void CheckProperties (XmlDsigExcC14NWithCommentsTransform transform)
		{
			Assert.AreEqual ("http://www.w3.org/2001/10/xml-exc-c14n#WithComments",
				transform.Algorithm, "Algorithm");

			Type[] input = transform.InputTypes;
			Assert.AreEqual (3, input.Length, "Input #");
			// check presence of every supported input types
			bool istream = false;
			bool ixmldoc = false;
			bool ixmlnl = false;
			foreach (Type t in input) {
				if (t == typeof (Stream))
					istream = true;
				if (t == typeof (XmlDocument))
					ixmldoc = true;
				if (t == typeof (XmlNodeList))
					ixmlnl = true;
			}
			Assert.IsTrue (istream, "Input Stream");
			Assert.IsTrue (ixmldoc, "Input XmlDocument");
			Assert.IsTrue (ixmlnl, "Input XmlNodeList");

			Type[] output = transform.OutputTypes;
			Assert.AreEqual (1, output.Length, "Output #");
			Assert.AreEqual (typeof (Stream), output [0], "Output Type");
		}
예제 #2
0
        /// <remarks>Sólo se implementan las transformadas de canonicalización</remarks>

        private Stream SignedInfoTransformed()
        {
            System.Security.Cryptography.Xml.Transform t = null;
            switch (signature.SignedInfo.CanonicalizationMethod)
            {
            case XmlSignatureConstants.XmlDsigC14NTransformUrl:
                t = new System.Security.Cryptography.Xml.XmlDsigC14NTransform();
                break;

            case XmlSignatureConstants.XmlDsigC14NWithCommentsTransformUrl:
                t = new System.Security.Cryptography.Xml.XmlDsigC14NWithCommentsTransform();
                break;

            case XmlSignatureConstants.XmlDsigExcC14NTransformUrl:
                t = new System.Security.Cryptography.Xml.XmlDsigExcC14NTransform(signature.SignedInfo.InclusiveNamespaces);
                break;

            case XmlSignatureConstants.XmlDsigExcC14NWithCommentsTransformUrl:
                t = new System.Security.Cryptography.Xml.XmlDsigExcC14NWithCommentsTransform();
                break;

            default:
                t = null;
                break;
            }
            if (t == null)
            {
                return(null);
            }

            XmlDocument doc = new XmlDocument();

            doc.PreserveWhitespace = true;

            XmlElement signatureNode = (XmlElement)envdoc.SelectSingleNode("//*[@Id='" + signature.Id + "']");

            if (signatureNode != null)
            {
                XmlNamespaceManager xmlnsManager = new XmlNamespaceManager(envdoc.NameTable);
                xmlnsManager.AddNamespace("ds", "http://www.w3.org/2000/09/xmldsig#");

                XmlNode signedInfoNode = signatureNode.SelectSingleNode("ds:SignedInfo", xmlnsManager);

                doc.LoadXml(signedInfoNode.OuterXml);
            }
            else
            {
                doc.LoadXml(signature.SignedInfo.GetXml().OuterXml);
            }

            var namespaces = GetAllNamespaces(signatureNode);

            foreach (var item in namespaces)
            {
                AddNameSpace(doc, doc.DocumentElement, item.Name, item.Value);
            }

            return(ApplyTransform(t, doc));
        }
예제 #3
0
        public virtual void LoadXml(XmlElement value)
        {
            if (value == null)
            {
                throw new ArgumentNullException("value");
            }
            else
            {
                Uri            = null;
                TransformChain = new TransformChain();

                foreach (XmlNode n in value.ChildNodes)
                {
                    if (n is XmlWhitespace)
                    {
                        continue;
                    }

                    switch (n.LocalName)
                    {
                    case XmlEncryption.ElementNames.Transforms:
                        foreach (XmlNode xn in ((XmlElement)n).GetElementsByTagName(XmlSignature.ElementNames.Transform, XmlSignature.NamespaceURI))
                        {
                            Transform t = null;
                            switch (((XmlElement)xn).Attributes [XmlSignature.AttributeNames.Algorithm].Value)
                            {
                            case XmlSignature.AlgorithmNamespaces.XmlDsigBase64Transform:
                                t = new XmlDsigBase64Transform();
                                break;

