protected override ISignatureValueSecurityElement CompletePrimarySignatureCore(SendSecurityHeaderElement[] signatureConfirmations, SecurityToken[] signedEndorsingTokens, SecurityToken[] signedTokens, SendSecurityHeaderElement[] basicTokens) { ISignatureValueSecurityElement signedXml; if (this.signedXml == null) { return(null); } SecurityTimestamp timestamp = base.Timestamp; if (timestamp != null) { if (timestamp.Id == null) { throw System.ServiceModel.DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(System.ServiceModel.SR.GetString("TimestampToSignHasNoId"))); } HashStream stream = this.TakeHashStream(); base.StandardsManager.WSUtilitySpecificationVersion.WriteTimestampCanonicalForm(stream, timestamp, this.signedInfo.ResourcePool.TakeEncodingBuffer()); this.signedInfo.AddReference(timestamp.Id, stream.FlushHashAndGetValue()); } if ((base.ShouldSignToHeader && (this.signatureKey is AsymmetricSecurityKey)) && (base.Version.Addressing != AddressingVersion.None)) { if (this.toHeaderHash == null) { throw System.ServiceModel.DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(System.ServiceModel.SR.GetString("TransportSecurityRequireToHeader"))); } this.signedInfo.AddReference(this.toHeaderId, this.toHeaderHash); } this.AddSignatureReference(signatureConfirmations); if (base.RequireMessageProtection) { this.AddSignatureReference(signedEndorsingTokens); this.AddSignatureReference(signedTokens); this.AddSignatureReference(basicTokens); } if (this.signedInfo.ReferenceCount == 0) { throw TraceUtility.ThrowHelperError(new MessageSecurityException(System.ServiceModel.SR.GetString("NoPartsOfMessageMatchedPartsToSign")), base.Message); } try { this.signedXml.ComputeSignature(this.signatureKey); signedXml = this.signedXml; } finally { this.hashStream = null; this.signedInfo = null; this.signedXml = null; this.signatureKey = null; this.effectiveSignatureParts = null; } return(signedXml); }
private void AddSignatureReference(SecurityToken token) { if (token.Id == null) { throw TraceUtility.ThrowHelperError(new MessageSecurityException(System.ServiceModel.SR.GetString("ElementToSignMustHaveId")), base.Message); } HashStream stream = this.TakeHashStream(); XmlDictionaryWriter writer = this.TakeUtf8Writer(); writer.StartCanonicalization(stream, false, null); base.StandardsManager.SecurityTokenSerializer.WriteToken(writer, token); writer.EndCanonicalization(); this.signedInfo.AddReference(token.Id, stream.FlushHashAndGetValue()); }
private string GetSignatureHash(MessageHeader header, string headerId, IPrefixGenerator prefixGenerator, XmlDictionaryWriter writer, out byte[] hash) { HashStream hashStream = TakeHashStream(); XmlDictionaryWriter effectiveWriter; XmlBuffer canonicalBuffer = null; if (writer.CanCanonicalize) { effectiveWriter = writer; } else { canonicalBuffer = new XmlBuffer(int.MaxValue); effectiveWriter = canonicalBuffer.OpenSection(XmlDictionaryReaderQuotas.Max); } effectiveWriter.StartCanonicalization(hashStream, false, null); header.WriteStartHeader(effectiveWriter, Version); if (headerId == null) { headerId = GenerateId(); StandardsManager.IdManager.WriteIdAttribute(effectiveWriter, headerId); } header.WriteHeaderContents(effectiveWriter, Version); effectiveWriter.WriteEndElement(); effectiveWriter.EndCanonicalization(); effectiveWriter.Flush(); if (!ReferenceEquals(effectiveWriter, writer)) { Fx.Assert(canonicalBuffer != null, "Canonical buffer cannot be null."); canonicalBuffer.CloseSection(); canonicalBuffer.Close(); XmlDictionaryReader dicReader = canonicalBuffer.GetReader(0); writer.WriteNode(dicReader, false); dicReader.Close(); } hash = hashStream.FlushHashAndGetValue(); return(headerId); }
