File: System\IdentityModel\Tokens\X509SubjectKeyIdentifierClause.cs
Project: ndp\cdf\src\WCF\IdentityModel\System.IdentityModel.csproj (System.IdentityModel)
//------------------------------------------------------------
// Copyright (c) Microsoft Corporation.  All rights reserved.
//------------------------------------------------------------
 
namespace System.IdentityModel.Tokens
{
    using System.Globalization;
    using System.Security.Cryptography.X509Certificates;
 
    public class X509SubjectKeyIdentifierClause : BinaryKeyIdentifierClause
    {
        const string SubjectKeyIdentifierOid = "2.5.29.14";
        const int SkiDataOffset = 2;
 
        public X509SubjectKeyIdentifierClause(byte[] ski)
            : this(ski, true)
        {
        }
 
        internal X509SubjectKeyIdentifierClause(byte[] ski, bool cloneBuffer)
            : base(null, ski, cloneBuffer)
        {
        }
 
        static byte[] GetSkiRawData(X509Certificate2 certificate)
        {
            if (certificate == null)
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("certificate");
 
            X509SubjectKeyIdentifierExtension skiExtension =
                certificate.Extensions[SubjectKeyIdentifierOid] as X509SubjectKeyIdentifierExtension;
            if (skiExtension != null)
            {
                return skiExtension.RawData;
            }
            else
            {
                return null;
            }
        }
 
        public byte[] GetX509SubjectKeyIdentifier()
        {
            return GetBuffer();
        }
 
        public bool Matches(X509Certificate2 certificate)
        {
            if (certificate == null)
                return false;
 
            byte[] data = GetSkiRawData(certificate);
            return data != null && Matches(data, SkiDataOffset);
        }
 
        public static bool TryCreateFrom(X509Certificate2 certificate, out X509SubjectKeyIdentifierClause keyIdentifierClause)
        {
            byte[] data = GetSkiRawData(certificate);
            keyIdentifierClause = null;
            if (data != null)
            {
                byte[] ski = SecurityUtils.CloneBuffer(data, SkiDataOffset, data.Length - SkiDataOffset);
                keyIdentifierClause = new X509SubjectKeyIdentifierClause(ski, false);
            }
            return keyIdentifierClause != null;
        }
 
        public static bool CanCreateFrom(X509Certificate2 certificate)
        {
            return null != GetSkiRawData(certificate);
        }
 
        public override string ToString()
        {
            return string.Format(CultureInfo.InvariantCulture, "X509SubjectKeyIdentifierClause(SKI = 0x{0})", ToHexString());
        }
    }
}