private TElX509Certificate LoadCertificate(string credentialsID, string access_token)
{
JsonSerializer serializer = new JsonSerializer();
ErrorLogger errorLogger = new ErrorLogger();
CredentialsInfoClient credInfoClient = new CredentialsInfoClient(serializer, errorLogger, baseURL);
InputCredentialsInfo credentialsInfo = new InputCredentialsInfo()
{
credentialID = credentialsID
};
string temp = credInfoClient.GetCredentialsInfo(access_token, credentialsInfo).ToString();
// string temp = serializer.Serialize(outputCredentials);
if (!temp.Contains("error") && temp != "")
{
OutputCredentialsInfo output = serializer.Deserialize <OutputCredentialsInfo>(temp);
string certificate = output.cert.certificates.FirstOrDefault();
TElX509Certificate cert = new TElX509Certificate();
byte[] certBuf = Encoding.UTF8.GetBytes(certificate);
int r = cert.LoadFromBufferAuto(certBuf, 0, certBuf.Length, "");
if (r != 0)
{
throw new Exception("Certificate read error: " + r.ToString());
}
return(cert);
}
else
{
return(null);
}
}
public static void Main(string[] args)
{
SBUtils.__Global.SetLicenseKey("7B0A4EDFB25FC655C2EA69AE540B9F5C6B28AE03FE65D85C1260529DEBB9B8FE1CA202F19415DCA4240AA70908D514E55EFDE622EB426259CB854D2B637DAC4C96B3599BBBA206841ACF143C80514AF748C35E223D553E51900A64580840E52A66DFC75FEFE52E531A2BA1DF9C5318845E1F8D9197E20AE33CB52C69AB43635A5035CA0884700A8DD763DC635D3D972D64B7932A48504B84B62374B6E0FF03E2F98B7EDB94C0C27A4D0F6223665C8046086C236EB49F97B33169E45CA68C99C0970C46E95D9063AFA11E2D2AAD094A407EEB56F8DB4AD15983806F7CA3960A19D519A66A73A878CED8430E044A4888381959C2E121A879E3E65E94A236C77A4F");
TElX509Certificate cert = new TElX509Certificate();
cert.LoadFromFileAuto("C:\\Users\\tcheemakurthy\\Desktop\\PrivateKey.pfx", "123456");
//var x = cert.Get;
X509Certificate
}
public void vyber_certifikat_by_row_index(int row_index)
{
int x_k = 0;
//int x_row_index = 0;
//x_row_index = row_index;
//MessageBox.Show(dataGridView1.Rows[0].Cells[5].Value.ToString());
x_k = Convert.ToInt32(dataGridView1.Rows[row_index].Cells[5].Value.ToString());
X_tei_certificate = PKCS11CertStorage.get_Certificates(x_k);
//musím tady provést kontrolu na certifikáty
//bool mam_kvalifikovany = false;
//bool QESCD = false;
//zde prověřím platnosti daného certifikátu
/*foreach (TElCertificateExtensions extension in X_tei_certificate.Extensions)
* {
* if (extension.Format(true).Contains("0.4.0.194112.1.0"))
* {
* QESCD = false;
* mam_kvalifikovany = true;
* vysledek = true;
* }158,,
* else if (extension.Format(true).Contains("0.4.0.194112.1.2"))
* {
* QESCD = true;
* mam_kvalifikovany = true;
* vysledek = true;
* }
* else if (extension.Format(true).Contains("1.2.203.27112489.1.10.5.1.2"))
* {
* QESCD = true;
* mam_kvalifikovany = true;
* vysledek = true;
* }
* else if (extension.Format(true).Contains("1.2.203.27112489.1.10.1.2.7"))
* {
* QESCD = false;
* mam_kvalifikovany = true;
* vysledek = true;
* }
* }
*
*
*/
DialogResult = DialogResult.OK;
}
public void OnCertificateNeededEvent(object sender, ref TElX509Certificate concern)
{
if (!useCertificate || certificateIndex != 0)
{
concern = null;
return;
}
concern = certificate;
certificateIndex++;
}
public SecureBlackboxFtpHandler(SecureBlackboxFtpConfiguration configuration)
{
serverSsl = configuration.FtpSsl;
