Skip to content
This repository was archived by the owner on Jul 26, 2023. It is now read-only.

Commit 1d02f7a

Browse files
AArnottAArnott
committed
Add BCryptKeyDerivation
Closes #365
1 parent f7dcabb commit 1d02f7a

File tree

3 files changed

+53
-0
lines changed

3 files changed

+53
-0
lines changed

src/BCrypt/BCrypt+BCryptKeyDerivationFlags.cs

Lines changed: 27 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,27 @@
1+
// Copyright © .NET Foundation and Contributors. All rights reserved.
2+
// Licensed under the MIT license. See LICENSE file in the project root for full license information.
3+
4+
namespace PInvoke
5+
{
6+
/// <content>
7+
/// Contains the <see cref="BCryptKeyDerivationFlags"/> nested type.
8+
/// </content>
9+
public partial class BCrypt
10+
{
11+
/// <summary>
12+
/// Flags that may be passed to the <see cref="BCryptKeyDerivation(SafeKeyHandle, BCryptBufferDesc*, byte*, int, out int, BCryptKeyDerivationFlags)"/> method.
13+
/// </summary>
14+
public enum BCryptKeyDerivationFlags : uint
15+
{
16+
/// <summary>
17+
/// No flags.
18+
/// </summary>
19+
None = 0x0,
20+
21+
/// <summary>
22+
/// Specifies that the target algorithm is AES and that the key therefore must be double expanded. This flag is only valid with the CAPI_KDF algorithm.
23+
/// </summary>
24+
BCRYPT_CAPI_AES_FLAG = 0x00000010,
25+
}
26+
}
27+
}

src/BCrypt/BCrypt.cs

Lines changed: 20 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -108,6 +108,26 @@ public static extern unsafe NTSTATUS BCryptCreateHash(
108108
int cbSecret,
109109
BCryptCreateHashFlags dwFlags);
110110

111+
/// <summary>
112+
/// Derives a key without requiring a secret agreement. It is similar in functionality to <see cref="BCryptDeriveKey(SafeSecretHandle, string, BCryptBufferDesc*, byte*, int, out int, BCryptDeriveKeyFlags)"/>
113+
/// but does not require a BCRYPT_SECRET_HANDLE value as input.
114+
/// </summary>
115+
/// <param name="hKey">Handle of the input key.</param>
116+
/// <param name="pParameterList">Pointer to a BCryptBufferDesc structure that contains the KDF parameters. This parameter is optional and can be NULL if it is not needed. The parameters can be specific to a key derivation function (KDF) or generic. See <see href="https://docs.microsoft.com/en-us/windows/win32/api/bcrypt/nf-bcrypt-bcryptkeyderivation">online docs</see> for more information.</param>
117+
/// <param name="pbDerivedKey">Address of a buffer that receives the key. The <paramref name="cbDerivedKey"/> parameter contains the size of this buffer.</param>
118+
/// <param name="cbDerivedKey">Size, in bytes, of the buffer pointed to by the <paramref name="pbDerivedKey" /> parameter.</param>
119+
/// <param name="pcbResult">Pointer to a variable that receives the number of bytes that were copied to the buffer pointed to by the <paramref name="pbDerivedKey"/> parameter.</param>
120+
/// <param name="dwFlags">Flags that modify the behavior of this function. <see cref="BCryptKeyDerivationFlags.BCRYPT_CAPI_AES_FLAG"/> may be used with the Microsoft Primitive provider.</param>
121+
/// <returns>Returns a status code that indicates the success or failure of the function.</returns>
122+
[DllImport(nameof(BCrypt))]
123+
public static extern unsafe NTSTATUS BCryptKeyDerivation(
124+
SafeKeyHandle hKey,
125+
[Friendly(FriendlyFlags.In | FriendlyFlags.Optional)] BCryptBufferDesc* pParameterList,
126+
[Friendly(FriendlyFlags.Out | FriendlyFlags.Array)] byte* pbDerivedKey,
127+
int cbDerivedKey,
128+
out int pcbResult,
129+
BCryptKeyDerivationFlags dwFlags);
130+
111131
/// <summary>
112132
/// The <see cref="BCryptCreateMultiHash(SafeAlgorithmHandle, out SafeHashHandle, int, byte*, int, byte*, int, BCryptCreateHashFlags)"/> function creates a multi-hash state that allows for the parallel computation of multiple hash operations.
113133
/// </summary>

