linux-packaging-mono/mcs/class/referencesource/System.IdentityModel/System/IdentityModel/Tokens/X509SecurityToken.cs

//------------------------------------------------------------
// Copyright (c) Microsoft Corporation.  All rights reserved.
//------------------------------------------------------------

namespace System.IdentityModel.Tokens
{
    using System.Collections.Generic;
    using System.Collections.ObjectModel;
    using System.Security.Cryptography.X509Certificates;

    public class X509SecurityToken : SecurityToken, IDisposable
    {
        string id;
        X509Certificate2 certificate;
        ReadOnlyCollection<SecurityKey> securityKeys;
        DateTime effectiveTime = SecurityUtils.MaxUtcDateTime;
        DateTime expirationTime = SecurityUtils.MinUtcDateTime;
        bool disposed = false;
        bool disposable;

        public X509SecurityToken(X509Certificate2 certificate)
            : this(certificate, SecurityUniqueId.Create().Value) 
        { 
        }

        public X509SecurityToken(X509Certificate2 certificate, string id)
            : this(certificate, id, true)
        {
        }

        internal X509SecurityToken(X509Certificate2 certificate, bool clone)
            : this(certificate, SecurityUniqueId.Create().Value, clone)
        {
        }

        internal X509SecurityToken(X509Certificate2 certificate, bool clone, bool disposable)
            : this(certificate, SecurityUniqueId.Create().Value, clone, disposable)
        {
        }

        internal X509SecurityToken(X509Certificate2 certificate, string id, bool clone)
            : this(certificate, id, clone, true)
        {
        }

        internal X509SecurityToken(X509Certificate2 certificate, string id, bool clone, bool disposable)
        {
            if (certificate == null)
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("certificate");
            if (id == null)
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("id");

            this.id = id;
            this.certificate = clone ? new X509Certificate2(certificate) : certificate;
            // if the cert needs to be cloned then the token owns the clone and should dispose it
            this.disposable = clone || disposable;
        }

        public override string Id
        {
            get { return this.id; }
        }

        public override ReadOnlyCollection<SecurityKey> SecurityKeys
        {
            get
            {
                ThrowIfDisposed();
                if (this.securityKeys == null)
                {
                    List<SecurityKey> temp = new List<SecurityKey>(1);
                    temp.Add(new X509AsymmetricSecurityKey(this.certificate));
                    this.securityKeys = temp.AsReadOnly();
                }
                return this.securityKeys;
            }
        }

        public override DateTime ValidFrom
        {
            get 
            {
                ThrowIfDisposed();
                if (this.effectiveTime == SecurityUtils.MaxUtcDateTime)
                    this.effectiveTime = this.certificate.NotBefore.ToUniversalTime();
                return this.effectiveTime;
            }
        }

        public override DateTime ValidTo
        {
            get 
            {
                ThrowIfDisposed();
                if (this.expirationTime == SecurityUtils.MinUtcDateTime)
                    this.expirationTime = this.certificate.NotAfter.ToUniversalTime();
                return this.expirationTime;
            }
        }

        public X509Certificate2 Certificate
        {
            get 
            {
                ThrowIfDisposed();
                return this.certificate;
            }
        }

        public override bool CanCreateKeyIdentifierClause<T>()
        {
            ThrowIfDisposed();
            if (typeof(T) == typeof(X509SubjectKeyIdentifierClause))
                return X509SubjectKeyIdentifierClause.CanCreateFrom(certificate);

            return typeof(T) == typeof(X509ThumbprintKeyIdentifierClause) ||
                   typeof(T) == typeof(X509IssuerSerialKeyIdentifierClause) ||
                   typeof(T) == typeof(X509RawDataKeyIdentifierClause) ||
                   base.CanCreateKeyIdentifierClause<T>();
        }

        public override T CreateKeyIdentifierClause<T>()
        {
            ThrowIfDisposed();
            if (typeof(T) == typeof(X509SubjectKeyIdentifierClause))
            {
                X509SubjectKeyIdentifierClause x509KeyIdentifierClause;
                if (X509SubjectKeyIdentifierClause.TryCreateFrom(certificate, out x509KeyIdentifierClause))
                    return x509KeyIdentifierClause as T;
            }
            else if (typeof(T) == typeof(X509ThumbprintKeyIdentifierClause))
            {
                return new X509ThumbprintKeyIdentifierClause(certificate) as T;
            }
            else if (typeof(T) == typeof(X509IssuerSerialKeyIdentifierClause))
            {
                return new X509IssuerSerialKeyIdentifierClause(certificate) as T;
            }
            else if (typeof(T) == typeof(X509RawDataKeyIdentifierClause))
            {
                return new X509RawDataKeyIdentifierClause(certificate) as T;
            }

            return base.CreateKeyIdentifierClause<T>();
        }

        public override bool MatchesKeyIdentifierClause(SecurityKeyIdentifierClause keyIdentifierClause)
        {
            ThrowIfDisposed();
            X509SubjectKeyIdentifierClause subjectKeyIdentifierClause = keyIdentifierClause as X509SubjectKeyIdentifierClause;
            if (subjectKeyIdentifierClause != null)
                return subjectKeyIdentifierClause.Matches(certificate);

