public static bool CheckSignedInfo(AsymmetricKeyParameter key, SignedXml signedXml, Signature m_signature)
        {
            if (key == null)
            {
                throw new ArgumentNullException(nameof(key));
            }

            SignedXmlDebugLog.LogBeginCheckSignedInfo(signedXml, m_signature.SignedInfo);

            ISigner signatureDescription = CryptoHelpers.CreateFromName <ISigner>(signedXml.SignatureMethod);

            if (signatureDescription == null)
            {
                throw new System.Security.Cryptography.CryptographicException(SR.Cryptography_Xml_SignatureDescriptionNotCreated);
            }

            try
            {
                signatureDescription.Init(false, key);
            }
            catch (Exception)
            {
                return(false);
            }

            CheckSignatureManager.GetC14NDigest(new SignerHashWrapper(signatureDescription), signedXml);

            return(signatureDescription.VerifySignature(m_signature.GetSignatureValue()));
        }
Beispiel #2
0
        internal static XmlElement DefaultGetIdElement(XmlDocument document, string idValue)
        {
            if (document == null)
            {
                return(null);
            }

            try
            {
                XmlConvert.VerifyNCName(idValue);
            }
            catch (XmlException)
            {
                return(null);
            }

            XmlElement elem = document.GetElementById(idValue);

            if (elem != null)
            {
                XmlDocument docClone  = (XmlDocument)document.CloneNode(true);
                XmlElement  cloneElem = docClone.GetElementById(idValue);
                System.Diagnostics.Debug.Assert(cloneElem != null);

                if (cloneElem != null)
                {
                    cloneElem.Attributes.RemoveAll();

                    XmlElement cloneElem2 = docClone.GetElementById(idValue);

                    if (cloneElem2 != null)
                    {
                        throw new System.Security.Cryptography.CryptographicException(
                                  SR.Cryptography_Xml_InvalidReference);
                    }
                }

                return(elem);
            }

            elem = CheckSignatureManager.GetSingleReferenceTarget(document, "Id", idValue);
            if (elem != null)
            {
                return(elem);
            }
            elem = CheckSignatureManager.GetSingleReferenceTarget(document, "id", idValue);
            if (elem != null)
            {
                return(elem);
            }
            elem = CheckSignatureManager.GetSingleReferenceTarget(document, "ID", idValue);

            return(elem);
        }
Beispiel #3
0
        public void ComputeSignature()
        {
            SignedXmlDebugLog.LogBeginSignatureComputation(this, _context);

            ReferenceManager.BuildDigestedReferences(this);

            AsymmetricKeyParameter key = SigningKey;

            if (key == null)
            {
                throw new System.Security.Cryptography.CryptographicException(SR.Cryptography_Xml_LoadKeyFailed);
            }

            if (SignedInfo.SignatureMethod == null)
            {
                if (key is DsaKeyParameters)
                {
                    SignedInfo.SignatureMethod = XmlNameSpace.Url[NS.XmlDsigDSAUrl];
                }
                else if (key is RsaKeyParameters)
                {
                    SignedInfo.SignatureMethod = XmlNameSpace.Url[NS.XmlDsigRSASHA256Url];
                }
                else
                {
                    throw new System.Security.Cryptography.CryptographicException(SR.Cryptography_Xml_CreatedKeyFailed);
                }
            }

            ISigner signatureDescription = CryptoHelpers.CreateFromName <ISigner>(SignedInfo.SignatureMethod);

            if (signatureDescription == null)
            {
                throw new System.Security.Cryptography.CryptographicException(SR.Cryptography_Xml_SignatureDescriptionNotCreated);
            }

            signatureDescription.Init(true, key);
            CheckSignatureManager.GetC14NDigest(new SignerHashWrapper(signatureDescription), this);

            SignedXmlDebugLog.LogSigning(this, key, signatureDescription);
            MSignature.SetSignatureValue(signatureDescription.GenerateSignature());
        }
Beispiel #4
0
        public void ComputeSignature(IMac macAlg)
        {
            if (macAlg == null)
            {
                throw new ArgumentNullException(nameof(macAlg));
            }

            if (!(macAlg is HMac))
            {
                throw new System.Security.Cryptography.CryptographicException(SR.Cryptography_Xml_SignatureMethodKeyMismatch);
            }

            int signatureLength;

            if (MSignature.SignedInfo.SignatureLength == null)
            {
                signatureLength = macAlg.GetMacSize() * 8;
            }
            else
            {
                signatureLength = Convert.ToInt32(MSignature.SignedInfo.SignatureLength, null);
            }
            if (signatureLength < 0 || signatureLength > macAlg.GetMacSize() * 8)
            {
                throw new System.Security.Cryptography.CryptographicException(SR.Cryptography_Xml_InvalidSignatureLength);
            }
            if (signatureLength % 8 != 0)
            {
                throw new System.Security.Cryptography.CryptographicException(SR.Cryptography_Xml_InvalidSignatureLength2);
            }

            ReferenceManager.BuildDigestedReferences(this);

            var algorithmName       = macAlg.AlgorithmName.Substring(0, macAlg.AlgorithmName.IndexOf('/')).ToUpperInvariant();
            var signedXmlDictionary = new Dictionary <string, NS>()
            {
                { "SHA-1", NS.XmlDsigHMACSHA1Url },
                { "SHA-256", NS.XmlDsigMoreHMACSHA256Url },
                { "SHA-384", NS.XmlDsigMoreHMACSHA384Url },
                { "SHA-512", NS.XmlDsigMoreHMACSHA512Url },
                { "MD5", NS.XmlDsigMoreHMACMD5Url },
                { "RIPEMD160", NS.XmlDsigMoreHMACRIPEMD160Url }
            };

            try
            {
                SignedInfo.SignatureMethod = XmlNameSpace.Url[signedXmlDictionary[algorithmName]];
            }
            catch (Exception)
            {
                throw new System.Security.Cryptography.CryptographicException(SR.Cryptography_Xml_SignatureMethodKeyMismatch);
            }

            CheckSignatureManager.GetC14NDigest(new MacHashWrapper(macAlg), this);
            byte[] hashValue = new byte[macAlg.GetMacSize()];
            macAlg.DoFinal(hashValue, 0);

            SignedXmlDebugLog.LogSigning(this, macAlg);
            MSignature.SetSignatureValue(new byte[signatureLength / 8]);
            Buffer.BlockCopy(hashValue, 0, MSignature.GetSignatureValue(), 0, signatureLength / 8);
        }