Beispiel #1
0
        private bool IsSafeTransform(string transformAlgorithm)
        {
            // All canonicalization algorithms are valid transform algorithms.
            foreach (string safeAlgorithm in SafeCanonicalizationMethods)
            {
                if (string.Equals(safeAlgorithm, transformAlgorithm, StringComparison.OrdinalIgnoreCase))
                {
                    return(true);
                }
            }

            foreach (string safeAlgorithm in DefaultSafeTransformMethods)
            {
                if (string.Equals(safeAlgorithm, transformAlgorithm, StringComparison.OrdinalIgnoreCase))
                {
                    return(true);
                }
            }

            SignedXmlDebugLog.LogUnsafeTransformMethod(
                this,
                transformAlgorithm,
                SafeCanonicalizationMethods,
                DefaultSafeTransformMethods);

            return(false);
        }
Beispiel #2
0
        private byte[] GetC14NDigest(HashAlgorithm hash)
        {
            bool isKeyedHashAlgorithm = hash is KeyedHashAlgorithm;

            if (isKeyedHashAlgorithm || !_bCacheValid || !SignedInfo.CacheValid)
            {
                string      baseUri  = (_containingDocument == null ? null : _containingDocument.BaseURI);
                XmlResolver resolver = (_bResolverSet ? _xmlResolver : new XmlSecureResolver(new XmlUrlResolver(), baseUri));

                XmlDocument doc = Utils.PreProcessElementInput(SignedInfo.GetXml(), resolver, baseUri);

                // Add non default namespaces in scope
                CanonicalXmlNodeList namespaces = (_context == null ? null : Utils.GetPropagatedAttributes(_context));
                SignedXmlDebugLog.LogNamespacePropagation(this, namespaces);
                Utils.AddNamespaces(doc.DocumentElement, namespaces);
                XmlNodeList nodeList = Utils.AllDescendantNodes(doc.DocumentElement.FirstChild, true);

                Transform c14nMethodTransform = SignedInfo.CanonicalizationMethodObject;
                c14nMethodTransform.Resolver = resolver;
                c14nMethodTransform.BaseURI  = baseUri;

                SignedXmlDebugLog.LogBeginCanonicalization(this, c14nMethodTransform);
                c14nMethodTransform.LoadInput(nodeList);
                SignedXmlDebugLog.LogCanonicalizedOutput(this, c14nMethodTransform);
                _digestedSignedInfo = c14nMethodTransform.GetDigestedOutput(hash);

                _bCacheValid = !isKeyedHashAlgorithm;
            }
            return(_digestedSignedInfo);
        }
Beispiel #3
0
        public bool CheckSignatureReturningKey(out AsymmetricAlgorithm signingKey)
        {
            SignedXmlDebugLog.LogBeginSignatureVerification(this, _context);

            signingKey = null;
            bool bRet = false;
            AsymmetricAlgorithm key = null;

            if (!CheckSignatureFormat())
            {
                return(false);
            }

            do
            {
                key = GetPublicKey();
                if (key != null)
                {
                    bRet = CheckSignature(key);
                    SignedXmlDebugLog.LogVerificationResult(this, key, bRet);
                }
            } while (key != null && bRet == false);

            signingKey = key;
            return(bRet);
        }
Beispiel #4
0
        private bool CheckDigestedReferences()
        {
            ArrayList references = m_signature.SignedInfo.References;

            for (int i = 0; i < references.Count; ++i)
            {
                Reference digestedReference = (Reference)references[i];

                if (!ReferenceUsesSafeTransformMethods(digestedReference))
                {
                    return(false);
                }

