private void init(string aPfxFilePath, string aPassword)
{
FileStream fin = new FileStream(aPfxFilePath, FileMode.Open, FileAccess.Read);
Pkcs12StoreBuilder storeBuilder = new Pkcs12StoreBuilder();
Pkcs12Store pkcs12Store = storeBuilder.Build();
pkcs12Store.Load(fin, aPassword.ToCharArray());
fin.Close();
IEnumerable aliases = pkcs12Store.Aliases;
IEnumerator aliasesEnumerator = aliases.GetEnumerator();
while (aliasesEnumerator.MoveNext())
{
string alias = (string)aliasesEnumerator.Current;
signingBouncyCert = pkcs12Store.GetCertificate(alias);
X509Certificate x509Certificate = signingBouncyCert.Certificate;
ECertificate cert = new ECertificate(x509Certificate.GetEncoded());
EKeyUsage eKeyUsage = cert.getExtensions().getKeyUsage();
bool isDigitalSignature = eKeyUsage.isDigitalSignature();
if (isDigitalSignature)
{
signingBouncyKeyEntry = pkcs12Store.GetKey(alias);
signingCertificate = cert;
break;
}
}
}
public bool isValidCertificate(ECertificate certificate)
{
try
{
ValidationPolicy validationPolicy = CertValidationPolicyManager.getInstance().getValidationPolicy();
ValidationSystem vs = CertificateValidation.createValidationSystem(validationPolicy);
vs.setBaseValidationTime(DateTime.UtcNow);
CertificateStatusInfo csi = CertificateValidation.validateCertificate(vs, certificate);
CertificateStatus certificateStatus = csi.getCertificateStatus();
string statusText = certificateStatus.textAl();
//System.Console.WriteLine("Doğrulama Sonucu");
//System.Console.WriteLine(statusText);
//System.Console.WriteLine(csi.checkResultsToString());
//System.Console.WriteLine(csi.getDetailedMessage());
Program.HataMesaji = "\n\r" + csi.checkResultsToString() + "\n\r" + csi.getDetailedMessage();
return(certificateStatus == CertificateStatus.VALID);
}
catch (Exception exc)
{
// System.Console.WriteLine(exc.Message);
Program.HataMesaji = exc.Message;
return(false);
}
}
public byte[] signWithPfxFile(string pfxFile, string pinCode, byte[] tobeSignBytes)
{
BaseSignedData bs = new BaseSignedData();
tr.gov.tubitak.uekae.esya.api.cmssignature.ISignable content = new SignableByteArray(tobeSignBytes);
bs.addContent(content);
//Since SigningTime attribute is optional,add it to optional attributes list
List <IAttribute> optionalAttributes = new List <IAttribute>();
optionalAttributes.Add(new SigningTimeAttr(DateTime.UtcNow));
Dictionary <string, object> params_ = new Dictionary <string, object>();
ValidationPolicy policy = getPolicy();
//necessary for certificate validation.By default,certificate validation is done
params_[EParameters.P_CERT_VALIDATION_POLICY] = policy;
//if the user does not want certificate validation,he can add
//P_VALIDATE_CERTIFICATE_BEFORE_SIGNING parameter with its value set to false
params_[EParameters.P_VALIDATE_CERTIFICATE_BEFORE_SIGNING] = false;
PfxSigner signer = new PfxSigner(SignatureAlg.RSA_SHA256.getName(), pfxFile, pinCode);
ECertificate signatureCertificate = signer.getSignersCertificate();
bs.addSigner(ESignatureType.TYPE_BES, signatureCertificate, signer, optionalAttributes, params_);
return(bs.getEncoded());
}
public bool KartveOkuyucuKontrol()
{
// ilk giriste terminal sayisini degiskene kaydet, sertifikayi goster ve degiskene kaydet
String[] terminals = SmartOp.getCardTerminals();
Program.TerminalSayisi = terminals.Length;
if (terminals == null || terminals.Length == 0)
{
MesajiIsle("Kart takılı bir kart okuyucu bulunamadı. E-İmza programına girmeden evvel imza için kullanacağınız kartı takmalısınız.", 1);
// eskiden bundan sonra cikartmiyordum, eimza kısmında kart değiştigi veya sonradan takıldığı ortaya cikiyordu.
// orada uyari alip cikiyordu (karti programa girdikten sonra degistirmeyin veya onceden takiniz gibi...)
// Bir tus konulup kartlari Oku diye girdikten sonra manuel olarak kart bilgisi almasi saglanabilir ama gerekli oldugunu sanmiyorum.