            X509ThumbprintKeyIdentifierClause thumbprintKeyIdentifierClause = keyIdentifierClause as X509ThumbprintKeyIdentifierClause;
            if (thumbprintKeyIdentifierClause != null)
                return thumbprintKeyIdentifierClause.Matches(certificate);

            X509IssuerSerialKeyIdentifierClause issuerKeyIdentifierClause = keyIdentifierClause as X509IssuerSerialKeyIdentifierClause;
            if (issuerKeyIdentifierClause != null)
                return issuerKeyIdentifierClause.Matches(certificate);

            X509RawDataKeyIdentifierClause rawCertKeyIdentifierClause = keyIdentifierClause as X509RawDataKeyIdentifierClause;
            if (rawCertKeyIdentifierClause != null)
                return rawCertKeyIdentifierClause.Matches(certificate);

            return base.MatchesKeyIdentifierClause(keyIdentifierClause);
        }

        public virtual void Dispose()
        {
            if (this.disposable && !this.disposed)
            {
                this.disposed = true;
                this.certificate.Reset();
            }
        }

        protected void ThrowIfDisposed()
        {
            if (this.disposed)
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ObjectDisposedException(this.GetType().FullName));
            }
        }
    }
}
Imported Upstream version 4.6.0.125 Former-commit-id: a2155e9bd80020e49e72e86c44da02a8ac0e57a4 2016-08-03 10:59:49 +00:00			`//------------------------------------------------------------`
			`// Copyright (c) Microsoft Corporation. All rights reserved.`
			`//------------------------------------------------------------`

			`namespace System.IdentityModel.Tokens`
			`{`
			`using System.Collections.Generic;`
			`using System.Collections.ObjectModel;`
			`using System.Security.Cryptography.X509Certificates;`

			`public class X509SecurityToken : SecurityToken, IDisposable`
			`{`
			`string id;`
			`X509Certificate2 certificate;`
			`ReadOnlyCollection<SecurityKey> securityKeys;`
			`DateTime effectiveTime = SecurityUtils.MaxUtcDateTime;`
			`DateTime expirationTime = SecurityUtils.MinUtcDateTime;`
			`bool disposed = false;`
			`bool disposable;`

			`public X509SecurityToken(X509Certificate2 certificate)`
			`: this(certificate, SecurityUniqueId.Create().Value)`
			`{`
			`}`

			`public X509SecurityToken(X509Certificate2 certificate, string id)`
			`: this(certificate, id, true)`
			`{`
			`}`

			`internal X509SecurityToken(X509Certificate2 certificate, bool clone)`
			`: this(certificate, SecurityUniqueId.Create().Value, clone)`
			`{`
			`}`

			`internal X509SecurityToken(X509Certificate2 certificate, bool clone, bool disposable)`
			`: this(certificate, SecurityUniqueId.Create().Value, clone, disposable)`
			`{`
			`}`

			`internal X509SecurityToken(X509Certificate2 certificate, string id, bool clone)`
			`: this(certificate, id, clone, true)`
			`{`
			`}`

			`internal X509SecurityToken(X509Certificate2 certificate, string id, bool clone, bool disposable)`
			`{`
			`if (certificate == null)`
			`throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("certificate");`
			`if (id == null)`
			`throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("id");`

			`this.id = id;`
			`this.certificate = clone ? new X509Certificate2(certificate) : certificate;`
			`// if the cert needs to be cloned then the token owns the clone and should dispose it`
			`this.disposable = clone \|\| disposable;`
			`}`

			`public override string Id`
			`{`
			`get { return this.id; }`
			`}`

			`public override ReadOnlyCollection<SecurityKey> SecurityKeys`
			`{`
			`get`
			`{`
			`ThrowIfDisposed();`
			`if (this.securityKeys == null)`
			`{`
			`List<SecurityKey> temp = new List<SecurityKey>(1);`
			`temp.Add(new X509AsymmetricSecurityKey(this.certificate));`
			`this.securityKeys = temp.AsReadOnly();`
			`}`
			`return this.securityKeys;`
			`}`
			`}`

