internal RSAParameters CreateRsaParameters()
{
if (N == null || E == null)
throw LogHelper.LogExceptionMessage(new ArgumentException(String.Format(CultureInfo.InvariantCulture, LogMessages.IDX10700, this)));
RSAParameters parameters = new RSAParameters();
if (D != null)
parameters.D = Base64UrlEncoder.DecodeBytes(D);
if (DP != null)
parameters.DP = Base64UrlEncoder.DecodeBytes(DP);
if (DQ != null)
parameters.DQ = Base64UrlEncoder.DecodeBytes(DQ);
if (QI != null)
parameters.InverseQ = Base64UrlEncoder.DecodeBytes(QI);
if (P != null)
parameters.P = Base64UrlEncoder.DecodeBytes(P);
if (Q != null)
parameters.Q = Base64UrlEncoder.DecodeBytes(Q);
parameters.Exponent = Base64UrlEncoder.DecodeBytes(E);
parameters.Modulus = Base64UrlEncoder.DecodeBytes(N);
return parameters;
}
/// <summary>
/// Called to obtain the byte[] needed to create a <see cref="KeyedHashAlgorithm"/>
/// </summary>
/// <param name="key"><see cref="SecurityKey"/>that will be used to obtain the byte[].</param>
/// <returns><see cref="byte"/>[] that is used to populated the KeyedHashAlgorithm.</returns>
/// <exception cref="ArgumentNullException">if key is null.</exception>
/// <exception cref="ArgumentException">if a byte[] can not be obtained from SecurityKey.</exception>
/// <remarks><see cref="SymmetricSecurityKey"/> and <see cref="JsonWebKey"/> are supported.
/// <para>For a <see cref="SymmetricSecurityKey"/> .Key is returned</para>
/// <para>For a <see cref="JsonWebKey"/>Base64UrlEncoder.DecodeBytes is called with <see cref="JsonWebKey.K"/> if <see cref="JsonWebKey.Kty"/> == JsonWebAlgorithmsKeyTypes.Octet</para>
/// </remarks>
protected virtual byte[] GetKeyBytes(SecurityKey key)
{
if (key == null)
{
LogHelper.LogArgumentNullException(nameof(key));
}
SymmetricSecurityKey symmetricSecurityKey = key as SymmetricSecurityKey;
if (symmetricSecurityKey != null)
{
return(symmetricSecurityKey.Key);
}
JsonWebKey jsonWebKey = key as JsonWebKey;
if (jsonWebKey != null && jsonWebKey.K != null && jsonWebKey.Kty == JsonWebAlgorithmsKeyTypes.Octet)
{
return(Base64UrlEncoder.DecodeBytes(jsonWebKey.K));
}
throw LogHelper.LogExceptionMessage(new ArgumentException(string.Format(CultureInfo.InvariantCulture, LogMessages.IDX10667, key)));
}
/// <summary>
/// Returns the JsonWebKeys as a <see cref="IList{SecurityKey}"/>.
/// </summary>
public IList <SecurityKey> GetSigningKeys()
{
List <SecurityKey> keys = new List <SecurityKey>();
for (int i = 0; i < Keys.Count; i++)
{
JsonWebKey webKey = Keys[i];
if (!StringComparer.Ordinal.Equals(webKey.Kty, JsonWebAlgorithmsKeyTypes.RSA))
{
continue;
}
if ((string.IsNullOrWhiteSpace(webKey.Use) || (StringComparer.Ordinal.Equals(webKey.Use, JsonWebKeyUseNames.Sig))))
{
if (webKey.X5c != null)
{
foreach (var certString in webKey.X5c)
{
try
{
// Add chaining
SecurityKey key = new X509SecurityKey(new X509Certificate2(Convert.FromBase64String(certString)));
key.KeyId = webKey.Kid;
keys.Add(key);
}
catch (CryptographicException ex)
{
throw LogHelper.LogExceptionMessage(new InvalidOperationException(String.Format(CultureInfo.InvariantCulture, LogMessages.IDX10802, webKey.X5c[0]), ex));
}
catch (FormatException fex)
{
