Code:
/ WCF / WCF / 3.5.30729.1 / untmp / Orcas / SP / ndp / cdf / src / WCF / infocard / Service / managed / Microsoft / InfoCards / EncryptionUtility.cs / 1 / EncryptionUtility.cs
//------------------------------------------------------------------------------
// Copyright (c) Microsoft Corporation. All rights reserved.
//-----------------------------------------------------------------------------
namespace Microsoft.InfoCards
{
using System;
using System.IdentityModel.Selectors;
using System.IdentityModel.Tokens;
using System.ServiceModel.Security.Tokens;
using System.ServiceModel;
using System.ServiceModel.Security;
using System.IO;
using System.Security.Cryptography.X509Certificates;
using System.Security.Cryptography.Xml;
using System.Xml;
using System.Security.Principal;
using System.Security.Cryptography;
using System.Text;
using System.Globalization;
using IDT = Microsoft.InfoCards.Diagnostics.InfoCardTrace;
//
// Summary
// This class provides utility function to enable encryption of tokens
//
internal sealed class EncryptionUtility
{
private EncryptionUtility()
{
}
//
// Summary
// Encrypt a security token
//
// Parameters
// tokenToBeEncrypted - The security token that needs to be encrypted
// cert - The certificate of the party to which the token is to be encrypted
// encryptingAlgorithm - The algorithm to use for encryption
//
public static XmlElement EncryptSecurityToken( SecurityToken tokenToBeEncrypted, X509Certificate2 cert,
string encryptingAlgorithm, string asymmetricKeyWrapAlgorithm, ProtocolProfile profile )
{
//
// create the stream for data to be encrypted
//
MemoryStream streamToBeEncrypted = new MemoryStream();
XmlDictionaryWriter writer = XmlDictionaryWriter.CreateDictionaryWriter( new XmlTextWriter( new StreamWriter( streamToBeEncrypted ) ) );
profile.TokenSerializer.WriteToken( writer, tokenToBeEncrypted );
writer.Flush();
streamToBeEncrypted.Seek( 0, SeekOrigin.Begin );
return EncryptToken( streamToBeEncrypted, cert, encryptingAlgorithm, asymmetricKeyWrapAlgorithm, profile );
}
//
// Summary
// Encrypt a security token
//
// Parameters
// elem - The security token element that needs to be encrypted
// cert - The certificate of the party to which the token is to be encrypted
// encryptingAlgorithm - The algorithm to use for encryption
// keyWrapAlgorithm - Symmetric P ==> rasoaep. Asymmetric P ==> as specified
//
public static XmlElement EncryptSecurityToken( XmlElement elem, X509Certificate2 cert,
string encryptingAlgorithm, string asymmetricKeyWrapAlgorithm, ProtocolProfile profile )
{
//
// create the stream for data to be encrypted
//
MemoryStream streamToBeEncrypted = new MemoryStream();
XmlDictionaryWriter writer = XmlDictionaryWriter.CreateDictionaryWriter( new XmlTextWriter( new StreamWriter( streamToBeEncrypted ) ) );
elem.WriteTo( writer );
writer.Flush();
streamToBeEncrypted.Seek( 0, SeekOrigin.Begin );
return EncryptToken( streamToBeEncrypted, cert, encryptingAlgorithm, asymmetricKeyWrapAlgorithm, profile );
}
//
// Summary
// Encrypt a security token
//
// Parameters
// streamToBeEncrypted - The security token stream that needs to be encrypted
// cert - The certificate of the party to which the token is to be encrypted
// encryptingAlgorithm - The algorithm to use for encryption
// keyWrapAlgorithm - Symmetric P ==> rasoaep. Asymmetric P ==> as specified
//
private static XmlElement EncryptToken( MemoryStream streamToBeEncrypted, X509Certificate2 cert,
