Code:
/ 4.0 / 4.0 / DEVDIV_TFS / Dev10 / Releases / RTMRel / ndp / cdf / src / WCF / IdentityModel / System / IdentityModel / Tokens / X509AsymmetricSecurityKey.cs / 1305376 / X509AsymmetricSecurityKey.cs
//------------------------------------------------------------ // Copyright (c) Microsoft Corporation. All rights reserved. //----------------------------------------------------------- namespace System.IdentityModel.Tokens { using System.Security.Cryptography; using System.Security.Cryptography.X509Certificates; using System.Security.Cryptography.Xml; public class X509AsymmetricSecurityKey : AsymmetricSecurityKey { X509Certificate2 certificate; AsymmetricAlgorithm privateKey; bool privateKeyAvailabilityDetermined; PublicKey publicKey; object thisLock = new Object(); public X509AsymmetricSecurityKey( X509Certificate2 certificate ) { if ( certificate == null ) throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull( "certificate" ); this.certificate = certificate; } public override int KeySize { get { return this.PublicKey.Key.KeySize; } } AsymmetricAlgorithm PrivateKey { get { if ( !this.privateKeyAvailabilityDetermined ) { lock ( ThisLock ) { if ( !this.privateKeyAvailabilityDetermined ) { this.privateKey = this.certificate.PrivateKey; this.privateKeyAvailabilityDetermined = true; } } } return this.privateKey; } } PublicKey PublicKey { get { if ( this.publicKey == null ) { lock ( ThisLock ) { if ( this.publicKey == null ) { this.publicKey = this.certificate.PublicKey; } } } return this.publicKey; } } Object ThisLock { get { return thisLock; } } public override byte[] DecryptKey( string algorithm, byte[] keyData ) { // We can decrypt key only if we have the private key in the certificate. if ( this.PrivateKey == null ) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.MissingPrivateKey ) ) ); } RSA rsa = this.PrivateKey as RSA; if ( rsa == null ) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.PrivateKeyNotRSA ) ) ); } // Support exchange keySpec, AT_EXCHANGE ? if ( rsa.KeyExchangeAlgorithm == null ) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.PrivateKeyExchangeNotSupported ) ) ); } switch ( algorithm ) { case EncryptedXml.XmlEncRSA15Url: return EncryptedXml.DecryptKey( keyData, rsa, false ); case EncryptedXml.XmlEncRSAOAEPUrl: return EncryptedXml.DecryptKey( keyData, rsa, true ); default: if ( IsSupportedAlgorithm( algorithm ) ) return EncryptedXml.DecryptKey( keyData, rsa, true ); throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.UnsupportedCryptoAlgorithm, algorithm ) ) ); } } public override byte[] EncryptKey( string algorithm, byte[] keyData ) { // Ensure that we have an RSA algorithm object RSA rsa = this.PublicKey.Key as RSA; if ( rsa == null ) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.PublicKeyNotRSA ) ) ); } switch ( algorithm ) { case EncryptedXml.XmlEncRSA15Url: return EncryptedXml.EncryptKey( keyData, rsa, false ); case EncryptedXml.XmlEncRSAOAEPUrl: return EncryptedXml.EncryptKey( keyData, rsa, true ); default: if ( IsSupportedAlgorithm( algorithm ) ) return EncryptedXml.EncryptKey( keyData, rsa, true ); throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.UnsupportedCryptoAlgorithm, algorithm ) ) ); } } public override AsymmetricAlgorithm GetAsymmetricAlgorithm( string algorithm, bool privateKey ) { if ( privateKey ) { if ( this.PrivateKey == null ) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.MissingPrivateKey ) ) ); } if ( String.IsNullOrEmpty( algorithm ) ) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgument( algorithm, SR.GetString( SR.EmptyOrNullArgumentString, "algorithm" ) ); } switch ( algorithm ) { case SignedXml.XmlDsigDSAUrl: if ( ( this.PrivateKey as DSA ) != null ) { return ( this.PrivateKey as DSA ); } throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.AlgorithmAndPrivateKeyMisMatch ) ) ); case SignedXml.XmlDsigRSASHA1Url: case SecurityAlgorithms.RsaSha256Signature: case EncryptedXml.XmlEncRSA15Url: case EncryptedXml.XmlEncRSAOAEPUrl: if ( ( this.PrivateKey as RSA ) != null ) { return ( this.PrivateKey as RSA ); } throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.AlgorithmAndPrivateKeyMisMatch ) ) ); default: if ( IsSupportedAlgorithm( algorithm ) ) return this.PrivateKey; else throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.UnsupportedCryptoAlgorithm, algorithm ) ) ); } } else { switch ( algorithm ) { case SignedXml.XmlDsigDSAUrl: if ( ( this.PublicKey.Key as DSA ) != null ) { return ( this.PublicKey.Key as DSA ); } throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.AlgorithmAndPublicKeyMisMatch ) ) ); case SignedXml.XmlDsigRSASHA1Url: case SecurityAlgorithms.RsaSha256Signature: case EncryptedXml.XmlEncRSA15Url: case EncryptedXml.XmlEncRSAOAEPUrl: if ( ( this.PublicKey.Key as RSA ) != null ) { return ( this.PublicKey.Key as RSA ); } throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.AlgorithmAndPublicKeyMisMatch ) ) ); default: throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.UnsupportedCryptoAlgorithm, algorithm ) ) ); } } } public override HashAlgorithm GetHashAlgorithmForSignature( string algorithm ) { if ( String.IsNullOrEmpty( algorithm ) ) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgument( algorithm, SR.GetString( SR.EmptyOrNullArgumentString, "algorithm" ) ); } object algorithmObject = CryptoHelper.GetAlgorithmFromConfig( algorithm ); if ( algorithmObject != null ) { SignatureDescription description = algorithmObject as SignatureDescription; if ( description != null ) return description.CreateDigest(); HashAlgorithm hashAlgorithm = algorithmObject as HashAlgorithm; if ( hashAlgorithm != null ) return hashAlgorithm; throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new CryptographicException( SR.GetString( SR.UnsupportedAlgorithmForCryptoOperation, algorithm, "CreateDigest" ) ) ); } switch ( algorithm ) { case SignedXml.XmlDsigDSAUrl: case SignedXml.XmlDsigRSASHA1Url: return CryptoHelper.NewSha1HashAlgorithm(); case SecurityAlgorithms.RsaSha256Signature: return CryptoHelper.NewSha256HashAlgorithm(); default: throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.UnsupportedCryptoAlgorithm, algorithm ) ) ); } } public override AsymmetricSignatureDeformatter GetSignatureDeformatter( string algorithm ) { // We support one of the two algoritms, but not both. // XmlDsigDSAUrl = "http://www.w3.org/2000/09/xmldsig#dsa-sha1"; // XmlDsigRSASHA1Url = "http://www.w3.org/2000/09/xmldsig#rsa-sha1"; if ( String.IsNullOrEmpty( algorithm ) ) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgument( algorithm, SR.GetString( SR.EmptyOrNullArgumentString, "algorithm" ) ); } object algorithmObject = CryptoHelper.GetAlgorithmFromConfig( algorithm ); if ( algorithmObject != null ) { SignatureDescription description = algorithmObject as SignatureDescription; if ( description != null ) return description.CreateDeformatter( this.PublicKey.Key ); try { AsymmetricSignatureDeformatter asymmetricSignatureDeformatter = algorithmObject as AsymmetricSignatureDeformatter; if ( asymmetricSignatureDeformatter != null ) { asymmetricSignatureDeformatter.SetKey( this.PublicKey.Key ); return asymmetricSignatureDeformatter; } } catch ( InvalidCastException e ) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.AlgorithmAndPublicKeyMisMatch ), e ) ); } throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new CryptographicException( SR.GetString( SR.UnsupportedAlgorithmForCryptoOperation, algorithm, "GetSignatureDeformatter" ) ) ); } switch ( algorithm ) { case SignedXml.XmlDsigDSAUrl: // Ensure that we have a DSA algorithm object. DSA dsa = ( this.PublicKey.Key as DSA ); if ( dsa == null ) throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.PublicKeyNotDSA ) ) ); return new DSASignatureDeformatter( dsa ); case SignedXml.XmlDsigRSASHA1Url: case SecurityAlgorithms.RsaSha256Signature: // Ensure that we have an RSA algorithm object. RSA rsa = ( this.PublicKey.Key as RSA ); if ( rsa == null ) throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.PublicKeyNotRSA ) ) ); return new RSAPKCS1SignatureDeformatter( rsa ); default: throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.UnsupportedCryptoAlgorithm, algorithm ) ) ); } } public override AsymmetricSignatureFormatter GetSignatureFormatter( string algorithm ) { // One can sign only if the private key is present. if ( this.PrivateKey == null ) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.MissingPrivateKey ) ) ); } if ( String.IsNullOrEmpty( algorithm ) ) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgument( algorithm, SR.GetString( SR.EmptyOrNullArgumentString, "algorithm" ) ); } // We support one of the two algoritms, but not both. // XmlDsigDSAUrl = "http://www.w3.org/2000/09/xmldsig#dsa-sha1"; // XmlDsigRSASHA1Url = "http://www.w3.org/2000/09/xmldsig#rsa-sha1"; object algorithmObject = CryptoHelper.GetAlgorithmFromConfig( algorithm ); if ( algorithmObject != null ) { SignatureDescription description = algorithmObject as SignatureDescription; if ( description != null ) return description.CreateFormatter( this.PrivateKey ); try { AsymmetricSignatureFormatter asymmetricSignatureFormatter = algorithmObject as AsymmetricSignatureFormatter; if ( asymmetricSignatureFormatter != null ) { asymmetricSignatureFormatter.SetKey( this.PrivateKey ); return asymmetricSignatureFormatter; } } catch ( InvalidCastException e ) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.AlgorithmAndPrivateKeyMisMatch ), e ) ); } throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new CryptographicException( SR.GetString( SR.UnsupportedAlgorithmForCryptoOperation, algorithm, "GetSignatureFormatter" ) ) ); } switch ( algorithm ) { case SignedXml.XmlDsigDSAUrl: // Ensure that we have a DSA algorithm object. DSA dsa = ( this.PrivateKey as DSA ); if ( dsa == null ) throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.PrivateKeyNotDSA ) ) ); return new DSASignatureFormatter( dsa ); case SignedXml.XmlDsigRSASHA1Url: // Ensure that we have an RSA algorithm object. RSA rsa = ( this.PrivateKey as RSA ); if ( rsa == null ) throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.PrivateKeyNotRSA ) ) ); return new RSAPKCS1SignatureFormatter( rsa ); case SecurityAlgorithms.RsaSha256Signature: // Ensure that we have an RSA algorithm object. RSACryptoServiceProvider rsa_prov_full = ( this.PrivateKey as RSACryptoServiceProvider ); if ( rsa_prov_full == null ) throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.PrivateKeyNotRSA ) ) ); CspParameters csp = new CspParameters(); csp.ProviderType = 24; csp.KeyContainerName = rsa_prov_full.CspKeyContainerInfo.KeyContainerName; csp.KeyNumber = (int)rsa_prov_full.CspKeyContainerInfo.KeyNumber; if ( rsa_prov_full.CspKeyContainerInfo.MachineKeyStore ) csp.Flags = CspProviderFlags.UseMachineKeyStore; return new RSAPKCS1SignatureFormatter( new RSACryptoServiceProvider( csp ) ); default: throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.UnsupportedCryptoAlgorithm, algorithm ) ) ); } } public override bool HasPrivateKey() { return ( this.PrivateKey != null ); } public override bool IsAsymmetricAlgorithm( string algorithm ) { if ( String.IsNullOrEmpty( algorithm ) ) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgument( algorithm, SR.GetString( SR.EmptyOrNullArgumentString, "algorithm" ) ); } return ( CryptoHelper.IsAsymmetricAlgorithm( algorithm ) ); } public override bool IsSupportedAlgorithm( string algorithm ) { if ( String.IsNullOrEmpty( algorithm ) ) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgument( algorithm, SR.GetString( SR.EmptyOrNullArgumentString, "algorithm" ) ); } object algorithmObject = null; try { algorithmObject = CryptoHelper.GetAlgorithmFromConfig( algorithm ); } catch (InvalidOperationException) { algorithm = null; } if ( algorithmObject != null ) { SignatureDescription signatureDescription = algorithmObject as SignatureDescription; if ( signatureDescription != null ) return true; AsymmetricAlgorithm asymmetricAlgorithm = algorithmObject as AsymmetricAlgorithm; if ( asymmetricAlgorithm != null ) return true; return false; } switch ( algorithm ) { case SignedXml.XmlDsigDSAUrl: return ( this.PublicKey.Key is DSA ); case SignedXml.XmlDsigRSASHA1Url: case SecurityAlgorithms.RsaSha256Signature: case EncryptedXml.XmlEncRSA15Url: case EncryptedXml.XmlEncRSAOAEPUrl: return ( this.PublicKey.Key is RSA ); default: return false; } } public override bool IsSymmetricAlgorithm( string algorithm ) { return CryptoHelper.IsSymmetricAlgorithm( algorithm ); } } } // File provided for Reference Use