Code:
/ 4.0 / 4.0 / untmp / DEVDIV_TFS / Dev10 / Releases / RTMRel / wpf / src / Base / System / IO / Packaging / PackageDigitalSignature.cs / 1305600 / PackageDigitalSignature.cs
//------------------------------------------------------------------------------ // //// Copyright (C) Microsoft Corporation. All rights reserved. // // // Description: // This class represents a PackageDigitalSignature. It is immutable. // // History: // 03/22/2004: BruceMac: Initial Implementation // 01/21/2005: BruceMac: Update for DigSig Security Mitigation DCR // //----------------------------------------------------------------------------- using System; using System.Collections.Generic; using System.Windows; // For Exception strings - SRID using System.Text; // for StringBuilder using System.Diagnostics; // for Assert using System.Security; // for SecurityCritical using System.Security.Cryptography.Xml; // for Xml Signature classes using System.Security.Cryptography.X509Certificates; using System.Security.Cryptography; using MS.Internal.IO.Packaging; // helper classes Certificate, HashStream using System.Collections.ObjectModel; // for ReadOnlyCollection<> using MS.Internal.WindowsBase; namespace System.IO.Packaging { ////// VerifyResult /// public enum VerifyResult : int { ////// Verification succeeded /// Success, // signature valid ////// Signature was invalid (tampering detected) /// InvalidSignature, // hash incorrect ////// Certificate was not embedded in container and caller did not supply one /// CertificateRequired, // no certificate is embedded in container - caller must provide one ////// Certificate was invalid (perhaps expired?) /// InvalidCertificate, // certificate problem - verify does not fully verify cert ////// PackagePart was missing - signature invalid /// ReferenceNotFound, // signature failed because a part is missing ////// Package not signed /// NotSigned // no signatures were found } ////// PackageDigitalSignature /// public class PackageDigitalSignature { #region Public Members //----------------------------------------------------- // // Public Properties // //----------------------------------------------------- ////// Parts that are covered by this signature /// ///read only list ///Thrown if associated digital signature has been deleted. public ReadOnlyCollectionSignedParts { get { ThrowIfInvalidated(); // wrap in read-only collection to protect against alteration if (_signedParts == null) _signedParts = new ReadOnlyCollection (_processor.PartManifest); return _signedParts; } } /// /// Relationships that are covered by this signature /// ///read only list ///Thrown if associated digital signature has been deleted. public ReadOnlyCollectionSignedRelationshipSelectors { get { ThrowIfInvalidated(); // wrap in read-only collection to protect against alteration if (_signedRelationshipSelectors == null) _signedRelationshipSelectors = new ReadOnlyCollection (_processor.RelationshipManifest); return _signedRelationshipSelectors; } } /// /// The part that contains the actual signature - useful for counter-signing scenarios /// ///Thrown if associated digital signature has been deleted. public PackagePart SignaturePart { get { ThrowIfInvalidated(); return _processor.SignaturePart; } } ////// Certificate of signer embedded in container /// ///null if certificate was not embedded ///Thrown if associated digital signature has been deleted. public X509Certificate Signer { get { ThrowIfInvalidated(); return _processor.Signer; } } ////// Time signature was created - not a trusted TimeStamp /// ////// Thrown if associated digital signature has been deleted. public DateTime SigningTime { get { ThrowIfInvalidated(); return _processor.SigningTime; } } ////// Format of time returned by SigningTime (see PackageDigitalSignatureManager.TimeFormat for details) /// ///Thrown if associated digital signature has been deleted. public String TimeFormat { get { ThrowIfInvalidated(); return _processor.TimeFormat; } } ////// encrypted hash value /// ////// Thrown if associated digital signature has been deleted. public byte[] SignatureValue { get { ThrowIfInvalidated(); return _processor.SignatureValue; } } ////// Content Type of signature /// ///Thrown if associated digital signature has been deleted. public String SignatureType { get { ThrowIfInvalidated(); return XmlDigitalSignatureProcessor.ContentType.ToString(); } } ////// Type-specific signature object /// ////// Provides access to the underlying class that performs the signature type-specific cryptographic /// functions and serialization to/from the package part that houses the signature. /// ////// Returns an object of type System.Security.Cryptography.Xml.Signature. /// Future signature types will return objects of different classes. /// ///Thrown if associated digital signature has been deleted. public Signature Signature { get { ThrowIfInvalidated(); return _processor.Signature; } set { ThrowIfInvalidated(); if (value == null) throw new ArgumentNullException("value"); _processor.Signature = value; } } ////// Where is the certificate? /// ///Thrown if associated digital signature has been deleted. public CertificateEmbeddingOption CertificateEmbeddingOption { get { ThrowIfInvalidated(); if (GetCertificatePart() == null) { if (Signer == null) { return CertificateEmbeddingOption.NotEmbedded; } else { return CertificateEmbeddingOption.InSignaturePart; } } else { return CertificateEmbeddingOption.InCertificatePart; } } } //------------------------------------------------------ // // Public Methods // //----------------------------------------------------- ////// Returns ordered list of transforms applied to the given part /// ///Thrown if associated digital signature has been deleted. public ListGetPartTransformList(Uri partName) { ThrowIfInvalidated(); // no need to clone this for return as it's already a single-use collection return _processor.GetPartTransformList(partName); } /// /// Verify /// ///cannot use this overload with signatures created without embedding their certs ////// Thrown if associated digital signature has been deleted. public VerifyResult Verify() { ThrowIfInvalidated(); if (Signer == null) return VerifyResult.CertificateRequired; return Verify(Signer); } ////// Verify /// /// certificate used to create the signature ////// Use this overload when the certificate is not embedded in the container at signing time ///Thrown if associated digital signature has been deleted. ////// Critical: calls X509Certificate2 ctor which LinkDemands /// TreatAsSafe: X509Certificate2 is only used internally and not returned /// [SecurityCritical, SecurityTreatAsSafe] public VerifyResult Verify(X509Certificate signingCertificate) { ThrowIfInvalidated(); VerifyResult result = VerifyResult.NotSigned; if (signingCertificate == null) throw new ArgumentNullException("signingCertificate"); // Check for part existence foreach (Uri partUri in SignedParts) { // check if they exist if (!_manager.Package.PartExists(partUri)) { return VerifyResult.ReferenceNotFound; } } // convert to Ex variant that has more functionality X509Certificate2 certificate = signingCertificate as X509Certificate2; if (certificate == null) certificate = new X509Certificate2(signingCertificate.Handle); // verify if (_processor.Verify(certificate)) result = VerifyResult.Success; else result = VerifyResult.InvalidSignature; return result; } #endregion #region Internal Members //------------------------------------------------------ // // Internal Methods // //------------------------------------------------------ ////// Constructor for creating a new signature /// /// digital signature manager - to consult for hash, embedding and other options /// digital signature manager - to consult for hash, embedding and other options internal PackageDigitalSignature( PackageDigitalSignatureManager manager, XmlDigitalSignatureProcessor processor) { Debug.Assert(processor.PackageSignature == null, "Logic Error: one processor per-signature"); _manager = manager; _processor = processor; // _processor.PackageSignature = this; } ////// Constructor for use when opening an existing signature /// /// digital signature manager - to consult for hash, embedding and other options /// part that houses the signature internal PackageDigitalSignature( PackageDigitalSignatureManager manager, PackagePart signaturePart) { _manager = manager; _processor = new XmlDigitalSignatureProcessor(manager, signaturePart, this); } ////// This is called when the underlying signature is deleted - it prevents usage of the object /// internal void Invalidate() { _invalid = true; } //----------------------------------------------------- // // Internal Properties // //------------------------------------------------------ ////// Get certificate part - null if none /// internal CertificatePart GetCertificatePart() { // lazy init if (_certificatePart == null && !_alreadyLookedForCertPart) { PackageRelationshipCollection relationships = SignaturePart.GetRelationshipsByType( CertificatePart.RelationshipType); foreach (PackageRelationship relationship in relationships) { // don't resolve if external if (relationship.TargetMode != TargetMode.Internal) throw new FileFormatException(SR.Get(SRID.PackageSignatureCorruption)); Uri resolvedUri = PackUriHelper.ResolvePartUri(SignaturePart.Uri, relationship.TargetUri); // don't create if it doesn't exist if (!_manager.Package.PartExists(resolvedUri)) { continue; } // find the cert _certificatePart = new CertificatePart(_manager.Package, resolvedUri); break; } _alreadyLookedForCertPart = true; } return _certificatePart; } internal void SetCertificatePart(CertificatePart certificatePart) { Debug.Assert(certificatePart != null, "Logic Error: Not expecting setting certificate part to null on digital signature"); _certificatePart = certificatePart; } #endregion #region Private Methods //----------------------------------------------------- // // Private Methods // //----------------------------------------------------- ////// ThrowIfInvalidated - check on each access /// private void ThrowIfInvalidated() { if (_invalid) throw new InvalidOperationException(SR.Get(SRID.SignatureDeleted)); } #endregion Private Methods //----------------------------------------------------- // // Private Fields // //------------------------------------------------------ private PackageDigitalSignatureManager _manager; private XmlDigitalSignatureProcessor _processor; private CertificatePart _certificatePart; private ReadOnlyCollection_signedParts; private ReadOnlyCollection _signedRelationshipSelectors; private bool _alreadyLookedForCertPart; private bool _invalid; // have we been invalidated? } } // File provided for Reference Use Only by Microsoft Corporation (c) 2007. // Copyright (c) Microsoft Corporation. All rights reserved.
