public void DeletePrivateKey(AsymmetricAlgorithm a) { for (Type t = a.GetType(); t != null; t = t.BaseType) { Action <AsymmetricAlgorithm> deleter; if (this.privateKeyDeleters.TryGetValue(t, out deleter)) { deleter(a); return; } } FiddlerApplication.Log.LogString("No private key deleter found for " + a.GetType()); }
public GostExternalAsymmetricAlgorithm(AsymmetricAlgorithm algorithm) : base(default(ProviderType), algorithm.KeySize) { var createSignatureMethod = algorithm.GetType().GetMethod(nameof(CreateSignature), new[] { typeof(byte[]) }); var verifySignatureMethod = algorithm.GetType().GetMethod(nameof(VerifySignature), new[] { typeof(byte[]), typeof(byte[]) }); if ((createSignatureMethod == null || createSignatureMethod.ReturnType != typeof(byte[])) || (verifySignatureMethod == null || verifySignatureMethod.ReturnType != typeof(bool))) { throw ExceptionUtility.Argument(nameof(algorithm), Resources.ShouldSupportGost3410); } _algorithm = algorithm; _createSignature = hash => (byte[])createSignatureMethod.Invoke(algorithm, new object[] { hash }); _verifySignature = (hash, signature) => (bool)verifySignatureMethod.Invoke(algorithm, new object[] { hash, signature }); }
private static bool CheckSignedInfo(SignedXml signedXml, AsymmetricAlgorithm key) { //Copied from reflected System.Security.Cryptography.Xml.SignedXml SignatureDescription signatureDescription = CryptoConfig.CreateFromName(signedXml.SignatureMethod) as SignatureDescription; if (signatureDescription == null) { throw new CryptographicException(SecurityResources.GetString("Cryptography_Xml_SignatureDescriptionNotCreated")); } Type type = Type.GetType(signatureDescription.KeyAlgorithm); Type type2 = key.GetType(); if (type != type2 && !type.IsSubclassOf(type2) && !type2.IsSubclassOf(type)) { return(false); } HashAlgorithm hashAlgorithm = signatureDescription.CreateDigest(); if (hashAlgorithm == null) { throw new CryptographicException(SecurityResources.GetString("Cryptography_Xml_CreateHashAlgorithmFailed")); } //Except this. The SignedXml class creates and cananicalizes a Signature element without any prefix, rather than using the element from the document provided byte[] c14NDigest = GetC14NDigest(signedXml, hashAlgorithm); AsymmetricSignatureDeformatter asymmetricSignatureDeformatter = signatureDescription.CreateDeformatter(key); return(asymmetricSignatureDeformatter.VerifySignature(c14NDigest, signedXml.Signature.SignatureValue)); }
/// <summary>CreateSameKeySizeSP</summary> /// <param name="aa1">AsymmetricAlgorithm</param> /// <returns>AsymmetricAlgorithm(RSA or DSA)</returns> public static AsymmetricAlgorithm CreateSameKeySizeSP(AsymmetricAlgorithm aa1) { AsymmetricAlgorithm aa2 = (AsymmetricAlgorithm)Activator.CreateInstance(aa1.GetType()); aa2.KeySize = aa1.KeySize; return(aa2); }
public Saml2LogoutResponse GetLogoutReponse(Uri uri, AsymmetricAlgorithm key) { var response = new Saml2LogoutResponse(); var parser = new HttpRedirectBindingParser(uri); if (key == null) { throw new ArgumentNullException(nameof(key)); } response.OriginalLogoutRequest = parser.LogoutRequest; if (!parser.IsSigned) { response.StatusCode = Saml2Constants.StatusCodes.RequestDenied; } // Validates the signature using the public part of the asymmetric key given as parameter. var signatureProvider = _signatureProviderFactory.CreateFromAlgorithmUri(key.GetType(), parser.SignatureAlgorithm); if (!signatureProvider.VerifySignature(key, Encoding.UTF8.GetBytes(parser.SignedQuery), parser.DecodeSignature())) { response.StatusCode = Saml2Constants.StatusCodes.RequestDenied; } response.StatusCode = Saml2Constants.StatusCodes.Success; return(response); }
