private void AddSignedSignatureProperties(SignedSignatureProperties signedSignatureProperties,
SignedDataObjectProperties signedDataObjectProperties,
UnsignedSignatureProperties unsignedSignatureProperties,
SignatureParameters parameters
)
{
XmlDocument xmlDocument;
Cert cert;
SystemX509.X509Certificate2 x509Cert;
x509Cert = DotNetUtilities.ToX509Certificate2(parameters.SigningCertificate);
xmlDocument = new XmlDocument();
cert = new Cert();
cert.IssuerSerial.X509IssuerName = x509Cert.IssuerName.Name;
cert.IssuerSerial.X509SerialNumber = x509Cert.SerialNumber;
cert.CertDigest.DigestMethod.Algorithm = SignedXml.XmlDsigSHA1Url;
cert.CertDigest.DigestValue = x509Cert.GetCertHash();
signedSignatureProperties.SigningCertificate.CertCollection.Add(cert);
signedSignatureProperties.SigningTime = parameters.SigningDate;
signedSignatureProperties.SignaturePolicyIdentifier.SignaturePolicyImplied = true;
DataObjectFormat newDataObjectFormat = new DataObjectFormat();
//TODO jbonilla - Replace Description with text parameter
newDataObjectFormat.Description = "Generado con 'intisign'";
newDataObjectFormat.MimeType = "text/xml";
newDataObjectFormat.ObjectReferenceAttribute = "#xml_ref_id";
signedDataObjectProperties.DataObjectFormatCollection.Add(newDataObjectFormat);
}
/// <summary>
/// Inserta un contenido XML para generar una firma enveloped.
/// </summary>
/// <param name="xmlDocument"></param>
private void SetContentEnveloped(SignatureDocument sigDocument, XmlDocument xmlDocument)
{
sigDocument.Document = xmlDocument;
_refContent = new Reference();
sigDocument.XadesSignature = new XadesSignedXml(sigDocument.Document);
_refContent.Id = "Reference-" + Guid.NewGuid().ToString();
_refContent.Uri = "";
_dataFormat = new DataObjectFormat();
_dataFormat.MimeType = "text/xml";
_dataFormat.Encoding = "UTF-8";
for (int i = 0; i < sigDocument.Document.DocumentElement.Attributes.Count; i++)
{
if (sigDocument.Document.DocumentElement.Attributes[i].Name.Equals("id", StringComparison.InvariantCultureIgnoreCase))
{
_refContent.Uri = "#" + sigDocument.Document.DocumentElement.Attributes[i].Value;
break;
}
}
XmlDsigEnvelopedSignatureTransform xmlDsigEnvelopedSignatureTransform = new XmlDsigEnvelopedSignatureTransform();
_refContent.AddTransform(xmlDsigEnvelopedSignatureTransform);
sigDocument.XadesSignature.AddReference(_refContent);
}
private void AddSignatureProperties(SignatureDocument sigDocument, SignedSignatureProperties signedSignatureProperties, SignedDataObjectProperties signedDataObjectProperties,
UnsignedSignatureProperties unsignedSignatureProperties, SignatureParameters parameters)
{
Cert cert;
cert = new Cert();
cert.IssuerSerial.X509IssuerName = parameters.Signer.Certificate.IssuerName.Name;
cert.IssuerSerial.X509SerialNumber = parameters.Signer.Certificate.GetSerialNumberAsDecimalString();
DigestUtil.SetCertDigest(parameters.Signer.Certificate.GetRawCertData(), parameters.DigestMethod, cert.CertDigest);
signedSignatureProperties.SigningCertificate.CertCollection.Add(cert);
if (parameters.SignaturePolicyInfo != null)
{
if (!string.IsNullOrEmpty(parameters.SignaturePolicyInfo.PolicyIdentifier))
{
signedSignatureProperties.SignaturePolicyIdentifier.SignaturePolicyImplied = false;
signedSignatureProperties.SignaturePolicyIdentifier.SignaturePolicyId.SigPolicyId.Identifier.IdentifierUri = parameters.SignaturePolicyInfo.PolicyIdentifier;
}
if (!string.IsNullOrEmpty(parameters.SignaturePolicyInfo.PolicyUri))
{
SigPolicyQualifier spq = new SigPolicyQualifier();
spq.AnyXmlElement = sigDocument.Document.CreateElement("SPURI", XadesSignedXml.XadesNamespaceUri);
