internal RSAParameters CreateRsaParameters() { if (N == null || E == null) throw LogHelper.LogExceptionMessage(new ArgumentException(String.Format(CultureInfo.InvariantCulture, LogMessages.IDX10700, this))); RSAParameters parameters = new RSAParameters(); if (D != null) parameters.D = Base64UrlEncoder.DecodeBytes(D); if (DP != null) parameters.DP = Base64UrlEncoder.DecodeBytes(DP); if (DQ != null) parameters.DQ = Base64UrlEncoder.DecodeBytes(DQ); if (QI != null) parameters.InverseQ = Base64UrlEncoder.DecodeBytes(QI); if (P != null) parameters.P = Base64UrlEncoder.DecodeBytes(P); if (Q != null) parameters.Q = Base64UrlEncoder.DecodeBytes(Q); parameters.Exponent = Base64UrlEncoder.DecodeBytes(E); parameters.Modulus = Base64UrlEncoder.DecodeBytes(N); return parameters; }
/// <summary> /// Called to obtain the byte[] needed to create a <see cref="KeyedHashAlgorithm"/> /// </summary> /// <param name="key"><see cref="SecurityKey"/>that will be used to obtain the byte[].</param> /// <returns><see cref="byte"/>[] that is used to populated the KeyedHashAlgorithm.</returns> /// <exception cref="ArgumentNullException">if key is null.</exception> /// <exception cref="ArgumentException">if a byte[] can not be obtained from SecurityKey.</exception> /// <remarks><see cref="SymmetricSecurityKey"/> and <see cref="JsonWebKey"/> are supported. /// <para>For a <see cref="SymmetricSecurityKey"/> .Key is returned</para> /// <para>For a <see cref="JsonWebKey"/>Base64UrlEncoder.DecodeBytes is called with <see cref="JsonWebKey.K"/> if <see cref="JsonWebKey.Kty"/> == JsonWebAlgorithmsKeyTypes.Octet</para> /// </remarks> protected virtual byte[] GetKeyBytes(SecurityKey key) { if (key == null) { LogHelper.LogArgumentNullException(nameof(key)); } SymmetricSecurityKey symmetricSecurityKey = key as SymmetricSecurityKey; if (symmetricSecurityKey != null) { return(symmetricSecurityKey.Key); } JsonWebKey jsonWebKey = key as JsonWebKey; if (jsonWebKey != null && jsonWebKey.K != null && jsonWebKey.Kty == JsonWebAlgorithmsKeyTypes.Octet) { return(Base64UrlEncoder.DecodeBytes(jsonWebKey.K)); } throw LogHelper.LogExceptionMessage(new ArgumentException(string.Format(CultureInfo.InvariantCulture, LogMessages.IDX10667, key))); }
/// <summary> /// Returns the JsonWebKeys as a <see cref="IList{SecurityKey}"/>. /// </summary> public IList <SecurityKey> GetSigningKeys() { List <SecurityKey> keys = new List <SecurityKey>(); for (int i = 0; i < Keys.Count; i++) { JsonWebKey webKey = Keys[i]; if (!StringComparer.Ordinal.Equals(webKey.Kty, JsonWebAlgorithmsKeyTypes.RSA)) { continue; } if ((string.IsNullOrWhiteSpace(webKey.Use) || (StringComparer.Ordinal.Equals(webKey.Use, JsonWebKeyUseNames.Sig)))) { if (webKey.X5c != null) { foreach (var certString in webKey.X5c) { try { // Add chaining SecurityKey key = new X509SecurityKey(new X509Certificate2(Convert.FromBase64String(certString))); key.KeyId = webKey.Kid; keys.Add(key); } catch (CryptographicException ex) { throw LogHelper.LogExceptionMessage(new InvalidOperationException(String.Format(CultureInfo.InvariantCulture, LogMessages.IDX10802, webKey.X5c[0]), ex)); } catch (FormatException fex) { throw LogHelper.LogExceptionMessage(new