private static void ValidateLogonto(OpensignSignature signature, string logonto) { SignatureProperty logontoProperty = GetSignatureProperty(signature, "logonto"); SignatureProperty requestIssuerProperty = GetSignatureProperty(signature, "RequestIssuer"); if (logontoProperty != null && requestIssuerProperty != null) { throw new InvalidOperationException("Invalid signature logonto and RequestIssuer parameters cannot both be set"); } if (logontoProperty == null && requestIssuerProperty == null) { throw new InvalidOperationException("Invalid signature either logonto or RequestIssuer parameters must be set"); } if (logontoProperty != null) { String logontoPropertyValue = logontoProperty.Value; if (logontoPropertyValue != logonto) { throw new ServiceProviderException("Invalid signature logonto parameter does not match expected value. Expected: " + logonto + " actual: " + logontoPropertyValue); } } if (requestIssuerProperty != null) { String requestIssuerValue = requestIssuerProperty.Value; if (requestIssuerValue != logonto) { throw new ServiceProviderException("Invalid signature RequestIssuer parameter does not match expected value. Expected: " + logonto + " actual: " + requestIssuerValue); } } }
private static void ValidateSignatureParameters(OpensignSignature opensignSignature, string challenge, string logonto) { ValidateChallenge(opensignSignature, challenge); ValidateVisibleToSignerForSignText(opensignSignature); if (logonto != null) { ValidateLogonto(opensignSignature, logonto); } }
private static void ValidateVisibleToSignerForSignText(OpensignSignature signature) { SignatureProperty signtextProperty = signature.SignatureProperties["signtext"]; if (IsNotSignedXmlDocument(signature) && !signtextProperty.VisibleToSigner) { throw new ServiceProviderException("Invalid sign signature - the parameter signtext in the signature " + "must have the attribute visibleToSigner set to true"); } }
private static SignatureProperty GetSignatureProperty(OpensignSignature signature, string propertyKey) { try { return(signature.SignatureProperties[propertyKey]); } catch (KeyNotFoundException) { return(null); } }
public SignatureValidationStatus(OpensignSignature signature, CertificateStatus certificateStatus, bool signatureMatches) { Signature = signature; CertificateStatus = certificateStatus; SignatureMatches = signatureMatches; }
private static Boolean SignatureMatches(string encodedSignature, string encodedAgreement, string signTextTransformation, OpensignSignature opensignSignature) { if (!encodedAgreement.Equals(encodedSignature)) { return(false); } var stylesheetDigest = opensignSignature.StylesheetDigest; if (stylesheetDigest != null) { if (signTextTransformation == null) { throw new ArgumentException("signTextTransformation is required for XML signing"); } var digest = new Sha256Digest(); var encode = new ASCIIEncoding(); byte[] stylesheetBytes = encode.GetBytes(signTextTransformation); digest.BlockUpdate(stylesheetBytes, 0, stylesheetBytes.Length); var digestBytes = new byte[digest.GetDigestSize()]; digest.DoFinal(digestBytes, 0); var calculatedDigest = Encoding.UTF8.GetString(digestBytes, 0, digestBytes.Length); return(stylesheetDigest.Equals(calculatedDigest)); } return(true); }
private static Boolean IsNotSignedXmlDocument(OpensignSignature opensignSignature) { return(opensignSignature.StylesheetDigest == null); }
private static void ValidateChallenge(OpensignSignature opensignSignature, string challenge) { ChallengeVerifier.VerifyChallenge(opensignSignature, challenge); }
private static string EncodeSignature(OpensignSignature opensignSignature) { return(Base64Encode(opensignSignature.Signtext)); }