Ejemplo n.º 1
0
        public byte[] ComputeDigest()
        {
            BuildDigestedReferences();

            // Check the signature algorithm
            if (SignedInfo.SignatureMethod == null)
            {
                throw new CryptographicException(SecurityResources.GetResourceString("Cryptography_Xml_CreatedKeyFailed"));
            }

            // See if there is a signature description class defined in the Config file
            SignatureDescription signatureDescription = GostCryptoConfig.CreateFromName(SignedInfo.SignatureMethod) as SignatureDescription;

            if (signatureDescription == null)
            {
                throw new CryptographicException(SecurityResources.GetResourceString("Cryptography_Xml_SignatureDescriptionNotCreated"));
            }
            HashAlgorithm hashAlg = signatureDescription.CreateDigest();

            if (hashAlg == null)
            {
                throw new CryptographicException(SecurityResources.GetResourceString("Cryptography_Xml_CreateHashAlgorithmFailed"));
            }

            return(GetC14NDigest(hashAlg));
        }
        internal new void ComputeSignature()
        {
            var customerSigner = new CustomSigner();

            CryptoConfig.AddAlgorithm(typeof(cli_exakvdocsign.RSAPKCS1SHA256SignatureDescription), "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256");

            var methodInfo = typeof(SignedXml).GetMethod("BuildDigestedReferences",
                                                         BindingFlags.Instance | BindingFlags.NonPublic);

            methodInfo.Invoke(this, null);
            SignedInfo.SignatureMethod = "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256";
            //See if there is a signature description class defined in the Config file
            SignatureDescription signatureDescription =
                CryptoConfig.CreateFromName(SignedInfo.SignatureMethod) as SignatureDescription;

            if (signatureDescription == null)
            {
                throw new CryptographicException("Cryptography_Xml_SignatureDescriptionNotCreated");
            }

            var hashAlg = signatureDescription.CreateDigest();

            if (hashAlg == null)
            {
                throw new CryptographicException("Cryptography_Xml_CreateHashAlgorithmFailed");
            }
            var methodInfo2 = typeof(SignedXml).GetMethod("GetC14NDigest", BindingFlags.Instance | BindingFlags.NonPublic);
            var hashvalue   = (byte[])methodInfo2.Invoke(this, new object[] { hashAlg });

            m_signature.SignatureValue = customerSigner.Sign(hashvalue);;
        }
Ejemplo n.º 3
0
    public static Boolean Test()
    {
        Boolean bRes = true;

		SecurityElement el = new SecurityElement("whatever");
//		el.Text = "<Key>RSA</Key><Digest>SHA1</Digest><Formatter>System.Security.Cryptography.RSAPKCS1SignatureFormatter</Formatter><Deformatter>System.Security.Cryptography.RSAPKCS1SignatureFormatter</Deformatter>";
		SecurityElement el_key = new SecurityElement("Key");
		el_key.Text = "RSA";
		SecurityElement el_digest = new SecurityElement("Digest");
		el_digest.Text = "SHA1";
		SecurityElement el_form = new SecurityElement("Formatter");
		el_form.Text = "System.Security.Cryptography.RSAPKCS1SignatureFormatter";
		SecurityElement el_deform = new SecurityElement("Deformatter");
		el_deform.Text = "System.Security.Cryptography.RSAPKCS1SignatureDeformatter";

		el.AddChild(el_key);
		el.AddChild(el_digest);
		el.AddChild(el_form);
		el.AddChild(el_deform);

		SignatureDescription sd_empty = new SignatureDescription();
		
		SignatureDescription sd = new SignatureDescription(el);

		Console.WriteLine(sd.CreateDigest());
		Console.WriteLine(sd.CreateFormatter(RSA.Create()));
		Console.WriteLine(sd.CreateDeformatter(RSA.Create()));

        return bRes;
    }
Ejemplo n.º 4
0
        private static bool CheckSignedInfo(SignedXml signedXml, AsymmetricAlgorithm key)
        {
            //Copied from reflected System.Security.Cryptography.Xml.SignedXml
            SignatureDescription signatureDescription = CryptoConfig.CreateFromName(signedXml.SignatureMethod) as SignatureDescription;

            if (signatureDescription == null)
            {
                throw new CryptographicException(SecurityResources.GetString("Cryptography_Xml_SignatureDescriptionNotCreated"));
            }

            Type type  = Type.GetType(signatureDescription.KeyAlgorithm);
            Type type2 = key.GetType();

            if (type != type2 && !type.IsSubclassOf(type2) && !type2.IsSubclassOf(type))
            {
                return(false);
            }

            HashAlgorithm hashAlgorithm = signatureDescription.CreateDigest();

            if (hashAlgorithm == null)
            {
                throw new CryptographicException(SecurityResources.GetString("Cryptography_Xml_CreateHashAlgorithmFailed"));
            }

            //Except this. The SignedXml class creates and cananicalizes a Signature element without any prefix, rather than using the element from the document provided
            byte[] c14NDigest = GetC14NDigest(signedXml, hashAlgorithm);

            AsymmetricSignatureDeformatter asymmetricSignatureDeformatter = signatureDescription.CreateDeformatter(key);

            return(asymmetricSignatureDeformatter.VerifySignature(c14NDigest, signedXml.Signature.SignatureValue));
        }
Ejemplo n.º 5
0
    public static Boolean Test()
    {
        Boolean bRes = true;

        SecurityElement el = new SecurityElement("whatever");
//		el.Text = "<Key>RSA</Key><Digest>SHA1</Digest><Formatter>System.Security.Cryptography.RSAPKCS1SignatureFormatter</Formatter><Deformatter>System.Security.Cryptography.RSAPKCS1SignatureFormatter</Deformatter>";
        SecurityElement el_key = new SecurityElement("Key");

        el_key.Text = "RSA";
        SecurityElement el_digest = new SecurityElement("Digest");

        el_digest.Text = "SHA1";
        SecurityElement el_form = new SecurityElement("Formatter");

        el_form.Text = "System.Security.Cryptography.RSAPKCS1SignatureFormatter";
        SecurityElement el_deform = new SecurityElement("Deformatter");

        el_deform.Text = "System.Security.Cryptography.RSAPKCS1SignatureDeformatter";

        el.AddChild(el_key);
        el.AddChild(el_digest);
        el.AddChild(el_form);
        el.AddChild(el_deform);

