protected override ISignatureValueSecurityElement CreateSupportingSignature(SecurityToken token, SecurityKeyIdentifier identifier, ISecurityElement elementToSign) { string str; XmlDictionaryString str2; SecurityKey key; SecurityAlgorithmSuite algorithmSuite = base.AlgorithmSuite; algorithmSuite.GetSignatureAlgorithmAndKey(token, out str, out key, out str2); SignedXml xml = new SignedXml(ServiceModelDictionaryManager.Instance, base.StandardsManager.SecurityTokenSerializer); SignedInfo signedInfo = xml.Signature.SignedInfo; signedInfo.CanonicalizationMethod = algorithmSuite.DefaultCanonicalizationAlgorithm; signedInfo.CanonicalizationMethodDictionaryString = algorithmSuite.DefaultCanonicalizationAlgorithmDictionaryString; signedInfo.SignatureMethod = str; signedInfo.SignatureMethodDictionaryString = str2; if (elementToSign.Id == null) { throw System.ServiceModel.DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(System.ServiceModel.SR.GetString("ElementToSignMustHaveId"))); } Reference reference = new Reference(ServiceModelDictionaryManager.Instance, "#" + elementToSign.Id, elementToSign) { DigestMethod = algorithmSuite.DefaultDigestAlgorithm, DigestMethodDictionaryString = algorithmSuite.DefaultDigestAlgorithmDictionaryString }; reference.AddTransform(new ExclusiveCanonicalizationTransform()); ((StandardSignedInfo)signedInfo).AddReference(reference); xml.ComputeSignature(key); if (identifier != null) { xml.Signature.KeyIdentifier = identifier; } return(xml); }
protected override void StartPrimarySignatureCore(SecurityToken token, SecurityKeyIdentifier keyIdentifier, MessagePartSpecification signatureParts, bool generateTargettableSignature) { string str3; XmlDictionaryString str4; SecurityAlgorithmSuite algorithmSuite = base.AlgorithmSuite; string defaultCanonicalizationAlgorithm = algorithmSuite.DefaultCanonicalizationAlgorithm; XmlDictionaryString defaultCanonicalizationAlgorithmDictionaryString = algorithmSuite.DefaultCanonicalizationAlgorithmDictionaryString; if (defaultCanonicalizationAlgorithm != "http://www.w3.org/2001/10/xml-exc-c14n#") { throw System.ServiceModel.DiagnosticUtility.ExceptionUtility.ThrowHelperError(new MessageSecurityException(System.ServiceModel.SR.GetString("UnsupportedCanonicalizationAlgorithm", new object[] { algorithmSuite.DefaultCanonicalizationAlgorithm }))); } algorithmSuite.GetSignatureAlgorithmAndKey(token, out str3, out this.signatureKey, out str4); string defaultDigestAlgorithm = algorithmSuite.DefaultDigestAlgorithm; XmlDictionaryString defaultDigestAlgorithmDictionaryString = algorithmSuite.DefaultDigestAlgorithmDictionaryString; this.signedInfo = new PreDigestedSignedInfo(ServiceModelDictionaryManager.Instance, defaultCanonicalizationAlgorithm, defaultCanonicalizationAlgorithmDictionaryString, defaultDigestAlgorithm, defaultDigestAlgorithmDictionaryString, str3, str4); this.signedXml = new SignedXml(this.signedInfo, ServiceModelDictionaryManager.Instance, base.StandardsManager.SecurityTokenSerializer); if (keyIdentifier != null) { this.signedXml.Signature.KeyIdentifier = keyIdentifier; } if (generateTargettableSignature) { this.signedXml.Id = base.GenerateId(); } this.effectiveSignatureParts = signatureParts; this.hashStream = this.signedInfo.ResourcePool.TakeHashStream(defaultDigestAlgorithm); }
protected override void StartPrimarySignatureCore(SecurityToken token, SecurityKeyIdentifier keyIdentifier, MessagePartSpecification signatureParts, bool generateTargettableSignature) { SecurityAlgorithmSuite suite = this.AlgorithmSuite; string canonicalizationAlgorithm = suite.DefaultCanonicalizationAlgorithm; XmlDictionaryString canonicalizationAlgorithmDictionaryString = suite.DefaultCanonicalizationAlgorithmDictionaryString; if (canonicalizationAlgorithm != SecurityAlgorithms.ExclusiveC14n) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new MessageSecurityException(SR.GetString(SR.UnsupportedCanonicalizationAlgorithm, suite.DefaultCanonicalizationAlgorithm))); } string signatureAlgorithm; XmlDictionaryString signatureAlgorithmDictionaryString; suite.GetSignatureAlgorithmAndKey(token, out signatureAlgorithm, out this.signatureKey, out signatureAlgorithmDictionaryString); string digestAlgorithm = suite.DefaultDigestAlgorithm; XmlDictionaryString digestAlgorithmDictionaryString = suite.DefaultDigestAlgorithmDictionaryString; this.signedInfo = new PreDigestedSignedInfo(ServiceModelDictionaryManager.Instance, canonicalizationAlgorithm, canonicalizationAlgorithmDictionaryString, digestAlgorithm, digestAlgorithmDictionaryString, signatureAlgorithm, signatureAlgorithmDictionaryString); this.signedXml = new SignedXml(this.signedInfo, ServiceModelDictionaryManager.Instance, this.StandardsManager.SecurityTokenSerializer); if (keyIdentifier != null) { this.signedXml.Signature.KeyIdentifier = keyIdentifier; } if (generateTargettableSignature) { this.signedXml.Id = GenerateId(); } this.effectiveSignatureParts = signatureParts; this.hashStream = this.signedInfo.ResourcePool.TakeHashStream(digestAlgorithm); }
protected override void StartPrimarySignatureCore(SecurityToken token, SecurityKeyIdentifier keyIdentifier, MessagePartSpecification signatureParts, bool generateTargettableSignature) { SecurityAlgorithmSuite suite = AlgorithmSuite; string canonicalizationAlgorithm = suite.DefaultCanonicalizationAlgorithm; if (canonicalizationAlgorithm != SecurityAlgorithms.ExclusiveC14n) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new MessageSecurityException(SR.Format(SR.UnsupportedCanonicalizationAlgorithm, suite.DefaultCanonicalizationAlgorithm))); } string signatureAlgorithm; XmlDictionaryString signatureAlgorithmDictionaryString; SecurityKey signatureKey; suite.GetSignatureAlgorithmAndKey(token, out signatureAlgorithm, out signatureKey, out signatureAlgorithmDictionaryString); AsymmetricAlgorithm asymmetricAlgorithm = null; GetSigningAlgorithm(signatureKey, signatureAlgorithm, out _signingKey, out asymmetricAlgorithm); _signedXml = new SignedXml(); _signedXml.SignedInfo.CanonicalizationMethod = canonicalizationAlgorithm; _signedXml.SignedInfo.SignatureMethod = signatureAlgorithm; _signedXml.SigningKey = asymmetricAlgorithm; if (keyIdentifier != null) { var stream = new MemoryStream(); using (var xmlWriter = XmlDictionaryWriter.CreateTextWriter(stream, Encoding.UTF8, false)) { StandardsManager.SecurityTokenSerializer.WriteKeyIdentifier(xmlWriter, keyIdentifier); } stream.Position = 0; XmlDocument doc = new XmlDocument(); doc.Load(stream); var keyInfo = new KeyInfo(); keyInfo.LoadXml(doc.DocumentElement); _signedXml.KeyInfo = keyInfo; } if (generateTargettableSignature) { _signedXml.Signature.Id = GenerateId(); } _effectiveSignatureParts = signatureParts; }