private void IncorporateCertificateRefs(CompleteCertificateRefs completeCertificateRefs
, ValidationContext ctx)
{
if (ctx.GetNeededCertificates().Count > 1)
{
foreach (CertificateAndContext certificate in ctx.GetNeededCertificates())
{
X509Certificate x509Cert = certificate.GetCertificate();
//jbonilla Don't include signing certificate
if (!x509Cert.Equals(ctx.GetCertificate()))
{
Cert chainCert = new Cert();
chainCert.IssuerSerial.X509IssuerName = x509Cert.IssuerDN.ToString();
chainCert.IssuerSerial.X509SerialNumber = x509Cert.SerialNumber.ToString();
//TODO jbonilla DigestMethod parameter?
chainCert.CertDigest.DigestMethod.Algorithm = SignedXml.XmlDsigSHA1Url;
chainCert.CertDigest.DigestValue = DotNetUtilities.ToX509Certificate2(x509Cert).GetCertHash();
//unsignedProperties.UnsignedSignatureProperties.CompleteCertificateRefs.Id = "CompleteCertificateRefsId-" + this.uid;
completeCertificateRefs.CertRefs.CertCollection.Add(chainCert);
}
}
}
else
{
throw new ArgumentException("Needed certificates empty", "chain");
}
}
/// <summary>
/// Default constructor
/// </summary>
public UnsignedSignatureProperties()
{
this.counterSignatureCollection = new CounterSignatureCollection();
this.signatureTimeStampCollection = new SignatureTimeStampCollection();
this.completeCertificateRefs = new CompleteCertificateRefs();
this.completeRevocationRefs = new CompleteRevocationRefs();
this.refsOnlyTimeStampFlag = false;
this.sigAndRefsTimeStampCollection = new SignatureTimeStampCollection();
this.refsOnlyTimeStampCollection = new SignatureTimeStampCollection();
this.certificateValues = new CertificateValues();
this.revocationValues = new RevocationValues();
this.archiveTimeStampCollection = new SignatureTimeStampCollection();
}
/// <summary>
/// Default constructor
/// </summary>
public UnsignedSignatureProperties()
{
this.counterSignatureCollection = new CounterSignatureCollection();
this.signatureTimeStampCollection = new SignatureTimeStampCollection();
this.completeCertificateRefs = new CompleteCertificateRefs();
this.completeRevocationRefs = new CompleteRevocationRefs();
this.refsOnlyTimeStampFlag = false;
this.sigAndRefsTimeStampCollection = new SignatureTimeStampCollection();
this.refsOnlyTimeStampCollection = new SignatureTimeStampCollection();
this.certificateValues = new CertificateValues();
this.revocationValues = new RevocationValues();
this.archiveTimeStampCollection = new SignatureTimeStampCollection();
}
/// <summary>
/// Load state from an XML element
/// </summary>
/// <param name="xmlElement">XML element containing new state</param>
/// <param name="counterSignedXmlElement">Element containing parent signature (needed if there are counter signatures)</param>
public void LoadXml(System.Xml.XmlElement xmlElement, XmlElement counterSignedXmlElement)
{
XmlNamespaceManager xmlNamespaceManager;
XmlNodeList xmlNodeList;
IEnumerator enumerator;
XmlElement iterationXmlElement;
XadesSignedXml newXadesSignedXml;
TimeStamp newTimeStamp;
XmlElement counterSignatureElement;
if (xmlElement == null)
{
throw new ArgumentNullException("xmlElement");
}
xmlNamespaceManager = new XmlNamespaceManager(xmlElement.OwnerDocument.NameTable);
xmlNamespaceManager.AddNamespace("xades", XadesSignedXml.XadesNamespaceUri);
xmlNamespaceManager.AddNamespace("xadesv141", XadesSignedXml.XadesNamespace141Uri);
this.counterSignatureCollection.Clear();
xmlNodeList = xmlElement.SelectNodes("xades:CounterSignature", xmlNamespaceManager);
enumerator = xmlNodeList.GetEnumerator();
try
{
while (enumerator.MoveNext())
{
iterationXmlElement = enumerator.Current as XmlElement;
if (iterationXmlElement != null)
{
if (counterSignedXmlElement != null)
{
newXadesSignedXml = new XadesSignedXml(counterSignedXmlElement);
}
else
{
newXadesSignedXml = new XadesSignedXml();
}
//Skip any whitespace at start
counterSignatureElement = null;
