System.Security.Cryptography.Xml

This exception helps catch the signed XML recursion limit error. This is being caught in the SignedXml class while computing the hash. ComputeHash can throw different kind of exceptions. This unique exception helps catch the recursion limit issue.

Create an XML representation.

Based upon https://www.w3.org/TR/xmldsig-core/#sec-DSAKeyValue. An containing the XML representation.

Deserialize from the XML representation.

Based upon https://www.w3.org/TR/xmldsig-core/#sec-DSAKeyValue. An containing the XML representation. This cannot be null. cannot be null. The XML has the incorrect schema or the DSA parameters are invalid.

This method validates the _xmlDsigSearchDepthCounter counter if the counter is over the limit defined by admin or developer.

returns true if the limit has reached otherwise false

Gets / Sets the max limit for recursive search of encryption key in signed XML

Create an XML representation.

Based upon https://www.w3.org/TR/xmldsig-core/#sec-RSAKeyValue. An containing the XML representation.

Deserialize from the XML representation.

Based upon https://www.w3.org/TR/xmldsig-core/#sec-RSAKeyValue. An containing the XML representation. This cannot be null. cannot be null. The XML has the incorrect schema or the RSA parameters are invalid.

Trace support for debugging issues signing and verifying XML signatures.

Types of events that are logged to the debug log

Canonicalization of input XML has begun

Verification of the signature format itself is beginning

Verification of a signed info is beginning

Signing is beginning

Signature verification is beginning

Input data has been transformed to its canonicalized form

The result of signature format validation

Namespaces are being propigated into the signature

Output from a Reference

The result of a signature verification

Calculating the final signature

A reference is being hashed

A signature has failed to verify

Verify that a reference has the correct hash value

Verification is processing the SignedInfo section of the signature

Verification status on the x.509 certificate in use

The signature is being rejected by the signature format verifier due to having a canonicalization algorithm which is not on the known valid list.

The signature is being rejected by the signature verifier due to having a transform algorithm which is not on the known valid list.

Check to see if logging should be done in this process

Check to see if verbose log messages should be generated

Convert the byte array into a hex string

Map a key to a string describing the key

Map an object to a string describing the object

Map an OID to the friendliest name possible

Log that canonicalization has begun on input data

SignedXml object doing the signing or verification transform canonicalizing the input

Log that we're going to be validating the signature format itself

SignedXml object doing the verification Callback delegate which is being used for format verification

Log that checking SignedInfo is beginning

SignedXml object doing the verification SignedInfo object being verified

Log that signature computation is beginning

SignedXml object doing the signing Context of the signature

Log that signature verification is beginning

SignedXml object doing the verification Context of the verification

Log the canonicalized data

SignedXml object doing the signing or verification transform canonicalizing the input

Log that the signature format callback has rejected the signature

SignedXml object doing the signature verification result of the signature format verification

Log that a signature is being rejected as having an invalid format due to its canonicalization algorithm not being on the valid list.

SignedXml object doing the signature verification Canonicalization algorithm List of valid canonicalization algorithms

Log that a signature is being rejected as having an invalid signature due to a transform algorithm not being on the valid list.

SignedXml object doing the signature verification Transform algorithm that was not allowed The valid C14N algorithms The valid C14N algorithms

Log namespaces which are being propagated into the signature

SignedXml doing the signing or verification namespaces being propagated

Log the output of a reference

The reference being processed Stream containing the output of the reference Stream containing the output of the reference

Log the computation of a signature value when signing with an asymmetric algorithm

SignedXml object calculating the signature key used for signing signature description being used to create the signature hash algorithm used to digest the output signature formatter used to do the signing

Log the computation of a signature value when signing with a keyed hash algorithm

SignedXml object calculating the signature key the signature is created with

Log the calculation of a hash value of a reference

SignedXml object driving the signature Reference being hashed

Log the specific point where a signature is determined to not be verifiable

SignedXml object doing the verification location that the signature was determined to be invalid

Log the success or failure of a signature verification operation

SignedXml object doing the verification public key used to verify the signature true if the signature verified, false otherwise

Log the check for appropriate X509 key usage

SignedXml doing the signature verification certificate having its key usages checked key usages being examined

Log that we are verifying a reference

SignedXMl object doing the verification reference being verified

Log the hash comparison when verifying a reference

SignedXml object verifying the signature reference being verified actual hash value of the reference hash value the signature expected the reference to have

Log the verification parameters when verifying the SignedInfo section of a signature using an asymmetric key

SignedXml object doing the verification key being used to verify the signed info type of signature description class used type of hash algorithm used type of signature deformatter used hash value of the signed info raw signature value

Log the verification parameters when verifying the SignedInfo section of a signature using a keyed hash algorithm

SignedXml object doing the verification hash algorithm doing the verification hash value of the signed info raw signature value

Log that an X509 chain is being built for a certificate

SignedXml object building the chain chain built for the certificate certificate having the chain built for it

Write information when user hits the Signed XML recursion depth limit issue. This is helpful in debugging this kind of issues.

SignedXml object verifying the signature reference being verified

Write data to the log

object doing the trace severity of the debug event data being written type of event being traced

Map from an ASCII char to its hex value, e.g. arr['b'] == 11. 0xFF means it's not a hex digit.

