internal void LoadXml(XmlElement value) { if (value == null) { throw new ArgumentNullException(nameof(value)); } XmlNamespaceManager nsm = new XmlNamespaceManager(value.OwnerDocument.NameTable); nsm.AddNamespace("ds", SignedXml.XmlDsigNamespaceUrl); XmlNodeList transformNodes = value.SelectNodes("ds:Transform", nsm); if (transformNodes.Count == 0) { throw new CryptographicException(SR.Cryptography_Xml_InvalidElement, "Transforms"); } _transforms.Clear(); for (int i = 0; i < transformNodes.Count; ++i) { XmlElement transformElement = (XmlElement)transformNodes.Item(i); string algorithm = Utils.GetAttribute(transformElement, "Algorithm", SignedXml.XmlDsigNamespaceUrl); Transform transform = CryptoHelpers.CreateFromName <Transform>(algorithm); if (transform == null) { throw new CryptographicException(SR.Cryptography_Xml_UnknownTransform); } // let the transform read the children of the transformElement for data transform.LoadInnerXml(transformElement.ChildNodes); _transforms.Add(transform); } }
public override void LoadInnerXml(XmlNodeList nodeList) { if (nodeList != null) { foreach (XmlNode n in nodeList) { XmlElement e = n as XmlElement; if (e != null) { if (e.LocalName.Equals("InclusiveNamespaces") && e.NamespaceURI.Equals(SignedXml.XmlDsigExcC14NTransformUrl) && Utils.HasAttribute(e, "PrefixList", SignedXml.XmlDsigNamespaceUrl)) { if (!Utils.VerifyAttributes(e, "PrefixList")) { throw new CryptographicException(SR.Cryptography_Xml_UnknownTransform); } this.InclusiveNamespacesPrefixList = Utils.GetAttribute(e, "PrefixList", SignedXml.XmlDsigNamespaceUrl); return; } else { throw new CryptographicException(SR.Cryptography_Xml_UnknownTransform); } } } } }
public override void LoadInnerXml(XmlNodeList nodeList) { if (nodeList == null) { throw new CryptographicException(SR.Cryptography_Xml_UnknownTransform); } ExceptUris.Clear(); foreach (XmlNode node in nodeList) { XmlElement elem = node as XmlElement; if (elem != null) { if (elem.LocalName == "Except" && elem.NamespaceURI == XmlDecryptionTransformNamespaceUrl) { // the Uri is required string uri = Utils.GetAttribute(elem, "URI", XmlDecryptionTransformNamespaceUrl); if (uri == null || uri.Length == 0 || uri[0] != '#') { throw new CryptographicException(SR.Cryptography_Xml_UriRequired); } if (!Utils.VerifyAttributes(elem, "URI")) { throw new CryptographicException(SR.Cryptography_Xml_UnknownTransform); } string idref = Utils.ExtractIdFromLocalUri(uri); ExceptUris.Add(idref); } else { throw new CryptographicException(SR.Cryptography_Xml_UnknownTransform); } } } }
public override void LoadXml(XmlElement value) { if (value == null) { throw new ArgumentNullException("value"); } this.ReferenceType = value.LocalName; string uri = Utils.GetAttribute(value, "URI", EncryptedXml.XmlEncNamespaceUrl); if (!Utils.GetSkipSignatureAttributeEnforcement() && uri == null) { throw new CryptographicException(SecurityResources.GetResourceString("Cryptography_Xml_UriRequired")); } this.Uri = uri; // Transforms XmlNamespaceManager nsm = new XmlNamespaceManager(value.OwnerDocument.NameTable); nsm.AddNamespace("enc", EncryptedXml.XmlEncNamespaceUrl); XmlNode transformsNode = value.SelectSingleNode("enc:Transforms", nsm); if (transformsNode != null) { this.TransformChain.LoadXml(transformsNode as XmlElement); } // cache the Xml m_cachedXml = value; }
public override void LoadXml(XmlElement value) { if (value == null) { throw new ArgumentNullException(nameof(value)); } ReferenceType = value.LocalName; string uri = Utils.GetAttribute(value, "URI", EncryptedXml.XmlEncNamespaceUrl); Uri = uri ?? throw new CryptographicException(SR.Cryptography_Xml_UriRequired); // Transforms XmlNamespaceManager nsm = new XmlNamespaceManager(value.OwnerDocument.NameTable); nsm.AddNamespace("enc", EncryptedXml.XmlEncNamespaceUrl); XmlNode transformsNode = value.SelectSingleNode("enc:Transforms", nsm); if (transformsNode != null) { TransformChain.LoadXml(transformsNode as XmlElement); } // cache the Xml _cachedXml = value; }
public void LoadXml(XmlElement value) { if (value == null) { throw new ArgumentNullException("value"); } XmlNamespaceManager nsm = new XmlNamespaceManager(value.OwnerDocument.NameTable); nsm.AddNamespace("enc", EncryptedXml.XmlEncNamespaceUrl); XmlElement encryptionMethodElement = value; _algorithm = Utils.GetAttribute(encryptionMethodElement, "Algorithm", EncryptedXml.XmlEncNamespaceUrl); XmlNode keySizeNode = value.SelectSingleNode("enc:KeySize", nsm); if (keySizeNode != null) { KeySize = Convert.ToInt32(Utils.DiscardWhiteSpaces(keySizeNode.InnerText), null); } // Save away the cached value _cachedXml = value; }
public void LoadXml(XmlElement value) { if (value is null) { throw new ArgumentNullException(nameof(value)); } XmlElement keyInfoElement = value; _id = Utils.GetAttribute(keyInfoElement, "Id", SignedXml.XmlDsigNamespaceUrl); if (!Utils.VerifyAttributes(keyInfoElement, "Id")) { throw new CryptographicException(SR.Cryptography_Xml_InvalidElement, "KeyInfo"); } XmlNode child = keyInfoElement.FirstChild; while (child != null) { XmlElement elem = child as XmlElement; if (elem != null) { // Create the right type of KeyInfoClause; we use a combination of the namespace and tag name (local name) string kicString = elem.NamespaceURI + " " + elem.LocalName; // Special-case handling for KeyValue -- we have to go one level deeper if (kicString == "http://www.w3.org/2000/09/xmldsig# KeyValue") { if (!Utils.VerifyAttributes(elem, (string[])null)) { throw new CryptographicException(SR.Cryptography_Xml_InvalidElement, "KeyInfo/KeyValue"); } XmlNodeList nodeList2 = elem.ChildNodes; foreach (XmlNode node2 in nodeList2) { XmlElement elem2 = node2 as XmlElement; if (elem2 != null) { kicString += "/" + elem2.LocalName; break; } } } KeyInfoClause keyInfoClause = CryptoHelpers.CreateFromName <KeyInfoClause>(kicString); // if we don't know what kind of KeyInfoClause we're looking at, use a generic KeyInfoNode: if (keyInfoClause == null) { keyInfoClause = new KeyInfoNode(); } // Ask the create clause to fill itself with the corresponding XML keyInfoClause.LoadXml(elem); // Add it to our list of KeyInfoClauses AddClause(keyInfoClause); } child = child.NextSibling; } }
