/// <summary> /// Add typed object to the collection /// </summary> /// <param name="objectToAdd">Typed object to be added to collection</param> /// <returns>The object that has been added to collection</returns> public EncapsulatedX509Certificate Add(EncapsulatedX509Certificate objectToAdd) { base.Add(objectToAdd); return(objectToAdd); }
/// <summary> /// Inserta en la lista de certificados el certificado y comprueba la valided del certificado. /// </summary> /// <param name="cert"></param> /// <param name="unsignedProperties"></param> /// <param name="addCertValue"></param> /// <param name="extraCerts"></param> private void AddCertificate(X509Certificate2 cert, UnsignedProperties unsignedProperties, bool addCert, X509Certificate2[] extraCerts = null) { if (addCert) { if (CertificateChecked(cert, unsignedProperties)) { return; } string guidCert = Guid.NewGuid().ToString(); Cert chainCert = new Cert(); chainCert.IssuerSerial.X509IssuerName = cert.IssuerName.Name; chainCert.IssuerSerial.X509SerialNumber = CertUtil.HexToDecimal(cert.SerialNumber); DigestUtil.SetCertDigest(cert.GetRawCertData(), _firma.RefsDigestMethod, chainCert.CertDigest); chainCert.URI = "#Cert" + guidCert; unsignedProperties.UnsignedSignatureProperties.CompleteCertificateRefs.CertRefs.CertCollection.Add(chainCert); EncapsulatedX509Certificate encapsulatedX509Certificate = new EncapsulatedX509Certificate(); encapsulatedX509Certificate.Id = "Cert" + guidCert; encapsulatedX509Certificate.PkiData = cert.GetRawCertData(); unsignedProperties.UnsignedSignatureProperties.CertificateValues.EncapsulatedX509CertificateCollection.Add(encapsulatedX509Certificate); } var chain = CertUtil.GetCertChain(cert, extraCerts).ChainElements; if (chain.Count > 1) { X509ChainElementEnumerator enumerator = chain.GetEnumerator(); enumerator.MoveNext(); // el mismo certificado que el pasado por parametro enumerator.MoveNext(); bool valid = ValidateCertificateByCRL(unsignedProperties, cert, enumerator.Current.Certificate); if (!valid) { var ocspCerts = ValidateCertificateByOCSP(unsignedProperties, cert, enumerator.Current.Certificate); if (ocspCerts != null) { X509Certificate2 startOcspCert = DetermineStartCert(new List<X509Certificate2>(ocspCerts)); if (startOcspCert.IssuerName.Name != enumerator.Current.Certificate.SubjectName.Name) { var chainOcsp = CertUtil.GetCertChain(startOcspCert, ocspCerts); AddCertificate(chainOcsp.ChainElements[1].Certificate, unsignedProperties, true, ocspCerts); } } } AddCertificate(enumerator.Current.Certificate, unsignedProperties, true, extraCerts); } }
/// <summary> /// Load state from an XML element /// </summary> /// <param name="xmlElement">XML element containing new state</param> public void LoadXml(System.Xml.XmlElement xmlElement) { XmlNamespaceManager xmlNamespaceManager; XmlNodeList xmlNodeList; IEnumerator enumerator; XmlElement iterationXmlElement; EncapsulatedX509Certificate newEncapsulatedX509Certificate; OtherCertificate newOtherCertificate; if (xmlElement == null) { throw new ArgumentNullException("xmlElement"); } if (xmlElement.HasAttribute("Id")) { this.id = xmlElement.GetAttribute("Id"); } else { this.id = ""; } xmlNamespaceManager = new XmlNamespaceManager(xmlElement.OwnerDocument.NameTable); xmlNamespaceManager.AddNamespace("xades", XadesSignedXml.XadesNamespaceUri); this.encapsulatedX509CertificateCollection.Clear(); this.otherCertificateCollection.Clear(); xmlNodeList = xmlElement.SelectNodes("xades:EncapsulatedX509Certificate", xmlNamespaceManager); enumerator = xmlNodeList.GetEnumerator(); try { while (enumerator.MoveNext()) { iterationXmlElement = enumerator.Current as XmlElement; if (iterationXmlElement != null) { newEncapsulatedX509Certificate = new