void CheckProperties (XmlDsigExcC14NWithCommentsTransform transform)
{
Assert.AreEqual ("http://www.w3.org/2001/10/xml-exc-c14n#WithComments",
transform.Algorithm, "Algorithm");
Type[] input = transform.InputTypes;
Assert.AreEqual (3, input.Length, "Input #");
// check presence of every supported input types
bool istream = false;
bool ixmldoc = false;
bool ixmlnl = false;
foreach (Type t in input) {
if (t == typeof (Stream))
istream = true;
if (t == typeof (XmlDocument))
ixmldoc = true;
if (t == typeof (XmlNodeList))
ixmlnl = true;
}
Assert.IsTrue (istream, "Input Stream");
Assert.IsTrue (ixmldoc, "Input XmlDocument");
Assert.IsTrue (ixmlnl, "Input XmlNodeList");
Type[] output = transform.OutputTypes;
Assert.AreEqual (1, output.Length, "Output #");
Assert.AreEqual (typeof (Stream), output [0], "Output Type");
}
/// <remarks>Sólo se implementan las transformadas de canonicalización</remarks>
private Stream SignedInfoTransformed()
{
System.Security.Cryptography.Xml.Transform t = null;
switch (signature.SignedInfo.CanonicalizationMethod)
{
case XmlSignatureConstants.XmlDsigC14NTransformUrl:
t = new System.Security.Cryptography.Xml.XmlDsigC14NTransform();
break;
case XmlSignatureConstants.XmlDsigC14NWithCommentsTransformUrl:
t = new System.Security.Cryptography.Xml.XmlDsigC14NWithCommentsTransform();
break;
case XmlSignatureConstants.XmlDsigExcC14NTransformUrl:
t = new System.Security.Cryptography.Xml.XmlDsigExcC14NTransform(signature.SignedInfo.InclusiveNamespaces);
break;
case XmlSignatureConstants.XmlDsigExcC14NWithCommentsTransformUrl:
t = new System.Security.Cryptography.Xml.XmlDsigExcC14NWithCommentsTransform();
break;
default:
t = null;
break;
}
if (t == null)
{
return(null);
}
XmlDocument doc = new XmlDocument();
doc.PreserveWhitespace = true;
XmlElement signatureNode = (XmlElement)envdoc.SelectSingleNode("//*[@Id='" + signature.Id + "']");
if (signatureNode != null)
{
XmlNamespaceManager xmlnsManager = new XmlNamespaceManager(envdoc.NameTable);
xmlnsManager.AddNamespace("ds", "http://www.w3.org/2000/09/xmldsig#");
XmlNode signedInfoNode = signatureNode.SelectSingleNode("ds:SignedInfo", xmlnsManager);
doc.LoadXml(signedInfoNode.OuterXml);
}
else
{
doc.LoadXml(signature.SignedInfo.GetXml().OuterXml);
}
var namespaces = GetAllNamespaces(signatureNode);
foreach (var item in namespaces)
{
AddNameSpace(doc, doc.DocumentElement, item.Name, item.Value);
}
return(ApplyTransform(t, doc));
}
public virtual void LoadXml(XmlElement value)
{
if (value == null)
{
throw new ArgumentNullException("value");
}
else
{
Uri = null;
TransformChain = new TransformChain();
foreach (XmlNode n in value.ChildNodes)
{
if (n is XmlWhitespace)
{
continue;
}
switch (n.LocalName)
{
case XmlEncryption.ElementNames.Transforms:
foreach (XmlNode xn in ((XmlElement)n).GetElementsByTagName(XmlSignature.ElementNames.Transform, XmlSignature.NamespaceURI))
{
Transform t = null;
switch (((XmlElement)xn).Attributes [XmlSignature.AttributeNames.Algorithm].Value)
{
case XmlSignature.AlgorithmNamespaces.XmlDsigBase64Transform:
t = new XmlDsigBase64Transform();
break;
