74 lines
3.5 KiB
C#
74 lines
3.5 KiB
C#
|
//------------------------------------------------------------
|
||
|
|
// Copyright (c) Microsoft Corporation. All rights reserved.
|
||
|
|
//------------------------------------------------------------
|
||
|
|
|
||
|
|
namespace System.IdentityModel
|
||
|
|
{
|
||
|
|
using System.Xml;
|
||
|
|
using System.Security.Cryptography;
|
||
|
|
|
||
|
|
sealed class EnvelopedSignatureTransform : Transform
|
||
|
|
{
|
||
|
|
string prefix = XmlSignatureStrings.Prefix;
|
||
|
|
|
||
|
|
public EnvelopedSignatureTransform()
|
||
|
|
{
|
||
|
|
}
|
||
|
|
|
||
|
|
public override string Algorithm
|
||
|
|
{
|
||
|
|
get { return XD.XmlSignatureDictionary.EnvelopedSignature.Value; }
|
||
|
|
}
|
||
|
|
|
||
|
|
public override object Process(object input, SignatureResourcePool resourcePool, DictionaryManager dictionaryManager)
|
||
|
|
{
|
||
|
|
XmlTokenStream tokenStream = input as XmlTokenStream;
|
||
|
|
if (tokenStream != null)
|
||
|
|
{
|
||
|
|
tokenStream.SetElementExclusion(XmlSignatureStrings.Signature, XmlSignatureStrings.Namespace);
|
||
|
|
return tokenStream;
|
||
|
|
}
|
||
|
|
|
||
|
|
WrappedReader reader = input as WrappedReader;
|
||
|
|
if ( reader != null )
|
||
|
|
{
|
||
|
|
// The Enveloped Signature Transform is supposed to remove the
|
||
|
|
// Signature which encloses the transform element. Previous versions
|
||
|
|
// of this code stripped out all Signature elements at any depth,
|
||
|
|
// which did not allow nested signed structures. By specifying '1'
|
||
|
|
// as the depth, we narrow our range of support so that we require
|
||
|
|
// that the enveloped signature be a direct child of the element
|
||
|
|
// being signed.
|
||
|
|
reader.XmlTokens.SetElementExclusion( XmlSignatureConstants.Elements.Signature, XmlSignatureConstants.Namespace, 1 );
|
||
|
|
return reader;
|
||
|
|
}
|
||
|
|
|
||
|
|
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.UnsupportedInputTypeForTransform, input.GetType())));
|
||
|
|
}
|
||
|
|
|
||
|
|
// this transform is not allowed as the last one in a chain
|
||
|
|
public override byte[] ProcessAndDigest(object input, SignatureResourcePool resourcePool, string digestAlgorithm, DictionaryManager dictionaryManager)
|
||
|
|
{
|
||
|
|
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.UnsupportedLastTransform)));
|
||
|
|
}
|
||
|
|
|
||
|
|
public override void ReadFrom(XmlDictionaryReader reader, DictionaryManager dictionaryManager, bool preserveComments)
|
||
|
|
{
|
||
|
|
reader.MoveToContent();
|
||
|
|
string algorithm = XmlHelper.ReadEmptyElementAndRequiredAttribute(reader,
|
||
|
|
dictionaryManager.XmlSignatureDictionary.Transform, dictionaryManager.XmlSignatureDictionary.Namespace, dictionaryManager.XmlSignatureDictionary.Algorithm, out this.prefix);
|
||
|
|
if (algorithm != this.Algorithm)
|
||
|
|
{
|
||
|
|
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new CryptographicException(SR.GetString(SR.AlgorithmMismatchForTransform)));
|
||
|
|
}
|
||
|
|
}
|
||
|
|
|
||
|
|
public override void WriteTo(XmlDictionaryWriter writer, DictionaryManager dictionaryManager)
|
||
|
|
{
|
||
|
|
writer.WriteStartElement(this.prefix, dictionaryManager.XmlSignatureDictionary.Transform, dictionaryManager.XmlSignatureDictionary.Namespace);
|
||
|
|
writer.WriteAttributeString(dictionaryManager.XmlSignatureDictionary.Algorithm, null, this.Algorithm);
|
||
|
|
writer.WriteEndElement(); // Transform
|
||
|
|
}
|
||
|
|
}
|
||
|
|
}
|