Index was out of range. Must be non-negative and less than the size of the collection.

String cannot be empty or null.

A certificate chain could not be built to a trusted root authority.

Bad wrapped key size.

A Cipher Data element should have either a CipherValue or a CipherReference element.

Could not create hash algorithm object.

Could not create the XML transformation identified by the URI {0}.

Failed to create signing key.

A DigestMethod must be specified on a Reference prior to generating XML.

A Reference must contain a DigestValue.

An XmlDocument context is required for enveloped transforms.

Malformed element {0}.

Malformed encryption property element.

The key size should be a non negative integer.

Malformed reference element.

The length of the signature with a MAC should be less than the hash output length.

The length in bits of the signature with a MAC should be a multiple of 8.

X509 issuer serial number is invalid.

A KeyInfo element is required to check the signature.

The length of the encrypted data in Key Wrap is either 32, 40 or 48 bytes.

Signing key is not loaded.

Symmetric algorithm is not specified.

Cipher data is not specified.

Unable to retrieve the decryption key.

Unable to retrieve the encryption key.

The specified cryptographic transform is not supported.

At least one Reference element is required.

The Reference type must be set in an EncryptedReference object.

An XmlDocument context is required to resolve the Reference Uri {0}.

SignatureDescription could not be created for the signature algorithm supplied.

The key does not fit the SignatureMethod.

A signature method is required.

Signature requires a SignatureValue.

Signature requires a SignedInfo.

The input type was invalid for this transform.

Type of input object is invalid.

Unknown transform has been encountered.

Unable to resolve Uri {0}.

The specified Uri is not supported.

A Uri attribute is required for a CipherReference element.

Null Context property encountered.

IRelDecryptor is required.

Issuer node is required.

License node is required.

Unable to decrypt grant content.

The certificate key algorithm is not supported.

Actual hash value: {0}

Beginning canonicalization using "{0}" ({1}).

Beginning signature computation.

Beginning signature verification.

Building and verifying the X509 chain for certificate {0}.

Canonicalization transform is using resolver {0} and base URI "{1}".

Output of canonicalization transform: {0}

Certificate chain:

Checking signature format using format validator "[{0}] {1}.{2}".

Checking signature on SignedInfo with id "{0}".

Signature format validation was successful.

Signature format validation failed.

Found key usages "{0}" in extension {1} on certificate {2}.

No namespaces are being propagated.

Propagating namespace {0}="{1}".

Raw signature: {0}

Reference {0} hashed with "{1}" ({2}) has hash value {3}, expected hash value {4}.

Revocation mode for chain building: {0}.

Revocation flag for chain building: {0}.

Calculating signature with key {0} using signature description {1}, hash algorithm {2}, and asymmetric signature formatter {3}.

Calculating signature using keyed hash algorithm {0}.

Hashing reference {0}, Uri "{1}", Id "{2}", Type "{3}" with hash algorithm "{4}" ({5}).

Transformed reference contents: {0}

Canonicalization method "{0}" is not on the safe list. Safe canonicalization methods are: {1}.

URL retrieval timeout for chain building: {0}.

Verification failed checking {0}.

references

SignedInfo

X509 chain verification

X509 key usage verification

Verification flags for chain building: {0}.

Verification time for chain building: {0}.

Verification with key {0} was successful.

Verification with key {0} was not successful.

Processing reference {0}, Uri "{1}", Id "{2}", Type "{3}".

Verifying SignedInfo using key {0}, signature description {1}, hash algorithm {2}, and asymmetric signature deformatter {3}.

Verifying SignedInfo using keyed hash algorithm {0}.

Error building X509 chain: {0}: {1}.

Using context: {0}

Signed xml recursion limit hit while trying to decrypt the key. Reference {0} hashed with "{1}" and ({2}).

Transform method "{0}" is not on the safe list. Safe transform methods are: {1}.

{0} and {1} can only occur in combination

{0} is missing

{0} must contain child element {1}

Root element must be {0} element in namespace {1}

Base type for all platform-specific API attributes.

Records the platform that the project targeted.

Records the operating system (and minimum version) that supports an API. Multiple attributes can be applied to indicate support on multiple operating systems.

Callers can apply a or use guards to prevent calls to APIs on unsupported operating systems. A given platform should only be specified once.

Marks APIs that were removed in a given operating system version.

Primarily used by OS bindings to indicate APIs that are only available in earlier versions.

Annotates a custom guard field, property or method with a supported platform name and optional version. Multiple attributes can be applied to indicate guard for multiple supported platforms.

Callers can apply a to a field, property or method and use that field, property or method in a conditional or assert statements in order to safely call platform specific APIs. The type of the field or property should be boolean, the method return type should be boolean in order to be used as platform guard.

Annotates the custom guard field, property or method with an unsupported platform name and optional version. Multiple attributes can be applied to indicate guard for multiple unsupported platforms.

Callers can apply a to a field, property or method and use that field, property or method in a conditional or assert statements as a guard to safely call APIs unsupported on those platforms. The type of the field or property should be boolean, the method return type should be boolean in order to be used as platform guard.