Code:
/ WCF / WCF / 3.5.30729.1 / untmp / Orcas / SP / ndp / cdf / src / WCF / IdentityModel / System / IdentityModel / Tokens / X509AsymmetricSecurityKey.cs / 1 / X509AsymmetricSecurityKey.cs
//------------------------------------------------------------
// Copyright (c) Microsoft Corporation. All rights reserved.
//-----------------------------------------------------------
namespace System.IdentityModel.Tokens
{
using System.Security.Cryptography;
using System.Security.Cryptography.X509Certificates;
using System.Security.Cryptography.Xml;
public class X509AsymmetricSecurityKey : AsymmetricSecurityKey
{
X509Certificate2 certificate;
AsymmetricAlgorithm privateKey;
bool privateKeyAvailabilityDetermined;
PublicKey publicKey;
object thisLock = new Object();
public X509AsymmetricSecurityKey(X509Certificate2 certificate)
{
if (certificate == null)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("certificate");
this.certificate = certificate;
}
public override int KeySize
{
get { return this.PublicKey.Key.KeySize; }
}
AsymmetricAlgorithm PrivateKey
{
get
{
if (!this.privateKeyAvailabilityDetermined)
{
lock (ThisLock)
{
if (!this.privateKeyAvailabilityDetermined)
{
this.privateKey = this.certificate.PrivateKey;
this.privateKeyAvailabilityDetermined = true;
}
}
}
return this.privateKey;
}
}
PublicKey PublicKey
{
get
{
if (this.publicKey == null)
{
lock (ThisLock)
{
if (this.publicKey == null)
{
this.publicKey = this.certificate.PublicKey;
}
}
}
return this.publicKey;
}
}
Object ThisLock
{
get
{
return thisLock;
}
}
public override byte[] DecryptKey(string algorithm, byte[] keyData)
{
// We can decrypt key only if we have the private key in the certificate.
if (this.PrivateKey == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.MissingPrivateKey)));
}
RSA rsa = this.PrivateKey as RSA;
if (rsa == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.PrivateKeyNotRSA)));
}
// Support exchange keySpec, AT_EXCHANGE ?
if (rsa.KeyExchangeAlgorithm == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.PrivateKeyExchangeNotSupported)));
}
switch (algorithm)
{
case EncryptedXml.XmlEncRSA15Url:
return EncryptedXml.DecryptKey(keyData, rsa, false);
case EncryptedXml.XmlEncRSAOAEPUrl:
return EncryptedXml.DecryptKey(keyData, rsa, true);
default:
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.UnsupportedCryptoAlgorithm, algorithm)));
}
}
public override byte[] EncryptKey(string algorithm, byte[] keyData)
{
// Ensure that we have an RSA algorithm object
RSA rsa = this.PublicKey.Key as RSA;
if (rsa == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.PublicKeyNotRSA)));
}
switch (algorithm)
{
case EncryptedXml.XmlEncRSA15Url:
return EncryptedXml.EncryptKey(keyData, rsa, false);
case EncryptedXml.XmlEncRSAOAEPUrl:
return EncryptedXml.EncryptKey(keyData, rsa, true);
default:
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.UnsupportedCryptoAlgorithm, algorithm)));
}
}
public override AsymmetricAlgorithm GetAsymmetricAlgorithm(string algorithm, bool privateKey)
{
if (privateKey)
{
if (this.PrivateKey == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.MissingPrivateKey)));
}
switch (algorithm)
{
case SignedXml.XmlDsigDSAUrl:
if ((this.PrivateKey as DSA) != null)
{
return (this.PrivateKey as DSA);
}
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.AlgorithmAndPrivateKeyMisMatch)));
case SignedXml.XmlDsigRSASHA1Url:
case SecurityAlgorithms.RsaSha256Signature:
case EncryptedXml.XmlEncRSA15Url:
case EncryptedXml.XmlEncRSAOAEPUrl:
if ((this.PrivateKey as RSA) != null)
{
return (this.PrivateKey as RSA);
}
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.AlgorithmAndPrivateKeyMisMatch)));
default:
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.UnsupportedCryptoAlgorithm, algorithm)));
}
}
else
{
switch (algorithm)
{
case SignedXml.XmlDsigDSAUrl:
if ((this.PublicKey.Key as DSA) != null)
{
