public void Upgrade(SignatureDocument signatureDocument, UpgradeParameters parameters)
{
UnsignedProperties unsignedProperties = null;
CertificateValues certificateValues = null;
X509Certificate2 signingCertificate = signatureDocument.XadesSignature.GetSigningCertificate();
unsignedProperties = signatureDocument.XadesSignature.UnsignedProperties;
unsignedProperties.UnsignedSignatureProperties.CompleteCertificateRefs = new CompleteCertificateRefs();
unsignedProperties.UnsignedSignatureProperties.CompleteCertificateRefs.Id = "CompleteCertificates-" + Guid.NewGuid().ToString();
unsignedProperties.UnsignedSignatureProperties.CertificateValues = new CertificateValues();
certificateValues = unsignedProperties.UnsignedSignatureProperties.CertificateValues;
certificateValues.Id = "CertificatesValues-" + Guid.NewGuid().ToString();
unsignedProperties.UnsignedSignatureProperties.CompleteRevocationRefs = new CompleteRevocationRefs();
unsignedProperties.UnsignedSignatureProperties.CompleteRevocationRefs.Id = "CompleteRev-" + Guid.NewGuid().ToString();
unsignedProperties.UnsignedSignatureProperties.RevocationValues = new RevocationValues();
unsignedProperties.UnsignedSignatureProperties.RevocationValues.Id = "RevocationValues-" + Guid.NewGuid().ToString();
AddCertificate(signingCertificate, unsignedProperties, false, parameters.OCSPServers, parameters.CRL, parameters.DigestMethod, parameters.GetOcspUrlFromCertificate);
AddTSACertificates(unsignedProperties, parameters.OCSPServers, parameters.CRL, parameters.DigestMethod, parameters.GetOcspUrlFromCertificate);
signatureDocument.XadesSignature.UnsignedProperties = unsignedProperties;
TimeStampCertRefs(signatureDocument, parameters);
signatureDocument.UpdateDocument();
}
private void btnCadesT_Click(object sender, EventArgs e)
{
if (_signatureDocument == null)
{
return;
}
FrmSeleccionarFirma frm = new FrmSeleccionarFirma(_signatureDocument);
if (frm.ShowDialog() != System.Windows.Forms.DialogResult.OK)
{
MessageBox.Show("You must select a signature");
return;
}
UpgradeParameters up = new UpgradeParameters();
up.TsaClient = new TimeStampClient(txtURLSellado.Text);
up.DigestMethod = DigestMethod.SHA256;
CadesTUpgrader upgrader = new CadesTUpgrader();
upgrader.Upgrade(_signatureDocument, frm.SignerInfo, up);
MessageBox.Show("Signature extended successfully");
}
public void Upgrade(SignatureDocument signatureDocument, UpgradeParameters parameters)
{
UnsignedProperties unsignedProperties = signatureDocument.XadesSignature.UnsignedProperties;
try
{
if (unsignedProperties.UnsignedSignatureProperties.SignatureTimeStampCollection.Count > 0)
{
throw new Exception("La firma ya contiene un sello de tiempo");
}
ArrayList arrayList = new ArrayList();
arrayList.Add("ds:SignatureValue");
byte[] hash = DigestUtil.ComputeHashValue(XMLUtil.ComputeValueOfElementList(signatureDocument.XadesSignature, arrayList), parameters.DigestMethod);
byte[] timeStamp = parameters.TimeStampClient.GetTimeStamp(hash, parameters.DigestMethod, true);
TimeStamp timeStamp2 = new TimeStamp("SignatureTimeStamp");
timeStamp2.Id = "SignatureTimeStamp-" + signatureDocument.XadesSignature.Signature.Id;