//MessageBox.Show("Kart takılı kart okuyucu bulunamadı", "", MessageBoxButtons.OK,
// System.Windows.Forms.MessageBoxIcon.Error,
// System.Windows.Forms.MessageBoxDefaultButton.Button1, MessageBoxOptions.DefaultDesktopOnly);
return(false);
// throw new SmartCardException("Kart takılı kart okuyucu bulunamadı");
}
SmartCardManager scmgr = SmartCardManager.getInstance();
{
ECertificate signingCert = scmgr.getSignatureCertificate(true, false);
lbSertifikaSahibi.Text = "Sertifika ve Sahiplik Bilgisi: " + signingCert.ToString();
Program.SertifikaBilgisi = "Sertifika ve Sahiplik Bilgisi: " + signingCert.ToString();
//lbTCKimlikNo.Text = TerminalSayisi
}
return(true);
}
public string createParalelSignature(string eReceteSourceFilePath)
{
string retSignedXmlPath = null;
//Load license from file
//LisansHelper.loadFreeLicenseBase64();
LisansHelper.loadLicense();
try
{
// create context with working dir
string currentDirectory = Directory.GetCurrentDirectory();
Context context = new Context(currentDirectory);
SignedDocument signatures = new SignedDocument(context);
//First Signature
XMLSignature signature1 = signatures.createSignature();
signature1.SigningTime = DateTime.Now;
signature1.addDocument(eReceteSourceFilePath, null, true);
KeyOrSmartCardSignManager keyOrSmartCardSignManager = KeyOrSmartCardSignManager.Instance;
ECertificate signingCert = keyOrSmartCardSignManager.getSigningCertificate();
bool validCertificate = isValidCertificate(signingCert);
if (!validCertificate)
{
MesajiIsle("İmza atılmak istenen sertifika geçerli değil." + Program.HataMesaji, 1);
return(null);
}
// add certificate to show who signed the document
signature1.addKeyInfo(signingCert);
BaseSigner smartCardSigner = keyOrSmartCardSignManager.getSigner(signingCert);
signature1.sign(smartCardSigner);
//Second Signature
XMLSignature signature2 = signatures.createSignature();
signature2.SigningTime = DateTime.Now;
signature2.addDocument(eReceteSourceFilePath, null, true);
signature2.addKeyInfo(signingCert);
signature2.sign(smartCardSigner);
FileInfo sourceFileInfo = new FileInfo(eReceteSourceFilePath);
string destDirPath = sourceFileInfo.Directory.FullName;
retSignedXmlPath = destDirPath + "/" + sourceFileInfo.Name.Replace(".xml", "_PARALEL.xsig");
FileStream signatureFileStream = new FileStream(retSignedXmlPath, FileMode.Create);
signatures.write(signatureFileStream);
signatureFileStream.Close();
return(retSignedXmlPath);
}
catch (XMLSignatureException exc)
{
// cant create signature
MesajiIsle("Hata Oluştu." + exc.Message, 1);
}
catch (Exception exc)
{
// probably couldn't write to the file
MesajiIsle("Hata Oluştu." + exc.Message, 1);
}
return(retSignedXmlPath);
}
public ECertificate getEncryptionCertificate(bool checkIsQualified, bool checkBeingNonQualified)
{
if (mEncryptionCert == null)
{
List <byte[]> allCerts = bsc.getEncryptionCertificates();
mEncryptionCert = selectCertificate(checkIsQualified, checkBeingNonQualified, allCerts);
}
return(mEncryptionCert);
}
BaseSigner getSigner(IBaseSmartCard bsc, String aCardPIN, ECertificate aCert)
{
if (mSigner == null)
{
bsc.login(aCardPIN);
mSigner = bsc.getSigner(aCert, Algorithms.SIGNATURE_RSA_SHA256);
}
return(mSigner);
}
/**
* Generic validate function. Validates known types of xml signature.
* @param fileName name of the signature file to be validated
*/
public static void validate(String fileName)
{
Context context = new Context(Conn.ROOT_DIR + "efatura\\config\\");
// add external resolver to resolve policies
context.addExternalResolver(getPolicyResolver());
XMLSignature signature = XMLSignature.parse(
new FileDocument(new FileInfo(fileName)),
context);
ECertificate cert = signature.SigningCertificate;
ValidationSystem vs;
if (cert.isMaliMuhurCertificate())
{
ValidationPolicy policy = new ValidationPolicy();
String policyPath = Conn.ROOT_DIR + "efatura\\config\\certval-policy-malimuhur.xml";
policy = PolicyReader.readValidationPolicy(policyPath);
vs = CertificateValidation.createValidationSystem(policy);
context.setCertValidationSystem(vs);
}
else
{
ValidationPolicy policy = new ValidationPolicy();
String policyPath = Conn.ROOT_DIR + "efatura\\config\\certval-policy.xml";
policy = PolicyReader.readValidationPolicy(policyPath);
vs = CertificateValidation.createValidationSystem(policy);
context.setCertValidationSystem(vs);
}
// no params, use the certificate in key info
ValidationResult result = signature.verify();
String sonuc = result.toXml();
Console.WriteLine(result.toXml());
// Assert.True(result.Type == ValidationResultType.VALID,"Cant verify " + fileName);
UnsignedSignatureProperties usp = signature.QualifyingProperties.UnsignedSignatureProperties;
if (usp != null)
{