spq.AnyXmlElement.InnerText = parameters.SignaturePolicyInfo.PolicyUri;
signedSignatureProperties.SignaturePolicyIdentifier.SignaturePolicyId.SigPolicyQualifiers.SigPolicyQualifierCollection.Add(spq);
}
if (!string.IsNullOrEmpty(parameters.SignaturePolicyInfo.PolicyHash))
{
signedSignatureProperties.SignaturePolicyIdentifier.SignaturePolicyId.SigPolicyHash.DigestMethod.Algorithm = parameters.SignaturePolicyInfo.PolicyDigestAlgorithm.URI;
signedSignatureProperties.SignaturePolicyIdentifier.SignaturePolicyId.SigPolicyHash.DigestValue = Convert.FromBase64String(parameters.SignaturePolicyInfo.PolicyHash);
}
}
signedSignatureProperties.SigningTime = parameters.SigningDate.HasValue ? parameters.SigningDate.Value : DateTime.Now;
if (!string.IsNullOrEmpty(_mimeType))
{
DataObjectFormat newDataObjectFormat = new DataObjectFormat();
newDataObjectFormat.MimeType = _mimeType;
newDataObjectFormat.Encoding = _encoding;
newDataObjectFormat.ObjectReferenceAttribute = "#" + _refContent.Id;
signedDataObjectProperties.DataObjectFormatCollection.Add(newDataObjectFormat);
}
}
private void AddSignatureProperties(SignedSignatureProperties signedSignatureProperties, SignedDataObjectProperties signedDataObjectProperties,
UnsignedSignatureProperties unsignedSignatureProperties, string mimeType, X509Certificate2 certificado)
{
Cert cert;
cert = new Cert();
cert.IssuerSerial.X509IssuerName = certificado.IssuerName.Name;
cert.IssuerSerial.X509SerialNumber = CertUtil.HexToDecimal(certificado.SerialNumber);
DigestUtil.SetCertDigest(_signCertificate.GetRawCertData(), _refsMethodUri, cert.CertDigest);
signedSignatureProperties.SigningCertificate.CertCollection.Add(cert);
if (!string.IsNullOrEmpty(_policyId))
{
signedSignatureProperties.SignaturePolicyIdentifier.SignaturePolicyImplied = false;
signedSignatureProperties.SignaturePolicyIdentifier.SignaturePolicyId.SigPolicyId.Identifier.IdentifierUri = _policyId;
}
if (!string.IsNullOrEmpty(_policyUri))
{
SigPolicyQualifier spq = new SigPolicyQualifier();
spq.AnyXmlElement = _document.CreateElement("SPURI", XadesSignedXml.XadesNamespaceUri);
spq.AnyXmlElement.InnerText = _policyUri;
signedSignatureProperties.SignaturePolicyIdentifier.SignaturePolicyId.SigPolicyQualifiers.SigPolicyQualifierCollection.Add(spq);
}
if (!string.IsNullOrEmpty(_policyHash))
{
signedSignatureProperties.SignaturePolicyIdentifier.SignaturePolicyId.SigPolicyHash.DigestMethod.Algorithm = SignedXml.XmlDsigSHA1Url;
signedSignatureProperties.SignaturePolicyIdentifier.SignaturePolicyId.SigPolicyHash.DigestValue = Convert.FromBase64String(PolicyHash);
}
signedSignatureProperties.SigningTime = DateTime.Now;
if (!string.IsNullOrEmpty(mimeType))
{
DataObjectFormat newDataObjectFormat = new DataObjectFormat();
newDataObjectFormat.MimeType = mimeType;
newDataObjectFormat.ObjectReferenceAttribute = "#" + _objectReference;
signedDataObjectProperties.DataObjectFormatCollection.Add(newDataObjectFormat);
}
}
private void AddSignatureProperties(SignatureDocument sigDocument, SignedSignatureProperties signedSignatureProperties, SignedDataObjectProperties signedDataObjectProperties,
UnsignedSignatureProperties unsignedSignatureProperties, SignatureParameters parameters)
{
Cert cert;
cert = new Cert();
cert.IssuerSerial.X509IssuerName = parameters.Signer.Certificate.IssuerName.Name;
cert.IssuerSerial.X509SerialNumber = parameters.Signer.Certificate.GetSerialNumberAsDecimalString();
DigestUtil.SetCertDigest(parameters.Signer.Certificate.GetRawCertData(), parameters.DigestMethod, cert.CertDigest);
signedSignatureProperties.SigningCertificate.CertCollection.Add(cert);
