Welcome to mirror list, hosted at ThFree Co, Russian Federation.

github.com/mono/corefx.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorKrzysztof Wicher <kwicher@microsoft.com>2017-04-21 00:00:17 +0300
committerKrzysztof Wicher <kwicher@microsoft.com>2017-04-21 00:00:17 +0300
commitc70ee2b67879452eb83d140fe55121f392c0e63f (patch)
tree69be48b367354ec015778319c0c88306197826f1 /src
parent1db7e65928e73b9848f2e8ca7d6ee9c7eef4bc3e (diff)
update DigestMethod to SHA256
Diffstat (limited to 'src')
-rw-r--r--src/System.Security.Cryptography.Xml/src/System/Security/Cryptography/Xml/Reference.cs8
-rw-r--r--src/System.Security.Cryptography.Xml/src/System/Security/Cryptography/Xml/SignedXml.cs2
-rw-r--r--src/System.Security.Cryptography.Xml/tests/ReferenceTest.cs5
-rw-r--r--src/System.Security.Cryptography.Xml/tests/SignedXmlTest.cs50
4 files changed, 58 insertions, 7 deletions
diff --git a/src/System.Security.Cryptography.Xml/src/System/Security/Cryptography/Xml/Reference.cs b/src/System.Security.Cryptography.Xml/src/System/Security/Cryptography/Xml/Reference.cs
index 1b4146202d..3dd70c1f5f 100644
--- a/src/System.Security.Cryptography.Xml/src/System/Security/Cryptography/Xml/Reference.cs
+++ b/src/System.Security.Cryptography.Xml/src/System/Security/Cryptography/Xml/Reference.cs
@@ -38,7 +38,7 @@ namespace System.Security.Cryptography.Xml
_refTarget = null;
_refTargetType = ReferenceTargetType.UriReference;
_cachedXml = null;
- _digestMethod = SignedXml.XmlDsigSHA1Url;
+ _digestMethod = SignedXml.XmlDsigSHA256Url;
}
public Reference(Stream stream)
@@ -47,7 +47,7 @@ namespace System.Security.Cryptography.Xml
_refTarget = stream;
_refTargetType = ReferenceTargetType.Stream;
_cachedXml = null;
- _digestMethod = SignedXml.XmlDsigSHA1Url;
+ _digestMethod = SignedXml.XmlDsigSHA256Url;
}
public Reference(string uri)
@@ -57,7 +57,7 @@ namespace System.Security.Cryptography.Xml
_uri = uri;
_refTargetType = ReferenceTargetType.UriReference;
_cachedXml = null;
- _digestMethod = SignedXml.XmlDsigSHA1Url;
+ _digestMethod = SignedXml.XmlDsigSHA256Url;
}
internal Reference(XmlElement element)
@@ -66,7 +66,7 @@ namespace System.Security.Cryptography.Xml
_refTarget = element;
_refTargetType = ReferenceTargetType.XmlElement;
_cachedXml = null;
- _digestMethod = SignedXml.XmlDsigSHA1Url;
+ _digestMethod = SignedXml.XmlDsigSHA256Url;
}
//
diff --git a/src/System.Security.Cryptography.Xml/src/System/Security/Cryptography/Xml/SignedXml.cs b/src/System.Security.Cryptography.Xml/src/System/Security/Cryptography/Xml/SignedXml.cs
index 9c743bb092..37e5576117 100644
--- a/src/System.Security.Cryptography.Xml/src/System/Security/Cryptography/Xml/SignedXml.cs
+++ b/src/System.Security.Cryptography.Xml/src/System/Security/Cryptography/Xml/SignedXml.cs
@@ -911,7 +911,7 @@ namespace System.Security.Cryptography.Xml
{
// If no DigestMethod has yet been set, default it to sha1
if (reference.DigestMethod == null)
- reference.DigestMethod = XmlDsigSHA1Url;
+ reference.DigestMethod = XmlDsigSHA256Url;
SignedXmlDebugLog.LogSigningReference(this, reference);
diff --git a/src/System.Security.Cryptography.Xml/tests/ReferenceTest.cs b/src/System.Security.Cryptography.Xml/tests/ReferenceTest.cs
index e1fafbc5b9..006e4bd3bd 100644
--- a/src/System.Security.Cryptography.Xml/tests/ReferenceTest.cs
+++ b/src/System.Security.Cryptography.Xml/tests/ReferenceTest.cs
@@ -43,7 +43,7 @@ namespace System.Security.Cryptography.Xml.Tests
public void Ctor_Uri(string uri)
{
Reference reference = new Reference(uri);
- Assert.Equal("http://www.w3.org/2000/09/xmldsig#sha1", reference.DigestMethod);
+ Assert.Equal("http://www.w3.org/2001/04/xmlenc#sha256", reference.DigestMethod);
Assert.Null(reference.DigestValue);
Assert.Null(reference.Id);
Assert.Null(reference.Type);
@@ -61,7 +61,7 @@ namespace System.Security.Cryptography.Xml.Tests
using (MemoryStream memoryStream = data != null ? new MemoryStream(Encoding.UTF8.GetBytes(data)) : null)
{
Reference reference = new Reference(memoryStream);
- Assert.Equal("http://www.w3.org/2000/09/xmldsig#sha1", reference.DigestMethod);
+ Assert.Equal("http://www.w3.org/2001/04/xmlenc#sha256", reference.DigestMethod);
Assert.Null(reference.DigestValue);
Assert.Null(reference.Id);
Assert.Null(reference.Type);
@@ -187,6 +187,7 @@ namespace System.Security.Cryptography.Xml.Tests
Reference reference = new Reference();
// adding an empty hash value
byte[] hash = new byte[20];
+ reference.DigestMethod = SignedXml.XmlDsigSHA1Url;
reference.DigestValue = hash;
XmlElement xel = reference.GetXml();
// this is the minimal Reference (DigestValue)!