return (this.PublicKey.Key as DSA);
}
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.AlgorithmAndPublicKeyMisMatch)));
case SignedXml.XmlDsigRSASHA1Url:
case SecurityAlgorithms.RsaSha256Signature:
case EncryptedXml.XmlEncRSA15Url:
case EncryptedXml.XmlEncRSAOAEPUrl:
if ((this.PublicKey.Key as RSA) != null)
{
return (this.PublicKey.Key as RSA);
}
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.AlgorithmAndPublicKeyMisMatch)));
default:
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.UnsupportedCryptoAlgorithm, algorithm)));
}
}
}
public override HashAlgorithm GetHashAlgorithmForSignature(string algorithm)
{
if (!this.IsSupportedAlgorithm(algorithm))
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.UnsupportedCryptoAlgorithm, algorithm)));
}
switch (algorithm)
{
case SignedXml.XmlDsigDSAUrl:
case SignedXml.XmlDsigRSASHA1Url:
return CryptoHelper.NewSha1HashAlgorithm();
case SecurityAlgorithms.RsaSha256Signature:
return CryptoHelper.NewSha256HashAlgorithm();
default:
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.UnsupportedCryptoAlgorithm, algorithm)));
}
}
public override AsymmetricSignatureDeformatter GetSignatureDeformatter(string algorithm)
{
// We support one of the two algoritms, but not both.
// XmlDsigDSAUrl = "http://www.w3.org/2000/09/xmldsig#dsa-sha1";
// XmlDsigRSASHA1Url = "http://www.w3.org/2000/09/xmldsig#rsa-sha1";
switch (algorithm)
{
case SignedXml.XmlDsigDSAUrl:
// Ensure that we have a DSA algorithm object.
DSA dsa = (this.PublicKey.Key as DSA);
if (dsa == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.PublicKeyNotDSA)));
}
return new DSASignatureDeformatter(dsa);
case SignedXml.XmlDsigRSASHA1Url:
case SecurityAlgorithms.RsaSha256Signature:
// Ensure that we have an RSA algorithm object.
RSA rsa = (this.PublicKey.Key as RSA);
if (rsa == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.PublicKeyNotRSA)));
}
return new RSAPKCS1SignatureDeformatter(rsa);
default:
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.UnsupportedCryptoAlgorithm, algorithm)));
}
}
public override AsymmetricSignatureFormatter GetSignatureFormatter(string algorithm)
{
// One can sign only if the private key is present.
if (this.PrivateKey == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.MissingPrivateKey)));
}
// We support one of the two algoritms, but not both.
// XmlDsigDSAUrl = "http://www.w3.org/2000/09/xmldsig#dsa-sha1";
// XmlDsigRSASHA1Url = "http://www.w3.org/2000/09/xmldsig#rsa-sha1";
switch (algorithm)
{
case SignedXml.XmlDsigDSAUrl:
// Ensure that we have a DSA algorithm object.
DSA dsa = (this.PrivateKey as DSA);
if (dsa == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.PrivateKeyNotDSA)));
}
return new DSASignatureFormatter(dsa);
case SignedXml.XmlDsigRSASHA1Url:
case SecurityAlgorithms.RsaSha256Signature:
// Ensure that we have an RSA algorithm object.
RSA rsa = (this.PrivateKey as RSA);
if (rsa == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.PrivateKeyNotRSA)));
}
return new RSAPKCS1SignatureFormatter(rsa);
default:
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.UnsupportedCryptoAlgorithm, algorithm)));
}
}
public override bool HasPrivateKey()
{
return (this.PrivateKey != null);
}
public override bool IsAsymmetricAlgorithm(string algorithm)
{
return (CryptoHelper.IsAsymmetricAlgorithm(algorithm));
}
public override bool IsSupportedAlgorithm(string algorithm)
{
switch (algorithm)
{
case SignedXml.XmlDsigDSAUrl:
return (this.PublicKey.Key is DSA);
case SignedXml.XmlDsigRSASHA1Url:
case SecurityAlgorithms.RsaSha256Signature:
case EncryptedXml.XmlEncRSA15Url:
case EncryptedXml.XmlEncRSAOAEPUrl:
return (this.PublicKey.Key is RSA);
default:
return false;
}
}
public override bool IsSymmetricAlgorithm(string algorithm)
{
return CryptoHelper.IsSymmetricAlgorithm(algorithm);
}
}
}
// File provided for Reference Use Only by Microsoft Corporation (c) 2007.