                SignedXmlDebugLog.LogVerifyReference(this, digestedReference);
                byte[] calculatedHash = null;
                try
                {
                    calculatedHash = digestedReference.CalculateHashValue(_containingDocument, m_signature.ReferencedItems);
                }
                catch (CryptoSignedXmlRecursionException)
                {
                    SignedXmlDebugLog.LogSignedXmlRecursionLimit(this, digestedReference);
                    return(false);
                }
                // Compare both hashes
                SignedXmlDebugLog.LogVerifyReferenceHash(this, digestedReference, calculatedHash, digestedReference.DigestValue);

                if (!CryptographicEquals(calculatedHash, digestedReference.DigestValue))
                {
                    return(false);
                }
            }

            return(true);
        }
Beispiel #5
0
        public void ComputeSignature()
        {
            SignedXmlDebugLog.LogBeginSignatureComputation(this, _context);

            BuildDigestedReferences();

            // Load the key
            AsymmetricAlgorithm key = SigningKey;

            if (key == null)
            {
                throw new CryptographicException(SR.Cryptography_Xml_LoadKeyFailed);
            }

            // Check the signature algorithm associated with the key so that we can accordingly set the signature method
            if (SignedInfo.SignatureMethod == null)
            {
                if (key is DSA)
                {
                    SignedInfo.SignatureMethod = XmlDsigDSAUrl;
                }
                else if (key is RSA)
                {
                    // Default to RSA-SHA1
                    if (SignedInfo.SignatureMethod == null)
                    {
                        SignedInfo.SignatureMethod = XmlDsigRSASHA256Url;
                    }
                }
                else
                {
                    throw new CryptographicException(SR.Cryptography_Xml_CreatedKeyFailed);
                }
            }

            // See if there is a signature description class defined in the Config file
            SignatureDescription signatureDescription = CryptoHelpers.CreateFromName <SignatureDescription>(SignedInfo.SignatureMethod);

            if (signatureDescription == null)
            {
                throw new CryptographicException(SR.Cryptography_Xml_SignatureDescriptionNotCreated);
            }
            HashAlgorithm hashAlg = signatureDescription.CreateDigest();

            if (hashAlg == null)
            {
                throw new CryptographicException(SR.Cryptography_Xml_CreateHashAlgorithmFailed);
            }
            byte[] hashvalue = GetC14NDigest(hashAlg);
            AsymmetricSignatureFormatter asymmetricSignatureFormatter = signatureDescription.CreateFormatter(key);

            SignedXmlDebugLog.LogSigning(this, key, signatureDescription, hashAlg, asymmetricSignatureFormatter);
            m_signature.SignatureValue = asymmetricSignatureFormatter.CreateSignature(hashAlg);
        }
Beispiel #6
0
        // Validation function to see if the signature uses a canonicalization algorithm from our list
        // of approved algorithm URIs.
        private bool DoesSignatureUseSafeCanonicalizationMethod()
        {
            foreach (string safeAlgorithm in SafeCanonicalizationMethods)
            {
                if (string.Equals(safeAlgorithm, SignedInfo.CanonicalizationMethod, StringComparison.OrdinalIgnoreCase))
                {
                    return(true);
                }
            }

            SignedXmlDebugLog.LogUnsafeCanonicalizationMethod(this, SignedInfo.CanonicalizationMethod, SafeCanonicalizationMethods);
            return(false);
        }
Beispiel #7
0
        private bool CheckSignedInfo(KeyedHashAlgorithm macAlg)
        {
            if (macAlg == null)
            {
                throw new ArgumentNullException(nameof(macAlg));
            }

            SignedXmlDebugLog.LogBeginCheckSignedInfo(this, m_signature.SignedInfo);

            int signatureLength;

            if (m_signature.SignedInfo.SignatureLength == null)
            {
                signatureLength = macAlg.HashSize;
            }
            else
            {
                signatureLength = Convert.ToInt32(m_signature.SignedInfo.SignatureLength, null);
            }

            // signatureLength should be less than hash size
            if (signatureLength < 0 || signatureLength > macAlg.HashSize)
            {
                throw new CryptographicException(SR.Cryptography_Xml_InvalidSignatureLength);
            }
            if (signatureLength % 8 != 0)
            {
                throw new CryptographicException(SR.Cryptography_Xml_InvalidSignatureLength2);
            }
            if (m_signature.SignatureValue == null)
            {
                throw new CryptographicException(SR.Cryptography_Xml_SignatureValueRequired);
            }
            if (m_signature.SignatureValue.Length != signatureLength / 8)
            {
                throw new CryptographicException(SR.Cryptography_Xml_InvalidSignatureLength);
            }

