Code:
/ 4.0 / 4.0 / DEVDIV_TFS / Dev10 / Releases / RTMRel / ndp / cdf / src / WCF / IdentityModel / System / IdentityModel / Tokens / X509AsymmetricSecurityKey.cs / 1305376 / X509AsymmetricSecurityKey.cs
//------------------------------------------------------------ // Copyright (c) Microsoft Corporation. All rights reserved. //----------------------------------------------------------- namespace System.IdentityModel.Tokens { using System.Security.Cryptography; using System.Security.Cryptography.X509Certificates; using System.Security.Cryptography.Xml; public class X509AsymmetricSecurityKey : AsymmetricSecurityKey { X509Certificate2 certificate; AsymmetricAlgorithm privateKey; bool privateKeyAvailabilityDetermined; PublicKey publicKey; object thisLock = new Object(); public X509AsymmetricSecurityKey( X509Certificate2 certificate ) { if ( certificate == null ) throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull( "certificate" ); this.certificate = certificate; } public override int KeySize { get { return this.PublicKey.Key.KeySize; } } AsymmetricAlgorithm PrivateKey { get { if ( !this.privateKeyAvailabilityDetermined ) { lock ( ThisLock ) { if ( !this.privateKeyAvailabilityDetermined ) { this.privateKey = this.certificate.PrivateKey; this.privateKeyAvailabilityDetermined = true; } } } return this.privateKey; } } PublicKey PublicKey { get { if ( this.publicKey == null ) { lock ( ThisLock ) { if ( this.publicKey == null ) { this.publicKey = this.certificate.PublicKey; } } } return this.publicKey; } } Object ThisLock { get { return thisLock; } } public override byte[] DecryptKey( string algorithm, byte[] keyData ) { // We can decrypt key only if we have the private key in the certificate. if ( this.PrivateKey == null ) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.MissingPrivateKey ) ) ); } RSA rsa = this.PrivateKey as RSA; if ( rsa == null ) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.PrivateKeyNotRSA ) ) ); } // Support exchange keySpec, AT_EXCHANGE ? if ( rsa.KeyExchangeAlgorithm == null ) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.PrivateKeyExchangeNotSupported ) ) ); } switch ( algorithm ) { case EncryptedXml.XmlEncRSA15Url: return EncryptedXml.DecryptKey( keyData, rsa, false ); case EncryptedXml.XmlEncRSAOAEPUrl: return EncryptedXml.DecryptKey( keyData, rsa, true ); default: if ( IsSupportedAlgorithm( algorithm ) ) return EncryptedXml.DecryptKey( keyData, rsa, true ); throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.UnsupportedCryptoAlgorithm, algorithm ) ) ); } } public override byte[] EncryptKey( string algorithm, byte[] keyData ) { // Ensure that we have an RSA algorithm object RSA rsa = this.PublicKey.Key as RSA; if ( rsa == null ) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.PublicKeyNotRSA ) ) ); } switch ( algorithm ) { case EncryptedXml.XmlEncRSA15Url: return EncryptedXml.EncryptKey( keyData, rsa, false ); case EncryptedXml.XmlEncRSAOAEPUrl: return EncryptedXml.EncryptKey( keyData, rsa, true ); default: if ( IsSupportedAlgorithm( algorithm ) ) return EncryptedXml.EncryptKey( keyData, rsa, true ); throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.UnsupportedCryptoAlgorithm, algorithm ) ) ); } } public override AsymmetricAlgorithm GetAsymmetricAlgorithm( string algorithm, bool privateKey ) { if ( privateKey ) { if ( this.PrivateKey == null ) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.MissingPrivateKey ) ) ); } if ( String.IsNullOrEmpty( algorithm ) ) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgument( algorithm, SR.GetString( SR.EmptyOrNullArgumentString, "algorithm" ) ); } switch ( algorithm ) { case SignedXml.XmlDsigDSAUrl: if ( ( this.PrivateKey as DSA ) != null ) { return ( this.PrivateKey as DSA ); } throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.AlgorithmAndPrivateKeyMisMatch ) ) ); case SignedXml.XmlDsigRSASHA1Url: case SecurityAlgorithms.RsaSha256Signature: case EncryptedXml.XmlEncRSA15Url: case EncryptedXml.XmlEncRSAOAEPUrl: if ( ( this.PrivateKey as RSA ) != null ) { return ( this.PrivateKey as RSA ); } throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.AlgorithmAndPrivateKeyMisMatch ) ) ); default: if ( IsSupportedAlgorithm( algorithm ) ) return this.PrivateKey; else throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.UnsupportedCryptoAlgorithm, algorithm ) ) ); } } else { switch ( algorithm ) { case SignedXml.XmlDsigDSAUrl: if ( ( this.PublicKey.Key as DSA ) != null ) { return ( this.PublicKey.Key as DSA ); } throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.AlgorithmAndPublicKeyMisMatch ) ) ); case SignedXml.XmlDsigRSASHA1Url: case SecurityAlgorithms.RsaSha256Signature: case EncryptedXml.XmlEncRSA15Url: case EncryptedXml.XmlEncRSAOAEPUrl: if ( ( this.PublicKey.Key as RSA ) != null ) { return ( this.PublicKey.Key as RSA ); } throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.AlgorithmAndPublicKeyMisMatch ) ) ); default: throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.UnsupportedCryptoAlgorithm, algorithm ) ) ); } } } public override HashAlgorithm GetHashAlgorithmForSignature( string algorithm ) { if ( String.IsNullOrEmpty( algorithm ) ) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgument( algorithm, SR.GetString( SR.EmptyOrNullArgumentString, "algorithm" ) ); } object algorithmObject = CryptoHelper.GetAlgorithmFromConfig( algorithm ); if ( algorithmObject != null ) { SignatureDescription description = algorithmObject as SignatureDescription; if ( description != null ) return description.CreateDigest(); HashAlgorithm hashAlgorithm = algorithmObject as HashAlgorithm; if ( hashAlgorithm != null ) return hashAlgorithm; throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new CryptographicException( SR.GetString( SR.UnsupportedAlgorithmForCryptoOperation, algorithm, "CreateDigest" ) ) ); } switch ( algorithm ) { case SignedXml.XmlDsigDSAUrl: case SignedXml.XmlDsigRSASHA1Url: return CryptoHelper.NewSha1HashAlgorithm(); case SecurityAlgorithms.RsaSha256Signature: return CryptoHelper.NewSha256HashAlgorithm(); default: throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.UnsupportedCryptoAlgorithm, algorithm ) ) ); } } public override AsymmetricSignatureDeformatter GetSignatureDeformatter( string algorithm ) { // We support one of the two algoritms, but not both. // XmlDsigDSAUrl = "http://www.w3.org/2000/09/xmldsig#dsa-sha1"; // XmlDsigRSASHA1Url = "http://www.w3.org/2000/09/xmldsig#rsa-sha1"; if ( String.IsNullOrEmpty( algorithm ) ) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgument( algorithm, SR.GetString( SR.EmptyOrNullArgumentString, "algorithm" ) ); } object algorithmObject = CryptoHelper.GetAlgorithmFromConfig( algorithm ); if ( algorithmObject != null ) { SignatureDescription description = algorithmObject as SignatureDescription; if ( description != null ) return description.CreateDeformatter( this.PublicKey.Key ); try { AsymmetricSignatureDeformatter asymmetricSignatureDeformatter = algorithmObject as AsymmetricSignatureDeformatter; if ( asymmetricSignatureDeformatter != null ) { asymmetricSignatureDeformatter.SetKey( this.PublicKey.Key ); return asymmetricSignatureDeformatter; } } catch ( InvalidCastException e ) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.AlgorithmAndPublicKeyMisMatch ), e ) ); } throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new CryptographicException( SR.GetString( SR.UnsupportedAlgorithmForCryptoOperation, algorithm, "GetSignatureDeformatter" ) ) ); } switch ( algorithm ) { case SignedXml.XmlDsigDSAUrl: // Ensure that we have a DSA algorithm object. DSA dsa = ( this.PublicKey.Key as DSA ); if ( dsa == null ) throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.PublicKeyNotDSA ) ) ); return new DSASignatureDeformatter( dsa ); case SignedXml.XmlDsigRSASHA1Url: case SecurityAlgorithms.RsaSha256Signature: // Ensure that we have an RSA algorithm object. RSA rsa = ( this.PublicKey.Key as RSA ); if ( rsa == null ) throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.PublicKeyNotRSA ) ) ); return new RSAPKCS1SignatureDeformatter( rsa ); default: throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.UnsupportedCryptoAlgorithm, algorithm ) ) ); } } public override AsymmetricSignatureFormatter GetSignatureFormatter( string algorithm ) { // One can sign only if the private key is present. if ( this.PrivateKey == null ) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.MissingPrivateKey ) ) ); } if ( String.IsNullOrEmpty( algorithm ) ) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgument( algorithm, SR.GetString( SR.EmptyOrNullArgumentString, "algorithm" ) ); } // We support one of the two algoritms, but not both. // XmlDsigDSAUrl = "http://www.w3.org/2000/09/xmldsig#dsa-sha1"; // XmlDsigRSASHA1Url = "http://www.w3.org/2000/09/xmldsig#rsa-sha1"; object algorithmObject = CryptoHelper.GetAlgorithmFromConfig( algorithm ); if ( algorithmObject != null ) { SignatureDescription description = algorithmObject as SignatureDescription; if ( description != null ) return description.CreateFormatter( this.PrivateKey ); try { AsymmetricSignatureFormatter asymmetricSignatureFormatter = algorithmObject as AsymmetricSignatureFormatter; if ( asymmetricSignatureFormatter != null ) { asymmetricSignatureFormatter.SetKey( this.PrivateKey ); return asymmetricSignatureFormatter; } } catch ( InvalidCastException e ) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.AlgorithmAndPrivateKeyMisMatch ), e ) ); } throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new CryptographicException( SR.GetString( SR.UnsupportedAlgorithmForCryptoOperation, algorithm, "GetSignatureFormatter" ) ) ); } switch ( algorithm ) { case SignedXml.XmlDsigDSAUrl: // Ensure that we have a DSA algorithm object. DSA dsa = ( this.PrivateKey as DSA ); if ( dsa == null ) throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.PrivateKeyNotDSA ) ) ); return new DSASignatureFormatter( dsa ); case SignedXml.XmlDsigRSASHA1Url: // Ensure that we have an RSA algorithm object. RSA rsa = ( this.PrivateKey as RSA ); if ( rsa == null ) throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.PrivateKeyNotRSA ) ) ); return new RSAPKCS1SignatureFormatter( rsa ); case SecurityAlgorithms.RsaSha256Signature: // Ensure that we have an RSA algorithm object. RSACryptoServiceProvider rsa_prov_full = ( this.PrivateKey as RSACryptoServiceProvider ); if ( rsa_prov_full == null ) throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.PrivateKeyNotRSA ) ) ); CspParameters csp = new CspParameters(); csp.ProviderType = 24; csp.KeyContainerName = rsa_prov_full.CspKeyContainerInfo.KeyContainerName; csp.KeyNumber = (int)rsa_prov_full.CspKeyContainerInfo.KeyNumber; if ( rsa_prov_full.CspKeyContainerInfo.MachineKeyStore ) csp.Flags = CspProviderFlags.UseMachineKeyStore; return new RSAPKCS1SignatureFormatter( new RSACryptoServiceProvider( csp ) ); default: throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.UnsupportedCryptoAlgorithm, algorithm ) ) ); } } public override bool HasPrivateKey() { return ( this.PrivateKey != null ); } public override bool IsAsymmetricAlgorithm( string algorithm ) { if ( String.IsNullOrEmpty( algorithm ) ) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgument( algorithm, SR.GetString( SR.EmptyOrNullArgumentString, "algorithm" ) ); } return ( CryptoHelper.IsAsymmetricAlgorithm( algorithm ) ); } public override bool IsSupportedAlgorithm( string algorithm ) { if ( String.IsNullOrEmpty( algorithm ) ) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgument( algorithm, SR.GetString( SR.EmptyOrNullArgumentString, "algorithm" ) ); } object algorithmObject = null; try { algorithmObject = CryptoHelper.GetAlgorithmFromConfig( algorithm ); } catch (InvalidOperationException) { algorithm = null; } if ( algorithmObject != null ) { SignatureDescription signatureDescription = algorithmObject as SignatureDescription; if ( signatureDescription != null ) return true; AsymmetricAlgorithm asymmetricAlgorithm = algorithmObject as AsymmetricAlgorithm; if ( asymmetricAlgorithm != null ) return true; return false; } switch ( algorithm ) { case SignedXml.XmlDsigDSAUrl: return ( this.PublicKey.Key is DSA ); case SignedXml.XmlDsigRSASHA1Url: case SecurityAlgorithms.RsaSha256Signature: case EncryptedXml.XmlEncRSA15Url: case EncryptedXml.XmlEncRSAOAEPUrl: return ( this.PublicKey.Key is RSA ); default: return false; } } public override bool IsSymmetricAlgorithm( string algorithm ) { return CryptoHelper.IsSymmetricAlgorithm( algorithm ); } } } // File provided for Reference Use