// Copyright (c) Microsoft Corporation. All rights reserved.
Link Menu
This book is available now!
Buy at Amazon US or
Buy at Amazon UK
- Compensate.cs
- HttpRequestBase.cs
- ApplicationId.cs
- NullRuntimeConfig.cs
- Model3DGroup.cs
- TopClause.cs
- COM2FontConverter.cs
- PackageController.cs
- UnionQueryOperator.cs
- TransformPattern.cs
- IncrementalReadDecoders.cs
- OrderedDictionaryStateHelper.cs
- httpserverutility.cs
- DesignerActionPropertyItem.cs
- HighContrastHelper.cs
- Quad.cs
- Size3D.cs
- Rules.cs
- BulletDecorator.cs
- EventMetadata.cs
- WebBrowserEvent.cs
- FixedDocumentSequencePaginator.cs
- XmlReaderSettings.cs
- SessionIDManager.cs
- ScriptHandlerFactory.cs
- TextBoxView.cs
- MethodBody.cs
- FamilyTypeface.cs
- HttpHandlerAction.cs
- BitmapEffectCollection.cs
- XmlNamedNodeMap.cs
- Base64Decoder.cs
- RoutedEventHandlerInfo.cs
- ZipIOExtraFieldZip64Element.cs
- BitmapFrameEncode.cs
- XPathSingletonIterator.cs
- RuleElement.cs
- WebBrowserBase.cs
- SingleAnimationUsingKeyFrames.cs
- TypefaceMap.cs
- OptimalTextSource.cs
- Boolean.cs
- HandlerFactoryWrapper.cs
- PerfCounters.cs
- ObjectStateFormatter.cs
- FlowDocumentReader.cs
- XPathMultyIterator.cs
- SiteMapProvider.cs
- StreamInfo.cs
- DataControlHelper.cs
- WebPartEventArgs.cs
- SQLResource.cs
- RecommendedAsConfigurableAttribute.cs
- ConfigurationSectionCollection.cs
- SizeConverter.cs
- WhileDesigner.cs
- HttpRequestContext.cs
- BufferedStream.cs
- FlowLayout.cs
- LeafCellTreeNode.cs
- AuthenticationModulesSection.cs
- AmbientValueAttribute.cs
- ShaderEffect.cs
- GeneralTransformGroup.cs
- FolderLevelBuildProviderCollection.cs
- ConfigurationSectionGroupCollection.cs
- MetadataItemEmitter.cs
- ContentElement.cs
- NonParentingControl.cs
- StylusPlugin.cs
- ConfigXmlDocument.cs
- ToolStripDropDownClosingEventArgs.cs
- HttpWebRequest.cs
- DbException.cs
- DependencySource.cs
- WebPartConnection.cs
- HttpConfigurationContext.cs
- SqlColumnizer.cs
- Helpers.cs
- KeyBinding.cs
- WebPartHeaderCloseVerb.cs
- PeerMaintainer.cs
- JsonReader.cs
- AspCompat.cs
- NullableDoubleMinMaxAggregationOperator.cs
- XmlLanguage.cs
- AnimationStorage.cs
- DeviceContext2.cs
- ParallelSeparator.xaml.cs
- HttpApplication.cs
- DataGridTablesFactory.cs
- InlinedAggregationOperator.cs
- SamlSerializer.cs
- GZipDecoder.cs
- TextBoxDesigner.cs
- DataGridViewColumnHeaderCell.cs
- ToggleButtonAutomationPeer.cs
- MethodBody.cs
- InputLanguageSource.cs
- HtmlTableRow.cs