                            case XmlSignature.AlgorithmNamespaces.XmlDsigC14NTransform:
                                t = new XmlDsigC14NTransform();
                                break;

                            case XmlSignature.AlgorithmNamespaces.XmlDsigC14NWithCommentsTransform:
                                t = new XmlDsigC14NWithCommentsTransform();
                                break;

                            case XmlSignature.AlgorithmNamespaces.XmlDsigEnvelopedSignatureTransform:
                                t = new XmlDsigEnvelopedSignatureTransform();
                                break;

                            case XmlSignature.AlgorithmNamespaces.XmlDsigXPathTransform:
                                t = new XmlDsigXPathTransform();
                                break;

                            case XmlSignature.AlgorithmNamespaces.XmlDsigXsltTransform:
                                t = new XmlDsigXsltTransform();
                                break;

#if NET_2_0
                            case XmlSignature.AlgorithmNamespaces.XmlDsigExcC14NTransform:
                                t = new XmlDsigExcC14NTransform();
                                break;

                            case XmlSignature.AlgorithmNamespaces.XmlDsigExcC14NWithCommentsTransform:
                                t = new XmlDsigExcC14NWithCommentsTransform();
                                break;

                            case XmlSignature.AlgorithmNamespaces.XmlDecryptionTransform:
                                t = new XmlDecryptionTransform();
                                break;
#endif
                            default:
                                continue;
                            }

                            t.LoadInnerXml(((XmlElement)xn).ChildNodes);
                            TransformChain.Add(t);
                        }
                        break;
                    }
                }

                if (value.HasAttribute(XmlEncryption.AttributeNames.URI))
                {
                    Uri = value.Attributes [XmlEncryption.AttributeNames.URI].Value;
                }
            }
        }
예제 #4
0
		public virtual void LoadXml (XmlElement value)
		{
			if (value == null)
				throw new ArgumentNullException ("value");
			else {
				Uri = null;
				TransformChain = new TransformChain ();

				foreach (XmlNode n in value.ChildNodes) {
					if (n is XmlWhitespace)
						continue;

					switch (n.LocalName) {
					case XmlEncryption.ElementNames.Transforms:
						foreach (XmlNode xn in ((XmlElement) n).GetElementsByTagName (XmlSignature.ElementNames.Transform, XmlSignature.NamespaceURI)) {
							Transform t = null;
							switch (((XmlElement) xn).Attributes [XmlSignature.AttributeNames.Algorithm].Value) {
							case XmlSignature.AlgorithmNamespaces.XmlDsigBase64Transform:
								t = new XmlDsigBase64Transform ();
								break;
							case XmlSignature.AlgorithmNamespaces.XmlDsigC14NTransform:
								t = new XmlDsigC14NTransform ();
								break;
							case XmlSignature.AlgorithmNamespaces.XmlDsigC14NWithCommentsTransform:
								t = new XmlDsigC14NWithCommentsTransform ();
								break;
							case XmlSignature.AlgorithmNamespaces.XmlDsigEnvelopedSignatureTransform:
								t = new XmlDsigEnvelopedSignatureTransform ();
								break;
							case XmlSignature.AlgorithmNamespaces.XmlDsigXPathTransform:
								t = new XmlDsigXPathTransform ();
								break;
							case XmlSignature.AlgorithmNamespaces.XmlDsigXsltTransform:
								t = new XmlDsigXsltTransform ();
								break;
							case XmlSignature.AlgorithmNamespaces.XmlDsigExcC14NTransform:
								t = new XmlDsigExcC14NTransform ();
								break;
							case XmlSignature.AlgorithmNamespaces.XmlDsigExcC14NWithCommentsTransform:
								t = new XmlDsigExcC14NWithCommentsTransform ();
								break;
							case XmlSignature.AlgorithmNamespaces.XmlDecryptionTransform:
								t = new XmlDecryptionTransform ();
								break;
							default:
								continue;
							}

							t.LoadInnerXml (((XmlElement) xn).ChildNodes);
							TransformChain.Add (t);
						}
						break;
					}
				}