			`public override DateTime ValidFrom`
			`{`
			`get`
			`{`
			`ThrowIfDisposed();`
			`if (this.effectiveTime == SecurityUtils.MaxUtcDateTime)`
			`this.effectiveTime = this.certificate.NotBefore.ToUniversalTime();`
			`return this.effectiveTime;`
			`}`
			`}`

			`public override DateTime ValidTo`
			`{`
			`get`
			`{`
			`ThrowIfDisposed();`
			`if (this.expirationTime == SecurityUtils.MinUtcDateTime)`
			`this.expirationTime = this.certificate.NotAfter.ToUniversalTime();`
			`return this.expirationTime;`
			`}`
			`}`

			`public X509Certificate2 Certificate`
			`{`
			`get`
			`{`
			`ThrowIfDisposed();`
			`return this.certificate;`
			`}`
			`}`

			`public override bool CanCreateKeyIdentifierClause<T>()`
			`{`
			`ThrowIfDisposed();`
			`if (typeof(T) == typeof(X509SubjectKeyIdentifierClause))`
			`return X509SubjectKeyIdentifierClause.CanCreateFrom(certificate);`

			`return typeof(T) == typeof(X509ThumbprintKeyIdentifierClause) \|\|`
			`typeof(T) == typeof(X509IssuerSerialKeyIdentifierClause) \|\|`
			`typeof(T) == typeof(X509RawDataKeyIdentifierClause) \|\|`
			`base.CanCreateKeyIdentifierClause<T>();`
			`}`

			`public override T CreateKeyIdentifierClause<T>()`
			`{`
			`ThrowIfDisposed();`
			`if (typeof(T) == typeof(X509SubjectKeyIdentifierClause))`
			`{`
			`X509SubjectKeyIdentifierClause x509KeyIdentifierClause;`
			`if (X509SubjectKeyIdentifierClause.TryCreateFrom(certificate, out x509KeyIdentifierClause))`
			`return x509KeyIdentifierClause as T;`
			`}`
			`else if (typeof(T) == typeof(X509ThumbprintKeyIdentifierClause))`
			`{`
			`return new X509ThumbprintKeyIdentifierClause(certificate) as T;`
			`}`
			`else if (typeof(T) == typeof(X509IssuerSerialKeyIdentifierClause))`
			`{`
			`return new X509IssuerSerialKeyIdentifierClause(certificate) as T;`
			`}`
			`else if (typeof(T) == typeof(X509RawDataKeyIdentifierClause))`
			`{`
			`return new X509RawDataKeyIdentifierClause(certificate) as T;`
			`}`

			`return base.CreateKeyIdentifierClause<T>();`
			`}`

			`public override bool MatchesKeyIdentifierClause(SecurityKeyIdentifierClause keyIdentifierClause)`
			`{`
			`ThrowIfDisposed();`
			`X509SubjectKeyIdentifierClause subjectKeyIdentifierClause = keyIdentifierClause as X509SubjectKeyIdentifierClause;`
			`if (subjectKeyIdentifierClause != null)`
			`return subjectKeyIdentifierClause.Matches(certificate);`

			`X509ThumbprintKeyIdentifierClause thumbprintKeyIdentifierClause = keyIdentifierClause as X509ThumbprintKeyIdentifierClause;`
			`if (thumbprintKeyIdentifierClause != null)`
			`return thumbprintKeyIdentifierClause.Matches(certificate);`

			`X509IssuerSerialKeyIdentifierClause issuerKeyIdentifierClause = keyIdentifierClause as X509IssuerSerialKeyIdentifierClause;`
			`if (issuerKeyIdentifierClause != null)`
			`return issuerKeyIdentifierClause.Matches(certificate);`

			`X509RawDataKeyIdentifierClause rawCertKeyIdentifierClause = keyIdentifierClause as X509RawDataKeyIdentifierClause;`
			`if (rawCertKeyIdentifierClause != null)`
			`return rawCertKeyIdentifierClause.Matches(certificate);`

			`return base.MatchesKeyIdentifierClause(keyIdentifierClause);`
			`}`

			`public virtual void Dispose()`
			`{`
			`if (this.disposable && !this.disposed)`
			`{`
			`this.disposed = true;`
			`this.certificate.Reset();`
			`}`
			`}`

			`protected void ThrowIfDisposed()`
			`{`
			`if (this.disposed)`
			`{`
			`throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ObjectDisposedException(this.GetType().FullName));`
			`}`
			`}`
			`}`
			`}`