        SignatureDescription sd_empty = new SignatureDescription();

        SignatureDescription sd = new SignatureDescription(el);

        Console.WriteLine(sd.CreateDigest());
        Console.WriteLine(sd.CreateFormatter(RSA.Create()));
        Console.WriteLine(sd.CreateDeformatter(RSA.Create()));

        return(bRes);
    }
Ejemplo n.º 6
0
        public override HashAlgorithm GetHashAlgorithmForSignature(string algorithm)
        {
            if (string.IsNullOrEmpty(algorithm))
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgument(algorithm, System.IdentityModel.SR.GetString("EmptyOrNullArgumentString", new object[] { "algorithm" }));
            }
            object algorithmFromConfig = CryptoHelper.GetAlgorithmFromConfig(algorithm);

            if (algorithmFromConfig != null)
            {
                SignatureDescription description = algorithmFromConfig as SignatureDescription;
                if (description != null)
                {
                    return(description.CreateDigest());
                }
                HashAlgorithm algorithm2 = algorithmFromConfig as HashAlgorithm;
                if (algorithm2 == null)
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new CryptographicException(System.IdentityModel.SR.GetString("UnsupportedCryptoAlgorithm", new object[] { algorithm })));
                }
                return(algorithm2);
            }
            switch (algorithm)
            {
            case "http://www.w3.org/2000/09/xmldsig#rsa-sha1":
                return(CryptoHelper.NewSha1HashAlgorithm());

            case "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256":
                return(CryptoHelper.NewSha256HashAlgorithm());
            }
            throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new CryptographicException(System.IdentityModel.SR.GetString("UnsupportedAlgorithmForCryptoOperation", new object[] { algorithm, "GetHashAlgorithmForSignature" })));
        }
Ejemplo n.º 7
0
        /// <summary>Gets a cryptographic algorithm that generates a hash for a digital signature.</summary>
        /// <param name="algorithm">The hash algorithm.</param>
        /// <returns>A <see cref="T:System.Security.Cryptography.HashAlgorithm" /> that generates hashes for digital signatures.</returns>
        /// <exception cref="T:System.NotSupportedException">
        /// <paramref name="algorithm" /> is not supported. The supported algorithms are <see cref="F:System.Security.Cryptography.Xml.SignedXml.XmlDsigDSAUrl" />, <see cref="F:System.Security.Cryptography.Xml.SignedXml.XmlDsigRSASHA1Url" />, and <see cref="F:System.IdentityModel.Tokens.SecurityAlgorithms.RsaSha256Signature" />.</exception>
        public override HashAlgorithm GetHashAlgorithmForSignature(string algorithm)
        {
            if (string.IsNullOrEmpty(algorithm))
            {
                throw new ArgumentNullException(nameof(algorithm));
            }

            object algorithmFromConfig = CryptoHelper.GetAlgorithmFromConfig(algorithm);

            if (algorithmFromConfig != null)
            {
                SignatureDescription signatureDescription = algorithmFromConfig as SignatureDescription;
                if (signatureDescription != null)
                {
                    return(signatureDescription.CreateDigest());
                }
                HashAlgorithm hashAlgorithm = algorithmFromConfig as HashAlgorithm;
                if (hashAlgorithm != null)
                {
                    return(hashAlgorithm);
                }
                throw new CryptographicException("UnsupportedAlgorithmForCryptoOperation");
            }
            if (algorithm == "http://www.w3.org/2000/09/xmldsig#dsa-sha1" || algorithm == "http://www.w3.org/2000/09/xmldsig#rsa-sha1")
            {
                return(CryptoHelper.NewSha1HashAlgorithm());
            }
            if (algorithm == "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256")
            {
                return(CryptoHelper.NewSha256HashAlgorithm());
            }
            throw new NotSupportedException("UnsupportedCryptoAlgorithm");
        }
Ejemplo n.º 8
0
        public static void DSADemo()
        {
            // Create a digital signature based on RSA encryption.
            SignatureDescription rsaSignature = CreateRSAPKCS1Signature();

            ShowProperties(rsaSignature);

            // Create a digital signature based on DSA encryption.
            SignatureDescription dsaSignature = CreateDSASignature();

            ShowProperties(dsaSignature);

            // Create a HashAlgorithm using the digest algorithm of the signature.
            HashAlgorithm hashAlgorithm = dsaSignature.CreateDigest();

            Console.WriteLine("\nHash algorithm for the DigestAlgorithm property:" + " " + hashAlgorithm.ToString());

            // Create an AsymmetricSignatureFormatter instance using the DSA key.
            DSA dsa = DSA.Create();
            AsymmetricSignatureFormatter asymmetricFormatter = CreateDSAFormatter(dsa);

            // Create an AsymmetricSignatureDeformatter instance using the
            // DSA key.
            AsymmetricSignatureDeformatter asymmetricDeformatter = CreateDSADeformatter(dsa);

            Console.WriteLine("This sample completed successfully; " + "press Enter to exit.");
            Console.ReadLine();
        }
        private bool CheckSignedInfo(AsymmetricAlgorithm key)
        {
            if (key == null)
            {
                throw new ArgumentNullException("key");
            }
            SignedXmlDebugLog.LogBeginCheckSignedInfo(this, this.m_signature.SignedInfo);
            SignatureDescription signatureDescription = CryptoConfig.CreateFromName(this.SignatureMethod) as SignatureDescription;

            if (signatureDescription == null)
            {
                throw new CryptographicException(SecurityResources.GetResourceString("Cryptography_Xml_SignatureDescriptionNotCreated"));
            }
            Type c    = Type.GetType(signatureDescription.KeyAlgorithm);
            Type type = key.GetType();

            if (((c != type) && !c.IsSubclassOf(type)) && !type.IsSubclassOf(c))
            {
                return(false);
            }
            HashAlgorithm hash = signatureDescription.CreateDigest();

            if (hash == null)
            {
                throw new CryptographicException(SecurityResources.GetResourceString("Cryptography_Xml_CreateHashAlgorithmFailed"));
            }
            byte[] actualHashValue = this.GetC14NDigest(hash);
            AsymmetricSignatureDeformatter asymmetricSignatureDeformatter = signatureDescription.CreateDeformatter(key);

