private static void AuthenticodeSignLicenseDom(XmlDocument licenseDom, System.Deployment.Internal.CodeSigning.CmiManifestSigner signer, string timeStampUrl) { if (signer.Certificate.PublicKey.Key.GetType() != typeof(RSACryptoServiceProvider)) { throw new NotSupportedException(); } System.Deployment.Internal.CodeSigning.ManifestSignedXml xml = new System.Deployment.Internal.CodeSigning.ManifestSignedXml(licenseDom) { SigningKey = signer.Certificate.PrivateKey }; xml.SignedInfo.CanonicalizationMethod = "http://www.w3.org/2001/10/xml-exc-c14n#"; xml.KeyInfo.AddClause(new RSAKeyValue(signer.Certificate.PublicKey.Key as RSA)); xml.KeyInfo.AddClause(new KeyInfoX509Data(signer.Certificate, signer.IncludeOption)); Reference reference = new Reference { Uri = "" }; reference.AddTransform(new XmlDsigEnvelopedSignatureTransform()); reference.AddTransform(new XmlDsigExcC14NTransform()); xml.AddReference(reference); xml.ComputeSignature(); XmlElement node = xml.GetXml(); node.SetAttribute("Id", "AuthenticodeSignature"); XmlNamespaceManager nsmgr = new XmlNamespaceManager(licenseDom.NameTable); nsmgr.AddNamespace("r", "urn:mpeg:mpeg21:2003:01-REL-R-NS"); (licenseDom.SelectSingleNode("r:license/r:issuer", nsmgr) as XmlElement).AppendChild(licenseDom.ImportNode(node, true)); if ((timeStampUrl != null) && (timeStampUrl.Length != 0)) { TimestampSignedLicenseDom(licenseDom, timeStampUrl); } licenseDom.DocumentElement.ParentNode.InnerXml = "<msrel:RelData xmlns:msrel=\"http://schemas.microsoft.com/windows/rel/2005/reldata\">" + licenseDom.OuterXml + "</msrel:RelData>"; }
private static void StrongNameSignManifestDom(XmlDocument manifestDom, XmlDocument licenseDom, System.Deployment.Internal.CodeSigning.CmiManifestSigner signer) { RSA strongNameKey = signer.StrongNameKey as RSA; if (strongNameKey == null) { throw new NotSupportedException(); } XmlNamespaceManager nsmgr = new XmlNamespaceManager(manifestDom.NameTable); nsmgr.AddNamespace("asm", "urn:schemas-microsoft-com:asm.v1"); XmlElement elem = manifestDom.SelectSingleNode("asm:assembly", nsmgr) as XmlElement; if (elem == null) { throw new CryptographicException(-2146762749); } System.Deployment.Internal.CodeSigning.ManifestSignedXml xml = new System.Deployment.Internal.CodeSigning.ManifestSignedXml(elem) { SigningKey = signer.StrongNameKey }; xml.SignedInfo.CanonicalizationMethod = "http://www.w3.org/2001/10/xml-exc-c14n#"; xml.KeyInfo.AddClause(new RSAKeyValue(strongNameKey)); if (licenseDom != null) { xml.KeyInfo.AddClause(new KeyInfoNode(licenseDom.DocumentElement)); } xml.KeyInfo.Id = "StrongNameKeyInfo"; Reference reference = new Reference { Uri = "" }; reference.AddTransform(new XmlDsigEnvelopedSignatureTransform()); reference.AddTransform(new XmlDsigExcC14NTransform()); xml.AddReference(reference); xml.ComputeSignature(); XmlElement newChild = xml.GetXml(); newChild.SetAttribute("Id", "StrongNameSignature"); elem.AppendChild(newChild); }
