public override void LoadInnerXml(XmlNodeList nodeList) { if (nodeList != null) { foreach (XmlNode n in nodeList) { XmlElement e = n as XmlElement; if (e != null) { if (e.LocalName.Equals("InclusiveNamespaces") && e.NamespaceURI.Equals(SignedXml.XmlDsigExcC14NTransformUrl) && Utils.HasAttribute(e, "PrefixList", SignedXml.XmlDsigNamespaceUrl)) { if (!Utils.VerifyAttributes(e, "PrefixList")) { throw new System.Security.Cryptography.CryptographicException(SR.Cryptography_Xml_UnknownTransform); } this.InclusiveNamespacesPrefixList = Utils.GetAttribute(e, "PrefixList", SignedXml.XmlDsigNamespaceUrl); return; } else { throw new System.Security.Cryptography.CryptographicException(SR.Cryptography_Xml_UnknownTransform); } } } } }
internal void LoadXml(XmlElement value) { if (value == null) { throw new ArgumentNullException(nameof(value)); } XmlNamespaceManager nsm = new XmlNamespaceManager(value.OwnerDocument.NameTable); nsm.AddNamespace("ds", SignedXml.XmlDsigNamespaceUrl); XmlNodeList transformNodes = value.SelectNodes("ds:Transform", nsm); if (transformNodes.Count == 0) { throw new System.Security.Cryptography.CryptographicException(SR.Cryptography_Xml_InvalidElement, "Transforms"); } _transforms.Clear(); for (int i = 0; i < transformNodes.Count; ++i) { XmlElement transformElement = (XmlElement)transformNodes.Item(i); string algorithm = Utils.GetAttribute(transformElement, "Algorithm", SignedXml.XmlDsigNamespaceUrl); Transform transform = CryptoHelpers.CreateFromName <Transform>(algorithm); if (transform == null) { throw new System.Security.Cryptography.CryptographicException(SR.Cryptography_Xml_UnknownTransform); } // let the transform read the children of the transformElement for data transform.LoadInnerXml(transformElement.ChildNodes); _transforms.Add(transform); } }
public override void LoadInnerXml(XmlNodeList nodeList) { if (nodeList == null) { throw new System.Security.Cryptography.CryptographicException(SR.Cryptography_Xml_UnknownTransform); } ExceptUris.Clear(); foreach (XmlNode node in nodeList) { XmlElement elem = node as XmlElement; if (elem != null) { if (elem.LocalName == "Except" && elem.NamespaceURI == XmlDecryptionTransformNamespaceUrl) { // the Uri is required string uri = Utils.GetAttribute(elem, "URI", XmlDecryptionTransformNamespaceUrl); if (uri == null || uri.Length == 0 || uri[0] != '#') { throw new System.Security.Cryptography.CryptographicException(SR.Cryptography_Xml_UriRequired); } if (!Utils.VerifyAttributes(elem, "URI")) { throw new System.Security.Cryptography.CryptographicException(SR.Cryptography_Xml_UnknownTransform); } string idref = Utils.ExtractIdFromLocalUri(uri); ExceptUris.Add(idref); } else { throw new System.Security.Cryptography.CryptographicException(SR.Cryptography_Xml_UnknownTransform); } } } }
public override void LoadXml(XmlElement value) { if (value == null) { throw new ArgumentNullException("value"); } ReferenceType = value.LocalName; string uri = Utils.GetAttribute(value, "URI", EncryptedXml.XmlEncNamespaceUrl); if (uri == null) { throw new System.Security.Cryptography.CryptographicException(SR.Cryptography_Xml_UriRequired); } Uri = uri; // Transforms XmlNamespaceManager nsm = new XmlNamespaceManager(value.OwnerDocument.NameTable); nsm.AddNamespace("enc", EncryptedXml.XmlEncNamespaceUrl); XmlNode transformsNode = value.SelectSingleNode("enc:Transforms", nsm); if (transformsNode != null) { TransformChain.LoadXml(transformsNode as XmlElement); } // cache the Xml _cachedXml = value; }
public void LoadXml(XmlElement value) { if (value == null) { throw new ArgumentNullException("value"); } XmlNamespaceManager nsm = new XmlNamespaceManager(value.OwnerDocument.NameTable); nsm.AddNamespace("enc", EncryptedXml.XmlEncNamespaceUrl); XmlElement encryptionMethodElement = value; _algorithm = Utils.GetAttribute(encryptionMethodElement, "Algorithm", EncryptedXml.XmlEncNamespaceUrl); XmlNode keySizeNode = value.SelectSingleNode("enc:KeySize", nsm); if (keySizeNode != null) { KeySize = Convert.ToInt32(Utils.DiscardWhiteSpaces(keySizeNode.InnerText), null); } // Save away the cached value _cachedXml = value; }