            SignedXmlDebugLog.LogVerifySignedInfo(this, key, signatureDescription, hash, asymmetricSignatureDeformatter, actualHashValue, this.m_signature.SignatureValue);
            return(asymmetricSignatureDeformatter.VerifySignature(actualHashValue, this.m_signature.SignatureValue));
        }
Ejemplo n.º 10
0
    private async Task <bool> CheckSignedInfo()
    {
        SignatureDescription signatureDescription = CryptoConfig.CreateFromName(SignedInfo.SignatureMethod) as SignatureDescription;

        if (signatureDescription == null)
        {
            throw new CryptographicException("Cryptography_Xml_SignatureDescriptionNotCreated");
        }

        HashAlgorithm hashAlgorithm = signatureDescription.CreateDigest();

        if (hashAlgorithm == null)
        {
            throw new CryptographicException("Cryptography_Xml_CreateHashAlgorithmFailed");
        }

        //byte[] hashval = GetC14NDigest(hashAlgorithm);
        var methodInfo2 = typeof(SignedXml).GetMethod("GetC14NDigest", BindingFlags.Instance | BindingFlags.NonPublic);
        var hashvalue   = (byte[])methodInfo2.Invoke(this, new object[] { hashAlgorithm });

        var result = await keyClient.VerifyAsync(keyvaultUri, keyIdentifier, keyVersion,
                                                 Microsoft.Azure.KeyVault.WebKey.JsonWebKeySignatureAlgorithm.RS256, hashvalue, m_signature.SignatureValue);

        return((bool)result.Value);
    }
Ejemplo n.º 11
0
    internal new void ComputeSignature()
    {
        // BuildDigestedReferences();
        var methodInfo = typeof(SignedXml).GetMethod("BuildDigestedReferences",
                                                     BindingFlags.Instance | BindingFlags.NonPublic);

        methodInfo.Invoke(this, null);

        SignedInfo.SignatureMethod = XmlDsigRSASHA256Url;

        // See if there is a signature description class defined in the Config file
        SignatureDescription signatureDescription = CryptoConfig.CreateFromName(SignedInfo.SignatureMethod) as SignatureDescription;

        if (signatureDescription == null)
        {
            throw new CryptographicException("Cryptography_Xml_SignatureDescriptionNotCreated");
        }
        HashAlgorithm hashAlg = signatureDescription.CreateDigest();

        if (hashAlg == null)
        {
            throw new CryptographicException("Cryptography_Xml_CreateHashAlgorithmFailed");
        }

        // byte[] hashvalue = GetC14NDigest(hashAlg);
        var methodInfo2 = typeof(SignedXml).GetMethod("GetC14NDigest", BindingFlags.Instance | BindingFlags.NonPublic);
        var hashvalue   = (byte[])methodInfo2.Invoke(this, new object[] { hashAlg });

        m_signature.SignatureValue = CreateSignature(hashvalue).GetAwaiter().GetResult();
    }
Ejemplo n.º 12
0
        public void ComputeSignature()
        {
            SignedXmlDebugLog.LogBeginSignatureComputation(this, _context);

            BuildDigestedReferences();

            // Load the key
            AsymmetricAlgorithm key = SigningKey;

            if (key == null)
            {
                throw new CryptographicException(SR.Cryptography_Xml_LoadKeyFailed);
            }

            // Check the signature algorithm associated with the key so that we can accordingly set the signature method
            if (SignedInfo.SignatureMethod == null)
            {
                if (key is DSA)
                {
                    SignedInfo.SignatureMethod = XmlDsigDSAUrl;
                }
                else if (key is RSA)
                {
                    // Default to RSA-SHA256
                    if (SignedInfo.SignatureMethod == null)
                    {
                        SignedInfo.SignatureMethod = XmlDsigRSASHA256Url;
                    }
                }
                else
                {
                    throw new CryptographicException(SR.Cryptography_Xml_CreatedKeyFailed);
                }
            }

            // See if there is a signature description class defined in the Config file
            SignatureDescription signatureDescription = CryptoHelpers.CreateFromName <SignatureDescription>(SignedInfo.SignatureMethod);

            if (signatureDescription == null)
            {
                throw new CryptographicException(SR.Cryptography_Xml_SignatureDescriptionNotCreated);
            }
            HashAlgorithm hashAlg = signatureDescription.CreateDigest();

            if (hashAlg == null)
            {
                throw new CryptographicException(SR.Cryptography_Xml_CreateHashAlgorithmFailed);
            }

            // Updates the HashAlgorithm's state for signing with the signature formatter below.
            // The return value is not needed.
            GetC14NDigest(hashAlg);

            AsymmetricSignatureFormatter asymmetricSignatureFormatter = signatureDescription.CreateFormatter(key);

            SignedXmlDebugLog.LogSigning(this, key, signatureDescription, hashAlg, asymmetricSignatureFormatter);
            m_signature.SignatureValue = asymmetricSignatureFormatter.CreateSignature(hashAlg);
        }
Ejemplo n.º 13
0
        /// <summary>
        ///
        /// </summary>
        /// <param name="prefix"></param>
        public void ComputeSignature(string prefix)
        {
            this.BuildDigestedReferences();
            SignatureDescription description = CryptoConfig.CreateFromName(this.SignedInfo.SignatureMethod) as SignatureDescription;
            HashAlgorithm        hash        = description.CreateDigest();

            GetDigest(hash, prefix);
            this.m_signature.SignatureValue = description.CreateFormatter(this.SigningKey).CreateSignature(hash);
        }
Ejemplo n.º 14
0
        void ComputeHash(out AsymmetricAlgorithm privateKey, out SignatureDescription description, out HashAlgorithm hash)
        {
            privateKey  = this.Certificate.PrivateKey;
            description = CryptoConfig.CreateFromName(this.SHA1SignatureName) as SignatureDescription;
            if (description == null)
            {
                throw new CompactSignatureSecurityException(string.Format(
                                                                CultureInfo.CurrentCulture,
                                                                "Error creating SignatureDescription from the signature name {0}",
                                                                this.SHA1SignatureName));
            }

            hash = description.CreateDigest();
            if (hash == null)
            {
                throw new CompactSignatureSecurityException(string.Format(
                                                                CultureInfo.CurrentCulture,
                                                                "Error creating HashAlgorithm from the signature name {0}",
                                                                this.SHA1SignatureName));
            }

