albert/kreta
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
kreta/Kreta.EESZTInterface/STS/PrefixedSignedXML.cs
skidoodle e124a47765 init
2024-03-13 00:33:46 +01:00

320 lines
15 KiB
C#
Raw Permalink Blame History

using System;
using System.Collections;
using System.Reflection;
using System.Security.Cryptography;
using System.Security.Cryptography.Xml;
using System.Xml;
using Kreta.Resources;
namespace Kreta.EESZTInterface.STS
{
class PrefixedSignedXML : SignedXml
{
private string signatureValueId;
public PrefixedSignedXML(XmlDocument document)
: base(document)
{ }
public PrefixedSignedXML(XmlElement element)
: base(element)
{ }
public PrefixedSignedXML()
: base()
{ }
/// <summary>
/// Setting this property will add an ID attribute to the SignatureValue element.
/// This is required when constructing a XAdES-T signature.
/// </summary>
public string SignatureValueId
{
get
{
return this.signatureValueId;
}
set
{
this.signatureValueId = value;
}
}
public override XmlElement GetIdElement(XmlDocument doc, string id)
{
// check to see if it's a standard ID reference
XmlElement idElem = base.GetIdElement(doc, id);
if (idElem == null)
{
XmlNamespaceManager nsManager = new XmlNamespaceManager(doc.NameTable);
nsManager.AddNamespace("wsu", Namespaces.wsuNs);
idElem = doc.SelectSingleNode("//*[@wsu:Id=\"" + id + "\"]", nsManager) as XmlElement;
}
return idElem;
}
/// <summary>
/// Copy of System.Security.Cryptography.Xml.SignedXml.ComputeSignature() which will end up calling
/// our own GetC14NDigest with a namespace prefix for all XmlDsig nodes
/// </summary>
public new void ComputeSignature()
{
this.BuildDigestedReferences();
AsymmetricAlgorithm signingKey = this.SigningKey;
if (signingKey == null)
{
throw new CryptographicException(EESZTInterfaceResource.CryptographyXmlLoadKeyFailed);
}
if (this.SignedInfo.SignatureMethod == null)
{
if (!(signingKey is DSA))
{
if (!(signingKey is RSA))
{
throw new CryptographicException(EESZTInterfaceResource.CryptographyXmlCreatedKeyFailed);
}
if (this.SignedInfo.SignatureMethod == null)
{
this.SignedInfo.SignatureMethod = STSValues.signatureMethodRSAValue;
}
}
else
{
this.SignedInfo.SignatureMethod = STSValues.signatureMethodDSAValue;
}
}
SignatureDescription description = CryptoConfig.CreateFromName(this.SignedInfo.SignatureMethod) as SignatureDescription;
if (description == null)
{
throw new CryptographicException(EESZTInterfaceResource.CryptographyXmlSignatureDescriptionNotCreated);
}
HashAlgorithm hash = description.CreateDigest();
if (hash == null)
{
throw new CryptographicException(EESZTInterfaceResource.CryptographyXmlCreateHashAlgorithmFailed);
}
//this.GetC14NDigest(hash);
this.GetC14NDigest(hash, "ds");
//
this.m_signature.SignatureValue = description.CreateFormatter(signingKey).CreateSignature(hash);
}
/// <summary>
/// Returns the XML representation of the this object
/// </summary>
/// <returns>XML element containing the state of this object</returns>
public new XmlElement GetXml()
{
XmlElement retVal;
XmlNodeList xmlNodeList;
XmlNamespaceManager xmlNamespaceManager;
retVal = base.GetXml();
if (this.signatureValueId != null && this.signatureValueId != "")
{ //Id on Signature value is needed for XAdES-T. We inject it here.
