/// <summary>Creates a key from the raw data of the X.509 certificate or byte array that is specified in the constructor.</summary> /// <returns>A <see cref="T:System.IdentityModel.Tokens.X509AsymmetricSecurityKey" /> that contains the key(s) associated with the X.509 certificate.</returns> public override SecurityKey CreateKey() { if (this.key == null) { if (this.certificate == null) { this.certificate = new X509Certificate2(this.GetBuffer()); } this.key = new X509AsymmetricSecurityKey(this.certificate); } return((SecurityKey)this.key); }
/// <summary>Gets the formatter algorithm for the digital signature.</summary> /// <param name="algorithm">The formatter algorithm for the digital signature to get an instance of.</param> /// <returns>An <see cref="T:System.Security.Cryptography.AsymmetricSignatureDeformatter" /> that represents the formatter algorithm for the digital signature.</returns> /// <exception cref="T:System.NotSupportedException">The X.509 certificate specified in the constructor does not have a private key.-or- /// <paramref name="algorithm" /> is <see cref="F:System.Security.Cryptography.Xml.SignedXml.XmlDsigDSAUrl" /> and the private key for the X.509 certificate specified in the constructor is not of type <see cref="T:System.Security.Cryptography.DSA" />.-or- /// <paramref name="algorithm" /> is <see cref="F:System.Security.Cryptography.Xml.SignedXml.XmlDsigRSASHA1Url" /> or <see cref="F:System.IdentityModel.Tokens.SecurityAlgorithms.RsaSha256Signature" /> and the private key for the X.509 certificate specified in the constructor is not of type <see cref="T:System.Security.Cryptography.RSA" />.-or- /// <paramref name="algorithm" /> is not supported. The supported algorithms are <see cref="F:System.Security.Cryptography.Xml.SignedXml.XmlDsigDSAUrl" />, /// <see cref="F:System.Security.Cryptography.Xml.SignedXml.XmlDsigRSASHA1Url" />, and <see cref="F:System.IdentityModel.Tokens.SecurityAlgorithms.RsaSha256Signature" />.</exception> public override AsymmetricSignatureFormatter GetSignatureFormatter( string algorithm) { if (this.PrivateKey == null) { throw new NotSupportedException("MissingPrivateKey"); } if (string.IsNullOrEmpty(algorithm)) { throw new ArgumentNullException(nameof(algorithm)); } AsymmetricAlgorithm key = X509AsymmetricSecurityKey.LevelUpRsa(this.PrivateKey, algorithm); object algorithmFromConfig = CryptoHelper.GetAlgorithmFromConfig(algorithm); if (algorithmFromConfig != null) { SignatureDescription signatureDescription = algorithmFromConfig as SignatureDescription; if (signatureDescription != null) { return(signatureDescription.CreateFormatter(key)); } try { AsymmetricSignatureFormatter signatureFormatter = algorithmFromConfig as AsymmetricSignatureFormatter; if (signatureFormatter != null) { signatureFormatter.SetKey(key); return(signatureFormatter); } } catch (InvalidCastException ex) { throw new NotSupportedException("AlgorithmAndPrivateKeyMisMatch", (Exception)ex); } throw new CryptographicException("UnsupportedAlgorithmForCryptoOperation"); } if (algorithm != "http://www.w3.org/2000/09/xmldsig#dsa-sha1") { if (algorithm != "http://www.w3.org/2000/09/xmldsig#rsa-sha1") { if (algorithm == "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256") { RSA rsa = key as RSA; if (rsa == null) { throw new NotSupportedException("PrivateKeyNotRSA"); } return((AsymmetricSignatureFormatter) new RSAPKCS1SignatureFormatter((AsymmetricAlgorithm)rsa)); } throw new NotSupportedException("UnsupportedCryptoAlgorithm"); } RSA privateKey = this.PrivateKey as RSA; if (privateKey == null) { throw new NotSupportedException("PrivateKeyNotRSA"); } return((AsymmetricSignatureFormatter) new RSAPKCS1SignatureFormatter((AsymmetricAlgorithm)privateKey)); } DSA privateKey1 = this.PrivateKey as DSA; if (privateKey1 == null) { throw new NotSupportedException("PrivateKeyNotDSA"); } return((AsymmetricSignatureFormatter) new DSASignatureFormatter((AsymmetricAlgorithm)privateKey1)); }