            // Calculate the hash
            byte[] hashValue = GetC14NDigest(macAlg);
            SignedXmlDebugLog.LogVerifySignedInfo(this, macAlg, hashValue, m_signature.SignatureValue);
            for (int i = 0; i < m_signature.SignatureValue.Length; i++)
            {
                if (m_signature.SignatureValue[i] != hashValue[i])
                {
                    return(false);
                }
            }
            return(true);
        }
Beispiel #8
0
        public bool CheckSignature(X509Certificate2 certificate, bool verifySignatureOnly)
        {
            if (!verifySignatureOnly)
            {
                // Check key usages to make sure it is good for signing.
                foreach (X509Extension extension in certificate.Extensions)
                {
                    if (string.Equals(extension.Oid.Value, "2.5.29.15" /* szOID_KEY_USAGE */, StringComparison.OrdinalIgnoreCase))
                    {
                        X509KeyUsageExtension keyUsage = new X509KeyUsageExtension();
                        keyUsage.CopyFrom(extension);
                        SignedXmlDebugLog.LogVerifyKeyUsage(this, certificate, keyUsage);

                        bool validKeyUsage = (keyUsage.KeyUsages & X509KeyUsageFlags.DigitalSignature) != 0 ||
                                             (keyUsage.KeyUsages & X509KeyUsageFlags.NonRepudiation) != 0;

                        if (!validKeyUsage)
                        {
                            SignedXmlDebugLog.LogVerificationFailure(this, SR.Log_VerificationFailed_X509KeyUsage);
                            return(false);
                        }
                        break;
                    }
                }

                // Do the chain verification to make sure the certificate is valid.
                X509Chain chain = new X509Chain();
                chain.ChainPolicy.ExtraStore.AddRange(BuildBagOfCerts());
                bool chainVerified = chain.Build(certificate);
                SignedXmlDebugLog.LogVerifyX509Chain(this, chain, certificate);

                if (!chainVerified)
                {
                    SignedXmlDebugLog.LogVerificationFailure(this, SR.Log_VerificationFailed_X509Chain);
                    return(false);
                }
            }

            using (AsymmetricAlgorithm publicKey = Utils.GetAnyPublicKey(certificate))
            {
                if (!CheckSignature(publicKey))
                {
                    return(false);
                }
            }

            SignedXmlDebugLog.LogVerificationResult(this, certificate, true);
            return(true);
        }
        public void ComputeSignature(KeyedHashAlgorithm macAlg)
        {
            if (macAlg == null)
            {
                throw new ArgumentNullException(nameof(macAlg));
            }

            if (!(macAlg is HMAC hash))
            {
                throw new CryptographicException(SR.Cryptography_Xml_SignatureMethodKeyMismatch);
            }

            int signatureLength;

            if (m_signature.SignedInfo.SignatureLength == null)
            {
                signatureLength = hash.HashSize;
            }
            else
            {
                signatureLength = Convert.ToInt32(m_signature.SignedInfo.SignatureLength, null);
            }
            // signatureLength should be less than hash size
            if (signatureLength < 0 || signatureLength > hash.HashSize)
            {
                throw new CryptographicException(SR.Cryptography_Xml_InvalidSignatureLength);
            }
            if (signatureLength % 8 != 0)
            {
                throw new CryptographicException(SR.Cryptography_Xml_InvalidSignatureLength2);
            }