xmlNamespaceManager = new XmlNamespaceManager(retVal.OwnerDocument.NameTable);
xmlNamespaceManager.AddNamespace("ds", SignedXml.XmlDsigNamespaceUrl);
xmlNodeList = retVal.SelectNodes("ds:SignatureValue", xmlNamespaceManager);
if (xmlNodeList.Count > 0)
{
((XmlElement)xmlNodeList[0]).SetAttribute("Id", this.signatureValueId);
}
}
// Add "ds" namespace prefix to all XmlDsig nodes in the signature
SetPrefix("ds", retVal);
return retVal;
}
/// <summary>
/// Copy of System.Security.Cryptography.Xml.SignedXml.BuildDigestedReferences() which will add a "ds"
/// namespace prefix to all XmlDsig nodes
/// </summary>
private void BuildDigestedReferences()
{
ArrayList references = this.SignedInfo.References;
//this.m_refProcessed = new bool[references.Count];
Type SignedXml_Type = typeof(SignedXml);
FieldInfo SignedXml_m_refProcessed = SignedXml_Type.GetField("m_refProcessed", BindingFlags.NonPublic | BindingFlags.Instance);
SignedXml_m_refProcessed.SetValue(this, new bool[references.Count]);
//
//this.m_refLevelCache = new int[references.Count];
FieldInfo SignedXml_m_refLevelCache = SignedXml_Type.GetField("m_refLevelCache", BindingFlags.NonPublic | BindingFlags.Instance);
SignedXml_m_refLevelCache.SetValue(this, new int[references.Count]);
//
//ReferenceLevelSortOrder comparer = new ReferenceLevelSortOrder();
Assembly System_Security_Assembly = Assembly.Load("System.Security, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a");
Type ReferenceLevelSortOrder_Type = System_Security_Assembly.GetType("System.Security.Cryptography.Xml.SignedXml+ReferenceLevelSortOrder");
ConstructorInfo ReferenceLevelSortOrder_Constructor = ReferenceLevelSortOrder_Type.GetConstructor(new Type[] { });
Object comparer = ReferenceLevelSortOrder_Constructor.Invoke(null);
//
//comparer.References = references;
PropertyInfo ReferenceLevelSortOrder_References = ReferenceLevelSortOrder_Type.GetProperty("References", BindingFlags.Public | BindingFlags.Instance);
ReferenceLevelSortOrder_References.SetValue(comparer, references, null);
//
ArrayList list2 = new ArrayList();
foreach (Reference reference in references)
{
list2.Add(reference);
}
list2.Sort((IComparer)comparer);
//CanonicalXmlNodeList refList = new CanonicalXmlNodeList();
Type CanonicalXmlNodeList_Type = System_Security_Assembly.GetType("System.Security.Cryptography.Xml.CanonicalXmlNodeList");
ConstructorInfo CanonicalXmlNodeList_Constructor = CanonicalXmlNodeList_Type.GetConstructor(BindingFlags.NonPublic | BindingFlags.Instance, null, new Type[] { }, null);
Object refList = CanonicalXmlNodeList_Constructor.Invoke(null);
//
//
MethodInfo CanonicalXmlNodeList_Add = CanonicalXmlNodeList_Type.GetMethod("Add", BindingFlags.Public | BindingFlags.Instance);
//
foreach (DataObject obj2 in this.m_signature.ObjectList)
{
//refList.Add(obj2.GetXml());
XmlElement xml = obj2.GetXml();
SetPrefix("ds", xml); // <---
CanonicalXmlNodeList_Add.Invoke(refList, new object[] { xml });
//
}
//
FieldInfo SignedXml_m_containingDocument = SignedXml_Type.GetField("m_containingDocument", BindingFlags.NonPublic | BindingFlags.Instance);
Type Reference_Type = typeof(Reference);
MethodInfo Reference_UpdateHashValue = Reference_Type.GetMethod("UpdateHashValue", BindingFlags.NonPublic | BindingFlags.Instance);
//
foreach (Reference reference2 in list2)
{
if (reference2.DigestMethod == null)
{
reference2.DigestMethod = STSValues.digestMethodSHA1Value;
}
//reference2.UpdateHashValue(this.m_containingDocument, refList);
object m_containingDocument = SignedXml_m_containingDocument.GetValue(this);
Reference_UpdateHashValue.Invoke(reference2, new object[] { m_containingDocument, refList });
//
if (reference2.Id != null)
{
//refList.Add(reference2.GetXml());
XmlElement xml = reference2.GetXml();
SetPrefix("ds", xml); // <---
CanonicalXmlNodeList_Add.Invoke(refList, new object[] { xml });
//
}
}
}
/// <summary>
/// Copy of System.Security.Cryptography.Xml.SignedXml.GetC14NDigest() which will add a
/// namespace prefix to all XmlDsig nodes
/// </summary>
private byte[] GetC14NDigest(HashAlgorithm hash, string prefix)
{
//if (!this.bCacheValid || !this.SignedInfo.CacheValid)
//{
Type SignedXml_Type = typeof(SignedXml);
FieldInfo SignedXml_bCacheValid = SignedXml_Type.GetField("bCacheValid", BindingFlags.NonPublic | BindingFlags.Instance);
bool bCacheValid = (bool)SignedXml_bCacheValid.GetValue(this);
Type SignedInfo_Type = typeof(SignedInfo);
