private void DownloadCipherValue(CipherData cipherData, out Stream inputStream, out Stream decInputStream, out WebResponse response)
{
// maybe a network stream, make sure we allow just what is needed!!
//TODO Security PermissionSet ps = SecurityManager.GetStandardSandbox(m_evidence);
//ps.PermitOnly();
WebRequest request = WebRequest.Create(cipherData.CipherReference.Uri);
if (request == null)
{
throw new CryptographicException(SecurityResources.GetResourceString("Cryptography_Xml_UriNotResolved"), cipherData.CipherReference.Uri);
}
response = request.GetResponse();
if (response == null)
{
throw new CryptographicException(SecurityResources.GetResourceString("Cryptography_Xml_UriNotResolved"), cipherData.CipherReference.Uri);
}
inputStream = response.GetResponseStream();
if (inputStream == null)
{
throw new CryptographicException(SecurityResources.GetResourceString("Cryptography_Xml_UriNotResolved"), cipherData.CipherReference.Uri);
}
TransformChain tc = cipherData.CipherReference.TransformChain;
decInputStream = tc.TransformToOctetStream(inputStream, m_xmlResolver, cipherData.CipherReference.Uri);
}
/// <summary>
/// Calculate hash
/// </summary>
/// <param name="obj">Stream, XmlNodeList or XmlDocument</param>
/// <param name="transformChain"></param>
/// <param name="digestMethod"></param>
/// <returns></returns>
internal static byte[] CalculateHash(object obj, TransformChain transformChain, string digestMethod)
{
if (!(obj is Stream) && !(obj is XmlNodeList) && !(obj is XmlDocument))
{
throw new CryptographicException("Invalid data type");
}
Stream stream = obj as Stream;
if (transformChain != null && transformChain.Count > 0)
{
MethodInfo mi = typeof(TransformChain).GetMethod("TransformToOctetStream", BindingFlags.NonPublic | BindingFlags.Instance, null, new Type[] { typeof(object), typeof(Type), typeof(XmlResolver), typeof(string) }, null);
stream = (Stream)mi.Invoke(transformChain, new object[] { obj, obj.GetType(), null, "" });
}
if (stream == null)
{
throw new CryptographicException("Invalid data type");
}
HashAlgorithm hashAlg = CryptoConfig.CreateFromName(digestMethod) as HashAlgorithm;
if (hashAlg == null)
{
throw new CryptographicException("Invalid digest method");
}
return(hashAlg.ComputeHash(stream));
}
public Reference(Stream stream)
{
m_transformChain = new TransformChain();
m_refTarget = stream;
m_refTargetType = ReferenceTargetType.Stream;
m_cachedXml = null;
m_digestMethod = SignedXml.XmlDsigSHA1Url;
}
internal Reference(XmlElement element)
{
m_transformChain = new TransformChain();
m_refTarget = element;
m_refTargetType = ReferenceTargetType.XmlElement;
m_cachedXml = null;
m_digestMethod = SignedXml.XmlDsigSHA1Url;
}
public void EmptyChain()
{
TransformChain chain = new TransformChain();
Assert.AreEqual(0, chain.Count, "empty count");
Assert.IsNotNull(chain.GetEnumerator(), "IEnumerator");
Assert.AreEqual("System.Security.Cryptography.Xml.TransformChain", chain.ToString(), "ToString()");
}
public void EmptyChain()
{
TransformChain chain = new TransformChain();
Assert.Equal(0, chain.Count);
Assert.NotNull(chain.GetEnumerator());
Assert.Equal("Org.BouncyCastle.Crypto.Xml.TransformChain", chain.ToString());
}
public void EmptyChain()
{
TransformChain chain = new TransformChain();
Assert.Equal(0, chain.Count);
Assert.NotNull(chain.GetEnumerator());
Assert.Equal("System.Security.Cryptography.Xml.TransformChain", chain.ToString());
}
/// <summary>
/// Create new document reference
/// </summary>
/// <param name="uri"></param>
/// <param name="transformChain"></param>
/// <param name="digestMethod"></param>
public XadesReference(string uri, TransformChain transformChain = null, string digestMethod = null)
{
URI = uri;
TransformChain = transformChain;
DigestMethod = digestMethod ?? SignedXml.XmlDsigSHA256Url;
CommitmentTypeQualifiers = new List <XmlElement>();
}
public Reference(string uri)
{
m_transformChain = new TransformChain();
m_refTarget = uri;
m_uri = uri;
m_refTargetType = ReferenceTargetType.UriReference;
m_cachedXml = null;
m_digestMethod = SignedXml.XmlDsigSHA1Url;
}
private static TransformChain GetChain(params Transform[] transforms)
{
TransformChain chain = new TransformChain();
foreach (Transform transform in transforms)
{
chain.Add(transform);
}
return(chain);
}
static void Main(string[] args)
{
//Create a URI string.
