private static SignatureProvider CreateProvider(SecurityKey key, string algorithm, bool willCreateSignatures)
{
if (key == null)
{
throw new ArgumentNullException("key");
}
if (algorithm == null)
{
throw new ArgumentNullException("algorithm");
}
if (string.IsNullOrWhiteSpace(algorithm))
{
throw new ArgumentException(string.Format(CultureInfo.InvariantCulture, ErrorMessages.IDX10002, "algorithm "));
}
AsymmetricSecurityKey asymmetricKey = key as AsymmetricSecurityKey;
if (asymmetricKey != null)
{
if (willCreateSignatures)
{
if (asymmetricKey.KeySize < MinimumAsymmetricKeySizeInBitsForSigning)
{
throw new ArgumentOutOfRangeException("key.KeySize", asymmetricKey.KeySize, string.Format(CultureInfo.InvariantCulture, ErrorMessages.IDX10630, key.GetType(), MinimumAsymmetricKeySizeInBitsForSigning));
}
}
if (asymmetricKey.KeySize < MinimumAsymmetricKeySizeInBitsForVerifying)
{
throw new ArgumentOutOfRangeException("key.KeySize", asymmetricKey.KeySize, string.Format(CultureInfo.InvariantCulture, ErrorMessages.IDX10631, key.GetType(), MinimumAsymmetricKeySizeInBitsForVerifying));
}
return(new AsymmetricSignatureProvider(asymmetricKey, algorithm, willCreateSignatures));
}
SymmetricSecurityKey symmetricKey = key as SymmetricSecurityKey;
if (symmetricKey != null)
{
if (symmetricKey.KeySize < MinimumSymmetricKeySizeInBits)
{
throw new ArgumentOutOfRangeException("key.KeySize", key.KeySize, string.Format(CultureInfo.InvariantCulture, ErrorMessages.IDX10603, key.GetType(), MinimumSymmetricKeySizeInBits));
}
return(new SymmetricSignatureProvider(symmetricKey, algorithm));
}
throw new ArgumentException(string.Format(CultureInfo.InvariantCulture, ErrorMessages.IDX10600, typeof(SignatureProvider).ToString(), typeof(SecurityKey), typeof(AsymmetricSecurityKey), typeof(SymmetricSecurityKey), key.GetType()));
}
/// <summary>
/// This method returns an AsymmetricSignatureDeFormatter capable of supporting Sha256 signatures.
/// </summary>
/// <param name="key"></param>
/// <returns></returns>
internal static AsymmetricSignatureDeformatter GetSignatureDeFormatterForSha256( AsymmetricSecurityKey key )
{
RSAPKCS1SignatureDeformatter deformatter;
AsymmetricAlgorithm algorithm = key.GetAsymmetricAlgorithm( SecurityAlgorithms.RsaSha256Signature, false );
RSACryptoServiceProvider rsaProvider = algorithm as RSACryptoServiceProvider;
if ( null != rsaProvider )
{
return GetSignatureDeFormatterForSha256( rsaProvider );
}
else
{
//
// If not an RSaCryptoServiceProvider, we can only hope that
// the derived imlementation does the correct thing WRT Sha256.
//
deformatter = new RSAPKCS1SignatureDeformatter( algorithm );
}
return deformatter;
}
public FaultingAsymmetricSecurityKey(AsymmetricSecurityKey key = null, AsymmetricAlgorithm agorithm = null, AsymmetricSignatureDeformatter deformatter = null, AsymmetricSignatureFormatter formatter = null, HashAlgorithm hash = null, bool hasPrivateKey = false)
{
Key = key;
}
/// <summary>
/// Initializes a new instance of the <see cref="AsymmetricSignatureProvider"/> class used to create and verify signatures.
/// </summary>
/// <param name="key">
/// The <see cref="AsymmetricSecurityKey"/> that will be used for cryptographic operations.
/// </param>
/// <param name="algorithm">
/// The signature algorithm to apply.
/// </param>
/// <param name="willCreateSignatures">
/// If this <see cref="AsymmetricSignatureProvider"/> is required to create signatures then set this to true.
/// <para>
/// Creating signatures requires that the <see cref="AsymmetricSecurityKey"/> has access to a private key.