PropertyInfo SignedInfo_CacheValid = SignedInfo_Type.GetProperty("CacheValid", BindingFlags.NonPublic | BindingFlags.Instance);
bool CacheValid = (bool)SignedInfo_CacheValid.GetValue(this.SignedInfo, null);
FieldInfo SignedXml__digestedSignedInfo = SignedXml_Type.GetField("_digestedSignedInfo", BindingFlags.NonPublic | BindingFlags.Instance);
if (!bCacheValid || !CacheValid)
{
//
//string securityUrl = (this.m_containingDocument == null) ? null : this.m_containingDocument.BaseURI;
FieldInfo SignedXml_m_containingDocument = SignedXml_Type.GetField("m_containingDocument", BindingFlags.NonPublic | BindingFlags.Instance);
XmlDocument m_containingDocument = (XmlDocument)SignedXml_m_containingDocument.GetValue(this);
string securityUrl = m_containingDocument?.BaseURI;
//
//XmlResolver xmlResolver = this.m_bResolverSet ? this.m_xmlResolver : new XmlSecureResolver(new XmlUrlResolver(), securityUrl);
FieldInfo SignedXml_m_bResolverSet = SignedXml_Type.GetField("m_bResolverSet", BindingFlags.NonPublic | BindingFlags.Instance);
bool m_bResolverSet = (bool)SignedXml_m_bResolverSet.GetValue(this);
FieldInfo SignedXml_m_xmlResolver = SignedXml_Type.GetField("m_xmlResolver", BindingFlags.NonPublic | BindingFlags.Instance);
XmlResolver m_xmlResolver = (XmlResolver)SignedXml_m_xmlResolver.GetValue(this);
XmlResolver xmlResolver = m_bResolverSet ? m_xmlResolver : new XmlSecureResolver(new XmlUrlResolver(), securityUrl);
//
//XmlDocument document = Utils.PreProcessElementInput(this.SignedInfo.GetXml(), xmlResolver, securityUrl);
Assembly System_Security_Assembly = Assembly.Load("System.Security, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a");
Type Utils_Type = System_Security_Assembly.GetType("System.Security.Cryptography.Xml.Utils");
MethodInfo Utils_PreProcessElementInput = Utils_Type.GetMethod("PreProcessElementInput", BindingFlags.NonPublic | BindingFlags.Static);
XmlElement xml = this.SignedInfo.GetXml();
SetPrefix(prefix, xml); // <---
XmlDocument document = (XmlDocument)Utils_PreProcessElementInput.Invoke(null, new object[] { xml, xmlResolver, securityUrl });
//
//CanonicalXmlNodeList namespaces = (this.m_context == null) ? null : Utils.GetPropagatedAttributes(this.m_context);
FieldInfo SignedXml_m_context = SignedXml_Type.GetField("m_context", BindingFlags.NonPublic | BindingFlags.Instance);
MethodInfo Utils_GetPropagatedAttributes = Utils_Type.GetMethod("GetPropagatedAttributes", BindingFlags.NonPublic | BindingFlags.Static);
object m_context = SignedXml_m_context.GetValue(this);
object namespaces = (m_context == null) ? null : Utils_GetPropagatedAttributes.Invoke(null, new object[] { m_context });
//
// Utils.AddNamespaces(document.DocumentElement, namespaces);
Type CanonicalXmlNodeList_Type = System_Security_Assembly.GetType("System.Security.Cryptography.Xml.CanonicalXmlNodeList");
MethodInfo Utils_AddNamespaces = Utils_Type.GetMethod("AddNamespaces", BindingFlags.NonPublic | BindingFlags.Static, null, new Type[] { typeof(XmlElement), CanonicalXmlNodeList_Type }, null);
Utils_AddNamespaces.Invoke(null, new object[] { document.DocumentElement, namespaces });
//
//Transform canonicalizationMethodObject = this.SignedInfo.CanonicalizationMethodObject;
System.Security.Cryptography.Xml.Transform canonicalizationMethodObject = this.SignedInfo.CanonicalizationMethodObject;
//
canonicalizationMethodObject.Resolver = xmlResolver;
//canonicalizationMethodObject.BaseURI = securityUrl;
Type Transform_Type = typeof(System.Security.Cryptography.Xml.Transform);
PropertyInfo Transform_BaseURI = Transform_Type.GetProperty("BaseURI", BindingFlags.NonPublic | BindingFlags.Instance);
Transform_BaseURI.SetValue(canonicalizationMethodObject, securityUrl, null);
//
canonicalizationMethodObject.LoadInput(document);
//this._digestedSignedInfo = canonicalizationMethodObject.GetDigestedOutput(hash);
SignedXml__digestedSignedInfo.SetValue(this, canonicalizationMethodObject.GetDigestedOutput(hash));
//
//this.bCacheValid = true;
SignedXml_bCacheValid.SetValue(this, true);
//
}
//return this._digestedSignedInfo;
byte[] _digestedSignedInfo = (byte[])SignedXml__digestedSignedInfo.GetValue(this);
return _digestedSignedInfo;
//
}
private void SetPrefix(string prefix, XmlNode node)
{
foreach (XmlNode n in node.ChildNodes)
SetPrefix(prefix, n);
if (node.NamespaceURI == Namespaces.dsNs)
{
node.Prefix = prefix;
}
else if (node.NamespaceURI == Namespaces.c14nNs)
{
node.Prefix = "ec";
}
}
}
}
Reference in a new issue View git blame Copy permalink