private static X509Certificate2 CloneWithPrivateKey(X509Certificate2 cert, AsymmetricAlgorithm key) { RSA rsa = key as RSA; if (rsa != null) { return(cert.CopyWithPrivateKey(rsa)); } ECDsa ecdsa = key as ECDsa; if (ecdsa != null) { return(cert.CopyWithPrivateKey(ecdsa)); } DSA dsa = key as DSA; if (dsa != null) { return(cert.CopyWithPrivateKey(dsa)); } throw new InvalidOperationException( $"Had no handler for key of type {key?.GetType().FullName ?? "null"}"); }
private bool CheckSignedInfo(AsymmetricAlgorithm key) { if (key == null) { throw new ArgumentNullException("key"); } SignedXmlDebugLog.LogBeginCheckSignedInfo(this, this.m_signature.SignedInfo); SignatureDescription signatureDescription = CryptoConfig.CreateFromName(this.SignatureMethod) as SignatureDescription; if (signatureDescription == null) { throw new CryptographicException(SecurityResources.GetResourceString("Cryptography_Xml_SignatureDescriptionNotCreated")); } Type c = Type.GetType(signatureDescription.KeyAlgorithm); Type type = key.GetType(); if (((c != type) && !c.IsSubclassOf(type)) && !type.IsSubclassOf(c)) { return(false); } HashAlgorithm hash = signatureDescription.CreateDigest(); if (hash == null) { throw new CryptographicException(SecurityResources.GetResourceString("Cryptography_Xml_CreateHashAlgorithmFailed")); } byte[] actualHashValue = this.GetC14NDigest(hash); AsymmetricSignatureDeformatter asymmetricSignatureDeformatter = signatureDescription.CreateDeformatter(key); SignedXmlDebugLog.LogVerifySignedInfo(this, key, signatureDescription, hash, asymmetricSignatureDeformatter, actualHashValue, this.m_signature.SignatureValue); return(asymmetricSignatureDeformatter.VerifySignature(actualHashValue, this.m_signature.SignatureValue)); }
public string GetLogoutResponseMessage(Uri uri, AsymmetricAlgorithm key) { var parser = new HttpRedirectBindingParser(uri); if (key == null) { throw new ArgumentNullException(nameof(key)); } if (!parser.IsSigned) { throw new InvalidOperationException("Query is not signed, so there is no signature to verify."); } // Validates the signature using the public part of the asymmetric key given as parameter. var signatureProvider = _signatureProviderFactory.CreateFromAlgorithmUri(key.GetType(), parser.SignatureAlgorithm); if (!signatureProvider.VerifySignature(key, Encoding.UTF8.GetBytes(parser.SignedQuery), parser.DecodeSignature())) { throw new InvalidOperationException("Logout request signature verification failed"); } return(parser.Message); }
/// <summary> /// Create a self-signed certificate using the established subject, key, and optional /// extensions. /// </summary> /// <param name="notBefore"> /// The oldest date and time where this certificate is considered valid. /// Typically <see cref="DateTimeOffset.UtcNow"/>, plus or minus a few seconds. /// </param> /// <param name="notAfter"> /// The date and time where this certificate is no longer considered valid. /// </param> /// <returns> /// An <see cref="X509Certificate2"/> with the specified values. The returned object will /// assert <see cref="X509Certificate2.HasPrivateKey" />. /// </returns> /// <exception cref="ArgumentException"> /// <paramref name="notAfter"/> represents a date and time before <paramref name="notAfter"/>. /// </exception> /// <exception cref="InvalidOperationException"> /// A constructor was used which did not accept a signing key. /// </exception>> /// <exception cref="CryptographicException"> /// Other errors during the certificate creation process. /// </exception> public X509Certificate2 CreateSelfSigned(DateTimeOffset notBefore, DateTimeOffset notAfter) { if (notAfter < notBefore) { throw new ArgumentException(SR.Cryptography_CertReq_DatesReversed); } if (_key == null) { throw new InvalidOperationException(SR.Cryptography_CertReq_NoKeyProvided); } Debug.Assert(_generator != null); byte[] serialNumber = new byte[8]; RandomNumberGenerator.Fill(serialNumber); using (X509Certificate2 certificate = Create( SubjectName, _generator, notBefore, notAfter, serialNumber)) { RSA rsa = _key as RSA; if (rsa != null) { return(certificate.CopyWithPrivateKey(rsa)); } ECDsa ecdsa = _key as ECDsa; if (ecdsa != null) { return(certificate.CopyWithPrivateKey(ecdsa)); } Gost3410 gost3410 = _key as Gost3410; if (gost3410 != null) { return(certificate.CopyWithPrivateKey(gost3410)); } Gost3410_2012_256 gost3410_2012_256 = _key as Gost3410_2012_256; if (gost3410_2012_256 != null) { return(certificate.CopyWithPrivateKey(gost3410_2012_256)); } Gost3410_2012_512 gost3410_2012_512 = _key as Gost3410_2012_512; if (gost3410_2012_512 != null) { return(certificate.CopyWithPrivateKey(gost3410_2012_512)); } } Debug.Fail($"Key was of no known type: {_key?.GetType().FullName ?? "null"}"); throw new CryptographicException(); }
/// <summary> /// Signs an <see cref="XmlDocument"/> with the specified private asymmetric key. /// </summary> /// <param name="doc">The <see cref="XmlDocument"/>.</param> /// <param name="key">The private asymmetric key.</param> /// <returns></returns> public static XmlDocument SignXmlDocument(XmlDocument doc, AsymmetricAlgorithm key) { SignedXml signedXml = new SignedXml(doc) { SigningKey = key }; signedXml.SignedInfo.CanonicalizationMethod = SignedXml.XmlDsigExcC14NTransformUrl; XmlDsigExcC14NTransform canMethod = (XmlDsigExcC14NTransform)signedXml.SignedInfo.CanonicalizationMethodObject; canMethod.InclusiveNamespacesPrefixList = "Sign"; Reference reference = new Reference() { Uri = string.Empty }; reference.AddTransform(new XmlDsigEnvelopedSignatureTransform()); signedXml.AddReference(reference); KeyInfo keyInfo = new KeyInfo(); if (key.GetType().BaseType == typeof(RSA)) { keyInfo.AddClause(new RSAKeyValue((RSA)key)); } else if (key.GetType().BaseType == typeof(DSA)) { keyInfo.AddClause(new DSAKeyValue((DSA)key)); } signedXml.KeyInfo = keyInfo; signedXml.ComputeSignature(); doc.DocumentElement.AppendChild(doc.ImportNode(signedXml.GetXml(), true)); if (doc.FirstChild is XmlDeclaration) { doc.RemoveChild(doc.FirstChild); } return(doc); }
internal static SafeKeyHandle GetPrivateKey(AsymmetricAlgorithm key) { if (key is ECDsaImplementation.ECDsaAndroid ecdsa) { return(ecdsa.DuplicateKeyHandle()); } // TODO: [AndroidCrypto] Handle RSA / DSA throw new NotImplementedException($"{nameof(GetPrivateKey)} ({key.GetType()})"); }
public void DeletePrivateKey(AsymmetricAlgorithm asymmetricAlgorithm) { for (Type type = asymmetricAlgorithm.GetType(); type != null; type = type.BaseType) { if (privateKeyDeleters.TryGetValue(type, out Action <AsymmetricAlgorithm> deleter)) { deleter(asymmetricAlgorithm); return; } } }
private static CertificateRequest OpenCertRequest( string dn, AsymmetricAlgorithm key, HashAlgorithmName hashAlgorithm) { X500DistinguishedName x500dn = new X500DistinguishedName(dn); return(key switch { RSA rsa => new CertificateRequest(x500dn, rsa, hashAlgorithm, RSASignaturePadding.Pkcs1), ECDsa ecdsa => new CertificateRequest(x500dn, ecdsa, hashAlgorithm), ECDiffieHellman ecdh => new CertificateRequest(x500dn, new PublicKey(ecdh), hashAlgorithm), _ => throw new InvalidOperationException( $"Had no handler for key of type {key?.GetType().FullName ?? "null"}") });
internal static bool CanProduceSha1Signature(AsymmetricAlgorithm algorithm) { #if NETFRAMEWORK algorithm.Dispose(); return(true); #else // We expect all non-Linux platforms to support SHA1 signatures, currently. if (!OperatingSystem.IsLinux()) { return(true); } switch (algorithm) { case ECDsa ecdsa: try { ecdsa.SignData(Array.Empty <byte>(), HashAlgorithmName.SHA1); return(true); } catch (CryptographicException) { return(false); } finally { algorithm.Dispose(); } case RSA rsa: try { rsa.SignData(Array.Empty <byte>(), HashAlgorithmName.SHA1, RSASignaturePadding.Pkcs1); return(true); } catch (CryptographicException) { return(false); } finally { algorithm.Dispose(); } default: throw new NotSupportedException($"Algorithm type {algorithm.GetType()} is not supported."); } #endif }