Only by Microsoft Corporation (c) 2007. // Copyright (c) Microsoft Corporation. All rights reserved. //------------------------------------------------------------ // Copyright (c) Microsoft Corporation. All rights reserved. //----------------------------------------------------------- namespace System.IdentityModel.Tokens { using System.Security.Cryptography; using System.Security.Cryptography.X509Certificates; using System.Security.Cryptography.Xml; public class X509AsymmetricSecurityKey : AsymmetricSecurityKey { X509Certificate2 certificate; AsymmetricAlgorithm privateKey; bool privateKeyAvailabilityDetermined; PublicKey publicKey; object thisLock = new Object(); public X509AsymmetricSecurityKey( X509Certificate2 certificate ) { if ( certificate == null ) throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull( "certificate" ); this.certificate = certificate; } public override int KeySize { get { return this.PublicKey.Key.KeySize; } } AsymmetricAlgorithm PrivateKey { get { if ( !this.privateKeyAvailabilityDetermined ) { lock ( ThisLock ) { if ( !this.privateKeyAvailabilityDetermined ) { this.privateKey = this.certificate.PrivateKey; this.privateKeyAvailabilityDetermined = true; } } } return this.privateKey; } } PublicKey PublicKey { get { if ( this.publicKey == null ) { lock ( ThisLock ) { if ( this.publicKey == null ) { this.publicKey = this.certificate.PublicKey; } } } return this.publicKey; } } Object ThisLock { get { return thisLock; } } public override byte[] DecryptKey( string algorithm, byte[] keyData ) { // We can decrypt key only if we have the private key in the certificate. if ( this.PrivateKey == null ) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.MissingPrivateKey ) ) ); } RSA rsa = this.PrivateKey as RSA; if ( rsa == null ) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.PrivateKeyNotRSA ) ) ); } // Support exchange keySpec, AT_EXCHANGE ? if ( rsa.KeyExchangeAlgorithm == null ) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.PrivateKeyExchangeNotSupported ) ) ); } switch ( algorithm ) { case EncryptedXml.XmlEncRSA15Url: return EncryptedXml.DecryptKey( keyData, rsa, false ); case EncryptedXml.XmlEncRSAOAEPUrl: return EncryptedXml.DecryptKey( keyData, rsa, true ); default: if ( IsSupportedAlgorithm( algorithm ) ) return EncryptedXml.DecryptKey( keyData, rsa, true ); throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.UnsupportedCryptoAlgorithm, algorithm ) ) ); } } public override byte[] EncryptKey( string algorithm, byte[] keyData ) { // Ensure that we have an RSA algorithm object RSA rsa = this.PublicKey.Key as RSA; if ( rsa == null ) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.PublicKeyNotRSA ) ) ); } switch ( algorithm ) { case EncryptedXml.XmlEncRSA15Url: return EncryptedXml.EncryptKey( keyData, rsa, false ); case EncryptedXml.XmlEncRSAOAEPUrl: return EncryptedXml.EncryptKey( keyData, rsa, true ); default: if ( IsSupportedAlgorithm( algorithm ) ) return EncryptedXml.EncryptKey( keyData, rsa, true ); throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.UnsupportedCryptoAlgorithm, algorithm ) ) ); } } public override AsymmetricAlgorithm GetAsymmetricAlgorithm( string algorithm, bool privateKey ) { if ( privateKey ) { if ( this.PrivateKey == null ) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.MissingPrivateKey ) ) ); } if ( String.IsNullOrEmpty( algorithm ) ) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgument( algorithm, SR.GetString( SR.EmptyOrNullArgumentString, "algorithm" ) ); } switch ( algorithm ) { case SignedXml.XmlDsigDSAUrl: if ( ( this.PrivateKey as DSA ) != null ) { return ( this.PrivateKey as DSA ); } throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.AlgorithmAndPrivateKeyMisMatch ) ) ); case SignedXml.XmlDsigRSASHA1Url: case SecurityAlgorithms.RsaSha256Signature: case EncryptedXml.XmlEncRSA15Url: case EncryptedXml.XmlEncRSAOAEPUrl: if ( ( this.PrivateKey as RSA ) != null ) { return ( this.PrivateKey as RSA ); } throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.AlgorithmAndPrivateKeyMisMatch ) ) ); default: if ( IsSupportedAlgorithm( algorithm ) ) return this.PrivateKey; else throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.UnsupportedCryptoAlgorithm, algorithm ) ) ); } } else { switch ( algorithm ) { case SignedXml.XmlDsigDSAUrl: if ( ( this.PublicKey.Key as DSA ) != null ) { return ( this.PublicKey.Key as DSA ); } throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.AlgorithmAndPublicKeyMisMatch ) ) ); case SignedXml.XmlDsigRSASHA1Url: case SecurityAlgorithms.RsaSha256Signature: case EncryptedXml.XmlEncRSA15Url: case EncryptedXml.XmlEncRSAOAEPUrl: if ( ( this.PublicKey.Key as RSA ) != null ) { return ( this.PublicKey.Key as RSA ); } throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.AlgorithmAndPublicKeyMisMatch ) ) ); default: throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.UnsupportedCryptoAlgorithm, algorithm ) ) ); } } } public override HashAlgorithm GetHashAlgorithmForSignature( string algorithm ) { if ( String.IsNullOrEmpty( algorithm ) ) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgument( algorithm, SR.GetString( SR.EmptyOrNullArgumentString, "algorithm" ) ); } object algorithmObject = CryptoHelper.GetAlgorithmFromConfig( algorithm ); if ( algorithmObject != null ) { SignatureDescription description = algorithmObject as SignatureDescription; if ( description != null ) return description.CreateDigest(); HashAlgorithm hashAlgorithm = algorithmObject as HashAlgorithm; if ( hashAlgorithm != null ) return hashAlgorithm; throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new CryptographicException( SR.GetString( SR.UnsupportedAlgorithmForCryptoOperation, algorithm, "CreateDigest" ) ) ); } switch ( algorithm ) { case SignedXml.XmlDsigDSAUrl: case SignedXml.XmlDsigRSASHA1Url: return CryptoHelper.NewSha1HashAlgorithm(); case SecurityAlgorithms.RsaSha256Signature: return CryptoHelper.NewSha256HashAlgorithm(); default: throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.UnsupportedCryptoAlgorithm, algorithm ) ) ); } } public override AsymmetricSignatureDeformatter GetSignatureDeformatter( string algorithm ) { // We support one of the two algoritms, but not both. // XmlDsigDSAUrl = "http://www.w3.org/2000/09/xmldsig#dsa-sha1"; // XmlDsigRSASHA1Url = "http://www.w3.org/2000/09/xmldsig#rsa-sha1"; if ( String.IsNullOrEmpty( algorithm ) ) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgument( algorithm, SR.GetString( SR.EmptyOrNullArgumentString, "algorithm" ) ); } object algorithmObject = CryptoHelper.GetAlgorithmFromConfig( algorithm ); if ( algorithmObject != null ) { SignatureDescription description = algorithmObject as SignatureDescription; if ( description != null ) return description.CreateDeformatter( this.PublicKey.Key ); try { AsymmetricSignatureDeformatter asymmetricSignatureDeformatter = algorithmObject as AsymmetricSignatureDeformatter; if ( asymmetricSignatureDeformatter != null ) { asymmetricSignatureDeformatter.SetKey( this.PublicKey.Key ); return asymmetricSignatureDeformatter; } } catch ( InvalidCastException e ) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.AlgorithmAndPublicKeyMisMatch ), e ) ); } throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new CryptographicException( SR.GetString( SR.UnsupportedAlgorithmForCryptoOperation, algorithm, "GetSignatureDeformatter" ) ) ); } switch ( algorithm ) { case SignedXml.XmlDsigDSAUrl: // Ensure that we have a DSA algorithm object. DSA dsa = ( this.PublicKey.Key as DSA ); if ( dsa == null ) throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.PublicKeyNotDSA ) ) ); return new DSASignatureDeformatter( dsa ); case SignedXml.XmlDsigRSASHA1Url: case SecurityAlgorithms.RsaSha256Signature: // Ensure that we have an RSA algorithm object. RSA rsa = ( this.PublicKey.Key as RSA ); if ( rsa == null ) throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.PublicKeyNotRSA ) ) ); return new RSAPKCS1SignatureDeformatter( rsa ); default: throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.UnsupportedCryptoAlgorithm, algorithm ) ) ); } } public override AsymmetricSignatureFormatter GetSignatureFormatter( string algorithm ) { // One can sign only if the private key is present. if ( this.PrivateKey == null ) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.MissingPrivateKey ) ) ); } if ( String.IsNullOrEmpty( algorithm ) ) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgument( algorithm, SR.GetString( SR.EmptyOrNullArgumentString, "algorithm" ) ); } // We support one of the two algoritms, but not both. // XmlDsigDSAUrl = "http://www.w3.org/2000/09/xmldsig#dsa-sha1"; // XmlDsigRSASHA1Url = "http://www.w3.org/2000/09/xmldsig#rsa-sha1"; object algorithmObject = CryptoHelper.GetAlgorithmFromConfig( algorithm ); if ( algorithmObject != null ) { SignatureDescription description = algorithmObject as SignatureDescription; if ( description != null ) return description.CreateFormatter( this.PrivateKey ); try { AsymmetricSignatureFormatter asymmetricSignatureFormatter = algorithmObject as AsymmetricSignatureFormatter; if ( asymmetricSignatureFormatter != null ) { asymmetricSignatureFormatter.SetKey( this.PrivateKey ); return asymmetricSignatureFormatter; } } catch ( InvalidCastException e ) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.AlgorithmAndPrivateKeyMisMatch ), e ) ); } throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new CryptographicException( SR.GetString( SR.UnsupportedAlgorithmForCryptoOperation, algorithm, "GetSignatureFormatter" ) ) ); } switch ( algorithm ) { case SignedXml.XmlDsigDSAUrl: // Ensure that we have a DSA algorithm object. DSA dsa = ( this.PrivateKey as DSA ); if ( dsa == null ) throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.PrivateKeyNotDSA ) ) ); return new DSASignatureFormatter( dsa ); case SignedXml.XmlDsigRSASHA1Url: // Ensure that we have an RSA algorithm object. RSA rsa = ( this.PrivateKey as RSA ); if ( rsa == null ) throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.PrivateKeyNotRSA ) ) ); return new RSAPKCS1SignatureFormatter( rsa ); case SecurityAlgorithms.RsaSha256Signature: // Ensure that we have an RSA algorithm object. RSACryptoServiceProvider rsa_prov_full = ( this.PrivateKey as RSACryptoServiceProvider ); if ( rsa_prov_full == null ) throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.PrivateKeyNotRSA ) ) ); CspParameters csp = new CspParameters(); csp.ProviderType = 24; csp.KeyContainerName = rsa_prov_full.CspKeyContainerInfo.KeyContainerName; csp.KeyNumber = (int)rsa_prov_full.CspKeyContainerInfo.KeyNumber; if ( rsa_prov_full.CspKeyContainerInfo.MachineKeyStore ) csp.Flags = CspProviderFlags.UseMachineKeyStore; return new RSAPKCS1SignatureFormatter( new RSACryptoServiceProvider( csp ) ); default: throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.UnsupportedCryptoAlgorithm, algorithm ) ) ); } } public override bool HasPrivateKey() { return ( this.PrivateKey != null ); } public override bool IsAsymmetricAlgorithm( string algorithm ) { if ( String.IsNullOrEmpty( algorithm ) ) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgument( algorithm, SR.GetString( SR.EmptyOrNullArgumentString, "algorithm" ) ); } return ( CryptoHelper.IsAsymmetricAlgorithm( algorithm ) ); } public override bool IsSupportedAlgorithm( string algorithm ) { if ( String.IsNullOrEmpty( algorithm ) ) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgument( algorithm, SR.GetString( SR.EmptyOrNullArgumentString, "algorithm" ) ); } object algorithmObject = null; try { algorithmObject = CryptoHelper.GetAlgorithmFromConfig( algorithm ); } catch (InvalidOperationException) { algorithm = null; } if ( algorithmObject != null ) { SignatureDescription signatureDescription = algorithmObject as SignatureDescription; if ( signatureDescription != null ) return true; AsymmetricAlgorithm asymmetricAlgorithm = algorithmObject as AsymmetricAlgorithm; if ( asymmetricAlgorithm != null ) return true; return false; } switch ( algorithm ) { case SignedXml.XmlDsigDSAUrl: return ( this.PublicKey.Key is DSA ); case SignedXml.XmlDsigRSASHA1Url: case SecurityAlgorithms.RsaSha256Signature: case EncryptedXml.XmlEncRSA15Url: case EncryptedXml.XmlEncRSAOAEPUrl: return ( this.PublicKey.Key is RSA ); default: return false; } } public override bool IsSymmetricAlgorithm( string algorithm ) { return CryptoHelper.IsSymmetricAlgorithm( algorithm ); } } } // File provided for Reference Use Only by Microsoft Corporation (c) 2007. // Copyright (c) Microsoft Corporation. All rights reserved.
