Code:
/ WCF / WCF / 3.5.30729.1 / untmp / Orcas / SP / ndp / cdf / src / WCF / infocard / Service / managed / Microsoft / InfoCards / EncryptionUtility.cs / 1 / EncryptionUtility.cs
//------------------------------------------------------------------------------ // Copyright (c) Microsoft Corporation. All rights reserved. //----------------------------------------------------------------------------- namespace Microsoft.InfoCards { using System; using System.IdentityModel.Selectors; using System.IdentityModel.Tokens; using System.ServiceModel.Security.Tokens; using System.ServiceModel; using System.ServiceModel.Security; using System.IO; using System.Security.Cryptography.X509Certificates; using System.Security.Cryptography.Xml; using System.Xml; using System.Security.Principal; using System.Security.Cryptography; using System.Text; using System.Globalization; using IDT = Microsoft.InfoCards.Diagnostics.InfoCardTrace; // // Summary // This class provides utility function to enable encryption of tokens // internal sealed class EncryptionUtility { private EncryptionUtility() { } // // Summary // Encrypt a security token // // Parameters // tokenToBeEncrypted - The security token that needs to be encrypted // cert - The certificate of the party to which the token is to be encrypted // encryptingAlgorithm - The algorithm to use for encryption // public static XmlElement EncryptSecurityToken( SecurityToken tokenToBeEncrypted, X509Certificate2 cert, string encryptingAlgorithm, string asymmetricKeyWrapAlgorithm, ProtocolProfile profile ) { // // create the stream for data to be encrypted // MemoryStream streamToBeEncrypted = new MemoryStream(); XmlDictionaryWriter writer = XmlDictionaryWriter.CreateDictionaryWriter( new XmlTextWriter( new StreamWriter( streamToBeEncrypted ) ) ); profile.TokenSerializer.WriteToken( writer, tokenToBeEncrypted ); writer.Flush(); streamToBeEncrypted.Seek( 0, SeekOrigin.Begin ); return EncryptToken( streamToBeEncrypted, cert, encryptingAlgorithm, asymmetricKeyWrapAlgorithm, profile ); } // // Summary // Encrypt a security token // // Parameters // elem - The security token element that needs to be encrypted // cert - The certificate of the party to which the token is to be encrypted // encryptingAlgorithm - The algorithm to use for encryption // keyWrapAlgorithm - Symmetric P ==> rasoaep. Asymmetric P ==> as specified // public static XmlElement EncryptSecurityToken( XmlElement elem, X509Certificate2 cert, string encryptingAlgorithm, string asymmetricKeyWrapAlgorithm, ProtocolProfile profile ) { // // create the stream for data to be encrypted // MemoryStream streamToBeEncrypted = new MemoryStream(); XmlDictionaryWriter writer = XmlDictionaryWriter.CreateDictionaryWriter( new XmlTextWriter( new StreamWriter( streamToBeEncrypted ) ) ); elem.WriteTo( writer ); writer.Flush(); streamToBeEncrypted.Seek( 0, SeekOrigin.Begin ); return EncryptToken( streamToBeEncrypted, cert, encryptingAlgorithm, asymmetricKeyWrapAlgorithm, profile ); } // // Summary // Encrypt a security token // // Parameters // streamToBeEncrypted - The security token stream that needs to be encrypted // cert - The certificate of the party to which the token is to be encrypted // encryptingAlgorithm - The algorithm to use for encryption // keyWrapAlgorithm - Symmetric P ==> rasoaep. Asymmetric P ==> as specified // private static XmlElement EncryptToken( MemoryStream streamToBeEncrypted, X509Certificate2 cert, string encryptingAlgorithm, string