for (int childNodeCounter = 0; (childNodeCounter < iterationXmlElement.ChildNodes.Count) && (counterSignatureElement == null); childNodeCounter++)
{
if (iterationXmlElement.ChildNodes[childNodeCounter] is XmlElement)
{
counterSignatureElement = (XmlElement)iterationXmlElement.ChildNodes[childNodeCounter];
}
}
if (counterSignatureElement != null)
{
newXadesSignedXml.LoadXml(counterSignatureElement);
this.counterSignatureCollection.Add(newXadesSignedXml);
}
else
{
throw new CryptographicException("CounterSignature element does not contain signature");
}
}
}
}
finally
{
IDisposable disposable = enumerator as IDisposable;
if (disposable != null)
{
disposable.Dispose();
}
}
this.signatureTimeStampCollection.Clear();
xmlNodeList = xmlElement.SelectNodes("xades:SignatureTimeStamp", xmlNamespaceManager);
enumerator = xmlNodeList.GetEnumerator();
try
{
while (enumerator.MoveNext())
{
iterationXmlElement = enumerator.Current as XmlElement;
if (iterationXmlElement != null)
{
newTimeStamp = new TimeStamp("SignatureTimeStamp");
newTimeStamp.LoadXml(iterationXmlElement);
this.signatureTimeStampCollection.Add(newTimeStamp);
}
}
}
finally
{
IDisposable disposable = enumerator as IDisposable;
if (disposable != null)
{
disposable.Dispose();
}
}
xmlNodeList = xmlElement.SelectNodes("xades:CompleteCertificateRefs", xmlNamespaceManager);
if (xmlNodeList.Count != 0)
{
this.completeCertificateRefs = new CompleteCertificateRefs();
this.completeCertificateRefs.LoadXml((XmlElement)xmlNodeList.Item(0));
}
else
{
this.completeCertificateRefs = null;
}
xmlNodeList = xmlElement.SelectNodes("xades:CompleteRevocationRefs", xmlNamespaceManager);
if (xmlNodeList.Count != 0)
{
this.CompleteRevocationRefs = new CompleteRevocationRefs();
this.CompleteRevocationRefs.LoadXml((XmlElement)xmlNodeList.Item(0));
}
else
{
this.completeRevocationRefs = null;
}
this.sigAndRefsTimeStampCollection.Clear();
this.refsOnlyTimeStampCollection.Clear();
xmlNodeList = xmlElement.SelectNodes("xades:SigAndRefsTimeStamp", xmlNamespaceManager);
if (xmlNodeList.Count > 0)
{
this.refsOnlyTimeStampFlag = false;
enumerator = xmlNodeList.GetEnumerator();
try
{
while (enumerator.MoveNext())
{
iterationXmlElement = enumerator.Current as XmlElement;
if (iterationXmlElement != null)
{
newTimeStamp = new TimeStamp("SigAndRefsTimeStamp");
newTimeStamp.LoadXml(iterationXmlElement);
this.sigAndRefsTimeStampCollection.Add(newTimeStamp);
}
}
}
finally
{
IDisposable disposable = enumerator as IDisposable;
if (disposable != null)
{
disposable.Dispose();
}
}
}
else
{
xmlNodeList = xmlElement.SelectNodes("xades:RefsOnlyTimeStamp", xmlNamespaceManager);
if (xmlNodeList.Count > 0)
{
this.refsOnlyTimeStampFlag = true;
enumerator = xmlNodeList.GetEnumerator();
try
{
while (enumerator.MoveNext())
{
iterationXmlElement = enumerator.Current as XmlElement;
if (iterationXmlElement != null)
{
newTimeStamp = new TimeStamp("RefsOnlyTimeStamp");
newTimeStamp.LoadXml(iterationXmlElement);
this.refsOnlyTimeStampCollection.Add(newTimeStamp);
}
}
}
finally
{
IDisposable disposable = enumerator as IDisposable;
if (disposable != null)
{
disposable.Dispose();
}
}
}
else
{
this.refsOnlyTimeStampFlag = false;
}
}
xmlNodeList = xmlElement.SelectNodes("xades:CertificateValues", xmlNamespaceManager);
if (xmlNodeList.Count != 0)
{
this.certificateValues = new CertificateValues();
this.certificateValues.LoadXml((XmlElement)xmlNodeList.Item(0));
}
else
{
this.certificateValues = null;
}
xmlNodeList = xmlElement.SelectNodes("xades:RevocationValues", xmlNamespaceManager);
if (xmlNodeList.Count != 0)
{
this.revocationValues = new RevocationValues();
this.revocationValues.LoadXml((XmlElement)xmlNodeList.Item(0));
}
else
{
this.revocationValues = null;
}
this.archiveTimeStampCollection.Clear();
xmlNodeList = xmlElement.SelectNodes("xades:ArchiveTimeStamp", xmlNamespaceManager);
xmlNodeList = xmlElement.SelectNodes("xadesv141:ArchiveTimeStamp", xmlNamespaceManager);