if (parameters.SignaturePolicyInfo != null)
{
if (!string.IsNullOrEmpty(parameters.SignaturePolicyInfo.PolicyIdentifier))
{
signedSignatureProperties.SignaturePolicyIdentifier.SignaturePolicyImplied = false;
signedSignatureProperties.SignaturePolicyIdentifier.SignaturePolicyId.SigPolicyId.Identifier.IdentifierUri = parameters.SignaturePolicyInfo.PolicyIdentifier;
}
if (!string.IsNullOrEmpty(parameters.SignaturePolicyInfo.PolicyUri))
{
SigPolicyQualifier spq = new SigPolicyQualifier();
spq.AnyXmlElement = sigDocument.Document.CreateElement(XadesSignedXml.XmlXadesPrefix, "SPURI", XadesSignedXml.XadesNamespaceUri);
spq.AnyXmlElement.InnerText = parameters.SignaturePolicyInfo.PolicyUri;
signedSignatureProperties.SignaturePolicyIdentifier.SignaturePolicyId.SigPolicyQualifiers.SigPolicyQualifierCollection.Add(spq);
}
if (!string.IsNullOrEmpty(parameters.SignaturePolicyInfo.PolicyHash))
{
signedSignatureProperties.SignaturePolicyIdentifier.SignaturePolicyId.SigPolicyHash.DigestMethod.Algorithm = parameters.SignaturePolicyInfo.PolicyDigestAlgorithm.URI;
signedSignatureProperties.SignaturePolicyIdentifier.SignaturePolicyId.SigPolicyHash.DigestValue = Convert.FromBase64String(parameters.SignaturePolicyInfo.PolicyHash);
}
}
signedSignatureProperties.SigningTime = parameters.SigningDate.HasValue ? parameters.SigningDate.Value : DateTime.Now;
if (_dataFormat != null)
{
DataObjectFormat newDataObjectFormat = new DataObjectFormat();
newDataObjectFormat.MimeType = _dataFormat.MimeType;
newDataObjectFormat.Encoding = _dataFormat.Encoding;
newDataObjectFormat.Description = _dataFormat.Description;
newDataObjectFormat.ObjectReferenceAttribute = "#" + _refContent.Id;
if (_dataFormat.ObjectIdentifier != null)
{
newDataObjectFormat.ObjectIdentifier.Identifier.IdentifierUri = _dataFormat.ObjectIdentifier.Identifier.IdentifierUri;
}
signedDataObjectProperties.DataObjectFormatCollection.Add(newDataObjectFormat);
}
if (parameters.SignerRole != null &&
(parameters.SignerRole.CertifiedRoles.Count > 0 || parameters.SignerRole.ClaimedRoles.Count > 0))
{
signedSignatureProperties.SignerRole = new Microsoft.Xades.SignerRole();
foreach (X509Certificate certifiedRole in parameters.SignerRole.CertifiedRoles)
{
signedSignatureProperties.SignerRole.CertifiedRoles.CertifiedRoleCollection.Add(new CertifiedRole()
{
PkiData = certifiedRole.GetRawCertData()
});
}
foreach (string claimedRole in parameters.SignerRole.ClaimedRoles)
{
signedSignatureProperties.SignerRole.ClaimedRoles.ClaimedRoleCollection.Add(new ClaimedRole()
{
InnerText = claimedRole
});
}
}
foreach (SignatureCommitment signatureCommitment in parameters.SignatureCommitments)
{
CommitmentTypeIndication cti = new CommitmentTypeIndication();
cti.CommitmentTypeId.Identifier.IdentifierUri = signatureCommitment.CommitmentType.URI;
cti.AllSignedDataObjects = true;
foreach (XmlElement signatureCommitmentQualifier in signatureCommitment.CommitmentTypeQualifiers)
{
CommitmentTypeQualifier ctq = new CommitmentTypeQualifier();
ctq.AnyXmlElement = signatureCommitmentQualifier;
cti.CommitmentTypeQualifiers.CommitmentTypeQualifierCollection.Add(ctq);
}
signedDataObjectProperties.CommitmentTypeIndicationCollection.Add(cti);
}
if (parameters.SignatureProductionPlace != null)
{
signedSignatureProperties.SignatureProductionPlace.City = parameters.SignatureProductionPlace.City;
signedSignatureProperties.SignatureProductionPlace.StateOrProvince = parameters.SignatureProductionPlace.StateOrProvince;
signedSignatureProperties.SignatureProductionPlace.PostalCode = parameters.SignatureProductionPlace.PostalCode;
