Code:
/ 4.0 / 4.0 / untmp / DEVDIV_TFS / Dev10 / Releases / RTMRel / ndp / cdf / src / WCF / IdentityModel / System / IdentityModel / Tokens / X509AsymmetricSecurityKey.cs / 1305376 / X509AsymmetricSecurityKey.cs
//------------------------------------------------------------ // Copyright (c) Microsoft Corporation. All rights reserved. //----------------------------------------------------------- namespace System.IdentityModel.Tokens { using System.Security.Cryptography; using System.Security.Cryptography.X509Certificates; using System.Security.Cryptography.Xml; public class X509AsymmetricSecurityKey : AsymmetricSecurityKey { X509Certificate2 certificate; AsymmetricAlgorithm privateKey; bool privateKeyAvailabilityDetermined; PublicKey publicKey; object thisLock = new Object(); public X509AsymmetricSecurityKey( X509Certificate2 certificate ) { if ( certificate == null ) throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull( "certificate" ); this.certificate = certificate; } public override int KeySize { get { return this.PublicKey.Key.KeySize; } } AsymmetricAlgorithm PrivateKey { get { if ( !this.privateKeyAvailabilityDetermined ) { lock ( ThisLock ) { if ( !this.privateKeyAvailabilityDetermined ) { this.privateKey = this.certificate.PrivateKey; this.privateKeyAvailabilityDetermined = true; } } } return this.privateKey; } } PublicKey PublicKey { get { if ( this.publicKey == null ) { lock ( ThisLock ) { if ( this.publicKey == null ) { this.publicKey = this.certificate.PublicKey; } } } return this.publicKey; } } Object ThisLock { get { return thisLock; } } public override byte[] DecryptKey( string algorithm, byte[] keyData ) { // We can decrypt key only if we have the private key in the certificate. if ( this.PrivateKey == null ) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.MissingPrivateKey ) ) ); } RSA rsa = this.PrivateKey as RSA; if ( rsa == null ) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.PrivateKeyNotRSA ) ) ); } // Support exchange keySpec, AT_EXCHANGE ? if ( rsa.KeyExchangeAlgorithm == null ) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.PrivateKeyExchangeNotSupported ) ) ); } switch ( algorithm ) { case EncryptedXml.XmlEncRSA15Url: return EncryptedXml.DecryptKey( keyData, rsa, false ); case EncryptedXml.XmlEncRSAOAEPUrl: return EncryptedXml.DecryptKey( keyData, rsa, true ); default: if ( IsSupportedAlgorithm( algorithm ) ) return EncryptedXml.DecryptKey( keyData, rsa, true ); throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.UnsupportedCryptoAlgorithm, algorithm ) ) ); } } public override byte[] EncryptKey( string algorithm, byte[] keyData ) { // Ensure that we have an RSA algorithm object RSA rsa = this.PublicKey.Key as RSA; if ( rsa == null ) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.PublicKeyNotRSA ) ) ); } switch ( algorithm ) { case EncryptedXml.XmlEncRSA15Url: return EncryptedXml.EncryptKey( keyData, rsa, false ); case EncryptedXml.XmlEncRSAOAEPUrl: return EncryptedXml.EncryptKey( keyData, rsa, true ); default: if ( IsSupportedAlgorithm( algorithm ) ) return EncryptedXml.EncryptKey( keyData, rsa, true ); throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.UnsupportedCryptoAlgorithm, algorithm ) ) ); } } public override AsymmetricAlgorithm GetAsymmetricAlgorithm( string algorithm, bool privateKey ) { if ( privateKey ) { if ( this.PrivateKey == null ) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.MissingPrivateKey ) ) ); } if ( String.IsNullOrEmpty( algorithm ) ) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgument( algorithm, SR.GetString( SR.EmptyOrNullArgumentString, "algorithm" ) ); } switch ( algorithm ) { case SignedXml.XmlDsigDSAUrl: if ( ( this.PrivateKey as DSA ) != null ) { return ( this.PrivateKey as DSA ); } throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.AlgorithmAndPrivateKeyMisMatch ) ) ); case SignedXml.XmlDsigRSASHA1Url: case SecurityAlgorithms.RsaSha256Signature: case EncryptedXml.XmlEncRSA15Url: case EncryptedXml.XmlEncRSAOAEPUrl: if ( ( this.PrivateKey as RSA ) != null ) { return ( this.PrivateKey as RSA ); } throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.AlgorithmAndPrivateKeyMisMatch ) ) ); default: if ( IsSupportedAlgorithm( algorithm ) ) return