Code:
/ WCF / WCF / 3.5.30729.1 / untmp / Orcas / SP / ndp / cdf / src / WCF / infocard / Service / managed / Microsoft / InfoCards / EncryptionUtility.cs / 1 / EncryptionUtility.cs
//------------------------------------------------------------------------------ // Copyright (c) Microsoft Corporation. All rights reserved. //----------------------------------------------------------------------------- namespace Microsoft.InfoCards { using System; using System.IdentityModel.Selectors; using System.IdentityModel.Tokens; using System.ServiceModel.Security.Tokens; using System.ServiceModel; using System.ServiceModel.Security; using System.IO; using System.Security.Cryptography.X509Certificates; using System.Security.Cryptography.Xml; using System.Xml; using System.Security.Principal; using System.Security.Cryptography; using System.Text; using System.Globalization; using IDT = Microsoft.InfoCards.Diagnostics.InfoCardTrace; // // Summary // This class provides utility function to enable encryption of tokens // internal sealed class EncryptionUtility { private EncryptionUtility() { } // // Summary // Encrypt a security token // // Parameters // tokenToBeEncrypted - The security token that needs to be encrypted // cert - The certificate of the party to which the token is to be encrypted // encryptingAlgorithm - The algorithm to use for encryption // public static XmlElement EncryptSecurityToken( SecurityToken tokenToBeEncrypted, X509Certificate2 cert, string encryptingAlgorithm, string asymmetricKeyWrapAlgorithm, ProtocolProfile profile ) { // // create the stream for data to be encrypted // MemoryStream streamToBeEncrypted = new MemoryStream(); XmlDictionaryWriter writer = XmlDictionaryWriter.CreateDictionaryWriter( new XmlTextWriter( new StreamWriter( streamToBeEncrypted ) ) ); profile.TokenSerializer.WriteToken( writer, tokenToBeEncrypted ); writer.Flush(); streamToBeEncrypted.Seek( 0, SeekOrigin.Begin ); return EncryptToken( streamToBeEncrypted, cert, encryptingAlgorithm, asymmetricKeyWrapAlgorithm, profile ); } // // Summary // Encrypt a security token // // Parameters // elem - The security token element that needs to be encrypted // cert - The certificate of the party to which the token is to be encrypted // encryptingAlgorithm - The algorithm to use for encryption // keyWrapAlgorithm - Symmetric P ==> rasoaep. Asymmetric P ==> as specified // public static XmlElement EncryptSecurityToken( XmlElement elem, X509Certificate2 cert, string encryptingAlgorithm, string asymmetricKeyWrapAlgorithm, ProtocolProfile profile ) { // // create the stream for data to be encrypted // MemoryStream streamToBeEncrypted = new MemoryStream(); XmlDictionaryWriter writer = XmlDictionaryWriter.CreateDictionaryWriter( new XmlTextWriter( new StreamWriter( streamToBeEncrypted ) ) ); elem.WriteTo( writer ); writer.Flush(); streamToBeEncrypted.Seek( 0, SeekOrigin.Begin ); return EncryptToken( streamToBeEncrypted, cert, encryptingAlgorithm, asymmetricKeyWrapAlgorithm, profile ); } // // Summary // Encrypt a security token // // Parameters // streamToBeEncrypted - The security token stream that needs to be encrypted // cert - The certificate of the party to which the token is to be encrypted // encryptingAlgorithm - The algorithm to use for encryption // keyWrapAlgorithm - Symmetric P ==> rasoaep. Asymmetric P ==> as specified // private static XmlElement EncryptToken( MemoryStream streamToBeEncrypted, X509Certificate2 cert, string encryptingAlgorithm, string