public void LoadXml(XmlElement value) { if (value == null) { throw new ArgumentNullException(nameof(value)); } XmlElement keyInfoElement = value; _id = Utils.GetAttribute(keyInfoElement, "Id", SignedXml.XmlDsigNamespaceUrl); if (!Utils.VerifyAttributes(keyInfoElement, "Id")) { throw new System.Security.Cryptography.CryptographicException(SR.Cryptography_Xml_InvalidElement, "KeyInfo"); } XmlNode child = keyInfoElement.FirstChild; while (child != null) { XmlElement elem = child as XmlElement; if (elem != null) { // Create the right type of KeyInfoClause; we use a combination of the namespace and tag name (local name) string kicString = elem.NamespaceURI + " " + elem.LocalName; // Special-case handling for KeyValue -- we have to go one level deeper if (kicString == "http://www.w3.org/2000/09/xmldsig# KeyValue") { if (!Utils.VerifyAttributes(elem, (string[])null)) { throw new System.Security.Cryptography.CryptographicException(SR.Cryptography_Xml_InvalidElement, "KeyInfo/KeyValue"); } XmlNodeList nodeList2 = elem.ChildNodes; foreach (XmlNode node2 in nodeList2) { XmlElement elem2 = node2 as XmlElement; if (elem2 != null) { kicString += "/" + elem2.LocalName; break; } } } KeyInfoClause keyInfoClause = CryptoHelpers.CreateFromName <KeyInfoClause>(kicString); // if we don't know what kind of KeyInfoClause we're looking at, use a generic KeyInfoNode: if (keyInfoClause == null) { keyInfoClause = new KeyInfoNode(); } // Ask the create clause to fill itself with the corresponding XML keyInfoClause.LoadXml(elem); // Add it to our list of KeyInfoClauses AddClause(keyInfoClause); } child = child.NextSibling; } }
public override void LoadXml(XmlElement value) { if (value == null) { throw new ArgumentNullException(nameof(value)); } _uri = Utils.GetAttribute(value, "URI", SignedXml.XmlDsigNamespaceUrl); _type = Utils.GetAttribute(value, "Type", SignedXml.XmlDsigNamespaceUrl); }
public override void LoadXml(XmlElement value) { if (value == null) { throw new ArgumentNullException("value"); } XmlElement retrievalMethodElement = value; _uri = Utils.GetAttribute(value, "URI", SignedXml.XmlDsigNamespaceUrl); _type = Utils.GetAttribute(value, "Type", SignedXml.XmlDsigNamespaceUrl); }
public void LoadXml(XmlElement value) { if (value == null) { throw new ArgumentNullException(nameof(value)); } if (value.LocalName != "EncryptionProperty" || value.NamespaceURI != EncryptedXml.XmlEncNamespaceUrl) { throw new System.Security.Cryptography.CryptographicException(SR.Cryptography_Xml_InvalidEncryptionProperty); } // cache the Xml _cachedXml = value; _id = Utils.GetAttribute(value, "Id", EncryptedXml.XmlEncNamespaceUrl); _target = Utils.GetAttribute(value, "Target", EncryptedXml.XmlEncNamespaceUrl); _elemProp = value; }
public override void LoadInnerXml(XmlNodeList nodeList) { if (nodeList != null) { foreach (XmlNode n in nodeList) { XmlElement e = n as XmlElement; if (e != null && e.LocalName.Equals("InclusiveNamespaces") && e.NamespaceURI.Equals(SignedXml.XmlDsigExcC14NTransformUrl) && Utils.HasAttribute(e, "PrefixList", SignedXml.XmlDsigNamespaceUrl)) { InclusiveNamespacesPrefixList = Utils.GetAttribute(e, "PrefixList", SignedXml.XmlDsigNamespaceUrl); return; } } } }
public void LoadXml(XmlElement value) { if (value == null) { throw new ArgumentNullException(nameof(value)); } _id = Utils.GetAttribute(value, "Id", SignedXml.XmlDsigNamespaceUrl); _mimeType = Utils.GetAttribute(value, "MimeType", SignedXml.XmlDsigNamespaceUrl); _encoding = Utils.GetAttribute(value, "Encoding", SignedXml.XmlDsigNamespaceUrl); foreach (XmlNode node in value.ChildNodes) { _elData.Add(node); } // Save away the cached value _cachedXml = value; }
public virtual void LoadXml(XmlElement value) { if (value == null) { throw new ArgumentNullException("value"); } ReferenceType = value.LocalName; Uri = Utils.GetAttribute(value, "URI", EncryptedXml.XmlEncNamespaceUrl); // Transforms XmlNamespaceManager nsm = new XmlNamespaceManager(value.OwnerDocument.NameTable); nsm.AddNamespace("ds", SignedXml.XmlDsigNamespaceUrl); XmlNode transformsNode = value.SelectSingleNode("ds:Transforms", nsm); if (transformsNode != null) { TransformChain.LoadXml(transformsNode as XmlElement); } // cache the Xml _cachedXml = value; }