Only by Microsoft Corporation (c) 2007. // Copyright (c) Microsoft Corporation. All rights reserved. //------------------------------------------------------------ // Copyright (c) Microsoft Corporation. All rights reserved. //----------------------------------------------------------- namespace System.IdentityModel.Tokens { using System.Security.Cryptography; using System.Security.Cryptography.X509Certificates; using System.Security.Cryptography.Xml; public class X509AsymmetricSecurityKey : AsymmetricSecurityKey { X509Certificate2 certificate; AsymmetricAlgorithm privateKey; bool privateKeyAvailabilityDetermined; PublicKey publicKey; object thisLock = new Object(); public X509AsymmetricSecurityKey( X509Certificate2 certificate ) { if ( certificate == null ) throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull( "certificate" ); this.certificate = certificate; } public override int KeySize { get { return this.PublicKey.Key.KeySize; } } AsymmetricAlgorithm PrivateKey { get { if ( !this.privateKeyAvailabilityDetermined ) { lock ( ThisLock ) { if ( !this.privateKeyAvailabilityDetermined ) { this.privateKey = this.certificate.PrivateKey; this.privateKeyAvailabilityDetermined = true; } } } return this.privateKey; } } PublicKey PublicKey { get { if ( this.publicKey == null ) { lock ( ThisLock ) { if ( this.publicKey == null ) { this.publicKey = this.certificate.PublicKey; } } } return this.publicKey; } } Object ThisLock { get { return thisLock; } } public override byte[] DecryptKey( string algorithm, byte[] keyData ) { // We can decrypt key only if we have the private key in the certificate. if ( this.PrivateKey == null ) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.MissingPrivateKey ) ) ); } RSA rsa = this.PrivateKey as RSA; if ( rsa == null ) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.PrivateKeyNotRSA ) ) ); } // Support exchange keySpec, AT_EXCHANGE ? if ( rsa.KeyExchangeAlgorithm == null ) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.PrivateKeyExchangeNotSupported ) ) ); } switch ( algorithm ) { case EncryptedXml.XmlEncRSA15Url: return EncryptedXml.DecryptKey( keyData, rsa, false ); case EncryptedXml.XmlEncRSAOAEPUrl: return EncryptedXml.DecryptKey( keyData, rsa, true ); default: if ( IsSupportedAlgorithm( algorithm ) ) return EncryptedXml.DecryptKey( keyData, rsa, true ); throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.UnsupportedCryptoAlgorithm, algorithm ) ) ); } } public override byte[] EncryptKey( string algorithm, byte[] keyData ) { // Ensure that we have an RSA algorithm object RSA rsa = this.PublicKey.Key as RSA; if ( rsa == null ) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.PublicKeyNotRSA ) ) ); } switch ( algorithm ) { case EncryptedXml.XmlEncRSA15Url: return EncryptedXml.EncryptKey( keyData, rsa, false ); case EncryptedXml.XmlEncRSAOAEPUrl: return EncryptedXml.EncryptKey( keyData, rsa, true ); default: if ( IsSupportedAlgorithm( algorithm ) ) return EncryptedXml.EncryptKey( keyData, rsa, true ); throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.UnsupportedCryptoAlgorithm, algorithm ) ) ); } } public override AsymmetricAlgorithm GetAsymmetricAlgorithm( string algorithm, bool privateKey ) { if ( privateKey ) { if ( this.PrivateKey == null ) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.MissingPrivateKey ) ) ); } if ( String.IsNullOrEmpty( algorithm ) ) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgument( algorithm, SR.GetString( SR.EmptyOrNullArgumentString, "algorithm" ) ); } switch ( algorithm ) { case SignedXml.XmlDsigDSAUrl: if ( ( this.PrivateKey as DSA ) != null ) { return ( this.PrivateKey as DSA ); } throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.AlgorithmAndPrivateKeyMisMatch ) ) ); case SignedXml.XmlDsigRSASHA1Url: case SecurityAlgorithms.RsaSha256Signature: case EncryptedXml.XmlEncRSA15Url: case EncryptedXml.XmlEncRSAOAEPUrl: if ( ( this.PrivateKey as RSA ) != null ) { return ( this.PrivateKey as RSA ); } throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.AlgorithmAndPrivateKeyMisMatch ) ) ); default: if ( IsSupportedAlgorithm( algorithm ) ) return this.PrivateKey; else throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.UnsupportedCryptoAlgorithm, algorithm ) ) ); } } else { switch ( algorithm ) { case SignedXml.XmlDsigDSAUrl: if ( ( this.PublicKey.Key as DSA ) != null ) { return ( this.PublicKey.Key as DSA ); } throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.AlgorithmAndPublicKeyMisMatch ) ) ); case SignedXml.XmlDsigRSASHA1Url: case SecurityAlgorithms.RsaSha256Signature: case EncryptedXml.XmlEncRSA15Url: case EncryptedXml.XmlEncRSAOAEPUrl: if ( ( this.PublicKey.Key as RSA ) != null ) { return ( this.PublicKey.Key as RSA ); } throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.AlgorithmAndPublicKeyMisMatch ) ) ); default: throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.UnsupportedCryptoAlgorithm, algorithm ) ) ); } } } public override HashAlgorithm GetHashAlgorithmForSignature( string algorithm ) { if ( String.IsNullOrEmpty( algorithm ) ) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgument( algorithm, SR.GetString( SR.EmptyOrNullArgumentString, "algorithm" ) ); } object algorithmObject = CryptoHelper.GetAlgorithmFromConfig( algorithm ); if ( algorithmObject != null ) { SignatureDescription description = algorithmObject as SignatureDescription; if ( description != null ) return description.CreateDigest(); HashAlgorithm hashAlgorithm = algorithmObject as HashAlgorithm; if ( hashAlgorithm != null ) return hashAlgorithm; throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new CryptographicException( SR.GetString( SR.UnsupportedAlgorithmForCryptoOperation, algorithm, "CreateDigest" ) ) ); } switch ( algorithm ) { case SignedXml.XmlDsigDSAUrl: case SignedXml.XmlDsigRSASHA1Url: return CryptoHelper.NewSha1HashAlgorithm(); case SecurityAlgorithms.RsaSha256Signature: return CryptoHelper.NewSha256HashAlgorithm(); default: throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.UnsupportedCryptoAlgorithm, algorithm ) ) ); } } public override AsymmetricSignatureDeformatter GetSignatureDeformatter( string algorithm ) { // We support one of the two algoritms, but not both. // XmlDsigDSAUrl = "http://www.w3.org/2000/09/xmldsig#dsa-sha1"; // XmlDsigRSASHA1Url = "http://www.w3.org/2000/09/xmldsig#rsa-sha1"; if ( String.IsNullOrEmpty( algorithm ) ) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgument( algorithm, SR.GetString( SR.EmptyOrNullArgumentString, "algorithm" ) ); } object algorithmObject = CryptoHelper.GetAlgorithmFromConfig( algorithm ); if ( algorithmObject != null ) { SignatureDescription description = algorithmObject as SignatureDescription; if ( description != null ) return description.CreateDeformatter( this.PublicKey.Key ); try { AsymmetricSignatureDeformatter asymmetricSignatureDeformatter = algorithmObject as AsymmetricSignatureDeformatter; if ( asymmetricSignatureDeformatter != null ) { asymmetricSignatureDeformatter.SetKey( this.PublicKey.Key ); return asymmetricSignatureDeformatter; } } catch ( InvalidCastException e ) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.AlgorithmAndPublicKeyMisMatch ), e ) ); } throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new CryptographicException( SR.GetString( SR.UnsupportedAlgorithmForCryptoOperation, algorithm, "GetSignatureDeformatter" ) ) ); } switch ( algorithm ) { case SignedXml.XmlDsigDSAUrl: // Ensure that we have a DSA algorithm object. DSA dsa = ( this.PublicKey.Key as DSA ); if ( dsa == null ) throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.PublicKeyNotDSA ) ) ); return new DSASignatureDeformatter( dsa ); case SignedXml.XmlDsigRSASHA1Url: case SecurityAlgorithms.RsaSha256Signature: // Ensure that we have an RSA algorithm object. RSA rsa = ( this.PublicKey.Key as RSA ); if ( rsa == null ) throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.PublicKeyNotRSA ) ) ); return new RSAPKCS1SignatureDeformatter( rsa ); default: throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.UnsupportedCryptoAlgorithm, algorithm ) ) ); } } public override AsymmetricSignatureFormatter GetSignatureFormatter( string algorithm ) { // One can sign only if the private key is present. if ( this.PrivateKey == null ) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.MissingPrivateKey ) ) ); } if ( String.IsNullOrEmpty( algorithm ) ) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgument( algorithm, SR.GetString( SR.EmptyOrNullArgumentString, "algorithm" ) ); } // We support one of the two algoritms, but not both. // XmlDsigDSAUrl = "http://www.w3.org/2000/09/xmldsig#dsa-sha1"; // XmlDsigRSASHA1Url = "http://www.w3.org/2000/09/xmldsig#rsa-sha1"; object algorithmObject = CryptoHelper.GetAlgorithmFromConfig( algorithm ); if ( algorithmObject != null ) { SignatureDescription description = algorithmObject as SignatureDescription; if ( description != null ) return description.CreateFormatter( this.PrivateKey ); try { AsymmetricSignatureFormatter asymmetricSignatureFormatter = algorithmObject as AsymmetricSignatureFormatter; if ( asymmetricSignatureFormatter != null ) { asymmetricSignatureFormatter.SetKey( this.PrivateKey ); return asymmetricSignatureFormatter; } } catch ( InvalidCastException e ) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.AlgorithmAndPrivateKeyMisMatch ), e ) ); } throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new CryptographicException( SR.GetString( SR.UnsupportedAlgorithmForCryptoOperation, algorithm, "GetSignatureFormatter" ) ) ); } switch ( algorithm ) { case SignedXml.XmlDsigDSAUrl: // Ensure that we have a DSA algorithm object. DSA dsa = ( this.PrivateKey as DSA ); if ( dsa == null ) throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.PrivateKeyNotDSA ) ) ); return new DSASignatureFormatter( dsa ); case SignedXml.XmlDsigRSASHA1Url: // Ensure that we have an RSA algorithm object. RSA rsa = ( this.PrivateKey as RSA ); if ( rsa == null ) throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.PrivateKeyNotRSA ) ) ); return new RSAPKCS1SignatureFormatter( rsa ); case SecurityAlgorithms.RsaSha256Signature: // Ensure that we have an RSA algorithm object. RSACryptoServiceProvider rsa_prov_full = ( this.PrivateKey as RSACryptoServiceProvider ); if ( rsa_prov_full == null ) throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.PrivateKeyNotRSA ) ) ); CspParameters csp = new CspParameters(); csp.ProviderType = 24; csp.KeyContainerName = rsa_prov_full.CspKeyContainerInfo.KeyContainerName; csp.KeyNumber = (int)rsa_prov_full.CspKeyContainerInfo.KeyNumber; if ( rsa_prov_full.CspKeyContainerInfo.MachineKeyStore ) csp.Flags = CspProviderFlags.UseMachineKeyStore; return new RSAPKCS1SignatureFormatter( new RSACryptoServiceProvider( csp ) ); default: throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.UnsupportedCryptoAlgorithm, algorithm ) ) ); } } public override bool HasPrivateKey() { return ( this.PrivateKey != null ); } public override bool IsAsymmetricAlgorithm( string algorithm ) { if ( String.IsNullOrEmpty( algorithm ) ) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgument( algorithm, SR.GetString( SR.EmptyOrNullArgumentString, "algorithm" ) ); } return ( CryptoHelper.IsAsymmetricAlgorithm( algorithm ) ); } public override bool IsSupportedAlgorithm( string algorithm ) { if ( String.IsNullOrEmpty( algorithm ) ) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgument( algorithm, SR.GetString( SR.EmptyOrNullArgumentString, "algorithm" ) ); } object algorithmObject = null; try { algorithmObject = CryptoHelper.GetAlgorithmFromConfig( algorithm ); } catch (InvalidOperationException) { algorithm = null; } if ( algorithmObject != null ) { SignatureDescription signatureDescription = algorithmObject as SignatureDescription; if ( signatureDescription != null ) return true; AsymmetricAlgorithm asymmetricAlgorithm = algorithmObject as AsymmetricAlgorithm; if ( asymmetricAlgorithm != null ) return true; return false; } switch ( algorithm ) { case SignedXml.XmlDsigDSAUrl: return ( this.PublicKey.Key is DSA ); case SignedXml.XmlDsigRSASHA1Url: case SecurityAlgorithms.RsaSha256Signature: case EncryptedXml.XmlEncRSA15Url: case EncryptedXml.XmlEncRSAOAEPUrl: return ( this.PublicKey.Key is RSA ); default: return false; } } public override bool IsSymmetricAlgorithm( string algorithm ) { return CryptoHelper.IsSymmetricAlgorithm( algorithm ); } } } // File provided for Reference Use Only by Microsoft Corporation (c) 2007. // Copyright (c) Microsoft Corporation. All rights reserved.
