public virtual AsymmetricSignatureDeformatter CreateDeformatter(AsymmetricAlgorithm key) { AsymmetricSignatureDeformatter deformatter = (AsymmetricSignatureDeformatter)CryptoConfig.CreateFromName(this._strDeformatter); deformatter.SetKey(key); return(deformatter); }
public sealed override AsymmetricSignatureDeformatter CreateDeformatter(AsymmetricAlgorithm key) { AsymmetricSignatureDeformatter item = base.CreateDeformatter(key); item.SetHashAlgorithm(_hashAlgorithm); return(item); }
// Token: 0x060023A2 RID: 9122 RVA: 0x00081F7C File Offset: 0x0008017C public sealed override AsymmetricSignatureDeformatter CreateDeformatter(AsymmetricAlgorithm key) { AsymmetricSignatureDeformatter asymmetricSignatureDeformatter = base.CreateDeformatter(key); asymmetricSignatureDeformatter.SetHashAlgorithm(this._hashAlgorithm); return(asymmetricSignatureDeformatter); }
public override AsymmetricSignatureDeformatter CreateDeformatter(AsymmetricAlgorithm key) { AsymmetricSignatureDeformatter item = (AsymmetricSignatureDeformatter)CryptoConfig.CreateFromName(DeformatterAlgorithm); item.SetKey(key); item.SetHashAlgorithm("SHA1"); return(item); }
public override AsymmetricSignatureDeformatter CreateDeformatter(AsymmetricAlgorithm key) { AsymmetricSignatureDeformatter deformatter = (AsymmetricSignatureDeformatter)CryptoConfig.CreateFromName(base.DeformatterAlgorithm); deformatter.SetKey(key); deformatter.SetHashAlgorithm("SHA1"); return(deformatter); }
/// <summary>Creates an <see cref="T:System.Security.Cryptography.AsymmetricSignatureDeformatter" /> instance with the specified key using the <see cref="P:System.Security.Cryptography.SignatureDescription.DeformatterAlgorithm" /> property.</summary> /// <returns>The newly created <see cref="T:System.Security.Cryptography.AsymmetricSignatureDeformatter" /> instance.</returns> /// <param name="key">The key to use in the <see cref="T:System.Security.Cryptography.AsymmetricSignatureDeformatter" />. </param> public virtual AsymmetricSignatureDeformatter CreateDeformatter(AsymmetricAlgorithm key) { if (this._DeformatterAlgorithm == null) { throw new ArgumentNullException("DeformatterAlgorithm"); } AsymmetricSignatureDeformatter asymmetricSignatureDeformatter = (AsymmetricSignatureDeformatter)CryptoConfig.CreateFromName(this._DeformatterAlgorithm); if (this._KeyAlgorithm == null) { throw new NullReferenceException("KeyAlgorithm"); } asymmetricSignatureDeformatter.SetKey(key); return(asymmetricSignatureDeformatter); }
public virtual AsymmetricSignatureDeformatter CreateDeformatter(AsymmetricAlgorithm key) { if (_DeformatterAlgorithm == null) { throw new ArgumentNullException("DeformatterAlgorithm"); } // this should throw the InvalidCastException if we have an invalid class // (but not if the class doesn't exist - as null is valid for AsymmetricSignatureDeformatter) AsymmetricSignatureDeformatter def = (AsymmetricSignatureDeformatter)CryptoConfig.CreateFromName(_DeformatterAlgorithm); if (_KeyAlgorithm == null) { throw new NullReferenceException("KeyAlgorithm"); } def.SetKey(key); return(def); }
/// <summary> /// Wrapper that verifies the signature for SHA256 taking into consideration the special logic for FIPS compliance /// </summary> /// <param name="deformatter">the signature deformatter</param> /// <param name="hash">the hash algorithm</param> /// <param name="signatureValue">the byte array for the signature value</param> /// <returns>true/false indicating if signature was verified or not</returns> internal static bool VerifySignatureForSha256( AsymmetricSignatureDeformatter deformatter, HashAlgorithm hash, byte[] signatureValue ) { if ( SecurityUtils.RequiresFipsCompliance ) { // // When FIPS is turned ON. We need to set the hash algorithm specifically // else for SHA256 and FIPS turned ON, the underlying deformatter does not understand the // OID for the hashing algorithm. // deformatter.SetHashAlgorithm( "SHA256" ); return deformatter.VerifySignature( hash.Hash, signatureValue ); } else { return deformatter.VerifySignature( hash, signatureValue ); } }