            BuildDigestedReferences();
            SignedInfo.SignatureMethod = hash.HashName switch
            {
                "SHA1" => SignedXml.XmlDsigHMACSHA1Url,
                "SHA256" => SignedXml.XmlDsigMoreHMACSHA256Url,
                "SHA384" => SignedXml.XmlDsigMoreHMACSHA384Url,
                "SHA512" => SignedXml.XmlDsigMoreHMACSHA512Url,
                "MD5" => SignedXml.XmlDsigMoreHMACMD5Url,
                "RIPEMD160" => SignedXml.XmlDsigMoreHMACRIPEMD160Url,
                _ => throw new CryptographicException(SR.Cryptography_Xml_SignatureMethodKeyMismatch),
            };
            byte[] hashValue = GetC14NDigest(hash);

            SignedXmlDebugLog.LogSigning(this, hash);
            m_signature.SignatureValue = new byte[signatureLength / 8];
            Buffer.BlockCopy(hashValue, 0, m_signature.SignatureValue, 0, signatureLength / 8);
        }
Beispiel #10
0
        // If we have a signature format validation callback, check to see if this signature's format (not
        // the signautre itself) is valid according to the validator.  A return value of true indicates that
        // the signature format is acceptable, false means that the format is not valid.
        private bool CheckSignatureFormat()
        {
            if (_signatureFormatValidator == null)
            {
                // No format validator means that we default to accepting the signature.  (This is
                // effectively compatibility mode with v3.5).
                return(true);
            }

            SignedXmlDebugLog.LogBeginCheckSignatureFormat(this, _signatureFormatValidator);

            bool formatValid = _signatureFormatValidator(this);

            SignedXmlDebugLog.LogFormatValidationResult(this, formatValid);
            return(formatValid);
        }
Beispiel #11
0
        private void BuildDigestedReferences()
        {
            // Default the DigestMethod and Canonicalization
            ArrayList references = SignedInfo.References;

            // Reset the cache
            _refProcessed  = new bool[references.Count];
            _refLevelCache = new int[references.Count];

            ReferenceLevelSortOrder sortOrder = new ReferenceLevelSortOrder();

            sortOrder.References = references;
            // Don't alter the order of the references array list
            ArrayList sortedReferences = new ArrayList();

            foreach (Reference reference in references)
            {
                sortedReferences.Add(reference);
            }
            sortedReferences.Sort(sortOrder);

            CanonicalXmlNodeList nodeList = new CanonicalXmlNodeList();

            foreach (DataObject obj in m_signature.ObjectList)
            {
                nodeList.Add(obj.GetXml());
            }
            foreach (Reference reference in sortedReferences)
            {
                // If no DigestMethod has yet been set, default it to sha1
                if (reference.DigestMethod == null)
                {
                    reference.DigestMethod = Reference.DefaultDigestMethod;
                }

                SignedXmlDebugLog.LogSigningReference(this, reference);

                reference.UpdateHashValue(_containingDocument, nodeList);
                // If this reference has an Id attribute, add it
                if (reference.Id != null)
                {
                    nodeList.Add(reference.GetXml());
                }
            }
        }
Beispiel #12
0
        private bool CheckSignedInfo(AsymmetricAlgorithm key)
        {
            if (key == null)
            {
                throw new ArgumentNullException(nameof(key));
            }

            SignedXmlDebugLog.LogBeginCheckSignedInfo(this, m_signature.SignedInfo);

            SignatureDescription signatureDescription = CryptoHelpers.CreateFromName <SignatureDescription>(SignatureMethod);

            if (signatureDescription == null)
            {
                throw new CryptographicException(SR.Cryptography_Xml_SignatureDescriptionNotCreated);
            }

            // Let's see if the key corresponds with the SignatureMethod
            Type ta = Type.GetType(signatureDescription.KeyAlgorithm);

            if (!IsKeyTheCorrectAlgorithm(key, ta))
            {
                return(false);
            }

            HashAlgorithm hashAlgorithm = signatureDescription.CreateDigest();

            if (hashAlgorithm == null)
            {
                throw new CryptographicException(SR.Cryptography_Xml_CreateHashAlgorithmFailed);
            }
            byte[] hashval = GetC14NDigest(hashAlgorithm);