            HashStream hashStream = this.TakeHashStream(hash);

            // Create the references
            StringBuilder sb = new StringBuilder();

            if (!String.IsNullOrEmpty(this.InclusivePrefixesList))
            {
                for (int i = 0; i < this.references.Count; i++)
                {
                    sb.Append(string.Format(SignatureProcessor.ExtendedSignatureReferenceWithPrefixes,
                                            this.references[i].Id,
                                            this.InclusivePrefixesList,
                                            Convert.ToBase64String(this.references[i].Digest)));
                }
            }
            else
            {
                for (int i = 0; i < this.references.Count; i++)
                {
                    sb.Append(string.Format(SignatureProcessor.ExtendedSignatureReferenceNoPrefixes,
                                            this.references[i].Id,
                                            Convert.ToBase64String(this.references[i].Digest)));
                }
            }

            string expandedSignature = string.Format(
                ExpandedSignatureScheleton,
                // Replace the references
                sb.ToString());

            byte[] bytes = Encoding.UTF8.GetBytes(expandedSignature);
            hashStream.Write(bytes, 0, bytes.Length);
            hashStream.FlushHash();
        }
Ejemplo n.º 15
0
        public void ComputeSignature()
        {
            SignedXmlDebugLog.LogBeginSignatureComputation(this, m_context);

            BuildDigestedReferences();

            // Load the key
            AsymmetricAlgorithm key = SigningKey;

            if (key == null)
            {
                throw new CryptographicException(SecurityResources.GetResourceString("Cryptography_Xml_LoadKeyFailed"));
            }

            // Check the signature algorithm associated with the key so that we can accordingly set the signature method
            if (SignedInfo.SignatureMethod == null)
            {
                if (key is DSA)
                {
                    SignedInfo.SignatureMethod = XmlDsigDSAUrl;
                }
                else if (key is RSA)
                {
                    // Default to RSA-SHA1
                    if (SignedInfo.SignatureMethod == null)
                    {
                        SignedInfo.SignatureMethod = XmlDsigRSASHA1Url;
                    }
                }
                else
                {
                    throw new CryptographicException(SecurityResources.GetResourceString("Cryptography_Xml_CreatedKeyFailed"));
                }
            }

            // See if there is a signature description class defined in the Config file
            SignatureDescription signatureDescription = CryptoConfig.CreateFromName(SignedInfo.SignatureMethod) as SignatureDescription;

            if (signatureDescription == null)
            {
                throw new CryptographicException(SecurityResources.GetResourceString("Cryptography_Xml_SignatureDescriptionNotCreated"));
            }
            HashAlgorithm hashAlg = signatureDescription.CreateDigest();

            if (hashAlg == null)
            {
                throw new CryptographicException(SecurityResources.GetResourceString("Cryptography_Xml_CreateHashAlgorithmFailed"));
            }
            byte[] hashvalue = GetC14NDigest(hashAlg);
            AsymmetricSignatureFormatter asymmetricSignatureFormatter = signatureDescription.CreateFormatter(key);

            SignedXmlDebugLog.LogSigning(this, key, signatureDescription, hashAlg, asymmetricSignatureFormatter);
            m_signature.SignatureValue = asymmetricSignatureFormatter.CreateSignature(hashAlg);
        }
Ejemplo n.º 16
0
        internal static HashAlgorithm CreateHashForAsymmetricSignature(string signatureMethod)
        {
            object algorithmObject = CryptoAlgorithms.GetAlgorithmFromConfig(signatureMethod);

            if (algorithmObject != null)
            {
                HashAlgorithm        hashAlgorithm;
                SignatureDescription signatureDescription = algorithmObject as SignatureDescription;

                if (signatureDescription != null)
                {
                    hashAlgorithm = signatureDescription.CreateDigest();
                    if (hashAlgorithm != null)
                    {
                        return(hashAlgorithm);
                    }
                }

                hashAlgorithm = algorithmObject as HashAlgorithm;
                if (hashAlgorithm != null)
                {
                    return(hashAlgorithm);
                }

                throw DiagnosticUtility.ExceptionUtility.ThrowHelperWarning(new MessageSecurityException(SR.GetString(SR.CustomCryptoAlgorithmIsNotValidAsymmetricSignature, signatureMethod)));
            }

            switch (signatureMethod)
            {
            case SecurityAlgorithms.RsaSha1Signature:
            case SecurityAlgorithms.DsaSha1Signature:
                if (SecurityUtilsEx.RequiresFipsCompliance)
                {
                    return(new SHA1CryptoServiceProvider());
                }
                else
                {
                    return(new SHA1Managed());
                }

            case SecurityAlgorithms.RsaSha256Signature:
                if (SecurityUtilsEx.RequiresFipsCompliance)
                {
                    return(new SHA256CryptoServiceProvider());
                }
                else
                {
                    return(new SHA256Managed());
                }

            default:
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperWarning(new MessageSecurityException(SR.GetString(SR.UnsupportedCryptoAlgorithm, signatureMethod)));
            }
        }
Ejemplo n.º 17
0
        public void ComputeSignature(string prefix)
        {
            this.BuildDigestedReferences();
            AsymmetricAlgorithm signingKey = this.SigningKey;

            if (signingKey == null)
            {
                throw new CryptographicException("Cryptography_Xml_LoadKeyFailed");
            }
            if (this.SignedInfo.SignatureMethod == null)
            {
                // SignatureMethodが未設定で、SigningKeyの種類によるデフォルト値を設定
                if (signingKey is DSA)
                {
                    // "http://www.w3.org/2000/09/xmldsig#dsa-sha1";
                    this.SignedInfo.SignatureMethod = XmlDsigDSAUrl;
                }
                else if (signingKey is RSA)
                {
                    // "http://www.w3.org/2000/09/xmldsig#rsa-sha1";
                    this.SignedInfo.SignatureMethod = XmlDsigRSASHA1Url;

