internal static bool TryConvertToECDsaSecurityKey(JsonWebKey webKey, out SecurityKey key)
{
if (webKey.ConvertedSecurityKey is ECDsaSecurityKey)
{
key = webKey.ConvertedSecurityKey;
return(true);
}
key = null;
if (string.IsNullOrEmpty(webKey.Crv) || string.IsNullOrEmpty(webKey.X) || string.IsNullOrEmpty(webKey.Y))
{
return(false);
}
try
{
key = new ECDsaSecurityKey(webKey, !string.IsNullOrEmpty(webKey.D));
return(true);
}
catch (Exception ex)
{
LogHelper.LogExceptionMessage(new InvalidOperationException(LogHelper.FormatInvariant(LogMessages.IDX10813, typeof(ECDsaSecurityKey), webKey, ex), ex));
}
return(false);
}
internal static bool TryConvertToECDsaSecurityKey(JsonWebKey webKey, out SecurityKey key)
{
if (webKey.ConvertedSecurityKey is ECDsaSecurityKey)
{
key = webKey.ConvertedSecurityKey;
return(true);
}
key = null;
if (string.IsNullOrEmpty(webKey.Crv) || string.IsNullOrEmpty(webKey.X) || string.IsNullOrEmpty(webKey.Y))
{
var missingComponent = new List <string>();
if (string.IsNullOrEmpty(webKey.Crv))
{
missingComponent.Add(JsonWebKeyParameterNames.Crv);
}
if (string.IsNullOrEmpty(webKey.X))
{
missingComponent.Add(JsonWebKeyParameterNames.X);
}
if (string.IsNullOrEmpty(webKey.Y))
{
missingComponent.Add(JsonWebKeyParameterNames.Y);
}
webKey.ConvertKeyInfo = LogHelper.FormatInvariant(LogMessages.IDX10814, LogHelper.MarkAsNonPII(typeof(ECDsaSecurityKey)), webKey, string.Join(", ", missingComponent));
return(false);
}
try
{
key = new ECDsaSecurityKey(webKey, !string.IsNullOrEmpty(webKey.D));
return(true);
}
catch (Exception ex)
{
string convertKeyInfo = LogHelper.FormatInvariant(LogMessages.IDX10813, LogHelper.MarkAsNonPII(typeof(ECDsaSecurityKey)), webKey, ex);
webKey.ConvertKeyInfo = convertKeyInfo;
LogHelper.LogExceptionMessage(new InvalidOperationException(convertKeyInfo, ex));
}
return(false);
}
/// <summary>
/// Converts a <see cref="ECDsaSecurityKey"/> into a <see cref="JsonWebKey"/>
/// </summary>
/// <param name="key">an <see cref="ECDsaSecurityKey"/> to convert.</param>
/// <returns>a <see cref="JsonWebKey"/></returns>
/// <exception cref="ArgumentNullException">if <paramref name="key"/>is null.</exception>
public static JsonWebKey ConvertFromECDsaSecurityKey(ECDsaSecurityKey key)
{
if (!ECDsaAdapter.SupportsECParameters())
{
throw LogHelper.LogExceptionMessage(new PlatformNotSupportedException(LogMessages.IDX10695));
}
if (key == null)
{
throw LogHelper.LogArgumentNullException(nameof(key));
}
if (key.ECDsa == null)
{
throw LogHelper.LogArgumentNullException(nameof(key.ECDsa));
}
ECParameters parameters;
try
{
parameters = key.ECDsa.ExportParameters(true);
}
catch
{
parameters = key.ECDsa.ExportParameters(false);
}
return(new JsonWebKey
{
Crv = ECDsaAdapter.GetCrvParameterValue(parameters.Curve),
X = parameters.Q.X != null?Base64UrlEncoder.Encode(parameters.Q.X) : null,
Y = parameters.Q.Y != null?Base64UrlEncoder.Encode(parameters.Q.Y) : null,
D = parameters.D != null?Base64UrlEncoder.Encode(parameters.D) : null,
Kty = JsonWebAlgorithmsKeyTypes.EllipticCurve,
Kid = key.KeyId,
ConvertedSecurityKey = key
});
}
private void InitializeUsingEcdsaSecurityKey(ECDsaSecurityKey ecdsaSecurityKey)
{
ECDsaSecurityKey = ecdsaSecurityKey;
SignatureFunction = SignWithECDsa;
VerifyFunction = VerifyWithECDsa;
}
/// <summary>
/// Checks if an 'algorithm, key' pair is supported.
