private static string ZKI(X509Certificate2CF certifikat, string oibObveznika, string datumVrijemeIzdavanjaRacuna, string brojcanaOznakaRacuna, string oznakaPoslovnogProstora, string oznakaNaplatnogUredaja, string ukupniIznosRacuna) { string zastitniKod; StringBuilder sb = new StringBuilder(); sb.Append(oibObveznika); sb.Append(datumVrijemeIzdavanjaRacuna); sb.Append(brojcanaOznakaRacuna); sb.Append(oznakaPoslovnogProstora); sb.Append(oznakaNaplatnogUredaja); sb.Append(ukupniIznosRacuna.Replace(',', '.')); byte[] by = PotpisivanjeCF.PotpisiTekst(sb.ToString(), certifikat); if (by != null) { zastitniKod = ComputeHash(by); } else { zastitniKod = ""; } return(zastitniKod); }
public static byte[] PotpisiByteArray(byte[] ulaz, X509Certificate2CF certifikat) { if (certifikat == null) { throw new ArgumentNullException(); } byte[] izlaz = null; //RSACryptoServiceProvider provider = (RSACryptoServiceProvider)certifikat.PrivateKey; RSACryptoServiceProvider provider = certifikat.rsa; try { izlaz = provider.SignData(ulaz, new SHA1CryptoServiceProvider()); } catch (Exception ex) { Trace.WriteLine(String.Format("Greška kod potpisivanja teksta: {0}", ex.Message)); throw; } return(izlaz); }
public static byte[] PotpisiTekst(string tekst, X509Certificate2CF certifikat) { if (certifikat == null) { throw new ArgumentNullException(); } byte[] potpisaniTekst = null; //RSACryptoServiceProvider provider = (RSACryptoServiceProvider)certifikat.PrivateKey; RSACryptoServiceProvider provider = certifikat.rsa; try { byte[] by = Encoding.ASCII.GetBytes(tekst); potpisaniTekst = provider.SignData(by, new SHA1CryptoServiceProvider()); } catch (Exception ex) { Trace.WriteLine(String.Format("Greška kod potpisivanja teksta: {0}", ex.Message)); throw; } return(potpisaniTekst); }
public static string ZastitniKodIzracun(X509Certificate2CF certifikat, string oibObveznika, string datumVrijemeIzdavanjaRacuna, string brojcanaOznakaRacuna, string oznakaPoslovnogProstora, string oznakaNaplatnogUredaja, string ukupniIznosRacuna) { if (certifikat == null || string.IsNullOrEmpty(oibObveznika) || datumVrijemeIzdavanjaRacuna == null || string.IsNullOrEmpty(brojcanaOznakaRacuna) || string.IsNullOrEmpty(oznakaPoslovnogProstora) || string.IsNullOrEmpty(oznakaNaplatnogUredaja)) { throw new ArgumentNullException(); } return(ZKI(certifikat, oibObveznika, datumVrijemeIzdavanjaRacuna, brojcanaOznakaRacuna, oznakaPoslovnogProstora, oznakaNaplatnogUredaja, ukupniIznosRacuna)); }
public static string ZastitniKodIzracun(string certifikatDatoteka, string zaporka, string oibObveznika, string datumVrijemeIzdavanjaRacuna, string brojcanaOznakaRacuna, string oznakaPoslovnogProstora, string oznakaNaplatnogUredaja, string ukupniIznosRacuna) { if (string.IsNullOrEmpty(certifikatDatoteka) || string.IsNullOrEmpty(zaporka) || string.IsNullOrEmpty(oibObveznika) || datumVrijemeIzdavanjaRacuna == null || string.IsNullOrEmpty(brojcanaOznakaRacuna) || string.IsNullOrEmpty(oznakaPoslovnogProstora) || string.IsNullOrEmpty(oznakaNaplatnogUredaja)) { throw new ArgumentNullException(); } X509Certificate2CF certificate = PotpisivanjeCF.DohvatiCertifikat(certifikatDatoteka); return(ZKI(certificate, oibObveznika, datumVrijemeIzdavanjaRacuna, brojcanaOznakaRacuna, oznakaPoslovnogProstora, oznakaNaplatnogUredaja, ukupniIznosRacuna)); }
/// <summary> /// Dohvaća certifikat iz XML datoteke.</summary> /// <param name="certifikatDatoteka">Path i naziv (full path) datoteke u kojoj se nalazi certifikat.</param> /// <returns> /// Vraća dohvaćeni certifikat. U slučaju greške ili ukoliko certifikat nije pronađen, vraća null.</returns> public static X509Certificate2CF DohvatiCertifikat(string certifikatDatoteka) { X509Certificate2CF certificate = null; FileInfo fi = new FileInfo(certifikatDatoteka); if (fi.Exists) { try { certificate = new X509Certificate2CF(certifikatDatoteka); } catch (Exception ex) { Trace.WriteLine(String.Format("Greška kod kreiranja certifikata: {0}", ex.Message)); throw; } } return(certificate); }
