/Mono.Security.Cryptography/CryptoService.cs

http://github.com/jbevain/cecil · C# · 204 lines · 142 code · 43 blank · 19 comment · 12 complexity · ce8a7ac234de78552d317d1c37ee1cb4 MD5 · raw file 

    

  1. //
    2. 

  2. // Author:
    3. 

  3. //   Jb Evain (jbevain@gmail.com)
    4. 

  4. //
    5. 

  5. // Copyright (c) 2008 - 2015 Jb Evain
    6. 

  6. // Copyright (c) 2008 - 2011 Novell, Inc.
    7. 

  7. //
    8. 

  8. // Licensed under the MIT/X11 license.
    9. 

  9. //
    10. 

  10. 

  11. using System;
    12. 

  12. using System.IO;
    13. 

  13. using System.Reflection;
    14. 

  14. using System.Security.Cryptography;
    15. 

  15. using System.Runtime.Serialization;
    16. 

  16. 

  17. using Mono.Security.Cryptography;
    18. 

  18. 

  19. using Mono.Cecil.PE;
    20. 

  20. 

  21. namespace Mono.Cecil {
    22. 

  22. 

  23. 	// Most of this code has been adapted
    24. 

  24. 	// from Jeroen Frijters' fantastic work
    25. 

  25. 	// in IKVM.Reflection.Emit. Thanks!
    26. 

  26. 

  27. 	static class CryptoService {
    28. 

  28. 

  29. 		public static byte [] GetPublicKey (WriterParameters parameters)
    30. 

  30. 		{
    31. 

  31. 			using (var rsa = parameters.CreateRSA ()) {
    32. 

  32. 				var cspBlob = CryptoConvert.ToCapiPublicKeyBlob (rsa);
    33. 

  33. 				var publicKey = new byte [12 + cspBlob.Length];
    34. 

  34. 				Buffer.BlockCopy (cspBlob, 0, publicKey, 12, cspBlob.Length);
    35. 

  35. 				// The first 12 bytes are documented at:
    36. 

  36. 				// http://msdn.microsoft.com/library/en-us/cprefadd/html/grfungethashfromfile.asp
    37. 

  37. 				// ALG_ID - Signature
    38. 

  38. 				publicKey [1] = 36;
    39. 

  39. 				// ALG_ID - Hash
    40. 

  40. 				publicKey [4] = 4;
    41. 

  41. 				publicKey [5] = 128;
    42. 

  42. 				// Length of Public Key (in bytes)
    43. 

  43. 				publicKey [8] = (byte) (cspBlob.Length >> 0);
    44. 

  44. 				publicKey [9] = (byte) (cspBlob.Length >> 8);
    45. 

  45. 				publicKey [10] = (byte) (cspBlob.Length >> 16);
    46. 

  46. 				publicKey [11] = (byte) (cspBlob.Length >> 24);
    47. 

  47. 				return publicKey;
    48. 

  48. 			}
    49. 

  49. 		}
    50. 

  50. 

  51. 		public static void StrongName (Stream stream, ImageWriter writer, WriterParameters parameters)
    52. 

  52. 		{
    53. 

  53. 			int strong_name_pointer;
    54. 

  54. 

  55. 			var strong_name = CreateStrongName (parameters, HashStream (stream, writer, out strong_name_pointer));
    56. 

  56. 			PatchStrongName (stream, strong_name_pointer, strong_name);
    57. 

  57. 		}
    58. 

  58. 

  59. 		static void PatchStrongName (Stream stream, int strong_name_pointer, byte [] strong_name)
    60. 

  60. 		{
    61. 

  61. 			stream.Seek (strong_name_pointer, SeekOrigin.Begin);
    62. 

  62. 			stream.Write (strong_name, 0, strong_name.Length);
    63. 

  63. 		}
    64. 

  64. 

  65. 		static byte [] CreateStrongName (WriterParameters parameters, byte [] hash)
    66. 

  66. 		{
    67. 