public JsonWebKey(AsymmetricAlgorithm key, bool exportPrivate) { if (key is RSA rsaKey) { SetRsaKey(rsaKey, exportPrivate); return; } if (key is ECDsa ecdsaKey) { SetEcdsaKey(ecdsaKey, exportPrivate); return; } throw new ArgumentException($"Unsupported key type: {key.GetType()}"); }
public static ECDsa ValidateEcDsaKey(AsymmetricAlgorithm key) { if (key == null) { throw new ArgumentNullException(nameof(key)); } var ecKey = key as ECDsa; if (ecKey == null) { throw new InvalidOperationException( $"SetKey called with a key of type other than ECDsa: {key.GetType()}"); } return(ecKey); }
public static X509Certificate2 CloneWithPrivateKey( this X509Certificate2 cert, AsymmetricAlgorithm key) { if (key is RSA rsa) { return(cert.CopyWithPrivateKey(rsa)); } if (key is ECDsa ecdsa) { return(cert.CopyWithPrivateKey(ecdsa)); } throw new InvalidOperationException( $"Had no handler for key of type {key?.GetType().FullName ?? "null"}"); }
private bool CheckSignedInfo(AsymmetricAlgorithm key) { if (key == null) { throw new ArgumentNullException("key"); } SignedXmlDebugLog.LogBeginCheckSignedInfo(this, m_signature.SignedInfo); SignatureDescription signatureDescription = CryptoConfig.CreateFromName(SignatureMethod) as SignatureDescription; if (signatureDescription == null) { throw new CryptographicException(SecurityResources.GetResourceString("Cryptography_Xml_SignatureDescriptionNotCreated")); } // Let's see if the key corresponds with the SignatureMethod Type ta = Type.GetType(signatureDescription.KeyAlgorithm); Type tb = key.GetType(); if ((ta != tb) && !ta.IsSubclassOf(tb) && !tb.IsSubclassOf(ta)) { // Signature method key mismatch return(false); } HashAlgorithm hashAlgorithm = signatureDescription.CreateDigest(); if (hashAlgorithm == null) { throw new CryptographicException(SecurityResources.GetResourceString("Cryptography_Xml_CreateHashAlgorithmFailed")); } byte[] hashval = GetC14NDigest(hashAlgorithm); AsymmetricSignatureDeformatter asymmetricSignatureDeformatter = signatureDescription.CreateDeformatter(key); SignedXmlDebugLog.LogVerifySignedInfo(this, key, signatureDescription, hashAlgorithm, asymmetricSignatureDeformatter, hashval, m_signature.SignatureValue); return(asymmetricSignatureDeformatter.VerifySignature(hashval, m_signature.SignatureValue)); }
private static CertificateRequest OpenCertRequest( string dn, AsymmetricAlgorithm key, HashAlgorithmName hashAlgorithm) { if (key is RSA rsa) { return(new CertificateRequest(dn, rsa, hashAlgorithm, RSASignaturePadding.Pkcs1)); } if (key is ECDsa ecdsa) { return(new CertificateRequest(dn, ecdsa, hashAlgorithm)); } throw new InvalidOperationException( $"Had no handler for key of type {key?.GetType().FullName ?? "null"}"); }
private static bool VerifyAsym(string plainText, string signature, string ts) { SHA1 sha1 = SHA1.Create(); byte[] bsignature = ASCIIEncoding.ASCII.GetBytes(signature); byte[] cleartext = ASCIIEncoding.ASCII.GetBytes(plainText + ts); byte[] hash = sha1.ComputeHash(cleartext); object[] arr = new object[3]; arr[0] = hash; arr[1] = CryptoConfig.MapNameToOID("SHA1"); arr[2] = bsignature; bool verify = (bool)asymVerifyProvider.GetType() .GetMethod("VerifyHash") .Invoke(asymVerifyProvider, arr); return(verify); }
internal static SafeKeyHandle GetPrivateKey(AsymmetricAlgorithm key) { if (key is ECDsaImplementation.ECDsaAndroid ecdsa) { return(ecdsa.DuplicateKeyHandle()); } if (key is RSAImplementation.RSAAndroid rsa) { return(rsa.DuplicateKeyHandle()); } if (key is DSAImplementation.DSAAndroid dsa) { return(dsa.DuplicateKeyHandle()); } throw new NotImplementedException($"{nameof(GetPrivateKey)} ({key.GetType()})"); }