serverPort = configuration.FtpPort;
server = configuration.FtpRemoteServer;
username = configuration.FtpUsername;
password = configuration.FtpPassword;
certificateKey = configuration.PfxKeyIdentifier;
certificatePath = configuration.PfxFileName;
certificatePassphrase = configuration.PfxPassphrase;
memoryCertificateStorage = new TElMemoryCertStorage();
certificate = new TElX509Certificate();
}
public SecureBlackboxFtpHandler(string server, string username, string password, string certificatePath, string certificatePassphrase)
{
this.server = server;
this.username = username;
this.password = password;
this.certificatePath = certificatePath;
this.certificatePassphrase = certificatePassphrase;
serverSsl = true;
serverPort = 21;
certificateKey = string.Empty;
memoryCertificateStorage = new TElMemoryCertStorage();
certificate = new TElX509Certificate();
}
public token_list_form()
{
InitializeComponent();
SBUtils.Unit.SetLicenseKey("5E1C594FD406A87D1AD78BD5FCEA6FEEE38E810EB2FBDBC0D2256E9DBAD4D41776F64EF9252CBB192C73CDDB50C9E16E77D0635DC51244BFECC4F1A8539AE70505B7C95FE34A43CCBA155DA8730346C7154F294051EDFBE3F83637A09981F7D82F3F37FFF4AE8C89640094BE8BCCE8CE98966FAC32130DF51ED9AA38EE29EDCEC2F81866424B90656003B0532F65CB2C88A99F4EA7252A57CAF018913C3452963ECE32020D1BF1EFBDE1B16FA6BA0DAF3D0536ABBC24F9C95E4AF8FE300CF2B3F32EC767279CC091ECDC4B7E4A7D7AFAE9164C1117A9FAC8A4307D36C9A1552FD47247B429B6C1AB5E0291B60FAAFEBC2E79A392537A8CD408664CAC20D8F5D3");
//Document = new TElPDFDocument();
//Document.OwnActivatedSecurityHandlers = true;
//PublicKeyHandler = new TElPDFPublicKeySecurityHandler();
//CertStorage = new TElMemoryCertStorage();
Cert = new TElX509Certificate();
PKCS11CertStorage = new TElPKCS11CertStorage();
X_tei_certificate = new TElX509Certificate();
//HTTPClient = new TElHTTPSClient();
//TSPClient = new TElHTTPTSPClient();
//SystemStore = new TElWinCertStorage();
}
void PopulateCertList(TElCustomCertStorage certStorage)
{
Cursor = Cursors.WaitCursor;
//int i = 0;
for (int i = 0; i < certStorage.Count; i++)
{
TElX509Certificate Cert = certStorage.get_Certificates(i);
TElCertificateExtensions extension = new TElCertificateExtensions();
extension = Cert.Extensions;
//zjistím ostatní extension
int count_other = 0;
count_other = extension.OtherCount;
if (count_other >= 0)
{
for (int ic = 0; ic < count_other; ic++)
{
TElCustomExtension xxxv = Cert.Extensions.get_OtherExtensions(ic);
string ccc = SBStrUtils.Unit.OIDToStr(xxxv.OID);
if (ccc == "1.3.6.1.5.5.7.1.3")
{
//mam element qcStatements
int typ_kvalifikovaneho_prostredku = 0;
if (over_certifikat(xxxv.Value, ref typ_kvalifikovaneho_prostredku))
{
dataGridView1.Rows.Add(Cert.SubjectName.CommonName, Cert.IssuerName.CommonName, Convert.ToDateTime(Cert.ValidTo), "", SBUtils.Unit.BinaryToString(Cert.SerialNumber), i);
}
}
}
}
}
Cursor = Cursors.Default;
if (dataGridView1.RowCount > 0)
{
dataGridView1.Sort(dataGridViewTextBoxColumn3, ListSortDirection.Ascending);
dataGridView1.ClearSelection();
button3.Enabled = true;
}
}
static HttpsSocket()
{
m_config = Configuration.ServerConfig.GetConfig();
if (string.IsNullOrEmpty(m_config.SSLLicenseKey))
{
// Get default License key
SBUtils.Unit.SetLicenseKey(SSL_EVAL_LICENSE_KEY);
}
else
{
SBUtils.Unit.SetLicenseKey(m_config.SSLLicenseKey);