IList <XMLSignature> counterSignatures = usp.AllCounterSignatures;
foreach (XMLSignature counterSignature in counterSignatures)
{
ValidationResult counterResult = signature.verify();
Console.WriteLine(counterResult.toXml());
//Assert.True(counterResult.Type == ValidationResultType.VALID,
// "Cant verify counter signature" + fileName + " : "+counterSignature.Id);
}
}
}
private void btnSignFile_Click(object sender, EventArgs e)
{
string fileName = dtData.Rows[0]["FileName"].ToString();
string fileExtension = new FileInfo(fileName).Extension.ToLower();
string tempFile = Application.StartupPath + "\\tmpFile.pdf";
if (".pdf".Equals(fileExtension))
{
if (File.Exists(tempFile))
{
File.Delete(tempFile);
}
FileServices.WSFileManagerSoapClient client = new FileServices.WSFileManagerSoapClient();
byte[] fileBytes = client.getFileBytes(documentId, dtData.Rows[0]["SessionId"].ToString());
if (fileBytes != null)
{
FileStream fs = new FileStream(tempFile, FileMode.OpenOrCreate);
fs.Write(fileBytes, 0, fileBytes.Length);
fs.Flush();
fs.Close();
Classes.SelectedESignProperties selectedESignProperties = Classes.SmartCardUtils.selectESignProperties(esignUtil);
if (selectedESignProperties == null)
{
return;
}
string terminal = selectedESignProperties.SelectedTerminal;
ECertificate cert = selectedESignProperties.SelectedCertificate;
string pinCode = selectedESignProperties.EnteredPinCode;
try
{
byte[] signedFileBytes = esignUtil.signPdfWithSmartCard(terminal, cert, pinCode, tempFile);
if (client.uploadSignedFile(documentId, signedFileBytes))
{
MessageBox.Show(resMan.GetString("msgSignCompleted"));
}
}
catch (Exception ex)
{
MessageBox.Show(ex.Message);
}
}
}
else
{
MessageBox.Show(resMan.GetString("msgJustPdfFileCanSign"));
}
}
public byte[] signPdfWithPfxFile(string pfxFile, string pinCode, string pdfFileName)
{
PfxSigner signer = new PfxSigner(SignatureAlg.RSA_SHA256.getName(), pfxFile, pinCode);
ECertificate signatureCertificate = signer.getSignersCertificate();
Pkcs12Store store = new Pkcs12Store(new FileStream(pfxFile, FileMode.Open), pinCode.ToCharArray());
String alias = "";
string dest = AppDomain.CurrentDomain.BaseDirectory + "\\tmp.pdf";
if (File.Exists(dest))
{
File.Delete(dest);
}
ICollection <Org.BouncyCastle.X509.X509Certificate> chain = new List <Org.BouncyCastle.X509.X509Certificate>();
// searching for private key
foreach (string al in store.Aliases)
{
if (store.IsKeyEntry(al) && store.GetKey(al).Key.IsPrivate)
{
alias = al;
break;
}
}
AsymmetricKeyEntry pk = store.GetKey(alias);
foreach (X509CertificateEntry c in store.GetCertificateChain(alias))
{
chain.Add(c.Certificate);
}
RsaPrivateCrtKeyParameters parameters = pk.Key as RsaPrivateCrtKeyParameters;
// Creating the reader and the stamper
PdfReader reader = new PdfReader(pdfFileName);
FileStream os = new FileStream(dest, FileMode.Create);
PdfStamper stamper = PdfStamper.CreateSignature(reader, os, '\0');
// Creating the appearance
PdfSignatureAppearance appearance = stamper.SignatureAppearance;
appearance.Reason = "";
appearance.Location = "";
//appearance.SetVisibleSignature(new Rectangle(36, 748, 144, 780), 1, "sig");//don't show rectangle on pdf
// Creating the signature
IExternalSignature pks = new PrivateKeySignature(parameters, DigestAlgorithms.SHA256);
MakeSignature.SignDetached(appearance, pks, chain, null, null, null, 0, CryptoStandard.CADES);
byte[] buffer = File.ReadAllBytes(dest);
File.Delete(dest);
return(buffer);
}
public List <ECertificate> getSignatureCertificates(string terminal)
{
List <ECertificate> certs = new List <ECertificate>();
Pair <long, CardType> slotAndCardType = SmartOp.getSlotAndCardType(terminal);
IBaseSmartCard smartCard = getSmartCard(terminal);
smartCard.openSession(slotAndCardType.getmObj1());
List <byte[]> byteOfCerts = smartCard.getSignatureCertificates();
foreach (byte[] bs in byteOfCerts)
{
ECertificate cert = new ECertificate(bs);
certs.Add(cert);
}
return(certs);
}
public string addSerialSignature(String signedEReceteFilePath)
{
LisansHelper.loadLicense();
String retSignedXmlPath = null;
try
{
//create context with working dir
string currentDirectory = Directory.GetCurrentDirectory();
Context context = new Context(currentDirectory);
XMLSignature signature = XMLSignature.parse(new FileDocument(new FileInfo(signedEReceteFilePath)), context);
// create counter signature
XMLSignature counterSignature = signature.createCounterSignature();
counterSignature.SigningTime = DateTime.Now;
// sign
// add certificate to show who signed the document
KeyOrSmartCardSignManager keyOrSmartCardSignManager = KeyOrSmartCardSignManager.Instance;
ECertificate signingCert = keyOrSmartCardSignManager.getSigningCertificate();
