|
//------------------------------------------------------------
// Copyright (c) Microsoft Corporation. All rights reserved.
//------------------------------------------------------------
namespace System.IdentityModel
{
using System.Xml;
using System.Security.Cryptography;
sealed class EnvelopedSignatureTransform : Transform
{
string prefix = XmlSignatureStrings.Prefix;
public EnvelopedSignatureTransform()
{
}
public override string Algorithm
{
get { return XD.XmlSignatureDictionary.EnvelopedSignature.Value; }
}
public override object Process(object input, SignatureResourcePool resourcePool, DictionaryManager dictionaryManager)
{
XmlTokenStream tokenStream = input as XmlTokenStream;
if (tokenStream != null)
{
tokenStream.SetElementExclusion(XmlSignatureStrings.Signature, XmlSignatureStrings.Namespace);
return tokenStream;
}
WrappedReader reader = input as WrappedReader;
if ( reader != null )
{
// The Enveloped Signature Transform is supposed to remove the
// Signature which encloses the transform element. Previous versions
// of this code stripped out all Signature elements at any depth,
// which did not allow nested signed structures. By specifying '1'
// as the depth, we narrow our range of support so that we require
// that the enveloped signature be a direct child of the element
// being signed.
reader.XmlTokens.SetElementExclusion( XmlSignatureConstants.Elements.Signature, XmlSignatureConstants.Namespace, 1 );
return reader;
}
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.UnsupportedInputTypeForTransform, input.GetType())));
}
// this transform is not allowed as the last one in a chain
public override byte[] ProcessAndDigest(object input, SignatureResourcePool resourcePool, string digestAlgorithm, DictionaryManager dictionaryManager)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new NotSupportedException(SR.GetString(SR.UnsupportedLastTransform)));
}
public override void ReadFrom(XmlDictionaryReader reader, DictionaryManager dictionaryManager, bool preserveComments)
{
reader.MoveToContent();
string algorithm = XmlHelper.ReadEmptyElementAndRequiredAttribute(reader,
dictionaryManager.XmlSignatureDictionary.Transform, dictionaryManager.XmlSignatureDictionary.Namespace, dictionaryManager.XmlSignatureDictionary.Algorithm, out this.prefix);
if (algorithm != this.Algorithm)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new CryptographicException(SR.GetString(SR.AlgorithmMismatchForTransform)));
}
}
public override void WriteTo(XmlDictionaryWriter writer, DictionaryManager dictionaryManager)
{
writer.WriteStartElement(this.prefix, dictionaryManager.XmlSignatureDictionary.Transform, dictionaryManager.XmlSignatureDictionary.Namespace);
writer.WriteAttributeString(dictionaryManager.XmlSignatureDictionary.Algorithm, null, this.Algorithm);
writer.WriteEndElement(); // Transform
}
}
}
|