Exemple #1
0
		public void AsymmetricRSAVerify () 
		{
			string value = "<Signature xmlns=\"http://www.w3.org/2000/09/xmldsig#\"><SignedInfo><CanonicalizationMethod Algorithm=\"http://www.w3.org/TR/2001/REC-xml-c14n-20010315\" /><SignatureMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#rsa-sha1\" /><Reference URI=\"#MyObjectId\"><DigestMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#sha1\" /><DigestValue>/Vvq6sXEVbtZC8GwNtLQnGOy/VI=</DigestValue></Reference></SignedInfo><SignatureValue>A6XuE8Cy9iOffRXaW9b0+dUcMUJQnlmwLsiqtQnADbCtZXnXAaeJ6nGnQ4Mm0IGi0AJc7/2CoJReXl7iW4hltmFguG1e3nl0VxCyCTHKGOCo1u8R3K+B1rTaenFbSxs42EM7/D9KETsPlzfYfis36yM3PqatiCUOsoMsAiMGzlc=</SignatureValue><KeyInfo><KeyValue xmlns=\"http://www.w3.org/2000/09/xmldsig#\"><RSAKeyValue><Modulus>tI8QYIpbG/m6JLyvP+S3X8mzcaAIayxomyTimSh9UCpEucRnGvLw0P73uStNpiF7wltTZA1HEsv+Ha39dY/0j/Wiy3RAodGDRNuKQao1wu34aNybZ673brbsbHFUfw/o7nlKD2xO84fbajBZmKtBBDy63NHt+QL+grSrREPfCTM=</Modulus><Exponent>AQAB</Exponent></RSAKeyValue></KeyValue></KeyInfo><Object Id=\"MyObjectId\"><MyElement xmlns=\"samples\">This is some text</MyElement></Object></Signature>";
			XmlDocument doc = new XmlDocument ();
			doc.LoadXml (value);

			SignedXml v1 = new SignedXml ();
			v1.LoadXml (doc.DocumentElement);
			Assert.IsTrue (v1.CheckSignature (), "RSA-CheckSignature()");

			SignedXml v2 = new SignedXml ();
			v2.LoadXml (doc.DocumentElement);
			AsymmetricAlgorithm key = null;
			bool vrfy = v2.CheckSignatureReturningKey (out key);
			Assert.IsTrue (vrfy, "RSA-CheckSignatureReturningKey()");

			SignedXml v3 = new SignedXml ();
			v3.LoadXml (doc.DocumentElement);
			Assert.IsTrue (v3.CheckSignature (key), "RSA-CheckSignature(key)");
		}
Exemple #2
0
		public void AsymmetricDSAVerify () 
		{
			string value = "<Signature xmlns=\"http://www.w3.org/2000/09/xmldsig#\"><SignedInfo><CanonicalizationMethod Algorithm=\"http://www.w3.org/TR/2001/REC-xml-c14n-20010315\" /><SignatureMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#dsa-sha1\" /><Reference URI=\"#MyObjectId\"><DigestMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#sha1\" /><DigestValue>/Vvq6sXEVbtZC8GwNtLQnGOy/VI=</DigestValue></Reference></SignedInfo><SignatureValue>BYz/qRGjGsN1yMFPxWa3awUZm1y4I/IxOQroMxkOteRGgk1HIwhRYw==</SignatureValue><KeyInfo><KeyValue xmlns=\"http://www.w3.org/2000/09/xmldsig#\"><DSAKeyValue><P>iglVaZ+LsSL8Y0aDXmFMBwva3xHqIypr3l/LtqBH9ziV2Sh1M4JVasAiKqytWIWt/s/Uk8Ckf2tO2Ww1vsNi1NL+Kg9T7FE52sn380/rF0miwGkZeidzm74OWhykb3J+wCTXaIwOzAWI1yN7FoeoN7wzF12jjlSXAXeqPMlViqk=</P><Q>u4sowiJMHilNRojtdmIuQY2YnB8=</Q><G>SdnN7d+wn1n+HH4Hr8MIryIRYgcXdbZ5TH7jAnuWc1koqRc1AZfcYAZ6RDf+orx6Lzn055FTFiN+1NHQfGUtXJCWW0zz0FVV1NJux7WRj8vGTldjJ5ef0oCenkpwDjcIxWsZgVobve4GPoyN1sAc1scnkJB59oupibklmF4y72A=</G><Y>XejzS8Z51yfl0zbYnxSYYbHqreSLjNCoGPB/KjM1TOyV5sMjz0StKtGrFWryTWc7EgvFY7kUth4e04VKf9HbK8z/FifHTXj8+Tszbjzw8GfInnBwLN+vJgbpnjtypmiI5Bm2nLiRbfkdAHP+OrKtr/EauM9GQfYuaxm3/Vj8B84=</Y><J>vGwGg9wqwwWP9xsoPoXu6kHArJtadiNKe9azBiUx5Ob883gd5wlKfEcGuKkBmBySGbgwxyOsIBovd9Kk48hF01ymfQzAAuHR0EdJECSsTsTTKVTLQNBU32O+PRbLYpv4E8kt6rNL83JLJCBY</J><Seed>sqzn8J6fd2gtEyq6YOqiUSHgPE8=</Seed><PgenCounter>sQ==</PgenCounter></DSAKeyValue></KeyValue></KeyInfo><Object Id=\"MyObjectId\"><MyElement xmlns=\"samples\">This is some text</MyElement></Object></Signature>";
			XmlDocument doc = new XmlDocument ();
			doc.LoadXml (value);

