protected override void StartPrimarySignatureCore(SecurityToken token, SecurityKeyIdentifier keyIdentifier, MessagePartSpecification signatureParts, bool generateTargettableSignature) { SecurityAlgorithmSuite suite = this.AlgorithmSuite; string canonicalizationAlgorithm = suite.DefaultCanonicalizationAlgorithm; XmlDictionaryString canonicalizationAlgorithmDictionaryString = suite.DefaultCanonicalizationAlgorithmDictionaryString; if (canonicalizationAlgorithm != SecurityAlgorithms.ExclusiveC14n) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError( new MessageSecurityException(SR.GetString(SR.UnsupportedCanonicalizationAlgorithm, suite.DefaultCanonicalizationAlgorithm))); } string signatureAlgorithm; XmlDictionaryString signatureAlgorithmDictionaryString; suite.GetSignatureAlgorithmAndKey(token, out signatureAlgorithm, out this.signatureKey, out signatureAlgorithmDictionaryString); string digestAlgorithm = suite.DefaultDigestAlgorithm; XmlDictionaryString digestAlgorithmDictionaryString = suite.DefaultDigestAlgorithmDictionaryString; this.signedInfo = new PreDigestedSignedInfo(ServiceModelDictionaryManager.Instance, canonicalizationAlgorithm, canonicalizationAlgorithmDictionaryString, digestAlgorithm, digestAlgorithmDictionaryString, signatureAlgorithm, signatureAlgorithmDictionaryString); this.signedXml = new SignedXml(this.signedInfo, ServiceModelDictionaryManager.Instance, this.StandardsManager.SecurityTokenSerializer); if (keyIdentifier != null) { this.signedXml.Signature.KeyIdentifier = keyIdentifier; } if (generateTargettableSignature) { this.signedXml.Id = GenerateId(); } this.effectiveSignatureParts = signatureParts; this.hashStream = this.signedInfo.ResourcePool.TakeHashStream(digestAlgorithm); }
protected override ISignatureValueSecurityElement CompletePrimarySignatureCore( SendSecurityHeaderElement[] signatureConfirmations, SecurityToken[] signedEndorsingTokens, SecurityToken[] signedTokens, SendSecurityHeaderElement[] basicTokens, bool isPrimarySignature) { if (this.signedXml == null) { return null; } SecurityTimestamp timestamp = this.Timestamp; if (timestamp != null) { if (timestamp.Id == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.TimestampToSignHasNoId))); } HashStream hashStream = TakeHashStream(); this.StandardsManager.WSUtilitySpecificationVersion.WriteTimestampCanonicalForm( hashStream, timestamp, this.signedInfo.ResourcePool.TakeEncodingBuffer()); signedInfo.AddReference(timestamp.Id, hashStream.FlushHashAndGetValue()); } if ((this.ShouldSignToHeader) && (this.signatureKey is AsymmetricSecurityKey) && (this.Version.Addressing != AddressingVersion.None)) { if (this.toHeaderHash != null) signedInfo.AddReference(this.toHeaderId, this.toHeaderHash); else throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.TransportSecurityRequireToHeader))); } AddSignatureReference(signatureConfirmations); if (isPrimarySignature && this.ShouldProtectTokens) { AddPrimaryTokenSignatureReference(this.ElementContainer.SourceSigningToken, this.SigningTokenParameters); } if (this.RequireMessageProtection) { AddSignatureReference(signedEndorsingTokens, SecurityTokenAttachmentMode.SignedEndorsing); AddSignatureReference(signedTokens, SecurityTokenAttachmentMode.Signed); AddSignatureReference(basicTokens); } if (this.signedInfo.ReferenceCount == 0) { throw TraceUtility.ThrowHelperError(new MessageSecurityException(SR.GetString(SR.NoPartsOfMessageMatchedPartsToSign)), this.Message); } try { this.signedXml.ComputeSignature(this.signatureKey); return this.signedXml; } finally { this.hashStream = null; this.signedInfo = null; this.signedXml = null; this.signatureKey = null; this.effectiveSignatureParts = null; } }
protected override ISignatureValueSecurityElement CompletePrimarySignatureCore( SendSecurityHeaderElement[] signatureConfirmations, SecurityToken[] signedEndorsingTokens, SecurityToken[] signedTokens, SendSecurityHeaderElement[] basicTokens, bool isPrimarySignature) { if (this.signedXml == null) { return(null); } SecurityTimestamp timestamp = this.Timestamp; if (timestamp != null) { if (timestamp.Id == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.TimestampToSignHasNoId))); } HashStream hashStream = TakeHashStream(); this.StandardsManager.WSUtilitySpecificationVersion.WriteTimestampCanonicalForm( hashStream, timestamp, this.signedInfo.ResourcePool.TakeEncodingBuffer()); signedInfo.AddReference(timestamp.Id, hashStream.FlushHashAndGetValue()); } if ((this.ShouldSignToHeader) && (this.signatureKey is AsymmetricSecurityKey) && (this.Version.Addressing != AddressingVersion.None)) { if (this.toHeaderHash != null) { signedInfo.AddReference(this.toHeaderId, this.toHeaderHash); } else { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.TransportSecurityRequireToHeader))); } } AddSignatureReference(signatureConfirmations); if (isPrimarySignature && this.ShouldProtectTokens) { AddPrimaryTokenSignatureReference(this.ElementContainer.SourceSigningToken, this.SigningTokenParameters); } if (this.RequireMessageProtection) { AddSignatureReference(signedEndorsingTokens, SecurityTokenAttachmentMode.SignedEndorsing); AddSignatureReference(signedTokens, SecurityTokenAttachmentMode.Signed); AddSignatureReference(basicTokens); } if (this.signedInfo.ReferenceCount == 0) { throw TraceUtility.ThrowHelperError(new MessageSecurityException(SR.GetString(SR.NoPartsOfMessageMatchedPartsToSign)), this.Message); } try { this.signedXml.ComputeSignature(this.signatureKey); return(this.signedXml); } finally { this.hashStream = null; this.signedInfo = null; this.signedXml = null; this.signatureKey = null; this.effectiveSignatureParts = null; } }