private void AddSignatureReference(SendSecurityHeaderElement[] elements) { if (elements != null) { for (int i = 0; i < elements.Length; i++) { if (elements[i].Id == null) { throw TraceUtility.ThrowHelperError(new MessageSecurityException(System.ServiceModel.SR.GetString("ElementToSignMustHaveId")), base.Message); } HashStream stream = this.TakeHashStream(); XmlDictionaryWriter writer = this.TakeUtf8Writer(); writer.StartCanonicalization(stream, false, null); elements[i].Item.WriteTo(writer, ServiceModelDictionaryManager.Instance); writer.EndCanonicalization(); this.signedInfo.AddReference(elements[i].Id, stream.FlushHashAndGetValue()); } } }
internal override SecurityTimestamp ReadTimestamp(XmlDictionaryReader reader, string digestAlgorithm, SignatureResourcePool resourcePool) { DateTime maxUtcDateTime; byte[] buffer; bool flag = (digestAlgorithm != null) && reader.CanCanonicalize; HashStream stream = null; reader.MoveToStartElement(System.ServiceModel.XD.UtilityDictionary.Timestamp, System.ServiceModel.XD.UtilityDictionary.Namespace); if (flag) { stream = resourcePool.TakeHashStream(digestAlgorithm); reader.StartCanonicalization(stream, false, null); } string attribute = reader.GetAttribute(System.ServiceModel.XD.UtilityDictionary.IdAttribute, System.ServiceModel.XD.UtilityDictionary.Namespace); reader.ReadStartElement(); reader.ReadStartElement(System.ServiceModel.XD.UtilityDictionary.CreatedElement, System.ServiceModel.XD.UtilityDictionary.Namespace); DateTime creationTimeUtc = reader.ReadContentAsDateTime().ToUniversalTime(); reader.ReadEndElement(); if (reader.IsStartElement(System.ServiceModel.XD.UtilityDictionary.ExpiresElement, System.ServiceModel.XD.UtilityDictionary.Namespace)) { reader.ReadStartElement(); maxUtcDateTime = reader.ReadContentAsDateTime().ToUniversalTime(); reader.ReadEndElement(); } else { maxUtcDateTime = System.ServiceModel.Security.SecurityUtils.MaxUtcDateTime; } reader.ReadEndElement(); if (flag) { reader.EndCanonicalization(); buffer = stream.FlushHashAndGetValue(); } else { buffer = null; } return(new SecurityTimestamp(creationTimeUtc, maxUtcDateTime, attribute, digestAlgorithm, buffer)); }
private string GetSignatureHash(MessageHeader header, string headerId, IPrefixGenerator prefixGenerator, XmlDictionaryWriter writer, out byte[] hash) { XmlDictionaryWriter writer2; HashStream stream = this.TakeHashStream(); XmlBuffer buffer = null; if (writer.CanCanonicalize) { writer2 = writer; } else { buffer = new XmlBuffer(0x7fffffff); writer2 = buffer.OpenSection(XmlDictionaryReaderQuotas.Max); } writer2.StartCanonicalization(stream, false, null); header.WriteStartHeader(writer2, base.Version); if (headerId == null) { headerId = base.GenerateId(); base.StandardsManager.IdManager.WriteIdAttribute(writer2, headerId); } header.WriteHeaderContents(writer2, base.Version); writer2.WriteEndElement(); writer2.EndCanonicalization(); writer2.Flush(); if (!object.ReferenceEquals(writer2, writer)) { buffer.CloseSection(); buffer.Close(); XmlDictionaryReader reader = buffer.GetReader(0); writer.WriteNode(reader, false); reader.Close(); } hash = stream.FlushHashAndGetValue(); return(headerId); }