internal static bool TryConvertToECDsaSecurityKey(JsonWebKey webKey, out SecurityKey key) { if (webKey.ConvertedSecurityKey is ECDsaSecurityKey) { key = webKey.ConvertedSecurityKey; return(true); } key = null; if (string.IsNullOrEmpty(webKey.Crv) || string.IsNullOrEmpty(webKey.X) || string.IsNullOrEmpty(webKey.Y)) { return(false); } try { key = new ECDsaSecurityKey(webKey, !string.IsNullOrEmpty(webKey.D)); return(true); } catch (Exception ex) { LogHelper.LogExceptionMessage(new InvalidOperationException(LogHelper.FormatInvariant(LogMessages.IDX10813, typeof(ECDsaSecurityKey), webKey, ex), ex)); } return(false); }
internal static bool TryConvertToECDsaSecurityKey(JsonWebKey webKey, out SecurityKey key) { if (webKey.ConvertedSecurityKey is ECDsaSecurityKey) { key = webKey.ConvertedSecurityKey; return(true); } key = null; if (string.IsNullOrEmpty(webKey.Crv) || string.IsNullOrEmpty(webKey.X) || string.IsNullOrEmpty(webKey.Y)) { var missingComponent = new List <string>(); if (string.IsNullOrEmpty(webKey.Crv)) { missingComponent.Add(JsonWebKeyParameterNames.Crv); } if (string.IsNullOrEmpty(webKey.X)) { missingComponent.Add(JsonWebKeyParameterNames.X); } if (string.IsNullOrEmpty(webKey.Y)) { missingComponent.Add(JsonWebKeyParameterNames.Y); } webKey.ConvertKeyInfo = LogHelper.FormatInvariant(LogMessages.IDX10814, LogHelper.MarkAsNonPII(typeof(ECDsaSecurityKey)), webKey, string.Join(", ", missingComponent)); return(false); } try { key = new ECDsaSecurityKey(webKey, !string.IsNullOrEmpty(webKey.D)); return(true); } catch (Exception ex) { string convertKeyInfo = LogHelper.FormatInvariant(LogMessages.IDX10813, LogHelper.MarkAsNonPII(typeof(ECDsaSecurityKey)), webKey, ex); webKey.ConvertKeyInfo = convertKeyInfo; LogHelper.LogExceptionMessage(new InvalidOperationException(convertKeyInfo, ex)); } return(false); }
/// <summary> /// Converts a <see cref="ECDsaSecurityKey"/> into a <see cref="JsonWebKey"/> /// </summary> /// <param name="key">an <see cref="ECDsaSecurityKey"/> to convert.</param> /// <returns>a <see cref="JsonWebKey"/></returns> /// <exception cref="ArgumentNullException">if <paramref name="key"/>is null.</exception> public static JsonWebKey ConvertFromECDsaSecurityKey(ECDsaSecurityKey key) { if (!ECDsaAdapter.SupportsECParameters()) { throw LogHelper.LogExceptionMessage(new PlatformNotSupportedException(LogMessages.IDX10695)); } if (key == null) { throw LogHelper.LogArgumentNullException(nameof(key)); } if (key.ECDsa == null) { throw LogHelper.LogArgumentNullException(nameof(key.ECDsa)); } ECParameters parameters; try { parameters = key.ECDsa.ExportParameters(true); } catch { parameters = key.ECDsa.ExportParameters(false); } return(new JsonWebKey { Crv = ECDsaAdapter.GetCrvParameterValue(parameters.Curve), X = parameters.Q.X != null?Base64UrlEncoder.Encode(parameters.Q.X) : null, Y = parameters.Q.Y != null?Base64UrlEncoder.Encode(parameters.Q.Y) : null, D = parameters.D != null?Base64UrlEncoder.Encode(parameters.D) : null, Kty = JsonWebAlgorithmsKeyTypes.EllipticCurve, Kid = key.KeyId, ConvertedSecurityKey = key }); }
private void InitializeUsingEcdsaSecurityKey(ECDsaSecurityKey ecdsaSecurityKey) { ECDsaSecurityKey = ecdsaSecurityKey; SignatureFunction = SignWithECDsa; VerifyFunction = VerifyWithECDsa; }
/// <summary> /// Checks if an 'algorithm, key' pair is supported. /// </summary> /// <param name="algorithm">the algorithm to check.</param> /// <param name="key">the <see cref="SecurityKey"/>.</param> /// <returns>true if 'algorithm, key' pair is supported.</returns> public virtual bool IsSupportedAlgorithm(string algorithm, SecurityKey key) { if (CustomCryptoProvider != null && CustomCryptoProvider.IsSupportedAlgorithm(algorithm, key)) { return(true); } if (key as RsaSecurityKey != null) { return(IsRsaAlgorithmSupported(algorithm)); } var x509Key = key as X509SecurityKey; if (x509Key != null) { #if NETSTANDARD1_4 if (x509Key.PublicKey as RSA == null) { return(false); } #else if (x509Key.PublicKey as RSACryptoServiceProvider == null) { return(false); } #endif return(IsRsaAlgorithmSupported(algorithm)); } JsonWebKey jsonWebKey = key as JsonWebKey; if (jsonWebKey != null) { if (jsonWebKey.Kty == JsonWebAlgorithmsKeyTypes.RSA) { return(IsRsaAlgorithmSupported(algorithm)); } else if (jsonWebKey.Kty == JsonWebAlgorithmsKeyTypes.EllipticCurve) { return(IsEcdsaAlgorithmSupported(algorithm)); } else if (jsonWebKey.Kty == JsonWebAlgorithmsKeyTypes.Octet) { return(IsSymmetricAlgorithmSupported(algorithm)); } return(false); } ECDsaSecurityKey ecdsaSecurityKey = key as ECDsaSecurityKey; if (ecdsaSecurityKey != null) { return(IsEcdsaAlgorithmSupported(algorithm)); } if (key as SymmetricSecurityKey != null) { return(IsSymmetricAlgorithmSupported(algorithm)); } return(false); }
