public override void ApplyBodySecurity(XmlDictionaryWriter writer, IPrefixGenerator prefixGenerator)
{
EncryptedData data;
HashStream stream;
SecurityAppliedMessage securityAppliedMessage = base.SecurityAppliedMessage;
switch (securityAppliedMessage.BodyProtectionMode)
{
case MessagePartProtectionMode.Sign:
stream = this.TakeHashStream();
if (!CanCanonicalizeAndFragment(writer))
{
securityAppliedMessage.WriteBodyToSign(stream);
}
else
{
securityAppliedMessage.WriteBodyToSignWithFragments(stream, false, null, writer);
}
this.signedInfo.AddReference(securityAppliedMessage.BodyId, stream.FlushHashAndGetValue());
return;
case MessagePartProtectionMode.Encrypt:
data = this.CreateEncryptedDataForBody();
securityAppliedMessage.WriteBodyToEncrypt(data, this.encryptingSymmetricAlgorithm);
this.referenceList.AddReferredId(data.Id);
return;
case MessagePartProtectionMode.SignThenEncrypt:
stream = this.TakeHashStream();
data = this.CreateEncryptedDataForBody();
if (!CanCanonicalizeAndFragment(writer))
{
securityAppliedMessage.WriteBodyToSignThenEncrypt(stream, data, this.encryptingSymmetricAlgorithm);
}
else
{
securityAppliedMessage.WriteBodyToSignThenEncryptWithFragments(stream, false, null, data, this.encryptingSymmetricAlgorithm, writer);
}
this.signedInfo.AddReference(securityAppliedMessage.BodyId, stream.FlushHashAndGetValue());
this.referenceList.AddReferredId(data.Id);
this.hasSignedEncryptedMessagePart = true;
return;
case MessagePartProtectionMode.EncryptThenSign:
stream = this.TakeHashStream();
data = this.CreateEncryptedDataForBody();
securityAppliedMessage.WriteBodyToEncryptThenSign(stream, data, this.encryptingSymmetricAlgorithm);
this.signedInfo.AddReference(securityAppliedMessage.BodyId, stream.FlushHashAndGetValue());
this.referenceList.AddReferredId(data.Id);
return;
}
}
public CanonicalWriter(CanonicalEncoder encoder,
string[] inclusivePrefixes, bool includeComments, IPrefixGenerator prefixGenerator, int startingDepthForAttributePrefixGeneration)
{
_attributesToRender = new CanonicalAttributeManager();
_encoder = encoder;
_includeComments = includeComments;
_prefixGenerator = prefixGenerator;
_startingDepthForAttributePrefixGeneration = startingDepthForAttributePrefixGeneration;
_manager = new ExclusiveCanonicalNamespaceManager();
_elements = new ElementEntry[InitialElementStackSize];
_inclusivePrefixes = inclusivePrefixes;
Reset();
}
private void AddEncryptionReference(MessageHeader header, string headerId, IPrefixGenerator prefixGenerator, bool sign, out MemoryStream plainTextStream, out string encryptedDataId)
{
plainTextStream = new MemoryStream();
XmlDictionaryWriter writer = XmlDictionaryWriter.CreateTextWriter(plainTextStream);
if (sign)
{
this.AddSignatureReference(header, headerId, prefixGenerator, writer);
}
else
{
header.WriteHeader(writer, base.Version);
writer.Flush();
}
encryptedDataId = base.GenerateId();
this.referenceList.AddReferredId(encryptedDataId);
}
private void AddEncryptionReference(MessageHeader header, string headerId, IPrefixGenerator prefixGenerator, bool sign, out MemoryStream plainTextStream, out string encryptedDataId)
{
plainTextStream = new MemoryStream();
XmlDictionaryWriter writer = XmlDictionaryWriter.CreateTextWriter(plainTextStream);
if (sign)
{
this.AddSignatureReference(header, headerId, prefixGenerator, writer);
}
else
{
header.WriteHeader(writer, base.Version);
writer.Flush();
}