public override void LoadXml(XmlElement value) { if (value == null) { throw new ArgumentNullException("value"); } XmlNamespaceManager nsm = new XmlNamespaceManager(value.OwnerDocument.NameTable); nsm.AddNamespace("enc", EncryptedXml.XmlEncNamespaceUrl); nsm.AddNamespace("ds", SignedXml.XmlDsigNamespaceUrl); Id = Utils.GetAttribute(value, "Id", EncryptedXml.XmlEncNamespaceUrl); Type = Utils.GetAttribute(value, "Type", EncryptedXml.XmlEncNamespaceUrl); MimeType = Utils.GetAttribute(value, "MimeType", EncryptedXml.XmlEncNamespaceUrl); Encoding = Utils.GetAttribute(value, "Encoding", EncryptedXml.XmlEncNamespaceUrl); XmlNode encryptionMethodNode = value.SelectSingleNode("enc:EncryptionMethod", nsm); // EncryptionMethod EncryptionMethod = new EncryptionMethod(); if (encryptionMethodNode != null) { EncryptionMethod.LoadXml(encryptionMethodNode as XmlElement); } // Key Info KeyInfo = new KeyInfo(); XmlNode keyInfoNode = value.SelectSingleNode("ds:KeyInfo", nsm); if (keyInfoNode != null) { KeyInfo.LoadXml(keyInfoNode as XmlElement); } // CipherData XmlNode cipherDataNode = value.SelectSingleNode("enc:CipherData", nsm); if (cipherDataNode == null) { throw new CryptographicException(SR.Cryptography_Xml_MissingCipherData); } CipherData = new CipherData(); CipherData.LoadXml(cipherDataNode as XmlElement); // EncryptionProperties XmlNode encryptionPropertiesNode = value.SelectSingleNode("enc:EncryptionProperties", nsm); if (encryptionPropertiesNode != null) { // Select the EncryptionProperty elements inside the EncryptionProperties element XmlNodeList encryptionPropertyNodes = encryptionPropertiesNode.SelectNodes("enc:EncryptionProperty", nsm); if (encryptionPropertyNodes != null) { foreach (XmlNode node in encryptionPropertyNodes) { EncryptionProperty ep = new EncryptionProperty(); ep.LoadXml(node as XmlElement); EncryptionProperties.Add(ep); } } } // Save away the cached value _cachedXml = value; }
public void LoadXml(XmlElement value) { if (value == null) { throw new ArgumentNullException("value"); } // SignedInfo XmlElement signedInfoElement = value; if (!signedInfoElement.LocalName.Equals("SignedInfo")) { throw new System.Security.Cryptography.CryptographicException(SR.Cryptography_Xml_InvalidElement, "SignedInfo"); } XmlNamespaceManager nsm = new XmlNamespaceManager(value.OwnerDocument.NameTable); nsm.AddNamespace("ds", SignedXml.XmlDsigNamespaceUrl); int expectedChildNodes = 0; // Id attribute -- optional _id = Utils.GetAttribute(signedInfoElement, "Id", SignedXml.XmlDsigNamespaceUrl); if (!Utils.VerifyAttributes(signedInfoElement, "Id")) { throw new System.Security.Cryptography.CryptographicException(SR.Cryptography_Xml_InvalidElement, "SignedInfo"); } // CanonicalizationMethod -- must be present XmlNodeList canonicalizationMethodNodes = signedInfoElement.SelectNodes("ds:CanonicalizationMethod", nsm); if (canonicalizationMethodNodes == null || canonicalizationMethodNodes.Count == 0 || canonicalizationMethodNodes.Count > 1) { throw new System.Security.Cryptography.CryptographicException(SR.Cryptography_Xml_InvalidElement, "SignedInfo/CanonicalizationMethod"); } XmlElement canonicalizationMethodElement = canonicalizationMethodNodes.Item(0) as XmlElement; expectedChildNodes += canonicalizationMethodNodes.Count; _canonicalizationMethod = Utils.GetAttribute(canonicalizationMethodElement, "Algorithm", SignedXml.XmlDsigNamespaceUrl); if (_canonicalizationMethod == null || !Utils.VerifyAttributes(canonicalizationMethodElement, "Algorithm")) { throw new System.Security.Cryptography.CryptographicException(SR.Cryptography_Xml_InvalidElement, "SignedInfo/CanonicalizationMethod"); } _canonicalizationMethodTransform = null; if (canonicalizationMethodElement.ChildNodes.Count > 0) { CanonicalizationMethodObject.LoadInnerXml(canonicalizationMethodElement.ChildNodes); } // SignatureMethod -- must be present XmlNodeList signatureMethodNodes = signedInfoElement.SelectNodes("ds:SignatureMethod", nsm); if (signatureMethodNodes == null || signatureMethodNodes.Count == 0 || signatureMethodNodes.Count > 1) { throw new System.Security.Cryptography.CryptographicException(SR.Cryptography_Xml_InvalidElement, "SignedInfo/SignatureMethod"); } XmlElement signatureMethodElement = signatureMethodNodes.Item(0) as XmlElement; expectedChildNodes += signatureMethodNodes.Count; _signatureMethod = Utils.GetAttribute(signatureMethodElement, "Algorithm", SignedXml.XmlDsigNamespaceUrl); if (_signatureMethod == null || !Utils.VerifyAttributes(signatureMethodElement, "Algorithm")) { throw new System.Security.Cryptography.CryptographicException(SR.Cryptography_Xml_InvalidElement, "SignedInfo/SignatureMethod"); } // Now get the output length if we are using a MAC algorithm XmlElement signatureLengthElement = signatureMethodElement.SelectSingleNode("ds:HMACOutputLength", nsm) as