internal void Verify(System.Deployment.Internal.CodeSigning.CmiManifestVerifyFlags verifyFlags) { this.m_strongNameSignerInfo = null; this.m_authenticodeSignerInfo = null; XmlNamespaceManager nsmgr = new XmlNamespaceManager(this.m_manifestDom.NameTable); nsmgr.AddNamespace("ds", "http://www.w3.org/2000/09/xmldsig#"); XmlElement element = this.m_manifestDom.SelectSingleNode("//ds:Signature", nsmgr) as XmlElement; if (element == null) { throw new CryptographicException(-2146762496); } string name = "Id"; if (!element.HasAttribute(name)) { name = "id"; if (!element.HasAttribute(name)) { name = "ID"; if (!element.HasAttribute(name)) { throw new CryptographicException(-2146762749); } } } string attribute = element.GetAttribute(name); if ((attribute == null) || (string.Compare(attribute, "StrongNameSignature", StringComparison.Ordinal) != 0)) { throw new CryptographicException(-2146762749); } bool oldFormat = false; bool flag2 = false; foreach (XmlNode node in element.SelectNodes("ds:SignedInfo/ds:Reference", nsmgr)) { XmlElement element2 = node as XmlElement; if ((element2 != null) && element2.HasAttribute("URI")) { string strA = element2.GetAttribute("URI"); if (strA != null) { if (strA.Length == 0) { XmlNode node2 = element2.SelectSingleNode("ds:Transforms", nsmgr); if (node2 == null) { throw new CryptographicException(-2146762749); } XmlNodeList list2 = node2.SelectNodes("ds:Transform", nsmgr); if (list2.Count < 2) { throw new CryptographicException(-2146762749); } bool flag3 = false; bool flag4 = false; for (int i = 0; i < list2.Count; i++) { string str4 = (list2[i] as XmlElement).GetAttribute("Algorithm"); if (str4 == null) { break; } if (string.Compare(str4, "http://www.w3.org/2001/10/xml-exc-c14n#", StringComparison.Ordinal) != 0) { flag3 = true; if (!flag4) { continue; } flag2 = true; break; } if (string.Compare(str4, "http://www.w3.org/2000/09/xmldsig#enveloped-signature", StringComparison.Ordinal) != 0) { flag4 = true; if (flag3) { flag2 = true; break; } } } } else if (string.Compare(strA, "#StrongNameKeyInfo", StringComparison.Ordinal) == 0) { oldFormat = true; XmlNode node3 = node.SelectSingleNode("ds:Transforms", nsmgr); if (node3 == null) { throw new CryptographicException(-2146762749); } XmlNodeList list3 = node3.SelectNodes("ds:Transform", nsmgr); if (list3.Count < 1) { throw new CryptographicException(-2146762749); } for (int j = 0; j < list3.Count; j++) { string str5 = (list3[j] as XmlElement).GetAttribute("Algorithm"); if (str5 == null) { break; } if (string.Compare(str5, "http://www.w3.org/2001/10/xml-exc-c14n#", StringComparison.Ordinal) != 0) { flag2 = true; break; } } } } } } if (!flag2) { throw new CryptographicException(-2146762749); } string publicKeyToken = this.VerifyPublicKeyToken(); this.m_strongNameSignerInfo = new System.Deployment.Internal.CodeSigning.CmiStrongNameSignerInfo(-2146762485, publicKeyToken); System.Deployment.Internal.CodeSigning.ManifestSignedXml xml = new System.Deployment.Internal.CodeSigning.ManifestSignedXml(this.m_manifestDom, true); xml.LoadXml(element); AsymmetricAlgorithm signingKey = null; bool flag5 = xml.CheckSignatureReturningKey(out signingKey); this.m_strongNameSignerInfo.PublicKey = signingKey; if (!flag5) { this.m_strongNameSignerInfo.ErrorCode = -2146869232; throw new CryptographicException(-2146869232); } if ((verifyFlags & System.Deployment.Internal.CodeSigning.CmiManifestVerifyFlags.StrongNameOnly) != System.Deployment.Internal.CodeSigning.CmiManifestVerifyFlags.StrongNameOnly) { this.VerifyLicense(verifyFlags, oldFormat); } }