/// Verifying signatures (the default), does not require access to the private key.
/// </para>
/// </param>
/// <exception cref="ArgumentNullException">
/// 'key' is null.
/// </exception>
/// <exception cref="ArgumentNullException">
/// 'algorithm' is null.
/// </exception>
/// <exception cref="ArgumentException">
/// 'algorithm' contains only whitespace.
/// </exception>
/// <exception cref="ArgumentOutOfRangeException">
/// willCreateSignatures is true and <see cref="AsymmetricSecurityKey"/>.KeySize is less than <see cref="SignatureProviderFactory.MinimumAsymmetricKeySizeInBitsForSigning"/>.
/// </exception>
/// <exception cref="ArgumentOutOfRangeException">
/// <see cref="AsymmetricSecurityKey"/>.KeySize is less than <see cref="SignatureProviderFactory.MinimumAsymmetricKeySizeInBitsForVerifying"/>. Note: this is always checked.
/// </exception>
/// <exception cref="InvalidOperationException">
/// Is thrown if the <see cref="AsymmetricSecurityKey.GetHashAlgorithmForSignature"/> throws.
/// </exception>
/// <exception cref="InvalidOperationException">
/// Is thrown if the <see cref="AsymmetricSecurityKey.GetHashAlgorithmForSignature"/> returns null.
/// </exception>
/// <exception cref="InvalidOperationException">
/// Is thrown if the <see cref="AsymmetricSecurityKey.GetSignatureFormatter"/> throws.
/// </exception>
/// <exception cref="InvalidOperationException">
/// Is thrown if the <see cref="AsymmetricSecurityKey.GetSignatureFormatter"/> returns null.
/// </exception>
/// <exception cref="InvalidOperationException">
/// Is thrown if the <see cref="AsymmetricSecurityKey.GetSignatureDeformatter"/> throws.
/// </exception>
/// <exception cref="InvalidOperationException">
/// Is thrown if the <see cref="AsymmetricSecurityKey.GetSignatureDeformatter"/> returns null.
/// </exception>
/// <exception cref="InvalidOperationException">
/// Is thrown if the <see cref="AsymmetricSignatureFormatter.SetHashAlgorithm"/> throws.
/// </exception>
/// <exception cref="InvalidOperationException">
/// Is thrown if the <see cref="AsymmetricSignatureDeformatter.SetHashAlgorithm"/> throws.
/// </exception>
public AsymmetricSignatureProvider(AsymmetricSecurityKey key, string algorithm, bool willCreateSignatures = false)
{
if (key == null)
{
throw new ArgumentNullException("key");
}
if (algorithm == null)
{
throw new ArgumentNullException("algorithm");
}
if (string.IsNullOrWhiteSpace(algorithm))
{
throw new ArgumentException(string.Format(CultureInfo.InvariantCulture, ErrorMessages.IDX10002, "algorithm"));
}
if (willCreateSignatures)
{
if (key.KeySize < SignatureProviderFactory.MinimumAsymmetricKeySizeInBitsForSigning)
{
throw new ArgumentOutOfRangeException("key.KeySize", key.KeySize, string.Format(CultureInfo.InvariantCulture, ErrorMessages.IDX10631, key.GetType(), SignatureProviderFactory.MinimumAsymmetricKeySizeInBitsForSigning));
}
}
if (key.KeySize < SignatureProviderFactory.MinimumAsymmetricKeySizeInBitsForVerifying)
{
throw new ArgumentOutOfRangeException("key.KeySize", key.KeySize, string.Format(CultureInfo.InvariantCulture, ErrorMessages.IDX10630, key.GetType(), SignatureProviderFactory.MinimumAsymmetricKeySizeInBitsForVerifying));
}
this.key = key;
try
{
this.hash = this.key.GetHashAlgorithmForSignature(algorithm);
}
catch (Exception ex)
{
if (DiagnosticUtility.IsFatal(ex))
{
throw;
}
throw new InvalidOperationException(string.Format(CultureInfo.InvariantCulture, ErrorMessages.IDX10618, algorithm, this.key.ToString(), ex), ex);
}
if (this.hash == null)
{
throw new InvalidOperationException(string.Format(CultureInfo.InvariantCulture, ErrorMessages.IDX10611, algorithm, this.key.ToString()));