String uri = "http://www.woodgrovebank.com/document.xml";
// Create a Base64 transform. The input content retrieved from the
// URI should be Base64-decoded before other processing.
Transform base64 = new XmlDsigBase64Transform();
//Create a transform chain and add the transform to it.
TransformChain tc = new TransformChain();
tc.Add(base64);
//Create <CipherReference> information.
CipherReference reference = new CipherReference(uri, tc);
// Create a new CipherData object using the CipherReference information.
// Note that you cannot assign both a CipherReference and a CipherValue
// to a CipherData object.
CipherData cd = new CipherData(reference);
// Create a new EncryptedData object.
EncryptedData ed = new EncryptedData();
//Add an encryption method to the object.
ed.Id = "ED";
ed.EncryptionMethod = new EncryptionMethod("http://www.w3.org/2001/04/xmlenc#aes128-cbc");
ed.CipherData = cd;
//Add key information to the object.
KeyInfo ki = new KeyInfo();
ki.AddClause(new KeyInfoRetrievalMethod("#EK", "http://www.w3.org/2001/04/xmlenc#EncryptedKey"));
ed.KeyInfo = ki;
// Create new XML document and put encrypted data into it.
XmlDocument doc = new XmlDocument();
XmlElement encryptionPropertyElement = (XmlElement)doc.CreateElement("EncryptionProperty", EncryptedXml.XmlEncNamespaceUrl);
EncryptionProperty ep = new EncryptionProperty(encryptionPropertyElement);
ed.AddProperty(ep);
// Output the resulting XML information into a file.
try
{
string path = @"c:\test\MyTest.xml";
File.WriteAllText(path, ed.GetXml().OuterXml);
}
catch (IOException e)
{
Console.WriteLine("File IO error. {0}", e);
}
}
/// <summary>
/// Create signature properties from existing document
/// </summary>
/// <param name="element"></param>
/// <param name="nsm"></param>
internal XadesSignatureProperties(XmlElement element, XmlNamespaceManager nsm)
{
// read from xml
XmlElement signedSignatureProperties = element["SignedSignatureProperties", Xades.XadesNamespaceUrl];
// signing time
if (DateTime.TryParse(signedSignatureProperties?["SigningTime", Xades.XadesNamespaceUrl]?.InnerText, out DateTime signingTime))
{
SigningTime = signingTime;
}
// signing certificate; currently only one certificate supported
//foreach (XmlElement cert in element.SelectNodes("xades:SignedSignatureProperties/xades:SigningCertificate/xades:Cert", nsm))
//{
// TODO: read certificate information and expose as public read-only array
//}
// signature policy
XmlElement signaturePolicyIdentifier = signedSignatureProperties["SignaturePolicyIdentifier", Xades.XadesNamespaceUrl];
XmlElement signaturePolicyImplied = signaturePolicyIdentifier?["SignaturePolicyImplied", Xades.XadesNamespaceUrl];
XmlElement signaturePolicyId = signaturePolicyIdentifier?["SignaturePolicyId", Xades.XadesNamespaceUrl];
if (signaturePolicyImplied != null)
{
PolicyImplied = true;
}
else if (signaturePolicyId != null)
{
PolicyId = ObjectIdentifier.TryParseFromParent(signaturePolicyId, "SigPolicyId", Xades.XadesNamespaceUrl);
