public override object GetOutput()
{
CanonicalXmlNodeList resultNodeList = new CanonicalXmlNodeList();
if (!string.IsNullOrEmpty(_xpathexpr))
{
XPathNavigator navigator = _document.CreateNavigator();
XPathNodeIterator it = navigator.Select("//. | //@*");
XPathExpression xpathExpr = navigator.Compile("boolean(" + _xpathexpr + ")");
xpathExpr.SetContext(_nsm);
while (it.MoveNext())
{
XmlNode node = ((IHasXmlNode)it.Current).GetNode();
bool include = (bool)it.Current.Evaluate(xpathExpr);
if (include == true)
{
resultNodeList.Add(node);
}
}
// keep namespaces
it = navigator.Select("//namespace::*");
while (it.MoveNext())
{
XmlNode node = ((IHasXmlNode)it.Current).GetNode();
resultNodeList.Add(node);
}
}
return(resultNodeList);
}
internal static XmlNodeList AllDescendantNodes(XmlNode node, bool includeComments)
{
CanonicalXmlNodeList nodeList = new CanonicalXmlNodeList();
CanonicalXmlNodeList elementList = new CanonicalXmlNodeList();
CanonicalXmlNodeList attribList = new CanonicalXmlNodeList();
CanonicalXmlNodeList namespaceList = new CanonicalXmlNodeList();
int index = 0;
elementList.Add(node);
do
{
XmlNode rootNode = (XmlNode)elementList[index];
// Add the children nodes
XmlNodeList childNodes = rootNode.ChildNodes;
if (childNodes != null)
{
foreach (XmlNode node1 in childNodes)
{
if (includeComments || (!(node1 is XmlComment)))
{
elementList.Add(node1);
}
}
}
// Add the attribute nodes
XmlAttributeCollection attribNodes = rootNode.Attributes;
if (attribNodes != null)
{
foreach (XmlNode attribNode in rootNode.Attributes)
{
if (attribNode.LocalName == "xmlns" || attribNode.Prefix == "xmlns")
{
namespaceList.Add(attribNode);
}
else
{
attribList.Add(attribNode);
}
}
}
index++;
} while (index < elementList.Count);
foreach (XmlNode elementNode in elementList)
{
nodeList.Add(elementNode);
}
foreach (XmlNode attribNode in attribList)
{
nodeList.Add(attribNode);
}
foreach (XmlNode namespaceNode in namespaceList)
{
nodeList.Add(namespaceNode);
}
return(nodeList);
}
private void BuildDigestedReferences()
{
// Default the DigestMethod and Canonicalization
ArrayList references = SignedInfo.References;
// Reset the cache
_refProcessed = new bool[references.Count];
_refLevelCache = new int[references.Count];
ReferenceLevelSortOrder sortOrder = new ReferenceLevelSortOrder();
sortOrder.References = references;
// Don't alter the order of the references array list
ArrayList sortedReferences = new ArrayList();
foreach (Reference reference in references)
{
sortedReferences.Add(reference);
}
sortedReferences.Sort(sortOrder);
CanonicalXmlNodeList nodeList = new CanonicalXmlNodeList();
foreach (DataObject obj in m_signature.ObjectList)
{
nodeList.Add(obj.GetXml());
}
foreach (Reference reference in sortedReferences)
{
// If no DigestMethod has yet been set, default it to sha1
if (reference.DigestMethod == null)
{
reference.DigestMethod = Reference.DefaultDigestMethod;
}
SignedXmlDebugLog.LogSigningReference(this, reference);
reference.UpdateHashValue(_containingDocument, nodeList);
// If this reference has an Id attribute, add it
if (reference.Id != null)
{
nodeList.Add(reference.GetXml());
}
}
}
private static void MarkInclusionStateForNodes(XmlNodeList nodeList, XmlDocument inputRoot, XmlDocument root)
{
CanonicalXmlNodeList elementList = new CanonicalXmlNodeList();
CanonicalXmlNodeList elementListCanonical = new CanonicalXmlNodeList();
elementList.Add(inputRoot);
elementListCanonical.Add(root);
int index = 0;
do
{
XmlNode currentNode = (XmlNode)elementList[index];
XmlNode currentNodeCanonical = (XmlNode)elementListCanonical[index];
XmlNodeList childNodes = currentNode.ChildNodes;
XmlNodeList childNodesCanonical = currentNodeCanonical.ChildNodes;
for (int i = 0; i < childNodes.Count; i++)
{
elementList.Add(childNodes[i]);
elementListCanonical.Add(childNodesCanonical[i]);
if (Utils.NodeInList(childNodes[i], nodeList))
{
MarkNodeAsIncluded(childNodesCanonical[i]);
}
XmlAttributeCollection attribNodes = childNodes[i].Attributes;
if (attribNodes != null)
{
for (int j = 0; j < attribNodes.Count; j++)
{
