public static XmlDocument AssinarXML(this XmlDocument xmlDocument, string tagAssinatura)
{
var certificado = Config.Certificado;
var reference = new System.Security.Cryptography.Xml.Reference
{
Uri = ""
};
var signedXml = new System.Security.Cryptography.Xml.SignedXml(xmlDocument)
{
SigningKey = certificado.PrivateKey
};
reference.AddTransform(new System.Security.Cryptography.Xml.XmlDsigEnvelopedSignatureTransform());
reference.AddTransform(new System.Security.Cryptography.Xml.XmlDsigC14NTransform());
signedXml.AddReference(reference);
var keyInfo = new System.Security.Cryptography.Xml.KeyInfo();
keyInfo.AddClause(new System.Security.Cryptography.Xml.KeyInfoX509Data(certificado));
signedXml.KeyInfo = keyInfo;
signedXml.ComputeSignature();
var xmlDigitalSignature = signedXml.GetXml();
xmlDocument.GetElementsByTagName(tagAssinatura)[0].AppendChild(xmlDocument.ImportNode(xmlDigitalSignature, true));
return(xmlDocument);
}
/// <summary>
/// Check the signature of the specified signed document (created with CreateSignedDoc) using the specified public key.
/// </summary>
/// <param name="signedDoc"></param>
/// <param name="keyPub">Public key</param>
/// <returns></returns>
public static bool CheckSignature(System.Xml.XmlDocument signedDoc, string keyPub)
{
System.Security.Cryptography.RSACryptoServiceProvider rsa = new System.Security.Cryptography.RSACryptoServiceProvider();
rsa.FromXmlString(keyPub);
// Create a new SignedXml object and pass it
// the XML document class.
System.Security.Cryptography.Xml.SignedXml sx = new System.Security.Cryptography.Xml.SignedXml(signedDoc);
// Load the first <signature> node.
sx.LoadXml(GetSignatureFromSignedDoc(signedDoc));
// Check the signature and return the result.
return(sx.CheckSignature(rsa));
}
// Sign an XML file.
// This document cannot be verified unless the verifying
// code has the key with which it was signed.
public static void SignXml(System.Xml.XmlDocument Doc, RSA Key)
{
// Check arguments.
if (Doc == null)
{
throw new ArgumentException("Doc");
}
if (Key == null)
{
throw new ArgumentException("Key");
}
// Create a SignedXml object.
var signedXml = new System.Security.Cryptography.Xml.SignedXml(Doc);
// Add the key to the SignedXml document.
signedXml.SigningKey = Key;
// Create a reference to be signed.
var reference = new System.Security.Cryptography.Xml.Reference();
reference.Uri = "";
// Add an enveloped transformation to the reference.
var env = new System.Security.Cryptography.Xml.XmlDsigEnvelopedSignatureTransform();
reference.AddTransform(env);
// Add the reference to the SignedXml object.
signedXml.AddReference(reference);
// Compute the signature.
signedXml.ComputeSignature();
// Get the XML representation of the signature and save
// it to an XmlElement object.
XmlElement xmlDigitalSignature = signedXml.GetXml();
// Append the element to the XML document.
Doc.DocumentElement.AppendChild(Doc.ImportNode(xmlDigitalSignature, true));
}
// Verify the signature of an XML file against an asymmetric
// algorithm and return the result.
private Boolean VerifyXml(XmlDocument Doc, RSA Key)
{
// Check arguments.
if (Doc == null)
{
throw new ArgumentException("Doc");
}
if (Key == null)
{
throw new ArgumentException("Key");
}
// Create a new SignedXml object and pass it
// the XML document class.
var signedXml = new System.Security.Cryptography.Xml.SignedXml(Doc);
// Find the "Signature" node and create a new XmlNodeList object.
