Code:
/ WCF / WCF / 3.5.30729.1 / untmp / Orcas / SP / ndp / cdf / src / WCF / IdentityModel / System / IdentityModel / Tokens / X509AsymmetricSecurityKey.cs / 1 / X509AsymmetricSecurityKey.cs
//------------------------------------------------------------
// Copyright (c) Microsoft Corporation. All rights reserved.
//-----------------------------------------------------------
namespace System.IdentityModel.Tokens
{
using System.Security.Cryptography;
using System.Security.Cryptography.X509Certificates;
using System.Security.Cryptography.Xml;
public class X509AsymmetricSecurityKey : AsymmetricSecurityKey
{
X509Certificate2 certificate;
AsymmetricAlgorithm privateKey;
bool privateKeyAvailabilityDetermined;
PublicKey publicKey;
object thisLock = new Object();
public X509AsymmetricSecurityKey(X509Certificate2 certificate)
{
if (certificate == null)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("certificate");
this.certificate = certificate;
}
public override int KeySize
{
get { return this.PublicKey.Key.KeySize; }
}
AsymmetricAlgorithm PrivateKey
{
get
{
if (!this.privateKeyAvailabilityDetermined)
{
lock (ThisLock)
{
if (!this.privateKeyAvailabilityDetermined)
{
this.privateKey = this.certificate.PrivateKey;
this.privateKeyAvailabilityDetermined = true;
}
}
}
return this.privateKey;
}
}
PublicKey PublicKey
{
get
{
if (this.publicKey == null)
{
lock (ThisLock)
{
if (this.publicKey == null)
{
this.publicKey = this.certificate.PublicKey;
}
}
}
return this.publicKey;
}
}
Object ThisLock
{
get
{
return thisLock;
}
}
public override byte[] DecryptKey(string algorithm, byte[] keyData)
{
// We can decrypt key only if we have the private key in the certificate.
if (this.PrivateKey == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.MissingPrivateKey)));
}
RSA rsa = this.PrivateKey as RSA;
if (rsa == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.PrivateKeyNotRSA)));
}
// Support exchange keySpec, AT_EXCHANGE ?
if (rsa.KeyExchangeAlgorithm == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.PrivateKeyExchangeNotSupported)));
}
switch (algorithm)
{
case EncryptedXml.XmlEncRSA15Url:
return EncryptedXml.DecryptKey(keyData, rsa, false);
case EncryptedXml.XmlEncRSAOAEPUrl:
return EncryptedXml.DecryptKey(keyData, rsa, true);
default:
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.UnsupportedCryptoAlgorithm, algorithm)));
}
}
public override byte[] EncryptKey(string algorithm, byte[] keyData)
{
// Ensure that we have an RSA algorithm object
RSA rsa = this.PublicKey.Key as RSA;
if (rsa == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.PublicKeyNotRSA)));
}
switch (algorithm)
{
case EncryptedXml.XmlEncRSA15Url:
return EncryptedXml.EncryptKey(keyData, rsa, false);
case EncryptedXml.XmlEncRSAOAEPUrl:
return EncryptedXml.EncryptKey(keyData, rsa, true);
default:
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.UnsupportedCryptoAlgorithm, algorithm)));
}
}
public override AsymmetricAlgorithm GetAsymmetricAlgorithm(string algorithm, bool privateKey)
{
if (privateKey)
{
if (this.PrivateKey == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.MissingPrivateKey)));
}
switch (algorithm)
{
case SignedXml.XmlDsigDSAUrl:
if ((this.PrivateKey as DSA) != null)
{
return (this.PrivateKey as DSA);
}
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.AlgorithmAndPrivateKeyMisMatch)));
case SignedXml.XmlDsigRSASHA1Url:
case SecurityAlgorithms.RsaSha256Signature:
case EncryptedXml.XmlEncRSA15Url:
case EncryptedXml.XmlEncRSAOAEPUrl:
if ((this.PrivateKey as RSA) != null)
{
return (this.PrivateKey as RSA);
}
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.AlgorithmAndPrivateKeyMisMatch)));
default:
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.UnsupportedCryptoAlgorithm, algorithm)));
}
}
else
{
switch (algorithm)
{
case SignedXml.XmlDsigDSAUrl:
if ((this.PublicKey.Key as DSA) != null)
{
