示例#1
0
        private (string keyPairId, SigningCredentials signingCredentials) GetSigningCredentials(SigType sigType)
        {
            switch (sigType)
            {
            case SigType.Asymmetric:
            {
                if (_privateKeyStore == null)
                {
                    return(null, null);
                }

                var(keyPairId, key) = _privateKeyStore.GetLatestKey();      // latest key, ordered by CreationTimeUtc
                var rsaParameters = new OpenSSLPrivateKeyDecoder().DecodeParameters(key);
                var securityKey   = new RsaSecurityKey(rsaParameters);
                //return (keyPairId, new SigningCredentials(securityKey, SecurityAlgorithms.RsaSha256Signature));
                return(keyPairId, new SigningCredentials(securityKey, "RS256"));      // to make it compatible with non-microsoft clients
            }

            case SigType.Symmetric:
            default:
            {
                if (_symmetricKeyStore == null)
                {
                    return(null, null);
                }

                var secret = _symmetricKeyStore.GetKey();
                return(null, new SigningCredentials(new SymmetricSecurityKey(Encoding.ASCII.GetBytes(secret)), SecurityAlgorithms.HmacSha256Signature));
            }
            }
        }
        private SecurityKey GetSymmetricSecurityKey()
        {
            if (_symmetricKeyStore == null)
            {
                _logger.LogError("Symmetric Key store not available");
                return(null);
            }

            var key = _symmetricKeyStore.GetKey();

            if (key == null)
            {
                _logger.LogError("Couldn't retrieve symmetric signing key");
                return(null);
            }

            var securityKey = new SymmetricSecurityKey(Encoding.ASCII.GetBytes(key));

            _logger.LogError("Created security key {SecurityKeyId}", securityKey.KeyId);
            return(securityKey);
        }
        private SecurityKey GetAsymmetricSecurityKey(string keyPairId)
        {
            if (_publicKeyStore == null)
            {
                _logger.LogError("Public Key store not available");
                return(null);
            }

            // get key by keyPairId or latest
            var key = _publicKeyStore.GetKey(keyPairId);

            if (key == null)
            {
                _logger.LogError("Couldn't retrieve public key");
                return(null);
            }

            var securityKey = new RsaSecurityKey(new OpenSSLPublicKeyDecoder().DecodeParameters(key));

            _logger.LogError("Created security key {SecurityKeyId}", securityKey.KeyId);
            return(securityKey);
        }