public void Decode(byte[] data)
{
CmsSignedData sig = new CmsSignedData(data);
byte[] content = sig.SignedContent.GetContent() as byte[];
//this.m_contentInfo = new System.Security.Cryptography.Pkcs.ContentInfo(contentType, content);
this.m_contentInfo = new System.Security.Cryptography.Pkcs.ContentInfo(content);
}
private static byte[] SignData(byte[] data, X509Certificate2 signCertificate, DateTime? requestTimestamp = null)
{
var contentInfo = new System.Security.Cryptography.Pkcs.ContentInfo(data);
var signedCms = new System.Security.Cryptography.Pkcs.SignedCms(contentInfo);
var signer = new System.Security.Cryptography.Pkcs.CmsSigner(signCertificate)
{
DigestAlgorithm = GetSignatureAlgorithmForCert(signCertificate),
IncludeOption = X509IncludeOption.EndCertOnly
};
if (requestTimestamp.HasValue)
signer.SignedAttributes.Add(new System.Security.Cryptography.Pkcs.Pkcs9SigningTime(requestTimestamp.Value));
signedCms.ComputeSignature(signer);
return signedCms.Encode();
}
private static byte[] SignData(byte[] data, X509Certificate2 signCertificate, DateTime?requestTimestamp = null)
{
var contentInfo = new System.Security.Cryptography.Pkcs.ContentInfo(data);
var signedCms = new System.Security.Cryptography.Pkcs.SignedCms(contentInfo);
var signer = new System.Security.Cryptography.Pkcs.CmsSigner(signCertificate)
{
DigestAlgorithm = GetSignatureAlgorithmForCert(signCertificate),
IncludeOption = X509IncludeOption.EndCertOnly
};
if (requestTimestamp.HasValue)
{
signer.SignedAttributes.Add(new System.Security.Cryptography.Pkcs.Pkcs9SigningTime(requestTimestamp.Value));
}
signedCms.ComputeSignature(signer);
return(signedCms.Encode());
}
public void Decode(byte[] encodedMessage)
{
if (encodedMessage == null)
{
throw new ArgumentNullException("encodedMessage");
}
if ((this.m_safeCryptMsgHandle != null) && !this.m_safeCryptMsgHandle.IsInvalid)
{
this.m_safeCryptMsgHandle.Dispose();
}
this.m_safeCryptMsgHandle = OpenToDecode(encodedMessage, this.ContentInfo, this.Detached);
if (!this.Detached)
{
Oid contentType = PkcsUtils.GetContentType(this.m_safeCryptMsgHandle);
byte[] content = PkcsUtils.GetContent(this.m_safeCryptMsgHandle);
this.m_contentInfo = new System.Security.Cryptography.Pkcs.ContentInfo(contentType, content);
}
}
public SignedCms(SubjectIdentifierType signerIdentifierType, System.Security.Cryptography.Pkcs.ContentInfo contentInfo, bool detached)
{
if (contentInfo == null)
{
throw new ArgumentNullException("contentInfo");
}
if (contentInfo.Content == null)
{
throw new ArgumentNullException("contentInfo.Content");
}
if (((signerIdentifierType != SubjectIdentifierType.SubjectKeyIdentifier) && (signerIdentifierType != SubjectIdentifierType.IssuerAndSerialNumber)) && (signerIdentifierType != SubjectIdentifierType.NoSignature))
{
signerIdentifierType = SubjectIdentifierType.IssuerAndSerialNumber;
}
this.m_safeCryptMsgHandle = System.Security.Cryptography.SafeCryptMsgHandle.InvalidHandle;
this.m_signerIdentifierType = signerIdentifierType;
this.m_version = 0;
this.m_contentInfo = contentInfo;
this.m_detached = detached;
}
public SignedCms(SubjectIdentifierType signerIdentifierType, System.Security.Cryptography.Pkcs.ContentInfo contentInfo, bool detached)
