/// <summary>
/// Validate a MessageMetadataType object.
/// </summary>
/// <param name="metadata">The object to be validated.</param>
public static void ValidateMetadata(MessageMetadataType metadata)
{
// Validate metadata
Validation.ValidateArgumentRequired("metadata", metadata);
Validation.ValidateDateTime("metadata.creationTime", metadata.creationTime);
Validation.ValidateArgumentRequired("metadata.invocationId", metadata.invocationId);
Validation.ValidateArgumentRequired("metadata.receiverOrganisation", metadata.receiverOrganisation);
Validation.ValidateArgumentRequired("metadata.senderOrganisation", metadata.senderOrganisation);
Validation.ValidateArgumentRequired("metadata.serviceCategory", metadata.serviceCategory);
Validation.ValidateArgumentRequired("metadata.serviceInterface", metadata.serviceInterface);
Validation.ValidateStringMatch("metadata.serviceInterface", metadata.serviceInterface, ServiceInterfaces.SimdServiceInterface);
// Validate that route record hasn't been specified
Validation.ValidateArgumentNotAllowed("metadata.routeRecord", metadata.routeRecord);
// Other transport metadata
if (metadata.otherTransportMetadata != null && metadata.otherTransportMetadata.Length > 0)
{
for (int x = 0; x < metadata.otherTransportMetadata.Length; x++)
{
OtherTransportMetadataEntryType omt = metadata.otherTransportMetadata[x];
Validation.ValidateArgumentRequired(string.Format("metadata.otherTransportMetadata[{0}].metadataType", x), omt.metadataType);
Validation.ValidateArgumentRequired(string.Format("metadata.otherTransportMetadata[{0}].metadataValue", x), omt.metadataValue);
}
}
}
/// <summary>
/// Create and returns a SealedMessageType instance encapsulating payload signing and encryption.
/// </summary>
/// <param name="messageData">The non xml document payload.</param>
/// <param name="metadata">The metadata of the message.</param>
/// <param name="signingCert">The certificate to sign the payload with.</param>
/// <param name="encryptionCert">The certificate to encrypt the payload with.</param>
/// <returns>The SealedMessageType instance.</returns>
public static SealedMessageType GetSealedMessage(byte[] messageData, MessageMetadataType metadata, X509Certificate2 signingCert, X509Certificate2 encryptionCert)
{
Validation.ValidateArgumentRequired("messageData", messageData);
MessageType message = new MessageType();
message.data = messageData;
return(GetSealedMessage(message.SerializeToXml("message"), metadata, signingCert, encryptionCert));
}
/// <summary>
/// Validate a MessageMetadataType object.
/// </summary>
/// <param name="metadata">The object to be validated.</param>
public static void ValidateMetadata(MessageMetadataType metadata)
{
// Validate metadata
Validation.ValidateArgumentRequired("metadata", metadata);
Validation.ValidateDateTime("metadata.creationTime", metadata.creationTime);
Validation.ValidateArgumentRequired("metadata.invocationId", metadata.invocationId);
Validation.ValidateArgumentRequired("metadata.receiverOrganisation", metadata.receiverOrganisation);
Validation.ValidateArgumentRequired("metadata.senderOrganisation", metadata.senderOrganisation);
Validation.ValidateArgumentRequired("metadata.serviceCategory", metadata.serviceCategory);
Validation.ValidateArgumentRequired("metadata.serviceInterface", metadata.serviceInterface);
Validation.ValidateStringMatch("metadata.serviceInterface", metadata.serviceInterface, ServiceInterfaces.SmdServiceInterface);
if (metadata.routeRecord != null && metadata.routeRecord.Length > 0)
{
for (int x = 0; x < metadata.routeRecord.Length; x++)
{
// Validate interaction type
InteractionType it = metadata.routeRecord[x].interaction;
Validation.ValidateArgumentRequired(string.Format("metadata.routeRecord[{0}].interaction", x), it);
Validation.ValidateArgumentRequired(string.Format("metadata.routeRecord[{0}].interaction.serviceCategory", x), it.serviceCategory);
Validation.ValidateArgumentRequired(string.Format("metadata.routeRecord[{0}].interaction.serviceEndpoint", x), it.serviceEndpoint);
Validation.ValidateArgumentRequired(string.Format("metadata.routeRecord[{0}].interaction.serviceInterface", x), it.serviceInterface);
Validation.ValidateArgumentRequired(string.Format("metadata.routeRecord[{0}].interaction.serviceProvider", x), it.serviceProvider);
Validation.ValidateArgumentRequired(string.Format("metadata.routeRecord[{0}].interaction.target", x), it.target);
Validation.ValidateStringMatch(string.Format("metadata.routeRecord[{0}].interaction.serviceInterface", x), it.serviceInterface, ServiceInterfaces.TrdServiceInterface);
// Validate cert refs if available
if (it.certRef != null && it.certRef.Length > 0)
{
for (int y = 0; y < it.certRef.Length; y++)
{
Validation.ValidateArgumentRequired(string.Format("metadata.routeRecord[{0}].interaction.certRef[{1}].useQualifier", x, y), it.certRef[y].useQualifier);
Validation.ValidateArgumentRequired(string.Format("metadata.routeRecord[{0}].interaction.certRef[{1}].qualifiedCertRef", x, y), it.certRef[y].qualifiedCertRef);
Validation.ValidateArgumentRequired(string.Format("metadata.routeRecord[{0}].interaction.certRef[{1}].qualifiedCertRef.type", x, y), it.certRef[y].qualifiedCertRef.type);
Validation.ValidateArgumentRequired(string.Format("metadata.routeRecord[{0}].interaction.certRef[{1}].qualifiedCertRef.value", x, y), it.certRef[y].qualifiedCertRef.value);
}
}
}
}
// Other transport metadata
if (metadata.otherTransportMetadata != null && metadata.otherTransportMetadata.Length > 0)
{
for (int x = 0; x < metadata.otherTransportMetadata.Length; x++)
{
OtherTransportMetadataEntryType omt = metadata.otherTransportMetadata[x];
Validation.ValidateArgumentRequired(string.Format("metadata.otherTransportMetadata[{0}].metadataType", x), omt.metadataType);
Validation.ValidateArgumentRequired(string.Format("metadata.otherTransportMetadata[{0}].metadataValue", x), omt.metadataValue);
}
}
}
public void Sample()
{
// Payload
XmlDocument payload = new XmlDocument();
payload.LoadXml("<data>Sample data to deliver.</data>");
// TLS certificate used to authenticate the client to the SMD service during TLS connection.