InvalidOperationException(String.Format(CultureInfo.InvariantCulture, LogMessages.IDX10802, webKey.X5c[0]), fex)); } } } if (!string.IsNullOrWhiteSpace(webKey.E) && !string.IsNullOrWhiteSpace(webKey.N)) { try { SecurityKey key = new RsaSecurityKey ( new RSAParameters { Exponent = Base64UrlEncoder.DecodeBytes(webKey.E), Modulus = Base64UrlEncoder.DecodeBytes(webKey.N), } ); key.KeyId = webKey.Kid; keys.Add(key); } catch (CryptographicException ex) { throw LogHelper.LogExceptionMessage(new InvalidOperationException(String.Format(CultureInfo.InvariantCulture, LogMessages.IDX10801, webKey.E, webKey.N), ex)); } catch (FormatException ex) { throw LogHelper.LogExceptionMessage(new InvalidOperationException(String.Format(CultureInfo.InvariantCulture, LogMessages.IDX10801, webKey.E, webKey.N), ex)); } } } } return(keys); }
internal ECDsaCng CreateECDsa(string algorithm, bool usePrivateKey) { if (Crv == null) throw LogHelper.LogArgumentNullException(nameof(Crv)); if (X == null) throw LogHelper.LogArgumentNullException(nameof(X)); if (Y == null) throw LogHelper.LogArgumentNullException(nameof(Y)); GCHandle keyBlobHandle = new GCHandle(); try { uint dwMagic = GetMagicValue(Crv, usePrivateKey); uint cbKey = GetKeyByteCount(Crv); byte[] keyBlob; #if NET45 if (usePrivateKey) keyBlob = new byte[3 * cbKey + 2 * Marshal.SizeOf(typeof(uint))]; else keyBlob = new byte[2 * cbKey + 2 * Marshal.SizeOf(typeof(uint))]; #else if (usePrivateKey) keyBlob = new byte[3 * cbKey + 2 * Marshal.SizeOf<uint>()]; else keyBlob = new byte[2 * cbKey + 2 * Marshal.SizeOf<uint>()]; #endif keyBlobHandle = GCHandle.Alloc(keyBlob, GCHandleType.Pinned); IntPtr keyBlobPtr = keyBlobHandle.AddrOfPinnedObject(); byte[] x = Base64UrlEncoder.DecodeBytes(X); byte[] y = Base64UrlEncoder.DecodeBytes(Y); Marshal.WriteInt64(keyBlobPtr, 0, dwMagic); Marshal.WriteInt64(keyBlobPtr, 4, cbKey); int index = 8; foreach (byte b in x) Marshal.WriteByte(keyBlobPtr, index++, b); foreach (byte b in y) Marshal.WriteByte(keyBlobPtr, index++, b); if (usePrivateKey) { if (D == null) throw LogHelper.LogArgumentNullException(nameof(D)); byte[] d = Base64UrlEncoder.DecodeBytes(D); foreach (byte b in d) Marshal.WriteByte(keyBlobPtr, index++, b); Marshal.Copy(keyBlobPtr, keyBlob, 0, keyBlob.Length); using (CngKey cngKey = CngKey.Import(keyBlob, CngKeyBlobFormat.EccPrivateBlob)) { if (Utility.ValidateECDSAKeySize(cngKey.KeySize, algorithm)) return new ECDsaCng(cngKey); else throw LogHelper.LogExceptionMessage(new ArgumentOutOfRangeException("key.KeySize", String.Format(CultureInfo.InvariantCulture, LogMessages.IDX10671, cngKey, ECDsaAlgorithm.DefaultECDsaKeySizeInBitsMap[algorithm], cngKey.KeySize))); } } else { Marshal.Copy(keyBlobPtr, keyBlob, 0, keyBlob.Length); using (CngKey cngKey = CngKey.Import(keyBlob, CngKeyBlobFormat.EccPublicBlob)) { if (Utility.ValidateECDSAKeySize(cngKey.KeySize, algorithm)) return new ECDsaCng(cngKey); else throw LogHelper.LogExceptionMessage(new ArgumentOutOfRangeException("key.KeySize", String.Format(CultureInfo.InvariantCulture, LogMessages.IDX10671, cngKey, ECDsaAlgorithm.DefaultECDsaKeySizeInBitsMap[algorithm], cngKey.KeySize))); } } } finally { if (keyBlobHandle != null) keyBlobHandle.Free(); } }