public void SaveCard(InformationCard card, X509Certificate2 cert, string filename)
{
XmlDocument doc = CreateInformationCardXML(card);
XmlElement e = SignInformationCardXML(doc, cert);
SaveInformationCard(e, filename);
}
private InformationCard PopulateCard()
{
InformationCard ic = new InformationCard();
ic.CardImage.ImageName = tbCardImage.Text;
ic.CardName = tbCardName.Text;
ic.CardReference.CardID = tbCardID.Text;
ic.CardReference.CardVersion = Convert.ToInt32(tbCardVersion.Text);
ic.Issuer = tbIssuer.Text;
ic.IssuerName = tbIssuerName.Text;
ic.PrivacyNotice = tbPrivacyPolicy.Text;
ic.RequireRPIdentification = cbRequireAppliesTo.Checked;
ic.TimeExpires = dtpTimeExpires.Value;
ic.TimeIssued = dtpTimeIssued.Value;
foreach (DataGridViewRow row in dgvClaims.Rows)
{
CardClaim claim = new CardClaim();
claim.Description = row.Cells["Description"].Value.ToString();
claim.DisplayTag = row.Cells["DisplayTag"].Value.ToString();
claim.Uri = row.Cells["Uri"].Value.ToString();
claim.Value = row.Cells["ClaimValue"].Value.ToString();
ic.SupportedClaimTypeList.Add(claim);
}
if (cblSAML10.Checked)
{
TokenType SAML10 = new TokenType();
SAML10.Name = "SAML10";
SAML10.Uri = "urn:oasis:names:tc:SAML:1.0:assertion";
SAML10.Accepted = true;
ic.AcceptedTokenTypes.Add(SAML10);
}
if (cbSAML11.Checked)
{
TokenType SAML11 = new TokenType();
SAML11.Name = "SAML11";
SAML11.Uri = "http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1";
ic.AcceptedTokenTypes.Add(SAML11);
}
foreach (DataGridViewRow tsRow in dgvTokenServiceList.Rows)
{
TokenService ts = new TokenService();
ts.EndpointReference.Address = tsRow.Cells["Address"].Value.ToString();
ts.EndpointReference.Identity = tsRow.Cells["Identity"].Value.ToString();
ts.EndpointReference.Mex = tsRow.Cells["Mex"].Value.ToString();
ts.UserCredential.DisplayCredentialHint = tsRow.Cells["DisplayCredentialHint"].Value.ToString();
ts.UserCredential.UserCredentialType = (CredentialType)(tsRow.Cells["CredentialType"].Tag);
ts.UserCredential.Value = tsRow.Cells["Value"].Value.ToString();
ic.TokenServiceList.Add(ts);
}
return(ic);
}
private void btnCreatCard_Click(object sender, EventArgs e)
{
InformationCard ic = PopulateCard();
saveFileDialog1.Filter = "Managed Card|*.crd";
DialogResult dr = saveFileDialog1.ShowDialog();
string filename = saveFileDialog1.FileName;
StoreName storeName = StoreName.My;
X509Certificate2 certificate = ManagedCardHelper.RetrieveCertificate(tbCertificatePath.Text);
ManagedCardHelper.SaveCard(ic, certificate, filename);
}
public void SaveCard(InformationCard card, X509Certificate2 cert, string filename)
{
XmlDocument doc = CreateInformationCardXML(card);
SignedXml signed = new SignedXml();
signed.SigningKey = cert.PrivateKey;
signed.Signature.SignedInfo.CanonicalizationMethod = SignedXml.XmlDsigExcC14NTransformUrl;
Reference reference = new Reference();
reference.Uri = "#_Object_InfoCard";
reference.AddTransform(
new XmlDsigExcC14NTransform());
signed.AddReference(reference);
KeyInfo info = new KeyInfo();
KeyInfoX509Data certData = new KeyInfoX509Data(cert, X509IncludeOption.WholeChain);
info.AddClause(certData);
signed.KeyInfo = info;
DataObject cardData = new DataObject("_Object_InfoCard", null, null, doc.DocumentElement);
signed.AddObject(cardData);
signed.ComputeSignature();
XmlElement e = signed.GetXml();
XmlTextWriter fileWriter = new XmlTextWriter(filename, Encoding.UTF8);
e.WriteTo(fileWriter);
//doc.WriteTo(fileWriter); //Added
fileWriter.Flush();
fileWriter.Close();
}
