Code:
/ WCF / WCF / 3.5.30729.1 / untmp / Orcas / SP / ndp / cdf / src / WCF / IdentityModel / System / IdentityModel / Tokens / X509AsymmetricSecurityKey.cs / 1 / X509AsymmetricSecurityKey.cs
//------------------------------------------------------------
// Copyright (c) Microsoft Corporation. All rights reserved.
//-----------------------------------------------------------
namespace System.IdentityModel.Tokens
{
using System.Security.Cryptography;
using System.Security.Cryptography.X509Certificates;
using System.Security.Cryptography.Xml;
public class X509AsymmetricSecurityKey : AsymmetricSecurityKey
{
X509Certificate2 certificate;
AsymmetricAlgorithm privateKey;
bool privateKeyAvailabilityDetermined;
PublicKey publicKey;
object thisLock = new Object();
public X509AsymmetricSecurityKey(X509Certificate2 certificate)
{
if (certificate == null)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("certificate");
this.certificate = certificate;
}
public override int KeySize
{
get { return this.PublicKey.Key.KeySize; }
}
AsymmetricAlgorithm PrivateKey
{
get
{
if (!this.privateKeyAvailabilityDetermined)
{
lock (ThisLock)
{
if (!this.privateKeyAvailabilityDetermined)
{
this.privateKey = this.certificate.PrivateKey;
this.privateKeyAvailabilityDetermined = true;
}
}
}
return this.privateKey;
}
}
PublicKey PublicKey
{
get
{
if (this.publicKey == null)
{
lock (ThisLock)
{
if (this.publicKey == null)
{
this.publicKey = this.certificate.PublicKey;
}
}
}
return this.publicKey;
}
}
Object ThisLock
{
get
{
return thisLock;
}
}
public override byte[] DecryptKey(string algorithm, byte[] keyData)
{
// We can decrypt key only if we have the private key in the certificate.
if (this.PrivateKey == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.MissingPrivateKey)));
}
RSA rsa = this.PrivateKey as RSA;
if (rsa == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.PrivateKeyNotRSA)));
}
// Support exchange keySpec, AT_EXCHANGE ?
if (rsa.KeyExchangeAlgorithm == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.PrivateKeyExchangeNotSupported)));
}
switch (algorithm)
{
case EncryptedXml.XmlEncRSA15Url:
return EncryptedXml.DecryptKey(keyData, rsa, false);
case EncryptedXml.XmlEncRSAOAEPUrl:
return EncryptedXml.DecryptKey(keyData, rsa, true);
default:
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.UnsupportedCryptoAlgorithm, algorithm)));
}
}
public override byte[] EncryptKey(string algorithm, byte[] keyData)
{
// Ensure that we have an RSA algorithm object
RSA rsa = this.PublicKey.Key as RSA;
if (rsa == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.PublicKeyNotRSA)));
}
switch (algorithm)
{
case EncryptedXml.XmlEncRSA15Url:
return EncryptedXml.EncryptKey(keyData, rsa, false);
case EncryptedXml.XmlEncRSAOAEPUrl:
return EncryptedXml.EncryptKey(keyData, rsa, true);
default:
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.UnsupportedCryptoAlgorithm, algorithm)));
}
}
public override AsymmetricAlgorithm GetAsymmetricAlgorithm(string algorithm, bool privateKey)
{
if (privateKey)
{
if (this.PrivateKey == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.MissingPrivateKey)));
}
switch (algorithm)
{
case SignedXml.XmlDsigDSAUrl:
if ((this.PrivateKey as DSA) != null)
{
return (this.PrivateKey as DSA);
}
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.AlgorithmAndPrivateKeyMisMatch)));
case SignedXml.XmlDsigRSASHA1Url:
case SecurityAlgorithms.RsaSha256Signature:
case EncryptedXml.XmlEncRSA15Url:
case EncryptedXml.XmlEncRSAOAEPUrl:
if ((this.PrivateKey as RSA) != null)
{
return (this.PrivateKey as RSA);
}
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.AlgorithmAndPrivateKeyMisMatch)));
default:
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.UnsupportedCryptoAlgorithm, algorithm)));
}
}
else
{
switch (algorithm)
{
case SignedXml.XmlDsigDSAUrl:
if ((this.PublicKey.Key as DSA) != null)
{