}
// Set security protocols
if (m_config.Security.Tls10)
{
m_protocols += SBSSLConstants.Unit.sbTLS1;
}
if (m_config.Security.Tls11)
{
m_protocols += SBSSLConstants.Unit.sbTLS11;
}
if (m_config.Security.Tls12)
{
m_protocols += SBSSLConstants.Unit.sbTLS12;
}
if (m_config.Security.ResumeSession)
{
m_sessionPool = new SBSessionPool.TElSessionPool();
}
#if WindowsCE
TElX509Certificate cert = LoadCertificate(m_config.CertificateName, m_config.CertificatePassword);
m_certStorage.Add(cert, "Root", true, false, false);
TElX509Certificate a = m_certStorage.GetCertificates(0);
int b = m_certStorage.Count;
m_certStorage.SystemStores.Add("Root");
#else
m_certStorage.Add(LoadCertificate(m_config.CertificateName, m_config.CertificatePassword), true);
#endif
}
private static void LoadCertificate(FileStream F, string Password, TElXMLKeyInfoX509Data X509KeyData)
{
int CertFormat;
X509KeyData.Certificate = new TElX509Certificate();
try
{
CertFormat = TElX509Certificate.DetectCertFileFormat(F);
F.Position = 0;
switch (CertFormat)
{
case SBX509.Unit.cfDER:
{
X509KeyData.Certificate.LoadFromStream(F, 0);
break;
}
case SBX509.Unit.cfPEM:
{
X509KeyData.Certificate.LoadFromStreamPEM(F, Password, 0);
break;
}
case SBX509.Unit.cfPFX:
{
X509KeyData.Certificate.LoadFromStreamPFX(F, Password, 0);
break;
}
default:
{
X509KeyData.Certificate.Dispose();
X509KeyData.Certificate = null;
break;
}
}
}
catch
{
X509KeyData.Certificate.Dispose();
X509KeyData.Certificate = null;
}
}
private static TElX509Certificate LoadCertificate(string certificateName, string certificatePassword)
{
// We do not use LoadFromFileAuto or LoadFromBuffer here because it works only on desktop => Invalid Certificate Data on WinCe
// TODO : deal with PEM & SPC
using (FileStream fs = new FileStream(certificateName, FileMode.Open))
{
TElX509Certificate cert = new TElX509Certificate();
switch (cert.LoadFromStreamPFX(fs, certificatePassword, 0))
{
case 0:
return(cert);
case 7955: // SB_PKCS12_ERROR_INVALID_PASSWORD
throw new HttpException("Invalid certificate password");
default:
throw new HttpException(string.Format("Unable to load the certificate from '{0}'", certificateName));
}
}
}
public void OnCertificateValidateEvent(object sender, TElX509Certificate concern, ref bool validate)
{
var reason = 0;
var validity = TSBCertificateValidity.cvInvalid;
client.InternalValidate(ref validity, ref reason);
if ((validity | (TSBCertificateValidity.cvOk | TSBCertificateValidity.cvSelfSigned)) == 0)
{
validity = memoryCertificateStorage.Validate(certificate, ref reason, DateTime.Now);
if ((validity | (TSBCertificateValidity.cvOk | TSBCertificateValidity.cvSelfSigned)) == 0)
{
throw new ApplicationException("The server certificate is not valid.");
}
}
memoryCertificateStorage.Add(concern, true);
validate = true;
}
private void button2_Click(object sender, EventArgs e)
{
//otevřu dialog pro Token
token_list_form f_token = new token_list_form();
f_token.ShowDialog();
if (f_token.DialogResult == DialogResult.OK)
{
tei_certificate = f_token.X_tei_certificate;
DialogResult = DialogResult.OK;
}
/*else
* {
* MessageBox.Show("NIC !");
* //vysledek = false;
* }*/
}
private TElMemoryCertStorage LoadCertificate(string credentialsID, string access_token)
{
//credentialsInfo
