private void ComputeSignature() { PreDigestedSignedInfo signedInfo = new PreDigestedSignedInfo(_dictionaryManager); signedInfo.AddEnvelopedSignatureTransform = true; signedInfo.CanonicalizationMethod = XD.ExclusiveC14NDictionary.Namespace.Value; signedInfo.SignatureMethod = _signingCreds.SignatureAlgorithm; signedInfo.DigestMethod = _signingCreds.DigestAlgorithm; signedInfo.AddReference(_referenceId, _hashStream.FlushHashAndGetValue(_preCanonicalTracingStream)); SignedXml signedXml = new SignedXml(signedInfo, _dictionaryManager, _tokenSerializer); signedXml.ComputeSignature(_signingCreds.SigningKey); signedXml.Signature.KeyIdentifier = _signingCreds.SigningKeyIdentifier; signedXml.WriteTo(base.InnerWriter); ((IDisposable)_hashStream).Dispose(); _hashStream = null; }
protected override void StartPrimarySignatureCore(SecurityToken token, SecurityKeyIdentifier keyIdentifier, MessagePartSpecification signatureParts, bool generateTargettableSignature) { string str3; XmlDictionaryString str4; SecurityAlgorithmSuite algorithmSuite = base.AlgorithmSuite; string defaultCanonicalizationAlgorithm = algorithmSuite.DefaultCanonicalizationAlgorithm; XmlDictionaryString defaultCanonicalizationAlgorithmDictionaryString = algorithmSuite.DefaultCanonicalizationAlgorithmDictionaryString; if (defaultCanonicalizationAlgorithm != "http://www.w3.org/2001/10/xml-exc-c14n#") { throw System.ServiceModel.DiagnosticUtility.ExceptionUtility.ThrowHelperError(new MessageSecurityException(System.ServiceModel.SR.GetString("UnsupportedCanonicalizationAlgorithm", new object[] { algorithmSuite.DefaultCanonicalizationAlgorithm }))); } algorithmSuite.GetSignatureAlgorithmAndKey(token, out str3, out this.signatureKey, out str4); string defaultDigestAlgorithm = algorithmSuite.DefaultDigestAlgorithm; XmlDictionaryString defaultDigestAlgorithmDictionaryString = algorithmSuite.DefaultDigestAlgorithmDictionaryString; this.signedInfo = new PreDigestedSignedInfo(ServiceModelDictionaryManager.Instance, defaultCanonicalizationAlgorithm, defaultCanonicalizationAlgorithmDictionaryString, defaultDigestAlgorithm, defaultDigestAlgorithmDictionaryString, str3, str4); this.signedXml = new SignedXml(this.signedInfo, ServiceModelDictionaryManager.Instance, base.StandardsManager.SecurityTokenSerializer); if (keyIdentifier != null) { this.signedXml.Signature.KeyIdentifier = keyIdentifier; } if (generateTargettableSignature) { this.signedXml.Id = base.GenerateId(); } this.effectiveSignatureParts = signatureParts; this.hashStream = this.signedInfo.ResourcePool.TakeHashStream(defaultDigestAlgorithm); }
protected override ISignatureValueSecurityElement CompletePrimarySignatureCore(SendSecurityHeaderElement[] signatureConfirmations, SecurityToken[] signedEndorsingTokens, SecurityToken[] signedTokens, SendSecurityHeaderElement[] basicTokens) { ISignatureValueSecurityElement signedXml; if (this.signedXml == null) { return null; } SecurityTimestamp timestamp = base.Timestamp; if (timestamp != null) { if (timestamp.Id == null) { throw System.ServiceModel.DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(System.ServiceModel.SR.GetString("TimestampToSignHasNoId"))); } HashStream stream = this.TakeHashStream(); base.StandardsManager.WSUtilitySpecificationVersion.WriteTimestampCanonicalForm(stream, timestamp, this.signedInfo.ResourcePool.TakeEncodingBuffer()); this.signedInfo.AddReference(timestamp.Id, stream.FlushHashAndGetValue()); } if ((base.ShouldSignToHeader && (this.signatureKey is AsymmetricSecurityKey)) && (base.Version.Addressing != AddressingVersion.None)) { if (this.toHeaderHash == null) { throw System.ServiceModel.DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(System.ServiceModel.SR.GetString("TransportSecurityRequireToHeader"))); } this.signedInfo.AddReference(this.toHeaderId, this.toHeaderHash); } this.AddSignatureReference(signatureConfirmations); if (base.RequireMessageProtection) { this.AddSignatureReference(signedEndorsingTokens); this.AddSignatureReference(signedTokens); this.AddSignatureReference(basicTokens); } if (this.signedInfo.ReferenceCount == 0) { throw TraceUtility.ThrowHelperError(new MessageSecurityException(System.ServiceModel.SR.GetString("NoPartsOfMessageMatchedPartsToSign")), base.Message); } try { this.signedXml.ComputeSignature(this.signatureKey); signedXml = this.signedXml; } finally { this.hashStream = null; this.signedInfo = null; this.signedXml = null; this.signatureKey = null; this.effectiveSignatureParts = null; } return signedXml; }
void ICanonicalWriterEndRootElementCallback.OnEndOfRootElement(XmlDictionaryWriter dictionaryWriter) { byte[] hashValue = this.hashStream.FlushHashAndGetValue(); PreDigestedSignedInfo signedInfo = new PreDigestedSignedInfo(this.dictionaryManager); signedInfo.AddEnvelopedSignatureTransform = true; signedInfo.CanonicalizationMethod = SecurityAlgorithms.ExclusiveC14n; signedInfo.SignatureMethod = this.signingCredentials.SignatureAlgorithm; signedInfo.DigestMethod = this.signingCredentials.DigestAlgorithm; signedInfo.AddReference(this.assertionId, hashValue); SignedXml signedXml = new SignedXml(signedInfo, this.dictionaryManager, this.keyInfoSerializer); signedXml.ComputeSignature(this.signingCredentials.SigningKey); signedXml.Signature.KeyIdentifier = this.signingCredentials.SigningKeyIdentifier; signedXml.WriteTo(dictionaryWriter); }
void ICanonicalWriterEndRootElementCallback.OnEndOfRootElement(XmlDictionaryWriter dictionaryWriter) { byte[] digest = this.hashStream.FlushHashAndGetValue(); PreDigestedSignedInfo signedInfo = new PreDigestedSignedInfo(this.dictionaryManager) { AddEnvelopedSignatureTransform = true, CanonicalizationMethod = "http://www.w3.org/2001/10/xml-exc-c14n#", SignatureMethod = this.signingCredentials.SignatureAlgorithm, DigestMethod = this.signingCredentials.DigestAlgorithm }; signedInfo.AddReference(this.assertionId, digest); SignedXml xml = new SignedXml(signedInfo, this.dictionaryManager, this.keyInfoSerializer); xml.ComputeSignature(this.signingCredentials.SigningKey); xml.Signature.KeyIdentifier = this.signingCredentials.SigningKeyIdentifier; xml.WriteTo(dictionaryWriter); }
public void WriteSignedInfoCanonicalForm(Stream stream, string signatureMethod, string digestMethod, PreDigestedSignedInfo.ReferenceEntry[] references, int referenceCount, byte[] workBuffer, char[] base64WorkBuffer) { stream.Write(this.fragment1, 0, this.fragment1.Length); byte[] buffer = this.EncodeSignatureAlgorithm(signatureMethod); stream.Write(buffer, 0, buffer.Length); stream.Write(this.fragment2, 0, this.fragment2.Length); byte[] buffer2 = this.EncodeDigestAlgorithm(digestMethod); for (int i = 0; i < referenceCount; i++) { stream.Write(this.fragment3, 0, this.fragment3.Length); CanonicalFormWriter.EncodeAndWrite(stream, workBuffer, references[i].id); stream.Write(this.fragment4, 0, this.fragment4.Length); stream.Write(buffer2, 0, buffer2.Length); stream.Write(this.fragment5, 0, this.fragment5.Length); CanonicalFormWriter.Base64EncodeAndWrite(stream, workBuffer, base64WorkBuffer, references[i].digest); stream.Write(this.fragment6, 0, this.fragment6.Length); } stream.Write(this.fragment7, 0, this.fragment7.Length); }