internal static XmlDsigSignOperation From(XmlDsigSignParameters parameters)
{
switch (parameters.SignatureFormat)
{
case XmlDsigSignatureFormat.Enveloping:
return(new XmlDsigEnvelopingSignOperation());
case XmlDsigSignatureFormat.Enveloped:
return(new XmlDsigEnvelopedSignOperation());
case XmlDsigSignatureFormat.Detached:
return(new XmlDsigDetachedSignOperation());
}
throw new Exception("There isn't a '" + parameters.SignatureFormat + "' signer implemented");
}
private static void AddXAdESNodes(ExtendedSignedXml signedXml, XmlDsigSignParameters parameters)
{
var document = parameters.InputXml;
var qualifyingPropertiesNode = AddQualifyingPropertiesNode(signedXml, document);
var signedPropertiesNode = AddSignedPropertiesNode(document, qualifyingPropertiesNode);
CreateReferenceToSignedProperties(signedXml, signedPropertiesNode);
var signedSignatureProperties = AddSignedSignaturePropertiesNode(document, signedPropertiesNode);
AddSigningTimeNode(document, signedSignatureProperties);
AddSigningCertificate(document, signedSignatureProperties, parameters);
//AddSignaturePolicyIdentifier(document, signedSignatureProperties);
var unsignedPropertiesNode = AddUnsignedPropertiesNode(document, qualifyingPropertiesNode);
AddUnsignedSignaturePropertiesNode(document, unsignedPropertiesNode);
}
private static void AddPropertyFromNameAndValue(string propertyName, string propertyValue, string propertyNameSpace,
ExtendedSignedXml signedXml, XmlDsigSignParameters signParameters)
{
var document = signParameters.InputXml;
if (document == null)
{
throw new InvalidParameterException("Document cannot be null");
}
var propertyNode = string.IsNullOrEmpty(propertyNameSpace) ?
document.CreateElement(propertyName) : document.CreateElement(propertyName, propertyNameSpace);
propertyNode.InnerText = propertyValue;
AddProperty(document, signedXml, propertyNode);
}
internal XmlDocument SignAndGetXml(XmlDsigSignParameters signParameters, Action <ExtendedSignedXml> signedXmlPostProcessing)
{
ValidateParameters(signParameters);
var inputXml = signParameters.InputXml;
if (inputXml == null)
{
inputXml = new XmlDocument();
inputXml.Load(signParameters.InputPath);
signParameters.InputXml = inputXml;
}
var signature = GetSignature(inputXml, signParameters, signedXmlPostProcessing);
var xmlDocument = BuildFinalSignedXmlDocument(inputXml, signature.GetXml());
return(xmlDocument);
}
private static void CreateNodesForProperties(ExtendedSignedXml signedXml, XmlDsigSignParameters signParameters)
{
if (signParameters.Properties != null && signParameters.Properties.Count > 0)
{
foreach (var xmlPropertyDescriptor in signParameters.Properties)
{
AddPropertyFromNameAndValue(xmlPropertyDescriptor.Name, xmlPropertyDescriptor.Value,
xmlPropertyDescriptor.NameSpace,
signedXml, signParameters);
}
}
if (signParameters.PropertyBuilders != null && signParameters.PropertyBuilders.Count > 0)
{
foreach (var propertyBuilder in signParameters.PropertyBuilders)
{
AddProperty(signParameters.InputXml, signedXml, propertyBuilder(signParameters.InputXml));
}
}
}
private static void ValidateParameters(XmlDsigSignParameters signParameters)
{
if (signParameters == null)
{
throw new InvalidParameterException("Parameters to sign cannot be null");
}
if (signParameters.SignatureCertificate == null)
{
throw new InvalidParameterException("Signer Certificate cannot be null");
}
if (signParameters.InputPath == null)
{
throw new InvalidParameterException("Document to sign cannot be null");
}
if (signParameters.OutputPath == null)
{
throw new InvalidParameterException("Path of signed file cannot be null");
}
}
private static void AddCertDigestNode(XmlDocument document, XmlElement certNode, XmlDsigSignParameters parameters)
{
var certDigestNode = XmlHelper.CreateNodeIn(document, "CertDigest", XadesNamespaceUrl, certNode);
XmlHelper.CreateNodeWithTextIn(document, "DigestMethod", SignedXml.XmlDsigSHA1Url, SignedXml.XmlDsigNamespaceUrl, certDigestNode);
var certificateData = parameters.SignatureCertificate.RawData;
var digestValue = CryptoHelper.GetBase64SHA1(certificateData);
XmlHelper.CreateNodeWithTextIn(document, "DigestValue", digestValue, SignedXml.XmlDsigNamespaceUrl, certDigestNode);
}
private static void AddSigningCertificate(XmlDocument document, XmlElement signedSignatureProperties, XmlDsigSignParameters parameters)
{
var signingCertificateNode = XmlHelper.CreateNodeIn(document, "SigningCertificate", XadesNamespaceUrl, signedSignatureProperties);
var certNode = XmlHelper.CreateNodeIn(document, "Cert", XadesNamespaceUrl, signingCertificateNode);
AddCertDigestNode(document, certNode, parameters);
AddIssuerSerialNode(document, certNode, parameters);
}
private static void AddIssuerSerialNode(XmlDocument document, XmlElement certNode, XmlDsigSignParameters parameters)
{
var issuerSerialNode = XmlHelper.CreateNodeIn(document, "IssuerSerial", XadesNamespaceUrl, certNode);
XmlHelper.CreateNodeWithTextIn(document, "X509IssuerName", parameters.SignatureCertificate.Issuer,
SignedXml.XmlDsigNamespaceUrl, issuerSerialNode);
XmlHelper.CreateNodeWithTextIn(document, "X509SerialNumber", parameters.SignatureCertificate.SerialNumber,
SignedXml.XmlDsigNamespaceUrl, issuerSerialNode);
}
protected void SaveSignatureToFile(XmlDocument xml, XmlDsigSignParameters signParameters)
{
xml.Save(signParameters.OutputPath);
}
internal XmlDocument SignAndGetXml(XmlDsigSignParameters signParameters)
{
return(SignAndGetXml(signParameters, null));
}
internal void Sign(XmlDsigSignParameters signParameters, Action <ExtendedSignedXml> signedXmlPostProcessing)
{
var signedDocument = SignAndGetXml(signParameters, signedXmlPostProcessing);
SaveSignatureToFile(signedDocument, signParameters);
}
protected void IncludeSignatureCertificateIfNeeded(SignedXml signedXml, X509Certificate2 certificate, XmlDsigSignParameters signParameters)
{
signedXml.SigningKey = certificate.PrivateKey;
if (!signParameters.IncludeCertificateInSignature)
{
return;
}
var certificateKeyInfo = new KeyInfo();
certificateKeyInfo.AddClause(new KeyInfoX509Data(certificate));
signedXml.KeyInfo = certificateKeyInfo;
}
internal void Sign(XmlDsigSignParameters signParameters)
{
Sign(signParameters, null);
}
