Code:
/ WCF / WCF / 3.5.30729.1 / untmp / Orcas / SP / ndp / cdf / src / WCF / infocard / Service / managed / Microsoft / InfoCards / EncryptionUtility.cs / 1 / EncryptionUtility.cs
//------------------------------------------------------------------------------ // Copyright (c) Microsoft Corporation. All rights reserved. //----------------------------------------------------------------------------- namespace Microsoft.InfoCards { using System; using System.IdentityModel.Selectors; using System.IdentityModel.Tokens; using System.ServiceModel.Security.Tokens; using System.ServiceModel; using System.ServiceModel.Security; using System.IO; using System.Security.Cryptography.X509Certificates; using System.Security.Cryptography.Xml; using System.Xml; using System.Security.Principal; using System.Security.Cryptography; using System.Text; using System.Globalization; using IDT = Microsoft.InfoCards.Diagnostics.InfoCardTrace; // // Summary // This class provides utility function to enable encryption of tokens // internal sealed class EncryptionUtility { private EncryptionUtility() { } // // Summary // Encrypt a security token // // Parameters // tokenToBeEncrypted - The security token that needs to be encrypted // cert - The certificate of the party to which the token is to be encrypted // encryptingAlgorithm - The algorithm to use for encryption // public static XmlElement EncryptSecurityToken( SecurityToken tokenToBeEncrypted, X509Certificate2 cert, string encryptingAlgorithm, string asymmetricKeyWrapAlgorithm, ProtocolProfile profile ) { // // create the stream for data to be encrypted // MemoryStream streamToBeEncrypted = new MemoryStream(); XmlDictionaryWriter writer = XmlDictionaryWriter.CreateDictionaryWriter( new XmlTextWriter( new StreamWriter( streamToBeEncrypted ) ) ); profile.TokenSerializer.WriteToken( writer, tokenToBeEncrypted ); writer.Flush(); streamToBeEncrypted.Seek( 0, SeekOrigin.Begin ); return EncryptToken( streamToBeEncrypted, cert, encryptingAlgorithm, asymmetricKeyWrapAlgorithm, profile ); } // // Summary // Encrypt a security token // // Parameters // elem - The security token element that needs to be encrypted // cert - The certificate of the party to which the token is to be encrypted // encryptingAlgorithm - The algorithm to use for encryption // keyWrapAlgorithm - Symmetric P ==> rasoaep. Asymmetric P ==> as specified // public static XmlElement EncryptSecurityToken( XmlElement elem, X509Certificate2 cert, string encryptingAlgorithm, string asymmetricKeyWrapAlgorithm, ProtocolProfile profile ) { // // create the stream for data to be encrypted // MemoryStream streamToBeEncrypted = new MemoryStream(); XmlDictionaryWriter writer = XmlDictionaryWriter.CreateDictionaryWriter( new XmlTextWriter( new StreamWriter( streamToBeEncrypted ) ) ); elem.WriteTo( writer ); writer.Flush(); streamToBeEncrypted.Seek( 0, SeekOrigin.Begin ); return EncryptToken( streamToBeEncrypted, cert, encryptingAlgorithm, asymmetricKeyWrapAlgorithm, profile ); } // // Summary // Encrypt a security token // // Parameters // streamToBeEncrypted - The security token stream that needs to be encrypted // cert - The certificate of the party to which the token is to be encrypted // encryptingAlgorithm - The algorithm to use for encryption // keyWrapAlgorithm - Symmetric P ==> rasoaep. Asymmetric P ==> as specified // private static XmlElement EncryptToken( MemoryStream streamToBeEncrypted, X509Certificate2 cert, string encryptingAlgorithm, string