Link Menu

This book is available now!
Buy at Amazon US or
Buy at Amazon UK
- SimpleTypeResolver.cs
- LogExtent.cs
- HttpRequest.cs
- Win32Native.cs
- DropShadowBitmapEffect.cs
- ToolStripSeparatorRenderEventArgs.cs
- QilInvoke.cs
- FixedSOMFixedBlock.cs
- Triangle.cs
- BasicViewGenerator.cs
- Semaphore.cs
- PreProcessor.cs
- Util.cs
- SourceFileBuildProvider.cs
- Line.cs
- GridSplitter.cs
- DataGridViewCellStyleContentChangedEventArgs.cs
- WpfKnownTypeInvoker.cs
- TextContainerChangeEventArgs.cs
- NodeLabelEditEvent.cs
- XhtmlTextWriter.cs
- ImageButton.cs
- XhtmlBasicImageAdapter.cs
- DataGridViewRowsAddedEventArgs.cs
- _SSPIWrapper.cs
- HiddenFieldPageStatePersister.cs
- TdsValueSetter.cs
- MouseOverProperty.cs
- SignatureToken.cs
- CheckPair.cs
- AsmxEndpointPickerExtension.cs
- ToolbarAUtomationPeer.cs
- LinearKeyFrames.cs
- ButtonFlatAdapter.cs
- Suspend.cs
- WebPartDisplayModeCollection.cs
- DESCryptoServiceProvider.cs
- ConstNode.cs
- StyleBamlRecordReader.cs
- Sequence.cs
- NetworkInformationException.cs
- X509CertificateTrustedIssuerElement.cs
- MissingFieldException.cs
- MenuItem.cs
- LineUtil.cs
- EventDescriptor.cs
- BamlBinaryReader.cs
- IListConverters.cs
- FlagsAttribute.cs
- PropertyConverter.cs
- ElementInit.cs
- SiteMapNodeItem.cs
- PresentationSource.cs
- ProgressBarAutomationPeer.cs
- SqlDataSourceQueryEditor.cs
- TextDecoration.cs
- ProcessStartInfo.cs
- DocumentEventArgs.cs
- Button.cs
- VsPropertyGrid.cs
- WriteFileContext.cs
- SerializationSectionGroup.cs
- HtmlInputRadioButton.cs
- Vector3DKeyFrameCollection.cs
- HttpInputStream.cs
- ActivityExecutor.cs
- PasswordRecovery.cs
- RankException.cs
- EntityContainerEntitySet.cs
- FormViewPagerRow.cs
- X509ChainElement.cs
- IsolatedStorageFile.cs
- SqlTypesSchemaImporter.cs
- UIElementHelper.cs
- OleDbConnectionPoolGroupProviderInfo.cs
- DynamicValidator.cs
- MetadataItemSerializer.cs
- GridToolTip.cs
- HttpHandlerActionCollection.cs
- SecurityCapabilities.cs
- TimeZone.cs
- ValidationRule.cs
- XmlSchemas.cs
- DashStyles.cs
- DirtyTextRange.cs
- PropertyChangedEventManager.cs
- AspProxy.cs
- mediapermission.cs
- ChannelPool.cs
- PopOutPanel.cs
- DataContractSerializerSection.cs
- HtmlGenericControl.cs
- XmlSchemaSimpleType.cs
- XmlILOptimizerVisitor.cs
- DataRecordInfo.cs
- TextPointerBase.cs
- RootDesignerSerializerAttribute.cs
- ExtendedProperty.cs
- TextPatternIdentifiers.cs
- RadialGradientBrush.cs