counterSignature.addKeyInfo(signingCert);
// now sign it by using smart card
// now sign it
BaseSigner baseSigner = keyOrSmartCardSignManager.getSigner(signingCert);
counterSignature.sign(baseSigner);
FileInfo sourceFileInfo = new FileInfo(signedEReceteFilePath);
string destDirPath = sourceFileInfo.Directory.FullName;
retSignedXmlPath = destDirPath + "/" + sourceFileInfo.Name.Replace(".xsig", "_Counter.xsig");
FileStream signatureFileStream = new FileStream(retSignedXmlPath, FileMode.Create);
signature.write(signatureFileStream);
signatureFileStream.Close();
}
catch (XMLSignatureException exc)
{
// cant create signature
MesajiIsle("Hata Oluştu." + exc.Message, 1);
}
catch (Exception exc)
{
// probably couldn't write to the file
MesajiIsle("Hata Oluştu." + exc.Message, 1);
}
return(retSignedXmlPath);
}
public ECertificate getSignatureCertificate(bool checkIsQualified, bool checkBeingNonQualified)
{
try
{
if (mSignatureCert == null)
{
List <byte[]> allCerts = bsc.getSignatureCertificates();
mSignatureCert = selectCertificate(checkIsQualified, checkBeingNonQualified, allCerts);
}
}
catch (Exception ex)
{
MessageBox.Show(ex.Message);
}
return(mSignatureCert);
}
/**
* Validates given certificate
*/
public static Boolean validateCertificate(ECertificate certificate)
{
try
{
ValidationSystem vs;
// generate policy which going to be used in validation
if (certificate.isMaliMuhurCertificate())
{
ValidationPolicy policy = new ValidationPolicy();
String policyPath = Conn.ROOT_DIR + "efatura\\config\\certval-policy-malimuhur.xml";
policy = PolicyReader.readValidationPolicy(policyPath);
vs = CertificateValidation.createValidationSystem(policy);
}
else
{
ValidationPolicy policy = new ValidationPolicy();
String policyPath = Conn.ROOT_DIR + "efatura\\config\\certval-policy.xml";
policy = PolicyReader.readValidationPolicy(policyPath);
vs = CertificateValidation.createValidationSystem(policy);
}
vs.setBaseValidationTime(DateTime.UtcNow);
// validate certificate
CertificateStatusInfo csi = CertificateValidation.validateCertificate(vs, certificate);
// return true if certificate is valid, false otherwise
if (csi.getCertificateStatus() != CertificateStatus.VALID)
{
return(false);
}
else if (csi.getCertificateStatus() == CertificateStatus.VALID)
{
return(true);
}
}
catch (Exception e)
{
throw new Exception("An error occured while validating certificate", e);
}
return(false);
}
public BaseSigner getSigner(String aCardPIN, ECertificate aCert)
{
try
{
if (mSigner == null)
{
bsc.login(aCardPIN);
mSigner = bsc.getSigner(aCert, Algorithms.SIGNATURE_RSA_SHA256);
}
}
catch (PKCS11Exception e)
{
throw new SmartCardException("Pkcs11 exception - Detay bilgilere bakınız", e);
}
catch (Exception exc)
{
// probably couldn't write to the file
MesajiIsle("Hata Oluştu." + exc.Message, 1);
}
return(mSigner);
}
public ECertificate getSignatureCertificate(bool checkIsQualified, bool checkBeingNonQualified)
{
if (mSignatureCert == null)
{
List <byte[]> allCerts = bsc.getSignatureCertificates();
mSignatureCert = selectCertificate(checkIsQualified, checkBeingNonQualified, allCerts);
// tcno ve adsoyad alma denemesi
string AdiSoyadi, TCKimlikNo = mSignatureCert.ToString();
AdiSoyadi = TCKimlikNo;
int startIndex = TCKimlikNo.IndexOf("SERIALNUMBER=");
TCKimlikNo = TCKimlikNo.Substring(startIndex + 13, 11);
startIndex = AdiSoyadi.IndexOf("CN=");
int endIndex = AdiSoyadi.IndexOf(",", startIndex);
AdiSoyadi = AdiSoyadi.Substring(startIndex + 3, endIndex - (startIndex + 3));
// tcno ve adsoyad alma denemesi
}
return(mSignatureCert);
}
public BaseSigner getSigner(ECertificate signingCert)
{
if (useSmartCard)
{
string smartCardPin = Constants.SMART_CARD_PIN;
if (smartCardPin.Length == 0)
{
throw new Exception("Please define smart card password in Constants class.");
}
if (signingCert == null)
{
signingCert = getSigningCertificate();
}
BaseSigner smartCardSigner = smartCardManager.getSigner(smartCardPin, signingCert);
return(smartCardSigner);
}
else
{
return(pfxSigner);
}
return(null);
}
public bool KartveOkuyucuKontrol()
{
String[] terminals = SmartOp.getCardTerminals();
Program.TerminalSayisi = terminals.Length;
if (terminals == null || terminals.Length == 0)
{
return(false);
}
SmartCardManager scmgr = SmartCardManager.getInstance();
{
ECertificate signingCert = scmgr.getSignatureCertificate(true, false);
LBLTCKIMLIK.Text = Bul(signingCert.ToString(), "SERIALNUMBER=", ",");
LBLADISOYADI.Text = Bul(signingCert.ToString(), "CN=", ",");
LBLSERIAL.Text = Bul(signingCert.ToString(), "Serial:", "Valid from").TrimStart(' ');
LBLBASTARIH.Text = Bul(signingCert.ToString(), "Valid from", "to").TrimStart(' ').TrimEnd(' ');
LBLBITTARIH.Text = Bul(signingCert.ToString(), " to", "Ca:").TrimStart(' ').TrimEnd(' ');
