private static void FormatElement(object Sender, TElXMLDOMElement Element, int Level, string Path, ref string StartTagWhitespace, ref string EndTagWhitespace)
{
StartTagWhitespace = "\n";
string s = new string('\t', Level - 1);
StartTagWhitespace = StartTagWhitespace + s;
if (Element.FirstChild != null)
{
bool HasElements = false;
TElXMLDOMNode Node = Element.FirstChild;
while (Node != null)
{
if (Node.NodeType == SBXMLCore.Unit.ntElement)
{
HasElements = true;
break;
}
Node = Node.NextSibling;
}
if (HasElements)
{
EndTagWhitespace = "\n" + s;
}
}
}
public async Task <object> SignXMLAsync(string accessToken, string base_URL, InputSignatureAdvanced inputSignatureAdvanced)
{
SBUtils.Unit.SetLicenseKey("03D250F599AFD170E8A7410AFE3EAAC635E687187762F9936518B7FA6AEDDB215DF3177560DD647433BEE43711D31EC2B6818C0797C464E7F077467EABB466DE8F21CE77A054C9D3B04B0BA859B4BE8E8B7FCD50D07E2A4CD96240FA1468D8F03CBDE4EB1D2070A4294D2426881EEFBDFFAA7A76747B30A2E0564CA06CD673089318BFBA530E88A26F6FF76E46FE2A5A65C0FBAACB09F9804BC287412E49EE832058643D8A59B8398C7637C3EDE91660E6B696F32AD416F606DB215A2FFF214B5DF58DE27687362740B591D7F3D2D33CE6A3D1601521408511476FA81D374CA32D0443BD710D4D732A8C398A953047EEAB4A62237813DA11FC5E0EBFF1E69A9D");
pin = inputSignatureAdvanced.PIN; otp = inputSignatureAdvanced.OTP; credentialsID = inputSignatureAdvanced.credentialsID; access_token = accessToken; baseURL = base_URL; hashAlgo = inputSignatureAdvanced.hashAlgo; signAlgo = inputSignatureAdvanced.signAlgo;
OutputError error = new OutputError()
{
error = "error_pades_signature",
error_description = "error"
};
TElXMLDOMDocument document = new TElXMLDOMDocument();
TElXMLDOMDocument signedDocument = new TElXMLDOMDocument();
try
{
var filePath = Path.GetTempFileName();
if (inputSignatureAdvanced.documentStream.Length > 0)
{
using (Stream stream = new FileStream(filePath, FileMode.Create))
{
Stream memoryStream = new MemoryStream(inputSignatureAdvanced.documentStream);
await memoryStream.CopyToAsync(stream);
stream.Position = 0;
document.LoadFromStream(stream, "ISO-8859-1", true);
TElXMLSigner Signer = new TElXMLSigner(null);
TElXMLKeyInfoX509Data X509Data = new TElXMLKeyInfoX509Data(false);
try
{
Signer.SignatureType = SBXMLSec.Unit.xstEnveloped;
Signer.CanonicalizationMethod = SBXMLDefs.Unit.xcmCanon;
Signer.SignatureMethodType = SBXMLSec.Unit.xmtSig;
TElXMLReference Ref = new TElXMLReference();
Ref.URI = "";
Ref.URINode = document.DocumentElement;
Ref.TransformChain.AddEnvelopedSignatureTransform();
if (hashAlgo == "2.16.840.1.101.3.4.2.1")
{
Signer.SignatureMethod = SBXMLSec.Unit.xsmRSA_SHA256;
Ref.DigestMethod = SBXMLSec.Unit.xdmSHA256;
}
else
{
Signer.SignatureMethod = SBXMLSec.Unit.xsmRSA_SHA1;
Ref.DigestMethod = SBXMLSec.Unit.xdmSHA1;
}
Signer.References.Add(Ref);
TElX509Certificate Cert = LoadCertificate(credentialsID, accessToken);
X509Data.Certificate = Cert;
Signer.KeyData = X509Data;
Signer.UpdateReferencesDigest();
Signer.OnRemoteSign += new TSBXMLRemoteSignEvent(XAdESHandler_OnRemoteSign);
Signer.GenerateSignature();
TElXMLDOMNode node = document.ChildNodes.get_Item(0);
Signer.SaveEnveloped(document.DocumentElement);
var signedMemory = new MemoryStream();
document.SaveToStream(signedMemory);
OutputAdvancedSignature output = new OutputAdvancedSignature()
{
