mcs/class/corlib/System.Security.Cryptography/DSACryptoServiceProvider.cs

   1 //
   2 // System.Security.Cryptography.DSACryptoServiceProvider.cs
   3 //
   4 // Authors:
   5 //      Dan Lewis (dihlewis@yahoo.co.uk)
   6 //      Sebastien Pouliot <sebastien@ximian.com>
   7 //      Ben Maurer (bmaurer@users.sf.net)
   8 //
   9 // (C) 2002
  10 // Portions (C) 2002, 2003 Motus Technologies Inc. (http://www.motus.com)
  11 // Portions (C) 2003 Ben Maurer
  12 // (C) 2004 Novell (http://www.novell.com)
  13 //
  14
  15 //
  16 // Copyright (C) 2004 Novell, Inc (http://www.novell.com)
  17 //
  18 // Permission is hereby granted, free of charge, to any person obtaining
  19 // a copy of this software and associated documentation files (the
  20 // "Software"), to deal in the Software without restriction, including
  21 // without limitation the rights to use, copy, modify, merge, publish,
  22 // distribute, sublicense, and/or sell copies of the Software, and to
  23 // permit persons to whom the Software is furnished to do so, subject to
  24 // the following conditions:
  25 //
  26 // The above copyright notice and this permission notice shall be
  27 // included in all copies or substantial portions of the Software.
  28 //
  29 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
  30 // EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
  31 // MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
  32 // NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
  33 // LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
  34 // OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
  35 // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
  36 //
  37
  38 using System;
  39 using System.IO;
  40 using System.Globalization;
  41
  42 using Mono.Security.Cryptography;
  43
  44 namespace System.Security.Cryptography {
  45
  46 #if NET_1_0
  47         public class DSACryptoServiceProvider : DSA {
  48 #else
  49         public sealed class DSACryptoServiceProvider : DSA {
  50 #endif
  51                 private const int PROV_DSS_DH = 13;             // from WinCrypt.h
  52
  53                 private KeyPairPersistence store;
  54                 private bool persistKey;
  55                 private bool persisted;
  56
  57                 private bool privateKeyExportable = true;
  58                 private bool m_disposed;
  59
  60                 private DSAManaged dsa;
  61
  62                 // MS implementation generates a keypair everytime a new DSA
  63                 // object is created (unless an existing key container is
  64                 // specified in the CspParameters).
  65                 // However we:
  66                 // (a) often use DSA to import an existing keypair.
  67                 // (b) take a LOT of time to generate the DSA group
  68                 // So we'll generate the keypair only when (and if) it's being
  69                 // used (or exported). This should save us a lot of time (at
  70                 // least in the unit tests).
  71
  72                 public DSACryptoServiceProvider ()
  73                         : this (1024, null)
  74                 {
  75                 }
  76
  77                 public DSACryptoServiceProvider (CspParameters parameters)
  78                         : this (1024, parameters)
  79                 {
  80                 }
  81
  82                 public DSACryptoServiceProvider (int dwKeySize)
  83                         : this (dwKeySize, null)
  84                 {
  85                 }
  86
  87                 public DSACryptoServiceProvider (int dwKeySize, CspParameters parameters)
  88                 {
  89                         LegalKeySizesValue = new KeySizes [1];
  90                         LegalKeySizesValue [0] = new KeySizes (512, 1024, 64);
  91
  92                         // will throw an exception is key size isn't supported
  93                         KeySize = dwKeySize;
  94                         dsa = new DSAManaged (dwKeySize);
  95                         dsa.KeyGenerated += new DSAManaged.KeyGeneratedEventHandler (OnKeyGenerated);
  96
  97                         persistKey = (parameters != null);
  98                         if (parameters == null) {
  99                                 parameters = new CspParameters (PROV_DSS_DH);
 100 #if ! NET_1_0
 101                                 if (useMachineKeyStore)
 102                                         parameters.Flags |= CspProviderFlags.UseMachineKeyStore;
 103 #endif
 104                                 store = new KeyPairPersistence (parameters);
 105                                 // no need to load - it cannot exists
 106                         }
 107                         else {
 108                                 store = new KeyPairPersistence (parameters);
 109                                 store.Load ();
 110                                 if (store.KeyValue != null) {
 111                                         persisted = true;
 112                                         this.FromXmlString (store.KeyValue);
 113                                 }
 114                         }
 115                 }
 116
 117                 ~DSACryptoServiceProvider ()
 118                 {
 119                         Dispose (false);
 120                 }
 121
 122                 // DSA isn't used for key exchange
 123                 public override string KeyExchangeAlgorithm {
 124                         get { return null; }
 125                 }
 126
 127                 public override int KeySize {
 128                         get { return dsa.KeySize; }
 129                 }
 130
 131                 public override KeySizes[] LegalKeySizes {
 132                         get { return LegalKeySizesValue; }
 133                 }
 134
 135                 public bool PersistKeyInCsp {
 136                         get { return persistKey; }
 137                         set { persistKey = value; }
 138                 }
 139
 140 #if (NET_1_0 || NET_1_1)
 141                 internal
 142 #else
 143                 public
