public override AsymmetricSignatureDeformatter CreateDeformatter(AsymmetricAlgorithm key)
{
AsymmetricSignatureDeformatter item = (AsymmetricSignatureDeformatter)CryptoConfig.CreateFromName(DeformatterAlgorithm);
item.setKey(key);
item.SetHashAlgorithm(_hashAlgorithm);
return(item);
}
/// <summary>
/// Creates signature deformatter
/// </summary>
/// <param name="key"></param>
/// <returns></returns>
public override AsymmetricSignatureDeformatter CreateDeformatter(AsymmetricAlgorithm key)
{
AsymmetricSignatureDeformatter asymmetricSignatureDeformatter = (AsymmetricSignatureDeformatter)CryptoConfig.CreateFromName(base.DeformatterAlgorithm);
asymmetricSignatureDeformatter.SetKey(key);
asymmetricSignatureDeformatter.SetHashAlgorithm("SHA256");
return(asymmetricSignatureDeformatter);
}
public AsymmetricSignatureDeformatter CreateDeformatter(string signatureAlgorithm = null)
{
UpdateSignatureAlgorithm(signatureAlgorithm);
Deformatter = Key.GetSignatureDeformatter(SignatureAlgorithm);
CreateHashAlgorithm();
Deformatter.SetHashAlgorithm(HashAlgorithm.GetType().ToString());
return(Deformatter);
}
protected static void VerifySignature(AsymmetricSignatureFormatter formatter, AsymmetricSignatureDeformatter deformatter, HashAlgorithm hashAlgorithm, string hashAlgorithmName)
{
formatter.SetHashAlgorithm(hashAlgorithmName);
deformatter.SetHashAlgorithm(hashAlgorithmName);
byte[] hash = hashAlgorithm.ComputeHash(HelloBytes);
VerifySignatureWithHashBytes(formatter, deformatter, hash);
VerifySignatureWithHashAlgorithm(formatter, deformatter, hashAlgorithm);
}
public override AsymmetricSignatureDeformatter CreateDeformatter(AsymmetricAlgorithm key)
{
AsymmetricSignatureDeformatter signatureDeformatter = (AsymmetricSignatureDeformatter)CryptoConfig.CreateFromName(this.DeformatterAlgorithm);
AsymmetricAlgorithm key1 = key;
signatureDeformatter.SetKey(key1);
string strName = "SHA1";
signatureDeformatter.SetHashAlgorithm(strName);
return(signatureDeformatter);
}
public bool VerifySign(string data, string sign)
{
HashAlgorithm ha = (HashAlgorithm) new SHA1CryptoServiceProvider();
ha.Initialize();
byte[] buf = Convert.FromBase64String(sign);
byte[] hash = ha.ComputeHash(_encoding.GetBytes(data));
AsymmetricSignatureDeformatter df =
(AsymmetricSignatureDeformatter) new RSAPKCS1SignatureDeformatter(rsaCryptoServiceProvider);
df.SetHashAlgorithm(HashAlgorithmName);
return(df.VerifySignature(hash, buf));
}
private void VerifySignature(HashAlgorithm hash, AsymmetricSignatureDeformatter deformatter, string signatureMethod)
{
bool flag;
this.Signature.SignedInfo.ComputeHash(hash);
if (System.IdentityModel.SecurityUtils.RequiresFipsCompliance && (signatureMethod == "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"))
{
deformatter.SetHashAlgorithm("SHA256");
flag = deformatter.VerifySignature(hash.Hash, this.GetSignatureValue());
}
else
{
flag = deformatter.VerifySignature(hash, this.GetSignatureValue());
}
if (!flag)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new CryptographicException(System.IdentityModel.SR.GetString("SignatureVerificationFailed")));
}
}
// Is the signature (over SignedInfo) valid ?
