/// <summary> /// Sets the signing credential. /// </summary> /// <param name="builder">The builder.</param> /// <param name="rsaKey">The RSA key.</param> /// <returns></returns> /// <exception cref="InvalidOperationException">RSA key does not have a private key.</exception> public static IHttpSignatureBuilder AddSigningCredential(this IHttpSignatureBuilder builder, RsaSecurityKey rsaKey) { if (rsaKey.PrivateKeyStatus == PrivateKeyStatus.DoesNotExist) { throw new InvalidOperationException("RSA key does not have a private key."); } var credential = new SigningCredentials(rsaKey, "RS256"); return(builder.AddSigningCredential(credential)); }
/// <summary> /// Sets the signing credential. /// </summary> /// <param name="builder">The builder.</param> /// <param name="certificate">The certificate.</param> /// <returns></returns> /// <exception cref="ArgumentNullException"></exception> /// <exception cref="InvalidOperationException">X509 certificate does not have a private key.</exception> public static IHttpSignatureBuilder AddSigningCredential(this IHttpSignatureBuilder builder, X509Certificate2 certificate) { if (certificate == null) { throw new ArgumentNullException(nameof(certificate)); } if (!certificate.HasPrivateKey) { throw new InvalidOperationException("X509 certificate does not have a private key."); } var credential = new SigningCredentials(new X509SecurityKey(certificate), "RS256"); return(builder.AddSigningCredential(credential)); }
/// <summary> /// Sets the signing credential. /// </summary> /// <param name="builder">The builder.</param> /// <param name="credential">The credential.</param> /// <returns></returns> public static IHttpSignatureBuilder AddSigningCredential(this IHttpSignatureBuilder builder, SigningCredentials credential) { if (!(credential.Key is AsymmetricSecurityKey || (credential.Key is JsonWebKey key && key.HasPrivateKey))) { throw new InvalidOperationException("Signing key is not asymmetric."); } builder.Services.AddSingleton <IHttpSigningCredentialsStore>(new DefaultHttpSigningCredentialsStore(credential)); builder.Services.AddSingleton <IHttpValidationKeysStore>(new DefaultHttpValidationKeysStore(new[] { credential.Key })); var options = ((HttpSignatureBuilder)builder).Options; if (!options.ResponseSigning.HasValue) { options.ResponseSigning = true; } return(builder); }