XmlNodeList nodeList = Doc.GetElementsByTagName("Signature");
// Throw an exception if no signature was found.
if (nodeList.Count <= 0)
{
throw new CryptographicException("Verification failed: No Signature was found in the document.");
}
// Though it is possible to have multiple signatures on
// an XML document, this app only supports one signature for
// the entire XML document. Throw an exception
// if more than one signature was found.
if (nodeList.Count >= 2)
{
throw new CryptographicException("Verification failed: More that one signature was found for the document.");
}
// Load the first <signature> node.
signedXml.LoadXml((XmlElement)nodeList[0]);
// Check the signature and return the result.
return(signedXml.CheckSignature(Key));
}
/// <summary>
/// Create a signature xml element for the specified xml document and private key
/// </summary>
/// <param name="xmlToSign"></param>
/// <param name="keyPubPri">Private+public key</param>
/// <returns></returns>
public static System.Xml.XmlElement CreateSignature(System.Xml.XmlDocument xmlToSign, string keyPubPri)
{
System.Security.Cryptography.RSACryptoServiceProvider rsa = new System.Security.Cryptography.RSACryptoServiceProvider();
rsa.FromXmlString(keyPubPri);
System.Security.Cryptography.Xml.SignedXml sx = new System.Security.Cryptography.Xml.SignedXml(xmlToSign);
sx.SigningKey = rsa;
// Create a reference to be signed
System.Security.Cryptography.Xml.Reference reference = new System.Security.Cryptography.Xml.Reference("");
// Set the canonicalization method for the document.
sx.SignedInfo.CanonicalizationMethod = System.Security.Cryptography.Xml.SignedXml.XmlDsigCanonicalizationUrl; // No comments.
// Add an enveloped transformation to the reference.
System.Security.Cryptography.Xml.XmlDsigEnvelopedSignatureTransform env = new System.Security.Cryptography.Xml.XmlDsigEnvelopedSignatureTransform(false);
reference.AddTransform(env);
sx.AddReference(reference);
sx.ComputeSignature();
return(sx.GetXml());
}
/// <summary>
/// Check the signature of the specified signed document (created with CreateSignedDoc) using the specified public key.
/// </summary>
/// <param name="signedDoc"></param>
/// <param name="keyPub">Public key</param>
/// <returns></returns>
public static bool CheckSignature(System.Xml.XmlDocument signedDoc, string keyPub)
{
System.Security.Cryptography.RSACryptoServiceProvider rsa = new System.Security.Cryptography.RSACryptoServiceProvider();
rsa.FromXmlString(keyPub);
// Create a new SignedXml object and pass it
// the XML document class.
System.Security.Cryptography.Xml.SignedXml sx = new System.Security.Cryptography.Xml.SignedXml(signedDoc);
// Load the first <signature> node.
sx.LoadXml(GetSignatureFromSignedDoc(signedDoc));
// Check the signature and return the result.
return sx.CheckSignature(rsa);
}
/// <summary>
/// Create a signature xml element for the specified xml document and private key
/// </summary>
/// <param name="xmlToSign"></param>
/// <param name="keyPubPri">Private+public key</param>
/// <returns></returns>
public static System.Xml.XmlElement CreateSignature(System.Xml.XmlDocument xmlToSign, string keyPubPri)
{
System.Security.Cryptography.RSACryptoServiceProvider rsa = new System.Security.Cryptography.RSACryptoServiceProvider();
rsa.FromXmlString(keyPubPri);
System.Security.Cryptography.Xml.SignedXml sx = new System.Security.Cryptography.Xml.SignedXml(xmlToSign);
sx.SigningKey = rsa;
// Create a reference to be signed
System.Security.Cryptography.Xml.Reference reference = new System.Security.Cryptography.Xml.Reference("");
// Set the canonicalization method for the document.
sx.SignedInfo.CanonicalizationMethod = System.Security.Cryptography.Xml.SignedXml.XmlDsigCanonicalizationUrl; // No comments.
// Add an enveloped transformation to the reference.
System.Security.Cryptography.Xml.XmlDsigEnvelopedSignatureTransform env = new System.Security.Cryptography.Xml.XmlDsigEnvelopedSignatureTransform(false);
reference.AddTransform(env);
sx.AddReference(reference);
sx.ComputeSignature();
return sx.GetXml();
}
