/// <summary>Creates a key from the raw data of the X.509 certificate or byte array that is specified in the constructor.</summary>
/// <returns>A <see cref="T:System.IdentityModel.Tokens.X509AsymmetricSecurityKey" /> that contains the key(s) associated with the X.509 certificate.</returns>
public override SecurityKey CreateKey()
{
if (this.key == null)
{
if (this.certificate == null)
{
this.certificate = new X509Certificate2(this.GetBuffer());
}
this.key = new X509AsymmetricSecurityKey(this.certificate);
}
return((SecurityKey)this.key);
}
/// <summary>Gets the formatter algorithm for the digital signature.</summary>
/// <param name="algorithm">The formatter algorithm for the digital signature to get an instance of.</param>
/// <returns>An <see cref="T:System.Security.Cryptography.AsymmetricSignatureDeformatter" /> that represents the formatter algorithm for the digital signature.</returns>
/// <exception cref="T:System.NotSupportedException">The X.509 certificate specified in the constructor does not have a private key.-or-
/// <paramref name="algorithm" /> is <see cref="F:System.Security.Cryptography.Xml.SignedXml.XmlDsigDSAUrl" /> and the private key for the X.509 certificate specified in the constructor is not of type <see cref="T:System.Security.Cryptography.DSA" />.-or-
/// <paramref name="algorithm" /> is <see cref="F:System.Security.Cryptography.Xml.SignedXml.XmlDsigRSASHA1Url" /> or <see cref="F:System.IdentityModel.Tokens.SecurityAlgorithms.RsaSha256Signature" /> and the private key for the X.509 certificate specified in the constructor is not of type <see cref="T:System.Security.Cryptography.RSA" />.-or-
/// <paramref name="algorithm" /> is not supported. The supported algorithms are <see cref="F:System.Security.Cryptography.Xml.SignedXml.XmlDsigDSAUrl" />,
/// <see cref="F:System.Security.Cryptography.Xml.SignedXml.XmlDsigRSASHA1Url" />, and <see cref="F:System.IdentityModel.Tokens.SecurityAlgorithms.RsaSha256Signature" />.</exception>
public override AsymmetricSignatureFormatter GetSignatureFormatter(
string algorithm)
{
if (this.PrivateKey == null)
{
throw new NotSupportedException("MissingPrivateKey");
}
if (string.IsNullOrEmpty(algorithm))
{
throw new ArgumentNullException(nameof(algorithm));
}
AsymmetricAlgorithm key = X509AsymmetricSecurityKey.LevelUpRsa(this.PrivateKey, algorithm);
object algorithmFromConfig = CryptoHelper.GetAlgorithmFromConfig(algorithm);
if (algorithmFromConfig != null)
{
SignatureDescription signatureDescription = algorithmFromConfig as SignatureDescription;
if (signatureDescription != null)
{
return(signatureDescription.CreateFormatter(key));
}
try
{
AsymmetricSignatureFormatter signatureFormatter = algorithmFromConfig as AsymmetricSignatureFormatter;
if (signatureFormatter != null)
{
signatureFormatter.SetKey(key);
return(signatureFormatter);
}
}
catch (InvalidCastException ex)
{
throw new NotSupportedException("AlgorithmAndPrivateKeyMisMatch", (Exception)ex);
}
throw new CryptographicException("UnsupportedAlgorithmForCryptoOperation");
}
if (algorithm != "http://www.w3.org/2000/09/xmldsig#dsa-sha1")
{
if (algorithm != "http://www.w3.org/2000/09/xmldsig#rsa-sha1")
{
if (algorithm == "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256")
{
RSA rsa = key as RSA;
if (rsa == null)
{
throw new NotSupportedException("PrivateKeyNotRSA");
}
return((AsymmetricSignatureFormatter) new RSAPKCS1SignatureFormatter((AsymmetricAlgorithm)rsa));
}
throw new NotSupportedException("UnsupportedCryptoAlgorithm");
}
RSA privateKey = this.PrivateKey as RSA;
if (privateKey == null)
{
throw new NotSupportedException("PrivateKeyNotRSA");
}
return((AsymmetricSignatureFormatter) new RSAPKCS1SignatureFormatter((AsymmetricAlgorithm)privateKey));
}
DSA privateKey1 = this.PrivateKey as DSA;
if (privateKey1 == null)
{
throw new NotSupportedException("PrivateKeyNotDSA");
}
return((AsymmetricSignatureFormatter) new DSASignatureFormatter((AsymmetricAlgorithm)privateKey1));
}