public override void LoadXml(XmlElement value) { if (value == null) { throw new ArgumentNullException("value"); } this.m_uri = Utils.GetAttribute(value, "URI", "http://www.w3.org/2000/09/xmldsig#"); this.m_type = Utils.GetAttribute(value, "Type", "http://www.w3.org/2000/09/xmldsig#"); }
public override void LoadXml(XmlElement value) { if (value == null) { throw new ArgumentNullException(nameof(value)); } _uri = Utils.GetAttribute(value, "URI", SignedXml.XmlDsigNamespaceUrl); _type = Utils.GetAttribute(value, "Type", SignedXml.XmlDsigNamespaceUrl); }
public override void LoadXml(XmlElement value) { if (value == null) { throw new ArgumentNullException("value"); } XmlElement retrievalMethodElement = value; m_uri = Utils.GetAttribute(value, "URI", SignedXml.XmlDsigNamespaceUrl); m_type = Utils.GetAttribute(value, "Type", SignedXml.XmlDsigNamespaceUrl); }
public void LoadXml(XmlElement value) { if (value == null) { throw new ArgumentNullException("value"); } this.m_id = Utils.GetAttribute(value, "Id", "http://www.w3.org/2000/09/xmldsig#"); this.m_mimeType = Utils.GetAttribute(value, "MimeType", "http://www.w3.org/2000/09/xmldsig#"); this.m_encoding = Utils.GetAttribute(value, "Encoding", "http://www.w3.org/2000/09/xmldsig#"); foreach (XmlNode node in value.ChildNodes) { this.m_elData.Add(node); } this.m_cachedXml = value; }
public void LoadXml(XmlElement value) { if (value == null) { throw new ArgumentNullException("value"); } if (value.LocalName != "EncryptionProperty" || value.NamespaceURI != EncryptedXml.XmlEncNamespaceUrl) { throw new CryptographicException(SecurityResources.GetResourceString("Cryptography_Xml_InvalidEncryptionProperty")); } // cache the Xml _cachedXml = value; _id = Utils.GetAttribute(value, "Id", EncryptedXml.XmlEncNamespaceUrl); _target = Utils.GetAttribute(value, "Target", EncryptedXml.XmlEncNamespaceUrl); _elemProp = value; }
public override void LoadInnerXml(XmlNodeList nodeList) { if (nodeList != null) { foreach (XmlNode n in nodeList) { XmlElement e = n as XmlElement; if (e != null && e.LocalName.Equals("InclusiveNamespaces") && e.NamespaceURI.Equals(SignedXml.XmlDsigExcC14NTransformUrl) && Utils.HasAttribute(e, "PrefixList", SignedXml.XmlDsigNamespaceUrl)) { InclusiveNamespacesPrefixList = Utils.GetAttribute(e, "PrefixList", SignedXml.XmlDsigNamespaceUrl); return; } } } }
public void LoadXml(XmlElement value) { if (value == null) { throw new ArgumentNullException("value"); } m_id = Utils.GetAttribute(value, "Id", SignedXml.XmlDsigNamespaceUrl); m_mimeType = Utils.GetAttribute(value, "MimeType", SignedXml.XmlDsigNamespaceUrl); m_encoding = Utils.GetAttribute(value, "Encoding", SignedXml.XmlDsigNamespaceUrl); foreach (XmlNode node in value.ChildNodes) { m_elData.Add(node); } // Save away the cached value m_cachedXml = value; }
public void LoadXml(XmlElement value) { if (value == null) { throw new ArgumentNullException("value"); } XmlNamespaceManager nsmgr = new XmlNamespaceManager(value.OwnerDocument.NameTable); nsmgr.AddNamespace("enc", "http://www.w3.org/2001/04/xmlenc#"); XmlElement element = value; this.m_algorithm = Utils.GetAttribute(element, "Algorithm", "http://www.w3.org/2001/04/xmlenc#"); XmlNode node = value.SelectSingleNode("enc:KeySize", nsmgr); if (node != null) { this.KeySize = Convert.ToInt32(Utils.DiscardWhiteSpaces(node.InnerText), (IFormatProvider)null); } this.m_cachedXml = value; }
public override void LoadXml(XmlElement value) { if (value == null) { throw new ArgumentNullException("value"); } this.ReferenceType = value.LocalName; this.Uri = Utils.GetAttribute(value, "URI", EncryptedXml.XmlEncNamespaceUrl); // Transforms XmlNamespaceManager nsm = new XmlNamespaceManager(value.OwnerDocument.NameTable); nsm.AddNamespace("enc", EncryptedXml.XmlEncNamespaceUrl); XmlNode transformsNode = value.SelectSingleNode("enc:Transforms", nsm); if (transformsNode != null) { this.TransformChain.LoadXml(transformsNode as XmlElement); } // cache the Xml m_cachedXml = value; }
public virtual void LoadXml(XmlElement value) { if (value == null) { throw new ArgumentNullException(nameof(value)); } ReferenceType = value.LocalName; Uri = Utils.GetAttribute(value, "URI", EncryptedXml.XmlEncNamespaceUrl); // Transforms XmlNamespaceManager nsm = new XmlNamespaceManager(value.OwnerDocument.NameTable); nsm.AddNamespace("ds", SignedXml.XmlDsigNamespaceUrl); XmlNode transformsNode = value.SelectSingleNode("ds:Transforms", nsm); if (transformsNode != null) { TransformChain.LoadXml(transformsNode as XmlElement); } // cache the Xml _cachedXml = value; }
