void EncryptElement(SendSecurityHeaderElement element) { string id = GenerateId(); ISecurityElement encryptedElement = CreateEncryptedData(CaptureSecurityElement(element.Item), id, true); this.referenceList.AddReferredId(id); element.Replace(id, encryptedElement); }
protected static MemoryStream CaptureSecurityElement(ISecurityElement element) { MemoryStream stream = new MemoryStream(); XmlDictionaryWriter writer = XmlDictionaryWriter.CreateTextWriter(stream); element.WriteTo(writer, ServiceModelDictionaryManager.Instance); writer.Flush(); stream.Seek(0, SeekOrigin.Begin); return(stream); }
public void WriteBodyToEncrypt(EncryptedData encryptedData, SymmetricAlgorithm algorithm) { encryptedData.Id = this.securityHeader.GenerateId(); BodyContentHelper helper = new BodyContentHelper(); XmlDictionaryWriter encryptingWriter = helper.CreateWriter(); this.InnerMessage.WriteBodyContents(encryptingWriter); encryptedData.SetUpEncryption(algorithm, helper.ExtractResult()); this.encryptedBodyContent = encryptedData; this.state = BodyState.Encrypted; }
protected override void OnClose() { try { this.InnerMessage.Close(); } finally { this.fullBodyBuffer = null; this.bodyAttributes = null; this.encryptedBodyContent = null; this.state = BodyState.Disposed; } }
public void WriteBodyToSignThenEncryptWithFragments( Stream stream, bool includeComments, string[] inclusivePrefixes, EncryptedData encryptedData, SymmetricAlgorithm algorithm, XmlDictionaryWriter writer) { IFragmentCapableXmlDictionaryWriter fragmentingWriter = (IFragmentCapableXmlDictionaryWriter)writer; SetBodyId(); encryptedData.Id = this.securityHeader.GenerateId(); this.startBodyFragment = new MemoryStream(); BufferedOutputStream bodyContentFragment = new BufferManagerOutputStream(SR.XmlBufferQuotaExceeded, 1024, int.MaxValue, this.securityHeader.StreamBufferManager); this.endBodyFragment = new MemoryStream(); writer.StartCanonicalization(stream, includeComments, inclusivePrefixes); fragmentingWriter.StartFragment(this.startBodyFragment, false); WriteStartInnerMessageWithId(writer); fragmentingWriter.EndFragment(); fragmentingWriter.StartFragment(bodyContentFragment, true); this.InnerMessage.WriteBodyContents(writer); fragmentingWriter.EndFragment(); fragmentingWriter.StartFragment(this.endBodyFragment, false); writer.WriteEndElement(); fragmentingWriter.EndFragment(); writer.EndCanonicalization(); int bodyLength; byte[] bodyBuffer = bodyContentFragment.ToArray(out bodyLength); encryptedData.SetUpEncryption(algorithm, new ArraySegment <byte>(bodyBuffer, 0, bodyLength)); this.encryptedBodyContent = encryptedData; this.state = BodyState.SignedThenEncrypted; }
public SendSecurityHeaderElement(string id, ISecurityElement item) { this.id = id; this.item = item; markedForEncryption = false; }
public void Replace(string id, ISecurityElement item) { Item = item; Id = id; }
public SendSecurityHeaderElement(string id, ISecurityElement item) { Id = id; Item = item; MarkedForEncryption = false; }
protected static MemoryStream CaptureSecurityElement(ISecurityElement element) { MemoryStream stream = new MemoryStream(); XmlDictionaryWriter writer = XmlDictionaryWriter.CreateTextWriter(stream); element.WriteTo(writer, ServiceModelDictionaryManager.Instance); writer.Flush(); stream.Seek(0, SeekOrigin.Begin); return stream; }
public bool IsSameItem(ISecurityElement item) { return this.item == item || this.item.Equals(item); }
protected override ISignatureValueSecurityElement CreateSupportingSignature(SecurityToken token, SecurityKeyIdentifier identifier, ISecurityElement elementToSign) { SecurityAlgorithmSuite algorithmSuite = this.AlgorithmSuite; string signatureAlgorithm; XmlDictionaryString signatureAlgorithmDictionaryString; SecurityKey signatureKey; algorithmSuite.GetSignatureAlgorithmAndKey(token, out signatureAlgorithm, out signatureKey, out signatureAlgorithmDictionaryString); SignedXml signedXml = new SignedXml(ServiceModelDictionaryManager.Instance, this.StandardsManager.SecurityTokenSerializer); SignedInfo signedInfo = signedXml.Signature.SignedInfo; signedInfo.CanonicalizationMethod = algorithmSuite.DefaultCanonicalizationAlgorithm; signedInfo.CanonicalizationMethodDictionaryString = algorithmSuite.DefaultCanonicalizationAlgorithmDictionaryString; signedInfo.SignatureMethod = signatureAlgorithm; signedInfo.SignatureMethodDictionaryString = signatureAlgorithmDictionaryString; if (elementToSign.Id == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.ElementToSignMustHaveId))); } Reference reference = new Reference(ServiceModelDictionaryManager.Instance, "#" + elementToSign.Id, elementToSign); reference.DigestMethod = algorithmSuite.DefaultDigestAlgorithm; reference.DigestMethodDictionaryString = algorithmSuite.DefaultDigestAlgorithmDictionaryString; reference.AddTransform(new ExclusiveCanonicalizationTransform()); ((StandardSignedInfo)signedInfo).AddReference(reference); signedXml.ComputeSignature(signatureKey); if (identifier != null) { signedXml.Signature.KeyIdentifier = identifier; } return(signedXml); }
public void WriteBodyToSignThenEncryptWithFragments( Stream stream, bool includeComments, string[] inclusivePrefixes, EncryptedData encryptedData, SymmetricAlgorithm algorithm, XmlDictionaryWriter writer) { IFragmentCapableXmlDictionaryWriter fragmentingWriter = (IFragmentCapableXmlDictionaryWriter) writer; SetBodyId(); encryptedData.Id = this.securityHeader.GenerateId(); this.startBodyFragment = new MemoryStream(); BufferedOutputStream bodyContentFragment = new BufferManagerOutputStream(SR.XmlBufferQuotaExceeded, 1024, int.MaxValue, this.securityHeader.StreamBufferManager); this.endBodyFragment = new MemoryStream(); writer.StartCanonicalization(stream, includeComments, inclusivePrefixes); fragmentingWriter.StartFragment(this.startBodyFragment, false); WriteStartInnerMessageWithId(writer); fragmentingWriter.EndFragment(); fragmentingWriter.StartFragment(bodyContentFragment, true); this.InnerMessage.WriteBodyContents(writer); fragmentingWriter.EndFragment(); fragmentingWriter.StartFragment(this.endBodyFragment, false); writer.WriteEndElement(); fragmentingWriter.EndFragment(); writer.EndCanonicalization(); int bodyLength; byte[] bodyBuffer = bodyContentFragment.ToArray(out bodyLength); encryptedData.SetUpEncryption(algorithm, new ArraySegment<byte>(bodyBuffer, 0, bodyLength)); this.encryptedBodyContent = encryptedData; this.state = BodyState.SignedThenEncrypted; }
public bool IsSameItem(ISecurityElement item) { return(this.item == item || this.item.Equals(item)); }
public void Replace(string id, ISecurityElement item) { this.item = item; this.id = id; }
protected override ISignatureValueSecurityElement CreateSupportingSignature(SecurityToken token, SecurityKeyIdentifier identifier, ISecurityElement elementToSign) { SecurityAlgorithmSuite algorithmSuite = this.AlgorithmSuite; string signatureAlgorithm; XmlDictionaryString signatureAlgorithmDictionaryString; SecurityKey signatureKey; algorithmSuite.GetSignatureAlgorithmAndKey(token, out signatureAlgorithm, out signatureKey, out signatureAlgorithmDictionaryString); SignedXml signedXml = new SignedXml(ServiceModelDictionaryManager.Instance, this.StandardsManager.SecurityTokenSerializer); SignedInfo signedInfo = signedXml.Signature.SignedInfo; signedInfo.CanonicalizationMethod = algorithmSuite.DefaultCanonicalizationAlgorithm; signedInfo.CanonicalizationMethodDictionaryString = algorithmSuite.DefaultCanonicalizationAlgorithmDictionaryString; signedInfo.SignatureMethod = signatureAlgorithm; signedInfo.SignatureMethodDictionaryString = signatureAlgorithmDictionaryString; if (elementToSign.Id == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.GetString(SR.ElementToSignMustHaveId))); } Reference reference = new Reference(ServiceModelDictionaryManager.Instance, "#" + elementToSign.Id, elementToSign); reference.DigestMethod = algorithmSuite.DefaultDigestAlgorithm; reference.DigestMethodDictionaryString = algorithmSuite.DefaultDigestAlgorithmDictionaryString; reference.AddTransform(new ExclusiveCanonicalizationTransform()); ((StandardSignedInfo)signedInfo).AddReference(reference); signedXml.ComputeSignature(signatureKey); if (identifier != null) { signedXml.Signature.KeyIdentifier = identifier; } return signedXml; }
protected abstract ISignatureValueSecurityElement CreateSupportingSignature(SecurityToken token, SecurityKeyIdentifier identifier, ISecurityElement primarySignature);