timeStamp2.EncapsulatedTimeStamp.PkiData = timeStamp;
timeStamp2.EncapsulatedTimeStamp.Id = "SignatureTimeStamp-" + Guid.NewGuid().ToString();
unsignedProperties.UnsignedSignatureProperties.SignatureTimeStampCollection.Add(timeStamp2);
signatureDocument.XadesSignature.UnsignedProperties = unsignedProperties;
signatureDocument.UpdateDocument();
}
catch (Exception innerException)
{
throw new Exception("Ha ocurrido un error al insertar el sellado de tiempo.", innerException);
}
}
private void TimeStampCertRefs(SignatureDocument signatureDocument, UpgradeParameters parameters)
{
XmlElement signatureElement = signatureDocument.XadesSignature.GetSignatureElement();
XmlNamespaceManager xmlNamespaceManager = new XmlNamespaceManager(signatureDocument.Document.NameTable);
xmlNamespaceManager.AddNamespace("xades", "http://uri.etsi.org/01903/v1.3.2#");
xmlNamespaceManager.AddNamespace("ds", "http://www.w3.org/2000/09/xmldsig#");
XmlNode xmlNode = signatureElement.SelectSingleNode("ds:Object/xades:QualifyingProperties/xades:UnsignedProperties/xades:UnsignedSignatureProperties/xades:CompleteCertificateRefs", xmlNamespaceManager);
if (xmlNode == null)
{
signatureDocument.UpdateDocument();
}
ArrayList arrayList = new ArrayList();
arrayList.Add("ds:SignatureValue");
arrayList.Add("ds:Object/xades:QualifyingProperties/xades:UnsignedProperties/xades:UnsignedSignatureProperties/xades:SignatureTimeStamp");
arrayList.Add("ds:Object/xades:QualifyingProperties/xades:UnsignedProperties/xades:UnsignedSignatureProperties/xades:CompleteCertificateRefs");
arrayList.Add("ds:Object/xades:QualifyingProperties/xades:UnsignedProperties/xades:UnsignedSignatureProperties/xades:CompleteRevocationRefs");
byte[] hash = DigestUtil.ComputeHashValue(XMLUtil.ComputeValueOfElementList(signatureDocument.XadesSignature, arrayList), parameters.DigestMethod);
byte[] timeStamp = parameters.TimeStampClient.GetTimeStamp(hash, parameters.DigestMethod, true);
TimeStamp timeStamp2 = new TimeStamp("SigAndRefsTimeStamp");
timeStamp2.Id = "SigAndRefsStamp-" + signatureDocument.XadesSignature.Signature.Id;
timeStamp2.EncapsulatedTimeStamp.PkiData = timeStamp;
timeStamp2.EncapsulatedTimeStamp.Id = "SigAndRefsStamp-" + Guid.NewGuid().ToString();
UnsignedProperties unsignedProperties = signatureDocument.XadesSignature.UnsignedProperties;
unsignedProperties.UnsignedSignatureProperties.RefsOnlyTimeStampFlag = false;
unsignedProperties.UnsignedSignatureProperties.SigAndRefsTimeStampCollection.Add(timeStamp2);
signatureDocument.XadesSignature.UnsignedProperties = unsignedProperties;
}
private void AmpliarFirma(SignatureFormat formato)
{
try
{
UpgradeParameters parametros = new UpgradeParameters();
parametros.TimeStampClient = new TimeStampClient(txtURLSellado.Text);
parametros.OCSPServers.Add(new OcspServer(txtOCSP.Text));
// test con @firma
/* parametros.GetOcspUrlFromCertificate = false;
* OcspServer ocspServer = new OcspServer("https://afirma.redsara.es/servidorOcsp/servidorOCSP");
* ocspServer.SetRequestorName(OcspServer.Rfc822Name, "idAplicacion");
* ocspServer.SignCertificate = CertUtil.SelectCertificate();
*
* parametros.OCSPServers.Add(ocspServer); */
XadesUpgraderService upgrader = new XadesUpgraderService();