this.PrivateKey; else throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.UnsupportedCryptoAlgorithm, algorithm ) ) ); } } else { switch ( algorithm ) { case SignedXml.XmlDsigDSAUrl: if ( ( this.PublicKey.Key as DSA ) != null ) { return ( this.PublicKey.Key as DSA ); } throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.AlgorithmAndPublicKeyMisMatch ) ) ); case SignedXml.XmlDsigRSASHA1Url: case SecurityAlgorithms.RsaSha256Signature: case EncryptedXml.XmlEncRSA15Url: case EncryptedXml.XmlEncRSAOAEPUrl: if ( ( this.PublicKey.Key as RSA ) != null ) { return ( this.PublicKey.Key as RSA ); } throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.AlgorithmAndPublicKeyMisMatch ) ) ); default: throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.UnsupportedCryptoAlgorithm, algorithm ) ) ); } } } public override HashAlgorithm GetHashAlgorithmForSignature( string algorithm ) { if ( String.IsNullOrEmpty( algorithm ) ) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgument( algorithm, SR.GetString( SR.EmptyOrNullArgumentString, "algorithm" ) ); } object algorithmObject = CryptoHelper.GetAlgorithmFromConfig( algorithm ); if ( algorithmObject != null ) { SignatureDescription description = algorithmObject as SignatureDescription; if ( description != null ) return description.CreateDigest(); HashAlgorithm hashAlgorithm = algorithmObject as HashAlgorithm; if ( hashAlgorithm != null ) return hashAlgorithm; throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new CryptographicException( SR.GetString( SR.UnsupportedAlgorithmForCryptoOperation, algorithm, "CreateDigest" ) ) ); } switch ( algorithm ) { case SignedXml.XmlDsigDSAUrl: case SignedXml.XmlDsigRSASHA1Url: return CryptoHelper.NewSha1HashAlgorithm(); case SecurityAlgorithms.RsaSha256Signature: return CryptoHelper.NewSha256HashAlgorithm(); default: throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.UnsupportedCryptoAlgorithm, algorithm ) ) ); } } public override AsymmetricSignatureDeformatter GetSignatureDeformatter( string algorithm ) { // We support one of the two algoritms, but not both. // XmlDsigDSAUrl = "http://www.w3.org/2000/09/xmldsig#dsa-sha1"; // XmlDsigRSASHA1Url = "http://www.w3.org/2000/09/xmldsig#rsa-sha1"; if ( String.IsNullOrEmpty( algorithm ) ) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgument( algorithm, SR.GetString( SR.EmptyOrNullArgumentString, "algorithm" ) ); } object algorithmObject = CryptoHelper.GetAlgorithmFromConfig( algorithm ); if ( algorithmObject != null ) { SignatureDescription description = algorithmObject as SignatureDescription; if ( description != null ) return description.CreateDeformatter( this.PublicKey.Key ); try { AsymmetricSignatureDeformatter asymmetricSignatureDeformatter = algorithmObject as AsymmetricSignatureDeformatter; if ( asymmetricSignatureDeformatter != null ) { asymmetricSignatureDeformatter.SetKey( this.PublicKey.Key ); return asymmetricSignatureDeformatter; } } catch ( InvalidCastException e ) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.AlgorithmAndPublicKeyMisMatch ), e ) ); } throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new CryptographicException( SR.GetString( SR.UnsupportedAlgorithmForCryptoOperation, algorithm, "GetSignatureDeformatter" ) ) ); } switch ( algorithm ) { case SignedXml.XmlDsigDSAUrl: // Ensure that we have a DSA algorithm object. DSA dsa = ( this.PublicKey.Key as DSA ); if ( dsa == null ) throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.PublicKeyNotDSA ) ) ); return new DSASignatureDeformatter( dsa ); case SignedXml.XmlDsigRSASHA1Url: case SecurityAlgorithms.RsaSha256Signature: // Ensure that we have an RSA algorithm object. RSA rsa = ( this.PublicKey.Key as RSA ); if ( rsa == null ) throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.PublicKeyNotRSA ) ) ); return new RSAPKCS1SignatureDeformatter( rsa ); default: throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.UnsupportedCryptoAlgorithm, algorithm ) ) ); } } public override AsymmetricSignatureFormatter GetSignatureFormatter( string algorithm ) { // One can sign only if the private key is present. if ( this.PrivateKey == null ) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.MissingPrivateKey ) ) ); } if ( String.IsNullOrEmpty( algorithm ) ) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgument( algorithm, SR.GetString( SR.EmptyOrNullArgumentString, "algorithm" ) ); } // We support one of the two algoritms, but not both. // XmlDsigDSAUrl = "http://www.w3.org/2000/09/xmldsig#dsa-sha1"; // XmlDsigRSASHA1Url = "http://www.w3.org/2000/09/xmldsig#rsa-sha1"; object algorithmObject = CryptoHelper.GetAlgorithmFromConfig( algorithm ); if ( algorithmObject != null ) { SignatureDescription description = algorithmObject as SignatureDescription; if ( description != null ) return description.CreateFormatter( this.PrivateKey ); try { AsymmetricSignatureFormatter asymmetricSignatureFormatter = algorithmObject as AsymmetricSignatureFormatter; if ( asymmetricSignatureFormatter != null ) { asymmetricSignatureFormatter.SetKey( this.PrivateKey ); return asymmetricSignatureFormatter; } } catch ( InvalidCastException e ) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.AlgorithmAndPrivateKeyMisMatch ), e ) ); } throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new CryptographicException( SR.GetString( SR.UnsupportedAlgorithmForCryptoOperation, algorithm, "GetSignatureFormatter" ) ) ); } switch ( algorithm ) { case SignedXml.XmlDsigDSAUrl: // Ensure that we have a DSA algorithm object. DSA dsa = ( this.PrivateKey as DSA ); if ( dsa == null ) throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.PrivateKeyNotDSA ) ) ); return new DSASignatureFormatter( dsa ); case SignedXml.XmlDsigRSASHA1Url: // Ensure that we have an RSA algorithm object. RSA rsa = ( this.PrivateKey as RSA ); if ( rsa == null ) throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.PrivateKeyNotRSA ) ) ); return new RSAPKCS1SignatureFormatter( rsa ); case SecurityAlgorithms.RsaSha256Signature: // Ensure that we have an RSA algorithm object. RSACryptoServiceProvider rsa_prov_full = ( this.PrivateKey as RSACryptoServiceProvider ); if ( rsa_prov_full == null ) throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.PrivateKeyNotRSA ) ) ); CspParameters csp = new CspParameters(); csp.ProviderType = 24; csp.KeyContainerName = rsa_prov_full.CspKeyContainerInfo.KeyContainerName; csp.KeyNumber = (int)rsa_prov_full.CspKeyContainerInfo.KeyNumber; if ( rsa_prov_full.CspKeyContainerInfo.MachineKeyStore ) csp.Flags = CspProviderFlags.UseMachineKeyStore; return new RSAPKCS1SignatureFormatter( new RSACryptoServiceProvider( csp ) ); default: throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new NotSupportedException( SR.GetString( SR.UnsupportedCryptoAlgorithm, algorithm ) ) ); } } public override bool HasPrivateKey() { return ( this.PrivateKey != null ); } public override bool IsAsymmetricAlgorithm( string algorithm ) { if ( String.IsNullOrEmpty( algorithm ) ) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgument( algorithm, SR.GetString( SR.EmptyOrNullArgumentString, "algorithm" ) ); } return ( CryptoHelper.IsAsymmetricAlgorithm( algorithm ) ); } public override bool IsSupportedAlgorithm( string algorithm ) { if ( String.IsNullOrEmpty( algorithm ) ) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgument( algorithm, SR.GetString( SR.EmptyOrNullArgumentString, "algorithm" ) ); } object algorithmObject = null; try { algorithmObject = CryptoHelper.GetAlgorithmFromConfig( algorithm ); } catch (InvalidOperationException) { algorithm = null; } if ( algorithmObject != null ) { SignatureDescription signatureDescription = algorithmObject as SignatureDescription; if ( signatureDescription != null ) return true; AsymmetricAlgorithm asymmetricAlgorithm = algorithmObject as AsymmetricAlgorithm; if ( asymmetricAlgorithm != null ) return true; return false; } switch ( algorithm ) { case SignedXml.XmlDsigDSAUrl: return ( this.PublicKey.Key is DSA ); case SignedXml.XmlDsigRSASHA1Url: case SecurityAlgorithms.RsaSha256Signature: case EncryptedXml.XmlEncRSA15Url: case EncryptedXml.XmlEncRSAOAEPUrl: return ( this.PublicKey.Key is RSA ); default: return false; } } public override bool IsSymmetricAlgorithm( string algorithm ) { return CryptoHelper.IsSymmetricAlgorithm( algorithm ); } } } // File provided for Reference Use Only by Microsoft Corporation (c) 2007. // Copyright (c) Microsoft Corporation. All rights reserved.
