public void KeepDocument () { string result = @"<dsig:Reference URI="""" xmlns:dsig=""http://www.w3.org/2000/09/xmldsig#""><dsig:Transforms><dsig:Transform Algorithm=""http://www.w3.org/2000/09/xmldsig#enveloped-signature"" /></dsig:Transforms><dsig:DigestMethod Algorithm=""http://www.w3.org/2000/09/xmldsig#sha1"" /><dsig:DigestValue>nDF2V/bzRd0VE3EwShWtsBzTEDc=</dsig:DigestValue></dsig:Reference>"; XmlDocument doc = new XmlDocument (); doc.LoadXml (xml); XmlElement org = (XmlElement) doc.SelectSingleNode ("//*[local-name()='Reference']"); Reference r = new Reference (); r.LoadXml (org); XmlElement el = r.GetXml (); Assert.AreEqual (doc, el.OwnerDocument); Assert.AreEqual (org, el); Assert.AreEqual (result, el.OuterXml); }
public void LoadXml(XmlElement value) { if (value == null) { throw new ArgumentNullException(nameof(value)); } // SignedInfo XmlElement signedInfoElement = value; if (!signedInfoElement.LocalName.Equals("SignedInfo")) { throw new CryptographicException(SR.Cryptography_Xml_InvalidElement, "SignedInfo"); } XmlNamespaceManager nsm = new XmlNamespaceManager(value.OwnerDocument.NameTable); nsm.AddNamespace("ds", SignedXml.XmlDsigNamespaceUrl); // Id attribute -- optional _id = Utils.GetAttribute(signedInfoElement, "Id", SignedXml.XmlDsigNamespaceUrl); // CanonicalizationMethod -- must be present XmlElement canonicalizationMethodElement = signedInfoElement.SelectSingleNode("ds:CanonicalizationMethod", nsm) as XmlElement; if (canonicalizationMethodElement == null) { throw new CryptographicException(SR.Cryptography_Xml_InvalidElement, "SignedInfo/CanonicalizationMethod"); } _canonicalizationMethod = Utils.GetAttribute(canonicalizationMethodElement, "Algorithm", SignedXml.XmlDsigNamespaceUrl); _canonicalizationMethodTransform = null; if (canonicalizationMethodElement.ChildNodes.Count > 0) { CanonicalizationMethodObject.LoadInnerXml(canonicalizationMethodElement.ChildNodes); } // SignatureMethod -- must be present XmlElement signatureMethodElement = signedInfoElement.SelectSingleNode("ds:SignatureMethod", nsm) as XmlElement; if (signatureMethodElement == null) { throw new CryptographicException(SR.Cryptography_Xml_InvalidElement, "SignedInfo/SignatureMethod"); } _signatureMethod = Utils.GetAttribute(signatureMethodElement, "Algorithm", SignedXml.XmlDsigNamespaceUrl); // Now get the output length if we are using a MAC algorithm XmlElement signatureLengthElement = signatureMethodElement.SelectSingleNode("ds:HMACOutputLength", nsm) as XmlElement; if (signatureLengthElement != null) { _signatureLength = signatureLengthElement.InnerXml; } // flush out any reference that was there _references.Clear(); XmlNodeList referenceNodes = signedInfoElement.SelectNodes("ds:Reference", nsm); if (referenceNodes != null) { foreach (XmlNode node in referenceNodes) { XmlElement referenceElement = node as XmlElement; Reference reference = new Reference(); AddReference(reference); reference.LoadXml(referenceElement); } } // Save away the cached value _cachedXml = signedInfoElement; }
public static bool VerifySignature(Stream xmlStream, Stream signatureStream, out X509Certificate2 certificate) { XmlDocument xmlDocument = new XmlDocument(); xmlDocument.Load(signatureStream); SignedXml signedXml = new SignedXml(); signedXml.LoadXml(xmlDocument.DocumentElement); certificate = signedXml.KeyInfo.OfType<KeyInfoX509Data>().SelectMany(c => c.Certificates.OfType<X509Certificate2>()).FirstOrDefault(); foreach (Reference reference in signedXml.SignedInfo.References.ToArray()) { Reference newReference = new Reference(xmlStream); newReference.LoadXml(reference.GetXml()); signedXml.AddReference(newReference); signedXml.SignedInfo.References.Remove(reference); } return signedXml.CheckSignature(); }
