Code:
/ WCF / WCF / 3.5.30729.1 / untmp / Orcas / SP / ndp / cdf / src / WCF / IdentityModel / System / IdentityModel / CryptoHelper.cs / 1 / CryptoHelper.cs
//------------------------------------------------------------ // Copyright (c) Microsoft Corporation. All rights reserved. //----------------------------------------------------------- namespace System.IdentityModel { using System.IdentityModel.Tokens; using System.Security.Cryptography; using System.Security.Cryptography.Xml; static class CryptoHelper { static byte[] emptyBuffer; static RandomNumberGenerator random; static Rijndael rijndael; static TripleDES tripleDES; internal static byte[] EmptyBuffer { get { if (emptyBuffer == null) { byte[] tmp = new byte[0]; emptyBuffer = tmp; } return emptyBuffer; } } static Rijndael Rijndael { get { if (rijndael == null) { Rijndael tmp = CryptoHelper.NewRijndaelSymmetricAlgorithm(); tmp.Padding = PaddingMode.ISO10126; rijndael = tmp; } return rijndael; } } static TripleDES TripleDES { get { if (tripleDES == null) { TripleDESCryptoServiceProvider tmp = new TripleDESCryptoServiceProvider(); tmp.Padding = PaddingMode.ISO10126; tripleDES = tmp; } return tripleDES; } } internal static RandomNumberGenerator RandomNumberGenerator { get { if (random == null) { random = new RNGCryptoServiceProvider(); } return random; } } internal static SHA1 NewSha1HashAlgorithm() { if (SecurityUtils.RequiresFipsCompliance) return new SHA1CryptoServiceProvider(); else return new SHA1Managed(); } internal static SHA256 NewSha256HashAlgorithm() { return new SHA256Managed(); } internal static KeyedHashAlgorithm NewHmacSha1KeyedHashAlgorithm(byte[] key) { return new HMACSHA1(key, !SecurityUtils.RequiresFipsCompliance); } internal static KeyedHashAlgorithm NewHmacSha256KeyedHashAlgorithm(byte[] key) { return new HMACSHA256(key); } internal static Rijndael NewRijndaelSymmetricAlgorithm() { return SecurityUtils.RequiresFipsCompliance ? (Rijndael)new RijndaelCryptoServiceProvider() : new RijndaelManaged(); } internal static ICryptoTransform CreateDecryptor(byte[] key, byte[] iv, string algorithm) { switch (algorithm) { case SecurityAlgorithms.TripleDesEncryption: return TripleDES.CreateDecryptor(key, iv); case SecurityAlgorithms.Aes128Encryption: case SecurityAlgorithms.Aes192Encryption: case SecurityAlgorithms.Aes256Encryption: return Rijndael.CreateDecryptor(key, iv); default: throw DiagnosticUtility.ExceptionUtility.ThrowHelperWarning(new InvalidOperationException(SR.GetString(SR.UnsupportedEncryptionAlgorithm, algorithm))); } } internal static ICryptoTransform CreateEncryptor(byte[] key, byte[] iv, string algorithm) { switch (algorithm) { case SecurityAlgorithms.TripleDesEncryption: return TripleDES.CreateEncryptor(key, iv); case SecurityAlgorithms.Aes128Encryption: case SecurityAlgorithms.Aes192Encryption: case SecurityAlgorithms.Aes256Encryption: return Rijndael.CreateEncryptor(key, iv); default: throw DiagnosticUtility.ExceptionUtility.ThrowHelperWarning(new InvalidOperationException(SR.GetString(SR.UnsupportedEncryptionAlgorithm, algorithm))); } } internal static HashAlgorithm CreateHashAlgorithm(string algorithm) { switch (algorithm) { case SecurityAlgorithms.Sha1Digest: return CryptoHelper.NewSha1HashAlgorithm(); case SecurityAlgorithms.Sha256Digest: return CryptoHelper.NewSha256HashAlgorithm(); default: throw DiagnosticUtility.ExceptionUtility.ThrowHelperWarning(new InvalidOperationException(SR.GetString(SR.UnsupportedCryptoAlgorithm, algorithm))); } } internal static KeyedHashAlgorithm CreateKeyedHashAlgorithm(byte[] key, string algorithm) { switch (algorithm) { case SecurityAlgorithms.HmacSha1Signature: return