                    // "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256";
                    //this.SignedInfo.SignatureMethod = XmlDsigRSASHA256Url;

                    // "http://www.w3.org/2001/04/xmldsig-more#rsa-sha384";
                    //this.SignedInfo.SignatureMethod = XmlDsigRSASHA384Url;

                    // "http://www.w3.org/2001/04/xmldsig-more#rsa-sha512";
                    //this.SignedInfo.SignatureMethod = XmlDsigRSASHA512Url;
                }
                else
                {
                    throw new CryptographicException("Cryptography_Xml_CreatedKeyFailed");
                }
            }
            SignatureDescription description = CryptoConfig.CreateFromName(this.SignedInfo.SignatureMethod) as SignatureDescription;

            if (description == null)
            {
                throw new CryptographicException("Cryptography_Xml_SignatureDescriptionNotCreated");
            }
            HashAlgorithm hash = description.CreateDigest();

            if (hash == null)
            {
                throw new CryptographicException("Cryptography_Xml_CreateHashAlgorithmFailed");
            }
            this.GetC14NDigest(hash, prefix);
            this.m_signature.SignatureValue = description.CreateFormatter(signingKey).CreateSignature(hash);
            this.prefix = prefix;
        }
Ejemplo n.º 18
0
        [PlatformSpecific(TestPlatforms.Windows)]  // Operation is not supported on Unix
        public void Digest()
        {
            bool rightClass          = false;
            SignatureDescription sig = new SignatureDescription();

            // null hash
            AssertExtensions.Throws <ArgumentNullException>("name", () => sig.CreateDigest());

            foreach (string name in new[] { "SHA1", "MD5", "SHA256", "SHA384", "SHA512" })
            {
                sig.DigestAlgorithm = name;
                using (HashAlgorithm hash = sig.CreateDigest())
                {
                    Assert.NotNull(hash);
                    rightClass = hash.ToString().IndexOf(sig.DigestAlgorithm) > 0;
                    Assert.True(rightClass, $"CreateDigest({name})");
                }
            }

            sig.DigestAlgorithm = "bad";
            Assert.Null(sig.CreateDigest());
        }
        public void Digest()
        {
            bool          rightClass = false;
            HashAlgorithm hash       = null;

            // null hash
            try
            {
                hash = sig.CreateDigest();
                Fail("Expected ArgumentNullException but got none");
            }
            catch (ArgumentNullException)
            {
                // this is what we expect
            }
            catch (Exception e)
            {
                Fail("Expected ArgumentNullException but got: " + e.ToString());
            }

            sig.DigestAlgorithm = "SHA1";
            hash = sig.CreateDigest();
            AssertNotNull("CreateDigest(SHA1)", hash);
            rightClass = (hash.ToString().IndexOf(sig.DigestAlgorithm) > 0);
            Assert("CreateDigest(SHA1)", rightClass);

            sig.DigestAlgorithm = "MD5";
            hash = sig.CreateDigest();
            AssertNotNull("CreateDigest(MD5)", hash);
            rightClass = (hash.ToString().IndexOf(sig.DigestAlgorithm) > 0);
            Assert("CreateDigest(MD5)", rightClass);

            sig.DigestAlgorithm = "SHA256";
            hash = sig.CreateDigest();
            AssertNotNull("CreateDigest(SHA256)", hash);
            rightClass = (hash.ToString().IndexOf(sig.DigestAlgorithm) > 0);
            Assert("CreateDigest(SHA256)", rightClass);

            sig.DigestAlgorithm = "SHA384";
            hash = sig.CreateDigest();
            AssertNotNull("CreateDigest(SHA384)", hash);
            rightClass = (hash.ToString().IndexOf(sig.DigestAlgorithm) > 0);
            Assert("CreateDigest(SHA384)", rightClass);

            sig.DigestAlgorithm = "SHA512";
            hash = sig.CreateDigest();
            AssertNotNull("CreateDigest(SHA512)", hash);
            rightClass = (hash.ToString().IndexOf(sig.DigestAlgorithm) > 0);
            Assert("CreateDigest(SHA512)", rightClass);

            sig.DigestAlgorithm = "bad";
            hash = sig.CreateDigest();
            AssertNull("CreateDigest(bad)", hash);
        }
Ejemplo n.º 20
0
        public void ComputeSignature(string prefix)
        {
            this.BuildDigestedReferences();

            AsymmetricAlgorithm signingKey = this.SigningKey;

            if (signingKey == null)
            {
                throw new CryptographicException("Cryptography_Xml_LoadKeyFailed");
            }

            if (this.SignedInfo.SignatureMethod == null)
            {
                if (!(signingKey is DSA))
                {
                    if (!(signingKey is RSA))
                    {
                        throw new CryptographicException("Cryptography_Xml_CreatedKeyFailed");
                    }

                    if (this.SignedInfo.SignatureMethod == null)
                    {
                        this.SignedInfo.SignatureMethod = "http://www.w3.org/2000/09/xmldsig#rsa-sha1";
                    }
                }
                else
                {
                    this.SignedInfo.SignatureMethod = "http://www.w3.org/2000/09/xmldsig#dsa-sha1";
                }
            }

            SignatureDescription description = CryptoConfig.CreateFromName(this.SignedInfo.SignatureMethod) as SignatureDescription;

            if (description == null)
            {
                throw new CryptographicException("Cryptography_Xml_SignatureDescriptionNotCreated");
            }

            HashAlgorithm hash = description.CreateDigest();

            if (hash == null)
            {
                throw new CryptographicException("Cryptography_Xml_CreateHashAlgorithmFailed");
            }

            this.GetC14NDigest(hash, prefix);
            this.m_signature.SignatureValue = description.CreateFormatter(signingKey).CreateSignature(hash);
        }
Ejemplo n.º 21
0
        public Saml2Signer(X509Certificate2 certificate, string signatureAlgorithm)
        {
            if (certificate == null)
            {
                throw new ArgumentNullException(nameof(certificate));
            }
            if (signatureAlgorithm == null)
            {
                throw new ArgumentNullException(nameof(SignatureAlgorithm));
            }

