public static XmlDocument AssinarXML(this XmlDocument xmlDocument, string tagAssinatura) { var certificado = Config.Certificado; var reference = new System.Security.Cryptography.Xml.Reference { Uri = "" }; var signedXml = new System.Security.Cryptography.Xml.SignedXml(xmlDocument) { SigningKey = certificado.PrivateKey }; reference.AddTransform(new System.Security.Cryptography.Xml.XmlDsigEnvelopedSignatureTransform()); reference.AddTransform(new System.Security.Cryptography.Xml.XmlDsigC14NTransform()); signedXml.AddReference(reference); var keyInfo = new System.Security.Cryptography.Xml.KeyInfo(); keyInfo.AddClause(new System.Security.Cryptography.Xml.KeyInfoX509Data(certificado)); signedXml.KeyInfo = keyInfo; signedXml.ComputeSignature(); var xmlDigitalSignature = signedXml.GetXml(); xmlDocument.GetElementsByTagName(tagAssinatura)[0].AppendChild(xmlDocument.ImportNode(xmlDigitalSignature, true)); return(xmlDocument); }
/// <summary> /// Check the signature of the specified signed document (created with CreateSignedDoc) using the specified public key. /// </summary> /// <param name="signedDoc"></param> /// <param name="keyPub">Public key</param> /// <returns></returns> public static bool CheckSignature(System.Xml.XmlDocument signedDoc, string keyPub) { System.Security.Cryptography.RSACryptoServiceProvider rsa = new System.Security.Cryptography.RSACryptoServiceProvider(); rsa.FromXmlString(keyPub); // Create a new SignedXml object and pass it // the XML document class. System.Security.Cryptography.Xml.SignedXml sx = new System.Security.Cryptography.Xml.SignedXml(signedDoc); // Load the first <signature> node. sx.LoadXml(GetSignatureFromSignedDoc(signedDoc)); // Check the signature and return the result. return(sx.CheckSignature(rsa)); }
// Sign an XML file. // This document cannot be verified unless the verifying // code has the key with which it was signed. public static void SignXml(System.Xml.XmlDocument Doc, RSA Key) { // Check arguments. if (Doc == null) { throw new ArgumentException("Doc"); } if (Key == null) { throw new ArgumentException("Key"); } // Create a SignedXml object. var signedXml = new System.Security.Cryptography.Xml.SignedXml(Doc); // Add the key to the SignedXml document. signedXml.SigningKey = Key; // Create a reference to be signed. var reference = new System.Security.Cryptography.Xml.Reference(); reference.Uri = ""; // Add an enveloped transformation to the reference. var env = new System.Security.Cryptography.Xml.XmlDsigEnvelopedSignatureTransform(); reference.AddTransform(env); // Add the reference to the SignedXml object. signedXml.AddReference(reference); // Compute the signature. signedXml.ComputeSignature(); // Get the XML representation of the signature and save // it to an XmlElement object. XmlElement xmlDigitalSignature = signedXml.GetXml(); // Append the element to the XML document. Doc.DocumentElement.AppendChild(Doc.ImportNode(xmlDigitalSignature, true)); }
// Verify the signature of an XML file against an asymmetric // algorithm and return the result. private Boolean VerifyXml(XmlDocument Doc, RSA Key) { // Check arguments. if (Doc == null) { throw new ArgumentException("Doc"); } if (Key == null) { throw new ArgumentException("Key"); } // Create a new SignedXml object and pass it // the XML document class. var signedXml = new System.Security.Cryptography.Xml.SignedXml(Doc); // Find the "Signature" node and create a new XmlNodeList object. XmlNodeList nodeList = Doc.GetElementsByTagName("Signature"); // Throw an exception if no signature was found. if (nodeList.Count <= 0) { throw new CryptographicException("Verification failed: No Signature was found in the document."); } // Though it is possible to have multiple signatures on // an XML document, this app only supports one signature for // the entire XML document. Throw an exception // if more than one signature was found. if (nodeList.Count >= 2) { throw new CryptographicException("Verification failed: More that one signature was found for the document."); } // Load the first <signature> node. signedXml.LoadXml((XmlElement)nodeList[0]); // Check the signature and return the result. return(signedXml.CheckSignature(Key)); }