/// </summary>
/// <param name="algorithm">the algorithm to check.</param>
/// <param name="key">the <see cref="SecurityKey"/>.</param>
/// <returns>true if 'algorithm, key' pair is supported.</returns>
public virtual bool IsSupportedAlgorithm(string algorithm, SecurityKey key)
{
if (CustomCryptoProvider != null && CustomCryptoProvider.IsSupportedAlgorithm(algorithm, key))
{
return(true);
}
if (key as RsaSecurityKey != null)
{
return(IsRsaAlgorithmSupported(algorithm));
}
var x509Key = key as X509SecurityKey;
if (x509Key != null)
{
#if NETSTANDARD1_4
if (x509Key.PublicKey as RSA == null)
{
return(false);
}
#else
if (x509Key.PublicKey as RSACryptoServiceProvider == null)
{
return(false);
}
#endif
return(IsRsaAlgorithmSupported(algorithm));
}
JsonWebKey jsonWebKey = key as JsonWebKey;
if (jsonWebKey != null)
{
if (jsonWebKey.Kty == JsonWebAlgorithmsKeyTypes.RSA)
{
return(IsRsaAlgorithmSupported(algorithm));
}
else if (jsonWebKey.Kty == JsonWebAlgorithmsKeyTypes.EllipticCurve)
{
return(IsEcdsaAlgorithmSupported(algorithm));
}
else if (jsonWebKey.Kty == JsonWebAlgorithmsKeyTypes.Octet)
{
return(IsSymmetricAlgorithmSupported(algorithm));
}
return(false);
}
ECDsaSecurityKey ecdsaSecurityKey = key as ECDsaSecurityKey;
if (ecdsaSecurityKey != null)
{
return(IsEcdsaAlgorithmSupported(algorithm));
}
if (key as SymmetricSecurityKey != null)
{
return(IsSymmetricAlgorithmSupported(algorithm));
}
return(false);
}
private void ResolveAsymmetricAlgorithm(SecurityKey key, string algorithm, bool willCreateSignatures)
{
if (key == null)
{
throw LogHelper.LogArgumentNullException("key");
}
if (string.IsNullOrWhiteSpace(algorithm))
{
throw LogHelper.LogArgumentNullException("algorithm");
}
_hashAlgorithm = GetHashAlgorithmString(algorithm);
RsaSecurityKey rsaKey = key as RsaSecurityKey;
if (rsaKey != null)
{
if (rsaKey.Rsa != null)
{
_rsaCryptoServiceProvider = rsaKey.Rsa as RSACryptoServiceProvider;
}
if (_rsaCryptoServiceProvider == null)
{
_rsaCryptoServiceProvider = new RSACryptoServiceProvider();
(_rsaCryptoServiceProvider as RSA).ImportParameters(rsaKey.Parameters);
_disposeRsa = true;
}
return;
}
X509SecurityKey x509Key = key as X509SecurityKey;
if (x509Key != null)
{
if (willCreateSignatures)
{
_rsaCryptoServiceProviderProxy = new RSACryptoServiceProviderProxy(x509Key.PrivateKey as RSACryptoServiceProvider);
}
else
{
_rsaCryptoServiceProviderProxy = new RSACryptoServiceProviderProxy(x509Key.PublicKey as RSACryptoServiceProvider);
}
return;
}
ECDsaSecurityKey ecdsaKey = key as ECDsaSecurityKey;
if (ecdsaKey != null)
{
if (ecdsaKey.ECDsa != null)
{
_ecdsa = ecdsaKey.ECDsa as ECDsaCng;
_ecdsa.HashAlgorithm = new CngAlgorithm(_hashAlgorithm);
return;
}
}
JsonWebKey webKey = key as JsonWebKey;
if (webKey.Kty == JsonWebAlgorithmsKeyTypes.RSA)
{
RSAParameters parameters = CreateRsaParametersFromJsonWebKey(webKey, willCreateSignatures);
_rsaCryptoServiceProvider = new RSACryptoServiceProvider();
(_rsaCryptoServiceProvider as RSA).ImportParameters(parameters);
return;
}
else if (webKey.Kty == JsonWebAlgorithmsKeyTypes.EllipticCurve)
{
CreateECDsaFromJsonWebKey(webKey, willCreateSignatures);
return;
}
throw LogHelper.LogExceptionMessage(new ArgumentOutOfRangeException(nameof(key), String.Format(CultureInfo.InvariantCulture, LogMessages.IDX10641, key)));
}
private void ResolveAsymmetricAlgorithm(SecurityKey key, string algorithm, bool willCreateSignatures)
{
if (key == null)
{
throw LogHelper.LogArgumentNullException("key");
}
if (string.IsNullOrWhiteSpace(algorithm))
{
throw LogHelper.LogArgumentNullException("algorithm");
}
_hashAlgorithm = GetHashAlgorithmName(algorithm);
RsaSecurityKey rsaKey = key as RsaSecurityKey;
if (rsaKey != null)
{
if (rsaKey.Rsa != null)
{
_rsa = rsaKey.Rsa;
return;
}
_rsa = RSA.Create();
if (_rsa != null)
{
_rsa.ImportParameters(rsaKey.Parameters);
_disposeRsa = true;
return;
}
}
X509SecurityKey x509Key = key as X509SecurityKey;
if (x509Key != null)
{
if (willCreateSignatures)
{
RSACryptoServiceProvider rsaCsp = x509Key.PrivateKey as RSACryptoServiceProvider;
if (rsaCsp != null)
{
_rsaCryptoServiceProviderProxy = new RSACryptoServiceProviderProxy(rsaCsp);
}
else
{
_rsa = x509Key.PrivateKey as RSA;
}
}
else
{
_rsa = x509Key.PublicKey as RSA;
}
return;
}
ECDsaSecurityKey ecdsaKey = key as ECDsaSecurityKey;
if (ecdsaKey != null)
{
if (ecdsaKey.ECDsa != null)
{
_ecdsa = ecdsaKey.ECDsa;
return;
}
}
JsonWebKey webKey = key as JsonWebKey;
if (webKey.Kty == JsonWebAlgorithmsKeyTypes.RSA)
{
RSAParameters parameters = CreateRsaParametersFromJsonWebKey(webKey, willCreateSignatures);
_rsa = RSA.Create();
if (_rsa != null)
{
_rsa.ImportParameters(parameters);
_disposeRsa = true;
return;
}
}
else if (webKey.Kty == JsonWebAlgorithmsKeyTypes.EllipticCurve)
{
if (!RuntimeInformation.IsOSPlatform(OSPlatform.Windows))
{
throw new PlatformNotSupportedException();
}
CreateECDsaFromJsonWebKey(webKey, willCreateSignatures);
return;
}
throw LogHelper.LogArgumentException <ArgumentOutOfRangeException>(nameof(key), LogMessages.IDX10641, key);
}
