2 // System.Security.Cryptography.DSACryptoServiceProvider.cs
5 // Dan Lewis (dihlewis@yahoo.co.uk)
6 // Sebastien Pouliot <sebastien@ximian.com>
7 // Ben Maurer (bmaurer@users.sf.net)
10 // Portions (C) 2002, 2003 Motus Technologies Inc. (http://www.motus.com)
11 // Portions (C) 2003 Ben Maurer
12 // (C) 2004 Novell (http://www.novell.com)
16 // Copyright (C) 2004 Novell, Inc (http://www.novell.com)
18 // Permission is hereby granted, free of charge, to any person obtaining
19 // a copy of this software and associated documentation files (the
20 // "Software"), to deal in the Software without restriction, including
21 // without limitation the rights to use, copy, modify, merge, publish,
22 // distribute, sublicense, and/or sell copies of the Software, and to
23 // permit persons to whom the Software is furnished to do so, subject to
24 // the following conditions:
26 // The above copyright notice and this permission notice shall be
27 // included in all copies or substantial portions of the Software.
29 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
30 // EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
31 // MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
32 // NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
33 // LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
34 // OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
35 // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
40 using System.Globalization;
42 using Mono.Security.Cryptography;
44 namespace System.Security.Cryptography {
47 public class DSACryptoServiceProvider : DSA {
49 public sealed class DSACryptoServiceProvider : DSA {
51 private const int PROV_DSS_DH = 13; // from WinCrypt.h
53 private KeyPairPersistence store;
54 private bool persistKey;
55 private bool persisted;
57 private bool privateKeyExportable = true;
58 private bool m_disposed;
60 private DSAManaged dsa;
62 // MS implementation generates a keypair everytime a new DSA
63 // object is created (unless an existing key container is
64 // specified in the CspParameters).
66 // (a) often use DSA to import an existing keypair.
67 // (b) take a LOT of time to generate the DSA group
68 // So we'll generate the keypair only when (and if) it's being
69 // used (or exported). This should save us a lot of time (at
70 // least in the unit tests).
72 public DSACryptoServiceProvider ()
77 public DSACryptoServiceProvider (CspParameters parameters)
78 : this (1024, parameters)
82 public DSACryptoServiceProvider (int dwKeySize)
83 : this (dwKeySize, null)
87 public DSACryptoServiceProvider (int dwKeySize, CspParameters parameters)
89 LegalKeySizesValue = new KeySizes [1];
90 LegalKeySizesValue [0] = new KeySizes (512, 1024, 64);
92 // will throw an exception is key size isn't supported
94 dsa = new DSAManaged (dwKeySize);
95 dsa.KeyGenerated += new DSAManaged.KeyGeneratedEventHandler (OnKeyGenerated);
97 persistKey = (parameters != null);
98 if (parameters == null) {
99 parameters = new CspParameters (PROV_DSS_DH);
101 if (useMachineKeyStore)
102 parameters.Flags |= CspProviderFlags.UseMachineKeyStore;
104 store = new KeyPairPersistence (parameters);
105 // no need to load - it cannot exists
108 store = new KeyPairPersistence (parameters);
110 if (store.KeyValue != null) {
112 this.FromXmlString (store.KeyValue);
117 ~DSACryptoServiceProvider ()
122 // DSA isn't used for key exchange
123 public override string KeyExchangeAlgorithm {
127 public override int KeySize {
128 get { return dsa.KeySize; }
131 public override KeySizes[] LegalKeySizes {
132 get { return LegalKeySizesValue; }
135 public bool PersistKeyInCsp {
136 get { return persistKey; }
137 set { persistKey = value; }
140 #if (NET_1_0 || NET_1_1)
146 get { return dsa.PublicOnly; }
149 public override string SignatureAlgorithm {
150 get { return "http://www.w3.org/2000/09/xmldsig#dsa-sha1"; }
154 private static bool useMachineKeyStore = false;
156 public static bool UseMachineKeyStore {
157 get { return useMachineKeyStore; }
158 set { useMachineKeyStore = value; }
162 public override DSAParameters ExportParameters (bool includePrivateParameters)
164 if ((includePrivateParameters) && (!privateKeyExportable)) {
165 throw new CryptographicException (
166 Locale.GetText ("Cannot export private key"));
169 return dsa.ExportParameters (includePrivateParameters);
172 public override void ImportParameters (DSAParameters parameters)
174 dsa.ImportParameters (parameters);
177 public override byte[] CreateSignature (byte[] rgbHash)
179 return dsa.CreateSignature (rgbHash);
182 public byte[] SignData (byte[] data)
184 // right now only SHA1 is supported by FIPS186-2
185 HashAlgorithm hash = SHA1.Create ();
186 byte[] toBeSigned = hash.ComputeHash (data);
187 return dsa.CreateSignature (toBeSigned);
190 public byte[] SignData (byte[] data, int offset, int count)
192 // right now only SHA1 is supported by FIPS186-2
193 HashAlgorithm hash = SHA1.Create ();
194 byte[] toBeSigned = hash.ComputeHash (data, offset, count);
195 return dsa.CreateSignature (toBeSigned);
198 public byte[] SignData (Stream inputStream)
200 // right now only SHA1 is supported by FIPS186-2
201 HashAlgorithm hash = SHA1.Create ();
202 byte[] toBeSigned = hash.ComputeHash (inputStream);
203 return dsa.CreateSignature (toBeSigned);
206 public byte[] SignHash (byte[] rgbHash, string str)
208 // right now only SHA1 is supported by FIPS186-2
209 if (String.Compare (str, "SHA1", true, CultureInfo.InvariantCulture) != 0) {
211 throw new CryptographicException (Locale.GetText ("Only SHA1 is supported."));
214 return dsa.CreateSignature (rgbHash);
217 public bool VerifyData (byte[] rgbData, byte[] rgbSignature)
219 // right now only SHA1 is supported by FIPS186-2
220 HashAlgorithm hash = SHA1.Create();
221 byte[] toBeVerified = hash.ComputeHash (rgbData);
222 return dsa.VerifySignature (toBeVerified, rgbSignature);
225 // LAMESPEC: MD5 isn't allowed with DSA
226 public bool VerifyHash (byte[] rgbHash, string str, byte[] rgbSignature)
229 str = "SHA1"; // default value
230 if (String.Compare (str, "SHA1", true, CultureInfo.InvariantCulture) != 0) {
231 throw new CryptographicException (Locale.GetText ("Only SHA1 is supported."));
234 return dsa.VerifySignature (rgbHash, rgbSignature);
237 public override bool VerifySignature (byte[] rgbHash, byte[] rgbSignature)
239 return dsa.VerifySignature (rgbHash, rgbSignature);
242 protected override void Dispose (bool disposing)
245 // the key is persisted and we do not want it persisted
246 if ((persisted) && (!persistKey)) {
247 store.Remove (); // delete the container
252 // no need as they all are abstract before us
259 private void OnKeyGenerated (object sender, EventArgs e)
261 // the key isn't persisted and we want it persisted
262 if ((persistKey) && (!persisted)) {
263 // save the current keypair
264 store.KeyValue = this.ToXmlString (!dsa.PublicOnly);