DateTime bitis_tarihi = DateTime.Parse(LBLBITTARIH.Text);
DateTime baslangic_tarihi = DateTime.Parse(LBLBASTARIH.Text);
DateTime simdi = DateTime.Now;
int kalangun = GunFarkikBul(simdi, bitis_tarihi);
if (bitis_tarihi < simdi)
{
LBLKALANGUN.Text = "- " + kalangun.ToString();
LBLKALANGUN.ForeColor = Color.Red;
}
else
{
LBLKALANGUN.Text = kalangun.ToString();
}
Program.SertifikaBilgisi = "Sertifika ve Sahiplik Bilgisi: " + signingCert.ToString();
}
return(true);
}
public void setSignRequestCertificate(ECertificate signRequestCertificate)
{
this.signRequestCertificate = signRequestCertificate;
}
public Task <List <SignatureInfo> > CheckSignaturesAsync(byte[] input)
{
return(Task.Factory.StartNew(() =>
{
if (!IsSignedData(input) && !IsSignedPDF(input))
{
throw new SignatureNotFoundException("İmza bilgisi bulunamdı.");
}
List <SignatureInfo> signInfo = new List <SignatureInfo>();
if (IsSignedData(input))
{
BaseSignedData bs = new BaseSignedData(input);
Dictionary <string, object> params_ = new Dictionary <string, object>();
params_[EParameters.P_CERT_VALIDATION_POLICY] = _policy;
params_[EParameters.P_FORCE_STRICT_REFERENCE_USE] = true;
SignedDataValidation sdv = new SignedDataValidation();
SignedDataValidationResult sdvr = sdv.verify(input, params_);
for (int i = 0; i < sdvr.getSDValidationResults().Count; i++)
{
var item = sdvr.getSDValidationResults()[i];
var signatureType = bs.getSignerList()[i].getType().name();
var certificate = item.getSignerCertificate();
var name = certificate.getSubject().getCommonNameAttribute();
var identity = certificate.getSubject().getSerialNumberAttribute();
var serialnumber = certificate.getSerialNumber().ToString();
var issuer = certificate.getIssuer().getCommonNameAttribute();
bool isvalid = false;
if (item.getSignatureStatus() == Types.Signature_Status.VALID)
{
isvalid = true;
}
var info = new SignatureInfo()
{
Identity = identity, Name = name, IsValid = isvalid, Issuer = issuer, SerialNumber = serialnumber, SignatureType = signatureType
};
if (certificate.getNotAfter().HasValue)
{
info.ValidUntil = certificate.getNotAfter().Value;
}
if (certificate.getNotBefore().HasValue)
{
info.ValidFrom = certificate.getNotBefore().Value;
}
var signaturealgorithm = SignatureAlg.fromAlgorithmIdentifier(certificate.getSignatureAlgorithm()).first().getName();
var publickeyalgorithm = SignatureAlg.fromAlgorithmIdentifier(certificate.getPublicKeyAlgorithm()).first().getName();
var publicKey = certificate.asX509Certificate2().GetPublicKeyString();
info.PublicKey = publicKey;
info.SignatureAlgorithm = signaturealgorithm;
info.PublicKeyAlgorithm = publickeyalgorithm;
info.IsTimeStampedCertificate = certificate.isTimeStampingCertificate();
info.IsQualifiedCertificate = certificate.isQualifiedCertificate();
if (item.getSigningTime().HasValue)
{
info.SignedOn = item.getSigningTime().Value;
}
signInfo.Add(info);
}
}
if (IsSignedPDF(input))
{
PdfReader reader = new PdfReader(input);
AcroFields af = reader.AcroFields;
var names = af.GetSignatureNames();
for (int i = 0; i < names.Count; ++i)
{
String name = (string)names[i];
PdfPKCS7 pk = af.VerifySignature(name);
var cert = new ECertificate(pk.SigningCertificate.GetEncoded());
var signatureType = "ES_XL";
var commonname = cert.getSubject().getCommonNameAttribute();
var identity = cert.getSubject().getSerialNumberAttribute();
var serialnumber = cert.getSerialNumber().ToString();
var issuer = cert.getIssuer().getCommonNameAttribute();
var info = new SignatureInfo()
{
Identity = identity, Name = commonname, IsValid = pk.SigningCertificate.IsValidNow, Issuer = issuer, SerialNumber = serialnumber, SignatureType = signatureType
};
if (cert.getNotAfter().HasValue)
{
info.ValidUntil = cert.getNotAfter().Value;
}
if (cert.getNotBefore().HasValue)
{
info.ValidFrom = cert.getNotBefore().Value;
}
var signaturealgorithm = SignatureAlg.fromAlgorithmIdentifier(cert.getSignatureAlgorithm()).first().getName();
var publickeyalgorithm = SignatureAlg.fromAlgorithmIdentifier(cert.getPublicKeyAlgorithm()).first().getName();
var publicKey = cert.asX509Certificate2().GetPublicKeyString();
info.PublicKey = publicKey;
info.SignatureAlgorithm = signaturealgorithm;
info.PublicKeyAlgorithm = publickeyalgorithm;
info.IsTimeStampedCertificate = cert.isTimeStampingCertificate();
info.IsQualifiedCertificate = cert.isQualifiedCertificate();
if (cert.isQualifiedCertificate())
{
info.SignedOn = pk.SignDate;
}
else if (cert.isTimeStampingCertificate())
{
info.SignedOn = pk.TimeStampDate;
}
signInfo.Add(info);
}
}
return signInfo;
}));
}
public static bool createEnvelopedBes(string pinNo, string signXML, String outXML, bool bInTest)
{