encryptedDataId = base.GenerateId();
this.referenceList.AddReferredId(encryptedDataId);
}
private string GetSignatureHash(MessageHeader header, string headerId, IPrefixGenerator prefixGenerator, XmlDictionaryWriter writer, out byte[] hash)
{
XmlDictionaryWriter writer2;
HashStream stream = this.TakeHashStream();
XmlBuffer buffer = null;
if (writer.CanCanonicalize)
{
writer2 = writer;
}
else
{
buffer = new XmlBuffer(0x7fffffff);
writer2 = buffer.OpenSection(XmlDictionaryReaderQuotas.Max);
}
writer2.StartCanonicalization(stream, false, null);
header.WriteStartHeader(writer2, base.Version);
if (headerId == null)
{
headerId = base.GenerateId();
base.StandardsManager.IdManager.WriteIdAttribute(writer2, headerId);
}
header.WriteHeaderContents(writer2, base.Version);
writer2.WriteEndElement();
writer2.EndCanonicalization();
writer2.Flush();
if (!object.ReferenceEquals(writer2, writer))
{
buffer.CloseSection();
buffer.Close();
XmlDictionaryReader reader = buffer.GetReader(0);
writer.WriteNode(reader, false);
reader.Close();
}
hash = stream.FlushHashAndGetValue();
return(headerId);
}
public override void ApplySecurityAndWriteHeaders(MessageHeaders headers, XmlDictionaryWriter writer, IPrefixGenerator prefixGenerator)
{
string[] headerAttributes;
if (base.RequireMessageProtection || base.ShouldSignToHeader)
{
headerAttributes = headers.GetHeaderAttributes("Id", base.StandardsManager.IdManager.DefaultIdNamespaceUri);
}
else
{
headerAttributes = null;
}
for (int i = 0; i < headers.Count; i++)
{
MessageHeader messageHeader = headers.GetMessageHeader(i);
if (((base.Version.Addressing != AddressingVersion.None) || !(messageHeader.Namespace == AddressingVersion.None.Namespace)) && (messageHeader != this))
{
this.ApplySecurityAndWriteHeader(messageHeader, (headerAttributes == null) ? null : headerAttributes[i], writer, prefixGenerator);
}
}
}
private void ApplySecurityAndWriteHeader(MessageHeader header, string headerId, XmlDictionaryWriter writer, IPrefixGenerator prefixGenerator)
{
if ((!base.RequireMessageProtection && base.ShouldSignToHeader) && ((header.Name == System.ServiceModel.XD.AddressingDictionary.To.Value) && (header.Namespace == base.Message.Version.Addressing.Namespace)))
{
byte[] buffer;
if (this.toHeaderHash != null)
{
throw System.ServiceModel.DiagnosticUtility.ExceptionUtility.ThrowHelperError(new MessageSecurityException(System.ServiceModel.SR.GetString("TransportSecuredMessageHasMoreThanOneToHeader")));
}
headerId = this.GetSignatureHash(header, headerId, prefixGenerator, writer, out buffer);
this.toHeaderHash = buffer;
this.toHeaderId = headerId;
}
else
{
MemoryStream stream;
string str;
switch (this.GetProtectionMode(header))
{
case MessagePartProtectionMode.None:
header.WriteHeader(writer, base.Version);
return;
case MessagePartProtectionMode.Sign:
this.AddSignatureReference(header, headerId, prefixGenerator, writer);
return;
case MessagePartProtectionMode.Encrypt:
this.AddEncryptionReference(header, headerId, prefixGenerator, false, out stream, out str);
this.EncryptAndWriteHeader(header, str, stream, writer);
return;
case MessagePartProtectionMode.SignThenEncrypt:
this.AddEncryptionReference(header, headerId, prefixGenerator, true, out stream, out str);
this.EncryptAndWriteHeader(header, str, stream, writer);
this.hasSignedEncryptedMessagePart = true;
return;
case MessagePartProtectionMode.EncryptThenSign:
{