public void LoadXml(XmlElement value) { // Make sure we don't get passed null if (value == null) { throw new ArgumentNullException("value"); } // Signature XmlElement signatureElement = value; if (!signatureElement.LocalName.Equals("Signature")) { throw new CryptographicException(SecurityResources.GetResourceString("Cryptography_Xml_InvalidElement"), "Signature"); } // Attributes m_id = Utils.GetAttribute(signatureElement, "Id", SignedXml.XmlDsigNamespaceUrl); if (!Utils.VerifyAttributes(signatureElement, "Id")) { throw new CryptographicException(SecurityResources.GetResourceString("Cryptography_Xml_InvalidElement"), "Signature"); } XmlNamespaceManager nsm = new XmlNamespaceManager(value.OwnerDocument.NameTable); nsm.AddNamespace("ds", SignedXml.XmlDsigNamespaceUrl); int expectedChildNodes = 0; // SignedInfo XmlNodeList signedInfoNodes = signatureElement.SelectNodes("ds:SignedInfo", nsm); if (signedInfoNodes == null || signedInfoNodes.Count == 0 || (!Utils.GetAllowAdditionalSignatureNodes() && signedInfoNodes.Count > 1)) { throw new CryptographicException(SecurityResources.GetResourceString("Cryptography_Xml_InvalidElement"), "SignedInfo"); } XmlElement signedInfoElement = signedInfoNodes[0] as XmlElement; expectedChildNodes += signedInfoNodes.Count; this.SignedInfo = new SignedInfo(); this.SignedInfo.LoadXml(signedInfoElement); // SignatureValue XmlNodeList signatureValueNodes = signatureElement.SelectNodes("ds:SignatureValue", nsm); if (signatureValueNodes == null || signatureValueNodes.Count == 0 || (!Utils.GetAllowAdditionalSignatureNodes() && signatureValueNodes.Count > 1)) { throw new CryptographicException(SecurityResources.GetResourceString("Cryptography_Xml_InvalidElement"), "SignatureValue"); } XmlElement signatureValueElement = signatureValueNodes[0] as XmlElement; expectedChildNodes += signatureValueNodes.Count; m_signatureValue = Convert.FromBase64String(Utils.DiscardWhiteSpaces(signatureValueElement.InnerText)); m_signatureValueId = Utils.GetAttribute(signatureValueElement, "Id", SignedXml.XmlDsigNamespaceUrl); if (!Utils.VerifyAttributes(signatureValueElement, "Id")) { throw new CryptographicException(SecurityResources.GetResourceString("Cryptography_Xml_InvalidElement"), "SignatureValue"); } // KeyInfo - optional single element XmlNodeList keyInfoNodes = signatureElement.SelectNodes("ds:KeyInfo", nsm); m_keyInfo = new KeyInfo(); if (keyInfoNodes != null) { if (!Utils.GetAllowAdditionalSignatureNodes() && keyInfoNodes.Count > 1) { throw new CryptographicException(SecurityResources.GetResourceString("Cryptography_Xml_InvalidElement"), "KeyInfo"); } foreach (XmlNode node in keyInfoNodes) { XmlElement keyInfoElement = node as XmlElement; if (keyInfoElement != null) { m_keyInfo.LoadXml(keyInfoElement); } } expectedChildNodes += keyInfoNodes.Count; } // Object - zero or more elements allowed XmlNodeList objectNodes = signatureElement.SelectNodes("ds:Object", nsm); m_embeddedObjects.Clear(); if (objectNodes != null) { foreach (XmlNode node in objectNodes) { XmlElement objectElement = node as XmlElement; if (objectElement != null) { DataObject dataObj = new DataObject(); dataObj.LoadXml(objectElement); m_embeddedObjects.Add(dataObj); } } expectedChildNodes += objectNodes.Count; } // Select all elements that have Id attributes XmlNodeList nodeList = signatureElement.SelectNodes("//*[@Id]", nsm); if (nodeList != null) { foreach (XmlNode node in nodeList) { m_referencedItems.Add(node); } } // Verify that there aren't any extra nodes that aren't allowed if (!Utils.GetAllowAdditionalSignatureNodes() && (signatureElement.SelectNodes("*").Count != expectedChildNodes)) { throw new CryptographicException(SecurityResources.GetResourceString("Cryptography_Xml_InvalidElement"), "Signature"); } }
// What we want to do is pump the input throug the TransformChain and then // hash the output of the chain document is the document context for resolving relative references internal byte[] CalculateHashValue(XmlDocument document, CanonicalXmlNodeList refList) { // refList is a list of elements that might be targets of references // Now's the time to create our hashing algorithm _hashAlgorithm = CryptoHelpers.CreateFromName <HashAlgorithm>(_digestMethod); if (_hashAlgorithm == null) { throw new CryptographicException(SR.Cryptography_Xml_CreateHashAlgorithmFailed); } // Let's go get the target. string baseUri = (document == null ? System.Environment.CurrentDirectory + "\\" : document.BaseURI); Stream hashInputStream = null; WebResponse response = null; Stream inputStream = null; XmlResolver resolver = null; byte[] hashval = null; try { switch (_refTargetType) { case ReferenceTargetType.Stream: // This is the easiest case. We already have a stream, so just pump it through the TransformChain resolver = (SignedXml.ResolverSet ? SignedXml._xmlResolver : new XmlSecureResolver(new XmlUrlResolver(), baseUri)); hashInputStream = TransformChain.TransformToOctetStream((Stream)_refTarget, resolver, baseUri); break; case ReferenceTargetType.UriReference: // Second-easiest case -- dereference the URI & pump through the TransformChain // handle the special cases where the URI is null (meaning whole doc) // or the URI is just a fragment (meaning a reference to an embedded Object) if (_uri == null) { // We need to create a DocumentNavigator out of the XmlElement resolver = (SignedXml.ResolverSet ? SignedXml._xmlResolver : new XmlSecureResolver(new XmlUrlResolver(), baseUri)); // In the case of a Uri-less reference, we will simply pass null to the transform chain. // The first transform in the chain is expected to know how to retrieve the data to hash. hashInputStream = TransformChain.TransformToOctetStream((Stream)null, resolver, baseUri); } else