public override void LoadInnerXml(XmlNodeList nodeList)
{
if (nodeList != null)
{
foreach (XmlNode n in nodeList)
{
XmlElement e = n as XmlElement;
if (e != null)
{
if (e.LocalName.Equals("InclusiveNamespaces") &&
e.NamespaceURI.Equals(SignedXml.XmlDsigExcC14NTransformUrl) &&
Utils.HasAttribute(e, "PrefixList", SignedXml.XmlDsigNamespaceUrl))
{
if (!Utils.VerifyAttributes(e, "PrefixList"))
{
throw new CryptographicException(SR.Cryptography_Xml_UnknownTransform);
}
this.InclusiveNamespacesPrefixList = Utils.GetAttribute(e, "PrefixList", SignedXml.XmlDsigNamespaceUrl);
return;
}
else
{
throw new CryptographicException(SR.Cryptography_Xml_UnknownTransform);
}
}
}
}
}
public override void LoadInnerXml(XmlNodeList nodeList)
{
if (nodeList == null)
{
throw new CryptographicException(SR.Cryptography_Xml_UnknownTransform);
}
ExceptUris.Clear();
foreach (XmlNode node in nodeList)
{
XmlElement elem = node as XmlElement;
if (elem != null)
{
if (elem.LocalName == "Except" && elem.NamespaceURI == XmlDecryptionTransformNamespaceUrl)
{
// the Uri is required
string uri = Utils.GetAttribute(elem, "URI", XmlDecryptionTransformNamespaceUrl);
if (uri == null || uri.Length == 0 || uri[0] != '#')
{
throw new CryptographicException(SR.Cryptography_Xml_UriRequired);
}
if (!Utils.VerifyAttributes(elem, "URI"))
{
throw new CryptographicException(SR.Cryptography_Xml_UnknownTransform);
}
string idref = Utils.ExtractIdFromLocalUri(uri);
ExceptUris.Add(idref);
}
else
{
throw new CryptographicException(SR.Cryptography_Xml_UnknownTransform);
}
}
}
}
public void LoadXml(XmlElement value)
{
if (value is null)
{
throw new ArgumentNullException(nameof(value));
}
XmlElement keyInfoElement = value;
_id = Utils.GetAttribute(keyInfoElement, "Id", SignedXml.XmlDsigNamespaceUrl);
if (!Utils.VerifyAttributes(keyInfoElement, "Id"))
{
throw new CryptographicException(SR.Cryptography_Xml_InvalidElement, "KeyInfo");
}
XmlNode child = keyInfoElement.FirstChild;
while (child != null)
{
XmlElement elem = child as XmlElement;
if (elem != null)
{
// Create the right type of KeyInfoClause; we use a combination of the namespace and tag name (local name)
string kicString = elem.NamespaceURI + " " + elem.LocalName;
// Special-case handling for KeyValue -- we have to go one level deeper
if (kicString == "http://www.w3.org/2000/09/xmldsig# KeyValue")
{
if (!Utils.VerifyAttributes(elem, (string[])null))
{
throw new CryptographicException(SR.Cryptography_Xml_InvalidElement, "KeyInfo/KeyValue");
}
XmlNodeList nodeList2 = elem.ChildNodes;
foreach (XmlNode node2 in nodeList2)
{
XmlElement elem2 = node2 as XmlElement;
if (elem2 != null)
{
kicString += "/" + elem2.LocalName;
break;
}
}
}
KeyInfoClause keyInfoClause = CryptoHelpers.CreateFromName <KeyInfoClause>(kicString);
// if we don't know what kind of KeyInfoClause we're looking at, use a generic KeyInfoNode:
if (keyInfoClause == null)
{
keyInfoClause = new KeyInfoNode();
}
// Ask the create clause to fill itself with the corresponding XML
keyInfoClause.LoadXml(elem);
// Add it to our list of KeyInfoClauses
AddClause(keyInfoClause);
}
child = child.NextSibling;
}
}
public override void LoadInnerXml(XmlNodeList nodeList)
{
// XPath transform is specified by text child of first XPath child
if (nodeList == null)
{