signedDocument = signedMemory.GetBuffer()
};
Signer.Dispose();
X509Data.Dispose();
return(output);
}
catch (Exception ex)
{
return(error);
}
}
}
else
{
return(error);
}
}
catch (Exception ex)
{
return(error);
}
}
private static void EncryptAssertion(string certificate, TElXMLDOMNode nodeToEnrypt)
{
//var nodeToEnrypt = FXMLDocument.FindNode("saml2:Assertion", true);
TElXMLEncryptor Encryptor;
TElXMLKeyInfoSymmetricData SymKeyData;
TElXMLKeyInfoRSAData RSAKeyData;
TElXMLKeyInfoX509Data X509KeyData;
TElXMLKeyInfoPGPData PGPKeyData;
FileStream F;
TElXMLDOMNode EncNode;
Encryptor = new TElXMLEncryptor
{
EncryptKey = true,
EncryptionMethod = 1,
KeyName = String.Empty,
EncryptedDataType = 0,
KeyEncryptionType = 0,
KeyTransportMethod = 1,
KeyWrapMethod = 0
};
SymKeyData = new TElXMLKeyInfoSymmetricData(true);
// generate random Key & IV
SymKeyData.Key.Generate(32 * 8);
SymKeyData.Key.GenerateIV(16 * 8);
Encryptor.KeyData = SymKeyData;
// xetKeyTransport
RSAKeyData = new TElXMLKeyInfoRSAData(true);
RSAKeyData.RSAKeyMaterial.Passphrase = String.Empty;
X509KeyData = new TElXMLKeyInfoX509Data(true);
PGPKeyData = new TElXMLKeyInfoPGPData(true);
certificate = HostingEnvironment.MapPath("~/App_Data/ussitsps_test_pub.asc");
F = new FileStream(certificate, FileMode.Open, FileAccess.Read);
PGPKeyData.PublicKey = new TElPGPPublicKey();
try
{
((TElPGPPublicKey) PGPKeyData.PublicKey).LoadFromStream(F);
}
catch
{
PGPKeyData.PublicKey.Dispose();
PGPKeyData.PublicKey = null;
}
F.Close();
Encryptor.KeyEncryptionKeyData = PGPKeyData;
//Encrypt Node
Encryptor.Encrypt(nodeToEnrypt);
// Save document
EncNode = Encryptor.Save(FXMLDocument);
//Replacing selected node with encrypted node
var encryptedAssertion = FXMLDocument.CreateElementNS("urn:oasis:names:tc:SAML:2.0:assertion", "saml2:EncryptedAssertion");
var nsAttr = FXMLDocument.CreateAttribute("xmlns:saml2");
nsAttr.Value = "urn:oasis:names:tc:SAML:2.0:assertion";
encryptedAssertion.Attributes.Add(nsAttr);
encryptedAssertion.AppendChild(EncNode);
nodeToEnrypt.ParentNode.ReplaceChild(encryptedAssertion, nodeToEnrypt);
Encryptor.Dispose();
if (X509KeyData != null)
X509KeyData.Dispose();
if (PGPKeyData != null)
PGPKeyData.Dispose();
}
private static void EncryptAssertion(string certificate, TElXMLDOMNode nodeToEnrypt)
{
//var nodeToEnrypt = FXMLDocument.FindNode("saml2:Assertion", true);
TElXMLEncryptor Encryptor;
TElXMLKeyInfoSymmetricData SymKeyData;
TElXMLKeyInfoRSAData RSAKeyData;
TElXMLKeyInfoX509Data X509KeyData;
TElXMLKeyInfoPGPData PGPKeyData;
FileStream F;
TElXMLDOMNode EncNode;
Encryptor = new TElXMLEncryptor
{
EncryptKey = true,
EncryptionMethod = 1,
KeyName = String.Empty,
EncryptedDataType = 0,
KeyEncryptionType = 0,
KeyTransportMethod = 1,
KeyWrapMethod = 0
};
SymKeyData = new TElXMLKeyInfoSymmetricData(true);
// generate random Key & IV
SymKeyData.Key.Generate(32 * 8);
SymKeyData.Key.GenerateIV(16 * 8);
Encryptor.KeyData = SymKeyData;
// xetKeyTransport
RSAKeyData = new TElXMLKeyInfoRSAData(true);
RSAKeyData.RSAKeyMaterial.Passphrase = String.Empty;
X509KeyData = new TElXMLKeyInfoX509Data(true);
PGPKeyData = new TElXMLKeyInfoPGPData(true);
certificate = HostingEnvironment.MapPath("~/App_Data/ussitsps_test_pub.asc");
F = new FileStream(certificate, FileMode.Open, FileAccess.Read);