case XmlSignature.AlgorithmNamespaces.XmlDsigC14NTransform:
t = new XmlDsigC14NTransform();
break;
case XmlSignature.AlgorithmNamespaces.XmlDsigC14NWithCommentsTransform:
t = new XmlDsigC14NWithCommentsTransform();
break;
case XmlSignature.AlgorithmNamespaces.XmlDsigEnvelopedSignatureTransform:
t = new XmlDsigEnvelopedSignatureTransform();
break;
case XmlSignature.AlgorithmNamespaces.XmlDsigXPathTransform:
t = new XmlDsigXPathTransform();
break;
case XmlSignature.AlgorithmNamespaces.XmlDsigXsltTransform:
t = new XmlDsigXsltTransform();
break;
#if NET_2_0
case XmlSignature.AlgorithmNamespaces.XmlDsigExcC14NTransform:
t = new XmlDsigExcC14NTransform();
break;
case XmlSignature.AlgorithmNamespaces.XmlDsigExcC14NWithCommentsTransform:
t = new XmlDsigExcC14NWithCommentsTransform();
break;
case XmlSignature.AlgorithmNamespaces.XmlDecryptionTransform:
t = new XmlDecryptionTransform();
break;
#endif
default:
continue;
}
t.LoadInnerXml(((XmlElement)xn).ChildNodes);
TransformChain.Add(t);
}
break;
}
}
if (value.HasAttribute(XmlEncryption.AttributeNames.URI))
{
Uri = value.Attributes [XmlEncryption.AttributeNames.URI].Value;
}
}
}
public virtual void LoadXml (XmlElement value)
{
if (value == null)
throw new ArgumentNullException ("value");
else {
Uri = null;
TransformChain = new TransformChain ();
foreach (XmlNode n in value.ChildNodes) {
if (n is XmlWhitespace)
continue;
switch (n.LocalName) {
case XmlEncryption.ElementNames.Transforms:
foreach (XmlNode xn in ((XmlElement) n).GetElementsByTagName (XmlSignature.ElementNames.Transform, XmlSignature.NamespaceURI)) {
Transform t = null;
switch (((XmlElement) xn).Attributes [XmlSignature.AttributeNames.Algorithm].Value) {
case XmlSignature.AlgorithmNamespaces.XmlDsigBase64Transform:
t = new XmlDsigBase64Transform ();
break;
case XmlSignature.AlgorithmNamespaces.XmlDsigC14NTransform:
t = new XmlDsigC14NTransform ();
break;
case XmlSignature.AlgorithmNamespaces.XmlDsigC14NWithCommentsTransform:
t = new XmlDsigC14NWithCommentsTransform ();
break;
case XmlSignature.AlgorithmNamespaces.XmlDsigEnvelopedSignatureTransform:
t = new XmlDsigEnvelopedSignatureTransform ();
break;
case XmlSignature.AlgorithmNamespaces.XmlDsigXPathTransform:
t = new XmlDsigXPathTransform ();
break;
case XmlSignature.AlgorithmNamespaces.XmlDsigXsltTransform:
t = new XmlDsigXsltTransform ();
break;
case XmlSignature.AlgorithmNamespaces.XmlDsigExcC14NTransform:
t = new XmlDsigExcC14NTransform ();
break;
case XmlSignature.AlgorithmNamespaces.XmlDsigExcC14NWithCommentsTransform:
t = new XmlDsigExcC14NWithCommentsTransform ();
break;
case XmlSignature.AlgorithmNamespaces.XmlDecryptionTransform:
t = new XmlDecryptionTransform ();
break;
default:
continue;
}
t.LoadInnerXml (((XmlElement) xn).ChildNodes);
TransformChain.Add (t);
}
break;
}
}
if (value.HasAttribute (XmlEncryption.AttributeNames.URI))
Uri = value.Attributes [XmlEncryption.AttributeNames.URI].Value;
}
}
/// <summary>
/// Signs the specified xml document with the certificate found in
/// the local machine matching the provided friendly name and
/// referring to the specified target reference ID.
