public void LoadXml(XmlElement value)
{
if (value == null)
{
throw new ArgumentNullException("value");
}
m_id = Utils.GetAttribute(value, "Id", SignedXml.XmlDsigNamespaceUrl);
m_uri = Utils.GetAttribute(value, "URI", SignedXml.XmlDsigNamespaceUrl);
m_type = Utils.GetAttribute(value, "Type", SignedXml.XmlDsigNamespaceUrl);
if (!Utils.VerifyAttributes(value, new string[] { "Id", "URI", "Type" }))
{
throw new CryptographicException(SecurityResources.GetResourceString("Cryptography_Xml_InvalidElement"), "Reference");
}
XmlNamespaceManager nsm = new XmlNamespaceManager(value.OwnerDocument.NameTable);
nsm.AddNamespace("ds", SignedXml.XmlDsigNamespaceUrl);
// Transforms
bool hasTransforms = false;
this.TransformChain = new TransformChain();
XmlNodeList transformsNodes = value.SelectNodes("ds:Transforms", nsm);
if (transformsNodes != null && transformsNodes.Count != 0)
{
if (!Utils.GetAllowAdditionalSignatureNodes() && transformsNodes.Count > 1)
{
throw new CryptographicException(SecurityResources.GetResourceString("Cryptography_Xml_InvalidElement"), "Reference/Transforms");
}
hasTransforms = true;
XmlElement transformsElement = transformsNodes[0] as XmlElement;
if (!Utils.VerifyAttributes(transformsElement, (string[])null))
{
throw new CryptographicException(SecurityResources.GetResourceString("Cryptography_Xml_InvalidElement"), "Reference/Transforms");
}
XmlNodeList transformNodes = transformsElement.SelectNodes("ds:Transform", nsm);
if (transformNodes != null)
{
if (!Utils.GetAllowAdditionalSignatureNodes() && (transformNodes.Count != transformsElement.SelectNodes("*").Count))
{
throw new CryptographicException(SecurityResources.GetResourceString("Cryptography_Xml_InvalidElement"), "Reference/Transforms");
}
if (transformNodes.Count > Utils.GetMaxTransformsPerReference())
{
throw new CryptographicException(SecurityResources.GetResourceString("Cryptography_Xml_InvalidElement"), "Reference/Transforms");
}
foreach (XmlNode transformNode in transformNodes)
{
XmlElement transformElement = transformNode as XmlElement;
string algorithm = Utils.GetAttribute(transformElement, "Algorithm", SignedXml.XmlDsigNamespaceUrl);
if ((algorithm == null && !Utils.GetSkipSignatureAttributeEnforcement()) || !Utils.VerifyAttributes(transformElement, "Algorithm"))
{
throw new CryptographicException(SecurityResources.GetResourceString("Cryptography_Xml_UnknownTransform"));
}
Transform transform = Utils.CreateFromName <Transform>(algorithm);
if (transform == null)
{
throw new CryptographicException(SecurityResources.GetResourceString("Cryptography_Xml_UnknownTransform"));
}
AddTransform(transform);
// let the transform read the children of the transformElement for data
transform.LoadInnerXml(transformElement.ChildNodes);
// Hack! this is done to get around the lack of here() function support in XPath
if (transform is XmlDsigEnvelopedSignatureTransform)
{
// Walk back to the Signature tag. Find the nearest signature ancestor
// Signature-->SignedInfo-->Reference-->Transforms-->Transform
XmlNode signatureTag = transformElement.SelectSingleNode("ancestor::ds:Signature[1]", nsm);
XmlNodeList signatureList = transformElement.SelectNodes("//ds:Signature", nsm);
if (signatureList != null)
{
int position = 0;
foreach (XmlNode node in signatureList)
{
position++;
if (node == signatureTag)
{
((XmlDsigEnvelopedSignatureTransform)transform).SignaturePosition = position;
break;
}
}
}
}
}
}
}
// DigestMethod
XmlNodeList digestMethodNodes = value.SelectNodes("ds:DigestMethod", nsm);
if (digestMethodNodes == null || digestMethodNodes.Count == 0 || (!Utils.GetAllowAdditionalSignatureNodes() && digestMethodNodes.Count > 1))
{
throw new CryptographicException(SecurityResources.GetResourceString("Cryptography_Xml_InvalidElement"), "Reference/DigestMethod");
}
XmlElement digestMethodElement = digestMethodNodes[0] as XmlElement;
m_digestMethod = Utils.GetAttribute(digestMethodElement, "Algorithm", SignedXml.XmlDsigNamespaceUrl);
if ((m_digestMethod == null && !Utils.GetSkipSignatureAttributeEnforcement()) || !Utils.VerifyAttributes(digestMethodElement, "Algorithm"))
{
throw new CryptographicException(SecurityResources.GetResourceString("Cryptography_Xml_InvalidElement"), "Reference/DigestMethod");
}
// DigestValue
XmlNodeList digestValueNodes = value.SelectNodes("ds:DigestValue", nsm);
if (digestValueNodes == null || digestValueNodes.Count == 0 || (!Utils.GetAllowAdditionalSignatureNodes() && digestValueNodes.Count > 1))
{
throw new CryptographicException(SecurityResources.GetResourceString("Cryptography_Xml_InvalidElement"), "Reference/DigestValue");
}
XmlElement digestValueElement = digestValueNodes[0] as XmlElement;
m_digestValue = Convert.FromBase64String(Utils.DiscardWhiteSpaces(digestValueElement.InnerText));
if (!Utils.VerifyAttributes(digestValueElement, (string[])null))
{
throw new CryptographicException(SecurityResources.GetResourceString("Cryptography_Xml_InvalidElement"), "Reference/DigestValue");
}
// Verify that there aren't any extra nodes that aren't allowed
int expectedChildNodeCount = hasTransforms ? 3 : 2;
if (!Utils.GetAllowAdditionalSignatureNodes() && (value.SelectNodes("*").Count != expectedChildNodeCount))
{
throw new CryptographicException(SecurityResources.GetResourceString("Cryptography_Xml_InvalidElement"), "Reference");
}
// cache the Xml
m_cachedXml = value;
}
