public override void Decrypt(X509Certificate2 certificate, byte[] senderNonce, string securityPolicyUri)
{
// handle no encryption.
if (String.IsNullOrEmpty(securityPolicyUri) || securityPolicyUri == SecurityPolicies.None)
{
m_decryptedPassword = new UTF8Encoding().GetString(m_password, 0, m_password.Length);
return;
}
// decrypt.
EncryptedData encryptedData = new EncryptedData();
encryptedData.Data = m_password;
encryptedData.Algorithm = m_encryptionAlgorithm;
byte[] decryptedPassword = SecurityPolicies.Decrypt(
certificate,
securityPolicyUri,
encryptedData);
if (decryptedPassword == null)
{
m_decryptedPassword = null;
return;
}
// verify the sender's nonce.
int startOfNonce = decryptedPassword.Length;
if (senderNonce != null)
{
startOfNonce -= senderNonce.Length;
for (int ii = 0; ii < senderNonce.Length; ii++)
{
if (senderNonce[ii] != decryptedPassword[ii+startOfNonce])
{
throw new ServiceResultException(StatusCodes.BadIdentityTokenRejected);
}
}
}
// convert to UTF-8.
m_decryptedPassword = new UTF8Encoding().GetString(decryptedPassword, 0, startOfNonce);
}
#endregion