return (this.PublicKey.Key as DSA);
}
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.AlgorithmAndPublicKeyMisMatch)));
case SignedXml.XmlDsigRSASHA1Url:
case SecurityAlgorithms.RsaSha256Signature:
case EncryptedXml.XmlEncRSA15Url:
case EncryptedXml.XmlEncRSAOAEPUrl:
if ((this.PublicKey.Key as RSA) != null)
{
return (this.PublicKey.Key as RSA);
}
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.AlgorithmAndPublicKeyMisMatch)));
default:
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.UnsupportedCryptoAlgorithm, algorithm)));
}
}
}
public override HashAlgorithm GetHashAlgorithmForSignature(string algorithm)
{
if (!this.IsSupportedAlgorithm(algorithm))
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.UnsupportedCryptoAlgorithm, algorithm)));
}
switch (algorithm)
{
case SignedXml.XmlDsigDSAUrl:
case SignedXml.XmlDsigRSASHA1Url:
return CryptoHelper.NewSha1HashAlgorithm();
case SecurityAlgorithms.RsaSha256Signature:
return CryptoHelper.NewSha256HashAlgorithm();
default:
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.UnsupportedCryptoAlgorithm, algorithm)));
}
}
public override AsymmetricSignatureDeformatter GetSignatureDeformatter(string algorithm)
{
// We support one of the two algoritms, but not both.
// XmlDsigDSAUrl = "http://www.w3.org/2000/09/xmldsig#dsa-sha1";
// XmlDsigRSASHA1Url = "http://www.w3.org/2000/09/xmldsig#rsa-sha1";
switch (algorithm)
{
case SignedXml.XmlDsigDSAUrl:
// Ensure that we have a DSA algorithm object.
DSA dsa = (this.PublicKey.Key as DSA);
if (dsa == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.PublicKeyNotDSA)));
}
return new DSASignatureDeformatter(dsa);
case SignedXml.XmlDsigRSASHA1Url:
case SecurityAlgorithms.RsaSha256Signature:
// Ensure that we have an RSA algorithm object.
RSA rsa = (this.PublicKey.Key as RSA);
if (rsa == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.PublicKeyNotRSA)));
}
return new RSAPKCS1SignatureDeformatter(rsa);
default:
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.UnsupportedCryptoAlgorithm, algorithm)));
}
}
public override AsymmetricSignatureFormatter GetSignatureFormatter(string algorithm)
{
// One can sign only if the private key is present.
if (this.PrivateKey == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.MissingPrivateKey)));
}
// We support one of the two algoritms, but not both.
// XmlDsigDSAUrl = "http://www.w3.org/2000/09/xmldsig#dsa-sha1";
// XmlDsigRSASHA1Url = "http://www.w3.org/2000/09/xmldsig#rsa-sha1";
switch (algorithm)
{
case SignedXml.XmlDsigDSAUrl:
// Ensure that we have a DSA algorithm object.
DSA dsa = (this.PrivateKey as DSA);
if (dsa == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.PrivateKeyNotDSA)));
}
return new DSASignatureFormatter(dsa);
case SignedXml.XmlDsigRSASHA1Url:
case SecurityAlgorithms.RsaSha256Signature:
// Ensure that we have an RSA algorithm object.
RSA rsa = (this.PrivateKey as RSA);
if (rsa == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.PrivateKeyNotRSA)));
}
return new RSAPKCS1SignatureFormatter(rsa);
default:
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.UnsupportedCryptoAlgorithm, algorithm)));
}
}
public override bool HasPrivateKey()
{
return (this.PrivateKey != null);
}
public override bool IsAsymmetricAlgorithm(string algorithm)
{
return (CryptoHelper.IsAsymmetricAlgorithm(algorithm));
}
public override bool IsSupportedAlgorithm(string algorithm)
{
switch (algorithm)
{
case SignedXml.XmlDsigDSAUrl:
return (this.PublicKey.Key is DSA);
case SignedXml.XmlDsigRSASHA1Url:
case SecurityAlgorithms.RsaSha256Signature:
case EncryptedXml.XmlEncRSA15Url:
case EncryptedXml.XmlEncRSAOAEPUrl:
return (this.PublicKey.Key is RSA);
default:
return false;
}
}
public override bool IsSymmetricAlgorithm(string algorithm)
{
return CryptoHelper.IsSymmetricAlgorithm(algorithm);
}
}
}
// File provided for Reference Use Only by Microsoft Corporation (c) 2007.