				if (value.HasAttribute (XmlEncryption.AttributeNames.URI))
					Uri = value.Attributes [XmlEncryption.AttributeNames.URI].Value;
			}
		}
예제 #5
0
        /// <summary>
        /// Signs the specified xml document with the certificate found in
        /// the local machine matching the provided friendly name and 
        /// referring to the specified target reference ID.
        /// </summary>
        /// <param name="certFriendlyName">
        /// Friendly Name of the X509Certificate to be retrieved
        /// from the LocalMachine keystore and used to sign the xml document.
        /// Be sure to have appropriate permissions set on the keystore.
        /// </param>
        /// <param name="xmlDoc">
        /// XML document to be signed.
        /// </param>
        /// <param name="targetReferenceId">
        /// Reference element that will be specified as signed.
        /// </param>
        /// <param name="includePublicKey">
        /// Flag to determine whether to include the public key in the 
        /// signed xml.
        /// </param>       
        /// <param name="serviceProviderInstance">
        /// ServiceProvider instance for retreaving Signature transform 
        /// and canonicalization method
        /// </param>
        public static void SignXml(string certFriendlyName, IXPathNavigable xmlDoc, string targetReferenceId, bool includePublicKey, ServiceProvider serviceProviderInstance)
        {
            if (string.IsNullOrEmpty(certFriendlyName))
            {
                throw new Saml2Exception(Resources.SignedXmlInvalidCertFriendlyName);
            }

            if (xmlDoc == null)
            {
                throw new Saml2Exception(Resources.SignedXmlInvalidXml);
            }

            if (string.IsNullOrEmpty(targetReferenceId))
            {
                throw new Saml2Exception(Resources.SignedXmlInvalidTargetRefId);
            }

            X509Certificate2 cert = FedletCertificateFactory.GetCertificateByFriendlyName(certFriendlyName);
            if (cert == null)
            {
                throw new Saml2Exception(Resources.SignedXmlCertNotFound);
            }

            XmlDocument xml = (XmlDocument)xmlDoc;
            SignedXml signedXml = new SignedXml(xml);
            signedXml.SigningKey = cert.PrivateKey;

            if (includePublicKey)
            {
                KeyInfo keyInfo = new KeyInfo();
                keyInfo.AddClause(new KeyInfoX509Data(cert));
                signedXml.KeyInfo = keyInfo;
            }

            Reference reference = new Reference();
            reference.Uri = "#" + targetReferenceId;

            //Read the transform type and canonicalization method from sp-extended.xml
            string transformType = serviceProviderInstance.SignatureTransformMethod;
            string canonicalizationMethodType = serviceProviderInstance.CanonicalizationMethod;
            Transform sigTransform;

            //Implement the gathered data
            switch(transformType){
                case "XmlDsigExcC14NTransform":
                    sigTransform = new XmlDsigExcC14NTransform();
                    break;
                case "XmlDsigExcC14NWithCommentsTransform":
                    sigTransform = new XmlDsigExcC14NWithCommentsTransform();
                    break;    
                default: 
                    sigTransform = new XmlDsigEnvelopedSignatureTransform();
                    break;
            }

            if (canonicalizationMethodType != null && 
                    (canonicalizationMethodType == SignedXml.XmlDsigExcC14NTransformUrl 
                    || canonicalizationMethodType == SignedXml.XmlDsigExcC14NWithCommentsTransformUrl))
                    {
                        signedXml.Signature.SignedInfo.CanonicalizationMethod = canonicalizationMethodType;
                    }
            
            reference.AddTransform(sigTransform);
            signedXml.AddReference(reference);
            signedXml.ComputeSignature();

            XmlElement xmlSignature = signedXml.GetXml();
 
            XmlNamespaceManager nsMgr = new XmlNamespaceManager(xml.NameTable);
            nsMgr.AddNamespace("ds", SignedXml.XmlDsigNamespaceUrl);
            nsMgr.AddNamespace("saml", Saml2Constants.NamespaceSamlAssertion);
            nsMgr.AddNamespace("samlp", Saml2Constants.NamespaceSamlProtocol);

            XmlNode issuerNode = xml.DocumentElement.SelectSingleNode("saml:Issuer", nsMgr);
            if (issuerNode != null)
            {
                xml.DocumentElement.InsertAfter(xmlSignature, issuerNode);
            }
            else
            {
                // Insert as a child to the target reference id
                XmlNode targetNode = xml.DocumentElement.SelectSingleNode("//*[@ID='" + targetReferenceId + "']", nsMgr);
                targetNode.PrependChild(xmlSignature);
            }
        }