/// <include file='doc\SignedInfo.uex' path='docs/doc[@for="SignedInfo.LoadXml"]/*' /> public void LoadXml(XmlElement value) { // Guard against nulls if (value == null) { throw new ArgumentNullException("value"); } // SignedInfo XmlElement signedInfoElement = value; if (!signedInfoElement.LocalName.Equals("SignedInfo")) { throw new CryptographicException(SecurityResources.GetResourceString("Cryptography_Xml_InvalidElement"), "SignedInfo"); } XmlNamespaceManager nsm = new XmlNamespaceManager(value.OwnerDocument.NameTable); nsm.AddNamespace("ds", SignedXml.XmlDsigNamespaceUrl); // CanonicalizationMethod -- must be present XmlNodeList canonicalizationMethodNodes = signedInfoElement.SelectNodes("ds:CanonicalizationMethod", nsm); if (canonicalizationMethodNodes.Count == 0) { throw new CryptographicException(SecurityResources.GetResourceString("Cryptography_Xml_InvalidElement"), "SignedInfo/CanonicalizationMethod"); } XmlElement canonicalizationMethodElement = (XmlElement)canonicalizationMethodNodes.Item(0); m_strCanonicalizationMethod = canonicalizationMethodElement.GetAttribute("Algorithm"); // SignatureMethod -- must be present XmlNodeList signatureMethodNodes = signedInfoElement.SelectNodes("ds:SignatureMethod", nsm); if (signatureMethodNodes.Count == 0) { throw new CryptographicException(SecurityResources.GetResourceString("Cryptography_Xml_InvalidElement"), "SignedInfo/SignatureMethod"); } XmlElement signatureMethodElement = (XmlElement)signatureMethodNodes.Item(0); m_strSignatureMethod = signatureMethodElement.GetAttribute("Algorithm"); // Now get the output length if we are using a MAC algorithm XmlNodeList signatureLengthNodes = signatureMethodElement.SelectNodes("ds:HMACOutputLength", nsm); if (signatureLengthNodes.Count > 0) { m_strSignatureLength = signatureLengthNodes.Item(0).InnerXml; } // References if any // Flush the any reference that was there m_references.Clear(); XmlNodeList referenceNodes = signedInfoElement.SelectNodes("ds:Reference", nsm); for (int i = 0; i < referenceNodes.Count; ++i) { Reference reference = new Reference(); reference.LoadXml((XmlElement)referenceNodes.Item(i)); m_references.Add(reference); } // Save away the cached value m_cachedXml = signedInfoElement; }
public void LoadXml(XmlElement value) { if (value == null) { throw new ArgumentNullException("value"); } // SignedInfo XmlElement signedInfoElement = value; if (!signedInfoElement.LocalName.Equals("SignedInfo")) { throw new CryptographicException(SecurityResources.GetResourceString("Cryptography_Xml_InvalidElement"), "SignedInfo"); } XmlNamespaceManager nsm = new XmlNamespaceManager(value.OwnerDocument.NameTable); nsm.AddNamespace("ds", SignedXml.XmlDsigNamespaceUrl); int expectedChildNodes = 0; // Id attribute -- optional m_id = Utils.GetAttribute(signedInfoElement, "Id", SignedXml.XmlDsigNamespaceUrl); if (!Utils.VerifyAttributes(signedInfoElement, "Id")) { throw new CryptographicException(SecurityResources.GetResourceString("Cryptography_Xml_InvalidElement"), "SignedInfo"); } // CanonicalizationMethod -- must be present XmlNodeList canonicalizationMethodNodes = signedInfoElement.SelectNodes("ds:CanonicalizationMethod", nsm); if (canonicalizationMethodNodes == null || canonicalizationMethodNodes.Count == 0 || (!Utils.GetAllowAdditionalSignatureNodes() && canonicalizationMethodNodes.Count > 1)) { throw new CryptographicException(SecurityResources.GetResourceString("Cryptography_Xml_InvalidElement"), "SignedInfo/CanonicalizationMethod"); } XmlElement canonicalizationMethodElement = canonicalizationMethodNodes.Item(0) as XmlElement; expectedChildNodes += canonicalizationMethodNodes.Count; m_canonicalizationMethod = Utils.GetAttribute(canonicalizationMethodElement, "Algorithm", SignedXml.XmlDsigNamespaceUrl); if ((m_canonicalizationMethod == null && !Utils.GetSkipSignatureAttributeEnforcement()) || !Utils.VerifyAttributes(canonicalizationMethodElement, "Algorithm")) { throw new CryptographicException(SecurityResources.GetResourceString("Cryptography_Xml_InvalidElement"), "SignedInfo/CanonicalizationMethod"); } m_canonicalizationMethodTransform = null; if (canonicalizationMethodElement.ChildNodes.Count > 0) { this.CanonicalizationMethodObject.LoadInnerXml(canonicalizationMethodElement.ChildNodes); } // SignatureMethod -- must be present XmlNodeList signatureMethodNodes = signedInfoElement.SelectNodes("ds:SignatureMethod", nsm); if (signatureMethodNodes == null || signatureMethodNodes.Count == 0 || (!Utils.GetAllowAdditionalSignatureNodes() && signatureMethodNodes.Count > 1)) { throw new CryptographicException(SecurityResources.GetResourceString("Cryptography_Xml_InvalidElement"), "SignedInfo/SignatureMethod"); } XmlElement signatureMethodElement = signatureMethodNodes.Item(0) as XmlElement; expectedChildNodes += signatureMethodNodes.Count; m_signatureMethod = Utils.GetAttribute(signatureMethodElement, "Algorithm", SignedXml.XmlDsigNamespaceUrl); if ((m_signatureMethod == null && !Utils.GetSkipSignatureAttributeEnforcement()) || !Utils.VerifyAttributes(signatureMethodElement, "Algorithm")) { throw new CryptographicException(SecurityResources.GetResourceString("Cryptography_Xml_InvalidElement"), "SignedInfo/SignatureMethod"); } // Now get the output length if we are using a MAC algorithm XmlElement signatureLengthElement = signatureMethodElement.SelectSingleNode("ds:HMACOutputLength", nsm) as XmlElement; if (signatureLengthElement != null) { m_signatureLength = signatureLengthElement.InnerXml; } // flush out any reference that was there m_references.Clear(); // Reference - 0 or more XmlNodeList referenceNodes = signedInfoElement.SelectNodes("ds:Reference", nsm); if (referenceNodes != null) { if (referenceNodes.Count > Utils.GetMaxReferencesPerSignedInfo()) { throw new CryptographicException(SecurityResources.GetResourceString("Cryptography_Xml_InvalidElement"), "SignedInfo/Reference"); } foreach (XmlNode node in referenceNodes) { XmlElement referenceElement = node as XmlElement; Reference reference = new Reference(); AddReference(reference); reference.LoadXml(referenceElement); } expectedChildNodes += referenceNodes.Count; } // Verify that there aren't any extra nodes that aren't allowed if (!Utils.GetAllowAdditionalSignatureNodes() && (signedInfoElement.SelectNodes("*").Count != expectedChildNodes)) { throw new CryptographicException(SecurityResources.GetResourceString("Cryptography_Xml_InvalidElement"), "SignedInfo"); } // Save away the cached value m_cachedXml = signedInfoElement; }
public void LoadXml(XmlElement value) { if (value == null) { throw new ArgumentNullException("value"); } XmlElement element = value; if (!element.LocalName.Equals("SignedInfo")) { throw new CryptographicException(SecurityResources.GetResourceString("Cryptography_Xml_InvalidElement"), "SignedInfo"); } XmlNamespaceManager nsmgr = new XmlNamespaceManager(value.OwnerDocument.NameTable); nsmgr.AddNamespace("ds", "http://www.w3.org/2000/09/xmldsig#"); this.m_id = System.Security.Cryptography.Xml.Utils.GetAttribute(element, "Id", "http://www.w3.org/2000/09/xmldsig#"); XmlElement element2 = element.SelectSingleNode("ds:CanonicalizationMethod", nsmgr) as XmlElement; if (element2 == null) { throw new CryptographicException(SecurityResources.GetResourceString("Cryptography_Xml_InvalidElement"), "SignedInfo/CanonicalizationMethod"); } this.m_canonicalizationMethod = System.Security.Cryptography.Xml.Utils.GetAttribute(element2, "Algorithm", "http://www.w3.org/2000/09/xmldsig#"); this.m_canonicalizationMethodTransform = null; if (element2.ChildNodes.Count > 0) { this.CanonicalizationMethodObject.LoadInnerXml(element2.ChildNodes); } XmlElement element3 = element.SelectSingleNode("ds:SignatureMethod", nsmgr) as XmlElement; if (element3 == null) { throw new CryptographicException(SecurityResources.GetResourceString("Cryptography_Xml_InvalidElement"), "SignedInfo/SignatureMethod"); } this.m_signatureMethod = System.Security.Cryptography.Xml.Utils.GetAttribute(element3, "Algorithm", "http://www.w3.org/2000/09/xmldsig#"); XmlElement element4 = element3.SelectSingleNode("ds:HMACOutputLength", nsmgr) as XmlElement; if (element4 != null) { this.m_signatureLength = element4.InnerXml; } this.m_references.Clear(); XmlNodeList list = element.SelectNodes("ds:Reference", nsmgr); if (list != null) { foreach (XmlNode node in list) { XmlElement element5 = node as XmlElement; Reference reference = new Reference(); this.AddReference(reference); reference.LoadXml(element5); } } this.m_cachedXml = element; }
