private void AddSignedSignatureProperties(SignedSignatureProperties signedSignatureProperties, SignedDataObjectProperties signedDataObjectProperties, UnsignedSignatureProperties unsignedSignatureProperties, SignatureParameters parameters ) { XmlDocument xmlDocument; Cert cert; SystemX509.X509Certificate2 x509Cert; x509Cert = DotNetUtilities.ToX509Certificate2(parameters.SigningCertificate); xmlDocument = new XmlDocument(); cert = new Cert(); cert.IssuerSerial.X509IssuerName = x509Cert.IssuerName.Name; cert.IssuerSerial.X509SerialNumber = x509Cert.SerialNumber; cert.CertDigest.DigestMethod.Algorithm = SignedXml.XmlDsigSHA1Url; cert.CertDigest.DigestValue = x509Cert.GetCertHash(); signedSignatureProperties.SigningCertificate.CertCollection.Add(cert); signedSignatureProperties.SigningTime = parameters.SigningDate; signedSignatureProperties.SignaturePolicyIdentifier.SignaturePolicyImplied = true; DataObjectFormat newDataObjectFormat = new DataObjectFormat(); //TODO jbonilla - Replace Description with text parameter newDataObjectFormat.Description = "Generado con 'intisign'"; newDataObjectFormat.MimeType = "text/xml"; newDataObjectFormat.ObjectReferenceAttribute = "#xml_ref_id"; signedDataObjectProperties.DataObjectFormatCollection.Add(newDataObjectFormat); }
/// <summary> /// Inserta un contenido XML para generar una firma enveloped. /// </summary> /// <param name="xmlDocument"></param> private void SetContentEnveloped(SignatureDocument sigDocument, XmlDocument xmlDocument) { sigDocument.Document = xmlDocument; _refContent = new Reference(); sigDocument.XadesSignature = new XadesSignedXml(sigDocument.Document); _refContent.Id = "Reference-" + Guid.NewGuid().ToString(); _refContent.Uri = ""; _dataFormat = new DataObjectFormat(); _dataFormat.MimeType = "text/xml"; _dataFormat.Encoding = "UTF-8"; for (int i = 0; i < sigDocument.Document.DocumentElement.Attributes.Count; i++) { if (sigDocument.Document.DocumentElement.Attributes[i].Name.Equals("id", StringComparison.InvariantCultureIgnoreCase)) { _refContent.Uri = "#" + sigDocument.Document.DocumentElement.Attributes[i].Value; break; } } XmlDsigEnvelopedSignatureTransform xmlDsigEnvelopedSignatureTransform = new XmlDsigEnvelopedSignatureTransform(); _refContent.AddTransform(xmlDsigEnvelopedSignatureTransform); sigDocument.XadesSignature.AddReference(_refContent); }
private void AddSignatureProperties(SignatureDocument sigDocument, SignedSignatureProperties signedSignatureProperties, SignedDataObjectProperties signedDataObjectProperties, UnsignedSignatureProperties unsignedSignatureProperties, SignatureParameters parameters) { Cert cert; cert = new Cert(); cert.IssuerSerial.X509IssuerName = parameters.Signer.Certificate.IssuerName.Name; cert.IssuerSerial.X509SerialNumber = parameters.Signer.Certificate.GetSerialNumberAsDecimalString(); DigestUtil.SetCertDigest(parameters.Signer.Certificate.GetRawCertData(), parameters.DigestMethod, cert.CertDigest); signedSignatureProperties.SigningCertificate.CertCollection.Add(cert); if (parameters.SignaturePolicyInfo != null) { if (!string.IsNullOrEmpty(parameters.SignaturePolicyInfo.PolicyIdentifier)) { signedSignatureProperties.SignaturePolicyIdentifier.SignaturePolicyImplied = false; signedSignatureProperties.SignaturePolicyIdentifier.SignaturePolicyId.SigPolicyId.Identifier.IdentifierUri = parameters.SignaturePolicyInfo.PolicyIdentifier; } if (!string.IsNullOrEmpty(parameters.SignaturePolicyInfo.PolicyUri)) { SigPolicyQualifier spq = new SigPolicyQualifier(); spq.AnyXmlElement = sigDocument.Document.CreateElement("SPURI", XadesSignedXml.XadesNamespaceUri); spq.AnyXmlElement.InnerText = parameters.SignaturePolicyInfo.PolicyUri; signedSignatureProperties.SignaturePolicyIdentifier.SignaturePolicyId.SigPolicyQualifiers.SigPolicyQualifierCollection.Add(spq); } if (!string.IsNullOrEmpty(parameters.SignaturePolicyInfo.PolicyHash)) { signedSignatureProperties.SignaturePolicyIdentifier.SignaturePolicyId.SigPolicyHash.DigestMethod.Algorithm = parameters.SignaturePolicyInfo.PolicyDigestAlgorithm.URI; signedSignatureProperties.SignaturePolicyIdentifier.SignaturePolicyId.SigPolicyHash.DigestValue = Convert.FromBase64String(parameters.SignaturePolicyInfo.PolicyHash); } } signedSignatureProperties.SigningTime = parameters.SigningDate.HasValue ? parameters.SigningDate.Value : DateTime.Now; if (!string.IsNullOrEmpty(_mimeType)) { DataObjectFormat newDataObjectFormat = new DataObjectFormat(); newDataObjectFormat.MimeType = _mimeType; newDataObjectFormat.Encoding = _encoding; newDataObjectFormat.ObjectReferenceAttribute = "#" + _refContent.Id; signedDataObjectProperties.DataObjectFormatCollection.Add(newDataObjectFormat); } }
private void AddSignatureProperties(SignedSignatureProperties signedSignatureProperties, SignedDataObjectProperties signedDataObjectProperties, UnsignedSignatureProperties unsignedSignatureProperties, string mimeType, X509Certificate2 certificado) { Cert cert; cert = new Cert(); cert.IssuerSerial.X509IssuerName = certificado.IssuerName.Name; cert.IssuerSerial.X509SerialNumber = CertUtil.HexToDecimal(certificado.SerialNumber); DigestUtil.SetCertDigest(_signCertificate.GetRawCertData(), _refsMethodUri, cert.CertDigest); signedSignatureProperties.SigningCertificate.CertCollection.Add(cert); if (!string.IsNullOrEmpty(_policyId)) { signedSignatureProperties.SignaturePolicyIdentifier.SignaturePolicyImplied = false; signedSignatureProperties.SignaturePolicyIdentifier.SignaturePolicyId.SigPolicyId.Identifier.IdentifierUri = _policyId; } if (!string.IsNullOrEmpty(_policyUri)) { SigPolicyQualifier spq = new SigPolicyQualifier(); spq.AnyXmlElement = _document.CreateElement("SPURI", XadesSignedXml.XadesNamespaceUri); spq.AnyXmlElement.InnerText = _policyUri; signedSignatureProperties.SignaturePolicyIdentifier.SignaturePolicyId.SigPolicyQualifiers.SigPolicyQualifierCollection.Add(spq); } if (!string.IsNullOrEmpty(_policyHash)) { signedSignatureProperties.SignaturePolicyIdentifier.SignaturePolicyId.SigPolicyHash.DigestMethod.Algorithm = SignedXml.XmlDsigSHA1Url; signedSignatureProperties.SignaturePolicyIdentifier.SignaturePolicyId.SigPolicyHash.DigestValue = Convert.FromBase64String(PolicyHash); } signedSignatureProperties.SigningTime = DateTime.Now; if (!string.IsNullOrEmpty(mimeType)) { DataObjectFormat newDataObjectFormat = new DataObjectFormat(); newDataObjectFormat.MimeType = mimeType; newDataObjectFormat.ObjectReferenceAttribute = "#" + _objectReference; signedDataObjectProperties.DataObjectFormatCollection.Add(newDataObjectFormat); } }
private void AddSignatureProperties(SignatureDocument sigDocument, SignedSignatureProperties signedSignatureProperties, SignedDataObjectProperties signedDataObjectProperties, UnsignedSignatureProperties unsignedSignatureProperties, SignatureParameters parameters) { Cert cert; cert = new Cert(); cert.IssuerSerial.X509IssuerName = parameters.Signer.Certificate.IssuerName.Name; cert.IssuerSerial.X509SerialNumber = parameters.Signer.Certificate.GetSerialNumberAsDecimalString(); DigestUtil.SetCertDigest(parameters.Signer.Certificate.GetRawCertData(), parameters.DigestMethod, cert.CertDigest); signedSignatureProperties.SigningCertificate.CertCollection.Add(cert); if (parameters.SignaturePolicyInfo != null) { if (!string.IsNullOrEmpty(parameters.SignaturePolicyInfo.PolicyIdentifier)) { signedSignatureProperties.SignaturePolicyIdentifier.SignaturePolicyImplied = false; signedSignatureProperties.SignaturePolicyIdentifier.SignaturePolicyId.SigPolicyId.Identifier.IdentifierUri = parameters.SignaturePolicyInfo.PolicyIdentifier; } if (!string.IsNullOrEmpty(parameters.SignaturePolicyInfo.PolicyUri)) { SigPolicyQualifier spq = new SigPolicyQualifier(); spq.AnyXmlElement = sigDocument.Document.CreateElement(XadesSignedXml.XmlXadesPrefix, "SPURI", XadesSignedXml.XadesNamespaceUri); spq.AnyXmlElement.InnerText = parameters.SignaturePolicyInfo.PolicyUri; signedSignatureProperties.SignaturePolicyIdentifier.SignaturePolicyId.SigPolicyQualifiers.SigPolicyQualifierCollection.Add(spq); } if (!string.IsNullOrEmpty(parameters.SignaturePolicyInfo.PolicyHash)) { signedSignatureProperties.SignaturePolicyIdentifier.SignaturePolicyId.SigPolicyHash.DigestMethod.Algorithm = parameters.SignaturePolicyInfo.PolicyDigestAlgorithm.URI; signedSignatureProperties.SignaturePolicyIdentifier.SignaturePolicyId.SigPolicyHash.DigestValue = Convert.FromBase64String(parameters.SignaturePolicyInfo.PolicyHash); } } signedSignatureProperties.SigningTime = parameters.SigningDate.HasValue ? parameters.SigningDate.Value : DateTime.Now; if (_dataFormat != null) { DataObjectFormat newDataObjectFormat = new DataObjectFormat(); newDataObjectFormat.MimeType = _dataFormat.MimeType; newDataObjectFormat.Encoding = _dataFormat.Encoding; newDataObjectFormat.Description = _dataFormat.Description; newDataObjectFormat.ObjectReferenceAttribute = "#" + _refContent.Id; if (_dataFormat.ObjectIdentifier != null) { newDataObjectFormat.ObjectIdentifier.Identifier.IdentifierUri = _dataFormat.ObjectIdentifier.Identifier.IdentifierUri; } signedDataObjectProperties.DataObjectFormatCollection.Add(newDataObjectFormat); } if (parameters.SignerRole != null && (parameters.SignerRole.CertifiedRoles.Count > 0 || parameters.SignerRole.ClaimedRoles.Count > 0)) { signedSignatureProperties.SignerRole = new Microsoft.Xades.SignerRole(); foreach (X509Certificate certifiedRole in parameters.SignerRole.CertifiedRoles) { signedSignatureProperties.SignerRole.CertifiedRoles.CertifiedRoleCollection.Add(new CertifiedRole() { PkiData = certifiedRole.GetRawCertData() }); } foreach (string claimedRole in parameters.SignerRole.ClaimedRoles) { signedSignatureProperties.SignerRole.ClaimedRoles.ClaimedRoleCollection.Add(new ClaimedRole() { InnerText = claimedRole }); } } foreach (SignatureCommitment signatureCommitment in parameters.SignatureCommitments) { CommitmentTypeIndication cti = new CommitmentTypeIndication(); cti.CommitmentTypeId.Identifier.IdentifierUri = signatureCommitment.CommitmentType.URI; cti.AllSignedDataObjects = true; foreach (XmlElement signatureCommitmentQualifier in signatureCommitment.CommitmentTypeQualifiers) { CommitmentTypeQualifier ctq = new CommitmentTypeQualifier(); ctq.AnyXmlElement = signatureCommitmentQualifier; cti.CommitmentTypeQualifiers.CommitmentTypeQualifierCollection.Add(ctq); } signedDataObjectProperties.CommitmentTypeIndicationCollection.Add(cti); } if (parameters.SignatureProductionPlace != null) { signedSignatureProperties.SignatureProductionPlace.City = parameters.SignatureProductionPlace.City; signedSignatureProperties.SignatureProductionPlace.StateOrProvince = parameters.SignatureProductionPlace.StateOrProvince; signedSignatureProperties.SignatureProductionPlace.PostalCode = parameters.SignatureProductionPlace.PostalCode; signedSignatureProperties.SignatureProductionPlace.CountryName = parameters.SignatureProductionPlace.CountryName; } }
