protected override ISignatureValueSecurityElement CreateSupportingSignature(SecurityToken token, SecurityKeyIdentifier identifier, ISecurityElement elementToSign)
{
string str;
XmlDictionaryString str2;
SecurityKey key;
SecurityAlgorithmSuite algorithmSuite = base.AlgorithmSuite;
algorithmSuite.GetSignatureAlgorithmAndKey(token, out str, out key, out str2);
SignedXml xml = new SignedXml(ServiceModelDictionaryManager.Instance, base.StandardsManager.SecurityTokenSerializer);
SignedInfo signedInfo = xml.Signature.SignedInfo;
signedInfo.CanonicalizationMethod = algorithmSuite.DefaultCanonicalizationAlgorithm;
signedInfo.CanonicalizationMethodDictionaryString = algorithmSuite.DefaultCanonicalizationAlgorithmDictionaryString;
signedInfo.SignatureMethod = str;
signedInfo.SignatureMethodDictionaryString = str2;
if (elementToSign.Id == null)
{
throw System.ServiceModel.DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(System.ServiceModel.SR.GetString("ElementToSignMustHaveId")));
}
Reference reference = new Reference(ServiceModelDictionaryManager.Instance, "#" + elementToSign.Id, elementToSign)
{
DigestMethod = algorithmSuite.DefaultDigestAlgorithm,
DigestMethodDictionaryString = algorithmSuite.DefaultDigestAlgorithmDictionaryString
};
reference.AddTransform(new ExclusiveCanonicalizationTransform());
((StandardSignedInfo)signedInfo).AddReference(reference);
xml.ComputeSignature(key);
if (identifier != null)
{
xml.Signature.KeyIdentifier = identifier;
}
return(xml);
}
protected override void StartPrimarySignatureCore(SecurityToken token, SecurityKeyIdentifier keyIdentifier, MessagePartSpecification signatureParts, bool generateTargettableSignature)
{
string str3;
XmlDictionaryString str4;
SecurityAlgorithmSuite algorithmSuite = base.AlgorithmSuite;
string defaultCanonicalizationAlgorithm = algorithmSuite.DefaultCanonicalizationAlgorithm;
XmlDictionaryString defaultCanonicalizationAlgorithmDictionaryString = algorithmSuite.DefaultCanonicalizationAlgorithmDictionaryString;
if (defaultCanonicalizationAlgorithm != "http://www.w3.org/2001/10/xml-exc-c14n#")
{
throw System.ServiceModel.DiagnosticUtility.ExceptionUtility.ThrowHelperError(new MessageSecurityException(System.ServiceModel.SR.GetString("UnsupportedCanonicalizationAlgorithm", new object[] { algorithmSuite.DefaultCanonicalizationAlgorithm })));
}
algorithmSuite.GetSignatureAlgorithmAndKey(token, out str3, out this.signatureKey, out str4);
string defaultDigestAlgorithm = algorithmSuite.DefaultDigestAlgorithm;
XmlDictionaryString defaultDigestAlgorithmDictionaryString = algorithmSuite.DefaultDigestAlgorithmDictionaryString;
this.signedInfo = new PreDigestedSignedInfo(ServiceModelDictionaryManager.Instance, defaultCanonicalizationAlgorithm, defaultCanonicalizationAlgorithmDictionaryString, defaultDigestAlgorithm, defaultDigestAlgorithmDictionaryString, str3, str4);
this.signedXml = new SignedXml(this.signedInfo, ServiceModelDictionaryManager.Instance, base.StandardsManager.SecurityTokenSerializer);
if (keyIdentifier != null)
{
this.signedXml.Signature.KeyIdentifier = keyIdentifier;
}
if (generateTargettableSignature)
{
this.signedXml.Id = base.GenerateId();
}
this.effectiveSignatureParts = signatureParts;
this.hashStream = this.signedInfo.ResourcePool.TakeHashStream(defaultDigestAlgorithm);
}
protected override void StartPrimarySignatureCore(SecurityToken token,