if (_uri.Length == 0) { // This is the self-referential case. First, check that we have a document context. // The Enveloped Signature does not discard comments as per spec; those will be omitted during the transform chain process if (document == null) { throw new CryptographicException(SR.Format(SR.Cryptography_Xml_SelfReferenceRequiresContext, _uri)); } // Normalize the containing document resolver = (SignedXml.ResolverSet ? SignedXml._xmlResolver : new XmlSecureResolver(new XmlUrlResolver(), baseUri)); XmlDocument docWithNoComments = Utils.DiscardComments(Utils.PreProcessDocumentInput(document, resolver, baseUri)); hashInputStream = TransformChain.TransformToOctetStream(docWithNoComments, resolver, baseUri); } else if (_uri[0] == '#') { // If we get here, then we are constructing a Reference to an embedded DataObject // referenced by an Id = attribute. Go find the relevant object bool discardComments = true; string idref = Utils.GetIdFromLocalUri(_uri, out discardComments); if (idref == "xpointer(/)") { // This is a self referencial case if (document == null) { throw new CryptographicException(SR.Format(SR.Cryptography_Xml_SelfReferenceRequiresContext, _uri)); } // We should not discard comments here!!! resolver = (SignedXml.ResolverSet ? SignedXml._xmlResolver : new XmlSecureResolver(new XmlUrlResolver(), baseUri)); hashInputStream = TransformChain.TransformToOctetStream(Utils.PreProcessDocumentInput(document, resolver, baseUri), resolver, baseUri); break; } XmlElement elem = SignedXml.GetIdElement(document, idref); if (elem != null) { _namespaces = Utils.GetPropagatedAttributes(elem.ParentNode as XmlElement); } if (elem == null) { // Go throw the referenced items passed in if (refList != null) { foreach (XmlNode node in refList) { XmlElement tempElem = node as XmlElement; if ((tempElem != null) && (Utils.HasAttribute(tempElem, "Id", SignedXml.XmlDsigNamespaceUrl)) && (Utils.GetAttribute(tempElem, "Id", SignedXml.XmlDsigNamespaceUrl).Equals(idref))) { elem = tempElem; if (_signedXml._context != null) { _namespaces = Utils.GetPropagatedAttributes(_signedXml._context); } break; } } } } if (elem == null) { throw new CryptographicException(SR.Cryptography_Xml_InvalidReference); } XmlDocument normDocument = Utils.PreProcessElementInput(elem, resolver, baseUri); // Add the propagated attributes Utils.AddNamespaces(normDocument.DocumentElement, _namespaces); resolver = (SignedXml.ResolverSet ? SignedXml._xmlResolver : new XmlSecureResolver(new XmlUrlResolver(), baseUri)); if (discardComments) { // We should discard comments before going into the transform chain XmlDocument docWithNoComments = Utils.DiscardComments(normDocument); hashInputStream = TransformChain.TransformToOctetStream(docWithNoComments, resolver, baseUri); } else { // This is an XPointer reference, do not discard comments!!! hashInputStream = TransformChain.TransformToOctetStream(normDocument, resolver, baseUri); } } else { throw new CryptographicException(SR.Cryptography_Xml_UriNotResolved, _uri); } break; case ReferenceTargetType.XmlElement: // We need to create a DocumentNavigator out of the XmlElement resolver = (SignedXml.ResolverSet ? SignedXml._xmlResolver : new XmlSecureResolver(new XmlUrlResolver(), baseUri)); hashInputStream = TransformChain.TransformToOctetStream(Utils.PreProcessElementInput((XmlElement)_refTarget, resolver, baseUri), resolver, baseUri); break; default: throw new CryptographicException(SR.Cryptography_Xml_UriNotResolved, _uri); } // Compute the new hash value hashInputStream = SignedXmlDebugLog.LogReferenceData(this, hashInputStream); hashval = _hashAlgorithm.ComputeHash(hashInputStream); } finally { if (hashInputStream != null) { hashInputStream.Close(); } if (response != null) { response.Close(); } if (inputStream != null) { inputStream.Close(); } } return(hashval); }
public override void LoadXml(XmlElement value) { if (value == null) { throw new ArgumentNullException("value"); } XmlNamespaceManager nsm = new XmlNamespaceManager(value.OwnerDocument.NameTable); nsm.AddNamespace("enc", EncryptedXml.XmlEncNamespaceUrl); nsm.AddNamespace("ds", SignedXml.XmlDsigNamespaceUrl); this.Id = Utils.GetAttribute(value, "Id", EncryptedXml.XmlEncNamespaceUrl); this.Type = Utils.GetAttribute(value, "Type", EncryptedXml.XmlEncNamespaceUrl); this.MimeType = Utils.GetAttribute(value, "MimeType", EncryptedXml.XmlEncNamespaceUrl); this.Encoding = Utils.GetAttribute(value, "Encoding", EncryptedXml.XmlEncNamespaceUrl); XmlNode encryptionMethodNode = value.SelectSingleNode("enc:EncryptionMethod", nsm); // EncryptionMethod this.EncryptionMethod = new EncryptionMethod(); if (encryptionMethodNode != null) { this.EncryptionMethod.LoadXml(encryptionMethodNode as XmlElement); } // Key Info this.KeyInfo = new KeyInfo(); XmlNode keyInfoNode = value.SelectSingleNode("ds:KeyInfo", nsm); if (keyInfoNode != null) { this.KeyInfo.LoadXml(keyInfoNode as XmlElement); } // CipherData XmlNode cipherDataNode = value.SelectSingleNode("enc:CipherData", nsm); if (cipherDataNode == null) { throw new CryptographicException(SecurityResources.GetResourceString("Cryptography_Xml_MissingCipherData")); } this.CipherData = new CipherData(); this.CipherData.LoadXml(cipherDataNode as XmlElement); // EncryptionProperties XmlNode encryptionPropertiesNode = value.SelectSingleNode("enc:EncryptionProperties", nsm); if (encryptionPropertiesNode != null) { // Select the EncryptionProperty elements inside the EncryptionProperties element XmlNodeList encryptionPropertyNodes = encryptionPropertiesNode.SelectNodes("enc:EncryptionProperty", nsm); if (encryptionPropertyNodes != null) { foreach (XmlNode node in encryptionPropertyNodes) { EncryptionProperty ep = new EncryptionProperty(); ep.LoadXml(node as XmlElement); this.EncryptionProperties.Add(ep); } } } // Save away the cached value m_cachedXml = value; }