public bool Verify(AsymmetricAlgorithm key) { byte[] signature = GetSignature(); byte[] data = ToByteSign(); HashAlgorithmName hashAlgorithm = GetHashAlgorithmName(); if (key is RSA rsaKey) { RSASignaturePadding signaturePadding = GetRSASignaturePadding(); return(rsaKey.VerifyData(data, signature, hashAlgorithm, signaturePadding)); } if (key is ECDsa ecdsaKey) { return(ecdsaKey.VerifyData(data, signature, hashAlgorithm)); } throw new ArgumentException($"Unsupported key type: {key.GetType()}"); }
private static X509SignatureGenerator OpenGenerator(AsymmetricAlgorithm key) { RSA rsa = key as RSA; if (rsa != null) { return(X509SignatureGenerator.CreateForRSA(rsa, RSASignaturePadding.Pkcs1)); } ECDsa ecdsa = key as ECDsa; if (ecdsa != null) { return(X509SignatureGenerator.CreateForECDsa(ecdsa)); } throw new InvalidOperationException( $"Had no handler for key of type {key?.GetType().FullName ?? "null"}"); }
private static string SignAsym(string plainText, long ts) { if (asymSignProvider == null) { return(null); } SHA1 sha1 = SHA1.Create(); byte[] cleartext = ASCIIEncoding.ASCII.GetBytes(plainText + ts); byte[] hash = sha1.ComputeHash(cleartext); object[] arr = new object[2]; arr[0] = hash; arr[1] = CryptoConfig.MapNameToOID("SHA1"); byte[] sign1 = (byte[]) asymSignProvider.GetType().GetMethod("SignHash") .Invoke(asymSignProvider, arr); string b64signature = Convert.ToBase64String(sign1); return(b64signature); }
/// <summary> /// If an asymmetric key has been specified, sign the request. /// </summary> private void AddSignature(StringBuilder result, AsymmetricAlgorithm signingKey, ShaHashingAlgorithm hashingAlgorithm) { System.Console.WriteLine(""); System.Console.WriteLine("[HttpRedirectBinding][AddSignature] => result: " + result); System.Console.WriteLine("[HttpRedirectBinding][AddSignature] => signingKey: " + signingKey); System.Console.WriteLine("[HttpRedirectBinding][AddSignature] => hashingAlgorithm: " + hashingAlgorithm); System.Console.WriteLine(""); if (signingKey == null) { return; } result.Append(string.Format("&{0}=", HttpRedirectBindingConstants.SigAlg)); //System.Console.WriteLine("[HttpRedirectBinding][AddSignature] => result: " + result); var signingProvider = _signatureProviderFactory.CreateFromAlgorithmName(signingKey.GetType(), hashingAlgorithm); System.Console.WriteLine("[HttpRedirectBinding][AddSignature] => signingProvider: " + signingProvider); var urlEncoded = signingProvider.SignatureUri.UrlEncode(); System.Console.WriteLine("[HttpRedirectBinding][AddSignature] => urlEncoded: " + urlEncoded); result.Append(urlEncoded.UpperCaseUrlEncode()); //System.Console.WriteLine("[HttpRedirectBinding][AddSignature] => result: " + result); // Calculate the signature of the URL as described in [SAMLBind] section 3.4.4.1. var signature = signingProvider.SignData(signingKey, Encoding.UTF8.GetBytes(result.ToString())); System.Console.WriteLine("[HttpRedirectBinding][AddSignature] => signature: " + signature); result.AppendFormat("&{0}=", HttpRedirectBindingConstants.Signature); result.Append(HttpUtility.UrlEncode(Convert.ToBase64String(signature))); System.Console.WriteLine(""); System.Console.WriteLine("[HttpRedirectBinding][AddSignature] => result: " + result); System.Console.WriteLine(""); }
private static bool IsKeyTheCorrectAlgorithm(AsymmetricAlgorithm key, Type expectedType) { Type actualType = key.GetType(); if (actualType == expectedType) { return(true); } // This check exists solely for compatibility with 4.6. Normally, we would expect "expectedType" to be the superclass type and // the actualType to be the subclass. if (expectedType.IsSubclassOf(actualType)) { return(true); } // // "expectedType" comes from the KeyAlgorithm property of a SignatureDescription. The BCL SignatureDescription classes have historically // denoted provider-specific implementations ("RSACryptoServiceProvider") rather than the base class for the algorithm ("RSA"). We could // change those (at the risk of creating other compat problems) but we have no control over third party