 144 #endif
 145                 bool PublicOnly {
 146                         get { return dsa.PublicOnly; }
 147                 }
 148
 149                 public override string SignatureAlgorithm {
 150                         get { return "http://www.w3.org/2000/09/xmldsig#dsa-sha1"; }
 151                 }
 152
 153 #if ! NET_1_0
 154                 private static bool useMachineKeyStore = false;
 155
 156                 public static bool UseMachineKeyStore {
 157                         get { return useMachineKeyStore; }
 158                         set { useMachineKeyStore = value; }
 159                 }
 160 #endif
 161
 162                 public override DSAParameters ExportParameters (bool includePrivateParameters)
 163                 {
 164                         if ((includePrivateParameters) && (!privateKeyExportable)) {
 165                                 throw new CryptographicException (
 166                                         Locale.GetText ("Cannot export private key"));
 167                         }
 168
 169                         return dsa.ExportParameters (includePrivateParameters);
 170                 }
 171
 172                 public override void ImportParameters (DSAParameters parameters)
 173                 {
 174                         dsa.ImportParameters (parameters);
 175                 }
 176
 177                 public override byte[] CreateSignature (byte[] rgbHash)
 178                 {
 179                         return dsa.CreateSignature (rgbHash);
 180                 }
 181
 182                 public byte[] SignData (byte[] data)
 183                 {
 184                         // right now only SHA1 is supported by FIPS186-2
 185                         HashAlgorithm hash = SHA1.Create ();
 186                         byte[] toBeSigned = hash.ComputeHash (data);
 187                         return dsa.CreateSignature (toBeSigned);
 188                 }
 189
 190                 public byte[] SignData (byte[] data, int offset, int count)
 191                 {
 192                         // right now only SHA1 is supported by FIPS186-2
 193                         HashAlgorithm hash = SHA1.Create ();
 194                         byte[] toBeSigned = hash.ComputeHash (data, offset, count);
 195                         return dsa.CreateSignature (toBeSigned);
 196                 }
 197
 198                 public byte[] SignData (Stream inputStream)
 199                 {
 200                         // right now only SHA1 is supported by FIPS186-2
 201                         HashAlgorithm hash = SHA1.Create ();
 202                         byte[] toBeSigned = hash.ComputeHash (inputStream);
 203                         return dsa.CreateSignature (toBeSigned);
 204                 }
 205
 206                 public byte[] SignHash (byte[] rgbHash, string str)
 207                 {
 208                         // right now only SHA1 is supported by FIPS186-2
 209                         if (String.Compare (str, "SHA1", true, CultureInfo.InvariantCulture) != 0) {
 210                                 // not documented
 211                                 throw new CryptographicException (Locale.GetText ("Only SHA1 is supported."));
 212                         }
 213
 214                         return dsa.CreateSignature (rgbHash);
 215                 }
 216
 217                 public bool VerifyData (byte[] rgbData, byte[] rgbSignature)
 218                 {
 219                         // right now only SHA1 is supported by FIPS186-2
 220                         HashAlgorithm hash = SHA1.Create();
 221                         byte[] toBeVerified = hash.ComputeHash (rgbData);
 222                         return dsa.VerifySignature (toBeVerified, rgbSignature);
 223                 }
 224
 225                 // LAMESPEC: MD5 isn't allowed with DSA
 226                 public bool VerifyHash (byte[] rgbHash, string str, byte[] rgbSignature)
 227                 {
 228                         if (str == null)
 229                                 str = "SHA1"; // default value
 230                         if (String.Compare (str, "SHA1", true, CultureInfo.InvariantCulture) != 0) {
 231                                 throw new CryptographicException (Locale.GetText ("Only SHA1 is supported."));
 232                         }
 233
 234                         return dsa.VerifySignature (rgbHash, rgbSignature);
 235                 }
 236
 237                 public override bool VerifySignature (byte[] rgbHash, byte[] rgbSignature)
 238                 {
 239                         return dsa.VerifySignature (rgbHash, rgbSignature);
 240                 }
 241
 242                 protected override void Dispose (bool disposing)
 243                 {
 244                         if (!m_disposed) {
 245                                 // the key is persisted and we do not want it persisted
 246                                 if ((persisted) && (!persistKey)) {
 247                                         store.Remove ();        // delete the container
 248                                 }
 249                                 if (dsa != null)
 250                                         dsa.Clear ();
 251                                 // call base class
 252                                 // no need as they all are abstract before us
 253                                 m_disposed = true;
 254                         }
 255                 }
 256
 257                 // private stuff
 258
 259                 private void OnKeyGenerated (object sender, EventArgs e)
 260                 {
 261                         // the key isn't persisted and we want it persisted
 262                         if ((persistKey) && (!persisted)) {
 263                                 // save the current keypair
 264                                 store.KeyValue = this.ToXmlString (!dsa.PublicOnly);
 265                                 store.Save ();
 266                                 persisted = true;
 267                         }
 268                 }
 269         }
 270 }