public void LoadXml (XmlElement value) { if (value == null) throw new ArgumentNullException ("value"); if ((value.LocalName != XmlSignature.ElementNames.Manifest) || (value.NamespaceURI != XmlSignature.NamespaceURI)) throw new CryptographicException (); id = GetAttribute (value, XmlSignature.AttributeNames.Id); for (int i = 0; i < value.ChildNodes.Count; i++) { XmlNode n = value.ChildNodes [i]; if (n.NodeType == XmlNodeType.Element && n.LocalName == XmlSignature.ElementNames.Reference && n.NamespaceURI == XmlSignature.NamespaceURI) { Reference r = new Reference (); r.LoadXml ((XmlElement) n); AddReference (r); } } element = value; }
public void LoadXml (XmlElement value) { if (value == null) throw new ArgumentNullException ("value"); if ((value.LocalName != XmlSignature.ElementNames.SignedInfo) || (value.NamespaceURI != XmlSignature.NamespaceURI)) throw new CryptographicException (); id = GetAttribute (value, XmlSignature.AttributeNames.Id); c14nMethod = XmlSignature.GetAttributeFromElement (value, XmlSignature.AttributeNames.Algorithm, XmlSignature.ElementNames.CanonicalizationMethod); XmlElement sm = XmlSignature.GetChildElement (value, XmlSignature.ElementNames.SignatureMethod, XmlSignature.NamespaceURI); if (sm != null) { signatureMethod = sm.GetAttribute (XmlSignature.AttributeNames.Algorithm); XmlElement length = XmlSignature.GetChildElement (sm, XmlSignature.ElementNames.HMACOutputLength, XmlSignature.NamespaceURI); if (length != null) { signatureLength = length.InnerText; } } for (int i = 0; i < value.ChildNodes.Count; i++) { XmlNode n = value.ChildNodes [i]; if (n.NodeType == XmlNodeType.Element && n.LocalName == XmlSignature.ElementNames.Reference && n.NamespaceURI == XmlSignature.NamespaceURI) { Reference r = new Reference (); r.LoadXml ((XmlElement) n); AddReference (r); } } element = value; }
public void LoadXml(XmlElement value) { if (value == null) throw new ArgumentNullException("value"); // SignedInfo XmlElement signedInfoElement = value; if (!signedInfoElement.LocalName.Equals("SignedInfo")) throw new CryptographicException(SecurityResources.GetResourceString("Cryptography_Xml_InvalidElement"), "SignedInfo"); XmlNamespaceManager nsm = new XmlNamespaceManager(value.OwnerDocument.NameTable); nsm.AddNamespace("ds", SignedXml.XmlDsigNamespaceUrl); // Id attribute -- optional m_id = Utils.GetAttribute(signedInfoElement, "Id", SignedXml.XmlDsigNamespaceUrl); // CanonicalizationMethod -- must be present XmlElement canonicalizationMethodElement = signedInfoElement.SelectSingleNode("ds:CanonicalizationMethod", nsm) as XmlElement; if (canonicalizationMethodElement == null) throw new CryptographicException(SecurityResources.GetResourceString("Cryptography_Xml_InvalidElement"),"SignedInfo/CanonicalizationMethod"); m_canonicalizationMethod = Utils.GetAttribute(canonicalizationMethodElement, "Algorithm", SignedXml.XmlDsigNamespaceUrl); m_canonicalizationMethodTransform = null; if (canonicalizationMethodElement.ChildNodes.Count > 0) this.CanonicalizationMethodObject.LoadInnerXml(canonicalizationMethodElement.ChildNodes); // SignatureMethod -- must be present XmlElement signatureMethodElement = signedInfoElement.SelectSingleNode("ds:SignatureMethod", nsm) as XmlElement; if (signatureMethodElement == null) throw new CryptographicException(SecurityResources.GetResourceString("Cryptography_Xml_InvalidElement"),"SignedInfo/SignatureMethod"); m_signatureMethod = Utils.GetAttribute(signatureMethodElement, "Algorithm", SignedXml.XmlDsigNamespaceUrl); // Now get the output length if we are using a MAC algorithm XmlElement signatureLengthElement = signatureMethodElement.SelectSingleNode("ds:HMACOutputLength", nsm) as XmlElement; if (signatureLengthElement != null) m_signatureLength = signatureLengthElement.InnerXml; // flush out any reference that was there m_references.Clear(); XmlNodeList referenceNodes = signedInfoElement.SelectNodes("ds:Reference", nsm); if (referenceNodes != null) { foreach(XmlNode node in referenceNodes) { XmlElement referenceElement = node as XmlElement; Reference reference = new Reference(); AddReference(reference); reference.LoadXml(referenceElement); } } // Save away the cached value m_cachedXml = signedInfoElement; }