{
if (contentInfo == null)
{
throw new ArgumentNullException("contentInfo");
}
if (contentInfo.Content == null)
{
throw new ArgumentNullException("contentInfo.Content");
}
if (((signerIdentifierType != SubjectIdentifierType.SubjectKeyIdentifier) && (signerIdentifierType != SubjectIdentifierType.IssuerAndSerialNumber)) && (signerIdentifierType != SubjectIdentifierType.NoSignature))
{
signerIdentifierType = SubjectIdentifierType.IssuerAndSerialNumber;
}
this.m_safeCryptMsgHandle = System.Security.Cryptography.SafeCryptMsgHandle.InvalidHandle;
this.m_signerIdentifierType = signerIdentifierType;
this.m_version = 0;
this.m_contentInfo = contentInfo;
this.m_detached = detached;
}
public EnvelopedCms(SubjectIdentifierType recipientIdentifierType, System.Security.Cryptography.Pkcs.ContentInfo contentInfo, AlgorithmIdentifier encryptionAlgorithm)
{
if (contentInfo == null)
{
throw new ArgumentNullException("contentInfo");
}
if (contentInfo.Content == null)
{
throw new ArgumentNullException("contentInfo.Content");
}
if (encryptionAlgorithm == null)
{
throw new ArgumentNullException("encryptionAlgorithm");
}
this.m_safeCryptMsgHandle = System.Security.Cryptography.SafeCryptMsgHandle.InvalidHandle;
this.m_version = (recipientIdentifierType == SubjectIdentifierType.SubjectKeyIdentifier) ? 2 : 0;
this.m_recipientIdentifierType = recipientIdentifierType;
this.m_contentInfo = contentInfo;
this.m_encryptionAlgorithm = encryptionAlgorithm;
this.m_encryptionAlgorithm.Parameters = new byte[0];
this.m_certificates = new X509Certificate2Collection();
this.m_unprotectedAttributes = new CryptographicAttributeObjectCollection();
}
// SignedCms(new ContentInfo(tmpDataEntityStream.ToArray()),true);
public SignedCms(ContentInfo contentInfo, bool detached)
{
this.m_contentInfo = contentInfo;
}
public EnvelopedCms(System.Security.Cryptography.Pkcs.SubjectIdentifierType recipientIdentifierType, System.Security.Cryptography.Pkcs.ContentInfo contentInfo)
{
}
/// <summary>
/// Construye un Login Ticket obtenido del WSAA
/// </summary>
/// <param name="argServicio">Servicio al que se desea acceder</param>
/// <param name="argUrlWsaa">URL del WSAA</param>
/// <param name="argRutaCertX509Firmante">Ruta del certificado X509 (con clave privada) usado para firmar</param>
/// <param name="argVerbose">Nivel detallado de descripcion? true/false</param>
/// <remarks></remarks>
public void Obtener(string argServicio, string argUrlWsaa, string argRutaCertX509Firmante, bool argVerbose)
{
RutaDelCertificadoFirmante = argRutaCertX509Firmante;
string cmsFirmadoBase64;
string respuesta;
XmlNode xmlNodoUniqueId;
XmlNode xmlNodoGenerationTime;
XmlNode xmlNodoExpirationTime;
XmlNode xmlNodoService;
// PASO 1: Genero el Login Ticket Request
try {
solicitudXML = new XmlDocument();
solicitudXML.LoadXml(solicitudPlantillaXML);
xmlNodoUniqueId = solicitudXML.SelectSingleNode("//uniqueId");
xmlNodoGenerationTime = solicitudXML.SelectSingleNode("//generationTime");
xmlNodoExpirationTime = solicitudXML.SelectSingleNode("//expirationTime");
xmlNodoService = solicitudXML.SelectSingleNode("//service");
var now = DateTime.Now;
xmlNodoGenerationTime.InnerText = now.ToString("s");
