private static void FormatElement(object Sender, TElXMLDOMElement Element, int Level, string Path, ref string StartTagWhitespace, ref string EndTagWhitespace)
{
StartTagWhitespace = "\n";
string s = new string('\t', Level - 1);
StartTagWhitespace = StartTagWhitespace + s;
if (Element.FirstChild != null)
{
bool HasElements = false;
TElXMLDOMNode Node = Element.FirstChild;
while (Node != null)
{
if (Node.NodeType == SBXMLCore.Unit.ntElement)
{
HasElements = true;
break;
}
Node = Node.NextSibling;
}
if (HasElements)
{
EndTagWhitespace = "\n" + s;
}
}
}
static bool ValidateSignature(TElXMLDOMElement element) // this should be in separate unit test project
{
using (var X509KeyData = new TElXMLKeyInfoX509Data(true))
{
using (var stream = new FileStream(HostingEnvironment.MapPath("~/App_Data/hrinyorg-prod-public.cer"), FileMode.Open, FileAccess.Read))
LoadCertificate(stream, "", X509KeyData);
using (var verifier = new TElXMLVerifier())
{
verifier.KeyData = X509KeyData;
verifier.Load(element);
return(verifier.ValidateSignature());
}
}
}
private static void SignElement(string absoluteCertFilePath, string password, object element)
{
TElXMLSigner Signer;
TElXAdESSigner XAdESSigner = null;
TElXMLKeyInfoRSAData RSAKeyData = null;
TElXMLKeyInfoX509Data X509KeyData = null;
TElXMLKeyInfoPGPData PGPKeyData = null;
FileStream F;
TElXMLDOMNode SigNode;
TElXMLReferenceList Refs = new TElXMLReferenceList();
TElXMLReference Ref = new TElXMLReference();
Ref.DigestMethod = SBXMLSec.Unit.xdmSHA1;
if ((TElXMLDOMNode)element is TElXMLDOMDocument)
{
Ref.URINode = ((TElXMLDOMDocument)element).DocumentElement;
Ref.URI = "";
}
else
if ((TElXMLDOMNode)element is TElXMLDOMElement)
{
Ref.URINode = (TElXMLDOMNode)element;
TElXMLDOMElement El = (TElXMLDOMElement)element;
if (El.GetAttribute("ID") != "")
{
Ref.URI = "#" + El.GetAttribute("ID");
}
else
if (El.ParentNode is TElXMLDOMDocument)
{
Ref.URI = "";
}
else
{
El.SetAttribute("ID", "id-" + SBStrUtils.Unit.IntToStr(SBRandom.__Global.SBRndGenerate(uint.MaxValue)));
Ref.URI = "#" + El.GetAttribute("Id");
}
}
else
{
Ref.URINode = (TElXMLDOMNode)element;
Ref.URI = ((TElXMLDOMNode)element).LocalName;
}
Ref.TransformChain.Add(new TElXMLEnvelopedSignatureTransform());
Ref.TransformChain.Add(new TElXMLC14NTransform());
Refs.Add(Ref);
Signer = new TElXMLSigner(); // https://www.eldos.com/documentation/sbb/documentation/ref_cl_xmlsigner_prp_signaturemethodtype.html
try
{
Signer.SignatureType = SBXMLSec.Unit.xstEnveloped;
Signer.CanonicalizationMethod = SBXMLDefs.Unit.xcmExclCanonComment;
Signer.SignatureMethodType = SBXMLSec.Unit.xmtSig;
Signer.SignatureMethod = SBXMLSec.Unit.xsmRSA_SHA1;
Signer.MACMethod = SBXMLSec.Unit.xmmHMAC_MD5;
Signer.References = Refs;
Signer.KeyName = String.Empty;
Signer.IncludeKey = false;
Signer.OnFormatElement += FormatElement;
Signer.OnFormatText += FormatText;
if ((Signer.SignatureType == SBXMLSec.Unit.xstEnveloping) && (Ref != null) && (Ref.URI == "") && (Ref.URINode is TElXMLDOMElement))
{
TElXMLDOMElement El = (TElXMLDOMElement)Ref.URINode;
El.SetAttribute("ID", "id-" + SBStrUtils.Unit.IntToStr(SBRandom.__Global.SBRndGenerate(uint.MaxValue)));