public FaultingAsymmetricSecurityKey(AsymmetricSecurityKey key = null, AsymmetricAlgorithm agorithm = null, AsymmetricSignatureDeformatter deformatter = null, AsymmetricSignatureFormatter formatter = null, HashAlgorithm hash = null, bool hasPrivateKey = false) { Key = key; }
void VerifySignature(HashAlgorithm hash, AsymmetricSignatureDeformatter deformatter, string signatureMethod) { this.Signature.SignedInfo.ComputeHash(hash); bool result; if (SecurityUtils.RequiresFipsCompliance && signatureMethod == SecurityAlgorithms.RsaSha256Signature) { // This is to avoid the RSAPKCS1SignatureFormatter.VerifySignature from using SHA256Managed (non-FIPS-Compliant). // Hence we precompute the hash using SHA256CSP (FIPS compliant) and pass it to method. // NOTE: RSAPKCS1SignatureFormatter does not understand SHA256CSP inherently and hence this workaround. deformatter.SetHashAlgorithm("SHA256"); result = deformatter.VerifySignature(hash.Hash, GetSignatureValue()); } else { result = deformatter.VerifySignature(hash, GetSignatureValue()); } if (!result) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new CryptographicException(SR.GetString(SR.SignatureVerificationFailed))); } }
private void VerifySignature(HashAlgorithm hash, AsymmetricSignatureDeformatter deformatter, string signatureMethod) { bool flag; this.Signature.SignedInfo.ComputeHash(hash); if (System.IdentityModel.SecurityUtils.RequiresFipsCompliance && (signatureMethod == "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256")) { deformatter.SetHashAlgorithm("SHA256"); flag = deformatter.VerifySignature(hash.Hash, this.GetSignatureValue()); } else { flag = deformatter.VerifySignature(hash, this.GetSignatureValue()); } if (!flag) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new CryptographicException(System.IdentityModel.SR.GetString("SignatureVerificationFailed"))); } }
/// <summary> /// Initializes a new instance of the <see cref="AsymmetricSignatureProvider"/> class used to create and verify signatures. /// </summary> /// <param name="key"> /// The <see cref="AsymmetricSecurityKey"/> that will be used for cryptographic operations. /// </param> /// <param name="algorithm"> /// The signature algorithm to apply. /// </param> /// <param name="willCreateSignatures"> /// If this <see cref="AsymmetricSignatureProvider"/> is required to create signatures then set this to true. /// <para> /// Creating signatures requires that the <see cref="AsymmetricSecurityKey"/> has access to a private key. /// Verifying signatures (the default), does not require access to the private key. /// </para> /// </param> /// <exception cref="ArgumentNullException"> /// 'key' is null. /// </exception> /// <exception cref="ArgumentNullException"> /// 'algorithm' is null. /// </exception> /// <exception cref="ArgumentException"> /// 'algorithm' contains only whitespace. /// </exception> /// <exception cref="ArgumentOutOfRangeException"> /// willCreateSignatures is true and <see cref="AsymmetricSecurityKey"/>.KeySize is less than <see cref="SignatureProviderFactory.MinimumAsymmetricKeySizeInBitsForSigning"/>. /// </exception> /// <exception cref="ArgumentOutOfRangeException"> /// <see cref="AsymmetricSecurityKey"/>.KeySize is less than <see cref="SignatureProviderFactory.MinimumAsymmetricKeySizeInBitsForVerifying"/>. Note: this is always checked. /// </exception> /// <exception cref="InvalidOperationException"> /// Is thrown if the <see cref="AsymmetricSecurityKey.GetHashAlgorithmForSignature"/> throws. /// </exception> /// <exception cref="InvalidOperationException"> /// Is thrown if the <see cref="AsymmetricSecurityKey.GetHashAlgorithmForSignature"/> returns null. /// </exception> /// <exception cref="InvalidOperationException"> /// Is thrown if the <see cref="AsymmetricSecurityKey.GetSignatureFormatter"/> throws. /// </exception> /// <exception cref="InvalidOperationException"> /// Is thrown if the <see cref="AsymmetricSecurityKey.GetSignatureFormatter"/> returns null. /// </exception> /// <exception cref="InvalidOperationException"> /// Is thrown if the <see cref="AsymmetricSecurityKey.GetSignatureDeformatter"/> throws. /// </exception> /// <exception cref="InvalidOperationException"> /// Is thrown if the <see cref="AsymmetricSecurityKey.GetSignatureDeformatter"/> returns