xmlNodoExpirationTime.InnerText = now.AddHours(12).ToString("s");
xmlNodoUniqueId.InnerText = Convert.ToString(_globalUniqueID);
xmlNodoService.InnerText = Servicio;
_globalUniqueID += 1;
} catch (Exception ex) {
throw new Exception("Error GENERANDO el Ticket de acceso : " + ex.Message);
}
// PASO 2: Firmo el Login Ticket Request
try {
// Convierto el login ticket request a bytes, para firmar
Encoding EncodedMsg = Encoding.UTF8;
byte[] msgBytes = EncodedMsg.GetBytes(solicitudXML.OuterXml);
byte[] encodedSignedCms;
// Firmo el msg y paso a Base64
try {
var certList = new ArrayList();
CMSTypedData msg = new CMSProcessableByteArray("Hello world!".getBytes());
certList.add(signCert);
Store certs = new JcaCertStore(certList);
var gen = new CMSSignedDataGenerator();
ContentSigner sha1Signer = new JcaContentSignerBuilder("SHA1withRSA").setProvider("BC").build(signKP.getPrivate());
gen.addSignerInfoGenerator(
new JcaSignerInfoGeneratorBuilder(
new JcaDigestCalculatorProviderBuilder().setProvider("BC").build())
.build(sha1Signer, signCert));
gen.addCertificates(certs);
CMSSignedData sigData = gen.generate(msg, false);
cmsFirmadoBase64 = Convert.ToBase64String(encodedSignedCms);
// Pongo el mensaje en un objeto ContentInfo (requerido para construir el obj SignedCms)
var infoContenido = new System.Security.Cryptography.Pkcs.ContentInfo(msgBytes);
var cmsFirmado = new SignedCms(infoContenido);
// Creo objeto CmsSigner que tiene las caracteristicas del firmante
var cmsFirmante = new CmsSigner(certificadoFirmante);
cmsFirmante.IncludeOption = X509IncludeOption.EndCertOnly;
// Firmo el mensaje PKCS #7
cmsFirmado.ComputeSignature(cmsFirmante);
// Encodeo el mensaje PKCS #7.
encodedSignedCms = cmsFirmado.Encode();
} catch (Exception excepcionAlFirmar) {
throw new Exception("***Error al firmar: " + excepcionAlFirmar.Message);
}
} catch (Exception excepcionAlFirmar) {
throw new Exception("***Error FIRMANDO el LoginTicketRequest : " + excepcionAlFirmar.Message);
}
// PASO 3: Invoco al WSAA para obtener el Login Ticket Response
try {
var wsaa = new WSAA.LoginCMSService();
respuesta = wsaa.loginCms(cmsFirmadoBase64);
} catch (Exception ex) {
throw new Exception("Error INVOCANDO al servicio WSAA : " + ex.Message);
}
// PASO 4: Analizo el Login Ticket Response recibido del WSAA
try {
respuestaXML = new XmlDocument();
respuestaXML.LoadXml(respuesta);
id = UInt32.Parse(respuestaXML.SelectSingleNode("//uniqueId").InnerText);
generacion = DateTime.Parse(respuestaXML.SelectSingleNode("//generationTime").InnerText);
expiracion = DateTime.Parse(respuestaXML.SelectSingleNode("//expirationTime").InnerText);
firma = respuestaXML.SelectSingleNode("//sign").InnerText;
token = respuestaXML.SelectSingleNode("//token").InnerText;
} catch (Exception ex) {
throw new Exception("Error ANALIZANDO el LoginTicketResponse : " + ex.Message);
}
}
public SignedCms(System.Security.Cryptography.Pkcs.ContentInfo contentInfo, bool detached)
{
}
public EnvelopedCms(System.Security.Cryptography.Pkcs.ContentInfo contentInfo, System.Security.Cryptography.Pkcs.AlgorithmIdentifier encryptionAlgorithm)
{
}
public void Decode(byte[] encodedMessage)
{
if (encodedMessage == null)
{
throw new ArgumentNullException("encodedMessage");
}