/// <summary> /// Realiza el proceso de firmado /// </summary> /// <param name="input"></param> /// <param name="parameters"></param> public SignatureDocument Sign(XmlDocument input, SignatureParameters parameters) { if (parameters.Signer == null) { throw new Exception("Es necesario un certificado válido para la firma"); } if (input == null && string.IsNullOrEmpty(parameters.ExternalContentUri)) { throw new Exception("No se ha especificado ningún contenido a firmar"); } SignatureDocument signatureDocument = new SignatureDocument(); _dataFormat = new DataObjectFormat(); switch (parameters.SignaturePackaging) { case SignaturePackaging.INTERNALLY_DETACHED: if (parameters.DataFormat == null || string.IsNullOrEmpty(parameters.DataFormat.MimeType)) { throw new NullReferenceException("Se necesita especificar el tipo MIME del elemento a firmar."); } _dataFormat.MimeType = parameters.DataFormat.MimeType; if (parameters.DataFormat.MimeType == "text/xml") { _dataFormat.Encoding = "UTF-8"; } else { _dataFormat.Encoding = "http://www.w3.org/2000/09/xmldsig#base64"; } if (!string.IsNullOrEmpty(parameters.ElementIdToSign)) { SetContentInternallyDetached(signatureDocument, input, parameters.ElementIdToSign); } else { SetContentInternallyDetached(signatureDocument, input); } break; case SignaturePackaging.HASH_INTERNALLY_DETACHED: if (parameters.DataFormat == null || string.IsNullOrEmpty(parameters.DataFormat.MimeType)) { _dataFormat.MimeType = "application/octet-stream"; } else { _dataFormat.MimeType = parameters.DataFormat.MimeType; } _dataFormat.Encoding = "http://www.w3.org/2000/09/xmldsig#base64"; SetContentInternallyDetachedHashed(signatureDocument, input); break; case SignaturePackaging.ENVELOPED: _dataFormat.MimeType = "text/xml"; _dataFormat.Encoding = "UTF-8"; SetContentEnveloped(signatureDocument, input); break; case SignaturePackaging.ENVELOPING: _dataFormat.MimeType = "text/xml"; _dataFormat.Encoding = "UTF-8"; SetContentEveloping(signatureDocument, input); break; case SignaturePackaging.EXTERNALLY_DETACHED: SetContentExternallyDetached(signatureDocument, parameters.ExternalContentUri); break; } if (parameters.DataFormat != null) { if (!string.IsNullOrEmpty(parameters.DataFormat.TypeIdentifier)) { _dataFormat.ObjectIdentifier = new ObjectIdentifier(); _dataFormat.ObjectIdentifier.Identifier.IdentifierUri = parameters.DataFormat.TypeIdentifier; } _dataFormat.Description = parameters.DataFormat.Description; } SetSignatureId(signatureDocument.XadesSignature); PrepareSignature(signatureDocument, parameters); signatureDocument.XadesSignature.ComputeSignature(); UpdateXadesSignature(signatureDocument); return(signatureDocument); }
/// <summary> /// Realiza la contrafirma de la firma actual /// </summary> /// <param name="sigDocument"></param> /// <param name="parameters"></param> public SignatureDocument CounterSign(SignatureDocument sigDocument, SignatureParameters parameters) { if (parameters.Signer == null) { throw new Exception("Es necesario un certificado válido para la firma."); } SignatureDocument.CheckSignatureDocument(sigDocument); SignatureDocument counterSigDocument = new SignatureDocument(); counterSigDocument.Document = (XmlDocument)sigDocument.Document.Clone(); counterSigDocument.Document.PreserveWhitespace = true; XadesSignedXml counterSignature = new XadesSignedXml(counterSigDocument.Document); SetSignatureId(counterSignature); counterSignature.SigningKey = parameters.Signer.SigningKey; _refContent = new Reference(); _refContent.Uri = "#" + sigDocument.XadesSignature.SignatureValueId; _refContent.Id = "Reference-" + Guid.NewGuid().ToString(); _refContent.Type = "http://uri.etsi.org/01903#CountersignedSignature"; _refContent.AddTransform(new XmlDsigC14NTransform()); counterSignature.AddReference(_refContent); _dataFormat = new DataObjectFormat(); _dataFormat.MimeType = "text/xml"; _dataFormat.Encoding = "UTF-8"; KeyInfo keyInfo = new KeyInfo(); keyInfo.Id = "KeyInfoId-" + counterSignature.Signature.Id; keyInfo.AddClause(new KeyInfoX509Data((X509Certificate)parameters.Signer.Certificate)); keyInfo.AddClause(new RSAKeyValue((RSA)parameters.Signer.SigningKey)); counterSignature.KeyInfo = keyInfo; Reference referenceKeyInfo = new Reference(); referenceKeyInfo.Id = "ReferenceKeyInfo-" + counterSignature.Signature.Id; referenceKeyInfo.Uri = "#KeyInfoId-" + counterSignature.Signature.Id; counterSignature.AddReference(referenceKeyInfo); XadesObject counterSignatureXadesObject = new XadesObject(); counterSignatureXadesObject.Id = "CounterSignatureXadesObject-" + Guid.NewGuid().ToString(); counterSignatureXadesObject.QualifyingProperties.Target = "#" + counterSignature.Signature.Id; counterSignatureXadesObject.QualifyingProperties.SignedProperties.Id = "SignedProperties-" + counterSignature.Signature.Id; AddSignatureProperties(counterSigDocument, counterSignatureXadesObject.QualifyingProperties.SignedProperties.SignedSignatureProperties, counterSignatureXadesObject.QualifyingProperties.SignedProperties.SignedDataObjectProperties, counterSignatureXadesObject.QualifyingProperties.UnsignedProperties.UnsignedSignatureProperties, parameters); counterSignature.AddXadesObject(counterSignatureXadesObject); foreach (Reference signReference in counterSignature.SignedInfo.References) { signReference.DigestMethod = parameters.DigestMethod.URI; } counterSignature.SignedInfo.SignatureMethod = parameters.SignatureMethod.URI; counterSignature.AddXadesNamespace = true; counterSignature.ComputeSignature(); UnsignedProperties unsignedProperties = sigDocument.XadesSignature.UnsignedProperties; unsignedProperties.UnsignedSignatureProperties.CounterSignatureCollection.Add(counterSignature); sigDocument.XadesSignature.UnsignedProperties = unsignedProperties; UpdateXadesSignature(sigDocument); counterSigDocument.Document = (XmlDocument)sigDocument.Document.Clone(); counterSigDocument.Document.PreserveWhitespace = true; XmlElement signatureElement = (XmlElement)sigDocument.Document.SelectSingleNode("//*[@Id='" + counterSignature.Signature.Id + "']"); counterSigDocument.XadesSignature = new XadesSignedXml(counterSigDocument.Document); counterSigDocument.XadesSignature.LoadXml(signatureElement); return(counterSigDocument); }
/// <summary> /// Añade una firma al documento /// </summary> /// <param name="sigDocument"></param> /// <param name="parameters"></param> public SignatureDocument CoSign(SignatureDocument sigDocument, SignatureParameters parameters) { SignatureDocument.CheckSignatureDocument(sigDocument); _refContent = sigDocument.XadesSignature.GetContentReference(); if (_refContent == null) { throw new Exception("No se ha podido encontrar la referencia del contenido firmado."); } _dataFormat = null; foreach (DataObjectFormat dof in sigDocument.XadesSignature.XadesObject.QualifyingProperties.SignedProperties.SignedDataObjectProperties.DataObjectFormatCollection) { if (dof.ObjectReferenceAttribute == ("#" + _refContent.Id)) { _dataFormat = new DataObjectFormat(); _dataFormat.Encoding = dof.Encoding; _dataFormat.MimeType = dof.MimeType; _dataFormat.Description = dof.Description; if (dof.ObjectIdentifier != null) { _dataFormat.ObjectIdentifier = new ObjectIdentifier(); _dataFormat.ObjectIdentifier.Identifier.IdentifierUri = dof.ObjectIdentifier.Identifier.IdentifierUri; _dataFormat.ObjectIdentifier.Description = dof.ObjectIdentifier.Description; } break; } } SignatureDocument coSignatureDocument = new SignatureDocument(); coSignatureDocument.Document = (XmlDocument)sigDocument.Document.Clone(); coSignatureDocument.Document.PreserveWhitespace = true; coSignatureDocument.XadesSignature = new XadesSignedXml(coSignatureDocument.Document); coSignatureDocument.XadesSignature.LoadXml(sigDocument.XadesSignature.GetXml()); var destination = coSignatureDocument.XadesSignature.GetSignatureElement().ParentNode; coSignatureDocument.XadesSignature = new XadesSignedXml(coSignatureDocument.Document); _refContent.Id = "Reference-" + Guid.NewGuid().ToString(); if (_refContent.Type != XadesSignedXml.XmlDsigObjectType) { _refContent.Type = ""; } coSignatureDocument.XadesSignature.AddReference(_refContent); if (destination.NodeType != XmlNodeType.Document) { coSignatureDocument.XadesSignature.SignatureNodeDestination = (XmlElement)destination; } else { coSignatureDocument.XadesSignature.SignatureNodeDestination = ((XmlDocument)destination).DocumentElement; } SetSignatureId(coSignatureDocument.XadesSignature); PrepareSignature(coSignatureDocument, parameters); coSignatureDocument.XadesSignature.ComputeSignature(); UpdateXadesSignature(coSignatureDocument); return(coSignatureDocument); }
/// <summary> /// Realiza el proceso de firmado /// </summary> /// <param name="input"></param> /// <param name="parameters"></param> public SignatureDocument Sign(Stream input, SignatureParameters parameters) { if (parameters.Signer == null) { throw new Exception("Es necesario un certificado válido para la firma"); } if (input == null && string.IsNullOrEmpty(parameters.ExternalContentUri)) { throw new Exception("No se ha especificado ningún contenido a firmar"); } SignatureDocument signatureDocument = new SignatureDocument(); _dataFormat = new DataObjectFormat(); switch (parameters.SignaturePackaging) { case SignaturePackaging.INTERNALLY_DETACHED: if (parameters.DataFormat == null || string.IsNullOrEmpty(parameters.DataFormat.MimeType)) { throw new NullReferenceException("Se necesita especificar el tipo MIME del elemento a firmar."); } _dataFormat.MimeType = parameters.DataFormat.MimeType; if (parameters.DataFormat.MimeType == "text/xml") { _dataFormat.Encoding = "UTF-8"; } else { _dataFormat.Encoding = "http://www.w3.org/2000/09/xmldsig#base64"; } if (!string.IsNullOrEmpty(parameters.ElementIdToSign)) { SetContentInternallyDetached(signatureDocument, XMLUtil.LoadDocument(input), parameters.ElementIdToSign); } else { SetContentInternallyDetached(signatureDocument, input); } break; case SignaturePackaging.HASH_INTERNALLY_DETACHED: if (parameters.DataFormat == null || string.IsNullOrEmpty(parameters.DataFormat.MimeType)) { _dataFormat.MimeType = "application/octet-stream"; } else { _dataFormat.MimeType = parameters.DataFormat.MimeType; } _dataFormat.Encoding = "http://www.w3.org/2000/09/xmldsig#base64"; SetContentInternallyDetachedHashed(signatureDocument, input); break; case SignaturePackaging.ENVELOPED: _dataFormat.MimeType = "text/xml"; _dataFormat.Encoding = "UTF-8"; SetContentEnveloped(signatureDocument, XMLUtil.LoadDocument(input)); break; case SignaturePackaging.ENVELOPING: _dataFormat.MimeType = "text/xml"; _dataFormat.Encoding = "UTF-8"; XmlDocument inputXml = XMLUtil.LoadDocument(input); if (inputXml.FirstChild.Name == "Manifest" && inputXml.FirstChild.NamespaceURI == XadesSignedXml.XmlDsigNamespaceUrl) { XmlNode idAttribute = inputXml.FirstChild.Attributes.GetNamedItem("Id"); if (idAttribute == null) { throw new Exception("Se requiere un identificador para el objeto manifest"); } SetContentEveloping(signatureDocument, inputXml, idAttribute.Value, XadesSignedXml.XmlDsigManifestType); } else { SetContentEveloping(signatureDocument, inputXml, null, XadesSignedXml.XmlDsigObjectType); } break; case SignaturePackaging.EXTERNALLY_DETACHED: SetContentExternallyDetached(signatureDocument, parameters.ExternalContentUri); break; } if (parameters.DataFormat != null) { if (!string.IsNullOrEmpty(parameters.DataFormat.TypeIdentifier)) { _dataFormat.ObjectIdentifier = new ObjectIdentifier(); _dataFormat.ObjectIdentifier.Identifier.IdentifierUri = parameters.DataFormat.TypeIdentifier; } _dataFormat.Description = parameters.DataFormat.Description; } SetSignatureId(signatureDocument.XadesSignature); if (signatureDocument.Document == null) { signatureDocument.Document = new XmlDocument(); } PrepareSignature(signatureDocument, parameters); signatureDocument.XadesSignature.ComputeSignature(); UpdateXadesSignature(signatureDocument); return(signatureDocument); }
public static string Sign(string xml, X509Certificate2 x509) { // Wczytaj. XmlDocument doc = new XmlDocument { PreserveWhitespace = true }; doc.LoadXml(xml); // SignedXml object XadesSignedXml signedXml = new XadesSignedXml(doc); signedXml.Signature.Id = "ID-1234"; signedXml.SigningKey = x509.PrivateKey; signedXml.SignedInfo.CanonicalizationMethod = SignedXml.XmlDsigCanonicalizationUrl; signedXml.SignedInfo.SignatureMethod = SignedXml.XmlDsigRSASHA1Url; // dodaj referencję na dokument Reference reference = new Reference("#Dokument"); reference.AddTransform(new XmlDsigEnvelopedSignatureTransform()); signedXml.AddReference(reference); // dodaj KeyInfo KeyInfo keyInfo = new KeyInfo(); keyInfo.AddClause(new KeyInfoX509Data(x509)); // ??? WholeChain ??? signedXml.KeyInfo = keyInfo; // XadesObject xo = new XadesObject(); { Cert cert = new Cert(); cert.IssuerSerial.X509IssuerName = x509.IssuerName.Name; cert.IssuerSerial.X509SerialNumber = x509.SerialNumber; { SHA1 cryptoServiceProvider = new SHA1CryptoServiceProvider(); cert.CertDigest.DigestValue = cryptoServiceProvider.ComputeHash(x509.RawData); cert.CertDigest.DigestMethod.Algorithm = SignedXml.XmlDsigSHA1Url; } xo.QualifyingProperties.Target = "#" + signedXml.Signature.Id; xo.QualifyingProperties.SignedProperties.SignedSignatureProperties.SigningTime = DateTime.Now; xo.QualifyingProperties.SignedProperties.SignedSignatureProperties.SignaturePolicyIdentifier.SignaturePolicyImplied = true; xo.QualifyingProperties.SignedProperties.SignedSignatureProperties.SigningCertificate.CertCollection.Add(cert); DataObjectFormat dof = new DataObjectFormat { ObjectReferenceAttribute = "#Dokument", Description = "Dokument w formacie xml [XML]", Encoding = SignedXml.XmlDsigBase64TransformUrl, // ...xmldsig/#base64 MimeType = "text/plain" }; xo.QualifyingProperties.SignedProperties.SignedDataObjectProperties.DataObjectFormatCollection.Add(dof); } signedXml.AddXadesObject(xo); //// W dokumentacji 2.9.9.a, Id dla <ds:Object> ma mieć wartość "Dokument", ale nie ma tego w przykładach var data = new DataObject("Dokument", "text/xml", "", doc.DocumentElement); signedXml.AddObject(data); // Podpisz signedXml.ComputeSignature(); // Get the XML representation of the signature and save // it to an XmlElement object. XmlElement xmlDigitalSignature = signedXml.GetXml(); return(xmlDigitalSignature.OuterXml); }