/// <summary> /// Creates Service Key which will be used for decryption tokens sent from Identity Providers to ACS /// </summary> public static ServiceKey CreateIdentityProviderDecryptionKey(this ManagementService svc, string displayName, byte[] keyValue, string password, bool isPrimary) { X509Certificate2 cert = new X509Certificate2(keyValue, password); ServiceKey key = new ServiceKey { DisplayName = displayName, EndDate = cert.NotAfter.ToUniversalTime(), IsPrimary = isPrimary, Password = Encoding.UTF8.GetBytes(password), StartDate = cert.NotBefore.ToUniversalTime(), Type = ServiceKeyType.X509Certificate.ToString(), Usage = ServiceKeyUsage.Encrypting.ToString(), Value = keyValue }; svc.AddToServiceKeys(key); return(key); }
/// <summary> /// Add a service key. /// </summary> private static void AddServiceKey(string displayName, byte[] keyValue, string protectionPassword, ServiceKeyType keyType, ServiceKeyUsage keyUsage) { ManagementService svc = ManagementServiceHelper.CreateManagementServiceClient(); UTF8Encoding enc = new UTF8Encoding(); ServiceKey serviceKey = new ServiceKey() { DisplayName = displayName, Type = keyType.ToString(), Usage = keyUsage.ToString(), Value = keyValue, Password = string.IsNullOrEmpty(protectionPassword) ? null : enc.GetBytes(protectionPassword), StartDate = defaultStartTime, EndDate = defaultEndTime }; svc.AddToServiceKeys(serviceKey); svc.SaveChangesBatch(); }