null. /// </exception> /// <exception cref="InvalidOperationException"> /// Is thrown if the <see cref="AsymmetricSignatureFormatter.SetHashAlgorithm"/> throws. /// </exception> /// <exception cref="InvalidOperationException"> /// Is thrown if the <see cref="AsymmetricSignatureDeformatter.SetHashAlgorithm"/> throws. /// </exception> public AsymmetricSignatureProvider(AsymmetricSecurityKey key, string algorithm, bool willCreateSignatures = false) { if (key == null) { throw new ArgumentNullException("key"); } if (algorithm == null) { throw new ArgumentNullException("algorithm"); } if (string.IsNullOrWhiteSpace(algorithm)) { throw new ArgumentException(string.Format(CultureInfo.InvariantCulture, ErrorMessages.IDX10002, "algorithm")); } if (willCreateSignatures) { if (key.KeySize < SignatureProviderFactory.MinimumAsymmetricKeySizeInBitsForSigning) { throw new ArgumentOutOfRangeException("key.KeySize", key.KeySize, string.Format(CultureInfo.InvariantCulture, ErrorMessages.IDX10631, key.GetType(), SignatureProviderFactory.MinimumAsymmetricKeySizeInBitsForSigning)); } } if (key.KeySize < SignatureProviderFactory.MinimumAsymmetricKeySizeInBitsForVerifying) { throw new ArgumentOutOfRangeException("key.KeySize", key.KeySize, string.Format(CultureInfo.InvariantCulture, ErrorMessages.IDX10630, key.GetType(), SignatureProviderFactory.MinimumAsymmetricKeySizeInBitsForVerifying)); } this.key = key; try { this.hash = this.key.GetHashAlgorithmForSignature(algorithm); } catch (Exception ex) { if (DiagnosticUtility.IsFatal(ex)) { throw; } throw new InvalidOperationException(string.Format(CultureInfo.InvariantCulture, ErrorMessages.IDX10618, algorithm, this.key.ToString(), ex), ex); } if (this.hash == null) { throw new InvalidOperationException(string.Format(CultureInfo.InvariantCulture, ErrorMessages.IDX10611, algorithm, this.key.ToString())); } if (willCreateSignatures) { try { this.formatter = this.key.GetSignatureFormatter(algorithm); this.formatter.SetHashAlgorithm(this.hash.GetType().ToString()); } catch (Exception ex) { if (DiagnosticUtility.IsFatal(ex)) { throw; } throw new InvalidOperationException(string.Format(CultureInfo.InvariantCulture, ErrorMessages.IDX10614, algorithm, this.key.ToString(), ex), ex); } if (this.formatter == null) { throw new InvalidOperationException(string.Format(CultureInfo.InvariantCulture, ErrorMessages.IDX10615, algorithm, this.key.ToString())); } } try { this.deformatter = this.key.GetSignatureDeformatter(algorithm); this.deformatter.SetHashAlgorithm(this.hash.GetType().ToString()); } catch (Exception ex) { if (DiagnosticUtility.IsFatal(ex)) { throw; } throw new InvalidOperationException(string.Format(CultureInfo.InvariantCulture, ErrorMessages.IDX10616, algorithm, this.key.ToString(), ex), ex); } if (this.deformatter == null) { throw new InvalidOperationException(string.Format(CultureInfo.InvariantCulture, ErrorMessages.IDX10617, algorithm, this.key.ToString())); } }
internal static void LogVerifySignedInfo(SignedXml signedXml, AsymmetricAlgorithm key, SignatureDescription signatureDescription, HashAlgorithm hashAlgorithm, AsymmetricSignatureDeformatter asymmetricSignatureDeformatter, byte[] actualHashValue, byte[] signatureValue) { if (InformationLoggingEnabled) { string data = string.Format(CultureInfo.InvariantCulture, SecurityResources.GetResourceString("Log_VerifySignedInfoAsymmetric"), new object[] { GetKeyName(key), signatureDescription.GetType().Name, hashAlgorithm.GetType().Name, asymmetricSignatureDeformatter.GetType().Name }); WriteLine(signedXml, TraceEventType.Information, SignedXmlDebugEvent.VerifySignedInfo, data); } if (VerboseLoggingEnabled) { string str2 = string.Format(CultureInfo.InvariantCulture, SecurityResources.GetResourceString("Log_ActualHashValue"), new object[] { FormatBytes(actualHashValue) }); WriteLine(signedXml, TraceEventType.Verbose, SignedXmlDebugEvent.VerifySignedInfo, str2); string str3 = string.Format(CultureInfo.InvariantCulture, SecurityResources.GetResourceString("Log_RawSignatureValue"), new object[] { FormatBytes(signatureValue) }); WriteLine(signedXml, TraceEventType.Verbose, SignedXmlDebugEvent.VerifySignedInfo, str3); } }