protected void SaveNewSignatures(XmlDocument document, XmlElement containerElement)
{
if (!NewSigners.Any())
{
return;
}
// We need an ID on the element to sign it, so let's give it the same ID as its name.
// Unless it already has an ID, of course, in which case use the existing one.
var elementId = containerElement.GetAttribute("id");
if (elementId == "")
{
containerElement.SetAttribute("id", ContainerName);
elementId = ContainerName;
}
// Add any signatures and mark them as applied.
foreach (var signer in _newSigners.ToArray())
{
var signature = CryptographyHelpers.SignXmlElement(document, elementId, signer);
_newSigners.Remove(signer);
_loadedSignatures.Add(new Tuple <XmlElement, X509Certificate2>(signature, signer));
}
}
/// <summary>
/// Applies a digital signature to the collection.
///
/// The signature is generated when the document is saved, so you can still modify the collection after this call.
/// </summary>
public void AddSignature(X509Certificate2 signerCertificate)
{
if (signerCertificate == null)
{
throw new ArgumentNullException(nameof(signerCertificate));
}
// Cannot add signatures to the collection if the document itself is signed!
Document.VerifyIsNotReadOnly();
if (SignedBy.Contains(signerCertificate))
{
throw new InvalidOperationException("The collection is already signed by this identity.");
}
CryptographyHelpers.ValidateSignerCertificate(signerCertificate);
_newSigners.Add(signerCertificate);
}
internal override void ValidateNewEntity(CpixDocument document)
{
CryptographyHelpers.ValidateRecipientCertificateAndPublicKey(Certificate);
}