throw new CryptographicException(SR.Cryptography_Xml_UnknownTransform);
}
foreach (XmlNode node in nodeList)
{
string prefix = null;
string namespaceURI = null;
XmlElement elem = node as XmlElement;
if (elem != null)
{
if (elem.LocalName == "XPath")
{
_xpathexpr = elem.InnerXml.Trim(null);
XmlNodeReader nr = new XmlNodeReader(elem);
XmlNameTable nt = nr.NameTable;
_nsm = new XmlNamespaceManager(nt);
if (!Utils.VerifyAttributes(elem, (string)null))
{
throw new CryptographicException(SR.Cryptography_Xml_UnknownTransform);
}
// Look for a namespace in the attributes
foreach (XmlAttribute attrib in elem.Attributes)
{
if (attrib.Prefix == "xmlns")
{
prefix = attrib.LocalName;
namespaceURI = attrib.Value;
if (prefix == null)
{
prefix = elem.Prefix;
namespaceURI = elem.NamespaceURI;
}
_nsm.AddNamespace(prefix, namespaceURI);
}
}
break;
}
else
{
throw new CryptographicException(SR.Cryptography_Xml_UnknownTransform);
}
}
}
if (_xpathexpr == null)
{
throw new CryptographicException(SR.Cryptography_Xml_UnknownTransform);
}
}
public void LoadXml(XmlElement value)
{
if (value == null)
{
throw new ArgumentNullException(nameof(value));
}
_id = Utils.GetAttribute(value, "Id", SignedXml.XmlDsigNamespaceUrl);
_uri = Utils.GetAttribute(value, "URI", SignedXml.XmlDsigNamespaceUrl);
_type = Utils.GetAttribute(value, "Type", SignedXml.XmlDsigNamespaceUrl);
if (!Utils.VerifyAttributes(value, new string[] { "Id", "URI", "Type" }))
{
throw new CryptographicException(SR.Cryptography_Xml_InvalidElement, "Reference");
}
XmlNamespaceManager nsm = new XmlNamespaceManager(value.OwnerDocument.NameTable);
nsm.AddNamespace("ds", SignedXml.XmlDsigNamespaceUrl);
// Transforms
bool hasTransforms = false;
TransformChain = new TransformChain();
XmlNodeList transformsNodes = value.SelectNodes("ds:Transforms", nsm);
if (transformsNodes != null && transformsNodes.Count != 0)
{
if (transformsNodes.Count > 1)
{
throw new CryptographicException(SR.Cryptography_Xml_InvalidElement, "Reference/Transforms");
}
hasTransforms = true;
XmlElement transformsElement = transformsNodes[0] as XmlElement;
if (!Utils.VerifyAttributes(transformsElement, (string[])null))
{
throw new CryptographicException(SR.Cryptography_Xml_InvalidElement, "Reference/Transforms");
}
XmlNodeList transformNodes = transformsElement.SelectNodes("ds:Transform", nsm);
if (transformNodes != null)
{
if (transformNodes.Count != transformsElement.SelectNodes("*").Count)
{
throw new CryptographicException(SR.Cryptography_Xml_InvalidElement, "Reference/Transforms");
}
if (transformNodes.Count > Utils.MaxTransformsPerReference)
{
throw new CryptographicException(SR.Cryptography_Xml_InvalidElement, "Reference/Transforms");
}
foreach (XmlNode transformNode in transformNodes)
{
XmlElement transformElement = transformNode as XmlElement;
string algorithm = Utils.GetAttribute(transformElement, "Algorithm", SignedXml.XmlDsigNamespaceUrl);
if (algorithm == null || !Utils.VerifyAttributes(transformElement, "Algorithm"))
{
throw new CryptographicException(SR.Cryptography_Xml_UnknownTransform);
}
Transform transform = CryptoHelpers.CreateFromName <Transform>(algorithm);
if (transform == null)
{
throw new CryptographicException(SR.Cryptography_Xml_UnknownTransform);
}
AddTransform(transform);
