void WriteEncryptedKeyIdentifierClause( XmlWriter w, EncryptedKeyIdentifierClause ic) { w.WriteStartElement("e", "EncryptedKey", EncryptedXml.XmlEncNamespaceUrl); w.WriteStartElement("EncryptionMethod", EncryptedXml.XmlEncNamespaceUrl); w.WriteAttributeString("Algorithm", ic.EncryptionMethod); w.WriteEndElement(); if (ic.EncryptingKeyIdentifier != null) { w.WriteStartElement("KeyInfo", SignedXml.XmlDsigNamespaceUrl); foreach (SecurityKeyIdentifierClause ckic in ic.EncryptingKeyIdentifier) { WriteKeyIdentifierClause(w, ckic); } w.WriteEndElement(); } w.WriteStartElement("CipherData", EncryptedXml.XmlEncNamespaceUrl); w.WriteStartElement("CipherValue", EncryptedXml.XmlEncNamespaceUrl); w.WriteString(Convert.ToBase64String(ic.GetEncryptedKey())); w.WriteEndElement(); w.WriteEndElement(); if (ic.CarriedKeyName != null) { w.WriteElementString("CarriedKeyName", EncryptedXml.XmlEncNamespaceUrl, ic.CarriedKeyName); } w.WriteEndElement(); }
public override void WriteKeyIdentifierClauseCore(XmlDictionaryWriter writer, SecurityKeyIdentifierClause keyIdentifierClause) { EncryptedKeyIdentifierClause clause = keyIdentifierClause as EncryptedKeyIdentifierClause; writer.WriteStartElement(XD.XmlEncryptionDictionary.Prefix.Value, XD.XmlEncryptionDictionary.EncryptedKey, this.NamespaceUri); if (clause.EncryptionMethod != null) { writer.WriteStartElement(XD.XmlEncryptionDictionary.Prefix.Value, XD.XmlEncryptionDictionary.EncryptionMethod, this.NamespaceUri); writer.WriteAttributeString(XD.XmlEncryptionDictionary.AlgorithmAttribute, null, clause.EncryptionMethod); if (clause.EncryptionMethod == XD.SecurityAlgorithmDictionary.RsaOaepKeyWrap.Value) { writer.WriteStartElement("", XD.XmlSignatureDictionary.DigestMethod, XD.XmlSignatureDictionary.Namespace); writer.WriteAttributeString(XD.XmlSignatureDictionary.Algorithm, null, "http://www.w3.org/2000/09/xmldsig#sha1"); writer.WriteEndElement(); } writer.WriteEndElement(); } if (clause.EncryptingKeyIdentifier != null) { this.tokenSerializer.WriteKeyIdentifier(writer, clause.EncryptingKeyIdentifier); } writer.WriteStartElement(XD.XmlEncryptionDictionary.Prefix.Value, XD.XmlEncryptionDictionary.CipherData, this.NamespaceUri); writer.WriteStartElement(XD.XmlEncryptionDictionary.Prefix.Value, XD.XmlEncryptionDictionary.CipherValue, this.NamespaceUri); byte[] encryptedKey = clause.GetEncryptedKey(); writer.WriteBase64(encryptedKey, 0, encryptedKey.Length); writer.WriteEndElement(); writer.WriteEndElement(); if (clause.CarriedKeyName != null) { writer.WriteElementString(XD.XmlEncryptionDictionary.Prefix.Value, XD.XmlEncryptionDictionary.CarriedKeyName, this.NamespaceUri, clause.CarriedKeyName); } writer.WriteEndElement(); }
protected override bool TryResolveSecurityKeyCore(SecurityKeyIdentifierClause keyIdentifierClause, out SecurityKey key) { if (keyIdentifierClause == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("keyIdentifierClause"); } key = null; for (int i = 0; i < _tokens.Count; ++i) { SecurityKey securityKey = _tokens[i].ResolveKeyIdentifierClause(keyIdentifierClause); if (securityKey != null) { key = securityKey; return(true); } } if (keyIdentifierClause is EncryptedKeyIdentifierClause) { EncryptedKeyIdentifierClause keyClause = (EncryptedKeyIdentifierClause)keyIdentifierClause; SecurityKeyIdentifier keyIdentifier = keyClause.EncryptingKeyIdentifier; if (keyIdentifier != null && keyIdentifier.Count > 0) { for (int i = 0; i < keyIdentifier.Count; i++) { SecurityKey unwrappingSecurityKey = null; if (TryResolveSecurityKey(keyIdentifier[i], out unwrappingSecurityKey)) { byte[] wrappedKey = keyClause.GetEncryptedKey(); string wrappingAlgorithm = keyClause.EncryptionMethod; byte[] unwrappedKey = unwrappingSecurityKey.DecryptKey(wrappingAlgorithm, wrappedKey); key = new InMemorySymmetricSecurityKey(unwrappedKey, false); return(true); } } } } return(key != null); }
protected override bool TryResolveSecurityKeyCore(SecurityKeyIdentifierClause keyIdentifierClause, out SecurityKey key) { if (keyIdentifierClause == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("keyIdentifierClause"); } key = null; for (int i = 0; i < this.tokens.Count; i++) { SecurityKey key2 = this.tokens[i].ResolveKeyIdentifierClause(keyIdentifierClause); if (key2 != null) { key = key2; return(true); } } if (keyIdentifierClause is EncryptedKeyIdentifierClause) { EncryptedKeyIdentifierClause clause = (EncryptedKeyIdentifierClause)keyIdentifierClause; SecurityKeyIdentifier encryptingKeyIdentifier = clause.EncryptingKeyIdentifier; if ((encryptingKeyIdentifier != null) && (encryptingKeyIdentifier.Count > 0)) { for (int j = 0; j < encryptingKeyIdentifier.Count; j++) { SecurityKey key3 = null; if (base.TryResolveSecurityKey(encryptingKeyIdentifier[j], out key3)) { byte[] encryptedKey = clause.GetEncryptedKey(); string encryptionMethod = clause.EncryptionMethod; byte[] symmetricKey = key3.DecryptKey(encryptionMethod, encryptedKey); key = new InMemorySymmetricSecurityKey(symmetricKey, false); return(true); } } } } return(key != null); }
/// <summary> /// Resolves the given SecurityKeyIdentifierClause to a SecurityKey. /// </summary> /// <param name="keyIdentifierClause">SecurityKeyIdentifierClause to resolve</param> /// <param name="key">The resolved SecurityKey.</param> /// <returns>True if successfully resolved.</returns> /// <exception cref="ArgumentNullException">The input argument 'keyIdentifierClause' is null.</exception> protected override bool TryResolveSecurityKeyCore(SecurityKeyIdentifierClause keyIdentifierClause, out SecurityKey key) { if (keyIdentifierClause == null) { throw new ArgumentNullException("keyIdentifierClause"); } key = null; EncryptedKeyIdentifierClause encryptedKeyIdentifierClause = keyIdentifierClause as EncryptedKeyIdentifierClause; if (encryptedKeyIdentifierClause != null) { SecurityKeyIdentifier keyIdentifier = encryptedKeyIdentifierClause.EncryptingKeyIdentifier; if (keyIdentifier != null && keyIdentifier.Count > 0) { for (int i = 0; i < keyIdentifier.Count; i++) { SecurityKey unwrappingSecurityKey = null; if (TryResolveSecurityKey(keyIdentifier[i], out unwrappingSecurityKey)) { key = new InMemorySymmetricSecurityKey(unwrappingSecurityKey.DecryptKey(encryptedKeyIdentifierClause.EncryptionMethod, encryptedKeyIdentifierClause.GetEncryptedKey()), false); return(true); } } } } else { SecurityToken token = null; if (TryResolveToken(keyIdentifierClause, out token)) { if (token.SecurityKeys.Count > 0) { key = token.SecurityKeys[0]; return(true); } } } return(false); }