X509AsymmetricSecurityKey.cs source code in C# .NET

Source code for the .NET framework in C#

                        

Code:

/ WCF / WCF / 3.5.30729.1 / untmp / Orcas / SP / ndp / cdf / src / WCF / IdentityModel / System / IdentityModel / Tokens / X509AsymmetricSecurityKey.cs / 1 / X509AsymmetricSecurityKey.cs

                            //------------------------------------------------------------ 
// Copyright (c) Microsoft Corporation.  All rights reserved.
//-----------------------------------------------------------

namespace System.IdentityModel.Tokens 
{
    using System.Security.Cryptography; 
    using System.Security.Cryptography.X509Certificates; 
    using System.Security.Cryptography.Xml;
 
    public class X509AsymmetricSecurityKey : AsymmetricSecurityKey
    {
        X509Certificate2 certificate;
        AsymmetricAlgorithm privateKey; 
        bool privateKeyAvailabilityDetermined;
        PublicKey publicKey; 
        object thisLock = new Object(); 

        public X509AsymmetricSecurityKey(X509Certificate2 certificate) 
        {
            if (certificate == null)
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("certificate");
 
            this.certificate = certificate;
        } 
 
        public override int KeySize
        { 
            get { return this.PublicKey.Key.KeySize; }
        }

        AsymmetricAlgorithm PrivateKey 
        {
            get 
            { 
                if (!this.privateKeyAvailabilityDetermined)
                { 
                    lock (ThisLock)
                    {
                        if (!this.privateKeyAvailabilityDetermined)
                        { 
                            this.privateKey = this.certificate.PrivateKey;
                            this.privateKeyAvailabilityDetermined = true; 
                        } 
                    }
                } 
                return this.privateKey;
            }
        }
 
        PublicKey PublicKey
        { 
            get 
            {
                if (this.publicKey == null) 
                {
                    lock (ThisLock)
                    {
                        if (this.publicKey == null) 
                        {
                            this.publicKey = this.certificate.PublicKey; 
                        } 
                    }
                } 
                return this.publicKey;
            }
        }
 
        Object ThisLock
        { 
            get 
            {
                return thisLock; 
            }
        }

        public override byte[] DecryptKey(string algorithm, byte[] keyData) 
        {
            // We can decrypt key only if we have the private key in the certificate. 
            if (this.PrivateKey == null) 
            {
                throw  DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.MissingPrivateKey))); 
            }

            RSA rsa = this.PrivateKey as RSA;
            if (rsa == null) 
            {
                throw  DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.PrivateKeyNotRSA))); 
            } 

            // Support exchange keySpec, AT_EXCHANGE ? 
            if (rsa.KeyExchangeAlgorithm == null)
            {
                throw  DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.PrivateKeyExchangeNotSupported)));
            } 

            switch (algorithm) 
            { 
                case EncryptedXml.XmlEncRSA15Url:
                    return EncryptedXml.DecryptKey(keyData, rsa, false); 

                case EncryptedXml.XmlEncRSAOAEPUrl:
                    return EncryptedXml.DecryptKey(keyData, rsa, true);
 
                default:
                    throw  DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.UnsupportedCryptoAlgorithm, algorithm))); 
            } 
        }
 
        public override byte[] EncryptKey(string algorithm, byte[] keyData)
        {
            // Ensure that we have an RSA algorithm object
            RSA rsa = this.PublicKey.Key as RSA; 
            if (rsa == null)
            { 
                throw  DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.PublicKeyNotRSA))); 
            }
 
            switch (algorithm)
            {
                case EncryptedXml.XmlEncRSA15Url:
                    return EncryptedXml.EncryptKey(keyData, rsa, false); 

                case EncryptedXml.XmlEncRSAOAEPUrl: 
                    return EncryptedXml.EncryptKey(keyData, rsa, true); 

                default: 
                    throw  DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.UnsupportedCryptoAlgorithm, algorithm)));
            }
        }
 
        public override AsymmetricAlgorithm GetAsymmetricAlgorithm(string algorithm, bool privateKey)
        { 
            if (privateKey) 
            {
                if (this.PrivateKey == null) 
                {
                    throw  DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.MissingPrivateKey)));
                }
 
                switch (algorithm)
                { 
                    case SignedXml.XmlDsigDSAUrl: 
                        if ((this.PrivateKey as DSA) != null)
                        { 
                            return (this.PrivateKey as DSA);
                        }
                        throw  DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.AlgorithmAndPrivateKeyMisMatch)));
 
                    case SignedXml.XmlDsigRSASHA1Url:
                    case SecurityAlgorithms.RsaSha256Signature: 
                    case EncryptedXml.XmlEncRSA15Url: 
                    case EncryptedXml.XmlEncRSAOAEPUrl:
                        if ((this.PrivateKey as RSA) != null) 
                        {
                            return (this.PrivateKey as RSA);
                        }
                        throw  DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.AlgorithmAndPrivateKeyMisMatch))); 
                    default:
                        throw  DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.UnsupportedCryptoAlgorithm, algorithm))); 
                } 
            }
            else 
            {
                switch (algorithm)
                {
                    case SignedXml.XmlDsigDSAUrl: 
                        if ((this.PublicKey.Key as DSA) != null)
                        { 
                            return (this.PublicKey.Key as DSA); 
                        }
                        throw  DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.AlgorithmAndPublicKeyMisMatch))); 
                    case SignedXml.XmlDsigRSASHA1Url:
                    case SecurityAlgorithms.RsaSha256Signature:
                    case EncryptedXml.XmlEncRSA15Url:
                    case EncryptedXml.XmlEncRSAOAEPUrl: 
                        if ((this.PublicKey.Key as RSA) != null)
                        { 
                            return (this.PublicKey.Key as RSA); 
                        }
                        throw  DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.AlgorithmAndPublicKeyMisMatch))); 
                    default:
                        throw  DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.UnsupportedCryptoAlgorithm, algorithm)));
                }
            } 
        }
 