this.AddEncryptionReference(header, headerId, prefixGenerator, false, out stream, out str);
EncryptedHeader header2 = this.EncryptHeader(header, this.encryptingSymmetricAlgorithm, this.encryptionKeyIdentifier, base.Version, str, stream);
this.AddSignatureReference(header2, str, prefixGenerator, writer);
return;
}
}
}
}
public override void ApplyBodySecurity(XmlDictionaryWriter writer, IPrefixGenerator prefixGenerator)
{
EncryptedData data;
HashStream stream;
SecurityAppliedMessage securityAppliedMessage = base.SecurityAppliedMessage;
switch (securityAppliedMessage.BodyProtectionMode)
{
case MessagePartProtectionMode.Sign:
stream = this.TakeHashStream();
if (!CanCanonicalizeAndFragment(writer))
{
securityAppliedMessage.WriteBodyToSign(stream);
}
else
{
securityAppliedMessage.WriteBodyToSignWithFragments(stream, false, null, writer);
}
this.signedInfo.AddReference(securityAppliedMessage.BodyId, stream.FlushHashAndGetValue());
return;
case MessagePartProtectionMode.Encrypt:
data = this.CreateEncryptedDataForBody();
securityAppliedMessage.WriteBodyToEncrypt(data, this.encryptingSymmetricAlgorithm);
this.referenceList.AddReferredId(data.Id);
return;
case MessagePartProtectionMode.SignThenEncrypt:
stream = this.TakeHashStream();
data = this.CreateEncryptedDataForBody();
if (!CanCanonicalizeAndFragment(writer))
{
securityAppliedMessage.WriteBodyToSignThenEncrypt(stream, data, this.encryptingSymmetricAlgorithm);
}
else
{
securityAppliedMessage.WriteBodyToSignThenEncryptWithFragments(stream, false, null, data, this.encryptingSymmetricAlgorithm, writer);
}
this.signedInfo.AddReference(securityAppliedMessage.BodyId, stream.FlushHashAndGetValue());
this.referenceList.AddReferredId(data.Id);
this.hasSignedEncryptedMessagePart = true;
return;
case MessagePartProtectionMode.EncryptThenSign:
stream = this.TakeHashStream();
data = this.CreateEncryptedDataForBody();
securityAppliedMessage.WriteBodyToEncryptThenSign(stream, data, this.encryptingSymmetricAlgorithm);
this.signedInfo.AddReference(securityAppliedMessage.BodyId, stream.FlushHashAndGetValue());
this.referenceList.AddReferredId(data.Id);
return;
}
}
private void AddSignatureReference(MessageHeader header, string headerId, IPrefixGenerator prefixGenerator, XmlDictionaryWriter writer)
{
byte[] buffer;
headerId = this.GetSignatureHash(header, headerId, prefixGenerator, writer, out buffer);
this.signedInfo.AddReference(headerId, buffer);
}
public abstract void ApplySecurityAndWriteHeaders(MessageHeaders headers, XmlDictionaryWriter writer, IPrefixGenerator prefixGenerator);
public override void ApplySecurityAndWriteHeaders(MessageHeaders headers, XmlDictionaryWriter writer, IPrefixGenerator prefixGenerator)
{
string[] headerAttributes;
if (base.RequireMessageProtection || base.ShouldSignToHeader)
{
headerAttributes = headers.GetHeaderAttributes("Id", base.StandardsManager.IdManager.DefaultIdNamespaceUri);
}
else
{
headerAttributes = null;
}
for (int i = 0; i < headers.Count; i++)
{
MessageHeader messageHeader = headers.GetMessageHeader(i);
if (((base.Version.Addressing != AddressingVersion.None) || !(messageHeader.Namespace == AddressingVersion.None.Namespace)) && (messageHeader != this))
{
this.ApplySecurityAndWriteHeader(messageHeader, (headerAttributes == null) ? null : headerAttributes[i], writer, prefixGenerator);
}
}
}
private void ApplySecurityAndWriteHeader(MessageHeader header, string headerId, XmlDictionaryWriter writer, IPrefixGenerator prefixGenerator)