asymmetricKeyWrapAlgorithm, ProtocolProfile profile ) { IDT.TraceDebug( "Encrypting the security token" ); IDT.ThrowInvalidArgumentConditional( String.IsNullOrEmpty( encryptingAlgorithm ), "encryptingAlgorithm" ); IDT.ThrowInvalidArgumentConditional( null == cert, "cert" ); IDT.TraceDebug( "Encrypting issued token with {0} algorithm", encryptingAlgorithm ); IDT.TraceDebug( "Encrypting issued token with {0} certificate", cert.FriendlyName ); SecurityToken encryptingToken = new X509SecurityToken( cert, "id" ); SecurityAlgorithmSuite suite = SecurityAlgorithmSuite.Default; switch( encryptingAlgorithm ) { case SecurityAlgorithms.Aes128Encryption: suite = SecurityAlgorithmSuite.Basic128; break; case SecurityAlgorithms.Aes192Encryption: suite = SecurityAlgorithmSuite.Basic192; break; case SecurityAlgorithms.Aes256Encryption: suite = SecurityAlgorithmSuite.Basic256; break; case SecurityAlgorithms.TripleDesEncryption: suite = SecurityAlgorithmSuite.TripleDes; break; default: throw IDT.ThrowHelperError( new TokenCreationException( SR.GetString( SR.UnsupportedEncryptionAlgorithm, encryptingAlgorithm ) ) ); } // // create the keys to be used for encryption // SecurityKeyIdentifier encryptingKeyIdentifier = new SecurityKeyIdentifier( encryptingToken.CreateKeyIdentifierClause() ); int encryptedKeySize = suite.DefaultEncryptionKeyDerivationLength / 8; byte[ ] keyToWrap = new byte[ encryptedKeySize ]; RNGCryptoServiceProvider random = new RNGCryptoServiceProvider(); random.GetNonZeroBytes( keyToWrap ); WrappedKeySecurityToken wrappedKeyToken = new WrappedKeySecurityToken( string.Empty, keyToWrap, asymmetricKeyWrapAlgorithm, encryptingToken, encryptingKeyIdentifier ); SecurityKeyIdentifier keyIdentifier = new SecurityKeyIdentifier( new EncryptedKeyIdentifierClause( wrappedKeyToken.GetWrappedKey(), wrappedKeyToken.WrappingAlgorithm, wrappedKeyToken.WrappingTokenReference ) ); SymmetricSecurityKey encryptingCrypto = ( SymmetricSecurityKey )wrappedKeyToken.SecurityKeys[ 0 ]; // // Use the algorithm provided and encrypt the data // SymmetricAlgorithm algorithm = encryptingCrypto.GetSymmetricAlgorithm( encryptingAlgorithm ); EncryptedData encryptedData = new EncryptedData(); encryptedData.TokenSerializer = profile.TokenSerializer; encryptedData.KeyIdentifier = keyIdentifier; encryptedData.EncryptionMethod = encryptingAlgorithm; encryptedData.Type = EncryptedXml.XmlEncElementUrl; encryptedData.SetUpEncryption( algorithm, streamToBeEncrypted.GetBuffer(), 0, Convert.ToInt32( streamToBeEncrypted.Length ) ); // // write the encrypted data to a memory stream // IDT.TraceDebug( "Writing encrypted token to memory stream" ); MemoryStream encryptedStream = new MemoryStream(); XmlDictionaryWriter writer = XmlDictionaryWriter.CreateDictionaryWriter( new XmlTextWriter( new StreamWriter( encryptedStream ) ) ); encryptedData.WriteTo( writer ); writer.Flush(); encryptedStream.Seek( 0, SeekOrigin.Begin ); // // Create an XmlElement for the encrypted data // XmlDocument doc = new XmlDocument(); XmlElement tokenXml = ( XmlElement )doc.ReadNode( Utility.CreateReaderWithQuotas( encryptedStream ) ); Array.Clear( streamToBeEncrypted.GetBuffer(), 0, Convert.ToInt32( streamToBeEncrypted.Length ) ); Array.Clear( encryptedStream.GetBuffer(), 0, Convert.ToInt32( encryptedStream.Length ) ); streamToBeEncrypted.Close(); encryptedStream.Close(); return tokenXml; } } } // File provided for Reference Use Only by Microsoft Corporation (c) 2007. // Copyright (c) Microsoft Corporation. All rights reserved.
