private static SignatureProvider CreateProvider(SecurityKey key, string algorithm, bool willCreateSignatures)
{
if (key == null)
{
throw new ArgumentNullException("key");
}
if (algorithm == null)
{
throw new ArgumentNullException("algorithm");
}
if (string.IsNullOrWhiteSpace(algorithm))
{
throw new ArgumentException(string.Format(CultureInfo.InvariantCulture, ErrorMessages.IDX10002, "algorithm "));
}
AsymmetricSecurityKey asymmetricKey = key as AsymmetricSecurityKey;
if (asymmetricKey != null)
{
if (willCreateSignatures)
{
if (asymmetricKey.KeySize < MinimumAsymmetricKeySizeInBitsForSigning)
{
throw new ArgumentOutOfRangeException("key.KeySize", asymmetricKey.KeySize, string.Format(CultureInfo.InvariantCulture, ErrorMessages.IDX10630, key.GetType(), MinimumAsymmetricKeySizeInBitsForSigning));
}
}
if (asymmetricKey.KeySize < MinimumAsymmetricKeySizeInBitsForVerifying)
{
throw new ArgumentOutOfRangeException("key.KeySize", asymmetricKey.KeySize, string.Format(CultureInfo.InvariantCulture, ErrorMessages.IDX10631, key.GetType(), MinimumAsymmetricKeySizeInBitsForVerifying));
}
return new AsymmetricSignatureProvider(asymmetricKey, algorithm, willCreateSignatures);
}
SymmetricSecurityKey symmetricKey = key as SymmetricSecurityKey;
if (symmetricKey != null)
{
if (symmetricKey.KeySize < MinimumSymmetricKeySizeInBits)
{
throw new ArgumentOutOfRangeException("key.KeySize", key.KeySize, string.Format(CultureInfo.InvariantCulture, ErrorMessages.IDX10603, key.GetType(), MinimumSymmetricKeySizeInBits));
}
return new SymmetricSignatureProvider(symmetricKey, algorithm);
}
throw new ArgumentException(string.Format(CultureInfo.InvariantCulture, ErrorMessages.IDX10600, typeof(SignatureProvider).ToString(), typeof(SecurityKey), typeof(AsymmetricSecurityKey), typeof(SymmetricSecurityKey), key.GetType()));
}
/// <summary>
/// Produces a signature over the 'input' using the <see cref="SecurityKey"/> and algorithm specified.
/// </summary>
/// <param name="inputString">string to be signed</param>
/// <param name="key">the <see cref="SecurityKey"/> to use.</param>
/// <param name="algorithm">the algorithm to use.</param>
/// <param name="signatureProvider">if provided, the <see cref="SignatureProvider"/> will be used to sign the token</param>
/// <returns>The signature over the bytes obtained from UTF8Encoding.GetBytes( 'input' ).</returns>
/// <remarks>The <see cref="SignatureProvider"/> used to created the signature is obtained by calling <see cref="System.IdentityModel.Tokens.SignatureProviderFactory.CreateForSigning(SecurityKey, string)"/>.</remarks>
/// <exception cref="ArgumentNullException">'input' is null.</exception>
/// <exception cref="InvalidProgramException"><see cref="System.IdentityModel.Tokens.SignatureProviderFactory.CreateForSigning(SecurityKey, string)"/> returns null.</exception>
internal byte[] CreateSignature(string inputString, SecurityKey key, string algorithm, SignatureProvider signatureProvider = null)
{
if (null == inputString)
{
throw new ArgumentNullException("inputString");
}
SignatureProvider provider;
if (signatureProvider != null)
{
return signatureProvider.Sign(Encoding.UTF8.GetBytes(inputString));
}
else
{
provider = SignatureProviderFactory.CreateForSigning(key, algorithm);
if (provider == null)
{
throw new InvalidProgramException(string.Format(CultureInfo.InvariantCulture, ErrorMessages.IDX10635, SignatureProviderFactory.GetType(), typeof(SignatureProvider), key == null ? "<null>" : key.GetType().ToString(), algorithm == null ? "<null>" : algorithm));
}
byte[] bytes = provider.Sign(Encoding.UTF8.GetBytes(inputString));
SignatureProviderFactory.ReleaseProvider(provider);
return bytes;
}
}
private SignatureProvider CreateProvider(SecurityKey key, string algorithm, bool willCreateSignatures)
{
_Logger?.LogDebug($"Creating {algorithm} provider for {key.KeyId} for {(willCreateSignatures ? "signing" : "verifying")}");
if (key == null)
throw new ArgumentNullException(nameof(key));
if (string.IsNullOrWhiteSpace(algorithm))
throw new ArgumentNullException(nameof(algorithm));
//AsymmetricSecurityKey asymmetricSecurityKey = key as AsymmetricSecurityKey;
//if (asymmetricSecurityKey != null)