asymmetricKeyWrapAlgorithm, ProtocolProfile profile ) { IDT.TraceDebug( "Encrypting the security token" ); IDT.ThrowInvalidArgumentConditional( String.IsNullOrEmpty( encryptingAlgorithm ), "encryptingAlgorithm" ); IDT.ThrowInvalidArgumentConditional( null == cert, "cert" ); IDT.TraceDebug( "Encrypting issued token with {0} algorithm", encryptingAlgorithm ); IDT.TraceDebug( "Encrypting issued token with {0} certificate", cert.FriendlyName ); SecurityToken encryptingToken = new X509SecurityToken( cert, "id" ); SecurityAlgorithmSuite suite = SecurityAlgorithmSuite.Default; switch( encryptingAlgorithm ) { case SecurityAlgorithms.Aes128Encryption: suite = SecurityAlgorithmSuite.Basic128; break; case SecurityAlgorithms.Aes192Encryption: suite = SecurityAlgorithmSuite.Basic192; break; case SecurityAlgorithms.Aes256Encryption: suite = SecurityAlgorithmSuite.Basic256; break; case SecurityAlgorithms.TripleDesEncryption: suite = SecurityAlgorithmSuite.TripleDes; break; default: throw IDT.ThrowHelperError( new TokenCreationException( SR.GetString( SR.UnsupportedEncryptionAlgorithm, encryptingAlgorithm ) ) ); } // // create the keys to be used for encryption // SecurityKeyIdentifier encryptingKeyIdentifier = new SecurityKeyIdentifier( encryptingToken.CreateKeyIdentifierClause() ); int encryptedKeySize = suite.DefaultEncryptionKeyDerivationLength / 8; byte[ ] keyToWrap = new byte[ encryptedKeySize ]; RNGCryptoServiceProvider random = new RNGCryptoServiceProvider(); random.GetNonZeroBytes( keyToWrap ); WrappedKeySecurityToken wrappedKeyToken = new WrappedKeySecurityToken( string.Empty, keyToWrap, asymmetricKeyWrapAlgorithm, encryptingToken, encryptingKeyIdentifier ); SecurityKeyIdentifier keyIdentifier = new SecurityKeyIdentifier( new EncryptedKeyIdentifierClause( wrappedKeyToken.GetWrappedKey(), wrappedKeyToken.WrappingAlgorithm, wrappedKeyToken.WrappingTokenReference ) ); SymmetricSecurityKey encryptingCrypto = ( SymmetricSecurityKey )wrappedKeyToken.SecurityKeys[ 0 ]; // // Use the algorithm provided and encrypt the data // SymmetricAlgorithm algorithm = encryptingCrypto.GetSymmetricAlgorithm( encryptingAlgorithm ); EncryptedData encryptedData = new EncryptedData(); encryptedData.TokenSerializer = profile.TokenSerializer; encryptedData.KeyIdentifier = keyIdentifier; encryptedData.EncryptionMethod = encryptingAlgorithm; encryptedData.Type = EncryptedXml.XmlEncElementUrl; encryptedData.SetUpEncryption( algorithm, streamToBeEncrypted.GetBuffer(), 0, Convert.ToInt32( streamToBeEncrypted.Length ) ); // // write the encrypted data to a memory stream // IDT.TraceDebug( "Writing encrypted token to memory stream" ); MemoryStream encryptedStream = new MemoryStream(); XmlDictionaryWriter writer = XmlDictionaryWriter.CreateDictionaryWriter( new XmlTextWriter( new StreamWriter( encryptedStream ) ) ); encryptedData.WriteTo( writer ); writer.Flush(); encryptedStream.Seek( 0, SeekOrigin.Begin ); // // Create an XmlElement for the encrypted data // XmlDocument doc = new XmlDocument(); XmlElement tokenXml = ( XmlElement )doc.ReadNode( Utility.CreateReaderWithQuotas( encryptedStream ) ); Array.Clear( streamToBeEncrypted.GetBuffer(), 0, Convert.ToInt32( streamToBeEncrypted.Length ) ); Array.Clear( encryptedStream.GetBuffer(), 0, Convert.ToInt32( encryptedStream.Length ) ); streamToBeEncrypted.Close(); encryptedStream.Close(); return tokenXml; } } } // File provided for Reference Use Only by Microsoft Corporation (c) 2007. // Copyright (c) Microsoft Corporation. All rights reserved.