CryptoHelper.NewHmacSha1KeyedHashAlgorithm(key); case SecurityAlgorithms.HmacSha256Signature: return CryptoHelper.NewHmacSha256KeyedHashAlgorithm(key); default: throw DiagnosticUtility.ExceptionUtility.ThrowHelperWarning(new InvalidOperationException(SR.GetString(SR.UnsupportedEncryptionAlgorithm, algorithm))); } } internal static byte[] ComputeHash(byte[] buffer) { using (HashAlgorithm hasher = CryptoHelper.NewSha1HashAlgorithm()) { return hasher.ComputeHash(buffer); } } internal static byte[] GenerateDerivedKey(byte[] key, string algorithm, byte[] label, byte[] nonce, int derivedKeySize, int position) { if ((algorithm != SecurityAlgorithms.Psha1KeyDerivation) && (algorithm != SecurityAlgorithms.Psha1KeyDerivationDec2005)) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperWarning(new InvalidOperationException(SR.GetString(SR.UnsupportedKeyDerivationAlgorithm, algorithm))); } return new Psha1DerivedKeyGenerator(key).GenerateDerivedKey(label, nonce, derivedKeySize, position); } internal static int GetIVSize(string algorithm) { switch (algorithm) { case SecurityAlgorithms.TripleDesEncryption: return TripleDES.BlockSize; case SecurityAlgorithms.Aes128Encryption: case SecurityAlgorithms.Aes192Encryption: case SecurityAlgorithms.Aes256Encryption: return Rijndael.BlockSize; default: throw DiagnosticUtility.ExceptionUtility.ThrowHelperWarning(new InvalidOperationException(SR.GetString(SR.UnsupportedEncryptionAlgorithm, algorithm))); } } internal static SymmetricAlgorithm GetSymmetricAlgorithm(byte[] key, string algorithm) { SymmetricAlgorithm symmetricAlgorithm; switch (algorithm) { case SecurityAlgorithms.TripleDesEncryption: case SecurityAlgorithms.TripleDesKeyWrap: symmetricAlgorithm = new TripleDESCryptoServiceProvider(); break; case SecurityAlgorithms.Aes128Encryption: case SecurityAlgorithms.Aes192Encryption: case SecurityAlgorithms.Aes256Encryption: case SecurityAlgorithms.Aes128KeyWrap: case SecurityAlgorithms.Aes192KeyWrap: case SecurityAlgorithms.Aes256KeyWrap: symmetricAlgorithm = CryptoHelper.NewRijndaelSymmetricAlgorithm(); break; default: throw DiagnosticUtility.ExceptionUtility.ThrowHelperWarning(new InvalidOperationException(SR.GetString(SR.UnsupportedEncryptionAlgorithm, algorithm))); } symmetricAlgorithm.Key = key; return symmetricAlgorithm; } internal static bool IsAsymmetricAlgorithm(string algorithm) { switch (algorithm) { case SecurityAlgorithms.DsaSha1Signature: case SecurityAlgorithms.RsaSha1Signature: case SecurityAlgorithms.RsaSha256Signature: case SecurityAlgorithms.RsaOaepKeyWrap: case SecurityAlgorithms.RsaV15KeyWrap: return true; default: return false; } } internal static bool IsSymmetricAlgorithm(string algorithm) { switch (algorithm) { case SecurityAlgorithms.DsaSha1Signature: case SecurityAlgorithms.RsaSha1Signature: case SecurityAlgorithms.RsaSha256Signature: case SecurityAlgorithms.RsaOaepKeyWrap: case SecurityAlgorithms.RsaV15KeyWrap: return false; case SecurityAlgorithms.HmacSha1Signature: case SecurityAlgorithms.HmacSha256Signature: case SecurityAlgorithms.Aes128Encryption: case SecurityAlgorithms.Aes192Encryption: case SecurityAlgorithms.Aes256Encryption: case SecurityAlgorithms.TripleDesEncryption: case SecurityAlgorithms.Aes128KeyWrap: case SecurityAlgorithms.Aes192KeyWrap: case SecurityAlgorithms.Aes256KeyWrap: case SecurityAlgorithms.TripleDesKeyWrap: case SecurityAlgorithms.Psha1KeyDerivation: case SecurityAlgorithms.Psha1KeyDerivationDec2005: return true; default: return false; } } internal static bool IsSymmetricAlgorithm(string algorithm, int keySize) { switch (algorithm) { case SecurityAlgorithms.DsaSha1Signature: case SecurityAlgorithms.RsaSha1Signature: case SecurityAlgorithms.RsaSha256Signature: case SecurityAlgorithms.RsaOaepKeyWrap: case SecurityAlgorithms.RsaV15KeyWrap: return false; case SecurityAlgorithms.HmacSha1Signature: case SecurityAlgorithms.HmacSha256Signature: case SecurityAlgorithms.Psha1KeyDerivation: case SecurityAlgorithms.Psha1KeyDerivationDec2005: return true; case SecurityAlgorithms.Aes128Encryption: case SecurityAlgorithms.Aes128KeyWrap: return keySize == 128; case SecurityAlgorithms.Aes192Encryption: case SecurityAlgorithms.Aes192KeyWrap: return keySize == 192; case SecurityAlgorithms.Aes256Encryption: case SecurityAlgorithms.Aes256KeyWrap: return keySize == 256; case SecurityAlgorithms.TripleDesEncryption: case SecurityAlgorithms.TripleDesKeyWrap: return keySize == 128 || keySize == 192; default: return false; } } // We currently call the CLR APIs to do symmetric key wrap. // This ends up causing a triple cloning of the byte arrays. // However, the symmetric key wrap exists now primarily for // the feature completeness of cryptos and tokens. That is, // it is never encountered in any Indigo AuthenticationMode. // The performance of this should be reviewed if this gets hit // in any mainline scenario. internal static byte[] UnwrapKey(byte[] wrappingKey, byte[] wrappedKey, string algorithm) { SymmetricAlgorithm symmetricAlgorithm; switch (algorithm) { case SecurityAlgorithms.TripleDesKeyWrap: symmetricAlgorithm = new TripleDESCryptoServiceProvider(); break; case SecurityAlgorithms.Aes128KeyWrap: case SecurityAlgorithms.Aes192KeyWrap: case SecurityAlgorithms.Aes256KeyWrap: symmetricAlgorithm = CryptoHelper.NewRijndaelSymmetricAlgorithm(); break; default: throw DiagnosticUtility.ExceptionUtility.ThrowHelperWarning(new InvalidOperationException(SR.GetString(SR.UnsupportedKeyWrapAlgorithm, algorithm))); } using (symmetricAlgorithm) { symmetricAlgorithm.Key = wrappingKey; return EncryptedXml.DecryptKey(wrappedKey, symmetricAlgorithm); } } internal static byte[] WrapKey(byte[] wrappingKey, byte[] keyToBeWrapped, string algorithm) { SymmetricAlgorithm symmetricAlgorithm; switch (algorithm) { case SecurityAlgorithms.TripleDesKeyWrap: symmetricAlgorithm = new TripleDESCryptoServiceProvider(); break; case SecurityAlgorithms.Aes128KeyWrap: case SecurityAlgorithms.Aes192KeyWrap: case SecurityAlgorithms.Aes256KeyWrap: symmetricAlgorithm = CryptoHelper.NewRijndaelSymmetricAlgorithm(); break; default: throw DiagnosticUtility.ExceptionUtility.ThrowHelperWarning(new InvalidOperationException(SR.GetString(SR.UnsupportedKeyWrapAlgorithm, algorithm))); } using (symmetricAlgorithm) { symmetricAlgorithm.Key = wrappingKey; return EncryptedXml.EncryptKey(keyToBeWrapped, symmetricAlgorithm); } } internal static void ValidateBufferBounds(Array buffer, int offset, int count) { if (buffer == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("buffer")); } if (count < 0 || count > buffer.Length) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentOutOfRangeException("count", SR.GetString(SR.ValueMustBeInRange, 0, buffer.Length))); } if (offset < 0 || offset > buffer.Length - count) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentOutOfRangeException("offset", SR.GetString(SR.ValueMustBeInRange, 0, buffer.Length - count))); } } internal static bool IsEqual(byte[] a, byte[] b) { if (ReferenceEquals(a, b)) { return true; } if (a == null || b == null || a.Length != b.Length) { return false; } for (int i = 0; i < a.Length; i++) { if (a[i] != b[i]) { return false; } } return true; } } } // File provided for Reference Use Only by Microsoft Corporation (c) 2007. // Copyright (c) Microsoft Corporation. All rights reserved.
