//-----------------------------------------------------------------------
//
// Copyright (c) Andrew Arnott. All rights reserved.
//
//-----------------------------------------------------------------------
namespace DotNetOAuth.ChannelElements {
using System;
using System.Security.Cryptography;
using System.Text;
///
/// A binding element that signs outgoing messages and verifies the signature on incoming messages.
///
internal class RsaSha1SigningBindingElement : SigningBindingElementBase {
///
/// Initializes a new instance of the class
/// for use by Consumers.
///
internal RsaSha1SigningBindingElement()
: this(null) {
}
///
/// Initializes a new instance of the class.
///
///
/// The delegate that will initialize the non-serialized properties necessary on a signed
/// message so that its signature can be correctly calculated for verification.
/// May be null for Consumers (who never have to verify signatures).
///
internal RsaSha1SigningBindingElement(Action signatureVerificationCallback)
: base("RSA-SHA1", signatureVerificationCallback) {
}
///
/// Calculates a signature for a given message.
///
/// The message to sign.
/// The signature for the message.
///
/// This method signs the message per OAuth 1.0 section 9.3.
///
protected override string GetSignature(ITamperResistantOAuthMessage message) {
AsymmetricAlgorithm provider = new RSACryptoServiceProvider();
AsymmetricSignatureFormatter hasher = new RSAPKCS1SignatureFormatter(provider);
hasher.SetHashAlgorithm("SHA1");
byte[] digest = hasher.CreateSignature(Encoding.ASCII.GetBytes(ConstructSignatureBaseString(message)));
return Uri.EscapeDataString(Convert.ToBase64String(digest));
}
}
}