public XmlDocument CreateInformationCardXML(InformationCard card)
{
MemoryStream stream = new MemoryStream();
XmlWriter writer = XmlWriter.Create(stream);
writer.WriteStartElement("InformationCard", "http://schemas.xmlsoap.org/ws/2005/05/identity");
writer.WriteAttributeString("lang", "http://www.w3.org/XML/1998/namespace", "en-US");
writer.WriteStartElement("InformationCardReference", "http://schemas.xmlsoap.org/ws/2005/05/identity");
writer.WriteElementString("CardId", "http://schemas.xmlsoap.org/ws/2005/05/identity", card.CardReference.CardID);
writer.WriteElementString("CardVersion", "http://schemas.xmlsoap.org/ws/2005/05/identity", card.CardReference.CardVersion.ToString());
writer.WriteEndElement();
if (card.CardName != null && card.CardName.Length > 0)
{
writer.WriteStartElement("CardName", "http://schemas.xmlsoap.org/ws/2005/05/identity");
writer.WriteString(card.CardName);
writer.WriteEndElement();
}
if (card.CardImage != null && card.CardImage.ImageName.Length > 0)
{
writer.WriteStartElement("CardImage", "http://schemas.xmlsoap.org/ws/2005/05/identity");
if (card.CardImage != null && card.CardImage.ImageMimeType != null && card.CardImage.ImageMimeType.Length > 0)
{
writer.WriteAttributeString("MimeType", card.CardImage.ImageMimeType);
}
FileInfo cardImage = new FileInfo(card.CardImage.ImageName);
if (cardImage.Exists)
{
byte[] cardImageBytes = new byte[cardImage.Length];
using (FileStream imageFS = cardImage.OpenRead())
{
imageFS.Read(cardImageBytes, 0, cardImageBytes.Length);
}
string imageBase64 = Convert.ToBase64String(cardImageBytes);
writer.WriteString(imageBase64);
writer.WriteEndElement();
}
}
writer.WriteStartElement("Issuer", "http://schemas.xmlsoap.org/ws/2005/05/identity");
writer.WriteString(card.Issuer);
writer.WriteEndElement();
//writer.WriteStartElement("IssuerName", "http://schemas.xmlsoap.org/ws/2005/05/identity");
//writer.WriteString(card.IssuerName);
//writer.WriteEndElement();
writer.WriteStartElement("TimeIssued", "http://schemas.xmlsoap.org/ws/2005/05/identity");
writer.WriteString(XmlConvert.ToString(card.TimeIssued, XmlDateTimeSerializationMode.Utc));
writer.WriteEndElement();
writer.WriteStartElement("TimeExpires", "http://schemas.xmlsoap.org/ws/2005/05/identity");
writer.WriteString(XmlConvert.ToString(card.TimeExpires, XmlDateTimeSerializationMode.Utc));
writer.WriteEndElement();
writer.WriteStartElement("TokenServiceList", "http://schemas.xmlsoap.org/ws/2005/05/identity");
foreach (TokenService ts in card.TokenServiceList)
{
EndpointAddressBuilder endpointBuilder = new EndpointAddressBuilder();
endpointBuilder.Uri = new Uri(ts.EndpointReference.Address);
endpointBuilder.Identity = new X509CertificateEndpointIdentity(RetrieveCertificate(ts.EndpointReference.Identity));
if (null != ts.EndpointReference.Mex)
{
MetadataReference mexReference = new MetadataReference();
mexReference.Address = new EndpointAddress(ts.EndpointReference.Mex);
mexReference.AddressVersion = AddressingVersion.WSAddressing10;
MetadataSection mexSection = new MetadataSection();
mexSection.Metadata = mexReference;
MetadataSet mexSet = new MetadataSet();
mexSet.MetadataSections.Add(mexSection);
MemoryStream mexMemoryStream = new MemoryStream();
XmlTextWriter mexWriter = new XmlTextWriter(mexMemoryStream, System.Text.Encoding.UTF8);
mexSet.WriteTo(mexWriter);
mexWriter.Flush();
mexMemoryStream.Seek(0, SeekOrigin.Begin);
XmlDictionaryReader reader = XmlDictionaryReader.CreateTextReader(mexMemoryStream, XmlDictionaryReaderQuotas.Max);
endpointBuilder.SetMetadataReader(reader);
