internal static bool TryConvertToECDsaSecurityKey(JsonWebKey webKey, out SecurityKey key)
        {
            if (webKey.ConvertedSecurityKey is ECDsaSecurityKey)
            {
                key = webKey.ConvertedSecurityKey;
                return(true);
            }

            key = null;
            if (string.IsNullOrEmpty(webKey.Crv) || string.IsNullOrEmpty(webKey.X) || string.IsNullOrEmpty(webKey.Y))
            {
                return(false);
            }

            try
            {
                key = new ECDsaSecurityKey(webKey, !string.IsNullOrEmpty(webKey.D));
                return(true);
            }
            catch (Exception ex)
            {
                LogHelper.LogExceptionMessage(new InvalidOperationException(LogHelper.FormatInvariant(LogMessages.IDX10813, typeof(ECDsaSecurityKey), webKey, ex), ex));
            }

            return(false);
        }
        internal static bool TryConvertToECDsaSecurityKey(JsonWebKey webKey, out SecurityKey key)
        {
            if (webKey.ConvertedSecurityKey is ECDsaSecurityKey)
            {
                key = webKey.ConvertedSecurityKey;
                return(true);
            }

            key = null;
            if (string.IsNullOrEmpty(webKey.Crv) || string.IsNullOrEmpty(webKey.X) || string.IsNullOrEmpty(webKey.Y))
            {
                var missingComponent = new List <string>();
                if (string.IsNullOrEmpty(webKey.Crv))
                {
                    missingComponent.Add(JsonWebKeyParameterNames.Crv);
                }

                if (string.IsNullOrEmpty(webKey.X))
                {
                    missingComponent.Add(JsonWebKeyParameterNames.X);
                }

                if (string.IsNullOrEmpty(webKey.Y))
                {
                    missingComponent.Add(JsonWebKeyParameterNames.Y);
                }

                webKey.ConvertKeyInfo = LogHelper.FormatInvariant(LogMessages.IDX10814, LogHelper.MarkAsNonPII(typeof(ECDsaSecurityKey)), webKey, string.Join(", ", missingComponent));
                return(false);
            }

            try
            {
                key = new ECDsaSecurityKey(webKey, !string.IsNullOrEmpty(webKey.D));
                return(true);
            }
            catch (Exception ex)
            {
                string convertKeyInfo = LogHelper.FormatInvariant(LogMessages.IDX10813, LogHelper.MarkAsNonPII(typeof(ECDsaSecurityKey)), webKey, ex);
                webKey.ConvertKeyInfo = convertKeyInfo;
                LogHelper.LogExceptionMessage(new InvalidOperationException(convertKeyInfo, ex));
            }

            return(false);
        }
        /// <summary>
        /// Converts a <see cref="ECDsaSecurityKey"/> into a <see cref="JsonWebKey"/>
        /// </summary>
        /// <param name="key">an <see cref="ECDsaSecurityKey"/> to convert.</param>
        /// <returns>a <see cref="JsonWebKey"/></returns>
        /// <exception cref="ArgumentNullException">if <paramref name="key"/>is null.</exception>
        public static JsonWebKey ConvertFromECDsaSecurityKey(ECDsaSecurityKey key)
        {
            if (!ECDsaAdapter.SupportsECParameters())
            {
                throw LogHelper.LogExceptionMessage(new PlatformNotSupportedException(LogMessages.IDX10695));
            }

            if (key == null)
            {
                throw LogHelper.LogArgumentNullException(nameof(key));
            }

            if (key.ECDsa == null)
            {
                throw LogHelper.LogArgumentNullException(nameof(key.ECDsa));
            }

