Code:
/ WCF / WCF / 3.5.30729.1 / untmp / Orcas / SP / ndp / cdf / src / WCF / IdentityModel / System / IdentityModel / Tokens / X509AsymmetricSecurityKey.cs / 1 / X509AsymmetricSecurityKey.cs
//------------------------------------------------------------
// Copyright (c) Microsoft Corporation. All rights reserved.
//-----------------------------------------------------------
namespace System.IdentityModel.Tokens
{
using System.Security.Cryptography;
using System.Security.Cryptography.X509Certificates;
using System.Security.Cryptography.Xml;
public class X509AsymmetricSecurityKey : AsymmetricSecurityKey
{
X509Certificate2 certificate;
AsymmetricAlgorithm privateKey;
bool privateKeyAvailabilityDetermined;
PublicKey publicKey;
object thisLock = new Object();
public X509AsymmetricSecurityKey(X509Certificate2 certificate)
{
if (certificate == null)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("certificate");
this.certificate = certificate;
}
public override int KeySize
{
get { return this.PublicKey.Key.KeySize; }
}
AsymmetricAlgorithm PrivateKey
{
get
{
if (!this.privateKeyAvailabilityDetermined)
{
lock (ThisLock)
{
if (!this.privateKeyAvailabilityDetermined)
{
this.privateKey = this.certificate.PrivateKey;
this.privateKeyAvailabilityDetermined = true;
}
}
}
return this.privateKey;
}
}
PublicKey PublicKey
{
get
{
if (this.publicKey == null)
{
lock (ThisLock)
{
if (this.publicKey == null)
{
this.publicKey = this.certificate.PublicKey;
}
}
}
return this.publicKey;
}
}
Object ThisLock
{
get
{
return thisLock;
}
}
public override byte[] DecryptKey(string algorithm, byte[] keyData)
{
// We can decrypt key only if we have the private key in the certificate.
if (this.PrivateKey == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.MissingPrivateKey)));
}
RSA rsa = this.PrivateKey as RSA;
if (rsa == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.PrivateKeyNotRSA)));
}
// Support exchange keySpec, AT_EXCHANGE ?
if (rsa.KeyExchangeAlgorithm == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.PrivateKeyExchangeNotSupported)));
}
switch (algorithm)
{
case EncryptedXml.XmlEncRSA15Url:
return EncryptedXml.DecryptKey(keyData, rsa, false);
case EncryptedXml.XmlEncRSAOAEPUrl:
return EncryptedXml.DecryptKey(keyData, rsa, true);
default:
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.UnsupportedCryptoAlgorithm, algorithm)));
}
}
public override byte[] EncryptKey(string algorithm, byte[] keyData)
{
// Ensure that we have an RSA algorithm object
RSA rsa = this.PublicKey.Key as RSA;
if (rsa == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.PublicKeyNotRSA)));
}
switch (algorithm)
{
case EncryptedXml.XmlEncRSA15Url:
return EncryptedXml.EncryptKey(keyData, rsa, false);
case EncryptedXml.XmlEncRSAOAEPUrl:
return EncryptedXml.EncryptKey(keyData, rsa, true);
default:
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.UnsupportedCryptoAlgorithm, algorithm)));
}
}
public override AsymmetricAlgorithm GetAsymmetricAlgorithm(string algorithm, bool privateKey)
{
if (privateKey)
{
if (this.PrivateKey == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.MissingPrivateKey)));
}
switch (algorithm)
{
case SignedXml.XmlDsigDSAUrl:
if ((this.PrivateKey as DSA) != null)
{
return (this.PrivateKey as DSA);
}
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.AlgorithmAndPrivateKeyMisMatch)));
case SignedXml.XmlDsigRSASHA1Url:
case SecurityAlgorithms.RsaSha256Signature:
case EncryptedXml.XmlEncRSA15Url:
case EncryptedXml.XmlEncRSAOAEPUrl:
if ((this.PrivateKey as RSA) != null)
{
return (this.PrivateKey as RSA);
}
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.AlgorithmAndPrivateKeyMisMatch)));
default:
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.UnsupportedCryptoAlgorithm, algorithm)));
}
}
else
{
switch (algorithm)
{
case SignedXml.XmlDsigDSAUrl:
if ((this.PublicKey.Key as DSA) != null)
{