JsonSerializer serializer = new JsonSerializer();
ErrorLogger errorLogger = new ErrorLogger();
CredentialsInfoClient credInfoClient = new CredentialsInfoClient(serializer, errorLogger, "https://msign-test.transsped.ro/csc/v0/");
InputCredentialsInfo credentialsInfo = new InputCredentialsInfo()
{
credentialID = credentialsID
};
object outputCredentials = credInfoClient.GetCredentialsInfo(access_token, credentialsInfo);
string temp = serializer.Serialize(outputCredentials);
if (!temp.Contains("error"))
{
OutputCredentialsInfo output = serializer.Deserialize <OutputCredentialsInfo>(temp);
string certificate = output.cert.certificates.FirstOrDefault();
TElX509Certificate cert = new TElX509Certificate();
byte[] certBuf = Encoding.UTF8.GetBytes(certificate);
int r = cert.LoadFromBufferAuto(certBuf, 0, certBuf.Length, "");
if (r != 0)
{
throw new Exception("Certificate read error: " + r.ToString());
}
TElMemoryCertStorage storage = new TElMemoryCertStorage();
storage.Add(cert, true);
return(storage);
}
else
{
return(null);
}
}
public async Task <object> SignCMSAsync(string accessToken, string base_URL, InputSignatureAdvanced inputSignatureAdvanced)
{
SBUtils.Unit.SetLicenseKey("03D250F599AFD170E8A7410AFE3EAAC635E687187762F9936518B7FA6AEDDB215DF3177560DD647433BEE43711D31EC2B6818C0797C464E7F077467EABB466DE8F21CE77A054C9D3B04B0BA859B4BE8E8B7FCD50D07E2A4CD96240FA1468D8F03CBDE4EB1D2070A4294D2426881EEFBDFFAA7A76747B30A2E0564CA06CD673089318BFBA530E88A26F6FF76E46FE2A5A65C0FBAACB09F9804BC287412E49EE832058643D8A59B8398C7637C3EDE91660E6B696F32AD416F606DB215A2FFF214B5DF58DE27687362740B591D7F3D2D33CE6A3D1601521408511476FA81D374CA32D0443BD710D4D732A8C398A953047EEAB4A62237813DA11FC5E0EBFF1E69A9D");
pin = inputSignatureAdvanced.PIN; otp = inputSignatureAdvanced.OTP; credentialsID = inputSignatureAdvanced.credentialsID; access_token = accessToken; baseURL = base_URL; hashAlgo = inputSignatureAdvanced.hashAlgo; signAlgo = inputSignatureAdvanced.signAlgo;
OutputError error = new OutputError()
{
error = "error_pades_signature",
error_description = "error"
};
var filePath = Path.GetTempFileName();
if (inputSignatureAdvanced.documentStream.Length > 0)
{
using (Stream stream = new FileStream(filePath, FileMode.Create))
{
Stream memoryStream = new MemoryStream(inputSignatureAdvanced.documentStream);
await memoryStream.CopyToAsync(stream);
var msg = new TElSignedCMSMessage();
msg.CreateNew(stream, 0, stream.Length);
int sigIndex = msg.AddSignature();
SBPKCS7Utils.TElPKCS7Attributes pKCS7Attributes = new SBPKCS7Utils.TElPKCS7Attributes();
TElCMSSignature signature = msg.get_Signatures(sigIndex);
TElX509Certificate certificate = LoadCertificate(credentialsID, access_token);
if (hashAlgo == "2.16.840.1.101.3.4.2.1")
{
signature.DigestAlgorithm = SBConstants.Unit.SB_ALGORITHM_DGST_SHA256;
}
else
{
signature.DigestAlgorithm = SBConstants.Unit.SB_ALGORITHM_DGST_SHA1;
}
signature.SigningOptions = SBCMS.__Global.csoInsertMessageDigests |
SBCMS.__Global.csoIncludeCertToAttributes |
SBCMS.__Global.csoIncludeCertToMessage |
SBCMS.__Global.csoInsertContentType |
SBCMS.__Global.csoInsertSigningTime |
SBCMS.__Global.csoUsePlainContentForTimestampHashes;
signature.SigningTime = DateTime.Now;
int cID = signature.SigningCertificate.AddCertID();