writer.WriteStartElement("TokenService", "http://schemas.xmlsoap.org/ws/2005/05/identity");
EndpointAddress endpoint = endpointBuilder.ToEndpointAddress();
endpoint.WriteTo(AddressingVersion.WSAddressing10, writer);
writer.WriteStartElement("UserCredential", "http://schemas.xmlsoap.org/ws/2005/05/identity");
if (ts.UserCredential.DisplayCredentialHint != null && ts.UserCredential.DisplayCredentialHint.Length > 0)
{
writer.WriteStartElement("DisplayCredentialHint", "http://schemas.xmlsoap.org/ws/2005/05/identity");
if (ts.UserCredential.UserCredentialType == CredentialType.SelfIssued)
{
//Override the user value as this should be false for types of SelfIssued
ts.UserCredential.DisplayCredentialHint = "false";
}
writer.WriteString(ts.UserCredential.DisplayCredentialHint);
writer.WriteEndElement();
}
switch (ts.UserCredential.UserCredentialType)
{
case CredentialType.SelfIssued:
writer.WriteStartElement("SelfIssuedCredential", "http://schemas.xmlsoap.org/ws/2005/05/identity");
if (!string.IsNullOrEmpty(ts.UserCredential.Value))
{
writer.WriteStartElement("PrivatePersonalIdentifier", "http://schemas.xmlsoap.org/ws/2005/05/identity");
writer.WriteString(ts.UserCredential.Value);
writer.WriteEndElement();
}
writer.WriteEndElement();
break;
case CredentialType.UsernameAndPassword:
writer.WriteStartElement("UsernamePasswordCredential", "http://schemas.xmlsoap.org/ws/2005/05/identity");
if (!string.IsNullOrEmpty(ts.UserCredential.Value))
{
writer.WriteStartElement("Username", "http://schemas.xmlsoap.org/ws/2005/05/identity");
writer.WriteString(ts.UserCredential.Value);
writer.WriteEndElement();
}
writer.WriteEndElement();
break;
case CredentialType.Kerberos:
writer.WriteStartElement("KerberosV5Credential", "http://schemas.xmlsoap.org/ws/2005/05/identity");
writer.WriteEndElement();
break;
case CredentialType.SmartCard:
writer.WriteStartElement("X509V3Credential", "http://schemas.xmlsoap.org/ws/2005/05/identity");
writer.WriteStartElement("X509Data", "http://www.w3.org/2000/09/xmldsig#");
if (!string.IsNullOrEmpty(ts.UserCredential.Value))
{
writer.WriteStartElement("KeyIdentifier", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd");
writer.WriteAttributeString("ValueType",
null,
"http://docs.oasis-open.org/wss/2004/xx/oasis-2004xx-wss-soap-message-security-1.1#ThumbprintSHA1");
writer.WriteString(RetrieveCertificate(ts.UserCredential.Value).Thumbprint);
writer.WriteEndElement();
}
else
{
throw new InvalidDataException("No thumbprint was specified");
}
writer.WriteEndElement();
writer.WriteEndElement();
break;
default:
break;
}
writer.WriteEndElement();
writer.WriteEndElement();
}
}
writer.WriteEndElement(); //end of tokenservice list
//
// tokentypes
//
writer.WriteStartElement("SupportedTokenTypeList", "http://schemas.xmlsoap.org/ws/2005/05/identity");
foreach (TokenType tokenType in card.AcceptedTokenTypes)
{
writer.WriteElementString("TokenType",
"http://schemas.xmlsoap.org/ws/2005/02/trust",
tokenType.Uri);
}
writer.WriteEndElement();
//
// claims
//
writer.WriteStartElement("SupportedClaimTypeList", "http://schemas.xmlsoap.org/ws/2005/05/identity");
foreach (CardClaim claim in card.SupportedClaimTypeList)
{
writer.WriteStartElement("SupportedClaimType", "http://schemas.xmlsoap.org/ws/2005/05/identity");
writer.WriteAttributeString("Uri", claim.Uri);
if (!String.IsNullOrEmpty(claim.DisplayTag))
{
writer.WriteElementString("DisplayTag", "http://schemas.xmlsoap.org/ws/2005/05/identity",
claim.DisplayTag);
}