return (this.PublicKey.Key as DSA);
}
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.AlgorithmAndPublicKeyMisMatch)));
case SignedXml.XmlDsigRSASHA1Url:
case SecurityAlgorithms.RsaSha256Signature:
case EncryptedXml.XmlEncRSA15Url:
case EncryptedXml.XmlEncRSAOAEPUrl:
if ((this.PublicKey.Key as RSA) != null)
{
return (this.PublicKey.Key as RSA);
}
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.AlgorithmAndPublicKeyMisMatch)));
default:
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.UnsupportedCryptoAlgorithm, algorithm)));
}
}
}
public override HashAlgorithm GetHashAlgorithmForSignature(string algorithm)
{
if (!this.IsSupportedAlgorithm(algorithm))
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.UnsupportedCryptoAlgorithm, algorithm)));
}
switch (algorithm)
{
case SignedXml.XmlDsigDSAUrl:
case SignedXml.XmlDsigRSASHA1Url:
return CryptoHelper.NewSha1HashAlgorithm();
case SecurityAlgorithms.RsaSha256Signature:
return CryptoHelper.NewSha256HashAlgorithm();
default:
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.UnsupportedCryptoAlgorithm, algorithm)));
}
}
public override AsymmetricSignatureDeformatter GetSignatureDeformatter(string algorithm)
{
// We support one of the two algoritms, but not both.
// XmlDsigDSAUrl = "http://www.w3.org/2000/09/xmldsig#dsa-sha1";
// XmlDsigRSASHA1Url = "http://www.w3.org/2000/09/xmldsig#rsa-sha1";
switch (algorithm)
{
case SignedXml.XmlDsigDSAUrl:
// Ensure that we have a DSA algorithm object.
DSA dsa = (this.PublicKey.Key as DSA);
if (dsa == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.PublicKeyNotDSA)));
}
return new DSASignatureDeformatter(dsa);
case SignedXml.XmlDsigRSASHA1Url:
case SecurityAlgorithms.RsaSha256Signature:
// Ensure that we have an RSA algorithm object.
RSA rsa = (this.PublicKey.Key as RSA);
if (rsa == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.PublicKeyNotRSA)));
}
return new RSAPKCS1SignatureDeformatter(rsa);
default:
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.UnsupportedCryptoAlgorithm, algorithm)));
}
}
public override AsymmetricSignatureFormatter GetSignatureFormatter(string algorithm)
{
// One can sign only if the private key is present.
if (this.PrivateKey == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.MissingPrivateKey)));
}
// We support one of the two algoritms, but not both.
// XmlDsigDSAUrl = "http://www.w3.org/2000/09/xmldsig#dsa-sha1";
// XmlDsigRSASHA1Url = "http://www.w3.org/2000/09/xmldsig#rsa-sha1";
switch (algorithm)
{
case SignedXml.XmlDsigDSAUrl:
// Ensure that we have a DSA algorithm object.
DSA dsa = (this.PrivateKey as DSA);
if (dsa == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.PrivateKeyNotDSA)));
}
return new DSASignatureFormatter(dsa);
case SignedXml.XmlDsigRSASHA1Url:
case SecurityAlgorithms.RsaSha256Signature:
// Ensure that we have an RSA algorithm object.
RSA rsa = (this.PrivateKey as RSA);
if (rsa == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.PrivateKeyNotRSA)));
}
return new RSAPKCS1SignatureFormatter(rsa);
default:
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.UnsupportedCryptoAlgorithm, algorithm)));
}
}
public override bool HasPrivateKey()
{
return (this.PrivateKey != null);
}
public override bool IsAsymmetricAlgorithm(string algorithm)
{
return (CryptoHelper.IsAsymmetricAlgorithm(algorithm));
}
public override bool IsSupportedAlgorithm(string algorithm)
{
switch (algorithm)
{
case SignedXml.XmlDsigDSAUrl:
return (this.PublicKey.Key is DSA);
case SignedXml.XmlDsigRSASHA1Url:
case SecurityAlgorithms.RsaSha256Signature:
case EncryptedXml.XmlEncRSA15Url:
case EncryptedXml.XmlEncRSAOAEPUrl:
return (this.PublicKey.Key is RSA);
default:
return false;
}
}
public override bool IsSymmetricAlgorithm(string algorithm)
{
return CryptoHelper.IsSymmetricAlgorithm(algorithm);
}
}
}
// File provided for Reference Use Only by Microsoft Corporation (c) 2007.