XmlElement transformChain = signaturePolicyId.SelectSingleNode("ds:Transforms", nsm) as XmlElement;
if (transformChain != null)
{
PolicyTransformChain = new TransformChain();
MethodInfo loadXmlInfo = typeof(TransformChain).GetMethod("LoadXml", BindingFlags.NonPublic | BindingFlags.Instance);
loadXmlInfo.Invoke(PolicyTransformChain, new object[] { transformChain });
}
DigestAlgAndValue digestInfo = DigestAlgAndValue.TryParse(signaturePolicyId["SigPolicyHash", Xades.XadesNamespaceUrl]);
PolicyDigestMethod = digestInfo.Algorithm;
PolicyDigest = digestInfo.Digest;
XmlElement signaturePolicyQualifiers = signaturePolicyIdentifier["SigPolicyQualifiers", Xades.XadesNamespaceUrl];
if (signaturePolicyQualifiers != null)
{
PolicyURIs = signaturePolicyQualifiers.SelectNodes("xades:SigPolicyQualifier/xades:SPURI", nsm).OfType <XmlElement>().Select(x => x.InnerText).ToList();
//PolicyNotices = signaturePolicyQualifiers.SelectNodes("xades:SigPolicyQualifier/xades:SPUserNotice", nsm).OfType<XmlElement>().Select(x => new PolicyUserNotice(x)).ToList();
}
}
}
public TransformSet(string name, XmlElement element)
{
Name = name;
TransformChain = new TransformChain();
foreach (XmlElement xmlElement in element.ChildNodes)
{
string attribute = xmlElement.GetAttribute("Algorithm");
Transform transform = CryptoConfig.CreateFromName(attribute) as Transform;
if (transform != null)
{
transform.LoadInnerXml(xmlElement.ChildNodes);
TransformChain.Add(transform);
}
}
}
private Xades(XmlDocument document, XmlElement signatureParent)
{
_document = document;
_signatureParent = signatureParent;
SignatureProperties = new XadesSignatureProperties();
References = new List <XadesReference>();
// set defaults
SignatureType = SignatureType.Xades;
CanonicalizationMethod = SignedXml.XmlDsigExcC14NWithCommentsTransformUrl;
DigestMethod = SignedXml.XmlDsigSHA256Url;
SignatureMethod = SignedXml.XmlDsigRSASHA256Url;
XadesTransformChain = new TransformChain();
XadesTransformChain.Add(new XmlDsigExcC14NTransform());
XadesDigestMethod = SignedXml.XmlDsigSHA256Url;
}
public void RebuildTransformChain()
{
TransformChain.Clear();
var daddy = Owner;
while (daddy != null)
{
if (daddy is IOrient3D)
{
TransformChain.Add(daddy as IOrient3D);
continue;
}
var orient = (IOrient3D)daddy.Children.FirstOrDefault(ch => ch is IOrient3D);
if (orient != null)
{
TransformChain.Add(orient);
}
}
}
static void Main(string[] args)
{
//Create a URI string.
String uri = "http://www.woodgrovebank.com/document.xml";
// Create a Base64 transform. The input content retrieved from the
// URI should be Base64-decoded before other processing.
Transform base64 = new XmlDsigBase64Transform();
//Create a transform chain and add the transform to it.
TransformChain tc = new TransformChain();
tc.Add(base64);
//Create <CipherReference> information.
CipherReference reference = new CipherReference(uri, tc);
// Write the CipherReference value to the console.