if ((this.m_safeCryptMsgHandle != null) && !this.m_safeCryptMsgHandle.IsInvalid)
{
this.m_safeCryptMsgHandle.Dispose();
}
this.m_safeCryptMsgHandle = OpenToDecode(encodedMessage);
this.m_version = (int) PkcsUtils.GetVersion(this.m_safeCryptMsgHandle);
Oid contentType = PkcsUtils.GetContentType(this.m_safeCryptMsgHandle);
byte[] content = PkcsUtils.GetContent(this.m_safeCryptMsgHandle);
this.m_contentInfo = new System.Security.Cryptography.Pkcs.ContentInfo(contentType, content);
this.m_encryptionAlgorithm = PkcsUtils.GetAlgorithmIdentifier(this.m_safeCryptMsgHandle);
this.m_certificates = PkcsUtils.GetCertificates(this.m_safeCryptMsgHandle);
this.m_unprotectedAttributes = PkcsUtils.GetUnprotectedAttributes(this.m_safeCryptMsgHandle);
}
public SignedCms(SubjectIdentifierType signerIdentifierType, System.Security.Cryptography.Pkcs.ContentInfo contentInfo) : this(signerIdentifierType, contentInfo, false)
{
}
public SignedCms(System.Security.Cryptography.Pkcs.ContentInfo contentInfo, bool detached) : this(SubjectIdentifierType.IssuerAndSerialNumber, contentInfo, detached)
{
}
private static System.Security.Cryptography.SafeCryptMsgHandle OpenToDecode(byte[] encodedMessage, System.Security.Cryptography.Pkcs.ContentInfo contentInfo, bool detached)
{
System.Security.Cryptography.SafeCryptMsgHandle hCryptMsg = System.Security.Cryptography.CAPI.CAPISafe.CryptMsgOpenToDecode(0x10001, detached ? 4 : 0, 0, IntPtr.Zero, IntPtr.Zero, IntPtr.Zero);
if ((hCryptMsg == null) || hCryptMsg.IsInvalid)
{
throw new CryptographicException(Marshal.GetLastWin32Error());
}
if (!System.Security.Cryptography.CAPI.CAPISafe.CryptMsgUpdate(hCryptMsg, encodedMessage, (uint)encodedMessage.Length, true))
{
throw new CryptographicException(Marshal.GetLastWin32Error());
}
if (2 != PkcsUtils.GetMessageType(hCryptMsg))
{
throw new CryptographicException(-2146889724);
}
if (detached)
{
byte[] content = contentInfo.Content;
if (((content != null) && (content.Length > 0)) && !System.Security.Cryptography.CAPI.CAPISafe.CryptMsgUpdate(hCryptMsg, content, (uint)content.Length, true))
{
throw new CryptographicException(Marshal.GetLastWin32Error());
}
}
return(hCryptMsg);
}
public EnvelopedCms(System.Security.Cryptography.Pkcs.ContentInfo contentInfo)
{
}
private unsafe void DecryptContent(RecipientInfoCollection recipientInfos, X509Certificate2Collection extraStore)
{
int hr = -2146889717;
if ((this.m_safeCryptMsgHandle == null) || this.m_safeCryptMsgHandle.IsInvalid)
{
throw new InvalidOperationException(SecurityResources.GetResourceString("Cryptography_Cms_NoEncryptedMessageToEncode"));
}
for (int i = 0; i < recipientInfos.Count; i++)
{
System.Security.Cryptography.SafeCertContextHandle invalidHandle;
KeyAgreeRecipientInfo info2;
System.Security.Cryptography.CAPI.CMSG_CTRL_KEY_AGREE_DECRYPT_PARA cmsg_ctrl_key_agree_decrypt_para;
System.Security.Cryptography.CAPI.CMSG_KEY_AGREE_PUBLIC_KEY_RECIPIENT_INFO cmsg_key_agree_public_key_recipient_info;
RecipientInfo recipientInfo = recipientInfos[i];
CMSG_DECRYPT_PARAM cmsgDecryptParam = new CMSG_DECRYPT_PARAM();
int num3 = GetCspParams(recipientInfo, extraStore, ref cmsgDecryptParam);
if (num3 != 0)
{
goto Label_02F1;
}
CspParameters parameters = new CspParameters();