// let the transform read the children of the transformElement for data
transform.LoadInnerXml(transformElement.ChildNodes);
// Hack! this is done to get around the lack of here() function support in XPath
if (transform is XmlDsigEnvelopedSignatureTransform)
{
// Walk back to the Signature tag. Find the nearest signature ancestor
// Signature-->SignedInfo-->Reference-->Transforms-->Transform
XmlNode signatureTag = transformElement.SelectSingleNode("ancestor::ds:Signature[1]", nsm);
XmlNodeList signatureList = transformElement.SelectNodes("//ds:Signature", nsm);
if (signatureList != null)
{
int position = 0;
foreach (XmlNode node in signatureList)
{
position++;
if (node == signatureTag)
{
((XmlDsigEnvelopedSignatureTransform)transform).SignaturePosition = position;
break;
}
}
}
}
}
}
}
// DigestMethod
XmlNodeList digestMethodNodes = value.SelectNodes("ds:DigestMethod", nsm);
if (digestMethodNodes == null || digestMethodNodes.Count == 0 || digestMethodNodes.Count > 1)
{
throw new CryptographicException(SR.Cryptography_Xml_InvalidElement, "Reference/DigestMethod");
}
XmlElement digestMethodElement = digestMethodNodes[0] as XmlElement;
_digestMethod = Utils.GetAttribute(digestMethodElement, "Algorithm", SignedXml.XmlDsigNamespaceUrl);
if (_digestMethod == null || !Utils.VerifyAttributes(digestMethodElement, "Algorithm"))
{
throw new CryptographicException(SR.Cryptography_Xml_InvalidElement, "Reference/DigestMethod");
}
// DigestValue
XmlNodeList digestValueNodes = value.SelectNodes("ds:DigestValue", nsm);
if (digestValueNodes == null || digestValueNodes.Count == 0 || digestValueNodes.Count > 1)
{
throw new CryptographicException(SR.Cryptography_Xml_InvalidElement, "Reference/DigestValue");
}
XmlElement digestValueElement = digestValueNodes[0] as XmlElement;
_digestValue = Convert.FromBase64String(Utils.DiscardWhiteSpaces(digestValueElement.InnerText));
if (!Utils.VerifyAttributes(digestValueElement, (string[])null))
{
throw new CryptographicException(SR.Cryptography_Xml_InvalidElement, "Reference/DigestValue");
}
// Verify that there aren't any extra nodes that aren't allowed
int expectedChildNodeCount = hasTransforms ? 3 : 2;
if (value.SelectNodes("*").Count != expectedChildNodeCount)
{
throw new CryptographicException(SR.Cryptography_Xml_InvalidElement, "Reference");
}
// cache the Xml
_cachedXml = value;
}
public void LoadXml(XmlElement value)
{
// Make sure we don't get passed null
if (value == null)
{
throw new ArgumentNullException("value");
}
// Signature
XmlElement signatureElement = value;
if (!signatureElement.LocalName.Equals("Signature"))
{
throw new CryptographicException(SecurityResources.GetResourceString("Cryptography_Xml_InvalidElement"), "Signature");
}
// Attributes
m_id = Utils.GetAttribute(signatureElement, "Id", SignedXml.XmlDsigNamespaceUrl);
if (!Utils.VerifyAttributes(signatureElement, "Id"))
{
throw new CryptographicException(SecurityResources.GetResourceString("Cryptography_Xml_InvalidElement"), "Signature");
}
XmlNamespaceManager nsm = new XmlNamespaceManager(value.OwnerDocument.NameTable);
nsm.AddNamespace("ds", SignedXml.XmlDsigNamespaceUrl);
int expectedChildNodes = 0;
// SignedInfo
XmlNodeList signedInfoNodes = signatureElement.SelectNodes("ds:SignedInfo", nsm);