			SignedXml v1 = new SignedXml ();
			v1.LoadXml (doc.DocumentElement);
			Assert.IsTrue (v1.CheckSignature (), "DSA-CheckSignature()");

			SignedXml v2 = new SignedXml ();
			v2.LoadXml (doc.DocumentElement);
			AsymmetricAlgorithm key = null;
			bool vrfy = v2.CheckSignatureReturningKey (out key);
			Assert.IsTrue (vrfy, "DSA-CheckSignatureReturningKey()");

			SignedXml v3 = new SignedXml ();
			v3.LoadXml (doc.DocumentElement);
			Assert.IsTrue (v3.CheckSignature (key), "DSA-CheckSignature(key)");
		}
        public ActionResult Index(XmlModel model)
        {
            if (model.Action == "encrypt")
            {
                var recipientCertificate = LoadCertificate(model.RecipientThumbprint);
                var signingCertificate = LoadCertificate(model.SenderThumbprint);
                var xmlDocument = new XmlDocument();
                xmlDocument.LoadXml(model.PlainText);

                var elementToEncrypt = xmlDocument.GetElementsByTagName("message")[0] as XmlElement;
                var encryptedXml = new EncryptedXml();

                // Encrypt the element.
                var encryptedElement = encryptedXml.Encrypt(elementToEncrypt, recipientCertificate);
                EncryptedXml.ReplaceElement(elementToEncrypt, encryptedElement, false);

                // Sign the document
                var signedXml = new SignedXml(xmlDocument) { SigningKey = signingCertificate.PrivateKey };
                var reference = new Reference { Uri = string.Empty };

                var transform = new XmlDsigC14NTransform();
                reference.AddTransform(transform);

                var envelope = new XmlDsigEnvelopedSignatureTransform();
                reference.AddTransform(envelope);
                signedXml.AddReference(reference);

                var keyInfo = new KeyInfo();
                keyInfo.AddClause(new KeyInfoX509Data(signingCertificate));
                signedXml.KeyInfo = keyInfo;
                signedXml.ComputeSignature();

                var xmlDigitalSignature = signedXml.GetXml();
                xmlDocument.DocumentElement.AppendChild(xmlDocument.ImportNode(xmlDigitalSignature, true));

                model.PlainText = "";
                model.Envelope = XmlToString(xmlDocument);
            }
            else if (model.Action == "decrypt")
            {
                var xmlDocument = new XmlDocument();
                xmlDocument.LoadXml(model.Envelope);

                // Validate the signature
                var signedXml = new SignedXml(xmlDocument);
                var nodeList = xmlDocument.GetElementsByTagName("Signature");

                if (nodeList.Count <= 0)
                {
                    throw new Exception("No signature found.");
                }

                signedXml.LoadXml((XmlElement)nodeList[0]);
                AsymmetricAlgorithm signingKey;

                if (!signedXml.CheckSignatureReturningKey(out signingKey))
                {
                    throw new Exception("Invalid Signature");
                }
                else
                {
                    IEnumerable<X509Certificate2> keyInfoCertificates =
                        signedXml.KeyInfo.OfType<KeyInfoX509Data>()
                            .SelectMany(x => x.Certificates.Cast<X509Certificate2>());
                    var signingCertificate = keyInfoCertificates.FirstOrDefault(x => x.PublicKey.Key == signingKey);
                    if (signingCertificate == null)
                    {
                        throw new Exception("Signing certificate not found in KeyInfo.");
                    }
                    model.SenderSubject = signingCertificate.Subject;
                }

                var encryptedXml = new EncryptedXml(xmlDocument);
                encryptedXml.DecryptDocument();

                model.Envelope = "";
                model.PlainText = XmlToString(xmlDocument);
            }

            ModelState.Clear();
            model.RecipientThumbprint = RecipientThumbprint;
            model.SenderThumbprint = SenderThumbprint;
            return View(model);
        }