XmlElement; if (signatureLengthElement != null) { _signatureLength = signatureLengthElement.InnerXml; } // flush out any reference that was there _references.Clear(); // Reference - 0 or more XmlNodeList referenceNodes = signedInfoElement.SelectNodes("ds:Reference", nsm); if (referenceNodes != null) { if (referenceNodes.Count > Utils.MaxReferencesPerSignedInfo) { throw new System.Security.Cryptography.CryptographicException(SR.Cryptography_Xml_InvalidElement, "SignedInfo/Reference"); } foreach (XmlNode node in referenceNodes) { XmlElement referenceElement = node as XmlElement; Reference reference = new Reference(); AddReference(reference); reference.LoadXml(referenceElement); } expectedChildNodes += referenceNodes.Count; // Verify that there aren't any extra nodes that aren't allowed if (signedInfoElement.SelectNodes("*").Count != expectedChildNodes) { throw new System.Security.Cryptography.CryptographicException(SR.Cryptography_Xml_InvalidElement, "SignedInfo"); } } // Save away the cached value _cachedXml = signedInfoElement; }
public override void LoadXml(XmlElement value) { if (value == null) { throw new ArgumentNullException("value"); } XmlNamespaceManager nsm = new XmlNamespaceManager(value.OwnerDocument.NameTable); nsm.AddNamespace("enc", EncryptedXml.XmlEncNamespaceUrl); nsm.AddNamespace("ds", SignedXml.XmlDsigNamespaceUrl); Id = Utils.GetAttribute(value, "Id", EncryptedXml.XmlEncNamespaceUrl); Type = Utils.GetAttribute(value, "Type", EncryptedXml.XmlEncNamespaceUrl); MimeType = Utils.GetAttribute(value, "MimeType", EncryptedXml.XmlEncNamespaceUrl); Encoding = Utils.GetAttribute(value, "Encoding", EncryptedXml.XmlEncNamespaceUrl); Recipient = Utils.GetAttribute(value, "Recipient", EncryptedXml.XmlEncNamespaceUrl); XmlNode encryptionMethodNode = value.SelectSingleNode("enc:EncryptionMethod", nsm); // EncryptionMethod EncryptionMethod = new EncryptionMethod(); if (encryptionMethodNode != null) { EncryptionMethod.LoadXml(encryptionMethodNode as XmlElement); } // Key Info KeyInfo = new KeyInfo(); XmlNode keyInfoNode = value.SelectSingleNode("ds:KeyInfo", nsm); if (keyInfoNode != null) { KeyInfo.LoadXml(keyInfoNode as XmlElement); } // CipherData XmlNode cipherDataNode = value.SelectSingleNode("enc:CipherData", nsm); if (cipherDataNode == null) { throw new System.Security.Cryptography.CryptographicException(SR.Cryptography_Xml_MissingCipherData); } CipherData = new CipherData(); CipherData.LoadXml(cipherDataNode as XmlElement); // EncryptionProperties XmlNode encryptionPropertiesNode = value.SelectSingleNode("enc:EncryptionProperties", nsm); if (encryptionPropertiesNode != null) { // Select the EncryptionProperty elements inside the EncryptionProperties element XmlNodeList encryptionPropertyNodes = encryptionPropertiesNode.SelectNodes("enc:EncryptionProperty", nsm); if (encryptionPropertyNodes != null) { foreach (XmlNode node in encryptionPropertyNodes) { EncryptionProperty ep = new EncryptionProperty(); ep.LoadXml(node as XmlElement); EncryptionProperties.Add(ep); } } } // CarriedKeyName XmlNode carriedKeyNameNode = value.SelectSingleNode("enc:CarriedKeyName", nsm); if (carriedKeyNameNode != null) { CarriedKeyName = carriedKeyNameNode.InnerText; } // ReferenceList XmlNode referenceListNode = value.SelectSingleNode("enc:ReferenceList", nsm); if (referenceListNode != null) { // Select the DataReference elements inside the ReferenceList element XmlNodeList dataReferenceNodes = referenceListNode.SelectNodes("enc:DataReference", nsm); if (dataReferenceNodes != null) { foreach (XmlNode node in dataReferenceNodes) { DataReference dr = new DataReference(); dr.LoadXml(node as XmlElement); ReferenceList.Add(dr); } } // Select the KeyReference elements inside the ReferenceList element XmlNodeList keyReferenceNodes = referenceListNode.SelectNodes("enc:KeyReference", nsm); if (keyReferenceNodes != null) { foreach (XmlNode node in keyReferenceNodes) { KeyReference kr = new KeyReference(); kr.LoadXml(node as XmlElement); ReferenceList.Add(kr); } } } // Save away the cached value _cachedXml = value; }
