters, KeyContainerPermissionFlags.Open | KeyContainerPermissionFlags.Sign);
containerPermission.AccessEntries.Add(accessEntry);
containerPermission.Demand();
if (this.m_safeCryptMsgHandle == null || this.m_safeCryptMsgHandle.IsInvalid)
this.Sign(signer, silent);
else
this.CoSign(signer, silent);
}
}