return (this.PublicKey.Key as DSA);
}
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.AlgorithmAndPublicKeyMisMatch)));
case SignedXml.XmlDsigRSASHA1Url:
case SecurityAlgorithms.RsaSha256Signature:
case EncryptedXml.XmlEncRSA15Url:
case EncryptedXml.XmlEncRSAOAEPUrl:
if ((this.PublicKey.Key as RSA) != null)
{
return (this.PublicKey.Key as RSA);
}
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.AlgorithmAndPublicKeyMisMatch)));
default:
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.UnsupportedCryptoAlgorithm, algorithm)));
}
}
}
public override HashAlgorithm GetHashAlgorithmForSignature(string algorithm)
{
if (!this.IsSupportedAlgorithm(algorithm))
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.UnsupportedCryptoAlgorithm, algorithm)));
}
switch (algorithm)
{
case SignedXml.XmlDsigDSAUrl:
case SignedXml.XmlDsigRSASHA1Url:
return CryptoHelper.NewSha1HashAlgorithm();
case SecurityAlgorithms.RsaSha256Signature:
return CryptoHelper.NewSha256HashAlgorithm();
default:
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.UnsupportedCryptoAlgorithm, algorithm)));
}
}
public override AsymmetricSignatureDeformatter GetSignatureDeformatter(string algorithm)
{
// We support one of the two algoritms, but not both.
// XmlDsigDSAUrl = "http://www.w3.org/2000/09/xmldsig#dsa-sha1";
// XmlDsigRSASHA1Url = "http://www.w3.org/2000/09/xmldsig#rsa-sha1";
switch (algorithm)
{
case SignedXml.XmlDsigDSAUrl:
// Ensure that we have a DSA algorithm object.
DSA dsa = (this.PublicKey.Key as DSA);
if (dsa == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.PublicKeyNotDSA)));
}
return new DSASignatureDeformatter(dsa);
case SignedXml.XmlDsigRSASHA1Url:
case SecurityAlgorithms.RsaSha256Signature:
// Ensure that we have an RSA algorithm object.
RSA rsa = (this.PublicKey.Key as RSA);
if (rsa == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.PublicKeyNotRSA)));
}
return new RSAPKCS1SignatureDeformatter(rsa);
default:
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.UnsupportedCryptoAlgorithm, algorithm)));
}
}
public override AsymmetricSignatureFormatter GetSignatureFormatter(string algorithm)
{
// One can sign only if the private key is present.
if (this.PrivateKey == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.MissingPrivateKey)));
}
// We support one of the two algoritms, but not both.
// XmlDsigDSAUrl = "http://www.w3.org/2000/09/xmldsig#dsa-sha1";
// XmlDsigRSASHA1Url = "http://www.w3.org/2000/09/xmldsig#rsa-sha1";
switch (algorithm)
{
case SignedXml.XmlDsigDSAUrl:
// Ensure that we have a DSA algorithm object.
DSA dsa = (this.PrivateKey as DSA);
if (dsa == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.PrivateKeyNotDSA)));
}
return new DSASignatureFormatter(dsa);
case SignedXml.XmlDsigRSASHA1Url:
case SecurityAlgorithms.RsaSha256Signature:
// Ensure that we have an RSA algorithm object.
RSA rsa = (this.PrivateKey as RSA);
if (rsa == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.PrivateKeyNotRSA)));
}
return new RSAPKCS1SignatureFormatter(rsa);
default:
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.UnsupportedCryptoAlgorithm, algorithm)));
}
}
public override bool HasPrivateKey()
{
return (this.PrivateKey != null);
}
public override bool IsAsymmetricAlgorithm(string algorithm)
{
return (CryptoHelper.IsAsymmetricAlgorithm(algorithm));
}
public override bool IsSupportedAlgorithm(string algorithm)
{
switch (algorithm)
{
case SignedXml.XmlDsigDSAUrl:
return (this.PublicKey.Key is DSA);
case SignedXml.XmlDsigRSASHA1Url:
case SecurityAlgorithms.RsaSha256Signature:
case EncryptedXml.XmlEncRSA15Url:
case EncryptedXml.XmlEncRSAOAEPUrl:
return (this.PublicKey.Key is RSA);
default:
return false;
}
}
public override bool IsSymmetricAlgorithm(string algorithm)
{
return CryptoHelper.IsSymmetricAlgorithm(algorithm);
}
}
}
// File provided for Reference Use Only by Microsoft Corporation (c) 2007.
