private ExtendedSignedXml GetSignature(XmlDocument inputXml, XmlDsigSignParameters signParameters, Action <ExtendedSignedXml> signedXmlPostProcessing)
{
if (inputXml.DocumentElement == null)
{
throw new InvalidDocumentException("Document to sign has no root element");
}
var certificate = signParameters.SignatureCertificate;
var inputPath = signParameters.InputPath;
var signedXml = new ExtendedSignedXml(inputXml);
signedXml.Signature.Id = "signature";
CreateAndAddReferenceTo(signedXml, inputXml, inputPath, signParameters.XPathNodeToSign);
CreateTimestampNodeIfNeeded(signedXml, signParameters);
CreateNodesForProperties(signedXml, signParameters);
IncludeSignatureCertificateIfNeeded(signedXml, certificate, signParameters);
AddCanonicalizationMethodTo(signedXml);
if (signedXmlPostProcessing != null)
{
signedXmlPostProcessing(signedXml);
}
signedXml.ComputeSignature();
return(signedXml);
}
public void Sign()
{
var qualifyingProperties = GetQualifyingProperties(Certificate);
var qualifyingPropertiesXml = ObjectToXml.Serialize(qualifyingProperties);
var signedXml = new ExtendedSignedXml(Xml);
signedXml.Signature.Id = qualifyingProperties.Target;
signedXml.SigningKey = Certificate.GetRSAPrivateKey();
signedXml.SignedInfo.CanonicalizationMethod = SignedXml.XmlDsigExcC14NTransformUrl;
signedXml.SignedInfo.SignatureMethod = SignedXml.XmlDsigRSASHA256Url;
var documentReference = new Reference
{
Id = qualifyingProperties.SignedProperties.SignedDataObjectProperties.DataObjectFormat.ObjectReference,
Type = null,
Uri = ""
};
documentReference.AddTransform(new XmlDsigEnvelopedSignatureTransform());
documentReference.DigestMethod = SignedXml.XmlDsigSHA256Url;
signedXml.AddReference(documentReference);
var signedProperties = new Reference
{
Type = Namespaces.SignedProperties,
Uri = "#" + qualifyingProperties.SignedProperties.Id
};
signedProperties.AddTransform(new XmlDsigExcC14NTransform());
signedProperties.DigestMethod = SignedXml.XmlDsigSHA256Url;
signedXml.AddReference(signedProperties);
var dataObject = new DataObject
{
Data = qualifyingPropertiesXml.ChildNodes
};
signedXml.AddObject(dataObject);
var certificateKeyInfo = new KeyInfo();
certificateKeyInfo.AddClause(new KeyInfoX509Data(Certificate));
signedXml.KeyInfo = certificateKeyInfo;
signedXml.ComputeSignature();
var signature = signedXml.GetXml();
Insert(signature, Xml.DocumentElement);
}
public void Sign(XmlDocument xml, Stream sed)
{
var security = new Security
{
BinarySecurityToken = new BinarySecurityToken
{
Id = Guid.NewGuid().ToString(),
EncodingType = Namespaces.Base64Binary,
ValueType = Namespaces.X509TokenProfile,
Value = certificate.GetRawCertData()
}
};
var securityXml = Serializer.Serialize(security);
var signedXml = new ExtendedSignedXml(xml)
{
SigningKey = certificate.GetRSAPrivateKey()
};
var namespaces = new XmlNamespaceManager(xml.NameTable);
namespaces.AddNamespace("s", Namespaces.SoapEnvelope);
namespaces.AddNamespace("eb", Namespaces.ElectronicBusinessMessagingService);
namespaces.AddNamespace("wsu", Namespaces.WebServiceSecurityUtility);
var messaging = xml.SelectSingleNode("/s:Envelope/s:Header/eb:Messaging", namespaces);
var body = xml.SelectSingleNode("/s:Envelope/s:Body", namespaces);
var messagingReference = new Reference
{
Uri = "#" + messaging.Attributes["wsu:Id"].Value,
DigestMethod = SignedXml.XmlDsigSHA256Url
};
messagingReference.AddTransform(new XmlDsigExcC14NTransform());
signedXml.AddReference(messagingReference);
var bodyReference = new Reference
{
Uri = "#" + body.Attributes["wsu:Id"].Value,
DigestMethod = SignedXml.XmlDsigSHA256Url
};
bodyReference.AddTransform(new XmlDsigExcC14NTransform());
signedXml.AddReference(bodyReference);
var sedReference = new Reference(new NonCloseableStream(sed))
{
Uri = "cid:DefaultSED",
DigestMethod = SignedXml.XmlDsigSHA256Url
};
sedReference.AddTransform(new AttachmentContentSignatureTransform());
signedXml.AddExternalReference(sedReference);
var keyInfo = new KeyInfo();
keyInfo.AddClause(new SecurityTokenReference(security.BinarySecurityToken.Id));
signedXml.KeyInfo = keyInfo;
signedXml.SignedInfo.CanonicalizationMethod = SignedXml.XmlDsigExcC14NTransformUrl;
signedXml.SignedInfo.SignatureMethod = SignedXml.XmlDsigRSASHA256Url;
signedXml.ComputeSignature();
var signature = signedXml.GetXml();
Insert(signature, securityXml.DocumentElement);
var header = xml.SelectSingleNode("/s:Envelope/s:Header", namespaces);
Insert(securityXml, header);
}
public void Sign()
{
var security = new AS4.Security.Security
{
BinarySecurityToken = new BinarySecurityToken
{
Id = Guid.NewGuid().ToString(),
EncodingType = Soap.Namespaces.Base64Binary,
ValueType = Soap.Namespaces.X509TokenProfile,
Value = Certificate.GetRawCertData()
}
};
var securityXml = ObjectToXml.Serialize(security);
var signedXml = new ExtendedSignedXml(Xml)
{
SigningKey = Certificate.GetRSAPrivateKey()
};
foreach (var uri in Uris)
{
var reference = new Reference
{
Uri = "#" + uri,
DigestMethod = SignedXml.XmlDsigSHA256Url
};
reference.AddTransform(new XmlDsigExcC14NTransform());
signedXml.AddReference(reference);
}
foreach (var attachment in Attachments)
{
var reference = new Reference(new NonCloseableStream(attachment.Stream))
{
Uri = "cid:" + attachment.ContentId,
DigestMethod = SignedXml.XmlDsigSHA256Url
};
reference.AddTransform(new AttachmentContentSignatureTransform());
signedXml.AddExternalReference(reference);
}
var keyInfo = new KeyInfo();
keyInfo.AddClause(new SecurityTokenReference(security.BinarySecurityToken.Id));
signedXml.KeyInfo = keyInfo;
signedXml.SignedInfo.CanonicalizationMethod = SignedXml.XmlDsigExcC14NTransformUrl;
signedXml.SignedInfo.SignatureMethod = SignedXml.XmlDsigRSASHA256Url;
signedXml.ComputeSignature();
var signature = signedXml.GetXml();
Insert(signature, securityXml.DocumentElement);
var namespaces = new XmlNamespaceManager(Xml.NameTable);
namespaces.AddNamespace("s", Soap.Namespaces.SoapEnvelope);
var header = Xml.SelectSingleNode("/s:Envelope/s:Header", namespaces);
Insert(securityXml, header);
}
