private void VerifySignature(SignedXml signature, SecurityKey signatureVerificationKey) { if (signature == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("signature"); } if (signatureVerificationKey == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("signatureVerificatonKey"); } signature.StartSignatureVerification(signatureVerificationKey); signature.EnsureDigestValidity(this.assertionId, this.tokenStream); signature.CompleteSignatureVerification(); }
protected override SecurityToken VerifySignature(SignedXml signedXml, bool isPrimarySignature, SecurityHeaderTokenResolver resolver, object signatureTarget, string id) { SecurityToken token = this.ResolveSignatureToken(signedXml.Signature.KeyIdentifier, resolver, isPrimarySignature); if (isPrimarySignature) { base.RecordSignatureToken(token); } ReadOnlyCollection <SecurityKey> securityKeys = token.SecurityKeys; SecurityKey securityKey = ((securityKeys != null) && (securityKeys.Count > 0)) ? securityKeys[0] : null; if (securityKey == null) { throw System.ServiceModel.DiagnosticUtility.ExceptionUtility.ThrowHelperError(new MessageSecurityException(System.ServiceModel.SR.GetString("UnableToCreateICryptoFromTokenForSignatureVerification", new object[] { token }))); } base.AlgorithmSuite.EnsureAcceptableSignatureKeySize(securityKey, token); base.AlgorithmSuite.EnsureAcceptableSignatureAlgorithm(securityKey, signedXml.Signature.SignedInfo.SignatureMethod); signedXml.StartSignatureVerification(securityKey); StandardSignedInfo signedInfo = (StandardSignedInfo)signedXml.Signature.SignedInfo; this.ValidateDigestsOfTargetsInSecurityHeader(signedInfo, base.Timestamp, isPrimarySignature, signatureTarget, id); if (!isPrimarySignature) { if ((!base.RequireMessageProtection && (securityKey is AsymmetricSecurityKey)) && (base.Version.Addressing != AddressingVersion.None)) { int headerIndex = base.Message.Headers.FindHeader(System.ServiceModel.XD.AddressingDictionary.To.Value, base.Message.Version.Addressing.Namespace); if (headerIndex == -1) { throw System.ServiceModel.DiagnosticUtility.ExceptionUtility.ThrowHelperError(new MessageSecurityException(System.ServiceModel.SR.GetString("TransportSecuredMessageMissingToHeader"))); } XmlDictionaryReader readerAtHeader = base.Message.Headers.GetReaderAtHeader(headerIndex); id = readerAtHeader.GetAttribute(System.ServiceModel.XD.UtilityDictionary.IdAttribute, System.ServiceModel.XD.UtilityDictionary.Namespace); if (id == null) { throw System.ServiceModel.DiagnosticUtility.ExceptionUtility.ThrowHelperError(new MessageSecurityException(System.ServiceModel.SR.GetString("UnsignedToHeaderInTransportSecuredMessage"))); } signedXml.EnsureDigestValidity(id, readerAtHeader); } signedXml.CompleteSignatureVerification(); return(token); } this.pendingSignature = signedXml; return(token); }