if (Utils.NodeInList(attribNodes[j], nodeList))
{
MarkNodeAsIncluded(childNodesCanonical[i].Attributes.Item(j));
}
}
}
}
index++;
} while (index < elementList.Count);
}
public DataObject(string id, string mimeType, string encoding, XmlElement data)
{
if (data == null)
{
throw new ArgumentNullException(nameof(data));
}
_id = id;
_mimeType = mimeType;
_encoding = encoding;
_elData = new CanonicalXmlNodeList();
_elData.Add(data);
_cachedXml = null;
}
public void LoadXml(XmlElement value)
{
if (value == null)
{
throw new ArgumentNullException(nameof(value));
}
_id = Utils.GetAttribute(value, "Id", SignedXml.XmlDsigNamespaceUrl);
_mimeType = Utils.GetAttribute(value, "MimeType", SignedXml.XmlDsigNamespaceUrl);
_encoding = Utils.GetAttribute(value, "Encoding", SignedXml.XmlDsigNamespaceUrl);
foreach (XmlNode node in value.ChildNodes)
{
_elData.Add(node);
}
// Save away the cached value
_cachedXml = value;
}
public void LoadXml(XmlElement value)
{
// Make sure we don't get passed null
if (value == null)
{
throw new ArgumentNullException(nameof(value));
}
// Signature
XmlElement signatureElement = value;
if (!signatureElement.LocalName.Equals("Signature"))
{
throw new CryptographicException(SR.Cryptography_Xml_InvalidElement, "Signature");
}
// Id attribute -- optional
_id = Utils.GetAttribute(signatureElement, "Id", SignedXml.XmlDsigNamespaceUrl);
if (!Utils.VerifyAttributes(signatureElement, "Id"))
{
throw new CryptographicException(SR.Cryptography_Xml_InvalidElement, "Signature");
}
XmlNamespaceManager nsm = new XmlNamespaceManager(value.OwnerDocument.NameTable);
nsm.AddNamespace("ds", SignedXml.XmlDsigNamespaceUrl);
int expectedChildNodes = 0;
// SignedInfo
XmlNodeList signedInfoNodes = signatureElement.SelectNodes("ds:SignedInfo", nsm);
if (signedInfoNodes == null || signedInfoNodes.Count == 0 || signedInfoNodes.Count > 1)
{
throw new CryptographicException(SR.Cryptography_Xml_InvalidElement, "SignedInfo");
}
XmlElement signedInfoElement = signedInfoNodes[0] as XmlElement;
expectedChildNodes += signedInfoNodes.Count;
SignedInfo = new SignedInfo();
SignedInfo.LoadXml(signedInfoElement);
// SignatureValue
XmlNodeList signatureValueNodes = signatureElement.SelectNodes("ds:SignatureValue", nsm);
if (signatureValueNodes == null || signatureValueNodes.Count == 0 || signatureValueNodes.Count > 1)
{
throw new CryptographicException(SR.Cryptography_Xml_InvalidElement, "SignatureValue");
}
XmlElement signatureValueElement = signatureValueNodes[0] as XmlElement;
expectedChildNodes += signatureValueNodes.Count;
_signatureValue = Convert.FromBase64String(Utils.DiscardWhiteSpaces(signatureValueElement.InnerText));
_signatureValueId = Utils.GetAttribute(signatureValueElement, "Id", SignedXml.XmlDsigNamespaceUrl);
if (!Utils.VerifyAttributes(signatureValueElement, "Id"))
{
throw new CryptographicException(SR.Cryptography_Xml_InvalidElement, "SignatureValue");
}
// KeyInfo - optional single element
XmlNodeList keyInfoNodes = signatureElement.SelectNodes("ds:KeyInfo", nsm);
_keyInfo = new KeyInfo();
if (keyInfoNodes != null)
{
if (keyInfoNodes.Count > 1)
{
throw new CryptographicException(SR.Cryptography_Xml_InvalidElement, "KeyInfo");
}
foreach (XmlNode node in keyInfoNodes)
{
XmlElement keyInfoElement = node as XmlElement;
if (keyInfoElement != null)
{
_keyInfo.LoadXml(keyInfoElement);
}
}
expectedChildNodes += keyInfoNodes.Count;
}
// Object - zero or more elements allowed
XmlNodeList objectNodes = signatureElement.SelectNodes("ds:Object", nsm);
_embeddedObjects.Clear();
if (objectNodes != null)
{
foreach (XmlNode node in objectNodes)
{
XmlElement objectElement = node as XmlElement;
if (objectElement != null)
{
DataObject dataObj = new DataObject();
dataObj.LoadXml(objectElement);
_embeddedObjects.Add(dataObj);
}
}
expectedChildNodes += objectNodes.Count;
}
// Select all elements that have Id attributes
XmlNodeList nodeList = signatureElement.SelectNodes("//*[@Id]", nsm);
if (nodeList != null)
{
foreach (XmlNode node in nodeList)
{
_referencedItems.Add(node);
}
}
// Verify that there aren't any extra nodes that aren't allowed