{
if ((!base.RequireMessageProtection && base.ShouldSignToHeader) && ((header.Name == System.ServiceModel.XD.AddressingDictionary.To.Value) && (header.Namespace == base.Message.Version.Addressing.Namespace)))
{
byte[] buffer;
if (this.toHeaderHash != null)
{
throw System.ServiceModel.DiagnosticUtility.ExceptionUtility.ThrowHelperError(new MessageSecurityException(System.ServiceModel.SR.GetString("TransportSecuredMessageHasMoreThanOneToHeader")));
}
headerId = this.GetSignatureHash(header, headerId, prefixGenerator, writer, out buffer);
this.toHeaderHash = buffer;
this.toHeaderId = headerId;
}
else
{
MemoryStream stream;
string str;
switch (this.GetProtectionMode(header))
{
case MessagePartProtectionMode.None:
header.WriteHeader(writer, base.Version);
return;
case MessagePartProtectionMode.Sign:
this.AddSignatureReference(header, headerId, prefixGenerator, writer);
return;
case MessagePartProtectionMode.Encrypt:
this.AddEncryptionReference(header, headerId, prefixGenerator, false, out stream, out str);
this.EncryptAndWriteHeader(header, str, stream, writer);
return;
case MessagePartProtectionMode.SignThenEncrypt:
this.AddEncryptionReference(header, headerId, prefixGenerator, true, out stream, out str);
this.EncryptAndWriteHeader(header, str, stream, writer);
this.hasSignedEncryptedMessagePart = true;
return;
case MessagePartProtectionMode.EncryptThenSign:
{
this.AddEncryptionReference(header, headerId, prefixGenerator, false, out stream, out str);
EncryptedHeader header2 = this.EncryptHeader(header, this.encryptingSymmetricAlgorithm, this.encryptionKeyIdentifier, base.Version, str, stream);
this.AddSignatureReference(header2, str, prefixGenerator, writer);
return;
}
}
}
}
public abstract void ApplySecurityAndWriteHeaders(MessageHeaders headers, XmlDictionaryWriter writer, IPrefixGenerator prefixGenerator);
public abstract void ApplyBodySecurity(XmlDictionaryWriter writer, IPrefixGenerator prefixGenerator);
private string GetSignatureHash(MessageHeader header, string headerId, IPrefixGenerator prefixGenerator, XmlDictionaryWriter writer, out byte[] hash)
{
XmlDictionaryWriter writer2;
HashStream stream = this.TakeHashStream();
XmlBuffer buffer = null;
if (writer.CanCanonicalize)
{
writer2 = writer;
}
else
{
buffer = new XmlBuffer(0x7fffffff);
writer2 = buffer.OpenSection(XmlDictionaryReaderQuotas.Max);
}
writer2.StartCanonicalization(stream, false, null);
header.WriteStartHeader(writer2, base.Version);
if (headerId == null)
{
headerId = base.GenerateId();
base.StandardsManager.IdManager.WriteIdAttribute(writer2, headerId);
}
header.WriteHeaderContents(writer2, base.Version);
writer2.WriteEndElement();
writer2.EndCanonicalization();
writer2.Flush();
if (!object.ReferenceEquals(writer2, writer))
{
buffer.CloseSection();
buffer.Close();
XmlDictionaryReader reader = buffer.GetReader(0);
writer.WriteNode(reader, false);
reader.Close();
}
hash = stream.FlushHashAndGetValue();
return headerId;
}
private void AddSignatureReference(MessageHeader header, string headerId, IPrefixGenerator prefixGenerator, XmlDictionaryWriter writer)
{
byte[] buffer;
headerId = this.GetSignatureHash(header, headerId, prefixGenerator, writer, out buffer);
this.signedInfo.AddReference(headerId, buffer);
}
public abstract void ApplyBodySecurity(XmlDictionaryWriter writer, IPrefixGenerator prefixGenerator);