TElCMSSignerIdentifier signerIdentifier = signature.SigningCertificate.get_CertIDs(cID);
signerIdentifier.Import(certificate, SBConstants.Unit.SB_ALGORITHM_DGST_SHA1);
signature.SigningCertificate.SigningCertificateType = TSBCMSSigningCertificateType.sctESSSigningCertificateV2;
signature.SigningCertificate.Included = true;
TElCAdESSignatureProcessor processor = new TElCAdESSignatureProcessor();
processor.RemoteSigningMode = true;
processor.AllowPartialValidationInfo = true;
processor.ForceCompleteChainValidation = false;
processor.ForceSigningCertificateV2 = false;
processor.IgnoreChainValidationErrors = true;
processor.OfflineMode = false;
processor.SkipValidationTimestampedSignatures = true;
processor.Signature = signature;
processor.OnRemoteSign += new TSBCAdESRemoteSignEvent(CAdES_Handler);
processor.CreateBES(certificate);
var result = new MemoryStream();
msg.Save(result);
OutputAdvancedSignature output = new OutputAdvancedSignature()
{
signedDocument = result.GetBuffer()
};
return(output);
}
}
else
{
return(error);
}
}
private void CertificateValidator(object Sender, TElX509CertificateValidator validator, TElX509Certificate certificate, SBX509.TSBCertificateValidity validity, int reason)
{
}
private void BeforeSign_Handler(object Sender, TElCMSSignature Signature, TElX509Certificate Certificate, TElCustomCertStorage Chain)
{
var test = Certificate.SubjectName;
}
public MemoryStream SignXML(Stream stream, string accessToken, string OTP, string PIN, string credentialID, string base_URL, string hash_algo, string sign_algo)
{
var memory = new MemoryStream();
try
{
SBUtils.Unit.SetLicenseKey("03D250F599AFD170E8A7410AFE3EAAC635E687187762F9936518B7FA6AEDDB215DF3177560DD647433BEE43711D31EC2B6818C0797C464E7F077467EABB466DE8F21CE77A054C9D3B04B0BA859B4BE8E8B7FCD50D07E2A4CD96240FA1468D8F03CBDE4EB1D2070A4294D2426881EEFBDFFAA7A76747B30A2E0564CA06CD673089318BFBA530E88A26F6FF76E46FE2A5A65C0FBAACB09F9804BC287412E49EE832058643D8A59B8398C7637C3EDE91660E6B696F32AD416F606DB215A2FFF214B5DF58DE27687362740B591D7F3D2D33CE6A3D1601521408511476FA81D374CA32D0443BD710D4D732A8C398A953047EEAB4A62237813DA11FC5E0EBFF1E69A9D");
pin = PIN; otp = OTP; credentialsID = credentialID; access_token = accessToken; baseURL = base_URL; hashAlgo = hash_algo; signAlgo = sign_algo;
TElXMLDOMDocument document = new TElXMLDOMDocument();
TElXMLDOMDocument signedDocument = new TElXMLDOMDocument();
stream.Position = 0;
document.LoadFromStream(stream, "ISO-8859-1", true);
TElXMLSigner Signer = new TElXMLSigner(null);
TElXMLKeyInfoX509Data X509Data = new TElXMLKeyInfoX509Data(false);
try
{
Signer.SignatureType = SBXMLSec.Unit.xstEnveloped;
Signer.CanonicalizationMethod = SBXMLDefs.Unit.xcmCanon;
Signer.SignatureMethodType = SBXMLSec.Unit.xmtSig;
TElXMLReference Ref = new TElXMLReference();
Ref.URI = "";
Ref.URINode = document.DocumentElement;
Ref.TransformChain.AddEnvelopedSignatureTransform();
if (hashAlgo == "2.16.840.1.101.3.4.2.1")
{
Signer.SignatureMethod = SBXMLSec.Unit.xsmRSA_SHA256;
Ref.DigestMethod = SBXMLSec.Unit.xdmSHA256;
}
else
{
Signer.SignatureMethod = SBXMLSec.Unit.xsmRSA_SHA1;
Ref.DigestMethod = SBXMLSec.Unit.xdmSHA1;
}
Signer.References.Add(Ref);
TElX509Certificate Cert = LoadCertificate(credentialsID, access_token);
X509Data.Certificate = Cert;