        public override HashAlgorithm GetHashAlgorithmForSignature(string algorithm) 
        {
            if (!this.IsSupportedAlgorithm(algorithm)) 
            {
                throw  DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.UnsupportedCryptoAlgorithm, algorithm)));
            }
 
            switch (algorithm)
            { 
                case SignedXml.XmlDsigDSAUrl: 
                case SignedXml.XmlDsigRSASHA1Url:
                    return CryptoHelper.NewSha1HashAlgorithm(); 
                case SecurityAlgorithms.RsaSha256Signature:
                    return CryptoHelper.NewSha256HashAlgorithm();
                default:
                    throw  DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.UnsupportedCryptoAlgorithm, algorithm))); 
            }
        } 
 
        public override AsymmetricSignatureDeformatter GetSignatureDeformatter(string algorithm)
        { 

            // We support one of the two algoritms, but not both.
            //     XmlDsigDSAUrl = "http://www.w3.org/2000/09/xmldsig#dsa-sha1";
            //     XmlDsigRSASHA1Url = "http://www.w3.org/2000/09/xmldsig#rsa-sha1"; 
            switch (algorithm)
            { 
                case SignedXml.XmlDsigDSAUrl: 

                    // Ensure that we have a DSA algorithm object. 
                    DSA dsa = (this.PublicKey.Key as DSA);
                    if (dsa == null)
                    {
                        throw  DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.PublicKeyNotDSA))); 
                    }
 
                    return new DSASignatureDeformatter(dsa); 

                case SignedXml.XmlDsigRSASHA1Url: 
                case SecurityAlgorithms.RsaSha256Signature:

                    // Ensure that we have an RSA algorithm object.
                    RSA rsa = (this.PublicKey.Key as RSA); 
                    if (rsa == null)
                    { 
                        throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.PublicKeyNotRSA))); 
                    }
 
                    return new RSAPKCS1SignatureDeformatter(rsa);

                default:
                    throw  DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.UnsupportedCryptoAlgorithm, algorithm))); 
            }
        } 
 
        public override AsymmetricSignatureFormatter GetSignatureFormatter(string algorithm)
        { 
            // One can sign only if the private key is present.
            if (this.PrivateKey == null)
            {
                throw  DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.MissingPrivateKey))); 
            }
 
            // We support one of the two algoritms, but not both. 
            //     XmlDsigDSAUrl = "http://www.w3.org/2000/09/xmldsig#dsa-sha1";
            //     XmlDsigRSASHA1Url = "http://www.w3.org/2000/09/xmldsig#rsa-sha1"; 
            switch (algorithm)
            {
                case SignedXml.XmlDsigDSAUrl:
 
                    // Ensure that we have a DSA algorithm object.
                    DSA dsa = (this.PrivateKey as DSA); 
                    if (dsa == null) 
                    {
                        throw  DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.PrivateKeyNotDSA))); 
                    }

                    return new DSASignatureFormatter(dsa);
 
                case SignedXml.XmlDsigRSASHA1Url:
                case SecurityAlgorithms.RsaSha256Signature: 
                    // Ensure that we have an RSA algorithm object. 
                    RSA rsa = (this.PrivateKey as RSA);
                    if (rsa == null) 
                    {
                        throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.PrivateKeyNotRSA)));
                    }
 
                    return new RSAPKCS1SignatureFormatter(rsa);
                default: 
                    throw  DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.UnsupportedCryptoAlgorithm, algorithm))); 
            }
        } 

        public override bool HasPrivateKey()
        {
            return (this.PrivateKey != null); 
        }
 
        public override bool IsAsymmetricAlgorithm(string algorithm) 
        {
            return (CryptoHelper.IsAsymmetricAlgorithm(algorithm)); 
        }

        public override bool IsSupportedAlgorithm(string algorithm)
        { 
            switch (algorithm)
            { 
                case SignedXml.XmlDsigDSAUrl: 
                    return (this.PublicKey.Key is DSA);
 
                case SignedXml.XmlDsigRSASHA1Url:
                case SecurityAlgorithms.RsaSha256Signature:
                case EncryptedXml.XmlEncRSA15Url:
                case EncryptedXml.XmlEncRSAOAEPUrl: 
                    return (this.PublicKey.Key is RSA);
 
                default: 
                    return false;
            } 
        }

        public override bool IsSymmetricAlgorithm(string algorithm)
        { 
            return CryptoHelper.IsSymmetricAlgorithm(algorithm);
        } 
    } 
}

// File provided for Reference Use Only by Microsoft Corporation (c) 2007.
// Copyright (c) Microsoft Corporation. All rights reserved.
                        

Link Menu

Network programming in C#, Network Programming in VB.NET, Network Programming in .NET
This book is available now!
Buy at Amazon US or
Buy at Amazon UK