bool res = false;
cardPinNo = pinNo;
TestEnvelopedSignatureInitialize();
try
{
// here is our custom envelope xml
// XmlDocument envelopeDoc = newEnvelope("edefter.xml");
XmlDocument envelopeDoc = Conn.newEnvelope(signXML);
XmlElement exts = (XmlElement)envelopeDoc.GetElementsByTagName("ext:UBLExtensions").Item(0);
XmlElement ext = (XmlElement)exts.GetElementsByTagName("ext:UBLExtension").Item(0);
XmlElement extContent = (XmlElement)ext.GetElementsByTagName("ext:ExtensionContent").Item(0);
UriBuilder ub = new UriBuilder(Conn.ROOT_DIR + "efatura\\config\\");
// create context with working dir
Context context = new Context(ub.Uri);
//UriBuilder ub2 = new UriBuilder(Conn.ROOT_DIR + "efatura\\config\\xmlsignature-config.xml");
context.Config = new Config(Conn.ROOT_DIR + "efatura\\config\\xmlsignature-config.xml");
// define where signature belongs to
context.Document = envelopeDoc;
// create signature according to context,
// with default type (XADES_BES)
XMLSignature signature = new XMLSignature(context, false);
String setID = "Signature_" + envelopeDoc.GetElementsByTagName("cbc:ID").Item(0).InnerText;
signature.Id = setID;
signature.SigningTime = DateTime.Now;
// attach signature to envelope
//envelopeDoc.DocumentElement.AppendChild(signature.Element);
extContent.AppendChild(signature.Element);
//add transforms for efatura
Transforms transforms = new Transforms(context);
transforms.addTransform(new Transform(context, TransformType.ENVELOPED.Url));
// add document as reference,
//signature.addDocument("#data1", "text/xml", false);
signature.addDocument("", "text/xml", transforms, DigestMethod.SHA_256, false);
ECertificate certificate = SmartCardManager.getInstance().getEInvoiceCertificate(cardPinNo);// getSignatureCertificate(true, false);
if (certificate.isMaliMuhurCertificate())
{
ValidationPolicy policy = new ValidationPolicy();
String policyPath = Conn.ROOT_DIR + "efatura\\config\\certval-policy-malimuhur.xml";
policy = PolicyReader.readValidationPolicy(policyPath);
ValidationSystem vs = CertificateValidation.createValidationSystem(policy);
context.setCertValidationSystem(vs);
}
else
{
ValidationPolicy policy = new ValidationPolicy();
String policyPath = Conn.ROOT_DIR + "efatura\\config\\certval-policy.xml";
policy = PolicyReader.readValidationPolicy(policyPath);
ValidationSystem vs = CertificateValidation.createValidationSystem(policy);
context.setCertValidationSystem(vs);
}
if (CertValidation.validateCertificate(certificate) || bInTest)
{
BaseSigner signer = SmartCardManager.getInstance().getSigner(cardPinNo, certificate);
X509Certificate2 msCert = certificate.asX509Certificate2();
signature.addKeyInfo(msCert.PublicKey.Key);
signature.addKeyInfo(certificate);
KeyInfo keyInfo = signature.createOrGetKeyInfo();
int elementCount = keyInfo.ElementCount;
for (int k = 0; k < elementCount; k++)
{
KeyInfoElement kiElement = keyInfo.get(k);
if (kiElement.GetType().IsAssignableFrom(typeof(X509Data)))
{
X509Data x509Data = (X509Data)kiElement;
X509SubjectName x509SubjectName = new X509SubjectName(context,
certificate.getSubject().stringValue());
x509Data.add(x509SubjectName);
break;
}
}
//signature.addKeyInfo(certificate);
signature.SignedInfo.CanonicalizationMethod = C14nMethod.EXCLUSIVE_WITH_COMMENTS;
signature.sign(signer);
// this time we dont use signature.write because we need to write
// whole document instead of signature
using (Stream s = new FileStream(outXML, FileMode.Create))
{
try
{
envelopeDoc.Save(s);
s.Flush();
s.Close();
res = true;
}
catch (Exception e)
{
res = false;
MessageBox.Show("Dosya kaydedilirken hata oluştu " + e.Message.ToString());
s.Close();
}
}
}
}
catch (Exception e)
{
res = false;
MessageBox.Show("Hata Oluştu \r\n" + e.Message.ToString());
}
return(res);
}
public byte[] signPdfWithSmartCard(string terminal, ECertificate signatureCertificate, string pinCode, string pdfFileName)
{
byte[] buffer = null;
PdfReader reader = null;
PdfStamper stamper = null;
FileStream os = null;
try
{
string dest = AppDomain.CurrentDomain.BaseDirectory + "\\tmp.pdf";
if (File.Exists(dest))
{
File.Delete(dest);
}
IExternalSignature pks = new SmartCardPrivateKeySignature(terminal, pinCode, signatureCertificate);
reader = new PdfReader(pdfFileName);
os = new FileStream(dest, FileMode.Create);
stamper = PdfStamper.CreateSignature(reader, os, '\0');
Org.BouncyCastle.Asn1.Esf.SignaturePolicyIdentifier policy = new Org.BouncyCastle.Asn1.Esf.SignaturePolicyIdentifier();
DateTime dtNow = DateTime.Now;
PdfSignatureAppearance appearance = stamper.SignatureAppearance;
appearance.Reason = "";
appearance.Location = "";
appearance.SignDate = dtNow;
PdfSignature dic = new PdfSignature(PdfName.ADOBE_PPKMS, PdfName.ADBE_PKCS7_SHA1);