EncapsulatedX509Certificate(); newEncapsulatedX509Certificate.LoadXml(iterationXmlElement); this.encapsulatedX509CertificateCollection.Add(newEncapsulatedX509Certificate); } } } finally { IDisposable disposable = enumerator as IDisposable; if (disposable != null) { disposable.Dispose(); } } xmlNodeList = xmlElement.SelectNodes("xades:OtherCertificate", xmlNamespaceManager); enumerator = xmlNodeList.GetEnumerator(); try { while (enumerator.MoveNext()) { iterationXmlElement = enumerator.Current as XmlElement; if (iterationXmlElement != null) { newOtherCertificate = new OtherCertificate(); newOtherCertificate.LoadXml(iterationXmlElement); this.otherCertificateCollection.Add(newOtherCertificate); } } } finally { IDisposable disposable = enumerator as IDisposable; if (disposable != null) { disposable.Dispose(); } } }
/// <summary> /// Add typed object to the collection /// </summary> /// <param name="objectToAdd">Typed object to be added to collection</param> /// <returns>The object that has been added to collection</returns> public EncapsulatedX509Certificate Add(EncapsulatedX509Certificate objectToAdd) { base.Add(objectToAdd); return objectToAdd; }
private void injectXadesXLInformationButton_Click(object sender, System.EventArgs e) { UnsignedProperties unsignedProperties = null; int certificateValuesCounter; CertificateValues certificateValues; EncapsulatedX509Certificate encapsulatedX509Certificate; RevocationValues revocationValues; CRLValue newCRLValue; if (this.includeCertificateValuesCheckBox.Checked) { if (this.Chain != null) { unsignedProperties = this.xadesSignedXml.UnsignedProperties; unsignedProperties.UnsignedSignatureProperties.CertificateValues = new CertificateValues(); certificateValues = unsignedProperties.UnsignedSignatureProperties.CertificateValues; certificateValues.Id = this.certificateValuesIdTextBox.Text; certificateValuesCounter = 0; foreach (X509ChainElement element in this.Chain.ChainElements) { encapsulatedX509Certificate = new EncapsulatedX509Certificate(); encapsulatedX509Certificate.Id = this.certificateValuesIdTextBox.Text + certificateValuesCounter.ToString(); encapsulatedX509Certificate.PkiData = element.Certificate.GetRawCertData(); certificateValuesCounter++; certificateValues.EncapsulatedX509CertificateCollection.Add(encapsulatedX509Certificate); } this.xadesSignedXml.UnsignedProperties = unsignedProperties; } else { MessageBox.Show("To add certificates, you need to add certificate references (XAdES-C) first"); } } if (this.includeRevocationValuesCheckBox.Checked) { unsignedProperties = this.xadesSignedXml.UnsignedProperties; unsignedProperties.UnsignedSignatureProperties.RevocationValues = new RevocationValues(); revocationValues = unsignedProperties.UnsignedSignatureProperties.RevocationValues; revocationValues.Id = this.revocationValuesIdTextBox.Text; newCRLValue = new CRLValue(); newCRLValue.PkiData = this.GetFileBytes(this.crlFileTextBox.Text); revocationValues.CRLValues.CRLValueCollection.Add(newCRLValue); this.xadesSignedXml.UnsignedProperties = unsignedProperties; if (this.includeCertificateValuesCheckBox.Checked || this.includeRevocationValuesCheckBox.Checked) { this.ShowSignature(); } } }
/// <summary> /// Load state from an XML element /// </summary> /// <param name="xmlElement">XML element containing new state</param> public void LoadXml(System.Xml.XmlElement xmlElement) { XmlNamespaceManager xmlNamespaceManager; XmlNodeList xmlNodeList; IEnumerator enumerator; XmlElement iterationXmlElement; EncapsulatedX509Certificate newEncapsulatedX509Certificate; OtherCertificate newOtherCertificate; if (xmlElement == null) { throw new ArgumentNullException("xmlElement"); } if (xmlElement.HasAttribute("Id")) { this.id = xmlElement.GetAttribute("Id"); } else { this.id = ""; } xmlNamespaceManager = new