if (!System.Security.Cryptography.X509Certificates.X509Utils.GetPrivateKeyInfo(cmsgDecryptParam.safeCertContextHandle, ref parameters))
{
throw new CryptographicException(Marshal.GetLastWin32Error());
}
KeyContainerPermission permission = new KeyContainerPermission(KeyContainerPermissionFlags.NoFlags);
KeyContainerPermissionAccessEntry accessEntry = new KeyContainerPermissionAccessEntry(parameters, KeyContainerPermissionFlags.Decrypt | KeyContainerPermissionFlags.Open);
permission.AccessEntries.Add(accessEntry);
permission.Demand();
switch (recipientInfo.Type)
{
case RecipientInfoType.KeyTransport:
{
System.Security.Cryptography.CAPI.CMSG_CTRL_DECRYPT_PARA cmsg_ctrl_decrypt_para = new System.Security.Cryptography.CAPI.CMSG_CTRL_DECRYPT_PARA(Marshal.SizeOf(typeof(System.Security.Cryptography.CAPI.CMSG_CTRL_DECRYPT_PARA))) {
hCryptProv = cmsgDecryptParam.safeCryptProvHandle.DangerousGetHandle(),
dwKeySpec = cmsgDecryptParam.keySpec,
dwRecipientIndex = recipientInfo.Index
};
if (!System.Security.Cryptography.CAPI.CryptMsgControl(this.m_safeCryptMsgHandle, 0, 2, new IntPtr((void*) &cmsg_ctrl_decrypt_para)))
{
num3 = Marshal.GetHRForLastWin32Error();
}
GC.KeepAlive(cmsg_ctrl_decrypt_para);
goto Label_02E6;
}
case RecipientInfoType.KeyAgreement:
{
invalidHandle = System.Security.Cryptography.SafeCertContextHandle.InvalidHandle;
info2 = (KeyAgreeRecipientInfo) recipientInfo;
System.Security.Cryptography.CAPI.CMSG_CMS_RECIPIENT_INFO cmsg_cms_recipient_info = (System.Security.Cryptography.CAPI.CMSG_CMS_RECIPIENT_INFO) Marshal.PtrToStructure(info2.pCmsgRecipientInfo.DangerousGetHandle(), typeof(System.Security.Cryptography.CAPI.CMSG_CMS_RECIPIENT_INFO));
cmsg_ctrl_key_agree_decrypt_para = new System.Security.Cryptography.CAPI.CMSG_CTRL_KEY_AGREE_DECRYPT_PARA(Marshal.SizeOf(typeof(System.Security.Cryptography.CAPI.CMSG_CTRL_KEY_AGREE_DECRYPT_PARA))) {
hCryptProv = cmsgDecryptParam.safeCryptProvHandle.DangerousGetHandle(),
dwKeySpec = cmsgDecryptParam.keySpec,
pKeyAgree = cmsg_cms_recipient_info.pRecipientInfo,
dwRecipientIndex = info2.Index,
dwRecipientEncryptedKeyIndex = info2.SubIndex
};
if (info2.SubType != RecipientSubType.CertIdKeyAgreement)
{
goto Label_0286;
}
System.Security.Cryptography.CAPI.CMSG_KEY_AGREE_CERT_ID_RECIPIENT_INFO cmsgRecipientInfo = (System.Security.Cryptography.CAPI.CMSG_KEY_AGREE_CERT_ID_RECIPIENT_INFO) info2.CmsgRecipientInfo;
invalidHandle = System.Security.Cryptography.CAPI.CertFindCertificateInStore(BuildOriginatorStore(this.Certificates, extraStore), 0x10001, 0, 0x100000, new IntPtr((void*) &cmsgRecipientInfo.OriginatorCertId), System.Security.Cryptography.SafeCertContextHandle.InvalidHandle);
if ((invalidHandle != null) && !invalidHandle.IsInvalid)
{
break;
}
num3 = -2146885628;
goto Label_02E6;
}
default:
throw new CryptographicException(-2147483647);
}
System.Security.Cryptography.CAPI.CERT_CONTEXT cert_context = (System.Security.Cryptography.CAPI.CERT_CONTEXT) Marshal.PtrToStructure(invalidHandle.DangerousGetHandle(), typeof(System.Security.Cryptography.CAPI.CERT_CONTEXT));
System.Security.Cryptography.CAPI.CERT_INFO cert_info = (System.Security.Cryptography.CAPI.CERT_INFO) Marshal.PtrToStructure(cert_context.pCertInfo, typeof(System.Security.Cryptography.CAPI.CERT_INFO));