Signer.KeyData = X509Data;
Signer.UpdateReferencesDigest();
Signer.OnRemoteSign += new TSBXMLRemoteSignEvent(XAdESHandler_OnRemoteSign);
Signer.GenerateSignature();
TElXMLDOMNode node = document.ChildNodes.get_Item(0);
Signer.SaveEnveloped(document.DocumentElement);
// Signer.SaveEnveloping(node);
// Signer.SaveDetached(); - semnatura se salveaza separat
document.SaveToStream(memory);
return(memory);
}
finally
{
Signer.Dispose();
X509Data.Dispose();
}
}
catch (Exception ex) { return(memory); }
}
private bool nacti_certifikat_from_file(string fileName, string password)
{
tei_certificate = new TElX509Certificate();
//, string v, X509KeyStorageFlags machineKeySet
bool vysledek = false;
bool nacteno = false;
int chyba_id = 0;
string message = "";
try
{
ext_certificate = new X509Certificate2(fileName, password, X509KeyStorageFlags.MachineKeySet);
nacteno = true;
}
catch (Exception ex)
{
nacteno = false;
chyba_id = Marshal.GetHRForException(ex);
message = ex.Message;
}
if (nacteno)
{
bool mam_kvalifikovany = false;
bool QESCD = false;
//zde prověřím platnosti daného certifikátu
foreach (X509Extension extension in ext_certificate.Extensions)
{
if (extension.Format(true).Contains("0.4.0.194112.1.0"))
{
QESCD = false;
mam_kvalifikovany = true;
vysledek = true;
}
else if (extension.Format(true).Contains("0.4.0.194112.1.2"))
{
QESCD = true;
mam_kvalifikovany = true;
vysledek = true;
}
else if (extension.Format(true).Contains("1.2.203.27112489.1.10.5.1.2"))
{
QESCD = true;
mam_kvalifikovany = true;
vysledek = true;
}
else if (extension.Format(true).Contains("1.2.203.27112489.1.10.1.2.7"))
{
QESCD = false;
mam_kvalifikovany = true;
vysledek = true;
}
}
if (mam_kvalifikovany == false)
{
MessageBox.Show("Nebyl vybrán kvalifikovaný certifikát !");
vysledek = false;
return(vysledek);
}
if (ext_certificate.NotAfter > DateTime.Now)
{
vysledek = true;
}
else
{
MessageBox.Show("Vybraný certifkát již není platný (platný do: " + ext_certificate.NotAfter.ToString("dd.MM.yyyy HH:mm:ss") + ") !");
vysledek = false;
return(vysledek);
}
if ((DateTime.Now > (Convert.ToDateTime("17.09.2018 00:00"))) && (QESCD == false))
{
MessageBox.Show("Vybraný podpis mus splňovat parametry pro kvalifikovaný elektronický podpis!");
vysledek = false;
return(vysledek);
}
}
else
{
if (chyba_id == -2147024810)
{
pass_form f_podpis = new pass_form();
f_podpis.ShowDialog();
if (f_podpis.DialogResult == DialogResult.OK)
{
vysledek = nacti_certifikat_from_file(fileName, f_podpis.cert_heslo);
}
else
{
MessageBox.Show("Nebylo zadáno heslo k certifikátu !");
vysledek = false;
}
}
else
{
MessageBox.Show("Cyba při načtení certifikátu (" + message + ") !");
vysledek = false;
}
}
if (vysledek)
{
try
{
tei_certificate.FromX509Certificate2(ext_certificate);
}
catch (Exception ex)
{
nacteno = false;
chyba_id = Marshal.GetHRForException(ex);
message = ex.Message;
}
}
return(vysledek);
}
public async Task <object> SignXMLAsync(string accessToken, string base_URL, InputSignatureAdvanced inputSignatureAdvanced)
{