private bool CheckSignatureWithKey(AsymmetricAlgorithm key)
{
if (key == null)
{
return(false);
}
SignatureDescription sd = (SignatureDescription)CryptoConfig.CreateFromName(m_signature.SignedInfo.SignatureMethod);
if (sd == null)
{
return(false);
}
AsymmetricSignatureDeformatter verifier = (AsymmetricSignatureDeformatter)CryptoConfig.CreateFromName(sd.DeformatterAlgorithm);
if (verifier == null)
{
return(false);
}
try
{
verifier.SetKey(key);
verifier.SetHashAlgorithm(sd.DigestAlgorithm);
HashAlgorithm hash = GetHash(sd.DigestAlgorithm, true);
// get the hash of the C14N SignedInfo element
MemoryStream ms = (MemoryStream)SignedInfoTransformed();
byte[] digest = hash.ComputeHash(ms);
return(verifier.VerifySignature(digest, m_signature.SignatureValue));
}
catch
{
// e.g. SignatureMethod != AsymmetricAlgorithm type
return(false);
}
}
/// <summary>
/// Initializes a new instance of the <see cref="T:System.IdentityModel.Tokens.AsymmetricSignatureProvider" /> class used to create and verify signatures.
/// </summary>
/// <param name="key">
/// The <see cref="T:System.IdentityModel.Tokens.AsymmetricSecurityKey" /> that will be used for cryptographic operations.
/// </param>
/// <param name="algorithm">The signature algorithm to apply.</param>
/// <param name="willCreateSignatures">
/// If this <see cref="T:System.IdentityModel.Tokens.AsymmetricSignatureProvider" /> is required to create signatures then set this to true.
/// <para>
/// Creating signatures requires that the <see cref="T:System.IdentityModel.Tokens.AsymmetricSecurityKey" /> has access to a private key.
/// Verifying signatures (the default), does not require access to the private key.
/// </para>
/// </param>
/// <exception cref="T:System.ArgumentNullException">
/// 'key' is null.
/// </exception>
/// <exception cref="T:System.ArgumentNullException">
/// 'algorithm' is null.
/// </exception>
/// <exception cref="T:System.ArgumentException">
/// 'algorithm' contains only whitespace.
/// </exception>
/// <exception cref="T:System.ArgumentOutOfRangeException">
/// willCreateSignatures is true and <see cref="T:System.IdentityModel.Tokens.AsymmetricSecurityKey" />.KeySize is less than <see cref="P:System.IdentityModel.Tokens.SignatureProviderFactory.MinimumAsymmetricKeySizeInBitsForSigning" />.
/// </exception>
/// <exception cref="T:System.ArgumentOutOfRangeException">
/// <see cref="T:System.IdentityModel.Tokens.AsymmetricSecurityKey" />.KeySize is less than <see cref="P:System.IdentityModel.Tokens.SignatureProviderFactory.MinimumAsymmetricKeySizeInBitsForVerifying" />. Note: this is always checked.
/// </exception>
/// <exception cref="T:System.InvalidOperationException">
/// Is thrown if the <see cref="M:System.IdentityModel.Tokens.AsymmetricSecurityKey.GetHashAlgorithmForSignature(System.String)" /> throws.
/// </exception>
/// <exception cref="T:System.InvalidOperationException">
/// Is thrown if the <see cref="M:System.IdentityModel.Tokens.AsymmetricSecurityKey.GetHashAlgorithmForSignature(System.String)" /> returns null.
/// </exception>
/// <exception cref="T:System.InvalidOperationException">
/// Is thrown if the <see cref="M:System.IdentityModel.Tokens.AsymmetricSecurityKey.GetSignatureFormatter(System.String)" /> throws.
/// </exception>
/// <exception cref="T:System.InvalidOperationException">
/// Is thrown if the <see cref="M:System.IdentityModel.Tokens.AsymmetricSecurityKey.GetSignatureFormatter(System.String)" /> returns null.
/// </exception>
/// <exception cref="T:System.InvalidOperationException">
/// Is thrown if the <see cref="M:System.IdentityModel.Tokens.AsymmetricSecurityKey.GetSignatureDeformatter(System.String)" /> throws.
/// </exception>
/// <exception cref="T:System.InvalidOperationException">
/// Is thrown if the <see cref="M:System.IdentityModel.Tokens.AsymmetricSecurityKey.GetSignatureDeformatter(System.String)" /> returns null.
/// </exception>
/// <exception cref="T:System.InvalidOperationException">
/// Is thrown if the <see cref="M:System.Security.Cryptography.AsymmetricSignatureFormatter.SetHashAlgorithm(System.String)" /> throws.
/// </exception>
/// <exception cref="T:System.InvalidOperationException">
/// Is thrown if the <see cref="M:System.Security.Cryptography.AsymmetricSignatureDeformatter.SetHashAlgorithm(System.String)" /> throws.