private void ResolveAsymmetricAlgorithm(SecurityKey key, string algorithm, bool willCreateSignatures) { if (key == null) { throw LogHelper.LogArgumentNullException("key"); } if (string.IsNullOrWhiteSpace(algorithm)) { throw LogHelper.LogArgumentNullException("algorithm"); } _hashAlgorithm = GetHashAlgorithmString(algorithm); RsaSecurityKey rsaKey = key as RsaSecurityKey; if (rsaKey != null) { if (rsaKey.Rsa != null) { _rsaCryptoServiceProvider = rsaKey.Rsa as RSACryptoServiceProvider; } if (_rsaCryptoServiceProvider == null) { _rsaCryptoServiceProvider = new RSACryptoServiceProvider(); (_rsaCryptoServiceProvider as RSA).ImportParameters(rsaKey.Parameters); _disposeRsa = true; } return; } X509SecurityKey x509Key = key as X509SecurityKey; if (x509Key != null) { if (willCreateSignatures) { _rsaCryptoServiceProviderProxy = new RSACryptoServiceProviderProxy(x509Key.PrivateKey as RSACryptoServiceProvider); } else { _rsaCryptoServiceProviderProxy = new RSACryptoServiceProviderProxy(x509Key.PublicKey as RSACryptoServiceProvider); } return; } ECDsaSecurityKey ecdsaKey = key as ECDsaSecurityKey; if (ecdsaKey != null) { if (ecdsaKey.ECDsa != null) { _ecdsa = ecdsaKey.ECDsa as ECDsaCng; _ecdsa.HashAlgorithm = new CngAlgorithm(_hashAlgorithm); return; } } JsonWebKey webKey = key as JsonWebKey; if (webKey.Kty == JsonWebAlgorithmsKeyTypes.RSA) { RSAParameters parameters = CreateRsaParametersFromJsonWebKey(webKey, willCreateSignatures); _rsaCryptoServiceProvider = new RSACryptoServiceProvider(); (_rsaCryptoServiceProvider as RSA).ImportParameters(parameters); return; } else if (webKey.Kty == JsonWebAlgorithmsKeyTypes.EllipticCurve) { CreateECDsaFromJsonWebKey(webKey, willCreateSignatures); return; } throw LogHelper.LogExceptionMessage(new ArgumentOutOfRangeException(nameof(key), String.Format(CultureInfo.InvariantCulture, LogMessages.IDX10641, key))); }
private void ResolveAsymmetricAlgorithm(SecurityKey key, string algorithm, bool willCreateSignatures) { if (key == null) { throw LogHelper.LogArgumentNullException("key"); } if (string.IsNullOrWhiteSpace(algorithm)) { throw LogHelper.LogArgumentNullException("algorithm"); } _hashAlgorithm = GetHashAlgorithmName(algorithm); RsaSecurityKey rsaKey = key as RsaSecurityKey; if (rsaKey != null) { if (rsaKey.Rsa != null) { _rsa = rsaKey.Rsa; return; } _rsa = RSA.Create(); if (_rsa != null) { _rsa.ImportParameters(rsaKey.Parameters); _disposeRsa = true; return; } } X509SecurityKey x509Key = key as X509SecurityKey; if (x509Key != null) { if (willCreateSignatures) { RSACryptoServiceProvider rsaCsp = x509Key.PrivateKey as RSACryptoServiceProvider; if (rsaCsp != null) { _rsaCryptoServiceProviderProxy = new RSACryptoServiceProviderProxy(rsaCsp); } else { _rsa = x509Key.PrivateKey as RSA; } } else { _rsa = x509Key.PublicKey as RSA; } return; } ECDsaSecurityKey ecdsaKey = key as ECDsaSecurityKey; if (ecdsaKey != null) { if (ecdsaKey.ECDsa != null) { _ecdsa = ecdsaKey.ECDsa; return; } } JsonWebKey webKey = key as JsonWebKey; if (webKey.Kty == JsonWebAlgorithmsKeyTypes.RSA) { RSAParameters parameters = CreateRsaParametersFromJsonWebKey(webKey, willCreateSignatures); _rsa = RSA.Create(); if (_rsa != null) { _rsa.ImportParameters(parameters); _disposeRsa = true; return; } } else if (webKey.Kty == JsonWebAlgorithmsKeyTypes.EllipticCurve) { if (!RuntimeInformation.IsOSPlatform(OSPlatform.Windows)) { throw new PlatformNotSupportedException(); } CreateECDsaFromJsonWebKey(webKey, willCreateSignatures); return; } throw LogHelper.LogArgumentException <ArgumentOutOfRangeException>(nameof(key), LogMessages.IDX10641, key); }