//------------------------------------------------------
//
// Internal Members
//
//-----------------------------------------------------
internal SignatureVerificationEventArgs(PackageDigitalSignature signature,
VerifyResult result)
{
// verify arguments
if (signature == null)
throw new ArgumentNullException("signature");
if (result < VerifyResult.Success || result > VerifyResult.NotSigned)
throw new System.ArgumentOutOfRangeException("result");
_signature = signature;
_result = result;
}
private PackageDigitalSignature Sign(
IEnumerable<Uri> parts,
IEnumerable<PackageRelationshipSelector> relationshipSelectors,
X509Certificate2 signer,
String signatureId,
bool embedCertificate,
IEnumerable<System.Security.Cryptography.Xml.DataObject> signatureObjects,
IEnumerable<System.Security.Cryptography.Xml.Reference> objectReferences)
{
// don't overwrite
Debug.Assert(SignaturePart.GetStream().Length == 0, "Logic Error: Can't sign when signature already exists");
// grab hash algorithm as this may change in the future
_hashAlgorithmName = _manager.HashAlgorithm;
// keep the signer if indicated
if (_manager.CertificateOption == CertificateEmbeddingOption.NotEmbedded)
_lookForEmbeddedCert = false; // don't bother parsing
else
_certificate = signer; // save some parsing
// we only release this key if we obtain it
AsymmetricAlgorithm key = null;
bool ownKey = false;
if (signer.HasPrivateKey)
{
key = signer.PrivateKey;
}
else
{
ownKey = true;
key = GetPrivateKeyForSigning(signer);
}
try
{
_signedXml = new CustomSignedXml();
_signedXml.SigningKey = key;
_signedXml.Signature.Id = signatureId;
// put it in the XML
if (embedCertificate)
{
_signedXml.KeyInfo = GenerateKeyInfo(key, signer);
}
// Package object tag
// convert from string to class and ensure we dispose
using (HashAlgorithm hashAlgorithm = GetHashAlgorithm(_hashAlgorithmName))
{
// inform caller if hash algorithm is unknown
if (hashAlgorithm == null)
throw new InvalidOperationException(SR.Get(SRID.UnsupportedHashAlgorithm));
_signedXml.AddObject(GenerateObjectTag(hashAlgorithm, parts, relationshipSelectors, signatureId));
}
// add reference from SignedInfo to Package object tag
Reference objectReference = new Reference(XTable.Get(XTable.ID.OpcLinkAttrValue));
objectReference.Type = XTable.Get(XTable.ID.W3CSignatureNamespaceRoot) + "Object";
objectReference.DigestMethod = _hashAlgorithmName;
_signedXml.AddReference(objectReference);
// add any custom object tags
AddCustomObjectTags(signatureObjects, objectReferences);
// compute the signature
SignedXml xmlSig = _signedXml;
(new PermissionSet(PermissionState.Unrestricted)).Assert();
try
{
xmlSig.ComputeSignature();
}
finally
{
PermissionSet.RevertAssert();
}
// persist
UpdatePartFromSignature(_signedXml.Signature);
}
finally
{
if (key != null && ownKey)
((IDisposable)key).Dispose();
}
// create the PackageDigitalSignature object
_signature = new PackageDigitalSignature(_manager, this);
return _signature;
}
// load signatures from container
private void EnsureSignatures()
{
if (_signatures == null)
{
_signatures = new List<PackageDigitalSignature>();
// no signatures if origin not found
if (OriginPartExists())
{
// find all signatures from this origin (if any)
PackageRelationshipCollection relationships = _originPart.GetRelationshipsByType(
_originToSignatureRelationshipType);
foreach (PackageRelationship r in relationships)
{
// don't resolve if external
if (r.TargetMode != TargetMode.Internal)
throw new FileFormatException(SR.Get(SRID.PackageSignatureCorruption));
Uri signaturePartName = PackUriHelper.ResolvePartUri(_originPart.Uri, r.TargetUri);
// throw if part does not exist
if (!_container.PartExists(signaturePartName))
throw new FileFormatException(SR.Get(SRID.PackageSignatureCorruption));
PackagePart signaturePart = _container.GetPart(signaturePartName);
// ignore future signature types that we do not recognize
if (signaturePart.ValidatedContentType.AreTypeAndSubTypeEqual
(XmlDigitalSignatureProcessor.ContentType))
{
// parse it
PackageDigitalSignature signature = new PackageDigitalSignature(this, signaturePart);
// add to the list
_signatures.Add(signature);
}
}
}
}
}
//------------------------------------------------------
//
// Internal Methods
//
//------------------------------------------------------
/// <summary>
/// Constructor - called from PackageDigitalSignatureManager when opening an existing signature
/// </summary>
/// <param name="manager">current DigitalSignatureManager</param>
/// <param name="packageSignature">public signature object</param>
/// <param name="signaturePart">the part that will/does house the associated XML signature</param>
internal XmlDigitalSignatureProcessor(PackageDigitalSignatureManager manager,
PackagePart signaturePart, PackageDigitalSignature packageSignature) : this(manager, signaturePart)
{
_signature = packageSignature;
}