}
if (willCreateSignatures)
{
try
{
this.formatter = this.key.GetSignatureFormatter(algorithm);
this.formatter.SetHashAlgorithm(this.hash.GetType().ToString());
}
catch (Exception ex)
{
if (DiagnosticUtility.IsFatal(ex))
{
throw;
}
throw new InvalidOperationException(string.Format(CultureInfo.InvariantCulture, ErrorMessages.IDX10614, algorithm, this.key.ToString(), ex), ex);
}
if (this.formatter == null)
{
throw new InvalidOperationException(string.Format(CultureInfo.InvariantCulture, ErrorMessages.IDX10615, algorithm, this.key.ToString()));
}
}
try
{
this.deformatter = this.key.GetSignatureDeformatter(algorithm);
this.deformatter.SetHashAlgorithm(this.hash.GetType().ToString());
}
catch (Exception ex)
{
if (DiagnosticUtility.IsFatal(ex))
{
throw;
}
throw new InvalidOperationException(string.Format(CultureInfo.InvariantCulture, ErrorMessages.IDX10616, algorithm, this.key.ToString(), ex), ex);
}
if (this.deformatter == null)
{
throw new InvalidOperationException(string.Format(CultureInfo.InvariantCulture, ErrorMessages.IDX10617, algorithm, this.key.ToString()));
}
}
private void AsymmetricConstructorVariation(string testcase, AsymmetricSecurityKey key, string algorithm, ExpectedException expectedException)
{
Console.WriteLine(string.Format("Testcase: '{0}'", testcase));
AsymmetricSignatureProvider provider = null;
try
{
if (testcase.StartsWith("Signing"))
{
provider = new AsymmetricSignatureProvider(key, algorithm, true);
}
else
{
provider = new AsymmetricSignatureProvider(key, algorithm, false);
}
expectedException.ProcessNoException();
}
catch (Exception ex)
{
expectedException.ProcessException(ex);
}
}
public CardSpaceProofToken (DateTime validTo, AsymmetricSecurityKey proofKey)
{
valid_to = validTo;
keys = new ReadOnlyCollection<SecurityKey> (new SecurityKey [] {proofKey});
}
/// <summary>
/// Initializes a new instance of the <see cref="AsymmetricSignatureProvider"/> class used to create and verify signatures.
/// </summary>
/// <param name="key">
/// The <see cref="AsymmetricSecurityKey"/> that will be used for cryptographic operations.
/// </param>
/// <param name="algorithm">
/// The signature algorithm to apply.
/// </param>
/// <param name="willCreateSignatures">
/// If this <see cref="AsymmetricSignatureProvider"/> is required to create signatures then set this to true.
/// <para>
/// Creating signatures requires that the <see cref="AsymmetricSecurityKey"/> has access to a private key.
/// Verifying signatures (the default), does not require access to the private key.
/// </para>
/// </param>
/// <exception cref="ArgumentNullException">
/// 'key' is null.
/// </exception>
/// <exception cref="ArgumentNullException">
/// 'algorithm' is null.
/// </exception>
/// <exception cref="ArgumentException">
/// 'algorithm' contains only whitespace.
/// </exception>
/// <exception cref="ArgumentOutOfRangeException">
/// willCreateSignatures is true and <see cref="AsymmetricSecurityKey"/>.KeySize is less than <see cref="SignatureProviderFactory.MinimumAsymmetricKeySizeInBitsForSigning"/>.
/// </exception>
/// <exception cref="ArgumentOutOfRangeException">
/// <see cref="AsymmetricSecurityKey"/>.KeySize is less than <see cref="SignatureProviderFactory.MinimumAsymmetricKeySizeInBitsForVerifying"/>. Note: this is always checked.
/// </exception>
/// <exception cref="InvalidOperationException">
/// Is thrown if the <see cref="AsymmetricSecurityKey.GetHashAlgorithmForSignature"/> throws.
/// </exception>
/// <exception cref="InvalidOperationException">
/// Is thrown if the <see cref="AsymmetricSecurityKey.GetHashAlgorithmForSignature"/> returns null.
