private byte[] GetDigest(HashAlgorithm hash, string prefix)
{
XmlDocument document = new XmlDocument();
document.PreserveWhitespace = true;
XmlElement e = SignedInfo.GetXml();
document.AppendChild(document.ImportNode(e, true));
Transform canonicalizationMethodObject = SignedInfo.CanonicalizationMethodObject;
SetPrefix(prefix, document);
canonicalizationMethodObject.LoadInput(document);
return(canonicalizationMethodObject.GetDigestedOutput(hash));
}
// Allow machine admins to add additional canonicalization algorithms that should be considered valid when
// validating XML signatuers by supplying a list in the
// HKLM\Software\Microsoft\.NETFramework\Security\SafeCanonicalizationMethods
// key. Each REG_SZ entry in this key will be considered a canonicalziation algorithm URI that should be
// allowed by SignedXml instances on this machine.
//[RegistryPermission(SecurityAction.Assert, Unrestricted = true)]
//[SecuritySafeCritical]
//private static List<string> ReadAdditionalSafeCanonicalizationMethods() {
// List<string> additionalAlgorithms = new List<string>();
// try {
// using (RegistryKey canonicalizationAlgorithmsKey = Registry.LocalMachine.OpenSubKey(@"SOFTWARE\Microsoft\.NETFramework\Security\SafeCanonicalizationMethods", false)) {
// if (canonicalizationAlgorithmsKey != null) {
// foreach (string value in canonicalizationAlgorithmsKey.GetValueNames()) {
// if (canonicalizationAlgorithmsKey.GetValueKind(value) == RegistryValueKind.String) {
// string additionalAlgorithm = canonicalizationAlgorithmsKey.GetValue(value) as string;
// if (!String.IsNullOrWhiteSpace(additionalAlgorithm)) {
// additionalAlgorithms.Add(additionalAlgorithm);
// }
// }
// }
// }
// }
// }
// catch (SecurityException) { /* we could not open the key - that's fine, we can proceed with no additional algorithms */ }
// return additionalAlgorithms;
//}
private byte[] GetC14NDigest(HashAlgorithm hash)
{
if (!bCacheValid || !this.SignedInfo.CacheValid)
{
string baseUri = (m_containingDocument == null ? null : m_containingDocument.BaseURI);
XmlResolver resolver = (m_bResolverSet ? m_xmlResolver : new XmlSecureResolver(new XmlUrlResolver(), baseUri));
XmlDocument doc = Utils.PreProcessElementInput(SignedInfo.GetXml(), resolver, baseUri);
// Add non default namespaces in scope
CanonicalXmlNodeList namespaces = (m_context == null ? null : Utils.GetPropagatedAttributes(m_context));
Utils.AddNamespaces(doc.DocumentElement, namespaces);
Transform c14nMethodTransform = SignedInfo.CanonicalizationMethodObject;
c14nMethodTransform.Resolver = resolver;
c14nMethodTransform.BaseURI = baseUri;
c14nMethodTransform.LoadInput(doc);
_digestedSignedInfo = c14nMethodTransform.GetDigestedOutput(hash);
bCacheValid = true;
}
return(_digestedSignedInfo);
}