Link Menu
This book is available now!
Buy at Amazon US or
Buy at Amazon UK
- TextSearch.cs
- InstanceNotReadyException.cs
- ActiveDocumentEvent.cs
- CheckBoxStandardAdapter.cs
- xamlnodes.cs
- Zone.cs
- HostedElements.cs
- UrlPath.cs
- CustomPopupPlacement.cs
- LinqDataSourceValidationException.cs
- PolicyManager.cs
- BitVector32.cs
- VideoDrawing.cs
- OdbcConnection.cs
- DataMemberConverter.cs
- UInt16Storage.cs
- DtrList.cs
- BitmapSource.cs
- TreeNode.cs
- BindingCollection.cs
- CompressEmulationStream.cs
- PageParserFilter.cs
- InheritanceAttribute.cs
- DataGridViewDataErrorEventArgs.cs
- TypeUtil.cs
- RemoteWebConfigurationHostStream.cs
- RegexWorker.cs
- TargetControlTypeCache.cs
- RenderContext.cs
- HostingEnvironmentSection.cs
- FigureParaClient.cs
- SerialPinChanges.cs
- SerializerWriterEventHandlers.cs
- ListChangedEventArgs.cs
- MissingSatelliteAssemblyException.cs
- MatrixStack.cs
- WindowsIdentity.cs
- ClientTarget.cs
- TemplateBindingExtension.cs
- PlatformCulture.cs
- AccessKeyManager.cs
- RoleService.cs
- SqlDependencyListener.cs
- CultureInfoConverter.cs
- ConstrainedGroup.cs
- ContextMenuAutomationPeer.cs
- PersonalizationStateInfoCollection.cs
- OverrideMode.cs
- EventMap.cs
- BitVec.cs
- MultipleViewPattern.cs
- StateChangeEvent.cs
- SqlProvider.cs
- Variable.cs
- GridViewRowCollection.cs
- Pair.cs
- EmptyStringExpandableObjectConverter.cs
- InputLangChangeRequestEvent.cs
- ListDictionaryInternal.cs
- ParameterInfo.cs
- TableParaClient.cs
- InfoCardArgumentException.cs
- UnsignedPublishLicense.cs
- BufferedStream.cs
- RawStylusInputCustomData.cs
- ExpressionParser.cs
- ForeignConstraint.cs
- UInt64Converter.cs
- OdbcFactory.cs
- WebPartZone.cs
- DataContractSerializerOperationGenerator.cs
- DispatcherEventArgs.cs
- CodeIdentifier.cs
- ContainerUIElement3D.cs
- DataControlCommands.cs
- StandardRuntimeEnumValidatorAttribute.cs
- ProbeDuplexCD1AsyncResult.cs
- ActivityDesignerAccessibleObject.cs
- RolePrincipal.cs
- DiscoveryProxy.cs
- DeviceFiltersSection.cs
- CodeCatchClauseCollection.cs
- CounterSampleCalculator.cs
- CacheVirtualItemsEvent.cs
- SpeechDetectedEventArgs.cs
- LicenseManager.cs
- ScriptControlManager.cs
- PreviewPrintController.cs
- ImageUrlEditor.cs
- ObjectCloneHelper.cs
- PointConverter.cs
- LastQueryOperator.cs
- MissingFieldException.cs
- HttpResponseHeader.cs
- Emitter.cs
- CheckBox.cs
- BoundField.cs
- EqualityComparer.cs
- WebPartMovingEventArgs.cs
- Authorization.cs