// What we want to do is pump the input throug the TransformChain and then // hash the output of the chain document is the document context for resolving relative references internal byte[] CalculateHashValue(XmlDocument document, CanonicalXmlNodeList refList) { // refList is a list of elements that might be targets of references // Now's the time to create our hashing algorithm IDigest digest = CryptoHelpers.CreateFromName <IDigest>(_digestMethod); if (digest == null) { IMac mac = CryptoHelpers.CreateFromName <IMac>(_digestMethod); if (mac == null) { throw new System.Security.Cryptography.CryptographicException(SR.Cryptography_Xml_CreateHashAlgorithmFailed); } // For compatibility to corefx' HMAC implementation byte[] randomKey = Utils.GenerateRandomBlock(mac.GetMacSize()); mac.Init(new KeyParameter(randomKey)); _hashAlgorithm = new MacHashWrapper(mac); } else { _hashAlgorithm = new DigestHashWrapper(digest); } // Let's go get the target. string baseUri = (document == null ? System.Environment.CurrentDirectory + "\\" : document.BaseURI); Stream hashInputStream = null; WebResponse response = null; Stream inputStream = null; XmlResolver resolver = null; _hashval = null; try { switch (_refTargetType) { case ReferenceTargetType.Stream: // This is the easiest case. We already have a stream, so just pump it through the TransformChain resolver = (SignedXml.ResolverSet ? SignedXml._xmlResolver : new XmlSecureResolver(new XmlUrlResolver(), baseUri)); hashInputStream = TransformChain.TransformToOctetStream((Stream)_refTarget, resolver, baseUri); break; case ReferenceTargetType.UriReference: // Second-easiest case -- dereference the URI & pump through the TransformChain // handle the special cases where the URI is null (meaning whole doc) // or the URI is just a fragment (meaning a reference to an embedded Object) if (_uri == null) { // We need to create a DocumentNavigator out of the XmlElement resolver = (SignedXml.ResolverSet ? SignedXml._xmlResolver : new XmlSecureResolver(new XmlUrlResolver(), baseUri)); // In the case of a Uri-less reference, we will simply pass null to the transform chain. // The first transform in the chain is expected to know how to retrieve the data to hash. hashInputStream = TransformChain.TransformToOctetStream((Stream)null, resolver, baseUri); } else if (_uri.Length == 0) { // This is the self-referential case. First, check that we have a document context. // The Enveloped Signature does not discard comments as per spec; those will be omitted during the transform chain process if (document == null) { throw new System.Security.Cryptography.CryptographicException(string.Format(CultureInfo.CurrentCulture, SR.Cryptography_Xml_SelfReferenceRequiresContext, _uri)); } // Normalize the containing document resolver = (SignedXml.ResolverSet ? SignedXml._xmlResolver : new XmlSecureResolver(new XmlUrlResolver(), baseUri)); XmlDocument docWithNoComments = Utils.DiscardComments(Utils.PreProcessDocumentInput(document, resolver, baseUri)); hashInputStream = TransformChain.TransformToOctetStream(docWithNoComments, resolver, baseUri); } else if (_uri[0] == '#') { // If we get here, then we are constructing a Reference to an embedded DataObject // referenced by an Id = attribute. Go find the relevant object bool discardComments = true; string idref = Utils.GetIdFromLocalUri(_uri, out discardComments); if (idref == "xpointer(/)") { // This is a self referencial case if (document == null) { throw new System.Security.Cryptography.CryptographicException(string.Format(CultureInfo.CurrentCulture, SR.Cryptography_Xml_SelfReferenceRequiresContext, _uri)); } // We should not discard comments here!!! resolver = (SignedXml.ResolverSet ? SignedXml._xmlResolver : new XmlSecureResolver(new XmlUrlResolver(), baseUri)); hashInputStream = TransformChain.TransformToOctetStream(Utils.PreProcessDocumentInput(document, resolver, baseUri), resolver, baseUri); break; } XmlElement elem = SignedXml.GetIdElement(document, idref); if (elem != null) { _namespaces = Utils.GetPropagatedAttributes(elem.ParentNode as XmlElement); } if (elem == null) { // Go throw the referenced items passed in if (refList != null) { foreach (XmlNode node in refList) { XmlElement tempElem = node as XmlElement; if ((tempElem != null) && (Utils.HasAttribute(tempElem, "Id", SignedXml.XmlDsigNamespaceUrl)) && (Utils.GetAttribute(tempElem, "Id", SignedXml.XmlDsigNamespaceUrl).Equals(idref))) { elem = tempElem; if (_signedXml._context != null) { _namespaces = Utils.GetPropagatedAttributes(_signedXml._context); } break; } } } } if (elem == null) { throw new System.Security.Cryptography.CryptographicException(SR.Cryptography_Xml_InvalidReference); } XmlDocument