            ECParameters parameters;

            try
            {
                parameters = key.ECDsa.ExportParameters(true);
            }
            catch
            {
                parameters = key.ECDsa.ExportParameters(false);
            }

            return(new JsonWebKey
            {
                Crv = ECDsaAdapter.GetCrvParameterValue(parameters.Curve),
                X = parameters.Q.X != null?Base64UrlEncoder.Encode(parameters.Q.X) : null,
                        Y = parameters.Q.Y != null?Base64UrlEncoder.Encode(parameters.Q.Y) : null,
                                D = parameters.D != null?Base64UrlEncoder.Encode(parameters.D) : null,
                                        Kty = JsonWebAlgorithmsKeyTypes.EllipticCurve,
                                        Kid = key.KeyId,
                                        ConvertedSecurityKey = key
            });
        }
Example #4
0
 private void InitializeUsingEcdsaSecurityKey(ECDsaSecurityKey ecdsaSecurityKey)
 {
     ECDsaSecurityKey  = ecdsaSecurityKey;
     SignatureFunction = SignWithECDsa;
     VerifyFunction    = VerifyWithECDsa;
 }
        /// <summary>
        /// Checks if an 'algorithm, key' pair is supported.
        /// </summary>
        /// <param name="algorithm">the algorithm to check.</param>
        /// <param name="key">the <see cref="SecurityKey"/>.</param>
        /// <returns>true if 'algorithm, key' pair is supported.</returns>
        public virtual bool IsSupportedAlgorithm(string algorithm, SecurityKey key)
        {
            if (CustomCryptoProvider != null && CustomCryptoProvider.IsSupportedAlgorithm(algorithm, key))
            {
                return(true);
            }

            if (key as RsaSecurityKey != null)
            {
                return(IsRsaAlgorithmSupported(algorithm));
            }

            var x509Key = key as X509SecurityKey;

            if (x509Key != null)
            {
#if NETSTANDARD1_4
                if (x509Key.PublicKey as RSA == null)
                {
                    return(false);
                }
#else
                if (x509Key.PublicKey as RSACryptoServiceProvider == null)
                {
                    return(false);
                }
#endif
                return(IsRsaAlgorithmSupported(algorithm));
            }

            JsonWebKey jsonWebKey = key as JsonWebKey;
            if (jsonWebKey != null)
            {
                if (jsonWebKey.Kty == JsonWebAlgorithmsKeyTypes.RSA)
                {
                    return(IsRsaAlgorithmSupported(algorithm));
                }
                else if (jsonWebKey.Kty == JsonWebAlgorithmsKeyTypes.EllipticCurve)
                {
                    return(IsEcdsaAlgorithmSupported(algorithm));
                }
                else if (jsonWebKey.Kty == JsonWebAlgorithmsKeyTypes.Octet)
                {
                    return(IsSymmetricAlgorithmSupported(algorithm));
                }

                return(false);
            }

            ECDsaSecurityKey ecdsaSecurityKey = key as ECDsaSecurityKey;
            if (ecdsaSecurityKey != null)
            {
                return(IsEcdsaAlgorithmSupported(algorithm));
            }

            if (key as SymmetricSecurityKey != null)
            {
                return(IsSymmetricAlgorithmSupported(algorithm));
            }

            return(false);
        }
Example #6
0
        private void ResolveAsymmetricAlgorithm(SecurityKey key, string algorithm, bool willCreateSignatures)
        {
            if (key == null)
            {
                throw LogHelper.LogArgumentNullException("key");
            }

            if (string.IsNullOrWhiteSpace(algorithm))
            {
                throw LogHelper.LogArgumentNullException("algorithm");
            }

            _hashAlgorithm = GetHashAlgorithmString(algorithm);
            RsaSecurityKey rsaKey = key as RsaSecurityKey;

            if (rsaKey != null)
            {
                if (rsaKey.Rsa != null)
                {
                    _rsaCryptoServiceProvider = rsaKey.Rsa as RSACryptoServiceProvider;
                }

                if (_rsaCryptoServiceProvider == null)
                {
                    _rsaCryptoServiceProvider = new RSACryptoServiceProvider();
                    (_rsaCryptoServiceProvider as RSA).ImportParameters(rsaKey.Parameters);
                    _disposeRsa = true;
                }
                return;
            }

            X509SecurityKey x509Key = key as X509SecurityKey;

            if (x509Key != null)
            {
                if (willCreateSignatures)
                {
                    _rsaCryptoServiceProviderProxy = new RSACryptoServiceProviderProxy(x509Key.PrivateKey as RSACryptoServiceProvider);
                }
                else
                {
                    _rsaCryptoServiceProviderProxy = new RSACryptoServiceProviderProxy(x509Key.PublicKey as RSACryptoServiceProvider);
                }
                return;
            }