Link Menu
This book is available now!
Buy at Amazon US or
Buy at Amazon UK
- TokenBasedSetEnumerator.cs
- EntityContainer.cs
- DrawingContext.cs
- CompilerTypeWithParams.cs
- RadioButtonList.cs
- webproxy.cs
- HttpServerUtilityWrapper.cs
- ValueQuery.cs
- AppSettingsExpressionBuilder.cs
- ResourceWriter.cs
- SqlServer2KCompatibilityCheck.cs
- ReplyChannelBinder.cs
- BuiltInPermissionSets.cs
- GridView.cs
- MessageQueue.cs
- ExpressionValueEditor.cs
- SafeNativeMethodsCLR.cs
- IPGlobalProperties.cs
- TableRow.cs
- Operator.cs
- TableLayoutStyleCollection.cs
- SmtpCommands.cs
- JapaneseLunisolarCalendar.cs
- UserPreferenceChangedEventArgs.cs
- _CacheStreams.cs
- ToolStripContainer.cs
- MethodBuilder.cs
- InitializationEventAttribute.cs
- Base64Stream.cs
- CategoryNameCollection.cs
- EntityChangedParams.cs
- FormsAuthenticationUserCollection.cs
- ChildTable.cs
- UnsafeNativeMethodsMilCoreApi.cs
- EntryPointNotFoundException.cs
- Brushes.cs
- StorageEntitySetMapping.cs
- TextParagraphCache.cs
- DropSource.cs
- AttachedPropertyMethodSelector.cs
- SmiEventSink.cs
- SvcMapFileLoader.cs
- ToolboxDataAttribute.cs
- Track.cs
- TransformPatternIdentifiers.cs
- XamlBrushSerializer.cs
- EdmItemCollection.cs
- DriveInfo.cs
- SafeWaitHandle.cs
- JournalEntryStack.cs
- PersonalizationStateInfoCollection.cs
- Slider.cs
- FullTrustAssembly.cs
- _UncName.cs
- XmlSignificantWhitespace.cs
- StylusPointPropertyInfo.cs
- AxDesigner.cs
- DesignerForm.cs
- BitmapDecoder.cs
- ParserContext.cs
- CodeExpressionStatement.cs
- TextEditorSpelling.cs
- XmlException.cs
- SqlRemoveConstantOrderBy.cs
- WinInetCache.cs
- MetadataCollection.cs
- ObjectDataSourceFilteringEventArgs.cs
- DispatcherProcessingDisabled.cs
- BinaryFormatterWriter.cs
- WithStatement.cs
- String.cs
- filewebrequest.cs
- XmlNodeChangedEventManager.cs
- SqlDataSourceFilteringEventArgs.cs
- InteropTrackingRecord.cs
- SmtpReplyReaderFactory.cs
- PathTooLongException.cs
- MessageQueueConverter.cs
- FilterUserControlBase.cs
- EncodedStreamFactory.cs
- StackOverflowException.cs
- UntypedNullExpression.cs
- MobileTemplatedControlDesigner.cs
- ObjectListFieldsPage.cs
- BuiltInPermissionSets.cs
- Point4D.cs
- SafeNativeMethodsCLR.cs
- EngineSite.cs
- SchemaImporterExtensionElementCollection.cs
- Lasso.cs
- HandlerWithFactory.cs
- sqlstateclientmanager.cs
- UriTemplatePathPartiallyEquivalentSet.cs
- DynamicUpdateCommand.cs
- ApplicationDirectoryMembershipCondition.cs
- SqlHelper.cs
- externdll.cs
- SimpleWebHandlerParser.cs
- TraceUtils.cs
- DynamicRendererThreadManager.cs