void EncryptElement(SendSecurityHeaderElement element)
{
string id = GenerateId();
ISecurityElement encryptedElement = CreateEncryptedData(CaptureSecurityElement(element.Item), id, true);
this.referenceList.AddReferredId(id);
element.Replace(id, encryptedElement);
}
protected static MemoryStream CaptureSecurityElement(ISecurityElement element)
{
MemoryStream stream = new MemoryStream();
XmlDictionaryWriter writer = XmlDictionaryWriter.CreateTextWriter(stream);
element.WriteTo(writer, ServiceModelDictionaryManager.Instance);
writer.Flush();
stream.Seek(0, SeekOrigin.Begin);
return(stream);
}
public void WriteBodyToEncrypt(EncryptedData encryptedData, SymmetricAlgorithm algorithm)
{
encryptedData.Id = this.securityHeader.GenerateId();
BodyContentHelper helper = new BodyContentHelper();
XmlDictionaryWriter encryptingWriter = helper.CreateWriter();
this.InnerMessage.WriteBodyContents(encryptingWriter);
encryptedData.SetUpEncryption(algorithm, helper.ExtractResult());
this.encryptedBodyContent = encryptedData;
this.state = BodyState.Encrypted;
}
protected override void OnClose()
{
try
{
this.InnerMessage.Close();
}
finally
{
this.fullBodyBuffer = null;
this.bodyAttributes = null;
this.encryptedBodyContent = null;
this.state = BodyState.Disposed;
}
}
public void WriteBodyToSignThenEncryptWithFragments(
Stream stream, bool includeComments, string[] inclusivePrefixes,
EncryptedData encryptedData, SymmetricAlgorithm algorithm, XmlDictionaryWriter writer)
{
IFragmentCapableXmlDictionaryWriter fragmentingWriter = (IFragmentCapableXmlDictionaryWriter)writer;
SetBodyId();
encryptedData.Id = this.securityHeader.GenerateId();
this.startBodyFragment = new MemoryStream();
BufferedOutputStream bodyContentFragment = new BufferManagerOutputStream(SR.XmlBufferQuotaExceeded, 1024, int.MaxValue, this.securityHeader.StreamBufferManager);
this.endBodyFragment = new MemoryStream();
writer.StartCanonicalization(stream, includeComments, inclusivePrefixes);
fragmentingWriter.StartFragment(this.startBodyFragment, false);
WriteStartInnerMessageWithId(writer);
fragmentingWriter.EndFragment();
fragmentingWriter.StartFragment(bodyContentFragment, true);
this.InnerMessage.WriteBodyContents(writer);
fragmentingWriter.EndFragment();
fragmentingWriter.StartFragment(this.endBodyFragment, false);
writer.WriteEndElement();
fragmentingWriter.EndFragment();
writer.EndCanonicalization();
int bodyLength;
byte[] bodyBuffer = bodyContentFragment.ToArray(out bodyLength);
encryptedData.SetUpEncryption(algorithm, new ArraySegment <byte>(bodyBuffer, 0, bodyLength));
this.encryptedBodyContent = encryptedData;
this.state = BodyState.SignedThenEncrypted;
}
public SendSecurityHeaderElement(string id, ISecurityElement item)
{
this.id = id;
this.item = item;
markedForEncryption = false;
}
public void Replace(string id, ISecurityElement item)
{
Item = item;
Id = id;
}
public SendSecurityHeaderElement(string id, ISecurityElement item)
{
Id = id;
Item = item;
MarkedForEncryption = false;
}
public void WriteBodyToEncrypt(EncryptedData encryptedData, SymmetricAlgorithm algorithm)
{
encryptedData.Id = this.securityHeader.GenerateId();
BodyContentHelper helper = new BodyContentHelper();
XmlDictionaryWriter encryptingWriter = helper.CreateWriter();
this.InnerMessage.WriteBodyContents(encryptingWriter);
encryptedData.SetUpEncryption(algorithm, helper.ExtractResult());
this.encryptedBodyContent = encryptedData;
this.state = BodyState.Encrypted;
}
protected static MemoryStream CaptureSecurityElement(ISecurityElement element)
{
MemoryStream stream = new MemoryStream();
XmlDictionaryWriter writer = XmlDictionaryWriter.CreateTextWriter(stream);
element.WriteTo(writer, ServiceModelDictionaryManager.Instance);
writer.Flush();
stream.Seek(0, SeekOrigin.Begin);
return stream;
}
public bool IsSameItem(ISecurityElement item)
{
return this.item == item || this.item.Equals(item);
}
public SendSecurityHeaderElement(string id, ISecurityElement item)
{
this.id = id;
this.item = item;
markedForEncryption = false;
}
protected override ISignatureValueSecurityElement CreateSupportingSignature(SecurityToken token, SecurityKeyIdentifier identifier, ISecurityElement elementToSign)
{
SecurityAlgorithmSuite algorithmSuite = this.AlgorithmSuite;
string signatureAlgorithm;
XmlDictionaryString signatureAlgorithmDictionaryString;
SecurityKey signatureKey;
algorithmSuite.GetSignatureAlgorithmAndKey(token, out signatureAlgorithm, out signatureKey, out signatureAlgorithmDictionaryString);
SignedXml signedXml = new SignedXml(ServiceModelDictionaryManager.Instance, this.StandardsManager.SecurityTokenSerializer);
SignedInfo signedInfo = signedXml.Signature.SignedInfo;