/// </exception>
/// <exception cref="InvalidOperationException">
/// Is thrown if the <see cref="AsymmetricSecurityKey.GetSignatureFormatter"/> throws.
/// </exception>
/// <exception cref="InvalidOperationException">
/// Is thrown if the <see cref="AsymmetricSecurityKey.GetSignatureFormatter"/> returns null.
/// </exception>
/// <exception cref="InvalidOperationException">
/// Is thrown if the <see cref="AsymmetricSecurityKey.GetSignatureDeformatter"/> throws.
/// </exception>
/// <exception cref="InvalidOperationException">
/// Is thrown if the <see cref="AsymmetricSecurityKey.GetSignatureDeformatter"/> returns null.
/// </exception>
/// <exception cref="InvalidOperationException">
/// Is thrown if the <see cref="AsymmetricSignatureFormatter.SetHashAlgorithm"/> throws.
/// </exception>
/// <exception cref="InvalidOperationException">
/// Is thrown if the <see cref="AsymmetricSignatureDeformatter.SetHashAlgorithm"/> throws.
/// </exception>
public AsymmetricSignatureProvider(AsymmetricSecurityKey key, string algorithm, bool willCreateSignatures = false)
{
if (key == null)
{
throw new ArgumentNullException("key");
}
if (algorithm == null)
{
throw new ArgumentNullException("algorithm");
}
if (string.IsNullOrWhiteSpace(algorithm))
{
throw new ArgumentException(string.Format(CultureInfo.InvariantCulture, ErrorMessages.IDX10002, "algorithm"));
}
if (willCreateSignatures)
{
if (key.KeySize < SignatureProviderFactory.MinimumAsymmetricKeySizeInBitsForSigning)
{
throw new ArgumentOutOfRangeException("key.KeySize", key.KeySize, string.Format(CultureInfo.InvariantCulture, ErrorMessages.IDX10631, key.GetType(), SignatureProviderFactory.MinimumAsymmetricKeySizeInBitsForSigning));
}
}
if (key.KeySize < SignatureProviderFactory.MinimumAsymmetricKeySizeInBitsForVerifying)
{
throw new ArgumentOutOfRangeException("key.KeySize", key.KeySize, string.Format(CultureInfo.InvariantCulture, ErrorMessages.IDX10630, key.GetType(), SignatureProviderFactory.MinimumAsymmetricKeySizeInBitsForVerifying));
}
this.key = key;
try
{
this.hash = this.key.GetHashAlgorithmForSignature(algorithm);
}
catch (Exception ex)
{
if (DiagnosticUtility.IsFatal(ex))
{
throw;
}
throw new InvalidOperationException(string.Format(CultureInfo.InvariantCulture, ErrorMessages.IDX10618, algorithm, this.key.ToString(), ex), ex);
}
if (this.hash == null)
{
throw new InvalidOperationException(string.Format(CultureInfo.InvariantCulture, ErrorMessages.IDX10611, algorithm, this.key.ToString()));
}
if (willCreateSignatures)
{
try
{
this.formatter = this.key.GetSignatureFormatter(algorithm);
this.formatter.SetHashAlgorithm(this.hash.GetType().ToString());
}
catch (Exception ex)
{
if (DiagnosticUtility.IsFatal(ex))
{
throw;
}
throw new InvalidOperationException(string.Format(CultureInfo.InvariantCulture, ErrorMessages.IDX10614, algorithm, this.key.ToString(), ex), ex);
}
if (this.formatter == null)
{
throw new InvalidOperationException(string.Format(CultureInfo.InvariantCulture, ErrorMessages.IDX10615, algorithm, this.key.ToString()));
}
}
try
{
this.deformatter = this.key.GetSignatureDeformatter(algorithm);
this.deformatter.SetHashAlgorithm(this.hash.GetType().ToString());
}
catch (Exception ex)
{
if (DiagnosticUtility.IsFatal(ex))
{
throw;
}
throw new InvalidOperationException(string.Format(CultureInfo.InvariantCulture, ErrorMessages.IDX10616, algorithm, this.key.ToString(), ex), ex);
}
if (this.deformatter == null)
{
throw new InvalidOperationException(string.Format(CultureInfo.InvariantCulture, ErrorMessages.IDX10617, algorithm, this.key.ToString()));
}
}