if (signedInfoNodes == null || signedInfoNodes.Count == 0 || (!Utils.GetAllowAdditionalSignatureNodes() && signedInfoNodes.Count > 1))
{
throw new CryptographicException(SecurityResources.GetResourceString("Cryptography_Xml_InvalidElement"), "SignedInfo");
}
XmlElement signedInfoElement = signedInfoNodes[0] as XmlElement;
expectedChildNodes += signedInfoNodes.Count;
this.SignedInfo = new SignedInfo();
this.SignedInfo.LoadXml(signedInfoElement);
// SignatureValue
XmlNodeList signatureValueNodes = signatureElement.SelectNodes("ds:SignatureValue", nsm);
if (signatureValueNodes == null || signatureValueNodes.Count == 0 || (!Utils.GetAllowAdditionalSignatureNodes() && signatureValueNodes.Count > 1))
{
throw new CryptographicException(SecurityResources.GetResourceString("Cryptography_Xml_InvalidElement"), "SignatureValue");
}
XmlElement signatureValueElement = signatureValueNodes[0] as XmlElement;
expectedChildNodes += signatureValueNodes.Count;
m_signatureValue = Convert.FromBase64String(Utils.DiscardWhiteSpaces(signatureValueElement.InnerText));
m_signatureValueId = Utils.GetAttribute(signatureValueElement, "Id", SignedXml.XmlDsigNamespaceUrl);
if (!Utils.VerifyAttributes(signatureValueElement, "Id"))
{
throw new CryptographicException(SecurityResources.GetResourceString("Cryptography_Xml_InvalidElement"), "SignatureValue");
}
// KeyInfo - optional single element
XmlNodeList keyInfoNodes = signatureElement.SelectNodes("ds:KeyInfo", nsm);
m_keyInfo = new KeyInfo();
if (keyInfoNodes != null)
{
if (!Utils.GetAllowAdditionalSignatureNodes() && keyInfoNodes.Count > 1)
{
throw new CryptographicException(SecurityResources.GetResourceString("Cryptography_Xml_InvalidElement"), "KeyInfo");
}
foreach (XmlNode node in keyInfoNodes)
{
XmlElement keyInfoElement = node as XmlElement;
if (keyInfoElement != null)
{
m_keyInfo.LoadXml(keyInfoElement);
}
}
expectedChildNodes += keyInfoNodes.Count;
}
// Object - zero or more elements allowed
XmlNodeList objectNodes = signatureElement.SelectNodes("ds:Object", nsm);
m_embeddedObjects.Clear();
if (objectNodes != null)
{
foreach (XmlNode node in objectNodes)
{
XmlElement objectElement = node as XmlElement;
if (objectElement != null)
{
DataObject dataObj = new DataObject();
dataObj.LoadXml(objectElement);
m_embeddedObjects.Add(dataObj);
}
}
expectedChildNodes += objectNodes.Count;
}
// Select all elements that have Id attributes
XmlNodeList nodeList = signatureElement.SelectNodes("//*[@Id]", nsm);
if (nodeList != null)
{
foreach (XmlNode node in nodeList)
{
m_referencedItems.Add(node);
}
}
// Verify that there aren't any extra nodes that aren't allowed
if (!Utils.GetAllowAdditionalSignatureNodes() && (signatureElement.SelectNodes("*").Count != expectedChildNodes))
{
throw new CryptographicException(SecurityResources.GetResourceString("Cryptography_Xml_InvalidElement"), "Signature");
}
}
public void LoadXml(XmlElement value)
{
if (value == null)
{
throw new ArgumentNullException(nameof(value));
}
// SignedInfo
XmlElement signedInfoElement = value;
if (!signedInfoElement.LocalName.Equals("SignedInfo"))
{
throw new CryptographicException(SR.Cryptography_Xml_InvalidElement, "SignedInfo");
}
XmlNamespaceManager nsm = new XmlNamespaceManager(value.OwnerDocument.NameTable);
nsm.AddNamespace("ds", SignedXml.XmlDsigNamespaceUrl);