SecurityKeyIdentifier keyIdentifier,
MessagePartSpecification signatureParts,
bool generateTargettableSignature)
{
SecurityAlgorithmSuite suite = this.AlgorithmSuite;
string canonicalizationAlgorithm = suite.DefaultCanonicalizationAlgorithm;
XmlDictionaryString canonicalizationAlgorithmDictionaryString = suite.DefaultCanonicalizationAlgorithmDictionaryString;
if (canonicalizationAlgorithm != SecurityAlgorithms.ExclusiveC14n)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(
new MessageSecurityException(SR.GetString(SR.UnsupportedCanonicalizationAlgorithm, suite.DefaultCanonicalizationAlgorithm)));
}
string signatureAlgorithm;
XmlDictionaryString signatureAlgorithmDictionaryString;
suite.GetSignatureAlgorithmAndKey(token, out signatureAlgorithm, out this.signatureKey, out signatureAlgorithmDictionaryString);
string digestAlgorithm = suite.DefaultDigestAlgorithm;
XmlDictionaryString digestAlgorithmDictionaryString = suite.DefaultDigestAlgorithmDictionaryString;
this.signedInfo = new PreDigestedSignedInfo(ServiceModelDictionaryManager.Instance, canonicalizationAlgorithm, canonicalizationAlgorithmDictionaryString, digestAlgorithm, digestAlgorithmDictionaryString, signatureAlgorithm, signatureAlgorithmDictionaryString);
this.signedXml = new SignedXml(this.signedInfo, ServiceModelDictionaryManager.Instance, this.StandardsManager.SecurityTokenSerializer);
if (keyIdentifier != null)
{
this.signedXml.Signature.KeyIdentifier = keyIdentifier;
}
if (generateTargettableSignature)
{
this.signedXml.Id = GenerateId();
}
this.effectiveSignatureParts = signatureParts;
this.hashStream = this.signedInfo.ResourcePool.TakeHashStream(digestAlgorithm);
}
protected override void StartPrimarySignatureCore(SecurityToken token,
SecurityKeyIdentifier keyIdentifier,
MessagePartSpecification signatureParts,
bool generateTargettableSignature)
{
SecurityAlgorithmSuite suite = AlgorithmSuite;
string canonicalizationAlgorithm = suite.DefaultCanonicalizationAlgorithm;
if (canonicalizationAlgorithm != SecurityAlgorithms.ExclusiveC14n)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(
new MessageSecurityException(SR.Format(SR.UnsupportedCanonicalizationAlgorithm, suite.DefaultCanonicalizationAlgorithm)));
}
string signatureAlgorithm;
XmlDictionaryString signatureAlgorithmDictionaryString;
SecurityKey signatureKey;
suite.GetSignatureAlgorithmAndKey(token, out signatureAlgorithm, out signatureKey, out signatureAlgorithmDictionaryString);
AsymmetricAlgorithm asymmetricAlgorithm = null;
GetSigningAlgorithm(signatureKey, signatureAlgorithm, out _signingKey, out asymmetricAlgorithm);
_signedXml = new SignedXml();
_signedXml.SignedInfo.CanonicalizationMethod = canonicalizationAlgorithm;
_signedXml.SignedInfo.SignatureMethod = signatureAlgorithm;
_signedXml.SigningKey = asymmetricAlgorithm;
if (keyIdentifier != null)
{
var stream = new MemoryStream();
using (var xmlWriter = XmlDictionaryWriter.CreateTextWriter(stream, Encoding.UTF8, false))
{
StandardsManager.SecurityTokenSerializer.WriteKeyIdentifier(xmlWriter, keyIdentifier);
}
stream.Position = 0;
XmlDocument doc = new XmlDocument();
doc.Load(stream);
var keyInfo = new KeyInfo();
keyInfo.LoadXml(doc.DocumentElement);
_signedXml.KeyInfo = keyInfo;
}
if (generateTargettableSignature)
{
_signedXml.Signature.Id = GenerateId();
}
_effectiveSignatureParts = signatureParts;
}