cmsg_ctrl_key_agree_decrypt_para.OriginatorPublicKey = cert_info.SubjectPublicKeyInfo.PublicKey;
goto Label_02A7;
Label_0286:
cmsg_key_agree_public_key_recipient_info = (System.Security.Cryptography.CAPI.CMSG_KEY_AGREE_PUBLIC_KEY_RECIPIENT_INFO) info2.CmsgRecipientInfo;
cmsg_ctrl_key_agree_decrypt_para.OriginatorPublicKey = cmsg_key_agree_public_key_recipient_info.OriginatorPublicKeyInfo.PublicKey;
Label_02A7:
if (!System.Security.Cryptography.CAPI.CryptMsgControl(this.m_safeCryptMsgHandle, 0, 0x11, new IntPtr((void*) &cmsg_ctrl_key_agree_decrypt_para)))
{
num3 = Marshal.GetHRForLastWin32Error();
}
GC.KeepAlive(cmsg_ctrl_key_agree_decrypt_para);
GC.KeepAlive(invalidHandle);
Label_02E6:
GC.KeepAlive(cmsgDecryptParam);
Label_02F1:
if (num3 == 0)
{
uint cbData = 0;
System.Security.Cryptography.SafeLocalAllocHandle pvData = System.Security.Cryptography.SafeLocalAllocHandle.InvalidHandle;
PkcsUtils.GetParam(this.m_safeCryptMsgHandle, 2, 0, out pvData, out cbData);
if (cbData > 0)
{
Oid contentType = PkcsUtils.GetContentType(this.m_safeCryptMsgHandle);
byte[] destination = new byte[cbData];
Marshal.Copy(pvData.DangerousGetHandle(), destination, 0, (int) cbData);
this.m_contentInfo = new System.Security.Cryptography.Pkcs.ContentInfo(contentType, destination);
}
pvData.Dispose();
hr = 0;
break;
}
hr = num3;
}
if (hr != 0)
{
throw new CryptographicException(hr);
}
}
public SignedCms(System.Security.Cryptography.Pkcs.ContentInfo contentInfo)
{
}
public void Decode(byte[] encodedMessage)
{
if (encodedMessage == null)
{
throw new ArgumentNullException("encodedMessage");
}
if ((this.m_safeCryptMsgHandle != null) && !this.m_safeCryptMsgHandle.IsInvalid)
{
this.m_safeCryptMsgHandle.Dispose();
}
this.m_safeCryptMsgHandle = OpenToDecode(encodedMessage, this.ContentInfo, this.Detached);
if (!this.Detached)
{
Oid contentType = PkcsUtils.GetContentType(this.m_safeCryptMsgHandle);
byte[] content = PkcsUtils.GetContent(this.m_safeCryptMsgHandle);
this.m_contentInfo = new System.Security.Cryptography.Pkcs.ContentInfo(contentType, content);
}
}
public SignedCms(System.Security.Cryptography.Pkcs.SubjectIdentifierType signerIdentifierType, System.Security.Cryptography.Pkcs.ContentInfo contentInfo, bool detached)
{
}
/// <summary>
/// Construye un Login Ticket obtenido del WSAA
/// </summary>
/// <param name="argServicio">Servicio al que se desea acceder</param>
/// <param name="argUrlWsaa">URL del WSAA</param>
/// <param name="argRutaCertX509Firmante">Ruta del certificado X509 (con clave privada) usado para firmar</param>
/// <param name="argVerbose">Nivel detallado de descripcion? true/false</param>
/// <remarks></remarks>
public void Obtener(string argServicio, string argUrlWsaa, string argRutaCertX509Firmante, bool argVerbose)
{
RutaDelCertificadoFirmante = argRutaCertX509Firmante;
string cmsFirmadoBase64;
string respuesta;
XmlNode xmlNodoUniqueId;
XmlNode xmlNodoGenerationTime;
XmlNode xmlNodoExpirationTime;
XmlNode xmlNodoService;
// PASO 1: Genero el Login Ticket Request
try {
solicitudXML = new XmlDocument ();
solicitudXML.LoadXml (solicitudPlantillaXML);
xmlNodoUniqueId = solicitudXML.SelectSingleNode ("//uniqueId");
