private void CompleteEncryption()
{
ISecurityElement referenceList = CompleteEncryptionCore(
ElementContainer.PrimarySignature,
ElementContainer.GetBasicSupportingTokens(),
ElementContainer.GetSignatureConfirmations(),
ElementContainer.GetEndorsingSignatures());
if (referenceList == null)
{
// null out all the encryption fields since there is no encryption needed
ElementContainer.SourceEncryptionToken = null;
ElementContainer.WrappedEncryptionToken = null;
ElementContainer.DerivedEncryptionToken = null;
return;
}
if (_skipKeyInfoForEncryption)
{
WrappedKeySecurityToken wrappedKeyToken = _encryptingToken as WrappedKeySecurityToken;
wrappedKeyToken.EnsureEncryptedKeySetUp();
wrappedKeyToken.EncryptedKey.ReferenceList = (ReferenceList)referenceList;
}
else
{
ElementContainer.ReferenceList = referenceList;
}
_basicTokenEncrypted = true;
}
protected abstract ISignatureValueSecurityElement CreateSupportingSignature(SecurityToken token, SecurityKeyIdentifier identifier, ISecurityElement primarySignature);
protected override ISignatureValueSecurityElement CreateSupportingSignature(SecurityToken token, SecurityKeyIdentifier identifier, ISecurityElement elementToSign)
{
string signatureAlgorithm;
XmlDictionaryString signatureAlgorithmDictionaryString;
SecurityKey signatureKey;
AlgorithmSuite.GetSignatureAlgorithmAndKey(token, out signatureAlgorithm, out signatureKey, out signatureAlgorithmDictionaryString);
SignedXml signedXml = new SignedXml();
SignedInfo signedInfo = signedXml.SignedInfo;
signedInfo.CanonicalizationMethod = AlgorithmSuite.DefaultCanonicalizationAlgorithm;
signedInfo.SignatureMethod = signatureAlgorithm;
if (elementToSign.Id == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.ElementToSignMustHaveId));
}
MemoryStream stream = new MemoryStream();
XmlDictionaryWriter utf8Writer = TakeUtf8Writer();
utf8Writer.StartCanonicalization(stream, false, null);
elementToSign.WriteTo(utf8Writer, ServiceModelDictionaryManager.Instance);
utf8Writer.EndCanonicalization();
stream.Position = 0;
AddReference("#" + elementToSign.Id, stream);
AsymmetricAlgorithm asymmetricAlgorithm = null;
KeyedHashAlgorithm keyedHashAlgorithm = null;
GetSigningAlgorithm(signatureKey, signatureAlgorithm, out keyedHashAlgorithm, out asymmetricAlgorithm);
if (keyedHashAlgorithm != null)
{
signedXml.ComputeSignature(keyedHashAlgorithm);
}
else
{
signedXml.SigningKey = asymmetricAlgorithm;
signedXml.ComputeSignature();
}
SetKeyInfo(signedXml, identifier);
return(new SignatureValue(signedXml.Signature));
}
