void CheckProperties (XmlDsigExcC14NWithCommentsTransform transform) { Assert.AreEqual ("http://www.w3.org/2001/10/xml-exc-c14n#WithComments", transform.Algorithm, "Algorithm"); Type[] input = transform.InputTypes; Assert.AreEqual (3, input.Length, "Input #"); // check presence of every supported input types bool istream = false; bool ixmldoc = false; bool ixmlnl = false; foreach (Type t in input) { if (t == typeof (Stream)) istream = true; if (t == typeof (XmlDocument)) ixmldoc = true; if (t == typeof (XmlNodeList)) ixmlnl = true; } Assert.IsTrue (istream, "Input Stream"); Assert.IsTrue (ixmldoc, "Input XmlDocument"); Assert.IsTrue (ixmlnl, "Input XmlNodeList"); Type[] output = transform.OutputTypes; Assert.AreEqual (1, output.Length, "Output #"); Assert.AreEqual (typeof (Stream), output [0], "Output Type"); }
/// <remarks>Sólo se implementan las transformadas de canonicalización</remarks> private Stream SignedInfoTransformed() { System.Security.Cryptography.Xml.Transform t = null; switch (signature.SignedInfo.CanonicalizationMethod) { case XmlSignatureConstants.XmlDsigC14NTransformUrl: t = new System.Security.Cryptography.Xml.XmlDsigC14NTransform(); break; case XmlSignatureConstants.XmlDsigC14NWithCommentsTransformUrl: t = new System.Security.Cryptography.Xml.XmlDsigC14NWithCommentsTransform(); break; case XmlSignatureConstants.XmlDsigExcC14NTransformUrl: t = new System.Security.Cryptography.Xml.XmlDsigExcC14NTransform(signature.SignedInfo.InclusiveNamespaces); break; case XmlSignatureConstants.XmlDsigExcC14NWithCommentsTransformUrl: t = new System.Security.Cryptography.Xml.XmlDsigExcC14NWithCommentsTransform(); break; default: t = null; break; } if (t == null) { return(null); } XmlDocument doc = new XmlDocument(); doc.PreserveWhitespace = true; XmlElement signatureNode = (XmlElement)envdoc.SelectSingleNode("//*[@Id='" + signature.Id + "']"); if (signatureNode != null) { XmlNamespaceManager xmlnsManager = new XmlNamespaceManager(envdoc.NameTable); xmlnsManager.AddNamespace("ds", "http://www.w3.org/2000/09/xmldsig#"); XmlNode signedInfoNode = signatureNode.SelectSingleNode("ds:SignedInfo", xmlnsManager); doc.LoadXml(signedInfoNode.OuterXml); } else { doc.LoadXml(signature.SignedInfo.GetXml().OuterXml); } var namespaces = GetAllNamespaces(signatureNode); foreach (var item in namespaces) { AddNameSpace(doc, doc.DocumentElement, item.Name, item.Value); } return(ApplyTransform(t, doc)); }
public virtual void LoadXml(XmlElement value) { if (value == null) { throw new ArgumentNullException("value"); } else { Uri = null; TransformChain = new TransformChain(); foreach (XmlNode n in value.ChildNodes) { if (n is XmlWhitespace) { continue; } switch (n.LocalName) { case XmlEncryption.ElementNames.Transforms: foreach (XmlNode xn in ((XmlElement)n).GetElementsByTagName(XmlSignature.ElementNames.Transform, XmlSignature.NamespaceURI)) { Transform t = null; switch (((XmlElement)xn).Attributes [XmlSignature.AttributeNames.Algorithm].Value) { case XmlSignature.AlgorithmNamespaces.XmlDsigBase64Transform: t = new XmlDsigBase64Transform(); break; case XmlSignature.AlgorithmNamespaces.XmlDsigC14NTransform: t = new XmlDsigC14NTransform(); break; case XmlSignature.AlgorithmNamespaces.XmlDsigC14NWithCommentsTransform: t = new XmlDsigC14NWithCommentsTransform(); break; case XmlSignature.AlgorithmNamespaces.XmlDsigEnvelopedSignatureTransform: t = new XmlDsigEnvelopedSignatureTransform(); break; case XmlSignature.AlgorithmNamespaces.XmlDsigXPathTransform: t = new XmlDsigXPathTransform(); break; case XmlSignature.AlgorithmNamespaces.XmlDsigXsltTransform: t = new XmlDsigXsltTransform(); break; #if NET_2_0 case XmlSignature.AlgorithmNamespaces.XmlDsigExcC14NTransform: t = new XmlDsigExcC14NTransform(); break; case XmlSignature.AlgorithmNamespaces.XmlDsigExcC14NWithCommentsTransform: t = new XmlDsigExcC14NWithCommentsTransform(); break; case XmlSignature.AlgorithmNamespaces.XmlDecryptionTransform: t = new XmlDecryptionTransform(); break; #endif default: continue; } t.LoadInnerXml(((XmlElement)xn).ChildNodes); TransformChain.Add(t); } break; } } if (value.HasAttribute(XmlEncryption.AttributeNames.URI)) { Uri = value.Attributes [XmlEncryption.AttributeNames.URI].Value; } } }