// return new AsymmetricSignatureProvider(asymmetricSecurityKey, algorithm, willCreateSignatures, this.AsymmetricAlgorithmResolver);
SymmetricSecurityKey symmetricSecurityKey = key as SymmetricSecurityKey;
if (symmetricSecurityKey != null)
return new SymmetricSignatureProvider(symmetricSecurityKey, algorithm);
JsonWebKey jsonWebKey = key as JsonWebKey;
if (jsonWebKey != null && jsonWebKey.Kty != null)
{
//if (jsonWebKey.Kty == "RSA" || jsonWebKey.Kty == "EC")
// return new AsymmetricSignatureProvider(key, algorithm, willCreateSignatures, this.AsymmetricAlgorithmResolver);
if (jsonWebKey.Kty == "oct")
return new SymmetricSignatureProvider(key, algorithm);
}
throw new ArgumentException($"{typeof(SignatureProvider)} supports: '{typeof(SecurityKey)}' of types: '{typeof(AsymmetricSecurityKey)}' or '{typeof(AsymmetricSecurityKey)}'. SecurityKey received was of type: '{key.GetType()}'.");
}
private static SignatureProvider CreateProvider(SecurityKey key, string algorithm, bool willCreateSignatures)
{
if (key == null)
{
throw new ArgumentNullException("key");
}
if (algorithm == null)
{
throw new ArgumentNullException("algorithm");
}
if (string.IsNullOrWhiteSpace(algorithm))
{
throw new ArgumentException(string.Format(CultureInfo.InvariantCulture, ErrorMessages.IDX10002, "algorithm "));
}
AsymmetricSecurityKey asymmetricKey = key as AsymmetricSecurityKey;
if (asymmetricKey != null)
{
if (willCreateSignatures)
{
if (asymmetricKey.KeySize < MinimumAsymmetricKeySizeInBitsForSigning)
{
throw new ArgumentOutOfRangeException("key.KeySize", asymmetricKey.KeySize, string.Format(CultureInfo.InvariantCulture, ErrorMessages.IDX10630, key.GetType(), MinimumAsymmetricKeySizeInBitsForSigning));
}
}
if (asymmetricKey.KeySize < MinimumAsymmetricKeySizeInBitsForVerifying)
{
throw new ArgumentOutOfRangeException("key.KeySize", asymmetricKey.KeySize, string.Format(CultureInfo.InvariantCulture, ErrorMessages.IDX10631, key.GetType(), MinimumAsymmetricKeySizeInBitsForVerifying));
}
return(new AsymmetricSignatureProvider(asymmetricKey, algorithm, willCreateSignatures));
}
SymmetricSecurityKey symmetricKey = key as SymmetricSecurityKey;
if (symmetricKey != null)
{
if (symmetricKey.KeySize < MinimumSymmetricKeySizeInBits)
{
throw new ArgumentOutOfRangeException("key.KeySize", key.KeySize, string.Format(CultureInfo.InvariantCulture, ErrorMessages.IDX10603, key.GetType(), MinimumSymmetricKeySizeInBits));
}
return(new SymmetricSignatureProvider(symmetricKey, algorithm));
}
throw new ArgumentException(string.Format(CultureInfo.InvariantCulture, ErrorMessages.IDX10600, typeof(SignatureProvider).ToString(), typeof(SecurityKey), typeof(AsymmetricSecurityKey), typeof(SymmetricSecurityKey), key.GetType()));
}
private SignatureProvider CreateProvider(SecurityKey key, string algorithm, bool willCreateSignatures)
{
_Logger?.LogDebug($"Creating {algorithm} provider for {key.KeyId} for {(willCreateSignatures ? "signing" : "verifying")}");
if (key == null)
{
throw new ArgumentNullException(nameof(key));
}
if (string.IsNullOrWhiteSpace(algorithm))
{
throw new ArgumentNullException(nameof(algorithm));
}
//AsymmetricSecurityKey asymmetricSecurityKey = key as AsymmetricSecurityKey;
//if (asymmetricSecurityKey != null)
// return new AsymmetricSignatureProvider(asymmetricSecurityKey, algorithm, willCreateSignatures, this.AsymmetricAlgorithmResolver);
SymmetricSecurityKey symmetricSecurityKey = key as SymmetricSecurityKey;
if (symmetricSecurityKey != null)
{
return(new SymmetricSignatureProvider(symmetricSecurityKey, algorithm));
}
JsonWebKey jsonWebKey = key as JsonWebKey;
if (jsonWebKey != null && jsonWebKey.Kty != null)
{
//if (jsonWebKey.Kty == "RSA" || jsonWebKey.Kty == "EC")
// return new AsymmetricSignatureProvider(key, algorithm, willCreateSignatures, this.AsymmetricAlgorithmResolver);
if (jsonWebKey.Kty == "oct")
{
return(new SymmetricSignatureProvider(key, algorithm));
}
}
throw new ArgumentException($"{typeof(SignatureProvider)} supports: '{typeof(SecurityKey)}' of types: '{typeof(AsymmetricSecurityKey)}' or '{typeof(AsymmetricSecurityKey)}'. SecurityKey received was of type: '{key.GetType()}'.");
}