            Certificate          = certificate;
            SignatureAlgorithm   = signatureAlgorithm;
            SignatureDescription = (SignatureDescription)CryptoConfig.CreateFromName(SignatureAlgorithm);
            HashAlgorithm        = SignatureDescription.CreateDigest();
        }
Ejemplo n.º 22
0
        public void ComputeSignature()
        {
            DigestReferences();

            if (key == null)
            {
                throw new CryptographicException(SR.Cryptography_Xml_LoadKeyFailed);
            }

            // Check the signature algorithm associated with the key so that we can accordingly set the signature method
            if (SignedInfo.SignatureMethod == null)
            {
                if (key is DSA)
                {
                    SignedInfo.SignatureMethod = XmlDsigDSAUrl;
                }
                else if (key is RSA)
                {
                    // Default to RSA-SHA1
                    SignedInfo.SignatureMethod = XmlDsigRSASHA1Url;
                }
                else
                {
                    throw new CryptographicException(SR.Cryptography_Xml_CreatedKeyFailed);
                }
            }

            // See if there is a signature description class defined in the Config file
            SignatureDescription signatureDescription = CryptoConfig.CreateFromName(SignedInfo.SignatureMethod) as SignatureDescription;

            if (signatureDescription == null)
            {
                throw new CryptographicException(SR.Cryptography_Xml_SignatureDescriptionNotCreated);
            }

            HashAlgorithm hashAlg = signatureDescription.CreateDigest();

            if (hashAlg == null)
            {
                throw new CryptographicException(SR.Cryptography_Xml_CreateHashAlgorithmFailed);
            }

            byte[] hashvalue = hashAlg.ComputeHash(SignedInfoTransformed());
            AsymmetricSignatureFormatter asymmetricSignatureFormatter = signatureDescription.CreateFormatter(key);

            m_signature.SignatureValue = asymmetricSignatureFormatter.CreateSignature(hashAlg);
        }
        public void ComputeSignature()
        {
            SignedXmlDebugLog.LogBeginSignatureComputation(this, this.m_context);
            this.BuildDigestedReferences();
            AsymmetricAlgorithm signingKey = this.SigningKey;

            if (signingKey == null)
            {
                throw new CryptographicException(SecurityResources.GetResourceString("Cryptography_Xml_LoadKeyFailed"));
            }
            if (this.SignedInfo.SignatureMethod == null)
            {
                if (!(signingKey is DSA))
                {
                    if (!(signingKey is RSA))
                    {
                        throw new CryptographicException(SecurityResources.GetResourceString("Cryptography_Xml_CreatedKeyFailed"));
                    }
                    if (this.SignedInfo.SignatureMethod == null)
                    {
                        this.SignedInfo.SignatureMethod = "http://www.w3.org/2000/09/xmldsig#rsa-sha1";
                    }
                }
                else
                {
                    this.SignedInfo.SignatureMethod = "http://www.w3.org/2000/09/xmldsig#dsa-sha1";
                }
            }
            SignatureDescription signatureDescription = CryptoConfig.CreateFromName(this.SignedInfo.SignatureMethod) as SignatureDescription;

            if (signatureDescription == null)
            {
                throw new CryptographicException(SecurityResources.GetResourceString("Cryptography_Xml_SignatureDescriptionNotCreated"));
            }
            HashAlgorithm hash = signatureDescription.CreateDigest();

            if (hash == null)
            {
                throw new CryptographicException(SecurityResources.GetResourceString("Cryptography_Xml_CreateHashAlgorithmFailed"));
            }
            this.GetC14NDigest(hash);
            AsymmetricSignatureFormatter asymmetricSignatureFormatter = signatureDescription.CreateFormatter(signingKey);

            SignedXmlDebugLog.LogSigning(this, signingKey, signatureDescription, hash, asymmetricSignatureFormatter);
            this.m_signature.SignatureValue = asymmetricSignatureFormatter.CreateSignature(hash);
        }
Ejemplo n.º 24
0
        private bool CheckSignedInfo(AsymmetricAlgorithm key)
        {
            if (key == null)
            {
                throw new ArgumentNullException("key");
            }

            SignedXmlDebugLog.LogBeginCheckSignedInfo(this, m_signature.SignedInfo);

            SignatureDescription signatureDescription = CryptoConfig.CreateFromName(SignatureMethod) as SignatureDescription;

            if (signatureDescription == null)
            {
                throw new CryptographicException(SecurityResources.GetResourceString("Cryptography_Xml_SignatureDescriptionNotCreated"));
            }

            // Let's see if the key corresponds with the SignatureMethod
            Type ta = Type.GetType(signatureDescription.KeyAlgorithm);
            Type tb = key.GetType();

            if ((ta != tb) && !ta.IsSubclassOf(tb) && !tb.IsSubclassOf(ta))
            {
                // Signature method key mismatch
                return(false);
            }

            HashAlgorithm hashAlgorithm = signatureDescription.CreateDigest();

            if (hashAlgorithm == null)
            {
                throw new CryptographicException(SecurityResources.GetResourceString("Cryptography_Xml_CreateHashAlgorithmFailed"));
            }
            byte[] hashval = GetC14NDigest(hashAlgorithm);

            AsymmetricSignatureDeformatter asymmetricSignatureDeformatter = signatureDescription.CreateDeformatter(key);

            SignedXmlDebugLog.LogVerifySignedInfo(this,
                                                  key,
                                                  signatureDescription,
                                                  hashAlgorithm,
                                                  asymmetricSignatureDeformatter,
                                                  hashval,
                                                  m_signature.SignatureValue);
            return(asymmetricSignatureDeformatter.VerifySignature(hashval, m_signature.SignatureValue));
        }
Ejemplo n.º 25
0
        private bool CheckSignedInfo(AsymmetricAlgorithm key)
        {
            if (key == null)
            {
                throw new ArgumentNullException(nameof(key));
            }

            SignedXmlDebugLog.LogBeginCheckSignedInfo(this, m_signature.SignedInfo);

            SignatureDescription signatureDescription = CryptoConfig.CreateFromName(SignatureMethod) as SignatureDescription;

            if (signatureDescription == null)
            {
                throw new CryptographicException(SR.Cryptography_Xml_SignatureDescriptionNotCreated);
            }

