/// <summary>
/// Returns the JsonWebKeys as a <see cref="IList{SecurityKey}"/>.
/// </summary>
public IList <SecurityKey> GetSigningKeys()
{
List <SecurityKey> keys = new List <SecurityKey>();
for (int i = 0; i < Keys.Count; i++)
{
JsonWebKey webKey = Keys[i];
if (!StringComparer.Ordinal.Equals(webKey.Kty, JsonWebAlgorithmsKeyTypes.RSA))
{
continue;
}
if ((string.IsNullOrWhiteSpace(webKey.Use) || (StringComparer.Ordinal.Equals(webKey.Use, JsonWebKeyUseNames.Sig))))
{
if (webKey.X5c != null)
{
foreach (var certString in webKey.X5c)
{
try
{
// Add chaining
SecurityKey key = new X509SecurityKey(new X509Certificate2(Convert.FromBase64String(certString)));
key.KeyId = webKey.Kid;
keys.Add(key);
}
catch (CryptographicException ex)
{
throw LogHelper.LogExceptionMessage(new InvalidOperationException(String.Format(CultureInfo.InvariantCulture, LogMessages.IDX10802, webKey.X5c[0]), ex));
}
catch (FormatException fex)
{
throw LogHelper.LogExceptionMessage(new InvalidOperationException(String.Format(CultureInfo.InvariantCulture, LogMessages.IDX10802, webKey.X5c[0]), fex));
}
}
}
if (!string.IsNullOrWhiteSpace(webKey.E) && !string.IsNullOrWhiteSpace(webKey.N))
{
try
{
SecurityKey key =
new RsaSecurityKey
(
new RSAParameters
{
Exponent = Base64UrlEncoder.DecodeBytes(webKey.E),
Modulus = Base64UrlEncoder.DecodeBytes(webKey.N),
}
);
key.KeyId = webKey.Kid;
keys.Add(key);
}
catch (CryptographicException ex)
{
throw LogHelper.LogExceptionMessage(new InvalidOperationException(String.Format(CultureInfo.InvariantCulture, LogMessages.IDX10801, webKey.E, webKey.N), ex));
}
catch (FormatException ex)
{
throw LogHelper.LogExceptionMessage(new InvalidOperationException(String.Format(CultureInfo.InvariantCulture, LogMessages.IDX10801, webKey.E, webKey.N), ex));
}
}
}
}
return(keys);
}
internal ECDsaCng CreateECDsa(string algorithm, bool usePrivateKey)
{
if (Crv == null)
throw LogHelper.LogArgumentNullException(nameof(Crv));
if (X == null)
throw LogHelper.LogArgumentNullException(nameof(X));
if (Y == null)
throw LogHelper.LogArgumentNullException(nameof(Y));
GCHandle keyBlobHandle = new GCHandle();
try
{
uint dwMagic = GetMagicValue(Crv, usePrivateKey);
uint cbKey = GetKeyByteCount(Crv);
byte[] keyBlob;
#if NET45
if (usePrivateKey)
keyBlob = new byte[3 * cbKey + 2 * Marshal.SizeOf(typeof(uint))];
else
keyBlob = new byte[2 * cbKey + 2 * Marshal.SizeOf(typeof(uint))];
#else
if (usePrivateKey)
keyBlob = new byte[3 * cbKey + 2 * Marshal.SizeOf<uint>()];
else
keyBlob = new byte[2 * cbKey + 2 * Marshal.SizeOf<uint>()];
#endif
keyBlobHandle = GCHandle.Alloc(keyBlob, GCHandleType.Pinned);
IntPtr keyBlobPtr = keyBlobHandle.AddrOfPinnedObject();
byte[] x = Base64UrlEncoder.DecodeBytes(X);
byte[] y = Base64UrlEncoder.DecodeBytes(Y);
Marshal.WriteInt64(keyBlobPtr, 0, dwMagic);
Marshal.WriteInt64(keyBlobPtr, 4, cbKey);
int index = 8;
foreach (byte b in x)
Marshal.WriteByte(keyBlobPtr, index++, b);
foreach (byte b in y)
Marshal.WriteByte(keyBlobPtr, index++, b);
if (usePrivateKey)
{
if (D == null)
throw LogHelper.LogArgumentNullException(nameof(D));
byte[] d = Base64UrlEncoder.DecodeBytes(D);
foreach (byte b in d)
Marshal.WriteByte(keyBlobPtr, index++, b);
Marshal.Copy(keyBlobPtr, keyBlob, 0, keyBlob.Length);
using (CngKey cngKey = CngKey.Import(keyBlob, CngKeyBlobFormat.EccPrivateBlob))
{
if (Utility.ValidateECDSAKeySize(cngKey.KeySize, algorithm))
return new ECDsaCng(cngKey);
else
throw LogHelper.LogExceptionMessage(new ArgumentOutOfRangeException("key.KeySize", String.Format(CultureInfo.InvariantCulture, LogMessages.IDX10671, cngKey, ECDsaAlgorithm.DefaultECDsaKeySizeInBitsMap[algorithm], cngKey.KeySize)));
}
}
else
{
Marshal.Copy(keyBlobPtr, keyBlob, 0, keyBlob.Length);
using (CngKey cngKey = CngKey.Import(keyBlob, CngKeyBlobFormat.EccPublicBlob))
{
if (Utility.ValidateECDSAKeySize(cngKey.KeySize, algorithm))
return new ECDsaCng(cngKey);
else
throw LogHelper.LogExceptionMessage(new ArgumentOutOfRangeException("key.KeySize", String.Format(CultureInfo.InvariantCulture, LogMessages.IDX10671, cngKey, ECDsaAlgorithm.DefaultECDsaKeySizeInBitsMap[algorithm], cngKey.KeySize)));
}
}
}
finally
{
if (keyBlobHandle != null)
keyBlobHandle.Free();
}
}