signedSignatureProperties.SignatureProductionPlace.CountryName = parameters.SignatureProductionPlace.CountryName;
}
}
/// <summary>
/// Realiza el proceso de firmado
/// </summary>
/// <param name="input"></param>
/// <param name="parameters"></param>
public SignatureDocument Sign(XmlDocument input, SignatureParameters parameters)
{
if (parameters.Signer == null)
{
throw new Exception("Es necesario un certificado válido para la firma");
}
if (input == null && string.IsNullOrEmpty(parameters.ExternalContentUri))
{
throw new Exception("No se ha especificado ningún contenido a firmar");
}
SignatureDocument signatureDocument = new SignatureDocument();
_dataFormat = new DataObjectFormat();
switch (parameters.SignaturePackaging)
{
case SignaturePackaging.INTERNALLY_DETACHED:
if (parameters.DataFormat == null || string.IsNullOrEmpty(parameters.DataFormat.MimeType))
{
throw new NullReferenceException("Se necesita especificar el tipo MIME del elemento a firmar.");
}
_dataFormat.MimeType = parameters.DataFormat.MimeType;
if (parameters.DataFormat.MimeType == "text/xml")
{
_dataFormat.Encoding = "UTF-8";
}
else
{
_dataFormat.Encoding = "http://www.w3.org/2000/09/xmldsig#base64";
}
if (!string.IsNullOrEmpty(parameters.ElementIdToSign))
{
SetContentInternallyDetached(signatureDocument, input, parameters.ElementIdToSign);
}
else
{
SetContentInternallyDetached(signatureDocument, input);
}
break;
case SignaturePackaging.HASH_INTERNALLY_DETACHED:
if (parameters.DataFormat == null || string.IsNullOrEmpty(parameters.DataFormat.MimeType))
{
_dataFormat.MimeType = "application/octet-stream";
}
else
{
_dataFormat.MimeType = parameters.DataFormat.MimeType;
}
_dataFormat.Encoding = "http://www.w3.org/2000/09/xmldsig#base64";
SetContentInternallyDetachedHashed(signatureDocument, input);
break;
case SignaturePackaging.ENVELOPED:
_dataFormat.MimeType = "text/xml";
_dataFormat.Encoding = "UTF-8";
SetContentEnveloped(signatureDocument, input);
break;
case SignaturePackaging.ENVELOPING:
_dataFormat.MimeType = "text/xml";
_dataFormat.Encoding = "UTF-8";
SetContentEveloping(signatureDocument, input);
break;
case SignaturePackaging.EXTERNALLY_DETACHED:
SetContentExternallyDetached(signatureDocument, parameters.ExternalContentUri);
break;
}
if (parameters.DataFormat != null)
{
if (!string.IsNullOrEmpty(parameters.DataFormat.TypeIdentifier))
{
_dataFormat.ObjectIdentifier = new ObjectIdentifier();
_dataFormat.ObjectIdentifier.Identifier.IdentifierUri = parameters.DataFormat.TypeIdentifier;
}
_dataFormat.Description = parameters.DataFormat.Description;
}
SetSignatureId(signatureDocument.XadesSignature);
PrepareSignature(signatureDocument, parameters);
signatureDocument.XadesSignature.ComputeSignature();
UpdateXadesSignature(signatureDocument);
return(signatureDocument);
}
/// <summary>
/// Realiza la contrafirma de la firma actual
/// </summary>
/// <param name="sigDocument"></param>
/// <param name="parameters"></param>
public SignatureDocument CounterSign(SignatureDocument sigDocument, SignatureParameters parameters)
{
if (parameters.Signer == null)
{
throw new Exception("Es necesario un certificado válido para la firma.");
}
SignatureDocument.CheckSignatureDocument(sigDocument);
SignatureDocument counterSigDocument = new SignatureDocument();
counterSigDocument.Document = (XmlDocument)sigDocument.Document.Clone();
counterSigDocument.Document.PreserveWhitespace = true;
XadesSignedXml counterSignature = new XadesSignedXml(counterSigDocument.Document);
SetSignatureId(counterSignature);
counterSignature.SigningKey = parameters.Signer.SigningKey;
_refContent = new Reference();