asymmetricKeyWrapAlgorithm, ProtocolProfile profile ) { IDT.TraceDebug( "Encrypting the security token" ); IDT.ThrowInvalidArgumentConditional( String.IsNullOrEmpty( encryptingAlgorithm ), "encryptingAlgorithm" ); IDT.ThrowInvalidArgumentConditional( null == cert, "cert" ); IDT.TraceDebug( "Encrypting issued token with {0} algorithm", encryptingAlgorithm ); IDT.TraceDebug( "Encrypting issued token with {0} certificate", cert.FriendlyName ); SecurityToken encryptingToken = new X509SecurityToken( cert, "id" ); SecurityAlgorithmSuite suite = SecurityAlgorithmSuite.Default; switch( encryptingAlgorithm ) { case SecurityAlgorithms.Aes128Encryption: suite = SecurityAlgorithmSuite.Basic128; break; case SecurityAlgorithms.Aes192Encryption: suite = SecurityAlgorithmSuite.Basic192; break; case SecurityAlgorithms.Aes256Encryption: suite = SecurityAlgorithmSuite.Basic256; break; case SecurityAlgorithms.TripleDesEncryption: suite = SecurityAlgorithmSuite.TripleDes; break; default: throw IDT.ThrowHelperError( new TokenCreationException( SR.GetString( SR.UnsupportedEncryptionAlgorithm, encryptingAlgorithm ) ) ); } // // create the keys to be used for encryption // SecurityKeyIdentifier encryptingKeyIdentifier = new SecurityKeyIdentifier( encryptingToken.CreateKeyIdentifierClause() ); int encryptedKeySize = suite.DefaultEncryptionKeyDerivationLength / 8; byte[ ] keyToWrap = new byte[ encryptedKeySize ]; RNGCryptoServiceProvider random = new RNGCryptoServiceProvider(); random.GetNonZeroBytes( keyToWrap ); WrappedKeySecurityToken wrappedKeyToken = new WrappedKeySecurityToken( string.Empty, keyToWrap, asymmetricKeyWrapAlgorithm, encryptingToken, encryptingKeyIdentifier ); SecurityKeyIdentifier keyIdentifier = new SecurityKeyIdentifier( new EncryptedKeyIdentifierClause( wrappedKeyToken.GetWrappedKey(), wrappedKeyToken.WrappingAlgorithm, wrappedKeyToken.WrappingTokenReference ) ); SymmetricSecurityKey encryptingCrypto = ( SymmetricSecurityKey )wrappedKeyToken.SecurityKeys[ 0 ]; // // Use the algorithm provided and encrypt the data // SymmetricAlgorithm algorithm = encryptingCrypto.GetSymmetricAlgorithm( encryptingAlgorithm ); EncryptedData encryptedData = new EncryptedData(); encryptedData.TokenSerializer = profile.TokenSerializer; encryptedData.KeyIdentifier = keyIdentifier; encryptedData.EncryptionMethod = encryptingAlgorithm; encryptedData.Type = EncryptedXml.XmlEncElementUrl; encryptedData.SetUpEncryption( algorithm, streamToBeEncrypted.GetBuffer(), 0, Convert.ToInt32( streamToBeEncrypted.Length ) ); // // write the encrypted data to a memory stream // IDT.TraceDebug( "Writing encrypted token to memory stream" ); MemoryStream encryptedStream = new MemoryStream(); XmlDictionaryWriter writer = XmlDictionaryWriter.CreateDictionaryWriter( new XmlTextWriter( new StreamWriter( encryptedStream ) ) ); encryptedData.WriteTo( writer ); writer.Flush(); encryptedStream.Seek( 0, SeekOrigin.Begin ); // // Create an XmlElement for the encrypted data // XmlDocument doc = new XmlDocument(); XmlElement tokenXml = ( XmlElement )doc.ReadNode( Utility.CreateReaderWithQuotas( encryptedStream ) ); Array.Clear( streamToBeEncrypted.GetBuffer(), 0, Convert.ToInt32( streamToBeEncrypted.Length ) ); Array.Clear( encryptedStream.GetBuffer(), 0, Convert.ToInt32( encryptedStream.Length ) ); streamToBeEncrypted.Close(); encryptedStream.Close(); return tokenXml; } } } // File provided for Reference Use Only by Microsoft Corporation (c) 2007. // Copyright (c) Microsoft Corporation. All rights reserved.