diff --git a/src/System.Security.Cryptography.Xml/tests/SignedXmlTest.cs b/src/System.Security.Cryptography.Xml/tests/SignedXmlTest.cs
index d04ad9cdf5..e6b9f5b4b3 100644
--- a/src/System.Security.Cryptography.Xml/tests/SignedXmlTest.cs
+++ b/src/System.Security.Cryptography.Xml/tests/SignedXmlTest.cs
@@ -15,6 +15,7 @@ using System.IO;
using System.Security.Cryptography.X509Certificates;
using System.Text;
using System.Xml;
+using System.Xml.XPath;
using Xunit;
namespace System.Security.Cryptography.Xml.Tests
@@ -660,6 +661,7 @@ namespace System.Security.Cryptography.Xml.Tests
signedXml.SignedInfo.CanonicalizationMethod = SignedXml.XmlDsigExcC14NTransformUrl;
Reference reference = new Reference();
+ reference.DigestMethod = SignedXml.XmlDsigSHA1Url;
reference.Uri = "";
XmlDsigEnvelopedSignatureTransform env = new XmlDsigEnvelopedSignatureTransform();
@@ -717,6 +719,7 @@ namespace System.Security.Cryptography.Xml.Tests
signedXml.SignedInfo.CanonicalizationMethod = SignedXml.XmlDsigExcC14NTransformUrl;
Reference reference = new Reference();
+ reference.DigestMethod = SignedXml.XmlDsigSHA1Url;
reference.Uri = "";
XmlDsigEnvelopedSignatureTransform env = new XmlDsigEnvelopedSignatureTransform();
@@ -956,6 +959,7 @@ namespace System.Security.Cryptography.Xml.Tests
signedXml.SignedInfo.CanonicalizationMethod = canonicalizationMethod;
Reference reference = new Reference();
+ reference.DigestMethod = SignedXml.XmlDsigSHA1Url;
reference.Uri = "";
XmlDsigEnvelopedSignatureTransform env = new XmlDsigEnvelopedSignatureTransform();
@@ -1543,5 +1547,51 @@ namespace System.Security.Cryptography.Xml.Tests
SignedXml sign = GetSignedXml(xml);
Assert.Throws<FormatException>(() => sign.CheckSignature(new HMACSHA1(Encoding.ASCII.GetBytes("no clue"))));
}
+
+ [Fact]
+ public void SignedXmlUsesSha256ByDefault()
+ {
+ const string expectedSignatureMethod = "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256";
+ const string expectedDigestMethod = "http://www.w3.org/2001/04/xmlenc#sha256";
+
+ const string xml = @"<?xml version=""1.0""?>
+<example>
+<test>some text node</test>
+</example>";
+
+ var doc = new XmlDocument();
+ doc.PreserveWhitespace = true;
+ doc.LoadXml(xml);
+
+ using (RSA key = RSA.Create())
+ {
+ var sxml = new SignedXml(doc)
+ {
+ SigningKey = key
+ };
+
+ Assert.Null(sxml.SignedInfo.SignatureMethod);
+
+ var reference = new Reference();
+ Assert.Equal(expectedDigestMethod, reference.DigestMethod);
+
+ reference.Uri = "";
+ reference.AddTransform(new XmlDsigEnvelopedSignatureTransform());
+ sxml.AddReference(reference);
+ sxml.ComputeSignature();
+
+ XmlElement dsig = sxml.GetXml();
+ XPathNavigator xp = dsig.CreateNavigator();
+
+ XmlNamespaceManager nsMgr = new XmlNamespaceManager(xp.NameTable);
+ nsMgr.AddNamespace("ds", "http://www.w3.org/2000/09/xmldsig#");
+
+ Assert.Equal(expectedSignatureMethod,
+ xp.SelectSingleNode("/ds:SignedInfo/ds:SignatureMethod/@Algorithm", nsMgr)?.Value);
+
+ Assert.Equal(expectedDigestMethod,
+ xp.SelectSingleNode("/ds:SignedInfo/ds:Reference/ds:DigestMethod/@Algorithm", nsMgr)?.Value);
+ }
+ }
}
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-22 10:28:40 +0300