SignatureDescriptions. // // So, in the absence of a better approach, walk up the parent hierarchy until we find the ancestor that's a direct subclass of // AsymmetricAlgorithm and treat that as the algorithm identifier. // while (expectedType != null && expectedType.BaseType != typeof(AsymmetricAlgorithm)) { expectedType = expectedType.BaseType; } if (expectedType == null) { return(false); // SignatureDescription specified something that isn't even a subclass of AsymmetricAlgorithm. For compatibility with 4.6, return false rather throw. } if (actualType.IsSubclassOf(expectedType)) { return(true); } return(false); }
private static CertificateRequest OpenCertRequest( string dn, AsymmetricAlgorithm key, HashAlgorithmName hashAlgorithm) { RSA rsa = key as RSA; if (rsa != null) { return(new CertificateRequest(dn, rsa, hashAlgorithm)); } ECDsa ecdsa = key as ECDsa; if (ecdsa != null) { return(new CertificateRequest(dn, ecdsa, hashAlgorithm)); } throw new InvalidOperationException( $"Had no handler for key of type {key?.GetType().FullName ?? "null"}"); }
public byte[] Collect() { var rsaKey = privateKey as RSA; if (rsaKey != null) { #if NET452 var rsaProviderKey = rsaKey as RSACryptoServiceProvider; return(rsaProviderKey.SignHash(hashAlgorithm.Hash, hashOid.Value)); #else HashAlgorithmName han; switch (hashOid.FriendlyName) { case "SHA256": han = HashAlgorithmName.SHA256; break; case "SHA512": han = HashAlgorithmName.SHA512; break; default: throw new InvalidOperationException("Hash algorithm not supported :" + hashOid.FriendlyName); } return(rsaKey.SignHash(hashAlgorithm.Hash, han, RSASignaturePadding.Pkcs1)); #endif } var dsaKey = privateKey as DSA; if (dsaKey != null) { return(dsaKey.CreateSignature(hashAlgorithm.Hash)); } throw new InvalidOperationException("Unsuported key type: " + privateKey.GetType()); }
public void Sign(AsymmetricAlgorithm key) { byte[] data = ToByteSign(); HashAlgorithmName hashAlgorithm = GetHashAlgorithmName(); if (key is RSA rsaKey) { RSASignaturePadding signaturePadding = GetRSASignaturePadding(); byte[] signedData = rsaKey.SignData(data, hashAlgorithm, signaturePadding); Signature = Base64Url.Encode(signedData); return; } if (key is ECDsa ecdsaKey) { byte[] signedData = ecdsaKey.SignData(data, hashAlgorithm); Signature = Base64Url.Encode(signedData); return; } throw new ArgumentException($"Unsupported key type: {key.GetType()}"); }
/// <summary> /// Convert an AsymmetricAlgorithm into a BouncyCastle AsymmetricCipherKeyPair. /// </summary> /// <remarks> /// <para>Converts an AsymmetricAlgorithm into a BouncyCastle AsymmetricCipherKeyPair.</para> /// <note type="note">Currently, only RSA and DSA keys are supported.</note> /// </remarks> /// <returns>The Bouncy Castle AsymmetricCipherKeyPair.</returns> /// <param name="key">The key.</param> /// <exception cref="System.ArgumentNullException"> /// <paramref name="key"/> is <c>null</c>. /// </exception> /// <exception cref="System.ArgumentException"> /// <paramref name="key"/> is a public key. /// </exception> /// <exception cref="System.NotSupportedException"> /// <paramref name="key"/> is an unsupported asymmetric algorithm. /// </exception> public static AsymmetricCipherKeyPair AsAsymmetricCipherKeyPair(this AsymmetricAlgorithm key) { if (key == null) { throw new ArgumentNullException(nameof(key)); } #if NET46 || NET47 || NET48 if (key is RSACng rsaCng) { return(GetAsymmetricCipherKeyPair(rsaCng)); } #endif #if NET47 || NET48 if (key is DSACng dsaCng) { return(GetAsymmetricCipherKeyPair(dsaCng)); } #endif if (key is RSACryptoServiceProvider rsaKey) { return(GetAsymmetricCipherKeyPair(rsaKey)); } if (key is DSACryptoServiceProvider dsaKey) { return(GetAsymmetricCipherKeyPair(dsaKey)); } // TODO: support ECDiffieHellman and ECDsa? throw new NotSupportedException(string.Format("'{0}' is currently not supported.", key.GetType().Name)); }