public virtual void LoadXml (XmlElement value) { if (value == null) throw new ArgumentNullException ("value"); else { Uri = null; TransformChain = new TransformChain (); foreach (XmlNode n in value.ChildNodes) { if (n is XmlWhitespace) continue; switch (n.LocalName) { case XmlEncryption.ElementNames.Transforms: foreach (XmlNode xn in ((XmlElement) n).GetElementsByTagName (XmlSignature.ElementNames.Transform, XmlSignature.NamespaceURI)) { Transform t = null; switch (((XmlElement) xn).Attributes [XmlSignature.AttributeNames.Algorithm].Value) { case XmlSignature.AlgorithmNamespaces.XmlDsigBase64Transform: t = new XmlDsigBase64Transform (); break; case XmlSignature.AlgorithmNamespaces.XmlDsigC14NTransform: t = new XmlDsigC14NTransform (); break; case XmlSignature.AlgorithmNamespaces.XmlDsigC14NWithCommentsTransform: t = new XmlDsigC14NWithCommentsTransform (); break; case XmlSignature.AlgorithmNamespaces.XmlDsigEnvelopedSignatureTransform: t = new XmlDsigEnvelopedSignatureTransform (); break; case XmlSignature.AlgorithmNamespaces.XmlDsigXPathTransform: t = new XmlDsigXPathTransform (); break; case XmlSignature.AlgorithmNamespaces.XmlDsigXsltTransform: t = new XmlDsigXsltTransform (); break; case XmlSignature.AlgorithmNamespaces.XmlDsigExcC14NTransform: t = new XmlDsigExcC14NTransform (); break; case XmlSignature.AlgorithmNamespaces.XmlDsigExcC14NWithCommentsTransform: t = new XmlDsigExcC14NWithCommentsTransform (); break; case XmlSignature.AlgorithmNamespaces.XmlDecryptionTransform: t = new XmlDecryptionTransform (); break; default: continue; } t.LoadInnerXml (((XmlElement) xn).ChildNodes); TransformChain.Add (t); } break; } } if (value.HasAttribute (XmlEncryption.AttributeNames.URI)) Uri = value.Attributes [XmlEncryption.AttributeNames.URI].Value; } }
/// <summary> /// Signs the specified xml document with the certificate found in /// the local machine matching the provided friendly name and /// referring to the specified target reference ID. /// </summary> /// <param name="certFriendlyName"> /// Friendly Name of the X509Certificate to be retrieved /// from the LocalMachine keystore and used to sign the xml document. /// Be sure to have appropriate permissions set on the keystore. /// </param> /// <param name="xmlDoc"> /// XML document to be signed. /// </param> /// <param name="targetReferenceId"> /// Reference element that will be specified as signed. /// </param> /// <param name="includePublicKey"> /// Flag to determine whether to include the public key in the /// signed xml. /// </param> /// <param name="serviceProviderInstance"> /// ServiceProvider instance for retreaving Signature transform /// and canonicalization method /// </param> public static void SignXml(string certFriendlyName, IXPathNavigable xmlDoc, string targetReferenceId, bool includePublicKey, ServiceProvider serviceProviderInstance) { if (string.IsNullOrEmpty(certFriendlyName)) { throw new Saml2Exception(Resources.SignedXmlInvalidCertFriendlyName); } if (xmlDoc == null) { throw new Saml2Exception(Resources.SignedXmlInvalidXml); } if (string.IsNullOrEmpty(targetReferenceId)) { throw new Saml2Exception(Resources.SignedXmlInvalidTargetRefId); } X509Certificate2 cert = FedletCertificateFactory.GetCertificateByFriendlyName(certFriendlyName); if (cert == null) { throw new Saml2Exception(Resources.SignedXmlCertNotFound); } XmlDocument xml = (XmlDocument)xmlDoc; SignedXml signedXml = new SignedXml(xml); signedXml.SigningKey = cert.PrivateKey; if (includePublicKey) { KeyInfo keyInfo = new KeyInfo(); keyInfo.AddClause(new KeyInfoX509Data(cert)); signedXml.KeyInfo = keyInfo; } Reference reference = new Reference(); reference.Uri = "#" + targetReferenceId; //Read the transform type and canonicalization method from sp-extended.xml string transformType = serviceProviderInstance.SignatureTransformMethod; string canonicalizationMethodType = serviceProviderInstance.CanonicalizationMethod; Transform sigTransform; //Implement the gathered data switch(transformType){ case "XmlDsigExcC14NTransform": sigTransform = new XmlDsigExcC14NTransform(); break; case "XmlDsigExcC14NWithCommentsTransform": sigTransform = new XmlDsigExcC14NWithCommentsTransform(); break; default: sigTransform = new XmlDsigEnvelopedSignatureTransform(); break; } if (canonicalizationMethodType != null && (canonicalizationMethodType == SignedXml.XmlDsigExcC14NTransformUrl || canonicalizationMethodType == SignedXml.XmlDsigExcC14NWithCommentsTransformUrl)) { signedXml.Signature.SignedInfo.CanonicalizationMethod = canonicalizationMethodType; } reference.AddTransform(sigTransform); signedXml.AddReference(reference); signedXml.ComputeSignature(); XmlElement xmlSignature = signedXml.GetXml(); XmlNamespaceManager nsMgr = new XmlNamespaceManager(xml.NameTable); nsMgr.AddNamespace("ds", SignedXml.XmlDsigNamespaceUrl); nsMgr.AddNamespace("saml", Saml2Constants.NamespaceSamlAssertion); nsMgr.AddNamespace("samlp", Saml2Constants.NamespaceSamlProtocol); XmlNode issuerNode = xml.DocumentElement.SelectSingleNode("saml:Issuer", nsMgr); if (issuerNode != null) { xml.DocumentElement.InsertAfter(xmlSignature, issuerNode); } else { // Insert as a child to the target reference id XmlNode targetNode = xml.DocumentElement.SelectSingleNode("//*[@ID='" + targetReferenceId + "']", nsMgr); targetNode.PrependChild(xmlSignature); } }