// Copyright (c) Microsoft Corporation. All rights reserved.
Link Menu
This book is available now!
Buy at Amazon US or
Buy at Amazon UK
- NTAccount.cs
- QueryOptionExpression.cs
- SizeKeyFrameCollection.cs
- ManagedFilter.cs
- SimpleHandlerBuildProvider.cs
- XPathBuilder.cs
- RtfToken.cs
- SafeNativeMethodsMilCoreApi.cs
- CachedBitmap.cs
- FocusTracker.cs
- BasicHttpBinding.cs
- CultureTableRecord.cs
- InstanceValue.cs
- CryptoConfig.cs
- log.cs
- DrawingState.cs
- EncodingNLS.cs
- TabControlAutomationPeer.cs
- MethodRental.cs
- PathParser.cs
- pingexception.cs
- FileEnumerator.cs
- CustomAttributeFormatException.cs
- KeyInstance.cs
- RequestCachingSection.cs
- IdentityHolder.cs
- MeshGeometry3D.cs
- EventHandlers.cs
- XPathQilFactory.cs
- DataGridViewAdvancedBorderStyle.cs
- TextSelectionHighlightLayer.cs
- XmlILModule.cs
- EventLogger.cs
- FixedDocument.cs
- ReadOnlyCollection.cs
- LocalIdKeyIdentifierClause.cs
- EmptyStringExpandableObjectConverter.cs
- WebPartMovingEventArgs.cs
- InArgumentConverter.cs
- SqlCaseSimplifier.cs
- FixedSOMPage.cs
- QueryOutputWriterV1.cs
- PolyQuadraticBezierSegment.cs
- QueryAccessibilityHelpEvent.cs
- FontUnit.cs
- ExtendedPropertyDescriptor.cs
- ContextMenuStrip.cs
- ComplexType.cs
- _CookieModule.cs
- ConfigurationSectionGroupCollection.cs
- WebPartDeleteVerb.cs
- EdmMember.cs
- ConfigUtil.cs
- InvalidCastException.cs
- StickyNoteContentControl.cs
- CardSpacePolicyElement.cs
- UriScheme.cs
- OracleCommand.cs
- ISFTagAndGuidCache.cs
- SaveFileDialog.cs
- WebBrowserContainer.cs
- HttpConfigurationSystem.cs
- WebPartManagerInternals.cs
- Matrix3DConverter.cs
- EnumBuilder.cs
- PermissionAttributes.cs
- DataObjectEventArgs.cs
- ProcessModuleCollection.cs
- TextPointer.cs
- WebServiceMethodData.cs
- HostProtectionPermission.cs
- TransportContext.cs
- DataControlFieldHeaderCell.cs
- ArrayList.cs
- XmlQualifiedName.cs
- XmlILModule.cs
- DivideByZeroException.cs
- NetworkInformationException.cs
- DBSchemaRow.cs
- SecurityException.cs
- RadioButtonStandardAdapter.cs
- GroupBoxRenderer.cs
- PersonalizationStateInfo.cs
- HMAC.cs
- DataServiceConfiguration.cs
- XmlMtomWriter.cs
- WebPartVerbsEventArgs.cs
- QilScopedVisitor.cs
- SessionPageStateSection.cs
- XmlnsPrefixAttribute.cs
- SqlNodeAnnotations.cs
- Font.cs
- XmlValidatingReader.cs
- DbDataRecord.cs
- PolygonHotSpot.cs
- SafeNativeMethodsOther.cs
- ImageKeyConverter.cs
- BorderGapMaskConverter.cs
- XamlHostingSection.cs
- SplineKeyFrames.cs