// Copyright (c) Microsoft Corporation. All rights reserved.
Link Menu
This book is available now!
Buy at Amazon US or
Buy at Amazon UK
- OpCodes.cs
- BrowserCapabilitiesCodeGenerator.cs
- RestHandler.cs
- ApplicationInfo.cs
- AutoGeneratedFieldProperties.cs
- PolicyManager.cs
- LoginViewDesigner.cs
- RichTextBox.cs
- DecoderFallbackWithFailureFlag.cs
- NeutralResourcesLanguageAttribute.cs
- SoundPlayerAction.cs
- SizeF.cs
- DataSvcMapFileSerializer.cs
- ExtendedTransformFactory.cs
- _UriTypeConverter.cs
- Identity.cs
- Int64AnimationBase.cs
- XmlSchemaDocumentation.cs
- DnsPermission.cs
- PageRequestManager.cs
- PerformanceCounterLib.cs
- DesignBinding.cs
- Executor.cs
- PropertyPath.cs
- DocumentGrid.cs
- DesignTimeTemplateParser.cs
- DatePicker.cs
- DateTimeOffset.cs
- LoginDesignerUtil.cs
- DetailsViewPagerRow.cs
- WebDescriptionAttribute.cs
- ControlCodeDomSerializer.cs
- RootBrowserWindow.cs
- CacheSection.cs
- Peer.cs
- XmlSchemaInfo.cs
- BasicAsyncResult.cs
- DataGridrowEditEndingEventArgs.cs
- ProjectedSlot.cs
- SqlCachedBuffer.cs
- ToolStripScrollButton.cs
- FixedDocument.cs
- InfoCardSymmetricCrypto.cs
- MultipartContentParser.cs
- HttpNamespaceReservationInstallComponent.cs
- StandardToolWindows.cs
- DataGridViewCheckBoxCell.cs
- RuntimeHelpers.cs
- TypeListConverter.cs
- FileDialogPermission.cs
- XmlRootAttribute.cs
- TextureBrush.cs
- BaseAsyncResult.cs
- UriTemplateDispatchFormatter.cs
- PageCatalogPart.cs
- ProxyWebPartConnectionCollection.cs
- XPathSelectionIterator.cs
- UDPClient.cs
- MSHTMLHost.cs
- ActiveXMessageFormatter.cs
- safesecurityhelperavalon.cs
- Evidence.cs
- HttpsTransportElement.cs
- RoutedEventHandlerInfo.cs
- GroupBoxRenderer.cs
- SizeConverter.cs
- unitconverter.cs
- ServerTooBusyException.cs
- BaseTemplateParser.cs
- HttpModuleAction.cs
- ObjectToken.cs
- PropertyAccessVisitor.cs
- WorkerRequest.cs
- DuplicateWaitObjectException.cs
- Parameter.cs
- WebZone.cs
- Storyboard.cs
- XmlUtf8RawTextWriter.cs
- AttachedPropertyBrowsableAttribute.cs
- FileEnumerator.cs
- TabPage.cs
- SystemInfo.cs
- XPathScanner.cs
- SingleKeyFrameCollection.cs
- SoapElementAttribute.cs
- ParenExpr.cs
- XslAstAnalyzer.cs
- RegularExpressionValidator.cs
- XmlElementElement.cs
- Bold.cs
- DataGridViewComboBoxColumn.cs
- TextDecoration.cs
- DbProviderFactoriesConfigurationHandler.cs
- LoadRetryAsyncResult.cs
- BooleanSwitch.cs
- RSAProtectedConfigurationProvider.cs
- SingleAnimationBase.cs
- XamlInt32CollectionSerializer.cs
- RijndaelManaged.cs
- SmtpAuthenticationManager.cs