X509Certificate2 tlsCert = X509CertificateUtil.GetCertificate("TlsCertificateSerialNumber", X509FindType.FindBySerialNumber, StoreName.My, StoreLocation.CurrentUser, true);
// Certificate used to sign the payload.
X509Certificate2 signingCert = X509CertificateUtil.GetCertificate("SigningCertificateSerialNumber", X509FindType.FindBySerialNumber, StoreName.My, StoreLocation.CurrentUser, true);
// Certificate used to encrypt the payload.
X509Certificate2 payloadEncryptionCert = X509CertificateUtil.GetCertificate("EncryptionCertificateSerialNumber", X509FindType.FindBySerialNumber, StoreName.My, StoreLocation.CurrentUser, true);
// Instantiate the client.
SealedMessageDeliveryClient client = new SealedMessageDeliveryClient(tlsCert);
// Set up metadata
MessageMetadataType metadata = new MessageMetadataType();
metadata.creationTime = DateTime.Now.ToUniversalTime();
metadata.expiryTime = DateTime.Now.AddDays(30).ToUniversalTime();
metadata.expiryTimeSpecified = true;
metadata.invocationId = new UniqueId().ToString();
metadata.receiverIndividual = HIQualifiers.HPIIQualifier + "16 digit receiver HPII";
metadata.receiverOrganisation = HIQualifiers.HPIOQualifier + "16 digit receiver organisation HPIO";
metadata.senderIndividual = HIQualifiers.HPIIQualifier + "16 digit sender HPII";
metadata.senderOrganisation = HIQualifiers.HPIOQualifier + "16 digit sender organisation HPIO";
metadata.serviceCategory = "ServiceCategory";
metadata.serviceInterface = ServiceInterfaces.SmdServiceInterface;
// Set up route record. Route records are used to indicate where transport responses
// are to be sent to.
metadata.routeRecord = new RouteRecordEntryType[1];
metadata.routeRecord[0] = new RouteRecordEntryType();
metadata.routeRecord[0].sendIntermediateResponses = false;
metadata.routeRecord[0].interaction = new InteractionType();
metadata.routeRecord[0].interaction.target = HIQualifiers.HPIOQualifier + "16 digit HPIO of the transport response target";
metadata.routeRecord[0].interaction.serviceCategory = "ServiceCategory";
metadata.routeRecord[0].interaction.serviceEndpoint = "https://TransportResponseDeliveryEndpoint";
metadata.routeRecord[0].interaction.serviceInterface = ServiceInterfaces.TrdServiceInterface;
metadata.routeRecord[0].interaction.serviceProvider = HIQualifiers.HPIOQualifier + "16 digit HPIO of the TRD service provider";
// Obtain a SealedMessageType instance.
SealedMessageType sealedMessage = SealedMessageDeliveryClient.GetSealedMessage(payload, metadata, signingCert, payloadEncryptionCert);
// Invoke the Deliver operation on the client.
deliverResponse response = client.Deliver(sealedMessage, new Uri("https://SMDServiceEndpoint"));
}
/// <summary>
/// Create and returns a SealedMessageType instance encapsulating payload signing and encryption.
/// </summary>
/// <param name="payload">The xml document payload.</param>
/// <param name="metadata">The metadata of the message.</param>
/// <param name="signingCert">The certificate to sign the payload with.</param>
/// <param name="encryptionCert">The certificate to encrypt the payload with.</param>
/// <returns>The SealedMessageType instance.</returns>
public static SealedMessageType GetSealedMessage(XmlDocument payload, MessageMetadataType metadata, X509Certificate2 signingCert, X509Certificate2 encryptionCert)
{
// Create SealedMessageType
SealedMessageType sealedMessage = new SealedMessageType();
// Create signed payload container
XmlDocument signedPayload = payload.XspSign(signingCert);
// Create the encrypted payload container
XmlDocument encryptedPayload = signedPayload.XspEncrypt(encryptionCert);
// Set encrypted payload
sealedMessage.encryptedPayload = encryptedPayload.Deserialize <EncryptedPayloadType>();
// Set metadata
ValidateMetadata(metadata);
sealedMessage.metadata = metadata;
return(sealedMessage);
}
