internal static byte[] DecryptKey(SecurityToken unwrappingToken, string encryptionMethod, byte[] wrappedKey, out SecurityKey unwrappingSecurityKey)
{
unwrappingSecurityKey = null;
if (unwrappingToken.SecurityKeys != null)
{
for (int i = 0; i < unwrappingToken.SecurityKeys.Count; ++i)
{
if (unwrappingToken.SecurityKeys[i].IsSupportedAlgorithm(encryptionMethod))
{
unwrappingSecurityKey = unwrappingToken.SecurityKeys[i];
break;
}
}
}
if (unwrappingSecurityKey == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperWarning(new SecurityMessageSerializationException(SR.GetString(SR.CannotFindMatchingCrypto, encryptionMethod)));
}
return(unwrappingSecurityKey.DecryptKey(encryptionMethod, wrappedKey));
}
protected override bool TryResolveSecurityKeyCore(SecurityKeyIdentifierClause keyIdentifierClause, out SecurityKey key)
{
if (keyIdentifierClause == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("keyIdentifierClause");
}
key = null;
for (int i = 0; i < _tokens.Count; ++i)
{
SecurityKey securityKey = _tokens[i].ResolveKeyIdentifierClause(keyIdentifierClause);
if (securityKey != null)
{
key = securityKey;
return(true);
}
}
if (keyIdentifierClause is EncryptedKeyIdentifierClause)
{
EncryptedKeyIdentifierClause keyClause = (EncryptedKeyIdentifierClause)keyIdentifierClause;
SecurityKeyIdentifier keyIdentifier = keyClause.EncryptingKeyIdentifier;
if (keyIdentifier != null && keyIdentifier.Count > 0)
{
for (int i = 0; i < keyIdentifier.Count; i++)
{
SecurityKey unwrappingSecurityKey = null;
if (TryResolveSecurityKey(keyIdentifier[i], out unwrappingSecurityKey))
{
byte[] wrappedKey = keyClause.GetEncryptedKey();
string wrappingAlgorithm = keyClause.EncryptionMethod;
byte[] unwrappedKey = unwrappingSecurityKey.DecryptKey(wrappingAlgorithm, wrappedKey);
key = new InMemorySymmetricSecurityKey(unwrappedKey, false);
return(true);
}
}
}
}
return(key != null);
}
/// <summary>
/// Resolves the given SecurityKeyIdentifierClause to a SecurityKey.
/// </summary>
/// <param name="keyIdentifierClause">SecurityKeyIdentifierClause to resolve</param>
/// <param name="key">The resolved SecurityKey.</param>
/// <returns>True if successfully resolved.</returns>
/// <exception cref="ArgumentNullException">The input argument 'keyIdentifierClause' is null.</exception>
protected override bool TryResolveSecurityKeyCore(SecurityKeyIdentifierClause keyIdentifierClause, out SecurityKey key)
{
if (keyIdentifierClause == null)
{
throw new ArgumentNullException("keyIdentifierClause");
}
key = null;
EncryptedKeyIdentifierClause encryptedKeyIdentifierClause = keyIdentifierClause as EncryptedKeyIdentifierClause;
if (encryptedKeyIdentifierClause != null)
{
SecurityKeyIdentifier keyIdentifier = encryptedKeyIdentifierClause.EncryptingKeyIdentifier;
if (keyIdentifier != null && keyIdentifier.Count > 0)
{
for (int i = 0; i < keyIdentifier.Count; i++)
{
SecurityKey unwrappingSecurityKey = null;
if (TryResolveSecurityKey(keyIdentifier[i], out unwrappingSecurityKey))
{
key = new InMemorySymmetricSecurityKey(unwrappingSecurityKey.DecryptKey(encryptedKeyIdentifierClause.EncryptionMethod, encryptedKeyIdentifierClause.GetEncryptedKey()), false);
return(true);
}
}
}
}
else
{
SecurityToken token = null;
if (TryResolveToken(keyIdentifierClause, out token))
{
if (token.SecurityKeys.Count > 0)
{
key = token.SecurityKeys[0];
return(true);
}
}
}
return(false);
}
protected override bool TryResolveSecurityKeyCore(SecurityKeyIdentifierClause keyIdentifierClause, out SecurityKey key)
{
if (keyIdentifierClause == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("keyIdentifierClause");
}
key = null;
for (int i = 0; i < this.tokens.Count; i++)
{
SecurityKey key2 = this.tokens[i].ResolveKeyIdentifierClause(keyIdentifierClause);
if (key2 != null)
{
key = key2;
return(true);
}
}
if (keyIdentifierClause is EncryptedKeyIdentifierClause)
{
EncryptedKeyIdentifierClause clause = (EncryptedKeyIdentifierClause)keyIdentifierClause;
SecurityKeyIdentifier encryptingKeyIdentifier = clause.EncryptingKeyIdentifier;
if ((encryptingKeyIdentifier != null) && (encryptingKeyIdentifier.Count > 0))
{
for (int j = 0; j < encryptingKeyIdentifier.Count; j++)
{
SecurityKey key3 = null;
if (base.TryResolveSecurityKey(encryptingKeyIdentifier[j], out key3))
{
byte[] encryptedKey = clause.GetEncryptedKey();
string encryptionMethod = clause.EncryptionMethod;
byte[] symmetricKey = key3.DecryptKey(encryptionMethod, encryptedKey);
key = new InMemorySymmetricSecurityKey(symmetricKey, false);
return(true);
}
}
}
}
return(key != null);
}