public void LoadXml(XmlElement value) { if (value == null) { throw new ArgumentNullException("value"); } // SignedInfo XmlElement signedInfoElement = value; if (!signedInfoElement.LocalName.Equals("SignedInfo")) { throw new CryptographicException(SecurityResources.GetResourceString("Cryptography_Xml_InvalidElement"), "SignedInfo"); } XmlNamespaceManager nsm = new XmlNamespaceManager(value.OwnerDocument.NameTable); nsm.AddNamespace("ds", SignedXml.XmlDsigNamespaceUrl); int expectedChildNodes = 0; // Id attribute -- optional m_id = Utils.GetAttribute(signedInfoElement, "Id", SignedXml.XmlDsigNamespaceUrl); if (!Utils.VerifyAttributes(signedInfoElement, "Id")) { throw new CryptographicException(SecurityResources.GetResourceString("Cryptography_Xml_InvalidElement"), "SignedInfo"); } // CanonicalizationMethod -- must be present XmlNodeList canonicalizationMethodNodes = signedInfoElement.SelectNodes("ds:CanonicalizationMethod", nsm); if (canonicalizationMethodNodes == null || canonicalizationMethodNodes.Count == 0 || (!Utils.GetAllowAdditionalSignatureNodes() && canonicalizationMethodNodes.Count > 1)) { throw new CryptographicException(SecurityResources.GetResourceString("Cryptography_Xml_InvalidElement"), "SignedInfo/CanonicalizationMethod"); } XmlElement canonicalizationMethodElement = canonicalizationMethodNodes.Item(0) as XmlElement; expectedChildNodes += canonicalizationMethodNodes.Count; m_canonicalizationMethod = Utils.GetAttribute(canonicalizationMethodElement, "Algorithm", SignedXml.XmlDsigNamespaceUrl); if ((m_canonicalizationMethod == null && !Utils.GetSkipSignatureAttributeEnforcement()) || !Utils.VerifyAttributes(canonicalizationMethodElement, "Algorithm")) { throw new CryptographicException(SecurityResources.GetResourceString("Cryptography_Xml_InvalidElement"), "SignedInfo/CanonicalizationMethod"); } m_canonicalizationMethodTransform = null; if (canonicalizationMethodElement.ChildNodes.Count > 0) { this.CanonicalizationMethodObject.LoadInnerXml(canonicalizationMethodElement.ChildNodes); } // SignatureMethod -- must be present XmlNodeList signatureMethodNodes = signedInfoElement.SelectNodes("ds:SignatureMethod", nsm); if (signatureMethodNodes == null || signatureMethodNodes.Count == 0 || (!Utils.GetAllowAdditionalSignatureNodes() && signatureMethodNodes.Count > 1)) { throw new CryptographicException(SecurityResources.GetResourceString("Cryptography_Xml_InvalidElement"), "SignedInfo/SignatureMethod"); } XmlElement signatureMethodElement = signatureMethodNodes.Item(0) as XmlElement; expectedChildNodes += signatureMethodNodes.Count; m_signatureMethod = Utils.GetAttribute(signatureMethodElement, "Algorithm", SignedXml.XmlDsigNamespaceUrl); if ((m_signatureMethod == null && !Utils.GetSkipSignatureAttributeEnforcement()) || !Utils.VerifyAttributes(signatureMethodElement, "Algorithm")) { throw new CryptographicException(SecurityResources.GetResourceString("Cryptography_Xml_InvalidElement"), "SignedInfo/SignatureMethod"); } // Now get the output length if we are using a MAC algorithm XmlElement signatureLengthElement = signatureMethodElement.SelectSingleNode("ds:HMACOutputLength", nsm) as XmlElement; if (signatureLengthElement != null) { m_signatureLength = signatureLengthElement.InnerXml; } // flush out any reference that was there m_references.Clear(); // Reference - 0 or more XmlNodeList referenceNodes = signedInfoElement.SelectNodes("ds:Reference", nsm); if (referenceNodes != null) { if (referenceNodes.Count > Utils.GetMaxReferencesPerSignedInfo()) { throw new CryptographicException(SecurityResources.GetResourceString("Cryptography_Xml_InvalidElement"), "SignedInfo/Reference"); } foreach (XmlNode node in referenceNodes) { XmlElement referenceElement = node as XmlElement; Reference reference = new Reference(); AddReference(reference); reference.LoadXml(referenceElement); } expectedChildNodes += referenceNodes.Count; } // Verify that there aren't any extra nodes that aren't allowed if (!Utils.GetAllowAdditionalSignatureNodes() && (signedInfoElement.SelectNodes("*").Count != expectedChildNodes)) { throw new CryptographicException(SecurityResources.GetResourceString("Cryptography_Xml_InvalidElement"), "SignedInfo"); } // Save away the cached value m_cachedXml = signedInfoElement; }
public void LoadXml(XmlElement value) { if (value == null) { throw new ArgumentNullException(nameof(value)); } _id = Utils.GetAttribute(value, "Id", SignedXml.XmlDsigNamespaceUrl); _uri = Utils.GetAttribute(value, "URI", SignedXml.XmlDsigNamespaceUrl); _type = Utils.GetAttribute(value, "Type", SignedXml.XmlDsigNamespaceUrl); if (!Utils.VerifyAttributes(value, new string[] { "Id", "URI", "Type" })) { throw new CryptographicException(SR.Cryptography_Xml_InvalidElement, "Reference"); } XmlNamespaceManager nsm = new XmlNamespaceManager(value.OwnerDocument.NameTable); nsm.AddNamespace("ds", SignedXml.XmlDsigNamespaceUrl); // Transforms bool hasTransforms = false; TransformChain = new TransformChain(); XmlNodeList transformsNodes = value.SelectNodes("ds:Transforms", nsm); if (transformsNodes != null && transformsNodes.Count != 0) { if (transformsNodes.Count > 1) { throw new CryptographicException(SR.Cryptography_Xml_InvalidElement, "Reference/Transforms"); } hasTransforms = true; XmlElement transformsElement = transformsNodes[0] as XmlElement; if (!Utils.VerifyAttributes(transformsElement, (string[])null)) { throw new CryptographicException(SR.Cryptography_Xml_InvalidElement, "Reference/Transforms"); } XmlNodeList transformNodes = transformsElement.SelectNodes("ds:Transform", nsm); if (transformNodes != null) { if (transformNodes.Count != transformsElement.SelectNodes("*").Count) { throw new CryptographicException(SR.Cryptography_Xml_InvalidElement, "Reference/Transforms"); } if (transformNodes.Count > Utils.MaxTransformsPerReference) { throw new CryptographicException(SR.Cryptography_Xml_InvalidElement, "Reference/Transforms"); } foreach (XmlNode transformNode in transformNodes) { XmlElement transformElement = transformNode as XmlElement; string algorithm = Utils.GetAttribute(transformElement, "Algorithm", SignedXml.XmlDsigNamespaceUrl); if (algorithm == null || !Utils.VerifyAttributes(transformElement, "Algorithm")) { throw new CryptographicException(SR.Cryptography_Xml_UnknownTransform); } Transform transform = CryptoHelpers.CreateFromName <Transform>(algorithm); if (transform == null) { throw new CryptographicException(SR.Cryptography_Xml_UnknownTransform); } AddTransform(transform); // let the transform read the children of the transformElement for data transform.LoadInnerXml(transformElement.ChildNodes); // Hack! this is done to get around the lack of here() function support in XPath if (transform is XmlDsigEnvelopedSignatureTransform) { // Walk back to the Signature tag. Find the nearest signature ancestor // Signature-->SignedInfo-->Reference-->Transforms-->Transform XmlNode signatureTag = transformElement.SelectSingleNode("ancestor::ds:Signature[1]", nsm); XmlNodeList signatureList = transformElement.SelectNodes("//ds:Signature", nsm); if (signatureList != null) { int position = 0; foreach (XmlNode node in signatureList) { position++; if (node == signatureTag) { ((XmlDsigEnvelopedSignatureTransform)transform).SignaturePosition = position; break; } } } } } } } // DigestMethod XmlNodeList digestMethodNodes = value.SelectNodes("ds:DigestMethod", nsm); if (digestMethodNodes == null || digestMethodNodes.Count == 0 || digestMethodNodes.Count > 1) { throw new CryptographicException(SR.Cryptography_Xml_InvalidElement, "Reference/DigestMethod"); } XmlElement digestMethodElement = digestMethodNodes[0] as XmlElement; _digestMethod = Utils.GetAttribute(digestMethodElement, "Algorithm", SignedXml.XmlDsigNamespaceUrl); if (_digestMethod == null || !Utils.VerifyAttributes(digestMethodElement, "Algorithm")) { throw new CryptographicException(SR.Cryptography_Xml_InvalidElement, "Reference/DigestMethod"); } // DigestValue XmlNodeList digestValueNodes = value.SelectNodes("ds:DigestValue", nsm); if (digestValueNodes == null || digestValueNodes.Count == 0 || digestValueNodes.Count > 1) { throw new CryptographicException(SR.Cryptography_Xml_InvalidElement, "Reference/DigestValue"); } XmlElement digestValueElement = digestValueNodes[0] as XmlElement; _digestValue = Convert.FromBase64String(Utils.DiscardWhiteSpaces(digestValueElement.InnerText)); if (!Utils.VerifyAttributes(digestValueElement, (string[])null)) { throw new CryptographicException(SR.Cryptography_Xml_InvalidElement, "Reference/DigestValue"); } // Verify that there aren't any extra nodes that aren't allowed int expectedChildNodeCount = hasTransforms ? 3 : 2; if (value.SelectNodes("*").Count != expectedChildNodeCount) { throw new CryptographicException(SR.Cryptography_Xml_InvalidElement, "Reference"); } // cache the Xml _cachedXml = value; }
public void LoadXml(XmlElement value) { if (value == null) { throw new ArgumentNullException(nameof(value)); } // SignedInfo XmlElement signedInfoElement = value; if (!signedInfoElement.LocalName.Equals("SignedInfo")) { throw new CryptographicException(SR.Cryptography_Xml_InvalidElement, "SignedInfo"); } XmlNamespaceManager nsm = new XmlNamespaceManager(value.OwnerDocument.NameTable); nsm.AddNamespace("ds", SignedXml.XmlDsigNamespaceUrl); // Id attribute -- optional _id = Utils.GetAttribute(signedInfoElement, "Id", SignedXml.XmlDsigNamespaceUrl); // CanonicalizationMethod -- must be present XmlElement canonicalizationMethodElement = signedInfoElement.SelectSingleNode("ds:CanonicalizationMethod", nsm) as XmlElement; if (canonicalizationMethodElement == null) { throw new CryptographicException(SR.Cryptography_Xml_InvalidElement, "SignedInfo/CanonicalizationMethod"); } _canonicalizationMethod = Utils.GetAttribute(canonicalizationMethodElement, "Algorithm", SignedXml.XmlDsigNamespaceUrl); _canonicalizationMethodTransform = null; if (canonicalizationMethodElement.ChildNodes.Count > 0) { CanonicalizationMethodObject.LoadInnerXml(canonicalizationMethodElement.ChildNodes); } // SignatureMethod -- must be present XmlElement signatureMethodElement = signedInfoElement.SelectSingleNode("ds:SignatureMethod", nsm) as XmlElement; if (signatureMethodElement == null) { throw new CryptographicException(SR.Cryptography_Xml_InvalidElement, "SignedInfo/SignatureMethod"); } _signatureMethod = Utils.GetAttribute(signatureMethodElement, "Algorithm", SignedXml.XmlDsigNamespaceUrl); // Now get the output length if we are using a MAC algorithm XmlElement signatureLengthElement = signatureMethodElement.SelectSingleNode("ds:HMACOutputLength", nsm) as XmlElement; if (signatureLengthElement != null) { _signatureLength = signatureLengthElement.InnerXml; } // flush out any reference that was there _references.Clear(); XmlNodeList referenceNodes = signedInfoElement.SelectNodes("ds:Reference", nsm); if (referenceNodes != null) { foreach (XmlNode node in referenceNodes) { XmlElement referenceElement = node as XmlElement; Reference reference = new Reference(); AddReference(reference); reference.LoadXml(referenceElement); } } // Save away the cached value _cachedXml = signedInfoElement; }