            AsymmetricSignatureDeformatter asymmetricSignatureDeformatter = signatureDescription.CreateDeformatter(key);

            SignedXmlDebugLog.LogVerifySignedInfo(this,
                                                  key,
                                                  signatureDescription,
                                                  hashAlgorithm,
                                                  asymmetricSignatureDeformatter,
                                                  hashval,
                                                  m_signature.SignatureValue);
            return(asymmetricSignatureDeformatter.VerifySignature(hashval, m_signature.SignatureValue));
        }
Beispiel #13
0
        public bool CheckSignature(KeyedHashAlgorithm macAlg)
        {
            if (!CheckSignatureFormat())
            {
                return(false);
            }

            if (!CheckSignedInfo(macAlg))
            {
                SignedXmlDebugLog.LogVerificationFailure(this, SR.Log_VerificationFailed_SignedInfo);
                return(false);
            }

            if (!CheckDigestedReferences())
            {
                SignedXmlDebugLog.LogVerificationFailure(this, SR.Log_VerificationFailed_References);
                return(false);
            }

            SignedXmlDebugLog.LogVerificationResult(this, macAlg, true);
            return(true);
        }
Beispiel #14
0
        public bool CheckSignature(AsymmetricAlgorithm key)
        {
            if (!CheckSignatureFormat())
            {
                return(false);
            }

            if (!CheckSignedInfo(key))
            {
                SignedXmlDebugLog.LogVerificationFailure(this, SR.Log_VerificationFailed_SignedInfo);
                return(false);
            }

            // Now is the time to go through all the references and see if their DigestValues are good
            if (!CheckDigestedReferences())
            {
                SignedXmlDebugLog.LogVerificationFailure(this, SR.Log_VerificationFailed_References);
                return(false);
            }

            SignedXmlDebugLog.LogVerificationResult(this, key, true);
            return(true);
        }
Beispiel #15
0
        // What we want to do is pump the input throug the TransformChain and then
        // hash the output of the chain document is the document context for resolving relative references
        internal byte[] CalculateHashValue(XmlDocument document, CanonicalXmlNodeList refList)
        {
            // refList is a list of elements that might be targets of references
            // Now's the time to create our hashing algorithm
            _hashAlgorithm = CryptoHelpers.CreateFromName <HashAlgorithm>(_digestMethod);
            if (_hashAlgorithm == null)
            {
                throw new CryptographicException(SR.Cryptography_Xml_CreateHashAlgorithmFailed);
            }

            // Let's go get the target.
            string      baseUri         = (document == null ? System.Environment.CurrentDirectory + "\\" : document.BaseURI);
            Stream      hashInputStream = null;
            WebResponse response        = null;
            Stream      inputStream     = null;
            XmlResolver resolver        = (SignedXml.ResolverSet ? SignedXml._xmlResolver : new XmlSecureResolver(new XmlUrlResolver(), baseUri));

            byte[] hashval = null;

            try
            {
                switch (_refTargetType)
                {
                case ReferenceTargetType.Stream:
                    // This is the easiest case. We already have a stream, so just pump it through the TransformChain
                    hashInputStream = TransformChain.TransformToOctetStream((Stream)_refTarget, resolver, baseUri);
                    break;

                case ReferenceTargetType.UriReference:
                    // Second-easiest case -- dereference the URI & pump through the TransformChain
                    // handle the special cases where the URI is null (meaning whole doc)
                    // or the URI is just a fragment (meaning a reference to an embedded Object)
                    if (_uri == null)
                    {
                        // In the case of a Uri-less reference, we will simply pass null to the transform chain.
                        // The first transform in the chain is expected to know how to retrieve the data to hash.
                        hashInputStream = TransformChain.TransformToOctetStream((Stream)null, resolver, baseUri);
                    }
                    else if (_uri.Length == 0 || _uri == "#xpointer(/)")
                    {
                        // This is the self-referential case. First, check that we have a document context.
                        // The Enveloped Signature does not discard comments as per spec; those will be omitted during the transform chain process
                        if (document == null)
                        {
                            throw new CryptographicException(SR.Format(SR.Cryptography_Xml_SelfReferenceRequiresContext, _uri));
                        }

