//------------------------------------------------------ // // Internal Members // //----------------------------------------------------- internal SignatureVerificationEventArgs(PackageDigitalSignature signature, VerifyResult result) { // verify arguments if (signature == null) throw new ArgumentNullException("signature"); if (result < VerifyResult.Success || result > VerifyResult.NotSigned) throw new System.ArgumentOutOfRangeException("result"); _signature = signature; _result = result; }
private PackageDigitalSignature Sign( IEnumerable<Uri> parts, IEnumerable<PackageRelationshipSelector> relationshipSelectors, X509Certificate2 signer, String signatureId, bool embedCertificate, IEnumerable<System.Security.Cryptography.Xml.DataObject> signatureObjects, IEnumerable<System.Security.Cryptography.Xml.Reference> objectReferences) { // don't overwrite Debug.Assert(SignaturePart.GetStream().Length == 0, "Logic Error: Can't sign when signature already exists"); // grab hash algorithm as this may change in the future _hashAlgorithmName = _manager.HashAlgorithm; // keep the signer if indicated if (_manager.CertificateOption == CertificateEmbeddingOption.NotEmbedded) _lookForEmbeddedCert = false; // don't bother parsing else _certificate = signer; // save some parsing // we only release this key if we obtain it AsymmetricAlgorithm key = null; bool ownKey = false; if (signer.HasPrivateKey) { key = signer.PrivateKey; } else { ownKey = true; key = GetPrivateKeyForSigning(signer); } try { _signedXml = new CustomSignedXml(); _signedXml.SigningKey = key; _signedXml.Signature.Id = signatureId; // put it in the XML if (embedCertificate) { _signedXml.KeyInfo = GenerateKeyInfo(key, signer); } // Package object tag // convert from string to class and ensure we dispose using (HashAlgorithm hashAlgorithm = GetHashAlgorithm(_hashAlgorithmName)) { // inform caller if hash algorithm is unknown if (hashAlgorithm == null) throw new InvalidOperationException(SR.Get(SRID.UnsupportedHashAlgorithm)); _signedXml.AddObject(GenerateObjectTag(hashAlgorithm, parts, relationshipSelectors, signatureId)); } // add reference from SignedInfo to Package object tag Reference objectReference = new Reference(XTable.Get(XTable.ID.OpcLinkAttrValue)); objectReference.Type = XTable.Get(XTable.ID.W3CSignatureNamespaceRoot) + "Object"; objectReference.DigestMethod = _hashAlgorithmName; _signedXml.AddReference(objectReference); // add any custom object tags AddCustomObjectTags(signatureObjects, objectReferences); // compute the signature SignedXml xmlSig = _signedXml; (new PermissionSet(PermissionState.Unrestricted)).Assert(); try { xmlSig.ComputeSignature(); } finally { PermissionSet.RevertAssert(); } // persist UpdatePartFromSignature(_signedXml.Signature); } finally { if (key != null && ownKey) ((IDisposable)key).Dispose(); } // create the PackageDigitalSignature object _signature = new PackageDigitalSignature(_manager, this); return _signature; }
// load signatures from container private void EnsureSignatures() { if (_signatures == null) { _signatures = new List<PackageDigitalSignature>(); // no signatures if origin not found if (OriginPartExists()) { // find all signatures from this origin (if any) PackageRelationshipCollection relationships = _originPart.GetRelationshipsByType( _originToSignatureRelationshipType); foreach (PackageRelationship r in relationships) { // don't resolve if external if (r.TargetMode != TargetMode.Internal) throw new FileFormatException(SR.Get(SRID.PackageSignatureCorruption)); Uri signaturePartName = PackUriHelper.ResolvePartUri(_originPart.Uri, r.TargetUri); // throw if part does not exist if (!_container.PartExists(signaturePartName)) throw new FileFormatException(SR.Get(SRID.PackageSignatureCorruption)); PackagePart signaturePart = _container.GetPart(signaturePartName); // ignore future signature types that we do not recognize if (signaturePart.ValidatedContentType.AreTypeAndSubTypeEqual (XmlDigitalSignatureProcessor.ContentType)) { // parse it PackageDigitalSignature signature = new PackageDigitalSignature(this, signaturePart); // add to the list _signatures.Add(signature); } } } } }
//------------------------------------------------------ // // Internal Methods // //------------------------------------------------------ /// <summary> /// Constructor - called from PackageDigitalSignatureManager when opening an existing signature /// </summary> /// <param name="manager">current DigitalSignatureManager</param> /// <param name="packageSignature">public signature object</param> /// <param name="signaturePart">the part that will/does house the associated XML signature</param> internal XmlDigitalSignatureProcessor(PackageDigitalSignatureManager manager, PackagePart signaturePart, PackageDigitalSignature packageSignature) : this(manager, signaturePart) { _signature = packageSignature; }