|
public static RsaPkcs15Sha256_Sign ( ArraySegment |
||
| dataToSign | ArraySegment |
|
| signingCertificate | ||
| return | byte[] | |
public static byte[] RsaPkcs15Sha256_Sign(
ArraySegment<byte> dataToSign,
X509Certificate2 signingCertificate)
{
// extract the private key.
using (RSA rsa = signingCertificate.GetRSAPrivateKey())
{
if (rsa == null)
{
throw ServiceResultException.Create(StatusCodes.BadSecurityChecksFailed, "No private key for certificate.");
}
// create the signature.
return rsa.SignData(dataToSign.Array, dataToSign.Offset, dataToSign.Count, HashAlgorithmName.SHA256, RSASignaturePadding.Pkcs1);
}
}
/// <summary>
/// Signs the data using the SecurityPolicyUri and returns the signature.
/// </summary>
public static SignatureData Sign(X509Certificate2 certificate, string securityPolicyUri, byte[] dataToSign)
{
SignatureData signatureData = new SignatureData();
// check if nothing to do.
if (dataToSign == null)
{
return(signatureData);
}
// nothing more to do if no encryption.
if (String.IsNullOrEmpty(securityPolicyUri))
{
return(signatureData);
}
// sign data.
switch (securityPolicyUri)
{
case SecurityPolicies.Basic256:
case SecurityPolicies.Basic128Rsa15:
{
signatureData.Algorithm = SecurityAlgorithms.RsaSha1;
signatureData.Signature = RsaUtils.RsaPkcs15Sha1_Sign(new ArraySegment <byte>(dataToSign), certificate);
break;
}
case SecurityPolicies.Basic256Sha256:
{
signatureData.Algorithm = SecurityAlgorithms.RsaSha256;
signatureData.Signature = RsaUtils.RsaPkcs15Sha256_Sign(new ArraySegment <byte>(dataToSign), certificate);
break;
}
case SecurityPolicies.None:
{
signatureData.Algorithm = null;
signatureData.Signature = null;
break;
}
default:
{
throw ServiceResultException.Create(
StatusCodes.BadSecurityPolicyRejected,
"Unsupported security policy: {0}",
securityPolicyUri);
}
}
return(signatureData);
}
