/// <summary>Returns a value indicating whether the key identifier for this instance is equal to the specified key identifier.</summary> /// <param name="keyIdentifierClause">An <see cref="T:System.IdentityModel.Tokens.SecurityKeyIdentifierClause" /> to compare to this instance.</param> /// <returns> /// <see langword="true" /> if <paramref name="keyIdentifierClause" /> is one of the <see cref="T:System.IdentityModel.Tokens.X509SubjectKeyIdentifierClause" />, <see cref="T:System.IdentityModel.Tokens.X509ThumbprintKeyIdentifierClause" />, <see cref="T:System.IdentityModel.Tokens.X509IssuerSerialKeyIdentifierClause" />, or <see cref="T:System.IdentityModel.Tokens.X509RawDataKeyIdentifierClause" /> types and the key identifier clauses match; otherwise, <see langword="false" />.</returns> public override bool MatchesKeyIdentifierClause(SecurityKeyIdentifierClause keyIdentifierClause) { this.ThrowIfDisposed(); X509SubjectKeyIdentifierClause identifierClause1 = keyIdentifierClause as X509SubjectKeyIdentifierClause; if (identifierClause1 != null) { return(identifierClause1.Matches(this.certificate)); } X509ThumbprintKeyIdentifierClause identifierClause2 = keyIdentifierClause as X509ThumbprintKeyIdentifierClause; if (identifierClause2 != null) { return(identifierClause2.Matches(this.certificate)); } X509IssuerSerialKeyIdentifierClause identifierClause3 = keyIdentifierClause as X509IssuerSerialKeyIdentifierClause; if (identifierClause3 != null) { return(identifierClause3.Matches(this.certificate)); } X509RawDataKeyIdentifierClause identifierClause4 = keyIdentifierClause as X509RawDataKeyIdentifierClause; if (identifierClause4 != null) { return(identifierClause4.Matches(this.certificate)); } return(base.MatchesKeyIdentifierClause(keyIdentifierClause)); }
/// <summary>Creates the specified key identifier clause.</summary> /// <typeparam name="T">A <see cref="T:System.IdentityModel.Tokens.SecurityKeyIdentifierClause" /> that specifies the key identifier to create.</typeparam> /// <returns>A <see cref="T:System.IdentityModel.Tokens.SecurityKeyIdentifierClause" /> that is a key identifier clause for the security token.</returns> public override T CreateKeyIdentifierClause <T>() { this.ThrowIfDisposed(); if (typeof(T) == typeof(X509SubjectKeyIdentifierClause)) { X509SubjectKeyIdentifierClause keyIdentifierClause; if (X509SubjectKeyIdentifierClause.TryCreateFrom(this.certificate, out keyIdentifierClause)) { return(keyIdentifierClause as T); } } else { if (typeof(T) == typeof(X509ThumbprintKeyIdentifierClause)) { return(new X509ThumbprintKeyIdentifierClause(this.certificate) as T); } if (typeof(T) == typeof(X509IssuerSerialKeyIdentifierClause)) { return(new X509IssuerSerialKeyIdentifierClause(this.certificate) as T); } if (typeof(T) == typeof(X509RawDataKeyIdentifierClause)) { return(new X509RawDataKeyIdentifierClause(this.certificate) as T); } } return(base.CreateKeyIdentifierClause <T>()); }
/// <summary>Creates a key identifier clause using the specified X.509 certificate.</summary> /// <param name="certificate">An <see cref="T:System.Security.Cryptography.X509Certificates.X509Certificate2" /> to create the key identifier clause for.</param> /// <param name="keyIdentifierClause">When this method returns, contains a <see cref="T:System.IdentityModel.Tokens.X509SubjectKeyIdentifierClause" /> that represents the key identifier clause. This parameter is passed uninitialized. </param> /// <returns> /// <see langword="true" /> when a key identifier clause can be created for the specified X.509 certificate; otherwise, <see langword="false" />. </returns> /// <exception cref="T:System.ArgumentNullException"> /// <paramref name="certificate" /> is <see langword="null" />.</exception> public static bool TryCreateFrom( X509Certificate2 certificate, out X509SubjectKeyIdentifierClause keyIdentifierClause) { byte[] skiRawData = X509SubjectKeyIdentifierClause.GetSkiRawData(certificate); keyIdentifierClause = (X509SubjectKeyIdentifierClause)null; if (skiRawData != null) { byte[] ski = CloneBuffer(skiRawData, 2, skiRawData.Length - 2); keyIdentifierClause = new X509SubjectKeyIdentifierClause(ski, false); } return(keyIdentifierClause != null); }
/// <summary>Returns a value that indicates whether the key identifier for this instance is equivalent to the key identifier of the specified X.509 certificate.</summary> /// <param name="certificate">An <see cref="T:System.Security.Cryptography.X509Certificates.X509Certificate2" /> that contains the X.509 certificate to compare.</param> /// <returns> /// <see langword="true" /> if <paramref name="certificate" /> has the same subject key identifier as the current instance; otherwise, <see langword="false" />.</returns> /// <exception cref="T:System.ArgumentNullException"> /// <paramref name="certificate" /> is <see langword="null" />.</exception> public bool Matches(X509Certificate2 certificate) { if (certificate == null) { return(false); } byte[] skiRawData = X509SubjectKeyIdentifierClause.GetSkiRawData(certificate); if (skiRawData != null) { return(this.Matches(skiRawData, 2)); } return(false); }
/// <summary>Gets a value indicating whether this security token is capable of creating the specified key identifier.</summary> public override bool CanCreateKeyIdentifierClause <T>() { this.ThrowIfDisposed(); if (typeof(T) == typeof(X509SubjectKeyIdentifierClause)) { return(X509SubjectKeyIdentifierClause.CanCreateFrom(this.certificate)); } if (!(typeof(T) == typeof(X509ThumbprintKeyIdentifierClause)) && !(typeof(T) == typeof(X509IssuerSerialKeyIdentifierClause)) && !(typeof(T) == typeof(X509RawDataKeyIdentifierClause))) { return(base.CanCreateKeyIdentifierClause <T>()); } return(true); }
/// <summary>Gets a value that indicates whether a key identifier clause can be created for the specified X.509 certificate. </summary> /// <param name="certificate">An <see cref="T:System.Security.Cryptography.X509Certificates.X509Certificate2" /> that contains the X.509 certificate.</param> /// <returns> /// <see langword="true" /> if a key identifier clause can be created for <paramref name="certificate" />; otherwise, <see langword="false" />.</returns> /// <exception cref="T:System.ArgumentNullException"> /// <paramref name="certificate" /> is <see langword="null" />.</exception> public static bool CanCreateFrom(X509Certificate2 certificate) { return(X509SubjectKeyIdentifierClause.GetSkiRawData(certificate) != null); }