// What we want to do is pump the input throug the TransformChain and then // hash the output of the chain document is the document context for resolving relative references internal void UpdateHashValue(XmlDocument document, CanonicalXmlNodeList refList) { // refList is a list of elements that might be targets of references // Now's the time to create our hashing algorithm _hashAlgorithm = SHA1.Create(); // Let's go get the target. string baseUri = document.BaseURI; Stream hashInputStream = null; byte[] hashval = null; try { // Second-easiest case -- dereference the URI & pump through the TransformChain // handle the special cases where the URI is null (meaning whole doc) // or the URI is just a fragment (meaning a reference to an embedded Object) if (_uri[0] == '#') { // If we get here, then we are constructing a Reference to an embedded DataObject // referenced by an Id = attribute. Go find the relevant object bool discardComments = true; string idref = Utils.GetIdFromLocalUri(_uri, out discardComments); XmlElement elem = document.GetElementsByTagName(tag)[0] as XmlElement; if (elem != null) { _namespaces = Utils.GetPropagatedAttributes(elem.ParentNode as XmlElement); } if (elem == null) { // Go throw the referenced items passed in if (refList != null) { foreach (XmlNode node in refList) { XmlElement tempElem = node as XmlElement; if ((tempElem != null) && (Utils.HasAttribute(tempElem, "Id", SignedXml.XmlDsigNamespaceUrl)) && (Utils.GetAttribute(tempElem, "Id", SignedXml.XmlDsigNamespaceUrl).Equals(idref))) { elem = tempElem; if (_signedXml._context != null) { _namespaces = Utils.GetPropagatedAttributes(_signedXml._context); } break; } } } } XmlDocument normDocument = Utils.PreProcessElementInput(elem); // Add the propagated attributes Utils.AddNamespaces(normDocument.DocumentElement, _namespaces); if (discardComments) { // We should discard comments before going into the transform chain hashInputStream = TransformChain.TransformToOctetStream(normDocument); } else { // This is an XPointer reference, do not discard comments!!! hashInputStream = TransformChain.TransformToOctetStream(normDocument); } } // Compute the new hash value hashval = _hashAlgorithm.ComputeHash(hashInputStream); } finally { if (hashInputStream != null) { hashInputStream.Dispose(); } } DigestValue = hashval; }
public void LoadXml(XmlElement value) { // Make sure we don't get passed null if (value == null) { throw new ArgumentNullException("value"); } // Signature XmlElement signatureElement = value; if (!signatureElement.LocalName.Equals("Signature")) { throw new CryptographicException(SecurityResources.GetResourceString("Cryptography_Xml_InvalidElement"), "Signature"); } // Id attribute -- optional m_id = Utils.GetAttribute(signatureElement, "Id", SignedXml.XmlDsigNamespaceUrl); XmlNamespaceManager nsm = new XmlNamespaceManager(value.OwnerDocument.NameTable); nsm.AddNamespace("ds", SignedXml.XmlDsigNamespaceUrl); // SignedInfo XmlElement signedInfoElement = signatureElement.SelectSingleNode("ds:SignedInfo", nsm) as XmlElement; if (signedInfoElement == null) { throw new CryptographicException(SecurityResources.GetResourceString("Cryptography_Xml_InvalidElement"), "SignedInfo"); } this.SignedInfo = new SignedInfo(); this.SignedInfo.LoadXml(signedInfoElement); // SignatureValue XmlElement signatureValueElement = signatureElement.SelectSingleNode("ds:SignatureValue", nsm) as XmlElement; if (signatureValueElement == null) { throw new CryptographicException(SecurityResources.GetResourceString("Cryptography_Xml_InvalidElement"), "SignedInfo/SignatureValue"); } m_signatureValue = Convert.FromBase64String(Utils.DiscardWhiteSpaces(signatureValueElement.InnerText)); m_signatureValueId = Utils.GetAttribute(signatureValueElement, "Id", SignedXml.XmlDsigNamespaceUrl); XmlNodeList keyInfoNodes = signatureElement.SelectNodes("ds:KeyInfo", nsm); m_keyInfo = new KeyInfo(); if (keyInfoNodes != null) { foreach (XmlNode node in keyInfoNodes) { XmlElement keyInfoElement = node as XmlElement; if (keyInfoElement != null) { m_keyInfo.LoadXml(keyInfoElement); } } } XmlNodeList objectNodes = signatureElement.SelectNodes("ds:Object", nsm); m_embeddedObjects.Clear(); if (objectNodes != null) { foreach (XmlNode node in objectNodes) { XmlElement objectElement = node as XmlElement; if (objectElement != null) { DataObject dataObj = new DataObject(); dataObj.LoadXml(objectElement); m_embeddedObjects.Add(dataObj); } } } // Select all elements that have Id attributes XmlNodeList nodeList = signatureElement.SelectNodes("//*[@Id]", nsm); if (nodeList != null) { foreach (XmlNode node in nodeList) { m_referencedItems.Add(node); } } }