dic.Date = new PdfDate(dtNow);
appearance.CryptoDictionary = dic;
ICollection <Org.BouncyCastle.X509.X509Certificate> chain = new List <Org.BouncyCastle.X509.X509Certificate>();
X509Certificate2 cert = signatureCertificate.asX509Certificate2();
X509Chain x509chain = new X509Chain();
x509chain.Build(cert);
foreach (X509ChainElement x509ChainElement in x509chain.ChainElements)
{
chain.Add(DotNetUtilities.FromX509Certificate(x509ChainElement.Certificate));
}
MakeSignature.SignDetached(appearance, pks, chain, null, null, null, 0, CryptoStandard.CADES, policy);
buffer = File.ReadAllBytes(dest);
File.Delete(dest);
}
finally
{
if (reader != null)
{
reader.Close();
}
if (stamper != null)
{
stamper.Close();
}
if (os != null)
{
os.Close();
}
}
return(buffer);
}
public SmartCardPrivateKeySignature(string terminal, string pin, ECertificate cert)
{
this.terminal = terminal;
this.pin = pin;
this.cert = cert;
}
public ECertificate getEInvoiceCertificate(string pinNo)
{
if (mSignatureCert == null)
{
List <byte[]> aCerts = bsc.getSignatureCertificates();
List <ECertificate> certs = new List <ECertificate>();
foreach (byte[] bs in aCerts)
{
ECertificate cert = new ECertificate(bs);
if (cert.isQualifiedCertificate())
{
certs.Add(cert);
}
else if (cert.isMaliMuhurCertificate())
{
certs.Add(cert);
}
}
if (certs.Count == 0)
{
throw new ESYAException("Kartta fatura imzalayabiliceğiniz bir sertifika bulunmuyor");
}
else if (certs.Count == 1)
{
mSignatureCert = certs[0];
}
else
{
String[] optionList = new String[certs.Count];
for (int i = 0; i < certs.Count; i++)
{
if (certs[i].isQualifiedCertificate())
{
optionList[i] = certs[i].getSubject().getCommonNameAttribute() + " (Nitelikli)";
}
else
{
optionList[i] = certs[i].getSubject().getCommonNameAttribute() + " (MaliMühür)";
}
}
int result = askOption(null, null, optionList,
"Sertifika Listesi", new String[] { "Tamam",
"\u0130ptal" });
if (result < 0)
{
throw new ESYAException("Sertifika secmediniz");
}
else
{
mSignatureCert = certs[result];
}
}
return(mSignatureCert);
}
return(mSignatureCert);
}
private ECertificate selectCertificate(bool checkIsQualified, bool checkBeingNonQualified, List <byte[]> aCerts)
{
if (aCerts != null && aCerts.Count == 0)
{
throw new ESYAException("Kartta sertifika bulunmuyor");
}
if (checkIsQualified && checkBeingNonQualified)
{
throw new ESYAException(
"Bir sertifika ya nitelikli sertifikadir, ya niteliksiz sertifikadir. Hem nitelikli hem niteliksiz olamaz");
}
List <ECertificate> certs = new List <ECertificate>();
foreach (byte[] bs in aCerts)
{
ECertificate cert = new ECertificate(bs);
if (checkIsQualified)
{
if (cert.isQualifiedCertificate())
{
certs.Add(cert);
}
}
else if (checkBeingNonQualified)
{
if (!cert.isQualifiedCertificate())
{
certs.Add(cert);
}
}
else
{
certs.Add(cert);
}
}
ECertificate selectedCert = null;
if (certs.Count == 0)
{
if (checkIsQualified)
{
throw new ESYAException("Kartta nitelikli sertifika bulunmuyor");
}
else if (checkBeingNonQualified)
{
throw new ESYAException("Kartta niteliksiz sertifika bulunmuyor");
}
}
else if (certs.Count == 1)
{
selectedCert = certs[0];
}
else
{
selectedCert = certs[0];
}
return(selectedCert);
}
private ECertificate selectCertificate(bool checkIsQualified, bool checkBeingNonQualified, List <byte[]> aCerts)
{
if (aCerts != null && aCerts.Count == 0)
{
throw new ESYAException("Kartta sertifika bulunmuyor");
}
if (checkIsQualified && checkBeingNonQualified)
{
throw new ESYAException(
"Bir sertifika ya nitelikli sertifikadir, ya niteliksiz sertifikadir. Hem nitelikli hem niteliksiz olamaz");
}
List <ECertificate> certs = new List <ECertificate>();
foreach (byte[] bs in aCerts)
{
ECertificate cert = new ECertificate(bs);
if (checkIsQualified)
{
if (cert.isQualifiedCertificate())
{
certs.Add(cert);
}
}
else if (checkBeingNonQualified)
{
if (!cert.isQualifiedCertificate())
{
certs.Add(cert);
}
}
else
{
certs.Add(cert);
}
}
ECertificate selectedCert = null;
if (certs.Count == 0)
{
if (checkIsQualified)
{
throw new ESYAException("Kartta nitelikli sertifika bulunmuyor");
}
else if (checkBeingNonQualified)
{
throw new ESYAException("Kartta niteliksiz sertifika bulunmuyor");
}
}
else if (certs.Count == 1)
{
selectedCert = certs[0];
}
else
{
String[] optionList = new String[certs.Count];
for (int i = 0; i < certs.Count; i++)
{
optionList[i] = certs[i].getSubject().getCommonNameAttribute();
}
int result = askOption(null, null, optionList, "Sertifika Listesi", new[] { "Tamam" });
if (result < 0)
{
selectedCert = null;
}
else
{
selectedCert = certs[result];
}
}
return(selectedCert);
}
public string eReceteImzala(string eReceteSourceFilePath, string eReceteDestFilePath, string GelenXML, Boolean DosyayaYaz)