if (!String.IsNullOrEmpty(claim.Description))
{
writer.WriteElementString("Description", "http://schemas.xmlsoap.org/ws/2005/05/identity",
claim.Description);
}
writer.WriteEndElement();
}
writer.WriteEndElement();
if (card.RequireRPIdentification)
{
writer.WriteElementString("RequireAppliesTo", "http://schemas.xmlsoap.org/ws/2005/05/identity", card.RequireRPIdentification.ToString());
}
if (!String.IsNullOrEmpty(card.PrivacyNotice))
{
writer.WriteStartElement("PrivacyNotice", "http://schemas.xmlsoap.org/ws/2005/05/identity");
writer.WriteString(card.PrivacyNotice);
writer.WriteEndElement();
}
writer.WriteEndElement();
writer.Close();
stream.Position = 0;
XmlDocument doc = new XmlDocument();
doc.PreserveWhitespace = false;
doc.Load(stream);
return(doc);
}
public InformationCardTemplate()
{
_informationCard = new InformationCard();
_certificateInfo = new CertificateInfo();
}
private void PopulateUIFromCardTemplate(string filename)
{
InformationCardTemplate ict = ManagedCardHelper.LoadCardTemplate(filename);
InformationCard ic = ict.InformationCardDefinition;
tbCardImage.Text = ic.CardImage.ImageName;
tbCardName.Text = ic.CardName;
tbCardID.Text = ic.CardReference.CardID;
tbCardVersion.Text = ic.CardReference.CardVersion.ToString();
tbIssuer.Text = ic.Issuer;
tbIssuerName.Text = ic.IssuerName;
tbPrivacyPolicy.Text = ic.PrivacyNotice;
cbRequireAppliesTo.Checked = ic.RequireRPIdentification;
dtpTimeExpires.Value = ic.TimeExpires;
dtpTimeIssued.Value = ic.TimeIssued;
foreach (CardClaim cardClaim in ic.SupportedClaimTypeList)
{
DataGridViewRow row = new DataGridViewRow();
DataGridViewTextBoxCell uri = new DataGridViewTextBoxCell();
DataGridViewTextBoxCell displayTag = new DataGridViewTextBoxCell();
DataGridViewTextBoxCell description = new DataGridViewTextBoxCell();
DataGridViewTextBoxCell claimValue = new DataGridViewTextBoxCell();
uri.Value = cardClaim.Uri;
displayTag.Value = cardClaim.DisplayTag;
description.Value = cardClaim.Description;
claimValue.Value = cardClaim.Value;
row.Cells.Add(uri);
row.Cells.Add(displayTag);
row.Cells.Add(description);
row.Cells.Add(claimValue);
dgvClaims.Rows.Add(row);
}
cbSAML10.Checked = false;
cbSAML11.Checked = false;
foreach (TokenType tokenType in ic.AcceptedTokenTypes)
{
if (tokenType.Name == "SAML10")
{
cbSAML10.Checked = true;
}
if (tokenType.Name == "SAML11")
{
cbSAML11.Checked = true;
}
}
foreach (TokenService ts in ic.TokenServiceList)
{
//Add the token service
DataGridViewTextBoxCell address = new DataGridViewTextBoxCell();
DataGridViewTextBoxCell mex = new DataGridViewTextBoxCell();
DataGridViewTextBoxCell identity = new DataGridViewTextBoxCell();
DataGridViewTextBoxCell credentialType = new DataGridViewTextBoxCell();
DataGridViewTextBoxCell value = new DataGridViewTextBoxCell();
DataGridViewTextBoxCell displayCredentialHint = new DataGridViewTextBoxCell();
DataGridViewRow row = new DataGridViewRow();
address.Value = ts.EndpointReference.Address;
mex.Value = ts.EndpointReference.Mex;
identity.Value = ts.EndpointReference.Identity;
credentialType.Value = ts.UserCredential.UserCredentialType.ToString();
credentialType.Tag = ts.UserCredential.UserCredentialType;
value.Value = ts.UserCredential.Value;
displayCredentialHint.Value = ts.UserCredential.DisplayCredentialHint;
row.Cells.Add(address);
row.Cells.Add(mex);
row.Cells.Add(identity);
row.Cells.Add(credentialType);
row.Cells.Add(value);
row.Cells.Add(displayCredentialHint);
dgvTokenServiceList.Rows.Add(row);
}
cbRequireAppliesTo.Checked = ic.RequireRPIdentification;
}