string encryptingAlgorithm, string asymmetricKeyWrapAlgorithm, ProtocolProfile profile )
{
IDT.TraceDebug( "Encrypting the security token" );
IDT.ThrowInvalidArgumentConditional( String.IsNullOrEmpty( encryptingAlgorithm ), "encryptingAlgorithm" );
IDT.ThrowInvalidArgumentConditional( null == cert, "cert" );
IDT.TraceDebug( "Encrypting issued token with {0} algorithm", encryptingAlgorithm );
IDT.TraceDebug( "Encrypting issued token with {0} certificate", cert.FriendlyName );
SecurityToken encryptingToken = new X509SecurityToken( cert, "id" );
SecurityAlgorithmSuite suite = SecurityAlgorithmSuite.Default;
switch( encryptingAlgorithm )
{
case SecurityAlgorithms.Aes128Encryption:
suite = SecurityAlgorithmSuite.Basic128;
break;
case SecurityAlgorithms.Aes192Encryption:
suite = SecurityAlgorithmSuite.Basic192;
break;
case SecurityAlgorithms.Aes256Encryption:
suite = SecurityAlgorithmSuite.Basic256;
break;
case SecurityAlgorithms.TripleDesEncryption:
suite = SecurityAlgorithmSuite.TripleDes;
break;
default:
throw IDT.ThrowHelperError( new TokenCreationException(
SR.GetString( SR.UnsupportedEncryptionAlgorithm, encryptingAlgorithm ) ) );
}
//
// create the keys to be used for encryption
//
SecurityKeyIdentifier encryptingKeyIdentifier = new SecurityKeyIdentifier( encryptingToken.CreateKeyIdentifierClause() );
int encryptedKeySize = suite.DefaultEncryptionKeyDerivationLength / 8;
byte[ ] keyToWrap = new byte[ encryptedKeySize ];
RNGCryptoServiceProvider random = new RNGCryptoServiceProvider();
random.GetNonZeroBytes( keyToWrap );
WrappedKeySecurityToken wrappedKeyToken = new WrappedKeySecurityToken( string.Empty,
keyToWrap, asymmetricKeyWrapAlgorithm, encryptingToken, encryptingKeyIdentifier );
SecurityKeyIdentifier keyIdentifier = new SecurityKeyIdentifier( new EncryptedKeyIdentifierClause( wrappedKeyToken.GetWrappedKey(),
wrappedKeyToken.WrappingAlgorithm, wrappedKeyToken.WrappingTokenReference ) );
SymmetricSecurityKey encryptingCrypto = ( SymmetricSecurityKey )wrappedKeyToken.SecurityKeys[ 0 ];
//
// Use the algorithm provided and encrypt the data
//
SymmetricAlgorithm algorithm = encryptingCrypto.GetSymmetricAlgorithm( encryptingAlgorithm );
EncryptedData encryptedData = new EncryptedData();
encryptedData.TokenSerializer = profile.TokenSerializer;
encryptedData.KeyIdentifier = keyIdentifier;
encryptedData.EncryptionMethod = encryptingAlgorithm;
encryptedData.Type = EncryptedXml.XmlEncElementUrl;
encryptedData.SetUpEncryption( algorithm, streamToBeEncrypted.GetBuffer(), 0, Convert.ToInt32( streamToBeEncrypted.Length ) );
//
// write the encrypted data to a memory stream
//
IDT.TraceDebug( "Writing encrypted token to memory stream" );
MemoryStream encryptedStream = new MemoryStream();
XmlDictionaryWriter writer = XmlDictionaryWriter.CreateDictionaryWriter( new XmlTextWriter( new StreamWriter( encryptedStream ) ) );
encryptedData.WriteTo( writer );
writer.Flush();
encryptedStream.Seek( 0, SeekOrigin.Begin );
//
// Create an XmlElement for the encrypted data
//
XmlDocument doc = new XmlDocument();
XmlElement tokenXml = ( XmlElement )doc.ReadNode( Utility.CreateReaderWithQuotas( encryptedStream ) );
Array.Clear(
streamToBeEncrypted.GetBuffer(),
0,
Convert.ToInt32( streamToBeEncrypted.Length ) );
Array.Clear(
encryptedStream.GetBuffer(),
0,
Convert.ToInt32( encryptedStream.Length ) );
streamToBeEncrypted.Close();
encryptedStream.Close();
return tokenXml;
}
}
}
// File provided for Reference Use Only by Microsoft Corporation (c) 2007.