PGPKeyData.PublicKey = new TElPGPPublicKey();
try
{
((TElPGPPublicKey)PGPKeyData.PublicKey).LoadFromStream(F);
}
catch
{
PGPKeyData.PublicKey.Dispose();
PGPKeyData.PublicKey = null;
}
F.Close();
Encryptor.KeyEncryptionKeyData = PGPKeyData;
//Encrypt Node
Encryptor.Encrypt(nodeToEnrypt);
// Save document
EncNode = Encryptor.Save(FXMLDocument);
//Replacing selected node with encrypted node
var encryptedAssertion = FXMLDocument.CreateElementNS("urn:oasis:names:tc:SAML:2.0:assertion", "saml2:EncryptedAssertion");
var nsAttr = FXMLDocument.CreateAttribute("xmlns:saml2");
nsAttr.Value = "urn:oasis:names:tc:SAML:2.0:assertion";
encryptedAssertion.Attributes.Add(nsAttr);
encryptedAssertion.AppendChild(EncNode);
nodeToEnrypt.ParentNode.ReplaceChild(encryptedAssertion, nodeToEnrypt);
Encryptor.Dispose();
if (X509KeyData != null)
{
X509KeyData.Dispose();
}
if (PGPKeyData != null)
{
PGPKeyData.Dispose();
}
}
public MemoryStream SignXML(Stream stream, string accessToken, string OTP, string PIN, string credentialID, string base_URL, string hash_algo, string sign_algo)
{
var memory = new MemoryStream();
try
{
SBUtils.Unit.SetLicenseKey("03D250F599AFD170E8A7410AFE3EAAC635E687187762F9936518B7FA6AEDDB215DF3177560DD647433BEE43711D31EC2B6818C0797C464E7F077467EABB466DE8F21CE77A054C9D3B04B0BA859B4BE8E8B7FCD50D07E2A4CD96240FA1468D8F03CBDE4EB1D2070A4294D2426881EEFBDFFAA7A76747B30A2E0564CA06CD673089318BFBA530E88A26F6FF76E46FE2A5A65C0FBAACB09F9804BC287412E49EE832058643D8A59B8398C7637C3EDE91660E6B696F32AD416F606DB215A2FFF214B5DF58DE27687362740B591D7F3D2D33CE6A3D1601521408511476FA81D374CA32D0443BD710D4D732A8C398A953047EEAB4A62237813DA11FC5E0EBFF1E69A9D");
pin = PIN; otp = OTP; credentialsID = credentialID; access_token = accessToken; baseURL = base_URL; hashAlgo = hash_algo; signAlgo = sign_algo;
TElXMLDOMDocument document = new TElXMLDOMDocument();
TElXMLDOMDocument signedDocument = new TElXMLDOMDocument();
stream.Position = 0;
document.LoadFromStream(stream, "ISO-8859-1", true);
TElXMLSigner Signer = new TElXMLSigner(null);
TElXMLKeyInfoX509Data X509Data = new TElXMLKeyInfoX509Data(false);
try
{
Signer.SignatureType = SBXMLSec.Unit.xstEnveloped;
Signer.CanonicalizationMethod = SBXMLDefs.Unit.xcmCanon;
Signer.SignatureMethodType = SBXMLSec.Unit.xmtSig;
TElXMLReference Ref = new TElXMLReference();
Ref.URI = "";
Ref.URINode = document.DocumentElement;
Ref.TransformChain.AddEnvelopedSignatureTransform();
if (hashAlgo == "2.16.840.1.101.3.4.2.1")
{
Signer.SignatureMethod = SBXMLSec.Unit.xsmRSA_SHA256;
Ref.DigestMethod = SBXMLSec.Unit.xdmSHA256;
}
else
{
Signer.SignatureMethod = SBXMLSec.Unit.xsmRSA_SHA1;
Ref.DigestMethod = SBXMLSec.Unit.xdmSHA1;
}
Signer.References.Add(Ref);
TElX509Certificate Cert = LoadCertificate(credentialsID, access_token);
X509Data.Certificate = Cert;
Signer.KeyData = X509Data;
Signer.UpdateReferencesDigest();
Signer.OnRemoteSign += new TSBXMLRemoteSignEvent(XAdESHandler_OnRemoteSign);
Signer.GenerateSignature();
TElXMLDOMNode node = document.ChildNodes.get_Item(0);
Signer.SaveEnveloped(document.DocumentElement);
// Signer.SaveEnveloping(node);
// Signer.SaveDetached(); - semnatura se salveaza separat
document.SaveToStream(memory);
return(memory);
}
finally
{
Signer.Dispose();
X509Data.Dispose();
}
}
catch (Exception ex) { return(memory); }
}