Link Menu

This book is available now!
Buy at Amazon US or
Buy at Amazon UK
- CqlWriter.cs
- Expression.cs
- AbsoluteQuery.cs
- AutomationElement.cs
- XamlRtfConverter.cs
- XmlStringTable.cs
- WmlValidatorAdapter.cs
- XmlDataSource.cs
- CorrelationQueryBehavior.cs
- UniqueCodeIdentifierScope.cs
- RawStylusActions.cs
- ACE.cs
- RequestQueue.cs
- SmiMetaDataProperty.cs
- DataServiceQueryProvider.cs
- GridViewColumnCollection.cs
- SafeProcessHandle.cs
- TraceSwitch.cs
- PersonalizationProvider.cs
- PropertyReference.cs
- Msec.cs
- FocusTracker.cs
- GestureRecognizer.cs
- XmlAnyElementAttributes.cs
- Rijndael.cs
- SelectorAutomationPeer.cs
- DocumentNUp.cs
- ManagementOptions.cs
- ContainerTracking.cs
- KeyFrames.cs
- EntityDataSourceContextDisposingEventArgs.cs
- ExtendedProtectionPolicyTypeConverter.cs
- SystemIPAddressInformation.cs
- RichTextBoxContextMenu.cs
- StrongNameUtility.cs
- CounterCreationData.cs
- BreakRecordTable.cs
- SoapExtensionTypeElementCollection.cs
- EventProxy.cs
- DependencyPropertyChangedEventArgs.cs
- Triplet.cs
- arabicshape.cs
- ButtonAutomationPeer.cs
- TextDecoration.cs
- System.Data.OracleClient_BID.cs
- XmlAutoDetectWriter.cs
- SoapSchemaMember.cs
- QueryOperator.cs
- MaxSessionCountExceededException.cs
- TypeBuilderInstantiation.cs
- ZipIOEndOfCentralDirectoryBlock.cs
- ProtectedConfigurationProviderCollection.cs
- TabControlCancelEvent.cs
- RequestQueue.cs
- AccessedThroughPropertyAttribute.cs
- ParenthesizePropertyNameAttribute.cs
- HttpWebRequestElement.cs
- BindValidationContext.cs
- CookieParameter.cs
- HyperLink.cs
- XMLUtil.cs
- XmlTextReader.cs
- DataGridViewColumnCollection.cs
- EntityDataSourceWrapperCollection.cs
- AVElementHelper.cs
- SymLanguageVendor.cs
- DataGridViewCellLinkedList.cs
- Config.cs
- PrePostDescendentsWalker.cs
- SoapSchemaImporter.cs
- HtmlHistory.cs
- AuthenticationServiceManager.cs
- DbConnectionHelper.cs
- unsafenativemethodsother.cs
- SymLanguageType.cs
- XmlMemberMapping.cs
- ExtenderControl.cs
- ClientSettingsSection.cs
- SamlDoNotCacheCondition.cs
- OdbcEnvironmentHandle.cs
- ReadOnlyActivityGlyph.cs
- ChangePasswordDesigner.cs
- DataGridViewColumnStateChangedEventArgs.cs
- Binding.cs
- CodePageEncoding.cs
- BasicSecurityProfileVersion.cs
- XNodeValidator.cs
- RelatedPropertyManager.cs
- SpecularMaterial.cs
- SqlServer2KCompatibilityAnnotation.cs
- GlyphRunDrawing.cs
- Root.cs
- DataGridColumn.cs
- ParallelTimeline.cs
- RotationValidation.cs
- BitmapEffectGroup.cs
- ManagedWndProcTracker.cs
- RuntimeVariableList.cs
- DataGridViewColumnCollection.cs
- InputManager.cs