public OpensignAbstractSignature GenerateOpensignSignature(string xmlDoc)
{
Console.WriteLine(xmlDoc);
if (xmlDoc == null)
{
throw new NullReferenceException("xmlDoc cannot be null");
}
if (xmlDoc.Length < 10 && !xmlDoc.StartsWith("<")) throw new Oces2ErrorCode(xmlDoc);
var xml = XmlUtil.LoadXml(xmlDoc);
var signature = new OpensignSignature(xml);
var actionProperty = signature.SignatureProperties["action"];
if (actionProperty != null && ("bG9nb24=".Equals(actionProperty.Value) || "logon".Equals(actionProperty.Value.ToLower())))
{
return new OpenlogonSignature(xml);
}
return signature;
}
public OpensignAbstractSignature GenerateOpensignSignature(string xmlDoc)
{
Console.WriteLine(xmlDoc);
if (xmlDoc == null)
{
throw new NullReferenceException("xmlDoc cannot be null");
}
if (xmlDoc.Length < 10 && !xmlDoc.StartsWith("<"))
{
throw new Oces2ErrorCode(xmlDoc);
}
var xml = XmlUtil.LoadXml(xmlDoc);
var signature = new OpensignSignature(xml);
var actionProperty = signature.SignatureProperties["action"];
if (actionProperty != null && ("bG9nb24=".Equals(actionProperty.Value) || "logon".Equals(actionProperty.Value.ToLower())))
{
return(new OpenlogonSignature(xml));
}
return(signature);
}
private static void ValidateVisibleToSignerForSignText(OpensignSignature signature)
{
SignatureProperty signtextProperty = signature.SignatureProperties["signtext"];
if (IsNotSignedXmlDocument(signature) && !signtextProperty.VisibleToSigner)
{
throw new ServiceProviderException("Invalid sign signature - the parameter signtext in the signature " +
"must have the attribute visibleToSigner set to true");
}
}
private static void ValidateSignatureParameters(OpensignSignature opensignSignature, string challenge, string logonto)
{
ValidateChallenge(opensignSignature, challenge);
ValidateVisibleToSignerForSignText(opensignSignature);
if (logonto != null)
{
ValidateLogonto(opensignSignature, logonto);
}
}
private static void ValidateLogonto(OpensignSignature signature, string logonto)
{
SignatureProperty logontoProperty = GetSignatureProperty(signature, "logonto");
SignatureProperty requestIssuerProperty = GetSignatureProperty(signature, "RequestIssuer");
if (logontoProperty != null && requestIssuerProperty != null)
{
throw new InvalidOperationException("Invalid signature logonto and RequestIssuer parameters cannot both be set");
}
if (logontoProperty == null && requestIssuerProperty == null)
{
throw new InvalidOperationException("Invalid signature either logonto or RequestIssuer parameters must be set");
}
if (logontoProperty != null)
{
String logontoPropertyValue = logontoProperty.Value;
if (logontoPropertyValue != logonto)
{
throw new ServiceProviderException("Invalid signature logonto parameter does not match expected value. Expected: "
+ logonto + " actual: " + logontoPropertyValue);
}
}
if (requestIssuerProperty != null)
{
String requestIssuerValue = requestIssuerProperty.Value;
if (requestIssuerValue != logonto)
{
throw new ServiceProviderException("Invalid signature RequestIssuer parameter does not match expected value. Expected: "
+ logonto + " actual: " + requestIssuerValue);
}
}
}
private static void ValidateChallenge(OpensignSignature opensignSignature, string challenge)
{
ChallengeVerifier.VerifyChallenge(opensignSignature, challenge);
}
private static Boolean SignatureMatches(string encodedSignature, string encodedAgreement, string signTextTransformation, OpensignSignature opensignSignature)
{
if (!encodedAgreement.Equals(encodedSignature))
{
return false;
}
var stylesheetDigest = opensignSignature.StylesheetDigest;
if (stylesheetDigest != null)
{
if (signTextTransformation == null)
{
throw new ArgumentException("signTextTransformation is required for XML signing");
}
var digest = new Sha256Digest();
var encode = new ASCIIEncoding();
byte[] stylesheetBytes = encode.GetBytes(signTextTransformation);
digest.BlockUpdate(stylesheetBytes, 0, stylesheetBytes.Length);
var digestBytes = new byte[digest.GetDigestSize()];
digest.DoFinal(digestBytes, 0);
var calculatedDigest = Encoding.UTF8.GetString(digestBytes, 0, digestBytes.Length);
return stylesheetDigest.Equals(calculatedDigest);
}
return true;
}
private static Boolean IsNotSignedXmlDocument(OpensignSignature opensignSignature)
{
return opensignSignature.StylesheetDigest == null;
}
private static SignatureProperty GetSignatureProperty(OpensignSignature signature, string propertyKey)
{
try
{
return signature.SignatureProperties[propertyKey];
}
catch (KeyNotFoundException)
{
return null;
}
}
private static string EncodeSignature(OpensignSignature opensignSignature)
{
return Base64Encode(opensignSignature.Signtext);
}
public SignatureValidationStatus(OpensignSignature signature, CertificateStatus certificateStatus, bool signatureMatches)
{
Signature = signature;
CertificateStatus = certificateStatus;
SignatureMatches = signatureMatches;
}