// Copyright (c) Microsoft Corporation. All rights reserved.
Link Menu
This book is available now!
Buy at Amazon US or
Buy at Amazon UK
- FileDialogCustomPlacesCollection.cs
- TextTreeTextNode.cs
- XhtmlBasicLiteralTextAdapter.cs
- RegistryPermission.cs
- RedirectionProxy.cs
- XmlTypeMapping.cs
- DynamicRendererThreadManager.cs
- SoapMessage.cs
- TraceUtils.cs
- StringStorage.cs
- FormParameter.cs
- BooleanAnimationUsingKeyFrames.cs
- Convert.cs
- FormViewPageEventArgs.cs
- RoutedPropertyChangedEventArgs.cs
- Int32Rect.cs
- EastAsianLunisolarCalendar.cs
- WebConfigurationManager.cs
- EditorAttribute.cs
- BypassElementCollection.cs
- OletxVolatileEnlistment.cs
- ManipulationLogic.cs
- Point3DAnimationBase.cs
- DataBoundControl.cs
- IndexedString.cs
- DefaultAsyncDataDispatcher.cs
- OleDbDataAdapter.cs
- BitmapData.cs
- ButtonBaseAdapter.cs
- ZipPackagePart.cs
- RequiredAttributeAttribute.cs
- TrailingSpaceComparer.cs
- ServiceParser.cs
- EventLogHandle.cs
- activationcontext.cs
- Int32EqualityComparer.cs
- MeshGeometry3D.cs
- DateTimeSerializationSection.cs
- InkCanvasSelectionAdorner.cs
- Effect.cs
- ListViewCancelEventArgs.cs
- HashHelper.cs
- DropDownList.cs
- XmlArrayItemAttributes.cs
- UIElementAutomationPeer.cs
- KeyEvent.cs
- VScrollBar.cs
- ContextMenuAutomationPeer.cs
- DetailsViewUpdatedEventArgs.cs
- AttachmentService.cs
- BitmapEffect.cs
- CodeIdentifiers.cs
- WebGetAttribute.cs
- FilteredReadOnlyMetadataCollection.cs
- OleDbWrapper.cs
- DBSchemaTable.cs
- HttpListenerRequest.cs
- ExtendedPropertyDescriptor.cs
- KeyEventArgs.cs
- FloaterBaseParagraph.cs
- XmlTypeAttribute.cs
- CustomSignedXml.cs
- DataSpaceManager.cs
- HtmlElementErrorEventArgs.cs
- ToolTipService.cs
- TraceContextRecord.cs
- IdentityNotMappedException.cs
- ZoneIdentityPermission.cs
- MemberDescriptor.cs
- ProcessHostServerConfig.cs
- InputScopeManager.cs
- SqlErrorCollection.cs
- BCryptNative.cs
- CompiledRegexRunner.cs
- InvalidDataException.cs
- ToolStripControlHost.cs
- RemoteEndpointMessageProperty.cs
- GeneratedCodeAttribute.cs
- HttpModuleActionCollection.cs
- ThreadStateException.cs
- MetadataArtifactLoader.cs
- SystemIcmpV4Statistics.cs
- FormsAuthenticationModule.cs
- RedistVersionInfo.cs
- ProfileManager.cs
- BitmapSizeOptions.cs
- DbCommandTree.cs
- XmlNodeChangedEventArgs.cs
- DataGridCellClipboardEventArgs.cs
- WebDescriptionAttribute.cs
- WorkflowInlining.cs
- DataColumnCollection.cs
- OutputCacheSettings.cs
- WindowsAuthenticationEventArgs.cs
- CatalogPart.cs
- PointUtil.cs
- StrongName.cs
- WorkflowOwnerAsyncResult.cs
- Thread.cs
- FamilyMapCollection.cs