コード例 #1
0
 public static SignatureProvider Create(System.IdentityModel.Tokens.SigningCredentials signingCredentials)
 {
     Utility.VerifyNonNullArgument("signingCredentials", signingCredentials);
     if (System.StringComparer.Ordinal.Compare(signingCredentials.DigestAlgorithm, "http://www.w3.org/2001/04/xmlenc#sha256") != 0)
     {
         throw new System.ArgumentException("signingCredentials.DigestAlgorithm must be SHA-256");
     }
     System.IdentityModel.Tokens.X509AsymmetricSecurityKey x509AsymmetricSecurityKey = signingCredentials.SigningKey as System.IdentityModel.Tokens.X509AsymmetricSecurityKey;
     if (x509AsymmetricSecurityKey != null)
     {
         return(new X509AsymmetricSignatureProvider(x509AsymmetricSecurityKey));
     }
     System.IdentityModel.Tokens.SymmetricSecurityKey symmetricSecurityKey = signingCredentials.SigningKey as System.IdentityModel.Tokens.SymmetricSecurityKey;
     if (symmetricSecurityKey != null)
     {
         return(new SymmetricSignatureProvider(symmetricSecurityKey));
     }
     throw new System.ArgumentException("signingCredentials.SigningKey must be either X509AsymmetricSecurityKey or SymmetricSecurityKey");
 }
コード例 #2
0
        protected virtual System.IdentityModel.Tokens.SecurityToken VerifySignature(string signingInput, string signature, string algorithm, System.IdentityModel.Tokens.SecurityToken signingToken)
        {
            Utility.VerifyNonNullArgument("signingToken", signingToken);
            bool flag = false;

            System.IdentityModel.Tokens.SecurityToken result = null;
            if (string.Equals(algorithm, "RS256", System.StringComparison.Ordinal))
            {
                System.IdentityModel.Tokens.X509SecurityToken x509SecurityToken = signingToken as System.IdentityModel.Tokens.X509SecurityToken;
                if (x509SecurityToken == null)
                {
                    throw new System.IdentityModel.Tokens.SecurityTokenException("Unsupported issuer token type for asymmetric signature.");
                }
                System.Security.Cryptography.RSACryptoServiceProvider rSACryptoServiceProvider = x509SecurityToken.Certificate.PublicKey.Key as System.Security.Cryptography.RSACryptoServiceProvider;
                if (rSACryptoServiceProvider == null)
                {
                    throw new System.IdentityModel.Tokens.SecurityTokenException("Unsupported asymmetric signing algorithm.");
                }
                using (X509AsymmetricSignatureProvider x509AsymmetricSignatureProvider = new X509AsymmetricSignatureProvider(rSACryptoServiceProvider))
                {
                    flag = x509AsymmetricSignatureProvider.Verify(Base64UrlEncoder.TextEncoding.GetBytes(signingInput), Base64UrlEncoder.DecodeBytes(signature));
                    if (flag)
                    {
                        result = signingToken;
                    }
                    goto IL_133;
                }
            }
            if (string.Equals(algorithm, "HS256", System.StringComparison.Ordinal))
            {
                byte[] bytes      = Base64UrlEncoder.TextEncoding.GetBytes(signingInput);
                byte[] signature2 = Base64UrlEncoder.DecodeBytes(signature);
                using (System.Collections.Generic.IEnumerator <System.IdentityModel.Tokens.SecurityKey> enumerator = signingToken.SecurityKeys.GetEnumerator())
                {
                    while (enumerator.MoveNext())
                    {
                        System.IdentityModel.Tokens.SecurityKey          current = enumerator.Current;
                        System.IdentityModel.Tokens.SymmetricSecurityKey symmetricSecurityKey = current as System.IdentityModel.Tokens.SymmetricSecurityKey;
                        if (symmetricSecurityKey != null)
                        {
                            using (SymmetricSignatureProvider symmetricSignatureProvider = new SymmetricSignatureProvider(symmetricSecurityKey))
                            {
                                flag = symmetricSignatureProvider.Verify(bytes, signature2);
                                if (flag)
                                {
                                    result = new BinarySecretSecurityToken(symmetricSecurityKey.GetSymmetricKey());
                                    break;
                                }
                            }
                        }
                    }
                    goto IL_133;
                }
            }
            throw new System.IdentityModel.Tokens.SecurityTokenException("Unsupported signing algorithm.");
IL_133:
            if (!flag)
            {
                throw new System.IdentityModel.Tokens.SecurityTokenException("Invalid issuer or signature.");
            }
            return(result);
        }
コード例 #3
0
 public SymmetricSignatureProvider(System.IdentityModel.Tokens.SymmetricSecurityKey symmetricKey)
 {
     Utility.VerifyNonNullArgument("symmetricKey", symmetricKey);
     this._hash = new System.Security.Cryptography.HMACSHA256(symmetricKey.GetSymmetricKey());
 }