Console.WriteLine("Cipher Reference data: {0}", reference.GetXml().OuterXml);
}
public void FullChain()
{
TransformChain chain = new TransformChain();
XmlDsigBase64Transform base64 = new XmlDsigBase64Transform();
chain.Add(base64);
Assert.Equal(base64, chain[0]);
Assert.Equal(1, chain.Count);
XmlDsigC14NTransform c14n = new XmlDsigC14NTransform();
chain.Add(c14n);
Assert.Equal(c14n, chain[1]);
Assert.Equal(2, chain.Count);
XmlDsigC14NWithCommentsTransform c14nc = new XmlDsigC14NWithCommentsTransform();
chain.Add(c14nc);
Assert.Equal(c14nc, chain[2]);
Assert.Equal(3, chain.Count);
XmlDsigEnvelopedSignatureTransform esign = new XmlDsigEnvelopedSignatureTransform();
chain.Add(esign);
Assert.Equal(esign, chain[3]);
Assert.Equal(4, chain.Count);
XmlDsigXPathTransform xpath = new XmlDsigXPathTransform();
chain.Add(xpath);
Assert.Equal(xpath, chain[4]);
Assert.Equal(5, chain.Count);
XmlDsigXsltTransform xslt = new XmlDsigXsltTransform();
chain.Add(xslt);
Assert.Equal(xslt, chain[5]);
Assert.Equal(6, chain.Count);
}
public KeyReference(string uri, TransformChain transformChain) {}
public XadesReference(string id, XmlElement fragment, TransformChain transformChain = null, string digestMethod = null) : this(id.StartsWith("#") ? id : $"#{id}", transformChain, digestMethod)
{
Fragment = fragment;
}
public XmlElement ApplyTransform(Reference reference)
{
XmlNode node = null;
TransformChain transformChain = reference.TransformChain;
int transCounter = transformChain.Count;
IEnumerator enumerator = transformChain.GetEnumerator();
Stream transformstream = new MemoryStream();
if (reference.Uri.Equals(""))
{
this._inputDocument.Save(transformstream);
transformstream.Position = 0;
}
else
{
XmlNodeReader reader = new XmlNodeReader((XmlNode)this._reference);
XmlWriter writer = new XmlTextWriter(transformstream, Encoding.UTF8);
writer.WriteNode(reader, false);
writer.Flush();
transformstream.Position = 0;
}
for (int i = 0; i < transCounter; i++)
{
enumerator.MoveNext();
Transform trans = (Transform)enumerator.Current;
string typ = trans.ToString();
switch (typ)
{
case "System.Security.Cryptography.Xml.XmlDsigEnvelopedSignatureTransform":
if (!reference.Uri.Equals(""))
{
for (int j = 0; j < _referenceList.Count; j++)
{
XmlElement temp = (XmlElement)this._referenceList[j];
string uri = "#" + temp.Attributes["Id"].Value;
if (uri.Equals(reference.Uri))
{
node = temp;
}
}
XmlNode signatureNode = (node as XmlElement).GetElementsByTagName("ds:Signature") != null ? (node as XmlElement).GetElementsByTagName("ds:Signature")[0] as XmlNode : null;
if (signatureNode != null)
{
node.RemoveChild(signatureNode);
}
}
break;
case "System.Security.Cryptography.Xml.XmlDsigExcC14NTransform":
if (!reference.Uri.Equals(""))
{
for (int j = 0; j < _referenceList.Count; j++)
{
XmlElement temp = (XmlElement)this._referenceList[j];
string uri = "#" + temp.Attributes["Id"].Value;
if (uri.Equals(reference.Uri))
{
node = temp;
}
}
}
break;
case SignedXml.XmlDsigEnvelopedSignatureTransformUrl:
{
}
break;
case "System.Security.Cryptography.Xml.XmlDsigXPathTransform":
XmlDocument doc = new XmlDocument();
XmlDsigXPathTransform xpathTransform = (XmlDsigXPathTransform)trans;
XmlElement xpathElement = xpathTransform.GetXml();
string xpath = xpathElement.InnerText;
XmlNamespaceManager xmlNameSpaceManager = new XmlNamespaceManager(this._inputDocument.NameTable);
XmlElement bodyElement = (XmlElement)this._inputDocument.GetElementsByTagName("s:Body")[0];
xmlNameSpaceManager.AddNamespace("s", bodyElement.NamespaceURI);
xmlNameSpaceManager.AddNamespace("tns", "http://tempuri.org/");
xmlNameSpaceManager.AddNamespace("xenc", "http://www.w3.org/2001/04/xmlenc#");
xmlNameSpaceManager.AddNamespace("wsse", "http://docs.oasis-open.org/wss/2004/01/oasis -200401-wss-wssecurity-secext-1.0.xsd");
node = this._inputDocument.SelectSingleNode(xpath, xmlNameSpaceManager);
break;
}
}
return((XmlElement)node);
}
public CipherReference(string uri, TransformChain transformChain)
{
}