XmlNamespaceManager(xmlElement.OwnerDocument.NameTable); xmlNamespaceManager.AddNamespace("xades", XadesSignedXml.XadesNamespaceUri); this.encapsulatedX509CertificateCollection.Clear(); this.otherCertificateCollection.Clear(); xmlNodeList = xmlElement.SelectNodes("xades:EncapsulatedX509Certificate", xmlNamespaceManager); enumerator = xmlNodeList.GetEnumerator(); try { while (enumerator.MoveNext()) { iterationXmlElement = enumerator.Current as XmlElement; if (iterationXmlElement != null) { newEncapsulatedX509Certificate = new EncapsulatedX509Certificate(); newEncapsulatedX509Certificate.LoadXml(iterationXmlElement); this.encapsulatedX509CertificateCollection.Add(newEncapsulatedX509Certificate); } } } finally { IDisposable disposable = enumerator as IDisposable; if (disposable != null) { disposable.Dispose(); } } xmlNodeList = xmlElement.SelectNodes("xades:OtherCertificate", xmlNamespaceManager); enumerator = xmlNodeList.GetEnumerator(); try { while (enumerator.MoveNext()) { iterationXmlElement = enumerator.Current as XmlElement; if (iterationXmlElement != null) { newOtherCertificate = new OtherCertificate(); newOtherCertificate.LoadXml(iterationXmlElement); this.otherCertificateCollection.Add(newOtherCertificate); } } } finally { IDisposable disposable = enumerator as IDisposable; if (disposable != null) { disposable.Dispose(); } } }
protected internal override void ExtendSignatureTag(XadesSignedXml xadesSignedXml) { base.ExtendSignatureTag(xadesSignedXml); X509Certificate signingCertificate = DotNetUtilities.FromX509Certificate( xadesSignedXml.GetSigningCertificate()); DateTime signingTime = xadesSignedXml.XadesObject.QualifyingProperties .SignedProperties.SignedSignatureProperties.SigningTime; ValidationContext ctx = certificateVerifier.ValidateCertificate(signingCertificate , signingTime, new XAdESCertificateSource(xadesSignedXml.GetXml(), false), null, null); UnsignedProperties unsignedProperties = null; //int certificateValuesCounter; CertificateValues certificateValues; EncapsulatedX509Certificate encapsulatedX509Certificate; RevocationValues revocationValues; CRLValue newCRLValue; OCSPValue newOCSPValue; unsignedProperties = xadesSignedXml.UnsignedProperties; //TODO jbonilla Validate certificate refs. { unsignedProperties.UnsignedSignatureProperties.CertificateValues = new CertificateValues(); certificateValues = unsignedProperties.UnsignedSignatureProperties.CertificateValues; //certificateValues.Id = this.certificateValuesIdTextBox.Text; //certificateValuesCounter = 0; foreach (CertificateAndContext certificate in ctx.GetNeededCertificates()) { encapsulatedX509Certificate = new EncapsulatedX509Certificate(); //encapsulatedX509Certificate.Id = this.certificateValuesIdTextBox.Text + certificateValuesCounter.ToString(); encapsulatedX509Certificate.PkiData = certificate.GetCertificate().GetEncoded(); //certificateValuesCounter++; certificateValues.EncapsulatedX509CertificateCollection.Add(encapsulatedX509Certificate); } } unsignedProperties = xadesSignedXml.UnsignedProperties; unsignedProperties.UnsignedSignatureProperties.RevocationValues = new RevocationValues(); revocationValues = unsignedProperties.UnsignedSignatureProperties.RevocationValues; //revocationValues.Id = this.revocationValuesIdTextBox.Text; if (ctx.GetNeededOCSPResp().Count > 0) { foreach(BasicOcspResp ocsp in ctx.GetNeededOCSPResp()) { newOCSPValue = new OCSPValue(); newOCSPValue.PkiData = OCSPUtils.FromBasicToResp(ocsp).GetEncoded(); revocationValues.OCSPValues.OCSPValueCollection.Add(newOCSPValue); } } if (ctx.GetNeededCRL().Count > 0) { foreach (X509Crl crl in ctx.GetNeededCRL()) { newCRLValue = new CRLValue(); newCRLValue.PkiData = crl.GetEncoded(); revocationValues.CRLValues.CRLValueCollection.Add(newCRLValue); } } xadesSignedXml.UnsignedProperties = unsignedProperties; }