// Copyright (c) Microsoft Corporation. All rights reserved.
Link Menu
This book is available now!
Buy at Amazon US or
Buy at Amazon UK
- xsdvalidator.cs
- HierarchicalDataTemplate.cs
- Stroke.cs
- ColorDialog.cs
- EdmComplexPropertyAttribute.cs
- FixedTextView.cs
- EdmValidator.cs
- AppendHelper.cs
- DispatcherProcessingDisabled.cs
- HttpRequestCacheValidator.cs
- SystemInfo.cs
- SessionParameter.cs
- SchemaTypeEmitter.cs
- IndentedTextWriter.cs
- PolicyStatement.cs
- LinqDataSourceEditData.cs
- VScrollProperties.cs
- ResourceBinder.cs
- ResizeGrip.cs
- HandlerBase.cs
- WebConfigurationHost.cs
- Renderer.cs
- TouchesOverProperty.cs
- CachingParameterInspector.cs
- DataTrigger.cs
- Int32CAMarshaler.cs
- OrderedDictionary.cs
- AstNode.cs
- GuidelineCollection.cs
- TextEndOfParagraph.cs
- CaretElement.cs
- _SslStream.cs
- DrawingContext.cs
- SafePointer.cs
- EnumValAlphaComparer.cs
- ScrollItemProviderWrapper.cs
- SessionState.cs
- DescendentsWalker.cs
- GPPOINT.cs
- SoapTypeAttribute.cs
- ProjectionQueryOptionExpression.cs
- EntityViewContainer.cs
- WindowsToolbarItemAsMenuItem.cs
- ChannelServices.cs
- TimeSpanValidator.cs
- TextRenderer.cs
- RowToFieldTransformer.cs
- columnmapfactory.cs
- DependencyPropertyConverter.cs
- ResourceExpressionBuilder.cs
- AlphabetConverter.cs
- RolePrincipal.cs
- PostBackOptions.cs
- ImageListDesigner.cs
- QEncodedStream.cs
- HttpHandlerAction.cs
- SrgsToken.cs
- SQLBytesStorage.cs
- ExpressionReplacer.cs
- PropertyValueChangedEvent.cs
- SystemNetHelpers.cs
- IdentityValidationException.cs
- TypefaceMetricsCache.cs
- CodeSubDirectoriesCollection.cs
- SecureEnvironment.cs
- HtmlTitle.cs
- FullTextBreakpoint.cs
- WmpBitmapDecoder.cs
- PersonalizationStateInfo.cs
- InfoCardBaseException.cs
- oledbmetadatacollectionnames.cs
- DateTimeFormat.cs
- URI.cs
- SchemaObjectWriter.cs
- StringPropertyBuilder.cs
- InputLanguageCollection.cs
- WebBrowser.cs
- Model3DGroup.cs
- EncoderParameters.cs
- TypeUtil.cs
- CornerRadius.cs
- ToolStripDropDown.cs
- DataGridViewColumnEventArgs.cs
- DataStreams.cs
- XslCompiledTransform.cs
- ByteConverter.cs
- WindowsHyperlink.cs
- cryptoapiTransform.cs
- EntityCommandDefinition.cs
- SizeKeyFrameCollection.cs
- RegexCompiler.cs
- Parsers.cs
- HtmlTitle.cs
- Socket.cs
- SectionVisual.cs
- ObjectComplexPropertyMapping.cs
- XmlArrayAttribute.cs
- FontFamily.cs
- InputProviderSite.cs
- ReliabilityContractAttribute.cs