upgrader.Upgrade(_signatureDocument, formato, parametros);
MessageBox.Show("Firma ampliada correctamente", "Test firma XADES",
MessageBoxButtons.OK, MessageBoxIcon.Information);
}
catch (Exception ex)
{
MessageBox.Show("Ha ocurrido un error ampliando la firma: " + ex.Message);
}
}
string SignDocument(X509Certificate2 signCertificate, System.IO.Stream inputStream, SignatureProductionPlace signatureProductionPlace, string timeStampUrl = "https://freetsa.org/tsr", SignatureFormat format = SignatureFormat.XAdES_T)
{
FirmaXadesNet.XadesService svc = new FirmaXadesNet.XadesService();
var parameters = new SignatureParameters()
{
SignatureMethod = SignatureMethod.RSAwithSHA256,
SigningDate = DateTime.Now,
SignaturePackaging = SignaturePackaging.ENVELOPED,
InputMimeType = "text/xml",
SignatureProductionPlace = signatureProductionPlace
};
parameters.SignatureCommitments.Add(new SignatureCommitment(SignatureCommitmentType.ProofOfOrigin));
using (parameters.Signer = new Signer(signCertificate))
{
var signedDocument = svc.Sign(inputStream, parameters);
signedDocument.Document.PreserveWhitespace = true;
UpgradeParameters xadesTparameters = new UpgradeParameters()
{
TimeStampClient = new TimeStampClient(timeStampUrl)
};
if (format == SignatureFormat.XAdES_XL)
{
xadesTparameters.OCSPServers.Add(new OcspServer("http://srvdc06.crossroad.ltd/ocsp"));
}
XadesUpgraderService upgrader = new XadesUpgraderService();
upgrader.Upgrade(signedDocument, format, xadesTparameters);
return(signedDocument.Document.OuterXml);
}
}
private void TimeStampCertRefs(SignatureDocument signatureDocument, UpgradeParameters parameters)
{
TimeStamp xadesXTimeStamp;
ArrayList signatureValueElementXpaths;
byte[] signatureValueHash;
XmlElement nodoFirma = signatureDocument.XadesSignature.GetSignatureElement();
XmlNamespaceManager nm = new XmlNamespaceManager(signatureDocument.Document.NameTable);
nm.AddNamespace("xades", XadesSignedXml.XadesNamespaceUri);
nm.AddNamespace("ds", SignedXml.XmlDsigNamespaceUrl);
XmlNode xmlCompleteCertRefs = nodoFirma.SelectSingleNode("ds:Object/xades:QualifyingProperties/xades:UnsignedProperties/xades:UnsignedSignatureProperties/xades:CompleteCertificateRefs", nm);
if (xmlCompleteCertRefs == null)
{
signatureDocument.UpdateDocument();
}
signatureValueElementXpaths = new ArrayList
{
"ds:SignatureValue",
"ds:Object/xades:QualifyingProperties/xades:UnsignedProperties/xades:UnsignedSignatureProperties/xades:SignatureTimeStamp",
"ds:Object/xades:QualifyingProperties/xades:UnsignedProperties/xades:UnsignedSignatureProperties/xades:CompleteCertificateRefs",
"ds:Object/xades:QualifyingProperties/xades:UnsignedProperties/xades:UnsignedSignatureProperties/xades:CompleteRevocationRefs"
};
signatureValueHash = DigestUtil.ComputeHashValue(XMLUtil.ComputeValueOfElementList(signatureDocument.XadesSignature, signatureValueElementXpaths), parameters.DigestMethod);
byte[] tsa = parameters.TimeStampClient.GetTimeStamp(signatureValueHash, parameters.DigestMethod, true);
xadesXTimeStamp = new TimeStamp("SigAndRefsTimeStamp")
{
Id = "SigAndRefsStamp-" + signatureDocument.XadesSignature.Signature.Id
};
xadesXTimeStamp.EncapsulatedTimeStamp.PkiData = tsa;