signedInfo.CanonicalizationMethod = algorithmSuite.DefaultCanonicalizationAlgorithm;
signedInfo.CanonicalizationMethodDictionaryString = algorithmSuite.DefaultCanonicalizationAlgorithmDictionaryString;
signedInfo.SignatureMethod = signatureAlgorithm;
signedInfo.SignatureMethodDictionaryString = signatureAlgorithmDictionaryString;
if (elementToSign.Id == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.ElementToSignMustHaveId)));
}
Reference reference = new Reference(ServiceModelDictionaryManager.Instance, "#" + elementToSign.Id, elementToSign);
reference.DigestMethod = algorithmSuite.DefaultDigestAlgorithm;
reference.DigestMethodDictionaryString = algorithmSuite.DefaultDigestAlgorithmDictionaryString;
reference.AddTransform(new ExclusiveCanonicalizationTransform());
((StandardSignedInfo)signedInfo).AddReference(reference);
signedXml.ComputeSignature(signatureKey);
if (identifier != null)
{
signedXml.Signature.KeyIdentifier = identifier;
}
return(signedXml);
}
protected override void OnClose()
{
try
{
this.InnerMessage.Close();
}
finally
{
this.fullBodyBuffer = null;
this.bodyAttributes = null;
this.encryptedBodyContent = null;
this.state = BodyState.Disposed;
}
}
public void WriteBodyToSignThenEncryptWithFragments(
Stream stream, bool includeComments, string[] inclusivePrefixes,
EncryptedData encryptedData, SymmetricAlgorithm algorithm, XmlDictionaryWriter writer)
{
IFragmentCapableXmlDictionaryWriter fragmentingWriter = (IFragmentCapableXmlDictionaryWriter) writer;
SetBodyId();
encryptedData.Id = this.securityHeader.GenerateId();
this.startBodyFragment = new MemoryStream();
BufferedOutputStream bodyContentFragment = new BufferManagerOutputStream(SR.XmlBufferQuotaExceeded, 1024, int.MaxValue, this.securityHeader.StreamBufferManager);
this.endBodyFragment = new MemoryStream();
writer.StartCanonicalization(stream, includeComments, inclusivePrefixes);
fragmentingWriter.StartFragment(this.startBodyFragment, false);
WriteStartInnerMessageWithId(writer);
fragmentingWriter.EndFragment();
fragmentingWriter.StartFragment(bodyContentFragment, true);
this.InnerMessage.WriteBodyContents(writer);
fragmentingWriter.EndFragment();
fragmentingWriter.StartFragment(this.endBodyFragment, false);
writer.WriteEndElement();
fragmentingWriter.EndFragment();
writer.EndCanonicalization();
int bodyLength;
byte[] bodyBuffer = bodyContentFragment.ToArray(out bodyLength);
encryptedData.SetUpEncryption(algorithm, new ArraySegment<byte>(bodyBuffer, 0, bodyLength));
this.encryptedBodyContent = encryptedData;
this.state = BodyState.SignedThenEncrypted;
}
public bool IsSameItem(ISecurityElement item)
{
return(this.item == item || this.item.Equals(item));
}
public void Replace(string id, ISecurityElement item)
{
this.item = item;
this.id = id;
}
public void Replace(string id, ISecurityElement item)
{
this.item = item;
this.id = id;
}
protected override ISignatureValueSecurityElement CreateSupportingSignature(SecurityToken token, SecurityKeyIdentifier identifier, ISecurityElement elementToSign)
{
SecurityAlgorithmSuite algorithmSuite = this.AlgorithmSuite;
string signatureAlgorithm;
XmlDictionaryString signatureAlgorithmDictionaryString;
SecurityKey signatureKey;
algorithmSuite.GetSignatureAlgorithmAndKey(token, out signatureAlgorithm, out signatureKey, out signatureAlgorithmDictionaryString);
SignedXml signedXml = new SignedXml(ServiceModelDictionaryManager.Instance, this.StandardsManager.SecurityTokenSerializer);
SignedInfo signedInfo = signedXml.Signature.SignedInfo;
signedInfo.CanonicalizationMethod = algorithmSuite.DefaultCanonicalizationAlgorithm;
signedInfo.CanonicalizationMethodDictionaryString = algorithmSuite.DefaultCanonicalizationAlgorithmDictionaryString;
signedInfo.SignatureMethod = signatureAlgorithm;
signedInfo.SignatureMethodDictionaryString = signatureAlgorithmDictionaryString;
if (elementToSign.Id == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.ElementToSignMustHaveId)));
}
Reference reference = new Reference(ServiceModelDictionaryManager.Instance, "#" + elementToSign.Id, elementToSign);
reference.DigestMethod = algorithmSuite.DefaultDigestAlgorithm;
reference.DigestMethodDictionaryString = algorithmSuite.DefaultDigestAlgorithmDictionaryString;
reference.AddTransform(new ExclusiveCanonicalizationTransform());
((StandardSignedInfo)signedInfo).AddReference(reference);
signedXml.ComputeSignature(signatureKey);
if (identifier != null)
{
signedXml.Signature.KeyIdentifier = identifier;
}
return signedXml;
}
protected abstract ISignatureValueSecurityElement CreateSupportingSignature(SecurityToken token, SecurityKeyIdentifier identifier, ISecurityElement primarySignature);