public void LoadXml(XmlElement value) { if (value == null) { throw new ArgumentNullException("value"); } m_id = Utils.GetAttribute(value, "Id", SignedXml.XmlDsigNamespaceUrl); m_uri = Utils.GetAttribute(value, "URI", SignedXml.XmlDsigNamespaceUrl); m_type = Utils.GetAttribute(value, "Type", SignedXml.XmlDsigNamespaceUrl); XmlNamespaceManager nsm = new XmlNamespaceManager(value.OwnerDocument.NameTable); nsm.AddNamespace("ds", SignedXml.XmlDsigNamespaceUrl); // Transforms this.TransformChain = new TransformChain(); XmlElement transformsElement = value.SelectSingleNode("ds:Transforms", nsm) as XmlElement; if (transformsElement != null) { XmlNodeList transformNodes = transformsElement.SelectNodes("ds:Transform", nsm); if (transformNodes != null) { foreach (XmlNode transformNode in transformNodes) { XmlElement transformElement = transformNode as XmlElement; string algorithm = Utils.GetAttribute(transformElement, "Algorithm", SignedXml.XmlDsigNamespaceUrl); Transform transform = CryptoConfig.CreateFromName(algorithm) as Transform; if (transform == null) { throw new CryptographicException(SecurityResources.GetResourceString("Cryptography_Xml_UnknownTransform")); } AddTransform(transform); // let the transform read the children of the transformElement for data transform.LoadInnerXml(transformElement.ChildNodes); // Hack! this is done to get around the lack of here() function support in XPath if (transform is XmlDsigEnvelopedSignatureTransform) { // Walk back to the Signature tag. Find the nearest signature ancestor // Signature-->SignedInfo-->Reference-->Transforms-->Transform XmlNode signatureTag = transformElement.SelectSingleNode("ancestor::ds:Signature[1]", nsm); XmlNodeList signatureList = transformElement.SelectNodes("//ds:Signature", nsm); if (signatureList != null) { int position = 0; foreach (XmlNode node in signatureList) { position++; if (node == signatureTag) { ((XmlDsigEnvelopedSignatureTransform)transform).SignaturePosition = position; break; } } } } } } } // DigestMethod XmlElement digestMethodElement = value.SelectSingleNode("ds:DigestMethod", nsm) as XmlElement; if (digestMethodElement == null) { throw new CryptographicException(SecurityResources.GetResourceString("Cryptography_Xml_InvalidElement"), "Reference/DigestMethod"); } m_digestMethod = Utils.GetAttribute(digestMethodElement, "Algorithm", SignedXml.XmlDsigNamespaceUrl); // DigestValue XmlElement digestValueElement = value.SelectSingleNode("ds:DigestValue", nsm) as XmlElement; if (digestValueElement == null) { throw new CryptographicException(SecurityResources.GetResourceString("Cryptography_Xml_InvalidElement"), "Reference/DigestValue"); } m_digestValue = Convert.FromBase64String(Utils.DiscardWhiteSpaces(digestValueElement.InnerText)); // cache the Xml m_cachedXml = value; }
public override void LoadXml(XmlElement value) { if (value == null) { throw new ArgumentNullException(nameof(value)); } XmlNamespaceManager nsm = new XmlNamespaceManager(value.OwnerDocument.NameTable); nsm.AddNamespace("enc", EncryptedXml.XmlEncNamespaceUrl); nsm.AddNamespace("ds", SignedXml.XmlDsigNamespaceUrl); Id = Utils.GetAttribute(value, "Id", EncryptedXml.XmlEncNamespaceUrl); Type = Utils.GetAttribute(value, "Type", EncryptedXml.XmlEncNamespaceUrl); MimeType = Utils.GetAttribute(value, "MimeType", EncryptedXml.XmlEncNamespaceUrl); Encoding = Utils.GetAttribute(value, "Encoding", EncryptedXml.XmlEncNamespaceUrl); Recipient = Utils.GetAttribute(value, "Recipient", EncryptedXml.XmlEncNamespaceUrl); XmlNode encryptionMethodNode = value.SelectSingleNode("enc:EncryptionMethod", nsm); // EncryptionMethod EncryptionMethod = new EncryptionMethod(); if (encryptionMethodNode != null) { EncryptionMethod.LoadXml(encryptionMethodNode as XmlElement); } // Key Info KeyInfo = new KeyInfo(); XmlNode keyInfoNode = value.SelectSingleNode("ds:KeyInfo", nsm); if (keyInfoNode != null) { KeyInfo.LoadXml(keyInfoNode as XmlElement); } // CipherData XmlNode cipherDataNode = value.SelectSingleNode("enc:CipherData", nsm); if (cipherDataNode == null) { throw new CryptographicException(SR.Cryptography_Xml_MissingCipherData); } CipherData = new CipherData(); CipherData.LoadXml(cipherDataNode as XmlElement); // EncryptionProperties XmlNode encryptionPropertiesNode = value.SelectSingleNode("enc:EncryptionProperties", nsm); if (encryptionPropertiesNode != null) { // Select the EncryptionProperty elements inside the EncryptionProperties element XmlNodeList encryptionPropertyNodes = encryptionPropertiesNode.SelectNodes("enc:EncryptionProperty", nsm); if (encryptionPropertyNodes != null) { foreach (XmlNode node in encryptionPropertyNodes) { EncryptionProperty ep = new EncryptionProperty(); ep.LoadXml(node as XmlElement); EncryptionProperties.Add(ep); } } } // CarriedKeyName XmlNode carriedKeyNameNode = value.SelectSingleNode("enc:CarriedKeyName", nsm); if (carriedKeyNameNode != null) { CarriedKeyName = carriedKeyNameNode.InnerText; } // ReferenceList XmlNode referenceListNode = value.SelectSingleNode("enc:ReferenceList", nsm); if (referenceListNode != null) { // Select the DataReference elements inside the ReferenceList element XmlNodeList dataReferenceNodes = referenceListNode.SelectNodes("enc:DataReference", nsm); if (dataReferenceNodes != null) { foreach (XmlNode node in dataReferenceNodes) { DataReference dr = new DataReference(); dr.LoadXml(node as XmlElement); ReferenceList.Add(dr); } } // Select the KeyReference elements inside the ReferenceList element XmlNodeList keyReferenceNodes = referenceListNode.SelectNodes("enc:KeyReference", nsm); if (keyReferenceNodes != null) { foreach (XmlNode node in keyReferenceNodes) { KeyReference kr = new KeyReference(); kr.LoadXml(node as XmlElement); ReferenceList.Add(kr); } } } // Save away the cached value _cachedXml = value; }