/// <summary> /// Create a signature xml element for the specified xml document and private key /// </summary> /// <param name="xmlToSign"></param> /// <param name="keyPubPri">Private+public key</param> /// <returns></returns> public static System.Xml.XmlElement CreateSignature(System.Xml.XmlDocument xmlToSign, string keyPubPri) { System.Security.Cryptography.RSACryptoServiceProvider rsa = new System.Security.Cryptography.RSACryptoServiceProvider(); rsa.FromXmlString(keyPubPri); System.Security.Cryptography.Xml.SignedXml sx = new System.Security.Cryptography.Xml.SignedXml(xmlToSign); sx.SigningKey = rsa; // Create a reference to be signed System.Security.Cryptography.Xml.Reference reference = new System.Security.Cryptography.Xml.Reference(""); // Set the canonicalization method for the document. sx.SignedInfo.CanonicalizationMethod = System.Security.Cryptography.Xml.SignedXml.XmlDsigCanonicalizationUrl; // No comments. // Add an enveloped transformation to the reference. System.Security.Cryptography.Xml.XmlDsigEnvelopedSignatureTransform env = new System.Security.Cryptography.Xml.XmlDsigEnvelopedSignatureTransform(false); reference.AddTransform(env); sx.AddReference(reference); sx.ComputeSignature(); return(sx.GetXml()); }
/// <summary> /// Check the signature of the specified signed document (created with CreateSignedDoc) using the specified public key. /// </summary> /// <param name="signedDoc"></param> /// <param name="keyPub">Public key</param> /// <returns></returns> public static bool CheckSignature(System.Xml.XmlDocument signedDoc, string keyPub) { System.Security.Cryptography.RSACryptoServiceProvider rsa = new System.Security.Cryptography.RSACryptoServiceProvider(); rsa.FromXmlString(keyPub); // Create a new SignedXml object and pass it // the XML document class. System.Security.Cryptography.Xml.SignedXml sx = new System.Security.Cryptography.Xml.SignedXml(signedDoc); // Load the first <signature> node. sx.LoadXml(GetSignatureFromSignedDoc(signedDoc)); // Check the signature and return the result. return sx.CheckSignature(rsa); }
/// <summary> /// Create a signature xml element for the specified xml document and private key /// </summary> /// <param name="xmlToSign"></param> /// <param name="keyPubPri">Private+public key</param> /// <returns></returns> public static System.Xml.XmlElement CreateSignature(System.Xml.XmlDocument xmlToSign, string keyPubPri) { System.Security.Cryptography.RSACryptoServiceProvider rsa = new System.Security.Cryptography.RSACryptoServiceProvider(); rsa.FromXmlString(keyPubPri); System.Security.Cryptography.Xml.SignedXml sx = new System.Security.Cryptography.Xml.SignedXml(xmlToSign); sx.SigningKey = rsa; // Create a reference to be signed System.Security.Cryptography.Xml.Reference reference = new System.Security.Cryptography.Xml.Reference(""); // Set the canonicalization method for the document. sx.SignedInfo.CanonicalizationMethod = System.Security.Cryptography.Xml.SignedXml.XmlDsigCanonicalizationUrl; // No comments. // Add an enveloped transformation to the reference. System.Security.Cryptography.Xml.XmlDsigEnvelopedSignatureTransform env = new System.Security.Cryptography.Xml.XmlDsigEnvelopedSignatureTransform(false); reference.AddTransform(env); sx.AddReference(reference); sx.ComputeSignature(); return sx.GetXml(); }