            ECDsaSecurityKey ecdsaKey = key as ECDsaSecurityKey;

            if (ecdsaKey != null)
            {
                if (ecdsaKey.ECDsa != null)
                {
                    _ecdsa = ecdsaKey.ECDsa as ECDsaCng;
                    _ecdsa.HashAlgorithm = new CngAlgorithm(_hashAlgorithm);
                    return;
                }
            }

            JsonWebKey webKey = key as JsonWebKey;

            if (webKey.Kty == JsonWebAlgorithmsKeyTypes.RSA)
            {
                RSAParameters parameters = CreateRsaParametersFromJsonWebKey(webKey, willCreateSignatures);
                _rsaCryptoServiceProvider = new RSACryptoServiceProvider();
                (_rsaCryptoServiceProvider as RSA).ImportParameters(parameters);
                return;
            }
            else if (webKey.Kty == JsonWebAlgorithmsKeyTypes.EllipticCurve)
            {
                CreateECDsaFromJsonWebKey(webKey, willCreateSignatures);
                return;
            }

            throw LogHelper.LogExceptionMessage(new ArgumentOutOfRangeException(nameof(key), String.Format(CultureInfo.InvariantCulture, LogMessages.IDX10641, key)));
        }
        private void ResolveAsymmetricAlgorithm(SecurityKey key, string algorithm, bool willCreateSignatures)
        {
            if (key == null)
            {
                throw LogHelper.LogArgumentNullException("key");
            }

            if (string.IsNullOrWhiteSpace(algorithm))
            {
                throw LogHelper.LogArgumentNullException("algorithm");
            }

            _hashAlgorithm = GetHashAlgorithmName(algorithm);
            RsaSecurityKey rsaKey = key as RsaSecurityKey;

            if (rsaKey != null)
            {
                if (rsaKey.Rsa != null)
                {
                    _rsa = rsaKey.Rsa;
                    return;
                }

                _rsa = RSA.Create();
                if (_rsa != null)
                {
                    _rsa.ImportParameters(rsaKey.Parameters);
                    _disposeRsa = true;
                    return;
                }
            }

            X509SecurityKey x509Key = key as X509SecurityKey;

            if (x509Key != null)
            {
                if (willCreateSignatures)
                {
                    RSACryptoServiceProvider rsaCsp = x509Key.PrivateKey as RSACryptoServiceProvider;
                    if (rsaCsp != null)
                    {
                        _rsaCryptoServiceProviderProxy = new RSACryptoServiceProviderProxy(rsaCsp);
                    }
                    else
                    {
                        _rsa = x509Key.PrivateKey as RSA;
                    }
                }
                else
                {
                    _rsa = x509Key.PublicKey as RSA;
                }

                return;
            }

            ECDsaSecurityKey ecdsaKey = key as ECDsaSecurityKey;

            if (ecdsaKey != null)
            {
                if (ecdsaKey.ECDsa != null)
                {
                    _ecdsa = ecdsaKey.ECDsa;
                    return;
                }
            }

            JsonWebKey webKey = key as JsonWebKey;

            if (webKey.Kty == JsonWebAlgorithmsKeyTypes.RSA)
            {
                RSAParameters parameters = CreateRsaParametersFromJsonWebKey(webKey, willCreateSignatures);

                _rsa = RSA.Create();
                if (_rsa != null)
                {
                    _rsa.ImportParameters(parameters);
                    _disposeRsa = true;
                    return;
                }
            }
            else if (webKey.Kty == JsonWebAlgorithmsKeyTypes.EllipticCurve)
            {
                if (!RuntimeInformation.IsOSPlatform(OSPlatform.Windows))
                {
                    throw new PlatformNotSupportedException();
                }

                CreateECDsaFromJsonWebKey(webKey, willCreateSignatures);
                return;
            }

            throw LogHelper.LogArgumentException <ArgumentOutOfRangeException>(nameof(key), LogMessages.IDX10641, key);
        }