SBUtils.Unit.SetLicenseKey("03D250F599AFD170E8A7410AFE3EAAC635E687187762F9936518B7FA6AEDDB215DF3177560DD647433BEE43711D31EC2B6818C0797C464E7F077467EABB466DE8F21CE77A054C9D3B04B0BA859B4BE8E8B7FCD50D07E2A4CD96240FA1468D8F03CBDE4EB1D2070A4294D2426881EEFBDFFAA7A76747B30A2E0564CA06CD673089318BFBA530E88A26F6FF76E46FE2A5A65C0FBAACB09F9804BC287412E49EE832058643D8A59B8398C7637C3EDE91660E6B696F32AD416F606DB215A2FFF214B5DF58DE27687362740B591D7F3D2D33CE6A3D1601521408511476FA81D374CA32D0443BD710D4D732A8C398A953047EEAB4A62237813DA11FC5E0EBFF1E69A9D");
pin = inputSignatureAdvanced.PIN; otp = inputSignatureAdvanced.OTP; credentialsID = inputSignatureAdvanced.credentialsID; access_token = accessToken; baseURL = base_URL; hashAlgo = inputSignatureAdvanced.hashAlgo; signAlgo = inputSignatureAdvanced.signAlgo;
OutputError error = new OutputError()
{
error = "error_pades_signature",
error_description = "error"
};
TElXMLDOMDocument document = new TElXMLDOMDocument();
TElXMLDOMDocument signedDocument = new TElXMLDOMDocument();
try
{
var filePath = Path.GetTempFileName();
if (inputSignatureAdvanced.documentStream.Length > 0)
{
using (Stream stream = new FileStream(filePath, FileMode.Create))
{
Stream memoryStream = new MemoryStream(inputSignatureAdvanced.documentStream);
await memoryStream.CopyToAsync(stream);
stream.Position = 0;
document.LoadFromStream(stream, "ISO-8859-1", true);
TElXMLSigner Signer = new TElXMLSigner(null);
TElXMLKeyInfoX509Data X509Data = new TElXMLKeyInfoX509Data(false);
try
{
Signer.SignatureType = SBXMLSec.Unit.xstEnveloped;
Signer.CanonicalizationMethod = SBXMLDefs.Unit.xcmCanon;
Signer.SignatureMethodType = SBXMLSec.Unit.xmtSig;
TElXMLReference Ref = new TElXMLReference();
Ref.URI = "";
Ref.URINode = document.DocumentElement;
Ref.TransformChain.AddEnvelopedSignatureTransform();
if (hashAlgo == "2.16.840.1.101.3.4.2.1")
{
Signer.SignatureMethod = SBXMLSec.Unit.xsmRSA_SHA256;
Ref.DigestMethod = SBXMLSec.Unit.xdmSHA256;
}
else
{
Signer.SignatureMethod = SBXMLSec.Unit.xsmRSA_SHA1;
Ref.DigestMethod = SBXMLSec.Unit.xdmSHA1;
}
Signer.References.Add(Ref);
TElX509Certificate Cert = LoadCertificate(credentialsID, accessToken);
X509Data.Certificate = Cert;
Signer.KeyData = X509Data;
Signer.UpdateReferencesDigest();
Signer.OnRemoteSign += new TSBXMLRemoteSignEvent(XAdESHandler_OnRemoteSign);
Signer.GenerateSignature();
TElXMLDOMNode node = document.ChildNodes.get_Item(0);
Signer.SaveEnveloped(document.DocumentElement);
var signedMemory = new MemoryStream();
document.SaveToStream(signedMemory);
OutputAdvancedSignature output = new OutputAdvancedSignature()
{
signedDocument = signedMemory.GetBuffer()
};
Signer.Dispose();
X509Data.Dispose();
return(output);
}
catch (Exception ex)
{
return(error);
}
}
}
else
{
return(error);
}
}
catch (Exception ex)
{
return(error);
}
}
public podpis_form()
{
InitializeComponent();
//toto je výstup z daného okna
tei_certificate = new TElX509Certificate();
}
private void OnCertificateValidate(object sender, TElX509Certificate x509certificate, ref TSBBoolean validate)
{
byte[] certPublicKey = new byte[1024];
x509certificate.GetPublicKeyBlob(out certPublicKey);
// Load previous key string
byte[] prevCertKey;
if (loadBlob(filename, out prevCertKey))
{
bool compResult = certPublicKey.SequenceEqual(prevCertKey);
validate = compResult;
tbWebServiceResult.Text = "Your certificate was " + (compResult ? "good" : "bad");
}
else
{
// Save on first time use
saveBlob(filename, certPublicKey);
validate = true;
tbWebServiceResult.Text = "Saved certificate";
}
}