enumerator = xmlNodeList.GetEnumerator();
try
{
while (enumerator.MoveNext())
{
iterationXmlElement = enumerator.Current as XmlElement;
if (iterationXmlElement != null)
{
newTimeStamp = new TimeStamp("ArchiveTimeStamp");
newTimeStamp.LoadXml(iterationXmlElement);
this.archiveTimeStampCollection.Add(newTimeStamp);
}
}
}
finally
{
IDisposable disposable = enumerator as IDisposable;
if (disposable != null)
{
disposable.Dispose();
}
}
xmlNodeList = xmlElement.SelectNodes("xadesv141:ArchiveTimeStamp", xmlNamespaceManager);
enumerator = xmlNodeList.GetEnumerator();
try
{
while (enumerator.MoveNext())
{
iterationXmlElement = enumerator.Current as XmlElement;
if (iterationXmlElement != null)
{
newTimeStamp = new TimeStamp("ArchiveTimeStamp", "xadesv141", XadesSignedXml.XadesNamespace141Uri);
newTimeStamp.LoadXml(iterationXmlElement);
this.archiveTimeStampCollection.Add(newTimeStamp);
}
}
}
finally
{
IDisposable disposable = enumerator as IDisposable;
if (disposable != null)
{
disposable.Dispose();
}
}
}
/// <summary>
/// Load state from an XML element
/// </summary>
/// <param name="xmlElement">XML element containing new state</param>
/// <param name="counterSignedXmlElement">Element containing parent signature (needed if there are counter signatures)</param>
public void LoadXml(System.Xml.XmlElement xmlElement, XmlElement counterSignedXmlElement)
{
XmlNamespaceManager xmlNamespaceManager;
XmlNodeList xmlNodeList;
IEnumerator enumerator;
XmlElement iterationXmlElement;
XadesSignedXml newXadesSignedXml;
TimeStamp newTimeStamp;
XmlElement counterSignatureElement;
if (xmlElement == null)
{
throw new ArgumentNullException("xmlElement");
}
xmlNamespaceManager = new XmlNamespaceManager(xmlElement.OwnerDocument.NameTable);
xmlNamespaceManager.AddNamespace("xsd", XadesSignedXml.XadesNamespaceUri);
this.counterSignatureCollection.Clear();
xmlNodeList = xmlElement.SelectNodes("xsd:CounterSignature", xmlNamespaceManager);
enumerator = xmlNodeList.GetEnumerator();
try
{
while (enumerator.MoveNext())
{
iterationXmlElement = enumerator.Current as XmlElement;
if (iterationXmlElement != null)
{
if (counterSignedXmlElement != null)
{
newXadesSignedXml = new XadesSignedXml(counterSignedXmlElement);
}
else
{
newXadesSignedXml = new XadesSignedXml();
}
//Skip any whitespace at start
counterSignatureElement = null;
for (int childNodeCounter = 0; (childNodeCounter < iterationXmlElement.ChildNodes.Count) && (counterSignatureElement == null); childNodeCounter++)
{
if (iterationXmlElement.ChildNodes[childNodeCounter] is XmlElement)
{
counterSignatureElement = (XmlElement)iterationXmlElement.ChildNodes[childNodeCounter];
}
}
if (counterSignatureElement != null)
{
newXadesSignedXml.LoadXml(counterSignatureElement);
this.counterSignatureCollection.Add(newXadesSignedXml);
}
else
{
throw new CryptographicException("CounterSignature element does not contain signature");
}
}
}
}
finally
{
IDisposable disposable = enumerator as IDisposable;
if (disposable != null)
{
disposable.Dispose();
}
}
this.signatureTimeStampCollection.Clear();
xmlNodeList = xmlElement.SelectNodes("xsd:SignatureTimeStamp", xmlNamespaceManager);
enumerator = xmlNodeList.GetEnumerator();
try
{
while (enumerator.MoveNext())
{
iterationXmlElement = enumerator.Current as XmlElement;
if (iterationXmlElement != null)
{
newTimeStamp = new TimeStamp("SignatureTimeStamp");
newTimeStamp.LoadXml(iterationXmlElement);
this.signatureTimeStampCollection.Add(newTimeStamp);
}
}
}
finally
{
IDisposable disposable = enumerator as IDisposable;
if (disposable != null)
{
disposable.Dispose();
}
}
xmlNodeList = xmlElement.SelectNodes("xsd:CompleteCertificateRefs", xmlNamespaceManager);
if (xmlNodeList.Count != 0)
{
this.completeCertificateRefs = new CompleteCertificateRefs();
this.completeCertificateRefs.LoadXml((XmlElement)xmlNodeList.Item(0));
}
else
{
this.completeCertificateRefs = null;