Link Menu
This book is available now!
Buy at Amazon US or
Buy at Amazon UK
- IndicFontClient.cs
- MarkupExtensionParser.cs
- SharedPerformanceCounter.cs
- MsmqEncryptionAlgorithm.cs
- DocumentEventArgs.cs
- Wildcard.cs
- FusionWrap.cs
- TypefaceCollection.cs
- MatrixAnimationUsingPath.cs
- HandlerBase.cs
- ColorConvertedBitmap.cs
- SchemaNotation.cs
- HtmlElement.cs
- StringKeyFrameCollection.cs
- Dispatcher.cs
- Models.cs
- KeyToListMap.cs
- SoapParser.cs
- TimeZoneInfo.cs
- Wrapper.cs
- XmlDataSourceView.cs
- WizardStepBase.cs
- InputDevice.cs
- DataGridRowsPresenter.cs
- SoapIgnoreAttribute.cs
- VScrollProperties.cs
- OleDbConnectionPoolGroupProviderInfo.cs
- PerformanceCounter.cs
- TypeForwardedFromAttribute.cs
- SQLByteStorage.cs
- InertiaTranslationBehavior.cs
- ActivationArguments.cs
- ContentType.cs
- BindingCollection.cs
- EntityCodeGenerator.cs
- ParserHooks.cs
- Enlistment.cs
- XmlSchemaComplexContentExtension.cs
- NumericUpDown.cs
- XpsFixedDocumentReaderWriter.cs
- LineBreak.cs
- NotifyIcon.cs
- CellLabel.cs
- ReadOnlyHierarchicalDataSource.cs
- TextRangeProviderWrapper.cs
- ImmutableAssemblyCacheEntry.cs
- InputScopeManager.cs
- CatchBlock.cs
- RTLAwareMessageBox.cs
- ApplicationFileParser.cs
- HttpModulesSection.cs
- RegexMatch.cs
- FileClassifier.cs
- PkcsMisc.cs
- BooleanAnimationUsingKeyFrames.cs
- TextBox.cs
- TypedLocationWrapper.cs
- DataGridRelationshipRow.cs
- SqlCachedBuffer.cs
- DataTrigger.cs
- TCEAdapterGenerator.cs
- SqlLiftIndependentRowExpressions.cs
- WmlValidationSummaryAdapter.cs
- PathGradientBrush.cs
- EncoderReplacementFallback.cs
- MemberHolder.cs
- StyleTypedPropertyAttribute.cs
- ISCIIEncoding.cs
- XmlEncodedRawTextWriter.cs
- AttachedPropertyBrowsableForChildrenAttribute.cs
- DateTimeFormatInfoScanner.cs
- GlyphingCache.cs
- ListManagerBindingsCollection.cs
- TitleStyle.cs
- UnsafeNativeMethods.cs
- HotSpotCollection.cs
- GB18030Encoding.cs
- IndependentAnimationStorage.cs
- BindingSource.cs
- Int32RectValueSerializer.cs
- PhysicalAddress.cs
- GeneratedContractType.cs
- CachedFontFace.cs
- CachedBitmap.cs
- ListViewAutomationPeer.cs
- WorkflowRuntimeElement.cs
- TimerElapsedEvenArgs.cs
- GradientStop.cs
- DbProviderFactoriesConfigurationHandler.cs
- DataGridViewTopRowAccessibleObject.cs
- StylusPointPropertyInfo.cs
- EllipticalNodeOperations.cs
- XmlTextReaderImpl.cs
- ItemList.cs
- Main.cs
- TiffBitmapEncoder.cs
- RequestUriProcessor.cs
- StorageSetMapping.cs
- RegexTree.cs
- oledbmetadatacollectionnames.cs