xadesXTimeStamp.EncapsulatedTimeStamp.Id = "SigAndRefsStamp-" + Guid.NewGuid().ToString();
UnsignedProperties unsignedProperties = signatureDocument.XadesSignature.UnsignedProperties;
unsignedProperties.UnsignedSignatureProperties.RefsOnlyTimeStampFlag = false;
unsignedProperties.UnsignedSignatureProperties.SigAndRefsTimeStampCollection.Add(xadesXTimeStamp);
signatureDocument.XadesSignature.UnsignedProperties = unsignedProperties;
}
private void AmpliarFirma(SignatureFormat formato)
{
try
{
UpgradeParameters parametros = new UpgradeParameters();
parametros.TimeStampClient = new TimeStampClient(txtURLSellado.Text);
parametros.OCSPServers.Add(txtOCSP.Text);
XadesUpgraderService upgrader = new XadesUpgraderService();
upgrader.Upgrade(_signatureDocument, formato, parametros);
MessageBox.Show("Firma ampliada correctamente", "Test firma XADES",
MessageBoxButtons.OK, MessageBoxIcon.Information);
}
catch (Exception ex)
{
MessageBox.Show("Ha ocurrido un error ampliando la firma: " + ex.Message);
}
}
public void Upgrade(SignatureDocument signatureDocument, UpgradeParameters parameters)
{
TimeStamp signatureTimeStamp;
ArrayList signatureValueElementXpaths;
byte[] signatureValueHash;
UnsignedProperties unsignedProperties = signatureDocument.XadesSignature.UnsignedProperties;
try
{
if (unsignedProperties.UnsignedSignatureProperties.SignatureTimeStampCollection.Count > 0)
{
throw new Exception("La firma ya contiene un sello de tiempo");
}
XmlDsigExcC14NTransform excTransform = new XmlDsigExcC14NTransform();
signatureValueElementXpaths = new ArrayList();
signatureValueElementXpaths.Add("ds:SignatureValue");
signatureValueHash = DigestUtil.ComputeHashValue(XMLUtil.ComputeValueOfElementList(signatureDocument.XadesSignature, signatureValueElementXpaths, excTransform), parameters.DigestMethod);
byte[] tsa = parameters.TimeStampClient.GetTimeStamp(signatureValueHash, parameters.DigestMethod, true);
signatureTimeStamp = new TimeStamp("SignatureTimeStamp");
signatureTimeStamp.Id = "SignatureTimeStamp-" + signatureDocument.XadesSignature.Signature.Id;
signatureTimeStamp.CanonicalizationMethod = new CanonicalizationMethod();
signatureTimeStamp.CanonicalizationMethod.Algorithm = excTransform.Algorithm;
signatureTimeStamp.EncapsulatedTimeStamp.PkiData = tsa;
signatureTimeStamp.EncapsulatedTimeStamp.Id = "SignatureTimeStamp-" + Guid.NewGuid().ToString();
unsignedProperties.UnsignedSignatureProperties.SignatureTimeStampCollection.Add(signatureTimeStamp);
signatureDocument.XadesSignature.UnsignedProperties = unsignedProperties;
signatureDocument.UpdateDocument();
}
catch (Exception ex)
{
throw new Exception("Ha ocurrido un error al insertar el sellado de tiempo.", ex);
}
}
public void Upgrade(SignatureDocument signatureDocument, UpgradeParameters parameters)
{
TimeStamp signatureTimeStamp;
ArrayList signatureValueElementXpaths;
byte[] signatureValueHash;
UnsignedProperties unsignedProperties = signatureDocument.XadesSignature.UnsignedProperties;
try
{
if (unsignedProperties.UnsignedSignatureProperties.SignatureTimeStampCollection.Count > 0)
{
throw new Exception("The signature already contains a time stamp");
}