_refContent.Uri = "#" + sigDocument.XadesSignature.SignatureValueId;
_refContent.Id = "Reference-" + Guid.NewGuid().ToString();
_refContent.Type = "http://uri.etsi.org/01903#CountersignedSignature";
_refContent.AddTransform(new XmlDsigC14NTransform());
counterSignature.AddReference(_refContent);
_dataFormat = new DataObjectFormat();
_dataFormat.MimeType = "text/xml";
_dataFormat.Encoding = "UTF-8";
KeyInfo keyInfo = new KeyInfo();
keyInfo.Id = "KeyInfoId-" + counterSignature.Signature.Id;
keyInfo.AddClause(new KeyInfoX509Data((X509Certificate)parameters.Signer.Certificate));
keyInfo.AddClause(new RSAKeyValue((RSA)parameters.Signer.SigningKey));
counterSignature.KeyInfo = keyInfo;
Reference referenceKeyInfo = new Reference();
referenceKeyInfo.Id = "ReferenceKeyInfo-" + counterSignature.Signature.Id;
referenceKeyInfo.Uri = "#KeyInfoId-" + counterSignature.Signature.Id;
counterSignature.AddReference(referenceKeyInfo);
XadesObject counterSignatureXadesObject = new XadesObject();
counterSignatureXadesObject.Id = "CounterSignatureXadesObject-" + Guid.NewGuid().ToString();
counterSignatureXadesObject.QualifyingProperties.Target = "#" + counterSignature.Signature.Id;
counterSignatureXadesObject.QualifyingProperties.SignedProperties.Id = "SignedProperties-" + counterSignature.Signature.Id;
AddSignatureProperties(counterSigDocument, counterSignatureXadesObject.QualifyingProperties.SignedProperties.SignedSignatureProperties,
counterSignatureXadesObject.QualifyingProperties.SignedProperties.SignedDataObjectProperties,
counterSignatureXadesObject.QualifyingProperties.UnsignedProperties.UnsignedSignatureProperties, parameters);
counterSignature.AddXadesObject(counterSignatureXadesObject);
foreach (Reference signReference in counterSignature.SignedInfo.References)
{
signReference.DigestMethod = parameters.DigestMethod.URI;
}
counterSignature.SignedInfo.SignatureMethod = parameters.SignatureMethod.URI;
counterSignature.AddXadesNamespace = true;
counterSignature.ComputeSignature();
UnsignedProperties unsignedProperties = sigDocument.XadesSignature.UnsignedProperties;
unsignedProperties.UnsignedSignatureProperties.CounterSignatureCollection.Add(counterSignature);
sigDocument.XadesSignature.UnsignedProperties = unsignedProperties;
UpdateXadesSignature(sigDocument);
counterSigDocument.Document = (XmlDocument)sigDocument.Document.Clone();
counterSigDocument.Document.PreserveWhitespace = true;
XmlElement signatureElement = (XmlElement)sigDocument.Document.SelectSingleNode("//*[@Id='" + counterSignature.Signature.Id + "']");
counterSigDocument.XadesSignature = new XadesSignedXml(counterSigDocument.Document);
counterSigDocument.XadesSignature.LoadXml(signatureElement);
return(counterSigDocument);
}
/// <summary>
/// Añade una firma al documento
/// </summary>
/// <param name="sigDocument"></param>
/// <param name="parameters"></param>
public SignatureDocument CoSign(SignatureDocument sigDocument, SignatureParameters parameters)
{
SignatureDocument.CheckSignatureDocument(sigDocument);
_refContent = sigDocument.XadesSignature.GetContentReference();
if (_refContent == null)
{
throw new Exception("No se ha podido encontrar la referencia del contenido firmado.");
}
_dataFormat = null;
foreach (DataObjectFormat dof in sigDocument.XadesSignature.XadesObject.QualifyingProperties.SignedProperties.SignedDataObjectProperties.DataObjectFormatCollection)
{
if (dof.ObjectReferenceAttribute == ("#" + _refContent.Id))
{
_dataFormat = new DataObjectFormat();
_dataFormat.Encoding = dof.Encoding;
_dataFormat.MimeType = dof.MimeType;
_dataFormat.Description = dof.Description;