  67. 			const string hash_algo = "SHA1";
    68. 

  68. 

  69. 			using (var rsa = parameters.CreateRSA ()) {
    70. 

  70. 				var formatter = new RSAPKCS1SignatureFormatter (rsa);
    71. 

  71. 				formatter.SetHashAlgorithm (hash_algo);
    72. 

  72. 

  73. 				byte [] signature = formatter.CreateSignature (hash);
    74. 

  74. 				Array.Reverse (signature);
    75. 

  75. 

  76. 				return signature;
    77. 

  77. 			}
    78. 

  78. 		}
    79. 

  79. 

  80. 		static byte [] HashStream (Stream stream, ImageWriter writer, out int strong_name_pointer)
    81. 

  81. 		{
    82. 

  82. 			const int buffer_size = 8192;
    83. 

  83. 

  84. 			var text = writer.text;
    85. 

  85. 			var header_size = (int) writer.GetHeaderSize ();
    86. 

  86. 			var text_section_pointer = (int) text.PointerToRawData;
    87. 

  87. 			var strong_name_directory = writer.GetStrongNameSignatureDirectory ();
    88. 

  88. 

  89. 			if (strong_name_directory.Size == 0)
    90. 

  90. 				throw new InvalidOperationException ();
    91. 

  91. 

  92. 			strong_name_pointer = (int) (text_section_pointer
    93. 

  93. 				+ (strong_name_directory.VirtualAddress - text.VirtualAddress));
    94. 

  94. 			var strong_name_length = (int) strong_name_directory.Size;
    95. 

  95. 

  96. 			var sha1 = new SHA1Managed ();
    97. 

  97. 			var buffer = new byte [buffer_size];
    98. 

  98. 			using (var crypto_stream = new CryptoStream (Stream.Null, sha1, CryptoStreamMode.Write)) {
    99. 

  99. 				stream.Seek (0, SeekOrigin.Begin);
    100. 

  100. 				CopyStreamChunk (stream, crypto_stream, buffer, header_size);
    101. 

  101. 

  102. 				stream.Seek (text_section_pointer, SeekOrigin.Begin);
    103. 

  103. 				CopyStreamChunk (stream, crypto_stream, buffer, (int) strong_name_pointer - text_section_pointer);
    104. 

  104. 

  105. 				stream.Seek (strong_name_length, SeekOrigin.Current);
    106. 

  106. 				CopyStreamChunk (stream, crypto_stream, buffer, (int) (stream.Length - (strong_name_pointer + strong_name_length)));
    107. 

  107. 			}
    108. 

  108. 

  109. 			return sha1.Hash;
    110. 

  110. 		}
    111. 

  111. 

  112. 		static void CopyStreamChunk (Stream stream, Stream dest_stream, byte [] buffer, int length)
    113. 

  113. 		{
    114. 

  114. 			while (length > 0) {
    115. 

  115. 				int read = stream.Read (buffer, 0, System.Math.Min (buffer.Length, length));
    116. 

  116. 				dest_stream.Write (buffer, 0, read);
    117. 

  117. 				length -= read;
    118. 

  118. 			}
    119. 

  119. 		}
    120. 

  120. 

  121. 		public static byte [] ComputeHash (string file)
    122. 

  122. 		{
    123. 

  123. 			if (!File.Exists (file))
    124. 

  124. 				return Empty<byte>.Array;
    125. 

  125. 

  126. 			using (var stream = new FileStream (file, FileMode.Open, FileAccess.Read, FileShare.Read))
    127. 

  127. 				return ComputeHash (stream);
    128. 

  128. 		}
    129. 

  129. 

  130. 		public static byte [] ComputeHash (Stream stream)
    131. 

  131. 		{
    132. 

  132. 			const int buffer_size = 8192;
    133. 

  133. 

  134. 			var sha1 = new SHA1Managed ();
    135. 

  135. 			var buffer = new byte [buffer_size];
    136. 