            // Let's see if the key corresponds with the SignatureMethod
            Type ta = Type.GetType(signatureDescription.KeyAlgorithm);

            if (!IsKeyTheCorrectAlgorithm(key, ta))
            {
                return(false);
            }

            HashAlgorithm hashAlgorithm = signatureDescription.CreateDigest();

            if (hashAlgorithm == null)
            {
                throw new CryptographicException(SR.Cryptography_Xml_CreateHashAlgorithmFailed);
            }
            byte[] hashval = GetC14NDigest(hashAlgorithm);

            AsymmetricSignatureDeformatter asymmetricSignatureDeformatter = signatureDescription.CreateDeformatter(key);

            SignedXmlDebugLog.LogVerifySignedInfo(this,
                                                  key,
                                                  signatureDescription,
                                                  hashAlgorithm,
                                                  asymmetricSignatureDeformatter,
                                                  hashval,
                                                  m_signature.SignatureValue);
            return(asymmetricSignatureDeformatter.VerifySignature(hashval, m_signature.SignatureValue));
        }
Ejemplo n.º 26
0
        public void ComputeSignature(string prefix)
        {
            BuildDigestedReferences();
            AsymmetricAlgorithm signingKey = SigningKey;

            if (signingKey == null)
            {
                throw new CryptographicException("Cryptography_Xml_LoadKeyFailed");
            }
            if (SignedInfo.SignatureMethod == null)
            {
                if (!(signingKey is DSA))
                {
                    if (!(signingKey is RSA))
                    {
                        throw new CryptographicException("Cryptography_Xml_CreatedKeyFailed");
                    }
                    if (SignedInfo.SignatureMethod == null)
                    {
                        SignedInfo.SignatureMethod = XmlDsigRSASHA1Url;
                    }
                }
                else
                {
                    SignedInfo.SignatureMethod = XmlDsigDSAUrl;
                }
            }
            SignatureDescription description = CryptoConfig.CreateFromName(SignedInfo.SignatureMethod) as SignatureDescription;

            if (description == null)
            {
                throw new CryptographicException("Cryptography_Xml_SignatureDescriptionNotCreated");
            }
            HashAlgorithm hash = description.CreateDigest();

            if (hash == null)
            {
                throw new CryptographicException("Cryptography_Xml_CreateHashAlgorithmFailed");
            }
            GetC14NDigest(hash, prefix);
            m_signature.SignatureValue = description.CreateFormatter(signingKey).CreateSignature(hash);
        }
Ejemplo n.º 27
0
        internal static HashAlgorithm CreateHashForAsymmetricSignature(string signatureMethod)
        {
            object algorithmFromConfig = System.IdentityModel.CryptoHelper.GetAlgorithmFromConfig(signatureMethod);

            if (algorithmFromConfig != null)
            {
                HashAlgorithm        algorithm;
                SignatureDescription description = algorithmFromConfig as SignatureDescription;
                if (description != null)
                {
                    algorithm = description.CreateDigest();
                    if (algorithm != null)
                    {
                        return(algorithm);
                    }
                }
                algorithm = algorithmFromConfig as HashAlgorithm;
                if (algorithm == null)
                {
                    throw System.ServiceModel.DiagnosticUtility.ExceptionUtility.ThrowHelperWarning(new MessageSecurityException(System.ServiceModel.SR.GetString("CustomCryptoAlgorithmIsNotValidAsymmetricSignature", new object[] { signatureMethod })));
                }
                return(algorithm);
            }
            switch (signatureMethod)
            {
            case "http://www.w3.org/2000/09/xmldsig#rsa-sha1":
            case "http://www.w3.org/2000/09/xmldsig#dsa-sha1":
                if (System.ServiceModel.Security.SecurityUtils.RequiresFipsCompliance)
                {
                    return(new SHA1CryptoServiceProvider());
                }
                return(new SHA1Managed());

            case "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256":
                if (System.ServiceModel.Security.SecurityUtils.RequiresFipsCompliance)
                {
                    return(new SHA256CryptoServiceProvider());
                }
                return(new SHA256Managed());
            }
            throw System.ServiceModel.DiagnosticUtility.ExceptionUtility.ThrowHelperWarning(new MessageSecurityException(System.ServiceModel.SR.GetString("UnsupportedCryptoAlgorithm", new object[] { signatureMethod })));
        }
        [PlatformSpecific(TestPlatforms.Windows)]  // Operation is not supported on Unix
        public void Digest()
        {
            bool                 rightClass = false;
            HashAlgorithm        hash       = null;
            SignatureDescription sig        = new SignatureDescription();

            // null hash
            AssertExtensions.Throws <ArgumentNullException>("name", () => hash = sig.CreateDigest());

            sig.DigestAlgorithm = "SHA1";
            hash = sig.CreateDigest();
            Assert.NotNull(hash);
            rightClass = (hash.ToString().IndexOf(sig.DigestAlgorithm) > 0);
            Assert.True(rightClass, "CreateDigest(SHA1)");

            sig.DigestAlgorithm = "MD5";
            hash = sig.CreateDigest();
            Assert.NotNull(hash);
            rightClass = (hash.ToString().IndexOf(sig.DigestAlgorithm) > 0);
            Assert.True(rightClass, "CreateDigest(MD5)");

            sig.DigestAlgorithm = "SHA256";
            hash = sig.CreateDigest();
            Assert.NotNull(hash);
            rightClass = (hash.ToString().IndexOf(sig.DigestAlgorithm) > 0);
            Assert.True(rightClass, "CreateDigest(SHA256)");

            sig.DigestAlgorithm = "SHA384";
            hash = sig.CreateDigest();
            Assert.NotNull(hash);
            rightClass = (hash.ToString().IndexOf(sig.DigestAlgorithm) > 0);
            Assert.True(rightClass, "CreateDigest(SHA384)");

            sig.DigestAlgorithm = "SHA512";
            hash = sig.CreateDigest();
            Assert.NotNull(hash);
            rightClass = (hash.ToString().IndexOf(sig.DigestAlgorithm) > 0);
            Assert.True(rightClass, "CreateDigest(SHA512)");