int expectedChildNodes = 0;
// Id attribute -- optional
_id = Utils.GetAttribute(signedInfoElement, "Id", SignedXml.XmlDsigNamespaceUrl);
if (!Utils.VerifyAttributes(signedInfoElement, "Id"))
{
throw new CryptographicException(SR.Cryptography_Xml_InvalidElement, "SignedInfo");
}
// CanonicalizationMethod -- must be present
XmlNodeList canonicalizationMethodNodes = signedInfoElement.SelectNodes("ds:CanonicalizationMethod", nsm);
if (canonicalizationMethodNodes == null || canonicalizationMethodNodes.Count == 0 || canonicalizationMethodNodes.Count > 1)
{
throw new CryptographicException(SR.Cryptography_Xml_InvalidElement, "SignedInfo/CanonicalizationMethod");
}
XmlElement canonicalizationMethodElement = canonicalizationMethodNodes.Item(0) as XmlElement;
expectedChildNodes += canonicalizationMethodNodes.Count;
_canonicalizationMethod = Utils.GetAttribute(canonicalizationMethodElement, "Algorithm", SignedXml.XmlDsigNamespaceUrl);
if (_canonicalizationMethod == null || !Utils.VerifyAttributes(canonicalizationMethodElement, "Algorithm"))
{
throw new CryptographicException(SR.Cryptography_Xml_InvalidElement, "SignedInfo/CanonicalizationMethod");
}
_canonicalizationMethodTransform = null;
if (canonicalizationMethodElement.ChildNodes.Count > 0)
{
CanonicalizationMethodObject.LoadInnerXml(canonicalizationMethodElement.ChildNodes);
}
// SignatureMethod -- must be present
XmlNodeList signatureMethodNodes = signedInfoElement.SelectNodes("ds:SignatureMethod", nsm);
if (signatureMethodNodes == null || signatureMethodNodes.Count == 0 || signatureMethodNodes.Count > 1)
{
throw new CryptographicException(SR.Cryptography_Xml_InvalidElement, "SignedInfo/SignatureMethod");
}
XmlElement signatureMethodElement = signatureMethodNodes.Item(0) as XmlElement;
expectedChildNodes += signatureMethodNodes.Count;
_signatureMethod = Utils.GetAttribute(signatureMethodElement, "Algorithm", SignedXml.XmlDsigNamespaceUrl);
if (_signatureMethod == null || !Utils.VerifyAttributes(signatureMethodElement, "Algorithm"))
{
throw new CryptographicException(SR.Cryptography_Xml_InvalidElement, "SignedInfo/SignatureMethod");
}
// Now get the output length if we are using a MAC algorithm
XmlElement signatureLengthElement = signatureMethodElement.SelectSingleNode("ds:HMACOutputLength", nsm) as XmlElement;
if (signatureLengthElement != null)
{
_signatureLength = signatureLengthElement.InnerXml;
}
// flush out any reference that was there
_references.Clear();
// Reference - 0 or more
XmlNodeList referenceNodes = signedInfoElement.SelectNodes("ds:Reference", nsm);
if (referenceNodes != null)
{
if (referenceNodes.Count > Utils.MaxReferencesPerSignedInfo)
{
throw new CryptographicException(SR.Cryptography_Xml_InvalidElement, "SignedInfo/Reference");
}
foreach (XmlNode node in referenceNodes)
{
XmlElement referenceElement = node as XmlElement;
Reference reference = new Reference();
AddReference(reference);
reference.LoadXml(referenceElement);
}
expectedChildNodes += referenceNodes.Count;
// Verify that there aren't any extra nodes that aren't allowed
if (signedInfoElement.SelectNodes("*").Count != expectedChildNodes)
{
throw new CryptographicException(SR.Cryptography_Xml_InvalidElement, "SignedInfo");
}
}
// Save away the cached value
_cachedXml = signedInfoElement;
}
