Esempio n. 1
0
        public override XmlElement GetIdElement(XmlDocument doc, string id)
        {
            var idElem = doc.SelectSingleNode("//*[@wsu:Id=\"" + id + "\"]", NameSpaces.MakeNsManager(doc.NameTable)) as XmlElement;
            var tid    = idElem ?? base.GetIdElement(doc, id);

            return(tid);
        }
Esempio n. 2
0
        public XmlDocument SignAssertion(X509Certificate2 cert, string id)
        {
            var refnames = new[] { "#" + id };

            foreach (var s in refnames)
            {
                var reference = new Reference();
                reference.Uri = s;
                reference.AddTransform(new XmlDsigExcC14NTransform());
                reference.DigestMethod = XmlDsigSHA1Url;
                AddReference(reference);
            }

            // TODO: Use BouncyCastle
            SigningKey = cert.PrivateKey;
            SignedInfo.CanonicalizationMethod = new XmlDsigExcC14NTransform().Algorithm;
            SignedInfo.SignatureMethod        = XmlDsigRSASHA1Url;
            KeyInfo = new KeyInfo();
            KeyInfo.AddClause(new KeyInfoX509Data(cert));

            ComputeSignature();

            XmlElement signaelm  = GetXml();
            var        assertion = xml.SelectSingleNode("/saml:Assertion", NameSpaces.MakeNsManager(xml.NameTable)) as XmlElement;

            if (assertion == null)
            {
                throw new InvalidOperationException("No Signature element found in /Envolope/Header/Security");
            }
            assertion.AppendChild(signaelm);

            return(xml);
        }
Esempio n. 3
0
        public X509Certificate2 GetSignature()
        {
            var nsManager = NameSpaces.MakeNsManager(xml.NameTable);
            var xmlass    = xml.DocumentElement.LocalName == "Assertion" ? xml.DocumentElement : xml.GetElementsByTagName("Assertion", NameSpaces.saml)[0] as XmlElement;
            var sig       = xmlass.GetElementsByTagName("Signature", NameSpaces.ds)[0] as XmlElement;

            if (sig == null)
            {
                return(null);
            }
            sig = MakeSignatureCheckSamlCompliant(sig);
            LoadXml(sig);
            var cert = KeyInfo.Cast <KeyInfoX509Data>().Select(d => d.Certificates[0] as X509Certificate2).Where(c => c != null).FirstOrDefault();

            return(cert);
        }
Esempio n. 4
0
        public bool CheckEnvelopeSignature()
        {
            var nsManager = NameSpaces.MakeNsManager(xml.NameTable);
            var sig       = xml.SelectSingleNode("/soap:Envelope/soap:Header/wsse:Security/ds:Signature", nsManager) as XmlElement;

            if (sig == null)
            {
                throw new ModelBuildException("Could not find Liberty signature element");
            }
            sig = MakeSignatureCheckSamlCompliant(sig);
            LoadXml(sig);
            var cert = KeyInfo.Cast <KeyInfoX509Data>().Select(d => d.Certificates[0] as X509Certificate2).Where(c => c != null).FirstOrDefault();

            if (cert == null)
            {
                throw new InvalidOperationException("No X509Certificate2 certificate found in Keyinfo");
            }
            return(CheckSignature(cert, true));
        }
Esempio n. 5
0
        public XmlDocument Sign(X509Certificate2 cert)
        {
            var refnames = new [] { "#messageID", "#action", "#timestamp", "#body" };

            foreach (var s in refnames)
            {
                var reference = new Reference();
                reference.Uri = s;
                reference.AddTransform(new XmlDsigExcC14NTransform());
                reference.DigestMethod = XmlDsigSHA1Url;
                AddReference(reference);
            }

            SigningKey = cert.PrivateKey;
            SignedInfo.CanonicalizationMethod = new XmlDsigExcC14NTransform().Algorithm;
            SignedInfo.SignatureMethod        = XmlDsigRSASHA1Url;
            KeyInfo = new KeyInfo();
            KeyInfo.AddClause(new KeyInfoX509Data(cert));

            ComputeSignature();

            XmlElement signaelm  = GetXml();
            var        xSecurity = xml.SelectSingleNode("/soap:Envelope/soap:Header/wsse:Security", NameSpaces.MakeNsManager(xml.NameTable)) as XmlElement;

            if (xSecurity == null)
            {
                throw new InvalidOperationException("No Signature element found in /Envolope/Header/Security");
            }
            xSecurity.AppendChild(xSecurity.OwnerDocument.ImportNode(signaelm, true));

            return(xml);
        }