Ref.URI = "#" + El.GetAttribute("Id");
}
RSAKeyData = new TElXMLKeyInfoRSAData(true);
RSAKeyData.RSAKeyMaterial.Passphrase = password;
X509KeyData = new TElXMLKeyInfoX509Data(true);
PGPKeyData = new TElXMLKeyInfoPGPData(true);
F = new FileStream(absoluteCertFilePath, FileMode.Open, FileAccess.Read);
try
{
// trying to load file as RSA key material
RSAKeyData.RSAKeyMaterial.LoadSecret(F, 0);
}
catch { }
if (!RSAKeyData.RSAKeyMaterial.SecretKey)
{
// trying to load file as Certificate
F.Position = 0;
LoadCertificate(F, password, X509KeyData);
}
if (!RSAKeyData.RSAKeyMaterial.PublicKey &&
(X509KeyData.Certificate == null))
{
// trying to load file as PGP key
F.Position = 0;
PGPKeyData.SecretKey = new TElPGPSecretKey();
PGPKeyData.SecretKey.Passphrase = password;
try
{
((TElPGPSecretKey)PGPKeyData.SecretKey).LoadFromStream(F);
}
catch
{
PGPKeyData.SecretKey = null;
}
}
F.Close();
if (RSAKeyData.RSAKeyMaterial.SecretKey)
{
Signer.KeyData = RSAKeyData;
}
else if (X509KeyData.Certificate != null)
{
if (!X509KeyData.Certificate.PrivateKeyExists)
{
throw new Exception("The selected certificate doesn''t contain a private key");
}
Signer.KeyData = X509KeyData;
}
else if (PGPKeyData.SecretKey != null)
{
Signer.KeyData = PGPKeyData;
}
Signer.UpdateReferencesDigest();
Signer.GenerateSignature();
SigNode = (TElXMLDOMNode)element;
if (SigNode is TElXMLDOMDocument)
{
SigNode = ((TElXMLDOMDocument)SigNode).DocumentElement;
}
try
{
// If the signature type is enveloping, then the signature is placed into the passed node and the contents of the node are moved to inside of the signature.
// If the signature type is enveloped, the signature is placed as a child of the passed node.
Signer.Save(ref SigNode);
}
catch (Exception E)
{
throw new Exception(string.Format("Failed to sign data and to save the signature: ({0})", E.Message));
}
}
finally
{
Signer.Dispose();
if (XAdESSigner != null)
{
XAdESSigner.Dispose();
}
if (X509KeyData != null)
{
X509KeyData.Dispose();
}
if (PGPKeyData != null)
{
PGPKeyData.Dispose();
}
}
}
// this should be in separate unit test project
static bool ValidateSignature(TElXMLDOMElement element)
{
using (var X509KeyData = new TElXMLKeyInfoX509Data(true))
{
using (var stream = new FileStream(HostingEnvironment.MapPath("~/App_Data/hrinyorg-prod-public.cer"), FileMode.Open, FileAccess.Read))
LoadCertificate(stream, "", X509KeyData);
using (var verifier = new TElXMLVerifier())
{
verifier.KeyData = X509KeyData;
verifier.Load(element);
return verifier.ValidateSignature();
}
}
}
private static void FormatElement(object Sender, TElXMLDOMElement Element, int Level, string Path, ref string StartTagWhitespace, ref string EndTagWhitespace)
{
StartTagWhitespace = "\n";
string s = new string('\t', Level - 1);
StartTagWhitespace = StartTagWhitespace + s;
if (Element.FirstChild != null)
{
bool HasElements = false;
TElXMLDOMNode Node = Element.FirstChild;
while (Node != null)
{
if (Node.NodeType == SBXMLCore.Unit.ntElement)
{
HasElements = true;
break;
}
Node = Node.NextSibling;
}
if (HasElements)
EndTagWhitespace = "\n" + s;
}
}