/// <summary>Initializes a new instance of the <see cref="T:System.Security.Cryptography.Xml.DataReference" /> class using the specified Uniform Resource Identifier (URI) and a <see cref="T:System.Security.Cryptography.Xml.TransformChain" /> object.</summary>
/// <param name="uri">A Uniform Resource Identifier (URI) that points to the encrypted data.</param>
/// <param name="transformChain">A <see cref="T:System.Security.Cryptography.Xml.TransformChain" /> object that describes transforms to do on the encrypted data.</param>
public DataReference(string uri, TransformChain transformChain)
: base(uri, transformChain)
{
ReferenceType = nameof(DataReference);
}
//组合中都有判断,在此是否多此一举?或者这里显得更加简便。
//public override bool IsMatched
//{
// get
// {
// bool match = SourceCrs.CoordinateSystem.CoordinateType == CoordinateType.LonLatHeight
// && TargetCrs.CoordinateSystem.CoordinateType == CoordinateType.XYZ
// && SourceCrs.Datum is IGeodeticDatum
// && TargetCrs.Datum is IGeodeticDatum;
// return match;
// }
//}
/// <summary>
/// 转换操作。输入待转坐标,输出目标坐标。
/// 责任链。
/// </summary>
/// <param name="oldCoord">待转坐标,只取其数字部分,参考系取自属性本对象的TargetCrs属性 </param>
/// <returns></returns>
public override ICoordinate MatchedTrans(ICoordinate oldCoord)
{
return(TransformChain.Trans(oldCoord));
}
public DataReference(string uri, TransformChain transformChain) {}
public KeyReference(string uri, TransformChain transformChain)
{
}
public CipherReference(string uri, TransformChain transformChain) : base(uri, transformChain)
{
ReferenceType = "CipherReference";
}
protected EncryptedReference(string uri, TransformChain transformChain)
{
this.TransformChain = transformChain;
this.Uri = uri;
m_cachedXml = null;
}
public TransformSet(string name, TransformChain transformChain)
{
Name = name;
TransformChain = transformChain;
}
//
// private methods
//
private byte[] GetCipherValue(CipherData cipherData)
{
if (cipherData == null)
{
throw new ArgumentNullException("cipherData");
}
WebResponse response = null;
Stream inputStream = null;
if (cipherData.CipherValue != null)
{
return(cipherData.CipherValue);
}
else if (cipherData.CipherReference != null)
{
if (cipherData.CipherReference.CipherValue != null)
{
return(cipherData.CipherReference.CipherValue);
}
Stream decInputStream = null;
// See if the CipherReference is a local URI
if (cipherData.CipherReference.Uri.Length == 0)
{
// self referenced Uri
string baseUri = (m_document == null ? null : m_document.BaseURI);
TransformChain tc = cipherData.CipherReference.TransformChain;
decInputStream = tc.TransformToOctetStream(m_document, m_xmlResolver, baseUri);
}
else if (cipherData.CipherReference.Uri[0] == '#')
{
string idref = Utils.ExtractIdFromLocalUri(cipherData.CipherReference.Uri);
// Serialize
inputStream = new MemoryStream(m_encoding.GetBytes(GetIdElement(m_document, idref).OuterXml));
string baseUri = (m_document == null ? null : m_document.BaseURI);
TransformChain tc = cipherData.CipherReference.TransformChain;
decInputStream = tc.TransformToOctetStream(inputStream, m_xmlResolver, baseUri);
}
else
{
DownloadCipherValue(cipherData, out inputStream, out decInputStream, out response);
}
// read the output stream into a memory stream
byte[] cipherValue = null;
using (MemoryStream ms = new MemoryStream()) {
Utils.Pump(decInputStream, ms);
cipherValue = ms.ToArray();
// Close the stream and return
if (response != null)
{
response.Close();
}
if (inputStream != null)
{
inputStream.Close();
}
decInputStream.Close();
}
// cache the cipher value for Perf reasons in case we call this routine twice
cipherData.CipherReference.CipherValue = cipherValue;
return(cipherValue);
}
// Throw a CryptographicException if we were unable to retrieve the cipher data.
throw new CryptographicException(SecurityResources.GetResourceString("Cryptography_Xml_MissingCipherData"));
}
public CipherReference(string uri, TransformChain transformChain) {}
public KeyReference(string uri, TransformChain transformChain) : base(uri, transformChain)
{
ReferenceType = "KeyReference";
}
public DataReference(string uri, TransformChain transformChain)
{
}
