IList <Claim> InitializeClaimsCore() { List <Claim> claims = new List <Claim>(); byte[] thumbprint = this.certificate.GetCertHash(); claims.Add(new Claim(ClaimTypes.Thumbprint, thumbprint, Rights.Identity)); claims.Add(new Claim(ClaimTypes.Thumbprint, thumbprint, Rights.PossessProperty)); // Ordering SubjectName, Dns, SimpleName, Email, Upn string value = this.certificate.SubjectName.Name; if (!string.IsNullOrEmpty(value)) { claims.Add(Claim.CreateX500DistinguishedNameClaim(this.certificate.SubjectName)); } claims.AddRange(GetDnsClaims(this.certificate)); value = this.certificate.GetNameInfo(X509NameType.SimpleName, false); if (!string.IsNullOrEmpty(value)) { claims.Add(Claim.CreateNameClaim(value)); } value = this.certificate.GetNameInfo(X509NameType.EmailName, false); if (!string.IsNullOrEmpty(value)) { claims.Add(Claim.CreateMailAddressClaim(new MailAddress(value))); } value = this.certificate.GetNameInfo(X509NameType.UpnName, false); if (!string.IsNullOrEmpty(value)) { claims.Add(Claim.CreateUpnClaim(value)); } value = this.certificate.GetNameInfo(X509NameType.UrlName, false); if (!string.IsNullOrEmpty(value)) { claims.Add(Claim.CreateUriClaim(new Uri(value))); } RSA rsa; if (LocalAppContextSwitches.DisableCngCertificates) { rsa = this.certificate.PublicKey.Key as RSA; } else { rsa = CngLightup.GetRSAPublicKey(this.certificate); } if (rsa != null) { claims.Add(Claim.CreateRsaClaim(rsa)); } return(claims); }
public static IEnumerable <Claim> GetClaimsFromCertificate(X509Certificate2 certificate, string issuer) { if (certificate == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("certificate"); } ICollection <Claim> claimsCollection = new Collection <Claim>(); string thumbprint = Convert.ToBase64String(certificate.GetCertHash()); claimsCollection.Add(new Claim(ClaimTypes.Thumbprint, thumbprint, ClaimValueTypes.Base64Binary, issuer)); string value = certificate.SubjectName.Name; if (!string.IsNullOrEmpty(value)) { claimsCollection.Add(new Claim(ClaimTypes.X500DistinguishedName, value, ClaimValueTypes.String, issuer)); } value = certificate.GetNameInfo(X509NameType.DnsName, false); if (!string.IsNullOrEmpty(value)) { claimsCollection.Add(new Claim(ClaimTypes.Dns, value, ClaimValueTypes.String, issuer)); } value = certificate.GetNameInfo(X509NameType.SimpleName, false); if (!string.IsNullOrEmpty(value)) { claimsCollection.Add(new Claim(ClaimTypes.Name, value, ClaimValueTypes.String, issuer)); } value = certificate.GetNameInfo(X509NameType.EmailName, false); if (!string.IsNullOrEmpty(value)) { claimsCollection.Add(new Claim(ClaimTypes.Email, value, ClaimValueTypes.String, issuer)); } value = certificate.GetNameInfo(X509NameType.UpnName, false); if (!string.IsNullOrEmpty(value)) { claimsCollection.Add(new Claim(ClaimTypes.Upn, value, ClaimValueTypes.String, issuer)); } value = certificate.GetNameInfo(X509NameType.UrlName, false); if (!string.IsNullOrEmpty(value)) { claimsCollection.Add(new Claim(ClaimTypes.Uri, value, ClaimValueTypes.String, issuer)); } RSA rsa; if (LocalAppContextSwitches.DisableCngCertificates) { rsa = certificate.PublicKey.Key as RSA; } else { rsa = CngLightup.GetRSAPublicKey(certificate); } if (rsa != null) { claimsCollection.Add(new Claim(ClaimTypes.Rsa, rsa.ToXmlString(false), ClaimValueTypes.RsaKeyValue, issuer)); } DSA dsa; if (LocalAppContextSwitches.DisableCngCertificates) { dsa = certificate.PublicKey.Key as DSA; } else { dsa = CngLightup.GetDSAPublicKey(certificate); } if (dsa != null) { claimsCollection.Add(new Claim(ClaimTypes.Dsa, dsa.ToXmlString(false), ClaimValueTypes.DsaKeyValue, issuer)); } value = certificate.SerialNumber; if (!string.IsNullOrEmpty(value)) { claimsCollection.Add(new Claim(ClaimTypes.SerialNumber, value, ClaimValueTypes.String, issuer)); } return(claimsCollection); }
public static RSA GetRSAPublicKey(this X509Certificate2 certificate) { return(CngLightup.GetRSAPublicKey(certificate)); }