if (signatureElement.SelectNodes("*").Count != expectedChildNodes)
{
throw new CryptographicException(SR.Cryptography_Xml_InvalidElement, "Signature");
}
}
// This method gets the attributes that should be propagated
internal static CanonicalXmlNodeList GetPropagatedAttributes(XmlElement elem)
{
if (elem == null)
{
return(null);
}
CanonicalXmlNodeList namespaces = new CanonicalXmlNodeList();
XmlNode ancestorNode = elem;
bool bDefNamespaceToAdd = true;
while (ancestorNode != null)
{
XmlElement ancestorElement = ancestorNode as XmlElement;
if (ancestorElement == null)
{
ancestorNode = ancestorNode.ParentNode;
continue;
}
if (!Utils.IsCommittedNamespace(ancestorElement, ancestorElement.Prefix, ancestorElement.NamespaceURI))
{
// Add the namespace attribute to the collection if needed
if (!Utils.IsRedundantNamespace(ancestorElement, ancestorElement.Prefix, ancestorElement.NamespaceURI))
{
string name = ((ancestorElement.Prefix.Length > 0) ? "xmlns:" + ancestorElement.Prefix : "xmlns");
XmlAttribute nsattrib = elem.OwnerDocument.CreateAttribute(name);
nsattrib.Value = ancestorElement.NamespaceURI;
namespaces.Add(nsattrib);
}
}
if (ancestorElement.HasAttributes)
{
XmlAttributeCollection attribs = ancestorElement.Attributes;
foreach (XmlAttribute attrib in attribs)
{
// Add a default namespace if necessary
if (bDefNamespaceToAdd && attrib.LocalName == "xmlns")
{
XmlAttribute nsattrib = elem.OwnerDocument.CreateAttribute("xmlns");
nsattrib.Value = attrib.Value;
namespaces.Add(nsattrib);
bDefNamespaceToAdd = false;
continue;
}
// retain the declarations of type 'xml:*' as well
if (attrib.Prefix == "xmlns" || attrib.Prefix == "xml")
{
namespaces.Add(attrib);
continue;
}
if (attrib.NamespaceURI.Length > 0)
{
if (!Utils.IsCommittedNamespace(ancestorElement, attrib.Prefix, attrib.NamespaceURI))
{
// Add the namespace attribute to the collection if needed
if (!Utils.IsRedundantNamespace(ancestorElement, attrib.Prefix, attrib.NamespaceURI))
{
string name = ((attrib.Prefix.Length > 0) ? "xmlns:" + attrib.Prefix : "xmlns");
XmlAttribute nsattrib = elem.OwnerDocument.CreateAttribute(name);
nsattrib.Value = attrib.NamespaceURI;
namespaces.Add(nsattrib);
}
}
}
}
}
ancestorNode = ancestorNode.ParentNode;
}
return(namespaces);
}
public override object GetOutput()
{
if (_containingDocument == null)
{
throw new CryptographicException(SR.Cryptography_Xml_EnvelopedSignatureRequiresContext);
}
// If we have received an XmlNodeList as input
if (_inputNodeList != null)
{
// If the position has not been set, then we don't want to remove any signature tags
if (_signaturePosition == 0)
{
return(_inputNodeList);
}
XmlNodeList signatureList = _containingDocument.SelectNodes("//dsig:Signature", _nsm);
if (signatureList == null)
{
return(_inputNodeList);
}
CanonicalXmlNodeList resultNodeList = new CanonicalXmlNodeList();
foreach (XmlNode node in _inputNodeList)
{
if (node == null)
{
continue;
}
// keep namespaces
if (Utils.IsXmlNamespaceNode(node) || Utils.IsNamespaceNode(node))
{
resultNodeList.Add(node);
}
else
{
// SelectSingleNode throws an exception for xmldecl PI for example, so we will just ignore those exceptions
try
{
// Find the nearest signature ancestor tag
XmlNode result = node.SelectSingleNode("ancestor-or-self::dsig:Signature[1]", _nsm);
int position = 0;
foreach (XmlNode node1 in signatureList)
{
position++;
if (node1 == result)
{
break;
}
}
if (result == null || position != _signaturePosition)
{
resultNodeList.Add(node);
}
}
catch { }
}
}
return(resultNodeList);
}
// Else we have received either a stream or a document as input
else
{
XmlNodeList signatureList = _containingDocument.SelectNodes("//dsig:Signature", _nsm);
if (signatureList == null)
{
return(_containingDocument);
}
if (signatureList.Count < _signaturePosition || _signaturePosition <= 0)
{
return(_containingDocument);
}
// Remove the signature node with all its children nodes
signatureList[_signaturePosition - 1].ParentNode.RemoveChild(signatureList[_signaturePosition - 1]);
return(_containingDocument);
}
}