            sig.DigestAlgorithm = "bad";
            hash = sig.CreateDigest();
            Assert.Null(hash);
        }
Ejemplo n.º 29
0
        internal static HashAlgorithm CreateHashForAsymmetricSignature(string signatureMethod)
        {
            object algorithmObject = CryptoAlgorithms.GetAlgorithmFromConfig(signatureMethod);

            if (algorithmObject != null)
            {
                HashAlgorithm        hashAlgorithm;
                SignatureDescription signatureDescription = algorithmObject as SignatureDescription;

                if (signatureDescription != null)
                {
                    hashAlgorithm = signatureDescription.CreateDigest();
                    if (hashAlgorithm != null)
                    {
                        return(hashAlgorithm);
                    }
                }

                hashAlgorithm = algorithmObject as HashAlgorithm;
                if (hashAlgorithm != null)
                {
                    return(hashAlgorithm);
                }

                throw DiagnosticUtility.ExceptionUtility.ThrowHelperWarning(new MessageSecurityException(SR.Format(SR.CustomCryptoAlgorithmIsNotValidAsymmetricSignature, signatureMethod)));
            }

            switch (signatureMethod)
            {
            case SecurityAlgorithms.RsaSha1Signature:
            case SecurityAlgorithms.DsaSha1Signature:
                return(SHA1.Create());

            case SecurityAlgorithms.RsaSha256Signature:
                return(SHA256.Create());

            default:
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperWarning(new MessageSecurityException(SR.Format(SR.UnsupportedCryptoAlgorithm, signatureMethod)));
            }
        }
Ejemplo n.º 30
0
        public override HashAlgorithm GetHashAlgorithmForSignature(string algorithm)
        {
            if (string.IsNullOrEmpty(algorithm))
            {
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgument(algorithm, SR.GetString(SR.EmptyOrNullArgumentString, "algorithm"));
            }

            object algorithmObject = CryptoHelper.GetAlgorithmFromConfig(algorithm);

            if (algorithmObject != null)
            {
                SignatureDescription description = algorithmObject as SignatureDescription;
                if (description != null)
                {
                    return(description.CreateDigest());
                }

                HashAlgorithm hashAlgorithm = algorithmObject as HashAlgorithm;
                if (hashAlgorithm != null)
                {
                    return(hashAlgorithm);
                }

                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new CryptographicException(SR.GetString(SR.UnsupportedAlgorithmForCryptoOperation,
                                                                                                                  algorithm, "CreateDigest")));
            }

            switch (algorithm)
            {
            case SignedXml.XmlDsigDSAUrl:
            case SignedXml.XmlDsigRSASHA1Url:
                return(CryptoHelper.NewSha1HashAlgorithm());

            case SecurityAlgorithms.RsaSha256Signature:
                return(CryptoHelper.NewSha256HashAlgorithm());

            default:
                throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.UnsupportedCryptoAlgorithm, algorithm)));
            }
        }
        void RSASignatureDescriptionCore(string name, string expectedDigestAlgorithm, string expectedSelectedDigestAlgorithm)
        {
            // internal class - we cannot create one without CryptoConfig
            SignatureDescription sd = (SignatureDescription)CryptoConfig.CreateFromName(name);

            Assert.AreEqual(expectedDigestAlgorithm, sd.DigestAlgorithm);
            Assert.AreEqual("System.Security.Cryptography.RSAPKCS1SignatureDeformatter", sd.DeformatterAlgorithm);
            Assert.AreEqual("System.Security.Cryptography.RSAPKCS1SignatureFormatter", sd.FormatterAlgorithm);
            Assert.AreEqual("System.Security.Cryptography.RSA", sd.KeyAlgorithm);

            HashAlgorithm hash = sd.CreateDigest();

            Assert.AreEqual(expectedSelectedDigestAlgorithm, hash.ToString());

            Assert.AreEqual("System.Security.Cryptography.RSA", sd.KeyAlgorithm);

            AsymmetricSignatureDeformatter asd = sd.CreateDeformatter(rsa);

            Assert.AreEqual("System.Security.Cryptography.RSAPKCS1SignatureDeformatter", asd.ToString());

            AsymmetricSignatureFormatter asf = sd.CreateFormatter(rsa);

            Assert.AreEqual("System.Security.Cryptography.RSAPKCS1SignatureFormatter", asf.ToString());
        }
Ejemplo n.º 32
0
        public void Digest()
        {
            bool rightClass = false;
            HashAlgorithm hash = null;
            SignatureDescription sig = new SignatureDescription();

            // null hash
            Assert.Throws<ArgumentNullException>("name", () => hash = sig.CreateDigest());

            sig.DigestAlgorithm = "SHA1";
            hash = sig.CreateDigest();
            Assert.NotNull(hash);
            rightClass = (hash.ToString().IndexOf(sig.DigestAlgorithm) > 0);
            Assert.True(rightClass, "CreateDigest(SHA1)");

            sig.DigestAlgorithm = "MD5";
            hash = sig.CreateDigest();
            Assert.NotNull(hash);
            rightClass = (hash.ToString().IndexOf(sig.DigestAlgorithm) > 0);
            Assert.True(rightClass, "CreateDigest(MD5)");

            sig.DigestAlgorithm = "SHA256";
            hash = sig.CreateDigest();
            Assert.NotNull(hash);
            rightClass = (hash.ToString().IndexOf(sig.DigestAlgorithm) > 0);
            Assert.True(rightClass, "CreateDigest(SHA256)");

            sig.DigestAlgorithm = "SHA384";
            hash = sig.CreateDigest();
            Assert.NotNull(hash);
            rightClass = (hash.ToString().IndexOf(sig.DigestAlgorithm) > 0);
            Assert.True(rightClass, "CreateDigest(SHA384)");

            sig.DigestAlgorithm = "SHA512";
            hash = sig.CreateDigest();
            Assert.NotNull(hash);
            rightClass = (hash.ToString().IndexOf(sig.DigestAlgorithm) > 0);
            Assert.True(rightClass, "CreateDigest(SHA512)");

            sig.DigestAlgorithm = "bad";
            hash = sig.CreateDigest();
            Assert.Null(hash);
        }