if (dof.ObjectIdentifier != null)
{
_dataFormat.ObjectIdentifier = new ObjectIdentifier();
_dataFormat.ObjectIdentifier.Identifier.IdentifierUri = dof.ObjectIdentifier.Identifier.IdentifierUri;
_dataFormat.ObjectIdentifier.Description = dof.ObjectIdentifier.Description;
}
break;
}
}
SignatureDocument coSignatureDocument = new SignatureDocument();
coSignatureDocument.Document = (XmlDocument)sigDocument.Document.Clone();
coSignatureDocument.Document.PreserveWhitespace = true;
coSignatureDocument.XadesSignature = new XadesSignedXml(coSignatureDocument.Document);
coSignatureDocument.XadesSignature.LoadXml(sigDocument.XadesSignature.GetXml());
var destination = coSignatureDocument.XadesSignature.GetSignatureElement().ParentNode;
coSignatureDocument.XadesSignature = new XadesSignedXml(coSignatureDocument.Document);
_refContent.Id = "Reference-" + Guid.NewGuid().ToString();
if (_refContent.Type != XadesSignedXml.XmlDsigObjectType)
{
_refContent.Type = "";
}
coSignatureDocument.XadesSignature.AddReference(_refContent);
if (destination.NodeType != XmlNodeType.Document)
{
coSignatureDocument.XadesSignature.SignatureNodeDestination = (XmlElement)destination;
}
else
{
coSignatureDocument.XadesSignature.SignatureNodeDestination = ((XmlDocument)destination).DocumentElement;
}
SetSignatureId(coSignatureDocument.XadesSignature);
PrepareSignature(coSignatureDocument, parameters);
coSignatureDocument.XadesSignature.ComputeSignature();
UpdateXadesSignature(coSignatureDocument);
return(coSignatureDocument);
}
/// <summary>
/// Realiza el proceso de firmado
/// </summary>
/// <param name="input"></param>
/// <param name="parameters"></param>
public SignatureDocument Sign(Stream input, SignatureParameters parameters)
{
if (parameters.Signer == null)
{
throw new Exception("Es necesario un certificado válido para la firma");
}
if (input == null && string.IsNullOrEmpty(parameters.ExternalContentUri))
{
throw new Exception("No se ha especificado ningún contenido a firmar");
}
SignatureDocument signatureDocument = new SignatureDocument();
_dataFormat = new DataObjectFormat();
switch (parameters.SignaturePackaging)
{
case SignaturePackaging.INTERNALLY_DETACHED:
if (parameters.DataFormat == null || string.IsNullOrEmpty(parameters.DataFormat.MimeType))
{
throw new NullReferenceException("Se necesita especificar el tipo MIME del elemento a firmar.");
}
_dataFormat.MimeType = parameters.DataFormat.MimeType;
if (parameters.DataFormat.MimeType == "text/xml")
{
_dataFormat.Encoding = "UTF-8";
}
else
{
_dataFormat.Encoding = "http://www.w3.org/2000/09/xmldsig#base64";
}
if (!string.IsNullOrEmpty(parameters.ElementIdToSign))
{
SetContentInternallyDetached(signatureDocument, XMLUtil.LoadDocument(input), parameters.ElementIdToSign);
}
else
{
SetContentInternallyDetached(signatureDocument, input);
}
break;
case SignaturePackaging.HASH_INTERNALLY_DETACHED:
if (parameters.DataFormat == null || string.IsNullOrEmpty(parameters.DataFormat.MimeType))
{
_dataFormat.MimeType = "application/octet-stream";
}
else
{
_dataFormat.MimeType = parameters.DataFormat.MimeType;
}
_dataFormat.Encoding = "http://www.w3.org/2000/09/xmldsig#base64";
SetContentInternallyDetachedHashed(signatureDocument, input);
break;
case SignaturePackaging.ENVELOPED:
_dataFormat.MimeType = "text/xml";
_dataFormat.Encoding = "UTF-8";
SetContentEnveloped(signatureDocument, XMLUtil.LoadDocument(input));
break;
case SignaturePackaging.ENVELOPING:
_dataFormat.MimeType = "text/xml";
_dataFormat.Encoding = "UTF-8";
XmlDocument inputXml = XMLUtil.LoadDocument(input);
if (inputXml.FirstChild.Name == "Manifest" &&