xmlNodoGenerationTime = solicitudXML.SelectSingleNode ("//generationTime");
xmlNodoExpirationTime = solicitudXML.SelectSingleNode ("//expirationTime");
xmlNodoService = solicitudXML.SelectSingleNode ("//service");
var now = DateTime.Now;
xmlNodoGenerationTime.InnerText = now.ToString ("s");
xmlNodoExpirationTime.InnerText = now.AddHours (12).ToString ("s");
xmlNodoUniqueId.InnerText = Convert.ToString (_globalUniqueID);
xmlNodoService.InnerText = Servicio;
_globalUniqueID += 1;
} catch (Exception ex) {
throw new Exception ("Error GENERANDO el Ticket de acceso : " + ex.Message);
}
// PASO 2: Firmo el Login Ticket Request
try {
// Convierto el login ticket request a bytes, para firmar
Encoding EncodedMsg = Encoding.UTF8;
byte[] msgBytes = EncodedMsg.GetBytes (solicitudXML.OuterXml);
byte[] encodedSignedCms;
// Firmo el msg y paso a Base64
try {
var certList = new ArrayList ();
CMSTypedData msg = new CMSProcessableByteArray ("Hello world!".getBytes ());
certList.add (signCert);
Store certs = new JcaCertStore (certList);
var gen = new CMSSignedDataGenerator ();
ContentSigner sha1Signer = new JcaContentSignerBuilder ("SHA1withRSA").setProvider ("BC").build (signKP.getPrivate ());
gen.addSignerInfoGenerator (
new JcaSignerInfoGeneratorBuilder (
new JcaDigestCalculatorProviderBuilder ().setProvider ("BC").build ())
.build (sha1Signer, signCert));
gen.addCertificates (certs);
CMSSignedData sigData = gen.generate (msg, false);
cmsFirmadoBase64 = Convert.ToBase64String (encodedSignedCms);
// Pongo el mensaje en un objeto ContentInfo (requerido para construir el obj SignedCms)
var infoContenido = new System.Security.Cryptography.Pkcs.ContentInfo (msgBytes);
var cmsFirmado = new SignedCms (infoContenido);
// Creo objeto CmsSigner que tiene las caracteristicas del firmante
var cmsFirmante = new CmsSigner (certificadoFirmante);
cmsFirmante.IncludeOption = X509IncludeOption.EndCertOnly;
// Firmo el mensaje PKCS #7
cmsFirmado.ComputeSignature (cmsFirmante);
// Encodeo el mensaje PKCS #7.
encodedSignedCms = cmsFirmado.Encode ();
} catch (Exception excepcionAlFirmar) {
throw new Exception ("***Error al firmar: " + excepcionAlFirmar.Message);
}
} catch (Exception excepcionAlFirmar) {
throw new Exception ("***Error FIRMANDO el LoginTicketRequest : " + excepcionAlFirmar.Message);
}
// PASO 3: Invoco al WSAA para obtener el Login Ticket Response
try {
var wsaa = new WSAA.LoginCMSService ();
respuesta = wsaa.loginCms (cmsFirmadoBase64);
} catch (Exception ex) {
throw new Exception ("Error INVOCANDO al servicio WSAA : " + ex.Message);
}
// PASO 4: Analizo el Login Ticket Response recibido del WSAA
try {
respuestaXML = new XmlDocument ();
respuestaXML.LoadXml (respuesta);
id = UInt32.Parse (respuestaXML.SelectSingleNode ("//uniqueId").InnerText);
generacion = DateTime.Parse (respuestaXML.SelectSingleNode ("//generationTime").InnerText);
expiracion = DateTime.Parse (respuestaXML.SelectSingleNode ("//expirationTime").InnerText);
firma = respuestaXML.SelectSingleNode ("//sign").InnerText;
token = respuestaXML.SelectSingleNode ("//token").InnerText;
} catch (Exception ex) {
throw new Exception ("Error ANALIZANDO el LoginTicketResponse : " + ex.Message);
}
}