signatureValueElementXpaths = new ArrayList
{
"ds:SignatureValue"
};
signatureValueHash = DigestUtil.ComputeHashValue(XMLUtil.ComputeValueOfElementList(signatureDocument.XadesSignature, signatureValueElementXpaths), parameters.DigestMethod);
byte[] tsa = parameters.TimeStampClient.GetTimeStamp(signatureValueHash, parameters.DigestMethod, true);
signatureTimeStamp = new TimeStamp("SignatureTimeStamp")
{
Id = "SignatureTimeStamp-" + signatureDocument.XadesSignature.Signature.Id
};
signatureTimeStamp.EncapsulatedTimeStamp.PkiData = tsa;
signatureTimeStamp.EncapsulatedTimeStamp.Id = "SignatureTimeStamp-" + Guid.NewGuid().ToString();
unsignedProperties.UnsignedSignatureProperties.SignatureTimeStampCollection.Add(signatureTimeStamp);
signatureDocument.XadesSignature.UnsignedProperties = unsignedProperties;
signatureDocument.UpdateDocument();
}
catch (Exception ex)
{
throw new Exception("An error occurred while inserting the time stamp", ex);
}
}
private void AmpliarFirma(SignatureFormat formato)
{
try
{
UpgradeParameters parametros = new UpgradeParameters
{
TimeStampClient = new TimeStampClient(txtURLSellado.Text)
};
parametros.OCSPServers.Add(new OcspServer(txtOCSP.Text));
XadesUpgraderService upgrader = new XadesUpgraderService();
upgrader.Upgrade(_signatureDocument, formato, parametros);
MessageBox.Show("Signature extended correctly", $"Extend to {formato.ToString()}",
MessageBoxButtons.OK, MessageBoxIcon.Information);
}
catch (Exception ex)
{
MessageBox.Show("An error has occurred extending the signature: " + ex.Message);
}
}
public void Upgrade(SignatureDocument sigDocument, SignatureFormat toFormat, UpgradeParameters parameters)
{
XadesTUpgrader xadesTUpgrader = null;
XadesXLUpgrader xadesXLUpgrader = null;
SignatureDocument.CheckSignatureDocument(sigDocument);
if (toFormat == SignatureFormat.XAdES_T)
{
xadesTUpgrader = new XadesTUpgrader();
xadesTUpgrader.Upgrade(sigDocument, parameters);
}
else
{
if (sigDocument.XadesSignature.UnsignedProperties.UnsignedSignatureProperties.SignatureTimeStampCollection.Count == 0)
{
xadesTUpgrader = new XadesTUpgrader();
xadesTUpgrader.Upgrade(sigDocument, parameters);
}
xadesXLUpgrader = new XadesXLUpgrader();
xadesXLUpgrader.Upgrade(sigDocument, parameters);
}
}
public void Upgrade(SignatureDocument signatureDocument, SignerInfoNode signerInfoNode, UpgradeParameters parameters)
{
BcCms.AttributeTable unsigned = signerInfoNode.SignerInformation.UnsignedAttributes;
IDictionary unsignedAttrHash = null;
if (unsigned == null)
{
unsignedAttrHash = new Dictionary <DerObjectIdentifier, BcCms.Attribute>();
}
else
{
unsignedAttrHash = signerInfoNode.SignerInformation.UnsignedAttributes.ToDictionary();
}
BcCms.Attribute signatureTimeStamp = GetTimeStampAttribute(PkcsObjectIdentifiers.IdAASignatureTimeStampToken
, parameters.TsaClient, parameters.DigestMethod, signerInfoNode.SignerInformation.GetSignature());
unsignedAttrHash.Add(PkcsObjectIdentifiers.IdAASignatureTimeStampToken, signatureTimeStamp);
SignerInformation newsi = SignerInformation.ReplaceUnsignedAttributes(signerInfoNode.SignerInformation,
new BcCms.AttributeTable(unsignedAttrHash));
signerInfoNode.SignerInformation = newsi;
}