normDocument = Utils.PreProcessElementInput(elem, resolver, baseUri); // Add the propagated attributes Utils.AddNamespaces(normDocument.DocumentElement, _namespaces); resolver = (SignedXml.ResolverSet ? SignedXml._xmlResolver : new XmlSecureResolver(new XmlUrlResolver(), baseUri)); if (discardComments) { // We should discard comments before going into the transform chain XmlDocument docWithNoComments = Utils.DiscardComments(normDocument); hashInputStream = TransformChain.TransformToOctetStream(docWithNoComments, resolver, baseUri); } else { // This is an XPointer reference, do not discard comments!!! hashInputStream = TransformChain.TransformToOctetStream(normDocument, resolver, baseUri); } } else { throw new System.Security.Cryptography.CryptographicException(SR.Cryptography_Xml_UriNotResolved, _uri); } break; case ReferenceTargetType.XmlElement: // We need to create a DocumentNavigator out of the XmlElement resolver = (SignedXml.ResolverSet ? SignedXml._xmlResolver : new XmlSecureResolver(new XmlUrlResolver(), baseUri)); hashInputStream = TransformChain.TransformToOctetStream(Utils.PreProcessElementInput((XmlElement)_refTarget, resolver, baseUri), resolver, baseUri); break; default: throw new System.Security.Cryptography.CryptographicException(SR.Cryptography_Xml_UriNotResolved, _uri); } // Compute the new hash value hashInputStream = SignedXmlDebugLog.LogReferenceData(this, hashInputStream); // Default the buffer size to 4K. byte[] buffer = new byte[4096]; int bytesRead; _hashAlgorithm.Reset(); while ((bytesRead = hashInputStream.Read(buffer, 0, buffer.Length)) > 0) { _hashAlgorithm.BlockUpdate(buffer, 0, bytesRead); } _hashval = new byte[_hashAlgorithm.GetHashSize()]; _hashAlgorithm.DoFinal(_hashval, 0); } finally { if (hashInputStream != null) { hashInputStream.Close(); } if (response != null) { response.Close(); } if (inputStream != null) { inputStream.Close(); } } return(_hashval); }
public void LoadXml(XmlElement value) { if (value == null) { throw new ArgumentNullException(nameof(value)); } _id = Utils.GetAttribute(value, "Id", SignedXml.XmlDsigNamespaceUrl); _uri = Utils.GetAttribute(value, "URI", SignedXml.XmlDsigNamespaceUrl); _type = Utils.GetAttribute(value, "Type", SignedXml.XmlDsigNamespaceUrl); if (!Utils.VerifyAttributes(value, new string[] { "Id", "URI", "Type" })) { throw new System.Security.Cryptography.CryptographicException(SR.Cryptography_Xml_InvalidElement, "Reference"); } XmlNamespaceManager nsm = new XmlNamespaceManager(value.OwnerDocument.NameTable); nsm.AddNamespace("ds", SignedXml.XmlDsigNamespaceUrl); // Transforms bool hasTransforms = false; TransformChain = new TransformChain(); XmlNodeList transformsNodes = value.SelectNodes("ds:Transforms", nsm); if (transformsNodes != null && transformsNodes.Count != 0) { if (transformsNodes.Count > 1) { throw new System.Security.Cryptography.CryptographicException(SR.Cryptography_Xml_InvalidElement, "Reference/Transforms"); } hasTransforms = true; XmlElement transformsElement = transformsNodes[0] as XmlElement; if (!Utils.VerifyAttributes(transformsElement, (string[])null)) { throw new System.Security.Cryptography.CryptographicException(SR.Cryptography_Xml_InvalidElement, "Reference/Transforms"); } XmlNodeList transformNodes = transformsElement.SelectNodes("ds:Transform", nsm); if (transformNodes != null) { if (transformNodes.Count != transformsElement.SelectNodes("*").Count) { throw new System.Security.Cryptography.CryptographicException(SR.Cryptography_Xml_InvalidElement, "Reference/Transforms"); } if (transformNodes.Count > Utils.MaxTransformsPerReference) { throw new System.Security.Cryptography.CryptographicException(SR.Cryptography_Xml_InvalidElement, "Reference/Transforms"); } foreach (XmlNode transformNode in transformNodes) { XmlElement transformElement = transformNode as XmlElement; string algorithm = Utils.GetAttribute(transformElement, "Algorithm", SignedXml.XmlDsigNamespaceUrl); if (algorithm == null || !Utils.VerifyAttributes(transformElement, "Algorithm")) { throw new System.Security.Cryptography.CryptographicException(SR.Cryptography_Xml_UnknownTransform); } Transform transform = CryptoHelpers.CreateFromName <Transform>(algorithm); if (transform == null) { throw new System.Security.Cryptography.CryptographicException(SR.Cryptography_Xml_UnknownTransform); } AddTransform(transform); // let the