/// </exception>
public AsymmetricSignatureProvider(
AsymmetricSecurityKey key,
string algorithm,
bool willCreateSignatures = false)
{
if (key == null)
{
throw new ArgumentNullException(nameof(key));
}
if (algorithm == null)
{
throw new ArgumentNullException(nameof(algorithm));
}
if (string.IsNullOrWhiteSpace(algorithm))
{
throw new ArgumentException(string.Format(CultureInfo.InvariantCulture, "IDX10002: The parameter '{0}' cannot be 'null' or a string containing only whitespace.", nameof(algorithm)));
}
if (willCreateSignatures && key.KeySize < SignatureProviderFactory.MinimumAsymmetricKeySizeInBitsForSigning)
{
throw new ArgumentOutOfRangeException(nameof(key), key.KeySize, string.Format(CultureInfo.InvariantCulture, "IDX10631: The '{0}' for verifying cannot be smaller than '{1}' bits.", key.GetType(), SignatureProviderFactory.MinimumAsymmetricKeySizeInBitsForSigning));
}
if (key.KeySize < SignatureProviderFactory.MinimumAsymmetricKeySizeInBitsForVerifying)
{
throw new ArgumentOutOfRangeException(nameof(key), key.KeySize, string.Format(CultureInfo.InvariantCulture, "IDX10630: The '{0}' for signing cannot be smaller than '{1}' bits.", key.GetType(), SignatureProviderFactory.MinimumAsymmetricKeySizeInBitsForVerifying));
}
try
{
hash = key.GetHashAlgorithmForSignature(algorithm);
}
catch (Exception ex)
{
throw new InvalidOperationException(string.Format(CultureInfo.InvariantCulture, "IDX10618: AsymmetricSecurityKey.GetHashAlgorithmForSignature( '{0}' ) threw an exception.\nAsymmetricSecurityKey: '{1}'\nSignatureAlgorithm: '{0}', check to make sure the SignatureAlgorithm is supported.\nException: '{2}'.", algorithm, key.ToString(), ex), ex);
}
if (hash == null)
{
throw new InvalidOperationException(string.Format(CultureInfo.InvariantCulture, "IDX10611: AsymmetricSecurityKey.GetHashAlgorithmForSignature( '{0}' ) returned null.\nKey: '{1}'\nSignatureAlgorithm: '{0}'", algorithm, key.ToString()));
}
if (willCreateSignatures)
{
try
{
formatter = key.GetSignatureFormatter(algorithm);
formatter?.SetHashAlgorithm(hash.GetType().ToString());
}
catch (Exception ex)
{
throw new InvalidOperationException(string.Format(CultureInfo.InvariantCulture, "IDX10614: AsymmetricSecurityKey.GetSignatureFormater( '{0}' ) threw an exception.\nKey: '{1}'\nSignatureAlgorithm: '{0}', check to make sure the SignatureAlgorithm is supported.\nException:'{2}'.\nIf you only need to verify signatures the parameter 'willBeUseForSigning' should be false if the private key is not be available.", algorithm, key.ToString(), ex), ex);
}
if (formatter == null)
{
throw new InvalidOperationException(string.Format(CultureInfo.InvariantCulture, "IDX10615: AsymmetricSecurityKey.GetSignatureFormater( '{0}' ) returned null.\nKey: '{1}'\nSignatureAlgorithm: '{0}', check to make sure the SignatureAlgorithm is supported.", algorithm, key.ToString()));
}
}
try
{
deformatter = key.GetSignatureDeformatter(algorithm);
deformatter?.SetHashAlgorithm(hash.GetType().ToString());
}
catch (Exception ex)
{
throw new InvalidOperationException(string.Format(CultureInfo.InvariantCulture, "IDX10616: AsymmetricSecurityKey.GetSignatureDeformatter( '{0}' ) threw an exception.\nKey: '{1}'\nSignatureAlgorithm: '{0}, check to make sure the SignatureAlgorithm is supported.'\nException:'{2}'.", algorithm, key.ToString(), ex), ex);
}
if (deformatter == null)
{
throw new InvalidOperationException(string.Format(CultureInfo.InvariantCulture, "IDX10617: AsymmetricSecurityKey.GetSignatureDeFormater( '{0}' ) returned null.\nKey: '{1}'\nSignatureAlgorithm: '{0}', check to make sure the SignatureAlgorithm is supported.", algorithm, key.ToString()));
}
}