Exemplo n.º 1
0
        /// <summary>
        /// Digs the &lt;Signature&gt; element out of the document.
        /// </summary>
        /// <param name="el">The element.</param>
        /// <returns>The <see cref="SignedXml"/>.</returns>
        /// <exception cref="InvalidOperationException">if the document does not contain a signature.</exception>
        private static SignedXml RetrieveSignature(XmlElement el)
        {
            if (el.OwnerDocument.DocumentElement == null)
            {
                var doc = new XmlDocument()
                {
                    PreserveWhitespace = true
                };
                doc.LoadXml(el.OuterXml);
                el = doc.DocumentElement;
            }

            SignedXml signedXml = new SignedXmlWithIdResolvement(el);
            var       nodeList  = el.GetElementsByTagName(Schema.XmlDSig.Signature.ElementName, Saml20Constants.Xmldsig);

            if (nodeList.Count == 0)
            {
                throw new InvalidOperationException("Document does not contain a signature to verify.");
            }

            signedXml.LoadXml((XmlElement)nodeList[0]);

            // To support SHA256 for XML signatures, an additional algorithm must be enabled.
            // This is not supported in .Net versions older than 4.0. In older versions,
            // an exception will be raised if an SHA256 signature method is attempted to be used.
            if (signedXml.SignatureMethod.Contains("rsa-sha256"))
            {
                SetupSHA256();
            }

            // verify that the inlined signature has a valid reference uri
            VerifyReferenceUri(signedXml, el.GetAttribute("ID"));

            return(signedXml);
        }
Exemplo n.º 2
0
        /// <summary>
        /// Digs the &lt;Signature&gt; element out of the document.
        /// </summary>
        /// <param name="el">The element.</param>
        /// <returns>The <see cref="SignedXml"/>.</returns>
        /// <exception cref="InvalidOperationException">if the document does not contain a signature.</exception>
        private static SignedXml RetrieveSignature(XmlElement el)
        {
            if (el.OwnerDocument.DocumentElement == null)
            {
                var doc = new XmlDocument()
                {
                    PreserveWhitespace = true
                };
                doc.LoadXml(el.OuterXml);
                el = doc.DocumentElement;
            }

            SignedXml signedXml = new SignedXmlWithIdResolvement(el);
            var       nodeList  = el.GetElementsByTagName(Schema.XmlDSig.Signature.ElementName, Saml20Constants.Xmldsig);

            if (nodeList.Count == 0)
            {
                throw new InvalidOperationException("Document does not contain a signature to verify.");
            }

            signedXml.LoadXml((XmlElement)nodeList[0]);

            // To support SHA256 for XML signatures, an additional algorithm must be enabled.
            // This is not supported in .Net versions older than 4.0. In older versions,
            // an exception will be raised if an SHA256 signature method is attempted to be used.
            if (signedXml.SignatureMethod.Contains("rsa-sha256"))
            {
                var addAlgorithmMethod = typeof(CryptoConfig).GetMethod("AddAlgorithm", BindingFlags.Public | BindingFlags.Static);
                if (addAlgorithmMethod == null)
                {
                    throw new InvalidOperationException("This version of .Net does not support CryptoConfig.AddAlgorithm. Enabling sha256 not psosible.");
                }

                addAlgorithmMethod.Invoke(null, new object[] { typeof(RSAPKCS1SHA256SignatureDescription), new[] { signedXml.SignatureMethod } });
            }

            // verify that the inlined signature has a valid reference uri
            VerifyReferenceUri(signedXml, el.GetAttribute("ID"));

            return(signedXml);
        }
Exemplo n.º 3
0
        /// <summary>
        /// Digs the &lt;Signature&gt; element out of the document.
        /// </summary>
        /// <param name="el">The element.</param>
        /// <returns>The <see cref="SignedXml"/>.</returns>
        /// <exception cref="InvalidOperationException">if the document does not contain a signature.</exception>
        private static SignedXml RetrieveSignature(XmlElement el)
        {
            if (el.OwnerDocument.DocumentElement == null)
            {
                var doc = new XmlDocument() { PreserveWhitespace = true };
                doc.LoadXml(el.OuterXml);
                el = doc.DocumentElement;
            }

            SignedXml signedXml = new SignedXmlWithIdResolvement(el);
            var nodeList = el.GetElementsByTagName(Schema.XmlDSig.Signature.ElementName, Saml20Constants.Xmldsig);
            if (nodeList.Count == 0)
            {
                throw new InvalidOperationException("Document does not contain a signature to verify.");
            }

            signedXml.LoadXml((XmlElement)nodeList[0]);

            // To support SHA256 for XML signatures, an additional algorithm must be enabled.
            // This is not supported in .Net versions older than 4.0. In older versions,
            // an exception will be raised if an SHA256 signature method is attempted to be used.
            if (signedXml.SignatureMethod.Contains("rsa-sha256"))
            {
                var addAlgorithmMethod = typeof(CryptoConfig).GetMethod("AddAlgorithm", BindingFlags.Public | BindingFlags.Static);
                if (addAlgorithmMethod == null)
                {
                    throw new InvalidOperationException("This version of .Net does not support CryptoConfig.AddAlgorithm. Enabling sha256 not psosible.");
                }

                addAlgorithmMethod.Invoke(null, new object[] { typeof(RSAPKCS1SHA256SignatureDescription), new[] { signedXml.SignatureMethod } });
            }

            // verify that the inlined signature has a valid reference uri
            VerifyReferenceUri(signedXml, el.GetAttribute("ID"));

            return signedXml;
        }