inputXml.FirstChild.NamespaceURI == XadesSignedXml.XmlDsigNamespaceUrl)
{
XmlNode idAttribute = inputXml.FirstChild.Attributes.GetNamedItem("Id");
if (idAttribute == null)
{
throw new Exception("Se requiere un identificador para el objeto manifest");
}
SetContentEveloping(signatureDocument, inputXml, idAttribute.Value, XadesSignedXml.XmlDsigManifestType);
}
else
{
SetContentEveloping(signatureDocument, inputXml, null, XadesSignedXml.XmlDsigObjectType);
}
break;
case SignaturePackaging.EXTERNALLY_DETACHED:
SetContentExternallyDetached(signatureDocument, parameters.ExternalContentUri);
break;
}
if (parameters.DataFormat != null)
{
if (!string.IsNullOrEmpty(parameters.DataFormat.TypeIdentifier))
{
_dataFormat.ObjectIdentifier = new ObjectIdentifier();
_dataFormat.ObjectIdentifier.Identifier.IdentifierUri = parameters.DataFormat.TypeIdentifier;
}
_dataFormat.Description = parameters.DataFormat.Description;
}
SetSignatureId(signatureDocument.XadesSignature);
if (signatureDocument.Document == null)
{
signatureDocument.Document = new XmlDocument();
}
PrepareSignature(signatureDocument, parameters);
signatureDocument.XadesSignature.ComputeSignature();
UpdateXadesSignature(signatureDocument);
return(signatureDocument);
}
public static string Sign(string xml, X509Certificate2 x509)
{
// Wczytaj.
XmlDocument doc = new XmlDocument
{
PreserveWhitespace = true
};
doc.LoadXml(xml);
// SignedXml object
XadesSignedXml signedXml = new XadesSignedXml(doc);
signedXml.Signature.Id = "ID-1234";
signedXml.SigningKey = x509.PrivateKey;
signedXml.SignedInfo.CanonicalizationMethod = SignedXml.XmlDsigCanonicalizationUrl;
signedXml.SignedInfo.SignatureMethod = SignedXml.XmlDsigRSASHA1Url;
// dodaj referencję na dokument
Reference reference = new Reference("#Dokument");
reference.AddTransform(new XmlDsigEnvelopedSignatureTransform());
signedXml.AddReference(reference);
// dodaj KeyInfo
KeyInfo keyInfo = new KeyInfo();
keyInfo.AddClause(new KeyInfoX509Data(x509)); // ??? WholeChain ???
signedXml.KeyInfo = keyInfo;
//
XadesObject xo = new XadesObject();
{
Cert cert = new Cert();
cert.IssuerSerial.X509IssuerName = x509.IssuerName.Name;
cert.IssuerSerial.X509SerialNumber = x509.SerialNumber;
{
SHA1 cryptoServiceProvider = new SHA1CryptoServiceProvider();
cert.CertDigest.DigestValue = cryptoServiceProvider.ComputeHash(x509.RawData);
cert.CertDigest.DigestMethod.Algorithm = SignedXml.XmlDsigSHA1Url;
}
xo.QualifyingProperties.Target = "#" + signedXml.Signature.Id;
xo.QualifyingProperties.SignedProperties.SignedSignatureProperties.SigningTime = DateTime.Now;
xo.QualifyingProperties.SignedProperties.SignedSignatureProperties.SignaturePolicyIdentifier.SignaturePolicyImplied = true;
xo.QualifyingProperties.SignedProperties.SignedSignatureProperties.SigningCertificate.CertCollection.Add(cert);
DataObjectFormat dof = new DataObjectFormat
{
ObjectReferenceAttribute = "#Dokument",
Description = "Dokument w formacie xml [XML]",
Encoding = SignedXml.XmlDsigBase64TransformUrl, // ...xmldsig/#base64
MimeType = "text/plain"
};
xo.QualifyingProperties.SignedProperties.SignedDataObjectProperties.DataObjectFormatCollection.Add(dof);
}
signedXml.AddXadesObject(xo);
//// W dokumentacji 2.9.9.a, Id dla <ds:Object> ma mieć wartość "Dokument", ale nie ma tego w przykładach
var data = new DataObject("Dokument", "text/xml", "", doc.DocumentElement);
signedXml.AddObject(data);
// Podpisz
signedXml.ComputeSignature();
// Get the XML representation of the signature and save
// it to an XmlElement object.
XmlElement xmlDigitalSignature = signedXml.GetXml();
return(xmlDigitalSignature.OuterXml);
}