Link Menu
This book is available now!
Buy at Amazon US or
Buy at Amazon UK
- ThousandthOfEmRealPoints.cs
- HttpMethodAttribute.cs
- SchemaNotation.cs
- GeometryConverter.cs
- CheckableControlBaseAdapter.cs
- FrameworkContentElementAutomationPeer.cs
- InputBindingCollection.cs
- CodePageEncoding.cs
- DataGridViewCellContextMenuStripNeededEventArgs.cs
- storepermission.cs
- Line.cs
- ToolStripStatusLabel.cs
- InplaceBitmapMetadataWriter.cs
- ComplexObject.cs
- SoapMessage.cs
- FormViewDeletedEventArgs.cs
- PersonalizationAdministration.cs
- MDIWindowDialog.cs
- RuleInfoComparer.cs
- VisualStateGroup.cs
- SqlDataAdapter.cs
- EdmToObjectNamespaceMap.cs
- EncryptedReference.cs
- FileVersion.cs
- PeerUnsafeNativeMethods.cs
- DataGridViewBand.cs
- EntityDataSourceContainerNameConverter.cs
- _NestedMultipleAsyncResult.cs
- ArgumentDirectionHelper.cs
- ISO2022Encoding.cs
- MenuBindingsEditorForm.cs
- WebServicesDescriptionAttribute.cs
- RowTypePropertyElement.cs
- TracingConnectionListener.cs
- InkPresenter.cs
- HttpCookie.cs
- MarkupExtensionReturnTypeAttribute.cs
- MaskInputRejectedEventArgs.cs
- DataListComponentEditor.cs
- DataGridViewCellToolTipTextNeededEventArgs.cs
- XmlSerializerNamespaces.cs
- Publisher.cs
- Brushes.cs
- MetadataItemSerializer.cs
- DescendantBaseQuery.cs
- UriTemplatePathSegment.cs
- XmlTextReaderImplHelpers.cs
- ItemAutomationPeer.cs
- ActiveXSite.cs
- XPathException.cs
- ResourceBinder.cs
- MyContact.cs
- ProcessStartInfo.cs
- BamlTreeMap.cs
- Timeline.cs
- InputElement.cs
- DrawingGroup.cs
- HwndSourceParameters.cs
- PropertyKey.cs
- Rotation3D.cs
- SmiMetaDataProperty.cs
- FixedPage.cs
- XPathSelfQuery.cs
- PointLightBase.cs
- IisTraceWebEventProvider.cs
- UInt32.cs
- WebBrowserPermission.cs
- CustomSignedXml.cs
- FormViewUpdatedEventArgs.cs
- CodeDomSerializationProvider.cs
- SiteOfOriginContainer.cs
- SatelliteContractVersionAttribute.cs
- ISAPIWorkerRequest.cs
- StringSource.cs
- SystemBrushes.cs
- CompilerResults.cs
- MD5.cs
- AssemblyAttributes.cs
- SqlBuilder.cs
- DelegatingMessage.cs
- PageHandlerFactory.cs
- TraceHwndHost.cs
- GridEntryCollection.cs
- MaskedTextBox.cs
- DataGridViewComboBoxEditingControl.cs
- WeakEventManager.cs
- PostBackOptions.cs
- PrimitiveXmlSerializers.cs
- ContainerParaClient.cs
- HeaderElement.cs
- PolyQuadraticBezierSegment.cs
- FormViewRow.cs
- PassportAuthentication.cs
- XmlSchemaComplexContentRestriction.cs
- PreloadedPackages.cs
- DataGridViewCellMouseEventArgs.cs
- AdapterUtil.cs
- RestClientProxyHandler.cs
- SystemEvents.cs
- IconConverter.cs