                        // Normalize the containing document
                        XmlDocument doc = Utils.PreProcessDocumentInput(document, resolver, baseUri);
                        // Remove comments only if URI is ""
                        if (_uri.Length == 0)
                        {
                            Utils.DiscardComments(doc);
                        }
                        hashInputStream = TransformChain.TransformToOctetStream(doc, resolver, baseUri);
                    }
                    else if (_uri[0] == '#')
                    {
                        // If we get here, then we are constructing a Reference to an embedded DataObject
                        // referenced by an Id = attribute. Go find the relevant object
                        bool   discardComments = true;
                        string idref           = Utils.GetIdFromLocalUri(_uri, out discardComments);

                        XmlElement elem = SignedXml.GetIdElement(document, idref);

                        if (elem == null)
                        {
                            // Go throw the referenced items passed in
                            if (refList != null)
                            {
                                foreach (XmlNode node in refList)
                                {
                                    XmlElement tempElem = node.SelectSingleNode("//*[@Id='" + idref + "']") as XmlElement;
                                    //XmlElement tempElem = node as XmlElement;
                                    //if ((tempElem != null) && (Utils.HasAttribute(tempElem, "Id", SignedXml.XmlDsigNamespaceUrl))
                                    //    && (Utils.GetAttribute(tempElem, "Id", SignedXml.XmlDsigNamespaceUrl).Equals(idref)))
                                    if (tempElem != null)
                                    {
                                        // copy fragment to document with root, create nodelsit
                                        elem = tempElem;
                                        XmlDocument doc = Utils.PreProcessElementInput(elem, resolver, baseUri);
                                        if (_signedXml._context != null)
                                        {
                                            CanonicalXmlNodeList namespaces = Utils.GetPropagatedAttributes(_signedXml._context);
                                            Utils.AddNamespaces(doc.DocumentElement, namespaces);
                                        }
                                        elem = doc.DocumentElement.FirstChild as XmlElement;
                                        break;
                                    }
                                }
                            }
                            if (elem == null)
                            {
                                throw new CryptographicException(SR.Cryptography_Xml_InvalidReference);
                            }
                        }
                        else
                        {
                            // create node list from document
                            XmlDocument          doc        = Utils.PreProcessElementInput(elem, resolver, baseUri);
                            CanonicalXmlNodeList namespaces = Utils.GetPropagatedAttributes(elem);
                            Utils.AddNamespaces(doc.DocumentElement, namespaces);
                            elem = doc.DocumentElement.FirstChild as XmlElement;
                        }
                        hashInputStream = TransformChain.TransformToOctetStream(Utils.AllDescendantNodes(elem, !discardComments), typeof(XmlNodeList), resolver, baseUri);
                    }
                    else
                    {
                        throw new CryptographicException(SR.Cryptography_Xml_UriNotResolved, _uri);
                    }
                    break;

                case ReferenceTargetType.XmlElement:
                    // We need to create a DocumentNavigator out of the XmlElement
                    hashInputStream = TransformChain.TransformToOctetStream(Utils.AllDescendantNodes((XmlNode)_refTarget, true), typeof(XmlNodeList), resolver, baseUri);
                    break;

                default:
                    throw new CryptographicException(SR.Cryptography_Xml_UriNotResolved, _uri);
                }

                // Compute the new hash value
                hashInputStream = SignedXmlDebugLog.LogReferenceData(this, hashInputStream);
                hashval         = _hashAlgorithm.ComputeHash(hashInputStream);
            }
            finally
            {
                if (hashInputStream != null)
                {
                    hashInputStream.Close();
                }
                if (response != null)
                {
                    response.Close();
                }
                if (inputStream != null)
                {
                    inputStream.Close();
                }
            }

            return(hashval);
        }