Link Menu
This book is available now!
Buy at Amazon US or
Buy at Amazon UK
- SqlProviderManifest.cs
- Image.cs
- Freezable.cs
- OdbcDataReader.cs
- CreateUserErrorEventArgs.cs
- NavigationWindowAutomationPeer.cs
- ReflectionUtil.cs
- RelationshipEndCollection.cs
- DeviceContext.cs
- TextServicesHost.cs
- TrackingProfileDeserializationException.cs
- BuildResultCache.cs
- Pkcs7Signer.cs
- StrokeCollectionDefaultValueFactory.cs
- OracleCommand.cs
- CodeIdentifiers.cs
- WebBrowser.cs
- SourceFileInfo.cs
- KerberosRequestorSecurityToken.cs
- IInstanceTable.cs
- FixUpCollection.cs
- IPPacketInformation.cs
- PersistNameAttribute.cs
- StringFreezingAttribute.cs
- ServiceOperationWrapper.cs
- PeerEndPoint.cs
- PagedControl.cs
- XmlILTrace.cs
- EntityExpressionVisitor.cs
- DataGridViewBand.cs
- SelectionHighlightInfo.cs
- FieldDescriptor.cs
- ManagementObjectCollection.cs
- CreateRefExpr.cs
- dataprotectionpermission.cs
- DecoderBestFitFallback.cs
- NativeObjectSecurity.cs
- CommonXSendMessage.cs
- WorkflowItemsPresenter.cs
- Listbox.cs
- EventArgs.cs
- NonSerializedAttribute.cs
- WriteTimeStream.cs
- OdbcEnvironmentHandle.cs
- ServicePerformanceCounters.cs
- HttpListenerContext.cs
- PointCollection.cs
- ConsoleEntryPoint.cs
- FormViewUpdatedEventArgs.cs
- HostedBindingBehavior.cs
- TextServicesCompartmentEventSink.cs
- RulePatternOps.cs
- SqlGenericUtil.cs
- Message.cs
- SubstitutionList.cs
- EventSinkActivityDesigner.cs
- Vector3D.cs
- PasswordBoxAutomationPeer.cs
- DataGridViewElement.cs
- ThreadAttributes.cs
- BindingRestrictions.cs
- SingleAnimationBase.cs
- PolyLineSegment.cs
- ActiveXHelper.cs
- TableLayout.cs
- xmlglyphRunInfo.cs
- DomNameTable.cs
- AdornerLayer.cs
- QuadTree.cs
- Rect.cs
- ResourceDictionary.cs
- XmlBinaryReaderSession.cs
- DataGridViewRowPrePaintEventArgs.cs
- TextServicesContext.cs
- _SpnDictionary.cs
- SettingsPropertyValueCollection.cs
- Win32NamedPipes.cs
- CollectionBase.cs
- Error.cs
- CurrentTimeZone.cs
- AppSettingsExpressionBuilder.cs
- SerializableAttribute.cs
- ConfigurationProperty.cs
- CreationContext.cs
- ThousandthOfEmRealDoubles.cs
- ResetableIterator.cs
- Lease.cs
- SmiMetaDataProperty.cs
- OdbcRowUpdatingEvent.cs
- GorillaCodec.cs
- ComplexTypeEmitter.cs
- PageEventArgs.cs
- SystemKeyConverter.cs
- OptimalTextSource.cs
- SystemGatewayIPAddressInformation.cs
- Monitor.cs
- DataGridLinkButton.cs
- RtfControls.cs
- PageTheme.cs
- PointLightBase.cs