{
string retSignedXmlPath = null;
//Load license from file
//LisansHelper.loadFreeLicenseBase64();
//LisansHelper.loadFullTestLicense();
// LisansHelper.loadFreeLicense();
// LisansHelper.loadLicense();
try
{
// create context with working dir
string currentDirectory = Directory.GetCurrentDirectory();
Context context = new Context(currentDirectory);
// create signature according to context,
// with default type (XADES_BES)
XMLSignature signature = new XMLSignature(context);
signature.SigningTime = DateTime.Now;
if (GelenXML != "")
{
InMemoryDocument inMMDoc = new InMemoryDocument(System.Text.Encoding.UTF8.GetBytes(GelenXML), "", null, null);
signature.addDocument(inMMDoc);
}
else
{
// add document as reference, and keep BASE64 version of data
// in an <Object tag, in a way that reference points to
// that <Object
// (embed=true) null
signature.addDocument(eReceteSourceFilePath, "text/plain", true);
}
// bu kismin alternatifi TestEnvelopingSignature dosyasinda var
// if (Program.ParamTCKimlikNo != "")
if (Program.ParamOto == "1")
{
SmartCardManagerKimlikNodanSec smc = SmartCardManagerKimlikNodanSec.getInstance(0); // 0 server version
// sanirim smc nesnesi getInstance icinde uygun karta gore olusuyor... altta masaustu icin de uygula... 10.12.2015
if (Program.KartOkuyucuYok == 1)
{
return(null);
}
ECertificate signingCert = smc.getSignatureCertificate(true, false);
//İlk parameter Kart Pin
BaseSigner baseSigner = smc.getSigner(Program.PinKodu, signingCert); // "12345"
bool validCertificate = isValidCertificate(signingCert);
if (!validCertificate)
{
MesajiIsle("İmza atılmak istenen sertifika geçerli değil." + Program.HataMesaji, 1);
return(null);
}
// add certificate to show who signed the document
signature.addKeyInfo(signingCert);
//Signer Oluşturma
signature.sign(baseSigner);
}
else
{
// 1 desktop version
// imzalama oncesi kartta instance acma
SmartCardManagerKimlikNodanSec smc = SmartCardManagerKimlikNodanSec.getInstance(1); // 1 desktop version
// smc nesnesi getInstance icinde uygun karta gore olusacak
if (Program.KartOkuyucuYok == 1)
{
return(null);
}
ECertificate signingCert = smc.getSignatureCertificate(true, false);
//İlk parameter Kart Pin
BaseSigner baseSigner = smc.getSigner(Program.PinKodu, signingCert); // "12345"
if (baseSigner == null)
{
return(null);
}
bool validCertificate = isValidCertificate(signingCert);
if (!validCertificate)
{
MesajiIsle("İmza atılmak istenen sertifika geçerli değil." + Program.HataMesaji, 1);
return(null);
}
if (Program.SertifikaBilgisi != "Sertifika ve Sahiplik Bilgisi: " + signingCert.ToString())
{
if (Program.SertifikaBilgisi == "Sertifika ve Sahiplik Bilgisi: ")
{
MesajiIsle("Akıllı kartı, imza ekranına girmeden evvel takınız." + Program.HataMesaji, 1);
return(null);
}
MesajiIsle("Akıllı kart, imza ekranına girildikten sonra değiştirilmiş, işlemi kart değiştirmeden yapınız." + Program.HataMesaji, 1);
return(null);
}
// add certificate to show who signed the document
signature.addKeyInfo(signingCert);
//Signer Oluşturma
signature.sign(baseSigner);
// eski yontem
//if (Program.KartOkuyucuYok == 1) return null;
//ECertificate signingCert = smc.getSignatureCertificate(true, false);
//BaseSigner baseSigner = smc.getSigner(Program.PinKodu, signingCert); // "12345"
//bool validCertificate = isValidCertificate(signingCert);
//if (!validCertificate)
//{
// MesajiIsle("İmza atılmak istenen sertifika geçerli değil." + Program.HataMesaji, 1);
// return null;
//}
//// add certificate to show who signed the document
//signature.addKeyInfo(signingCert);
////Signer Oluşturma
//signature.sign(baseSigner);
}
//FileInfo sourceFileInfo = new FileInfo(eReceteSourceFilePath);
//string destDirPath = sourceFileInfo.Directory.FullName;
if (DosyayaYaz)
{
retSignedXmlPath = eReceteDestFilePath.Replace(".xml", ".xsig");
FileStream signatureFileStream = new FileStream(retSignedXmlPath, FileMode.Create);
signature.write(signatureFileStream);
signatureFileStream.Close();
// mesaji main'de button click sonundan buraya aldim
if (retSignedXmlPath != null)
{
// tBoxSignedERecetePath.Text = signedFilePath;
MesajiIsle(retSignedXmlPath + " konumunda imzalı E-Reçete oluşturuldu.", 0);
}
}
else
{
MesajiIsle("E-Reçete imza verisi hazır", 0);
}
// return retSignedXmlPath;
return(signature.Document.OuterXml);
}
catch (XMLSignatureRuntimeException exc)
{
// cant create signature
MesajiIsle("Hata Oluştu." + exc.Message, 1);
}
catch (XMLSignatureException exc)
{
// cant create signature
MesajiIsle("Hata Oluştu." + exc.Message, 1);
}
catch (Exception exc)
{
// probably couldn't write to the file
MesajiIsle("Hata Oluştu." + exc.Message, 1);
}
// return retSignedXmlPath;
return("");
}
