private static void FormatElement(object Sender, TElXMLDOMElement Element, int Level, string Path, ref string StartTagWhitespace, ref string EndTagWhitespace) { StartTagWhitespace = "\n"; string s = new string('\t', Level - 1); StartTagWhitespace = StartTagWhitespace + s; if (Element.FirstChild != null) { bool HasElements = false; TElXMLDOMNode Node = Element.FirstChild; while (Node != null) { if (Node.NodeType == SBXMLCore.Unit.ntElement) { HasElements = true; break; } Node = Node.NextSibling; } if (HasElements) { EndTagWhitespace = "\n" + s; } } }
static bool ValidateSignature(TElXMLDOMElement element) // this should be in separate unit test project { using (var X509KeyData = new TElXMLKeyInfoX509Data(true)) { using (var stream = new FileStream(HostingEnvironment.MapPath("~/App_Data/hrinyorg-prod-public.cer"), FileMode.Open, FileAccess.Read)) LoadCertificate(stream, "", X509KeyData); using (var verifier = new TElXMLVerifier()) { verifier.KeyData = X509KeyData; verifier.Load(element); return(verifier.ValidateSignature()); } } }
private static void SignElement(string absoluteCertFilePath, string password, object element) { TElXMLSigner Signer; TElXAdESSigner XAdESSigner = null; TElXMLKeyInfoRSAData RSAKeyData = null; TElXMLKeyInfoX509Data X509KeyData = null; TElXMLKeyInfoPGPData PGPKeyData = null; FileStream F; TElXMLDOMNode SigNode; TElXMLReferenceList Refs = new TElXMLReferenceList(); TElXMLReference Ref = new TElXMLReference(); Ref.DigestMethod = SBXMLSec.Unit.xdmSHA1; if ((TElXMLDOMNode)element is TElXMLDOMDocument) { Ref.URINode = ((TElXMLDOMDocument)element).DocumentElement; Ref.URI = ""; } else if ((TElXMLDOMNode)element is TElXMLDOMElement) { Ref.URINode = (TElXMLDOMNode)element; TElXMLDOMElement El = (TElXMLDOMElement)element; if (El.GetAttribute("ID") != "") { Ref.URI = "#" + El.GetAttribute("ID"); } else if (El.ParentNode is TElXMLDOMDocument) { Ref.URI = ""; } else { El.SetAttribute("ID", "id-" + SBStrUtils.Unit.IntToStr(SBRandom.__Global.SBRndGenerate(uint.MaxValue))); Ref.URI = "#" + El.GetAttribute("Id"); } } else { Ref.URINode = (TElXMLDOMNode)element; Ref.URI = ((TElXMLDOMNode)element).LocalName; } Ref.TransformChain.Add(new TElXMLEnvelopedSignatureTransform()); Ref.TransformChain.Add(new TElXMLC14NTransform()); Refs.Add(Ref); Signer = new TElXMLSigner(); // https://www.eldos.com/documentation/sbb/documentation/ref_cl_xmlsigner_prp_signaturemethodtype.html try { Signer.SignatureType = SBXMLSec.Unit.xstEnveloped; Signer.CanonicalizationMethod = SBXMLDefs.Unit.xcmExclCanonComment; Signer.SignatureMethodType = SBXMLSec.Unit.xmtSig; Signer.SignatureMethod = SBXMLSec.Unit.xsmRSA_SHA1; Signer.MACMethod = SBXMLSec.Unit.xmmHMAC_MD5; Signer.References = Refs; Signer.KeyName = String.Empty; Signer.IncludeKey = false; Signer.OnFormatElement += FormatElement; Signer.OnFormatText += FormatText; if ((Signer.SignatureType == SBXMLSec.Unit.xstEnveloping) && (Ref != null) && (Ref.URI == "") && (Ref.URINode is TElXMLDOMElement)) { TElXMLDOMElement El = (TElXMLDOMElement)Ref.URINode; El.SetAttribute("ID", "id-" + SBStrUtils.Unit.IntToStr(SBRandom.__Global.SBRndGenerate(uint.MaxValue))); Ref.URI = "#" + El.GetAttribute("Id"); } RSAKeyData = new TElXMLKeyInfoRSAData(true); RSAKeyData.RSAKeyMaterial.Passphrase = password; X509KeyData = new TElXMLKeyInfoX509Data(true); PGPKeyData = new TElXMLKeyInfoPGPData(true); F = new FileStream(absoluteCertFilePath, FileMode.Open, FileAccess.Read); try { // trying to load file as RSA key material RSAKeyData.RSAKeyMaterial.LoadSecret(F, 0); } catch { } if (!RSAKeyData.RSAKeyMaterial.SecretKey) { // trying to load file as Certificate F.Position = 0; LoadCertificate(F, password, X509KeyData); } if (!RSAKeyData.RSAKeyMaterial.PublicKey && (X509KeyData.Certificate == null)) { // trying to load file as PGP key F.Position = 0; PGPKeyData.SecretKey = new TElPGPSecretKey(); PGPKeyData.SecretKey.Passphrase = password; try { ((TElPGPSecretKey)PGPKeyData.SecretKey).LoadFromStream(F); } catch { PGPKeyData.SecretKey = null; } } F.Close(); if (RSAKeyData.RSAKeyMaterial.SecretKey) { Signer.KeyData = RSAKeyData; } else if (X509KeyData.Certificate != null) { if (!X509KeyData.Certificate.PrivateKeyExists) { throw new Exception("The selected certificate doesn''t contain a private key"); } Signer.KeyData = X509KeyData; } else if (PGPKeyData.SecretKey != null) { Signer.KeyData = PGPKeyData; } Signer.UpdateReferencesDigest(); Signer.GenerateSignature(); SigNode = (TElXMLDOMNode)element; if (SigNode is TElXMLDOMDocument) { SigNode = ((TElXMLDOMDocument)SigNode).DocumentElement; } try { // If the signature type is enveloping, then the signature is placed into the passed node and the contents of the node are moved to inside of the signature. // If the signature type is enveloped, the signature is placed as a child of the passed node. Signer.Save(ref SigNode); } catch (Exception E) { throw new Exception(string.Format("Failed to sign data and to save the signature: ({0})", E.Message)); } } finally { Signer.Dispose(); if (XAdESSigner != null) { XAdESSigner.Dispose(); } if (X509KeyData != null) { X509KeyData.Dispose(); } if (PGPKeyData != null) { PGPKeyData.Dispose(); } } }
// this should be in separate unit test project static bool ValidateSignature(TElXMLDOMElement element) { using (var X509KeyData = new TElXMLKeyInfoX509Data(true)) { using (var stream = new FileStream(HostingEnvironment.MapPath("~/App_Data/hrinyorg-prod-public.cer"), FileMode.Open, FileAccess.Read)) LoadCertificate(stream, "", X509KeyData); using (var verifier = new TElXMLVerifier()) { verifier.KeyData = X509KeyData; verifier.Load(element); return verifier.ValidateSignature(); } } }
private static void FormatElement(object Sender, TElXMLDOMElement Element, int Level, string Path, ref string StartTagWhitespace, ref string EndTagWhitespace) { StartTagWhitespace = "\n"; string s = new string('\t', Level - 1); StartTagWhitespace = StartTagWhitespace + s; if (Element.FirstChild != null) { bool HasElements = false; TElXMLDOMNode Node = Element.FirstChild; while (Node != null) { if (Node.NodeType == SBXMLCore.Unit.ntElement) { HasElements = true; break; } Node = Node.NextSibling; } if (HasElements) EndTagWhitespace = "\n" + s; } }