2 // System.Security.Cryptography.DSACryptoServiceProvider.cs
5 // Dan Lewis (dihlewis@yahoo.co.uk)
6 // Sebastien Pouliot <sebastien@ximian.com>
7 // Ben Maurer (bmaurer@users.sf.net)
10 // Portions (C) 2002, 2003 Motus Technologies Inc. (http://www.motus.com)
11 // Portions (C) 2003 Ben Maurer
12 // Copyright (C) 2004-2005 Novell, Inc (http://www.novell.com)
14 // Permission is hereby granted, free of charge, to any person obtaining
15 // a copy of this software and associated documentation files (the
16 // "Software"), to deal in the Software without restriction, including
17 // without limitation the rights to use, copy, modify, merge, publish,
18 // distribute, sublicense, and/or sell copies of the Software, and to
19 // permit persons to whom the Software is furnished to do so, subject to
20 // the following conditions:
22 // The above copyright notice and this permission notice shall be
23 // included in all copies or substantial portions of the Software.
25 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
26 // EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
27 // MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
28 // NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
29 // LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
30 // OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
31 // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
35 using System.Globalization;
36 using System.Runtime.InteropServices;
38 using Mono.Security.Cryptography;
40 namespace System.Security.Cryptography {
43 public sealed class DSACryptoServiceProvider : DSA, ICspAsymmetricAlgorithm {
44 private const int PROV_DSS_DH = 13; // from WinCrypt.h
46 private KeyPairPersistence store;
47 private bool persistKey;
48 private bool persisted;
50 private bool privateKeyExportable = true;
51 private bool m_disposed;
53 private DSAManaged dsa;
55 // MS implementation generates a keypair everytime a new DSA
56 // object is created (unless an existing key container is
57 // specified in the CspParameters).
59 // (a) often use DSA to import an existing keypair.
60 // (b) take a LOT of time to generate the DSA group
61 // So we'll generate the keypair only when (and if) it's being
62 // used (or exported). This should save us a lot of time (at
63 // least in the unit tests).
65 public DSACryptoServiceProvider ()
70 public DSACryptoServiceProvider (CspParameters parameters)
71 : this (1024, parameters)
75 public DSACryptoServiceProvider (int dwKeySize)
77 Common (dwKeySize, false);
80 public DSACryptoServiceProvider (int dwKeySize, CspParameters parameters)
82 bool has_parameters = parameters != null;
83 Common (dwKeySize, has_parameters);
88 void Common (int dwKeySize, bool parameters)
90 LegalKeySizesValue = new KeySizes [1];
91 LegalKeySizesValue [0] = new KeySizes (512, 1024, 64);
93 // will throw an exception is key size isn't supported
95 dsa = new DSAManaged (dwKeySize);
96 dsa.KeyGenerated += new DSAManaged.KeyGeneratedEventHandler (OnKeyGenerated);
98 persistKey = parameters;
102 var p = new CspParameters (PROV_DSS_DH);
103 if (useMachineKeyStore)
104 p.Flags |= CspProviderFlags.UseMachineKeyStore;
105 store = new KeyPairPersistence (p);
106 // no need to load - it cannot exists
109 void Common (CspParameters parameters)
111 store = new KeyPairPersistence (parameters);
113 if (store.KeyValue != null) {
115 this.FromXmlString (store.KeyValue);
119 ~DSACryptoServiceProvider ()
124 // DSA isn't used for key exchange
125 public override string KeyExchangeAlgorithm {
129 public override int KeySize {
130 get { return dsa.KeySize; }
133 public bool PersistKeyInCsp {
134 get { return persistKey; }
135 set { persistKey = value; }
139 public bool PublicOnly {
140 get { return dsa.PublicOnly; }
143 public override string SignatureAlgorithm {
144 get { return "http://www.w3.org/2000/09/xmldsig#dsa-sha1"; }