}
xmlNodeList = xmlElement.SelectNodes("xsd:CompleteRevocationRefs", xmlNamespaceManager);
if (xmlNodeList.Count != 0)
{
this.CompleteRevocationRefs = new CompleteRevocationRefs();
this.CompleteRevocationRefs.LoadXml((XmlElement)xmlNodeList.Item(0));
}
else
{
this.completeRevocationRefs = null;
}
this.sigAndRefsTimeStampCollection.Clear();
this.refsOnlyTimeStampCollection.Clear();
xmlNodeList = xmlElement.SelectNodes("xsd:SigAndRefsTimeStamp", xmlNamespaceManager);
if (xmlNodeList.Count > 0)
{
this.refsOnlyTimeStampFlag = false;
enumerator = xmlNodeList.GetEnumerator();
try
{
while (enumerator.MoveNext())
{
iterationXmlElement = enumerator.Current as XmlElement;
if (iterationXmlElement != null)
{
newTimeStamp = new TimeStamp("SigAndRefsTimeStamp");
newTimeStamp.LoadXml(iterationXmlElement);
this.sigAndRefsTimeStampCollection.Add(newTimeStamp);
}
}
}
finally
{
IDisposable disposable = enumerator as IDisposable;
if (disposable != null)
{
disposable.Dispose();
}
}
}
else
{
xmlNodeList = xmlElement.SelectNodes("xsd:RefsOnlyTimeStamp", xmlNamespaceManager);
if (xmlNodeList.Count > 0)
{
this.refsOnlyTimeStampFlag = true;
enumerator = xmlNodeList.GetEnumerator();
try
{
while (enumerator.MoveNext())
{
iterationXmlElement = enumerator.Current as XmlElement;
if (iterationXmlElement != null)
{
newTimeStamp = new TimeStamp("RefsOnlyTimeStamp");
newTimeStamp.LoadXml(iterationXmlElement);
this.refsOnlyTimeStampCollection.Add(newTimeStamp);
}
}
}
finally
{
IDisposable disposable = enumerator as IDisposable;
if (disposable != null)
{
disposable.Dispose();
}
}
}
else
{
this.refsOnlyTimeStampFlag = false;
}
}
xmlNodeList = xmlElement.SelectNodes("xsd:CertificateValues", xmlNamespaceManager);
if (xmlNodeList.Count != 0)
{
this.certificateValues = new CertificateValues();
this.certificateValues.LoadXml((XmlElement)xmlNodeList.Item(0));
}
else
{
this.certificateValues = null;
}
xmlNodeList = xmlElement.SelectNodes("xsd:RevocationValues", xmlNamespaceManager);
if (xmlNodeList.Count != 0)
{
this.revocationValues = new RevocationValues();
this.revocationValues.LoadXml((XmlElement)xmlNodeList.Item(0));
}
else
{
this.revocationValues = null;
}
this.archiveTimeStampCollection.Clear();
xmlNodeList = xmlElement.SelectNodes("xsd:ArchiveTimeStamp", xmlNamespaceManager);
enumerator = xmlNodeList.GetEnumerator();
try
{
while (enumerator.MoveNext())
{
iterationXmlElement = enumerator.Current as XmlElement;
if (iterationXmlElement != null)
{
newTimeStamp = new TimeStamp("ArchiveTimeStamp");
newTimeStamp.LoadXml(iterationXmlElement);
this.archiveTimeStampCollection.Add(newTimeStamp);
}
}
}
finally
{
IDisposable disposable = enumerator as IDisposable;
if (disposable != null)
{
disposable.Dispose();
}
}
}
protected internal override void ExtendSignatureTag(XadesSignedXml xadesSignedXml)
{
base.ExtendSignatureTag(xadesSignedXml);
X509Certificate signingCertificate = DotNetUtilities.FromX509Certificate(
xadesSignedXml.GetSigningCertificate());
DateTime signingTime = xadesSignedXml.XadesObject.QualifyingProperties
.SignedProperties.SignedSignatureProperties.SigningTime;
ValidationContext ctx = certificateVerifier.ValidateCertificate(signingCertificate
, signingTime, new XAdESCertificateSource(xadesSignedXml.GetXml(), false), null, null);
UnsignedProperties unsignedProperties = xadesSignedXml.UnsignedProperties;
var completeCertificateRefs = new CompleteCertificateRefs();
IncorporateCertificateRefs(completeCertificateRefs, ctx);
unsignedProperties.UnsignedSignatureProperties.CompleteCertificateRefs = completeCertificateRefs;
var completeRevocationRefs = new CompleteRevocationRefs();
IncorporateOCSPRefs(completeRevocationRefs, ctx);
IncorporateCRLRefs(completeRevocationRefs, ctx);
unsignedProperties.UnsignedSignatureProperties.CompleteRevocationRefs = completeRevocationRefs;
xadesSignedXml.UnsignedProperties = unsignedProperties;
}