  136. 

  137. 			using (var crypto_stream = new CryptoStream (Stream.Null, sha1, CryptoStreamMode.Write))
    138. 

  138. 				CopyStreamChunk (stream, crypto_stream, buffer, (int) stream.Length);
    139. 

  139. 

  140. 			return sha1.Hash;
    141. 

  141. 		}
    142. 

  142. 

  143. 		public static byte [] ComputeHash (params ByteBuffer [] buffers)
    144. 

  144. 		{
    145. 

  145. 			var sha1 = new SHA1Managed ();
    146. 

  146. 

  147. 			using (var crypto_stream = new CryptoStream (Stream.Null, sha1, CryptoStreamMode.Write)) {
    148. 

  148. 				for (int i = 0; i < buffers.Length; i++) {
    149. 

  149. 					crypto_stream.Write (buffers [i].buffer, 0, buffers [i].length);
    150. 

  150. 				}
    151. 

  151. 			}
    152. 

  152. 

  153. 			return sha1.Hash;
    154. 

  154. 		}
    155. 

  155. 

  156. 		public static Guid ComputeGuid (byte [] hash)
    157. 

  157. 		{
    158. 

  158. 			// From corefx/src/System.Reflection.Metadata/src/System/Reflection/Metadata/BlobContentId.cs
    159. 

  159. 			var guid = new byte [16];
    160. 

  160. 			Buffer.BlockCopy (hash, 0, guid, 0, 16);
    161. 

  161. 

  162. 			// modify the guid data so it decodes to the form of a "random" guid ala rfc4122
    163. 

  163. 			guid [7] = (byte) ((guid [7] & 0x0f) | (4 << 4));
    164. 

  164. 			guid [8] = (byte) ((guid [8] & 0x3f) | (2 << 6));
    165. 

  165. 

  166. 			return new Guid (guid);
    167. 

  167. 		}
    168. 

  168. 	}
    169. 

  169. 

  170. 	static partial class Mixin {
    171. 

  171. 

  172. 		public static RSA CreateRSA (this WriterParameters writer_parameters)
    173. 

  173. 		{
    174. 

  174. 			byte [] key;
    175. 

  175. 			string key_container;
    176. 

  176. 

  177. 			if (writer_parameters.StrongNameKeyBlob != null)
    178. 

  178. 				return CryptoConvert.FromCapiKeyBlob (writer_parameters.StrongNameKeyBlob);
    179. 

  179. 

  180. 			if (writer_parameters.StrongNameKeyContainer != null)
    181. 

  181. 				key_container = writer_parameters.StrongNameKeyContainer;
    182. 

  182. 			else if (!TryGetKeyContainer (writer_parameters.StrongNameKeyPair, out key, out key_container))
    183. 

  183. 				return CryptoConvert.FromCapiKeyBlob (key);
    184. 

  184. 

  185. 			var parameters = new CspParameters {
    186. 

  186. 				Flags = CspProviderFlags.UseMachineKeyStore,
    187. 

  187. 				KeyContainerName = key_container,
    188. 

  188. 				KeyNumber = 2,
    189. 

  189. 			};
    190. 

  190. 

  191. 			return new RSACryptoServiceProvider (parameters);
    192. 

  192. 		}
    193. 

  193. 

  194. 		static bool TryGetKeyContainer (ISerializable key_pair, out byte [] key, out string key_container)
    195. 

  195. 		{
    196. 

  196. 			var info = new SerializationInfo (typeof (StrongNameKeyPair), new FormatterConverter ());
    197. 

  197. 			key_pair.GetObjectData (info, new StreamingContext ());
    198. 

  198. 

  199. 			key = (byte []) info.GetValue ("_keyPairArray", typeof (byte []));
    200. 

  200. 			key_container = info.GetString ("_keyPairContainer");
    201. 

  201. 			return key_container != null;
    202. 

  202. 		}
    203. 

  203. 	}
    204. 

  204. }
    205.