File: CryptoAlgorithms.cs

package info (click to toggle)
mono 6.14.1%2Bds2-1
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid
  • size: 1,282,732 kB
  • sloc: cs: 11,182,461; xml: 2,850,281; ansic: 699,123; cpp: 122,919; perl: 58,604; javascript: 30,841; asm: 21,845; makefile: 19,602; sh: 10,973; python: 4,772; pascal: 925; sql: 859; sed: 16; php: 1
file content (99 lines) | stat: -rw-r--r-- 4,486 bytes parent folder | download | duplicates (6) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
 
//------------------------------------------------------------------------------
// <copyright file="CryptoAlgorithms.cs" company="Microsoft">
//     Copyright (c) Microsoft Corporation.  All rights reserved.
// </copyright>                                                                
//------------------------------------------------------------------------------

namespace System.Web.Security.Cryptography {
    using System;
    using System.Diagnostics.CodeAnalysis;
    using System.Security.Cryptography;

    // Utility class to provide the "one true way" of getting instances of
    // cryptographic algorithms, like SymmetricAlgorithm and HashAlgorithm.

    // From discussions with Microsoft and the crypto board, we should prefer
    // the CNG implementations of algorithms, then the CAPI implementations,
    // then finally managed implementations if there are no CNG / CAPI
    // implementations. The CNG / CAPI implementations are preferred for
    // expandability, FIPS-compliance, and performance.
    //
    // .NET Framework 4.5 allows us to make two core assumptions:
    // - The built-in HMAC classes have been updated for FIPS compliance.
    // - Since .NET 4.5 requires Windows Server 2008 or greater, we can
    //   assume that CNG is available on the box.
    //
    // Note that some algorithms (MD5, DES, etc.) aren't FIPS-compliant
    // under any circumstance. Calling these methods when the OS is
    // configured to allow only FIPS-compliant algorithms will result
    // in an exception being thrown.
    //
    // The .NET Framework's built-in algorithms don't need to be created
    // under the application impersonation context since they don't depend
    // on the impersonated identity.

    internal static class CryptoAlgorithms {

        internal static Aes CreateAes() {
            return new AesCryptoServiceProvider();
        }

        [SuppressMessage("Microsoft.Cryptographic.Standard", "CA5351:DESCannotBeUsed", Justification = @"This is only used by legacy code; new features do not use this algorithm.")]
        [Obsolete("DES is deprecated and MUST NOT be used by new features. Consider using AES instead.")]
        internal static DES CreateDES() {
            return new DESCryptoServiceProvider();
        }

        [SuppressMessage("Microsoft.Security.Cryptography", "CA5354:SHA1CannotBeUsed", Justification = @"This is only used by legacy code; new features do not use this algorithm.")]
        internal static HMACSHA1 CreateHMACSHA1() {
            return new HMACSHA1();
        }

        internal static HMACSHA256 CreateHMACSHA256() {
            return new HMACSHA256();
        }

        internal static HMACSHA384 CreateHMACSHA384() {
            return new HMACSHA384();
        }

        internal static HMACSHA512 CreateHMACSHA512() {
            return new HMACSHA512();
        }

        internal static HMACSHA512 CreateHMACSHA512(byte[] key) {
            return new HMACSHA512(key);
        }

        [SuppressMessage("Microsoft.Cryptographic.Standard", "CA5350:MD5CannotBeUsed", Justification = @"This is only used by legacy code; new features do not use this algorithm.")]
        [Obsolete("MD5 is deprecated and MUST NOT be used by new features. Consider using a SHA-2 algorithm instead.")]
        internal static MD5 CreateMD5() {
            return new MD5Cng();
        }

        [SuppressMessage("Microsoft.Cryptographic.Standard", "CA5354:SHA1CannotBeUsed", Justification = @"This is only used by legacy code; new features do not use this algorithm.")]
        [Obsolete("SHA1 is deprecated and MUST NOT be used by new features. Consider using a SHA-2 algorithm instead.")]
        internal static SHA1 CreateSHA1() {
            return new SHA1Cng();
        }

        internal static SHA256 CreateSHA256() {
            return new SHA256Cng();
        }

        internal static SHA384 CreateSHA384() {
            return new SHA384Cng();
        }

        internal static SHA512 CreateSHA512() {
            return new SHA512Cng();
        }

        [SuppressMessage("Microsoft.Cryptographic.Standard", "CA5353:TripleDESCannotBeUsed", Justification = @"This is only used by legacy code; new features do not use this algorithm.")]
        [Obsolete("3DES is deprecated and MUST NOT be used by new features. Consider using AES instead.")]
        internal static TripleDES CreateTripleDES() {
            return new TripleDESCryptoServiceProvider();
        }

    }
}