Link Menu

This book is available now!
Buy at Amazon US or
Buy at Amazon UK
- _SSPIWrapper.cs
- JsonQNameDataContract.cs
- HtmlInputHidden.cs
- TraceRecord.cs
- OrderingQueryOperator.cs
- SymLanguageVendor.cs
- SimpleWorkerRequest.cs
- TextEditorThreadLocalStore.cs
- ProxyFragment.cs
- Preprocessor.cs
- HandleCollector.cs
- StatusBar.cs
- DataTemplateKey.cs
- PrtTicket_Public.cs
- ValueHandle.cs
- Rect3DValueSerializer.cs
- WebHttpSecurityElement.cs
- StyleSelector.cs
- FixedBufferAttribute.cs
- Int16AnimationBase.cs
- BitmapCodecInfoInternal.cs
- SqlNotificationRequest.cs
- dsa.cs
- WCFModelStrings.Designer.cs
- ImageButton.cs
- ActivitySurrogate.cs
- TraceUtility.cs
- ToolStripRendererSwitcher.cs
- Attribute.cs
- StringSorter.cs
- MouseBinding.cs
- WindowsImpersonationContext.cs
- MappingMetadataHelper.cs
- CompiledIdentityConstraint.cs
- ListItemsCollectionEditor.cs
- SqlDataSourceCustomCommandEditor.cs
- DataGridViewCellCancelEventArgs.cs
- validation.cs
- RowToParametersTransformer.cs
- XsdDateTime.cs
- DateTimeValueSerializer.cs
- BasicHttpBinding.cs
- NotConverter.cs
- RawKeyboardInputReport.cs
- AdjustableArrowCap.cs
- Baml2006ReaderSettings.cs
- XmlSchemaElement.cs
- Path.cs
- XmlNode.cs
- Ops.cs
- CharEnumerator.cs
- WindowsNonControl.cs
- _LoggingObject.cs
- XmlDownloadManager.cs
- Converter.cs
- TreeView.cs
- Pair.cs
- _ScatterGatherBuffers.cs
- TreeWalker.cs
- WSFederationHttpSecurity.cs
- HtmlMeta.cs
- ListDictionaryInternal.cs
- DataRowView.cs
- ParentQuery.cs
- DataServiceQuery.cs
- Geometry3D.cs
- XmlElementAttributes.cs
- AsyncPostBackErrorEventArgs.cs
- LongMinMaxAggregationOperator.cs
- CallSiteBinder.cs
- PersianCalendar.cs
- GridViewCommandEventArgs.cs
- SqlNodeAnnotations.cs
- And.cs
- ExplicitDiscriminatorMap.cs
- ParserExtension.cs
- ModifyActivitiesPropertyDescriptor.cs
- NumericPagerField.cs
- WebPartTransformerCollection.cs
- AvTraceDetails.cs
- RSAPKCS1SignatureFormatter.cs
- ADConnectionHelper.cs
- ProxyWebPartManager.cs
- OracleConnection.cs
- FlowLayoutSettings.cs
- TypeDescriptorContext.cs
- PrimitiveDataContract.cs
- InputMethodStateChangeEventArgs.cs
- SystemNetworkInterface.cs
- ExpandoClass.cs
- ToolStripContentPanel.cs
- ErrorRuntimeConfig.cs
- AlgoModule.cs
- TableLayoutCellPaintEventArgs.cs
- _FtpControlStream.cs
- LogStream.cs
- AutoCompleteStringCollection.cs
- FigureParagraph.cs
- SizeAnimationClockResource.cs
- UpdatableGenericsFeature.cs