147 private static bool useMachineKeyStore;
149 public static bool UseMachineKeyStore {
150 get { return useMachineKeyStore; }
151 set { useMachineKeyStore = value; }
154 public override DSAParameters ExportParameters (bool includePrivateParameters)
156 if ((includePrivateParameters) && (!privateKeyExportable)) {
157 throw new CryptographicException (
158 Locale.GetText ("Cannot export private key"));
161 return dsa.ExportParameters (includePrivateParameters);
164 public override void ImportParameters (DSAParameters parameters)
166 dsa.ImportParameters (parameters);
169 public override byte[] CreateSignature (byte[] rgbHash)
171 return dsa.CreateSignature (rgbHash);
174 public byte[] SignData (byte[] buffer)
176 // right now only SHA1 is supported by FIPS186-2
177 HashAlgorithm hash = SHA1.Create ();
178 byte[] toBeSigned = hash.ComputeHash (buffer);
179 return dsa.CreateSignature (toBeSigned);
182 public byte[] SignData (byte[] buffer, int offset, int count)
184 // right now only SHA1 is supported by FIPS186-2
185 HashAlgorithm hash = SHA1.Create ();
186 byte[] toBeSigned = hash.ComputeHash (buffer, offset, count);
187 return dsa.CreateSignature (toBeSigned);
190 public byte[] SignData (Stream inputStream)
192 // right now only SHA1 is supported by FIPS186-2
193 HashAlgorithm hash = SHA1.Create ();
194 byte[] toBeSigned = hash.ComputeHash (inputStream);
195 return dsa.CreateSignature (toBeSigned);
198 public byte[] SignHash (byte[] rgbHash, string str)
200 // right now only SHA1 is supported by FIPS186-2
201 if (String.Compare (str, "SHA1", true, CultureInfo.InvariantCulture) != 0) {
203 throw new CryptographicException (Locale.GetText ("Only SHA1 is supported."));
206 return dsa.CreateSignature (rgbHash);
209 public bool VerifyData (byte[] rgbData, byte[] rgbSignature)
211 // right now only SHA1 is supported by FIPS186-2
212 HashAlgorithm hash = SHA1.Create();
213 byte[] toBeVerified = hash.ComputeHash (rgbData);
214 return dsa.VerifySignature (toBeVerified, rgbSignature);
217 // LAMESPEC: MD5 isn't allowed with DSA
218 public bool VerifyHash (byte[] rgbHash, string str, byte[] rgbSignature)
221 str = "SHA1"; // default value
222 if (String.Compare (str, "SHA1", true, CultureInfo.InvariantCulture) != 0) {
223 throw new CryptographicException (Locale.GetText ("Only SHA1 is supported."));
226 return dsa.VerifySignature (rgbHash, rgbSignature);
229 public override bool VerifySignature (byte[] rgbHash, byte[] rgbSignature)
231 return dsa.VerifySignature (rgbHash, rgbSignature);
234 protected override void Dispose (bool disposing)
237 // the key is persisted and we do not want it persisted
238 if ((persisted) && (!persistKey)) {
239 store.Remove (); // delete the container
244 // no need as they all are abstract before us
251 private void OnKeyGenerated (object sender, EventArgs e)
253 // the key isn't persisted and we want it persisted
254 if ((persistKey) && (!persisted)) {
255 // save the current keypair
256 store.KeyValue = this.ToXmlString (!dsa.PublicOnly);
261 // ICspAsymmetricAlgorithm
263 [MonoTODO ("call into KeyPairPersistence to get details")]
265 public CspKeyContainerInfo CspKeyContainerInfo {
270 public byte[] ExportCspBlob (bool includePrivateParameters)
273 if (includePrivateParameters)
274 blob = CryptoConvert.ToCapiPrivateKeyBlob (this);
276 blob = CryptoConvert.ToCapiPublicKeyBlob (this);
281 public void ImportCspBlob (byte[] keyBlob)
284 throw new ArgumentNullException ("keyBlob");
285 DSA dsa = CryptoConvert.FromCapiKeyBlobDSA (keyBlob);
286 if (dsa is DSACryptoServiceProvider) {
287 DSAParameters dsap = dsa.ExportParameters (!(dsa as DSACryptoServiceProvider).PublicOnly);
288 ImportParameters (dsap);
290 // we can't know from DSA if the private key is available
293 DSAParameters dsap = dsa.ExportParameters (true);
294 ImportParameters (dsap);
298 DSAParameters dsap = dsa.ExportParameters (false);
299 ImportParameters (dsap);