/// </summary>
/// <param name="certFriendlyName">
/// Friendly Name of the X509Certificate to be retrieved
/// from the LocalMachine keystore and used to sign the xml document.
/// Be sure to have appropriate permissions set on the keystore.
/// </param>
/// <param name="xmlDoc">
/// XML document to be signed.
/// </param>
/// <param name="targetReferenceId">
/// Reference element that will be specified as signed.
/// </param>
/// <param name="includePublicKey">
/// Flag to determine whether to include the public key in the
/// signed xml.
/// </param>
/// <param name="serviceProviderInstance">
/// ServiceProvider instance for retreaving Signature transform
/// and canonicalization method
/// </param>
public static void SignXml(string certFriendlyName, IXPathNavigable xmlDoc, string targetReferenceId, bool includePublicKey, ServiceProvider serviceProviderInstance)
{
if (string.IsNullOrEmpty(certFriendlyName))
{
throw new Saml2Exception(Resources.SignedXmlInvalidCertFriendlyName);
}
if (xmlDoc == null)
{
throw new Saml2Exception(Resources.SignedXmlInvalidXml);
}
if (string.IsNullOrEmpty(targetReferenceId))
{
throw new Saml2Exception(Resources.SignedXmlInvalidTargetRefId);
}
X509Certificate2 cert = FedletCertificateFactory.GetCertificateByFriendlyName(certFriendlyName);
if (cert == null)
{
throw new Saml2Exception(Resources.SignedXmlCertNotFound);
}
XmlDocument xml = (XmlDocument)xmlDoc;
SignedXml signedXml = new SignedXml(xml);
signedXml.SigningKey = cert.PrivateKey;
if (includePublicKey)
{
KeyInfo keyInfo = new KeyInfo();
keyInfo.AddClause(new KeyInfoX509Data(cert));
signedXml.KeyInfo = keyInfo;
}
Reference reference = new Reference();
reference.Uri = "#" + targetReferenceId;
//Read the transform type and canonicalization method from sp-extended.xml
string transformType = serviceProviderInstance.SignatureTransformMethod;
string canonicalizationMethodType = serviceProviderInstance.CanonicalizationMethod;
Transform sigTransform;
//Implement the gathered data
switch(transformType){
case "XmlDsigExcC14NTransform":
sigTransform = new XmlDsigExcC14NTransform();
break;
case "XmlDsigExcC14NWithCommentsTransform":
sigTransform = new XmlDsigExcC14NWithCommentsTransform();
break;
default:
sigTransform = new XmlDsigEnvelopedSignatureTransform();
break;
}
if (canonicalizationMethodType != null &&
(canonicalizationMethodType == SignedXml.XmlDsigExcC14NTransformUrl
|| canonicalizationMethodType == SignedXml.XmlDsigExcC14NWithCommentsTransformUrl))
{
signedXml.Signature.SignedInfo.CanonicalizationMethod = canonicalizationMethodType;
}
reference.AddTransform(sigTransform);
signedXml.AddReference(reference);
signedXml.ComputeSignature();
XmlElement xmlSignature = signedXml.GetXml();
XmlNamespaceManager nsMgr = new XmlNamespaceManager(xml.NameTable);
nsMgr.AddNamespace("ds", SignedXml.XmlDsigNamespaceUrl);
nsMgr.AddNamespace("saml", Saml2Constants.NamespaceSamlAssertion);
nsMgr.AddNamespace("samlp", Saml2Constants.NamespaceSamlProtocol);
XmlNode issuerNode = xml.DocumentElement.SelectSingleNode("saml:Issuer", nsMgr);
if (issuerNode != null)
{
xml.DocumentElement.InsertAfter(xmlSignature, issuerNode);
}
else
{
// Insert as a child to the target reference id
XmlNode targetNode = xml.DocumentElement.SelectSingleNode("//*[@ID='" + targetReferenceId + "']", nsMgr);
targetNode.PrependChild(xmlSignature);
}
}