src/BCrypt/PublicAPI.Unshipped.txt

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -8,6 +8,9 @@ PInvoke.BCrypt.BCRYPT_MULTI_HASH_OPERATION.pbBuffer_IntPtr.get -> System.IntPtr
88
PInvoke.BCrypt.BCRYPT_MULTI_HASH_OPERATION.pbBuffer_IntPtr.set -> void
99
PInvoke.BCrypt.BCRYPT_MULTI_OPERATION_TYPE
1010
PInvoke.BCrypt.BCRYPT_MULTI_OPERATION_TYPE.BCRYPT_OPERATION_TYPE_HASH = 1 -> PInvoke.BCrypt.BCRYPT_MULTI_OPERATION_TYPE
11+
PInvoke.BCrypt.BCryptKeyDerivationFlags
12+
PInvoke.BCrypt.BCryptKeyDerivationFlags.BCRYPT_CAPI_AES_FLAG = 16 -> PInvoke.BCrypt.BCryptKeyDerivationFlags
13+
PInvoke.BCrypt.BCryptKeyDerivationFlags.None = 0 -> PInvoke.BCrypt.BCryptKeyDerivationFlags
1114
PInvoke.BCrypt.BCryptOpenAlgorithmProviderFlags.BCRYPT_MULTI_FLAG = 64 -> PInvoke.BCrypt.BCryptOpenAlgorithmProviderFlags
1215
PInvoke.BCrypt.HashOperationType
1316
PInvoke.BCrypt.HashOperationType.BCRYPT_HASH_OPERATION_FINISH_HASH = 2 -> PInvoke.BCrypt.HashOperationType
@@ -27,6 +30,8 @@ static PInvoke.BCrypt.BCryptGetProperty(System.Runtime.InteropServices.SafeHandl
2730
static PInvoke.BCrypt.BCryptHashData(PInvoke.BCrypt.SafeHashHandle hHash, System.IntPtr pbInput, int cbInput, PInvoke.BCrypt.BCryptHashDataFlags dwFlags = PInvoke.BCrypt.BCryptHashDataFlags.None) -> PInvoke.NTSTATUS
2831
static PInvoke.BCrypt.BCryptImportKey(PInvoke.BCrypt.SafeAlgorithmHandle hAlgorithm, PInvoke.BCrypt.SafeKeyHandle hImportKey, string pszBlobType, out PInvoke.BCrypt.SafeKeyHandle phKey, System.IntPtr pbKeyObject, int cbKeyObject, System.IntPtr pbInput, int cbInput, PInvoke.BCrypt.BCryptImportKeyFlags dwFlags = PInvoke.BCrypt.BCryptImportKeyFlags.None) -> PInvoke.NTSTATUS
2932
static PInvoke.BCrypt.BCryptImportKeyPair(PInvoke.BCrypt.SafeAlgorithmHandle hAlgorithm, PInvoke.BCrypt.SafeKeyHandle hImportKey, string pszBlobType, out PInvoke.BCrypt.SafeKeyHandle phKey, System.IntPtr pbInput, int cbInput, PInvoke.BCrypt.BCryptImportKeyPairFlags dwFlags) -> PInvoke.NTSTATUS
33+
static PInvoke.BCrypt.BCryptKeyDerivation(PInvoke.BCrypt.SafeKeyHandle hKey, PInvoke.BCrypt.BCryptBufferDesc? pParameterList, byte[] pbDerivedKey, int cbDerivedKey, out int pcbResult, PInvoke.BCrypt.BCryptKeyDerivationFlags dwFlags) -> PInvoke.NTSTATUS
34+
static PInvoke.BCrypt.BCryptKeyDerivation(PInvoke.BCrypt.SafeKeyHandle hKey, System.IntPtr pParameterList, System.IntPtr pbDerivedKey, int cbDerivedKey, out int pcbResult, PInvoke.BCrypt.BCryptKeyDerivationFlags dwFlags) -> PInvoke.NTSTATUS
3035
static PInvoke.BCrypt.BCryptProcessMultiOperations(PInvoke.BCrypt.SafeHashHandle hHash, PInvoke.BCrypt.BCRYPT_MULTI_OPERATION_TYPE operationType, PInvoke.BCrypt.BCRYPT_MULTI_HASH_OPERATION[] pOperations, int cbOperations, int dwFlags = 0) -> PInvoke.NTSTATUS