transform read the children of the transformElement for data transform.LoadInnerXml(transformElement.ChildNodes); // Hack! this is done to get around the lack of here() function support in XPath if (transform is XmlDsigEnvelopedSignatureTransform) { // Walk back to the Signature tag. Find the nearest signature ancestor // Signature-->SignedInfo-->Reference-->Transforms-->Transform XmlNode signatureTag = transformElement.SelectSingleNode("ancestor::ds:Signature[1]", nsm); XmlNodeList signatureList = transformElement.SelectNodes("//ds:Signature", nsm); if (signatureList != null) { int position = 0; foreach (XmlNode node in signatureList) { position++; if (node == signatureTag) { ((XmlDsigEnvelopedSignatureTransform)transform).SignaturePosition = position; break; } } } } } } } // DigestMethod XmlNodeList digestMethodNodes = value.SelectNodes("ds:DigestMethod", nsm); if (digestMethodNodes == null || digestMethodNodes.Count == 0 || digestMethodNodes.Count > 1) { throw new System.Security.Cryptography.CryptographicException(SR.Cryptography_Xml_InvalidElement, "Reference/DigestMethod"); } XmlElement digestMethodElement = digestMethodNodes[0] as XmlElement; _digestMethod = Utils.GetAttribute(digestMethodElement, "Algorithm", SignedXml.XmlDsigNamespaceUrl); if (_digestMethod == null || !Utils.VerifyAttributes(digestMethodElement, "Algorithm")) { throw new System.Security.Cryptography.CryptographicException(SR.Cryptography_Xml_InvalidElement, "Reference/DigestMethod"); } // DigestValue XmlNodeList digestValueNodes = value.SelectNodes("ds:DigestValue", nsm); if (digestValueNodes == null || digestValueNodes.Count == 0 || digestValueNodes.Count > 1) { throw new System.Security.Cryptography.CryptographicException(SR.Cryptography_Xml_InvalidElement, "Reference/DigestValue"); } XmlElement digestValueElement = digestValueNodes[0] as XmlElement; _digestValue = Convert.FromBase64String(Utils.DiscardWhiteSpaces(digestValueElement.InnerText)); if (!Utils.VerifyAttributes(digestValueElement, (string[])null)) { throw new System.Security.Cryptography.CryptographicException(SR.Cryptography_Xml_InvalidElement, "Reference/DigestValue"); } // Verify that there aren't any extra nodes that aren't allowed int expectedChildNodeCount = hasTransforms ? 3 : 2; if (value.SelectNodes("*").Count != expectedChildNodeCount) { throw new System.Security.Cryptography.CryptographicException(SR.Cryptography_Xml_InvalidElement, "Reference"); } // cache the Xml _cachedXml = value; }
public void LoadXml(XmlElement value) { // Make sure we don't get passed null if (value == null) { throw new ArgumentNullException("value"); } // Signature XmlElement signatureElement = value; if (!signatureElement.LocalName.Equals("Signature")) { throw new System.Security.Cryptography.CryptographicException(SR.Cryptography_Xml_InvalidElement, "Signature"); } // Id attribute -- optional _id = Utils.GetAttribute(signatureElement, "Id", SignedXml.XmlDsigNamespaceUrl); if (!Utils.VerifyAttributes(signatureElement, "Id")) { throw new System.Security.Cryptography.CryptographicException(SR.Cryptography_Xml_InvalidElement, "Signature"); } XmlNamespaceManager nsm = new XmlNamespaceManager(value.OwnerDocument.NameTable); nsm.AddNamespace("ds", SignedXml.XmlDsigNamespaceUrl); int expectedChildNodes = 0; // SignedInfo XmlNodeList signedInfoNodes = signatureElement.SelectNodes("ds:SignedInfo", nsm); if (signedInfoNodes == null || signedInfoNodes.Count == 0 || signedInfoNodes.Count > 1) { throw new System.Security.Cryptography.CryptographicException(SR.Cryptography_Xml_InvalidElement, "SignedInfo"); } XmlElement signedInfoElement = signedInfoNodes[0] as XmlElement; expectedChildNodes += signedInfoNodes.Count; SignedInfo = new SignedInfo(); SignedInfo.LoadXml(signedInfoElement); // SignatureValue XmlNodeList signatureValueNodes = signatureElement.SelectNodes("ds:SignatureValue", nsm); if (signatureValueNodes == null || signatureValueNodes.Count == 0 || signatureValueNodes.Count > 1) { throw new System.Security.Cryptography.CryptographicException(SR.Cryptography_Xml_InvalidElement, "SignatureValue"); } XmlElement signatureValueElement = signatureValueNodes[0] as XmlElement; expectedChildNodes += signatureValueNodes.Count; _signatureValue = Convert.FromBase64String(Utils.DiscardWhiteSpaces(signatureValueElement.InnerText)); _signatureValueId = Utils.GetAttribute(signatureValueElement, "Id", SignedXml.XmlDsigNamespaceUrl); if (!Utils.VerifyAttributes(signatureValueElement, "Id")) { throw new System.Security.Cryptography.CryptographicException(SR.Cryptography_Xml_InvalidElement, "SignatureValue"); } // KeyInfo - optional single element XmlNodeList keyInfoNodes = signatureElement.SelectNodes("ds:KeyInfo", nsm); _keyInfo = new KeyInfo(); if (keyInfoNodes != null) { if (keyInfoNodes.Count > 1) { throw new System.Security.Cryptography.CryptographicException(SR.Cryptography_Xml_InvalidElement, "KeyInfo"); } foreach (XmlNode node in keyInfoNodes) { XmlElement keyInfoElement = node as XmlElement; if (keyInfoElement != null) { _keyInfo.LoadXml(keyInfoElement); } } expectedChildNodes += keyInfoNodes.Count; } // Object - zero or more elements allowed XmlNodeList objectNodes = signatureElement.SelectNodes("ds:Object", nsm); _embeddedObjects.Clear(); if (objectNodes != null) { foreach (XmlNode node in objectNodes) { XmlElement objectElement = node as XmlElement; if (objectElement != null) { DataObject dataObj = new DataObject(); dataObj.LoadXml(objectElement); _embeddedObjects.Add(dataObj); } } expectedChildNodes += objectNodes.Count; } // Select all elements that have Id attributes XmlNodeList nodeList = signatureElement.SelectNodes("//*[@Id]", nsm); if (nodeList != null) { foreach (XmlNode node in nodeList) { _referencedItems.Add(node); } } // Verify that there aren't any extra nodes that aren't allowed if (signatureElement.SelectNodes("*").Count != expectedChildNodes) { throw new System.Security.Cryptography.CryptographicException(SR.Cryptography_Xml_InvalidElement, "Signature"); } }
public void LoadXml(XmlElement value) { if (value == null) { throw new ArgumentNullException("value"); } _id = Utils.GetAttribute(value, "Id", SignedXml.XmlDsigNamespaceUrl); _uri = Utils.GetAttribute(value, "URI", SignedXml.XmlDsigNamespaceUrl); _type = Utils.GetAttribute(value, "Type", SignedXml.XmlDsigNamespaceUrl); XmlNamespaceManager nsm = new XmlNamespaceManager(value.OwnerDocument.NameTable); nsm.AddNamespace("ds", SignedXml.XmlDsigNamespaceUrl); // Transforms TransformChain = new TransformChain(); XmlElement transformsElement = value.SelectSingleNode("ds:Transforms", nsm) as XmlElement; if (transformsElement != null) { XmlNodeList transformNodes = transformsElement.SelectNodes("ds:Transform", nsm); if (transformNodes != null) { foreach (XmlNode transformNode in transformNodes) { XmlElement transformElement = transformNode as XmlElement; string algorithm = Utils.GetAttribute(transformElement, "Algorithm", SignedXml.XmlDsigNamespaceUrl); Transform transform = CryptoHelpers.CreateFromName(algorithm) as Transform; if (transform == null) { throw new System.Security.Cryptography.CryptographicException(SR.Cryptography_Xml_UnknownTransform); } AddTransform(transform); // let the transform read the children of the transformElement for data transform.LoadInnerXml(transformElement.ChildNodes); // Hack! this is done to get around the lack of here() function support in XPath if (transform is XmlDsigEnvelopedSignatureTransform) { // Walk back to the Signature tag. Find the nearest signature ancestor // Signature-->SignedInfo-->Reference-->Transforms-->Transform XmlNode signatureTag = transformElement.SelectSingleNode("ancestor::ds:Signature[1]", nsm); XmlNodeList signatureList = transformElement.SelectNodes("//ds:Signature", nsm); if (signatureList != null) { int position = 0; foreach (XmlNode node in signatureList) { position++; if (node == signatureTag) { ((XmlDsigEnvelopedSignatureTransform)transform).SignaturePosition = position; break; } } } } } } } // DigestMethod XmlElement digestMethodElement = value.SelectSingleNode("ds:DigestMethod", nsm) as XmlElement; if (digestMethodElement == null) { throw new System.Security.Cryptography.CryptographicException(SR.Cryptography_Xml_InvalidElement, "Reference/DigestMethod"); } _digestMethod = Utils.GetAttribute(digestMethodElement, "Algorithm", SignedXml.XmlDsigNamespaceUrl); // DigestValue XmlElement digestValueElement = value.SelectSingleNode("ds:DigestValue", nsm) as XmlElement; if (digestValueElement == null) { throw new System.Security.Cryptography.CryptographicException(SR.Cryptography_Xml_InvalidElement, "Reference/DigestValue"); } _digestValue = Convert.FromBase64String(Utils.DiscardWhiteSpaces(digestValueElement.InnerText)); // cache the Xml _cachedXml = value; }