Update enclave sim to use new crypto apis (#1061)

* update enclave sim to use new crypto apis * update using statement
dotnet · May 7, 2021 · efc6c46 · efc6c46
1 parent 91c5844
commit efc6c46
Show file tree

Hide file tree

Showing 2 changed files with 7 additions and 6 deletions.
diff --git a/...ata.SqlClient/netcore/src/Microsoft/Data/SqlClient/SimulatorEnclaveProvider.NetCoreApp.cs b/...ata.SqlClient/netcore/src/Microsoft/Data/SqlClient/SimulatorEnclaveProvider.NetCoreApp.cs
@@ -84,9 +84,9 @@ internal override void CreateEnclaveSession(byte[] attestationInfo, ECDiffieHell
                         Buffer.BlockCopy(attestationInfo, attestationInfoOffset, trustedModuleDHPublicKeySignature, 0,
                             checked((int)sizeOfTrustedModuleDHPublicKeySignatureBuffer));
 
-                        ECParameters ecParams = KeyConverter.ECCPublicKeyBlobToParams(trustedModuleDHPublicKey);
-                        ECDiffieHellman enclaveDHKey = ECDiffieHellman.Create(ecParams);
-                        byte[] sharedSecret = clientDHKey.DeriveKeyFromHash(enclaveDHKey.PublicKey, HashAlgorithmName.SHA256);
+                        byte[] sharedSecret;
+                        using ECDiffieHellman ecdh = KeyConverter.CreateECDiffieHellmanFromPublicKeyBlob(trustedModuleDHPublicKey);
+                        sharedSecret = KeyConverter.DeriveKey(clientDHKey, ecdh.PublicKey);
                         long sessionId = BitConverter.ToInt64(enclaveSessionHandle, 0);
                         sqlEnclaveSession = AddEnclaveSessionToCache(enclaveSessionParameters, sharedSecret, sessionId, out counter);
                     }

diff --git a/src/Microsoft.Data.SqlClient/netfx/src/Microsoft/Data/SqlClient/SimulatorEnclaveProvider.cs b/src/Microsoft.Data.SqlClient/netfx/src/Microsoft/Data/SqlClient/SimulatorEnclaveProvider.cs
@@ -38,7 +38,7 @@ internal override SqlEnclaveAttestationParameters GetAttestationParameters(strin
         }
 
         // When overridden in a derived class, performs enclave attestation, generates a symmetric key for the session, creates a an enclave session and stores the session information in the cache.
-        internal override void CreateEnclaveSession(byte[] attestationInfo, ECDiffieHellmanCng clientDHKey, EnclaveSessionParameters enclaveSessionParameters, byte[] customData, int customDataLength, out SqlEnclaveSession sqlEnclaveSession, out long counter)
+        internal override void CreateEnclaveSession(byte[] attestationInfo, ECDiffieHellman clientDHKey, EnclaveSessionParameters enclaveSessionParameters, byte[] customData, int customDataLength, out SqlEnclaveSession sqlEnclaveSession, out long counter)
         {
             ////for simulator: enclave does not send public key, and sends an empty attestation info
             //// The only non-trivial content it sends is the session setup info (DH pubkey of enclave)
@@ -84,8 +84,9 @@ internal override void CreateEnclaveSession(byte[] attestationInfo, ECDiffieHell
                         Buffer.BlockCopy(attestationInfo, attestationInfoOffset, trustedModuleDHPublicKeySignature, 0,
                             checked((int)sizeOfTrustedModuleDHPublicKeySignatureBuffer));
 
-                        CngKey k = CngKey.Import(trustedModuleDHPublicKey, CngKeyBlobFormat.EccPublicBlob);
-                        byte[] sharedSecret = clientDHKey.DeriveKeyMaterial(k);
+                        byte[] sharedSecret;
+                        using ECDiffieHellman ecdh = KeyConverter.CreateECDiffieHellmanFromPublicKeyBlob(trustedModuleDHPublicKey);
+                        sharedSecret = KeyConverter.DeriveKey(clientDHKey, ecdh.PublicKey);
                         long sessionId = BitConverter.ToInt64(enclaveSessionHandle, 0);
                         sqlEnclaveSession = AddEnclaveSessionToCache(enclaveSessionParameters, sharedSecret, sessionId, out counter);
                     }