throw LogHelper.LogExceptionMessage(new InvalidOperationException(String.Format(CultureInfo.InvariantCulture, LogMessages.IDX10802, webKey.X5c[0]), fex));
}
}
}
if (!string.IsNullOrWhiteSpace(webKey.E) && !string.IsNullOrWhiteSpace(webKey.N))
{
try
{
SecurityKey key =
new RsaSecurityKey
(
new RSAParameters
{
Exponent = Base64UrlEncoder.DecodeBytes(webKey.E),
Modulus = Base64UrlEncoder.DecodeBytes(webKey.N),
}
);
key.KeyId = webKey.Kid;
keys.Add(key);
}
catch (CryptographicException ex)
{
throw LogHelper.LogExceptionMessage(new InvalidOperationException(String.Format(CultureInfo.InvariantCulture, LogMessages.IDX10801, webKey.E, webKey.N), ex));
}
catch (FormatException ex)
{
throw LogHelper.LogExceptionMessage(new InvalidOperationException(String.Format(CultureInfo.InvariantCulture, LogMessages.IDX10801, webKey.E, webKey.N), ex));
}
}
}
}
return(keys);
}
internal ECDsaCng CreateECDsa(string algorithm, bool usePrivateKey)
{
if (Crv == null)
throw LogHelper.LogArgumentNullException(nameof(Crv));
if (X == null)
throw LogHelper.LogArgumentNullException(nameof(X));
if (Y == null)
throw LogHelper.LogArgumentNullException(nameof(Y));
GCHandle keyBlobHandle = new GCHandle();
try
{
uint dwMagic = GetMagicValue(Crv, usePrivateKey);
uint cbKey = GetKeyByteCount(Crv);
byte[] keyBlob;
#if NET45
if (usePrivateKey)
keyBlob = new byte[3 * cbKey + 2 * Marshal.SizeOf(typeof(uint))];
else
keyBlob = new byte[2 * cbKey + 2 * Marshal.SizeOf(typeof(uint))];
#else
if (usePrivateKey)
keyBlob = new byte[3 * cbKey + 2 * Marshal.SizeOf<uint>()];
else
keyBlob = new byte[2 * cbKey + 2 * Marshal.SizeOf<uint>()];
#endif
keyBlobHandle = GCHandle.Alloc(keyBlob, GCHandleType.Pinned);
IntPtr keyBlobPtr = keyBlobHandle.AddrOfPinnedObject();
byte[] x = Base64UrlEncoder.DecodeBytes(X);
byte[] y = Base64UrlEncoder.DecodeBytes(Y);
Marshal.WriteInt64(keyBlobPtr, 0, dwMagic);
Marshal.WriteInt64(keyBlobPtr, 4, cbKey);
int index = 8;
foreach (byte b in x)
Marshal.WriteByte(keyBlobPtr, index++, b);
foreach (byte b in y)
Marshal.WriteByte(keyBlobPtr, index++, b);
if (usePrivateKey)
{
if (D == null)
throw LogHelper.LogArgumentNullException(nameof(D));
byte[] d = Base64UrlEncoder.DecodeBytes(D);
foreach (byte b in d)
Marshal.WriteByte(keyBlobPtr, index++, b);
Marshal.Copy(keyBlobPtr, keyBlob, 0, keyBlob.Length);
using (CngKey cngKey = CngKey.Import(keyBlob, CngKeyBlobFormat.EccPrivateBlob))
{
if (Utility.ValidateECDSAKeySize(cngKey.KeySize, algorithm))
return new ECDsaCng(cngKey);
else
throw LogHelper.LogExceptionMessage(new ArgumentOutOfRangeException("key.KeySize", String.Format(CultureInfo.InvariantCulture, LogMessages.IDX10671, cngKey, ECDsaAlgorithm.DefaultECDsaKeySizeInBitsMap[algorithm], cngKey.KeySize)));
}
}
else
{
Marshal.Copy(keyBlobPtr, keyBlob, 0, keyBlob.Length);
using (CngKey cngKey = CngKey.Import(keyBlob, CngKeyBlobFormat.EccPublicBlob))
{
if (Utility.ValidateECDSAKeySize(cngKey.KeySize, algorithm))
return new ECDsaCng(cngKey);
else
throw LogHelper.LogExceptionMessage(new ArgumentOutOfRangeException("key.KeySize", String.Format(CultureInfo.InvariantCulture, LogMessages.IDX10671, cngKey, ECDsaAlgorithm.DefaultECDsaKeySizeInBitsMap[algorithm], cngKey.KeySize)));
}
}
}
finally
{
if (keyBlobHandle != null)
keyBlobHandle.Free();
}
}