3136
static PInvoke.BCrypt.BCryptProcessMultiOperations(PInvoke.BCrypt.SafeHashHandle hHash, PInvoke.BCrypt.BCRYPT_MULTI_OPERATION_TYPE operationType, System.IntPtr pOperations, int cbOperations, int dwFlags = 0) -> PInvoke.NTSTATUS
3237
static PInvoke.BCrypt.BCryptSignHash(PInvoke.BCrypt.SafeKeyHandle hKey, System.IntPtr pPaddingInfo, System.IntPtr pbInput, int cbInput, System.IntPtr pbOutput, int cbOutput, out int pcbResult, PInvoke.BCrypt.BCryptSignHashFlags dwFlags) -> PInvoke.NTSTATUS
@@ -42,6 +47,7 @@ static extern PInvoke.BCrypt.BCryptGetProperty(System.Runtime.InteropServices.Sa
4247
static extern PInvoke.BCrypt.BCryptHashData(PInvoke.BCrypt.SafeHashHandle hHash, byte* pbInput, int cbInput, PInvoke.BCrypt.BCryptHashDataFlags dwFlags = PInvoke.BCrypt.BCryptHashDataFlags.None) -> PInvoke.NTSTATUS
4348
static extern PInvoke.BCrypt.BCryptImportKey(PInvoke.BCrypt.SafeAlgorithmHandle hAlgorithm, PInvoke.BCrypt.SafeKeyHandle hImportKey, string pszBlobType, out PInvoke.BCrypt.SafeKeyHandle phKey, byte* pbKeyObject, int cbKeyObject, byte* pbInput, int cbInput, PInvoke.BCrypt.BCryptImportKeyFlags dwFlags = PInvoke.BCrypt.BCryptImportKeyFlags.None) -> PInvoke.NTSTATUS
4449
static extern PInvoke.BCrypt.BCryptImportKeyPair(PInvoke.BCrypt.SafeAlgorithmHandle hAlgorithm, PInvoke.BCrypt.SafeKeyHandle hImportKey, string pszBlobType, out PInvoke.BCrypt.SafeKeyHandle phKey, byte* pbInput, int cbInput, PInvoke.BCrypt.BCryptImportKeyPairFlags dwFlags) -> PInvoke.NTSTATUS
50+
static extern PInvoke.BCrypt.BCryptKeyDerivation(PInvoke.BCrypt.SafeKeyHandle hKey, PInvoke.BCrypt.BCryptBufferDesc* pParameterList, byte* pbDerivedKey, int cbDerivedKey, out int pcbResult, PInvoke.BCrypt.BCryptKeyDerivationFlags dwFlags) -> PInvoke.NTSTATUS
4551
static extern PInvoke.BCrypt.BCryptProcessMultiOperations(PInvoke.BCrypt.SafeHashHandle hHash, PInvoke.BCrypt.BCRYPT_MULTI_OPERATION_TYPE operationType, PInvoke.BCrypt.BCRYPT_MULTI_HASH_OPERATION* pOperations, int cbOperations, int dwFlags = 0) -> PInvoke.NTSTATUS
4652
static extern PInvoke.BCrypt.BCryptSignHash(PInvoke.BCrypt.SafeKeyHandle hKey, void* pPaddingInfo, byte* pbInput, int cbInput, byte* pbOutput, int cbOutput, out int pcbResult, PInvoke.BCrypt.BCryptSignHashFlags dwFlags) -> PInvoke.NTSTATUS
4753
static extern PInvoke.BCrypt.BCryptVerifySignature(PInvoke.BCrypt.SafeKeyHandle hKey, void* pPaddingInfo, byte* pbHash, int cbHash, byte* pbSignature, int cbSignature, PInvoke.BCrypt.BCryptSignHashFlags dwFlags = PInvoke.BCrypt.BCryptSignHashFlags.None) -> PInvoke.NTSTATUS

0 commit comments

Comments
 (0)