/// <summary> /// Potpisuje XML dokument.</summary> /// <param name="dokument">XML dokument koji treba potpisati.</param> /// <param name="certifikat">Certifikat koji se koristi kod potpisivanja.</param> /// <example> /// PopratneFunkcije.Potpisivanje.PotpisiXmlDokument(zahtjevXml, certificate); /// </example> /// <returns> /// Vraća potpisani XML dokument.</returns> public static XmlDocument PotpisiXmlDokument(XmlDocument dokument, X509Certificate2CF certifikat) { try { //dok1 je xml-exc-c14n format XML dokumenta XmlDocument dok1 = (XmlDocument)dokument.Clone(); //izbiši <?xml.... foreach (XmlNode node1 in dok1) { if (node1.NodeType == XmlNodeType.XmlDeclaration) { dok1.RemoveChild(node1); break; } } //poredaj ispravno atribute (različit raspored na .net i net compact framework platformi! XmlNode node = dok1.FirstChild; node.Attributes.RemoveNamedItem("xmlns:xsi"); node.Attributes.Prepend(node.Attributes["Id"]); node.Attributes.Prepend(node.Attributes["xmlns:tns"]); //pretvori xml-exc-c14n dokument u UTF8 format i izračunaj digestValue (SHA1 hash) SHA1CryptoServiceProvider sha = new SHA1CryptoServiceProvider(); string digestValue = Convert.ToBase64String(sha.ComputeHash(UTF8Encoding.UTF8.GetBytes(dok1.OuterXml))); //kreiraj <SignedInfo> XML element u xml-exc-c14n verziji StringBuilder sb = new StringBuilder(); sb.Append("<SignedInfo xmlns=\"http://www.w3.org/2000/09/xmldsig#\"><CanonicalizationMethod Algorithm=\"http://www.w3.org/2001/10/xml-exc-c14n#\"></CanonicalizationMethod><SignatureMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#rsa-sha1\"></SignatureMethod>"); sb.Append("<Reference URI=\"#"); sb.Append(node.Attributes["Id"].Value); //Id od tns:RacunZahtjev sb.Append("\"><Transforms><Transform Algorithm=\"http://www.w3.org/2000/09/xmldsig#enveloped-signature\"></Transform><Transform Algorithm=\"http://www.w3.org/2001/10/xml-exc-c14n#\"></Transform></Transforms><DigestMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#sha1\"></DigestMethod>"); sb.Append("<DigestValue>"); sb.Append(digestValue); //digest (SHA1 hash) <tns:RacunZahtjev> elementa sb.Append("</DigestValue></Reference></SignedInfo>"); //digitalno potpiši <SignedInfo> XML element koji mora biti u UTF8 formatu, da dobiješ SignatureValue string signatureValue = Convert.ToBase64String(PotpisiByteArray(UTF8Encoding.UTF8.GetBytes(sb.ToString()), certifikat)); //SignatureValue //kreiraj <Signature> XML element koji je identičan Raverus implementaciji sb = new StringBuilder(); sb.Append("<Signature xmlns=\"http://www.w3.org/2000/09/xmldsig#\"><SignedInfo><CanonicalizationMethod Algorithm=\"http://www.w3.org/2001/10/xml-exc-c14n#\" /><SignatureMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#rsa-sha1\" /><Reference URI=\"#"); sb.Append(node.Attributes["Id"].Value); //Id od tns:RacunZahtjev sb.Append("\"><Transforms><Transform Algorithm=\"http://www.w3.org/2000/09/xmldsig#enveloped-signature\" /><Transform Algorithm=\"http://www.w3.org/2001/10/xml-exc-c14n#\" /></Transforms><DigestMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#sha1\" /><DigestValue>"); sb.Append(digestValue); //digest (SHA1 hash) <tns:RacunZahtjev> elementa sb.Append("</DigestValue></Reference></SignedInfo><SignatureValue>"); sb.Append(signatureValue); //Signature Value (digitalni potpis) <SignedInfo> XML elementa sb.Append("</SignatureValue><KeyInfo><X509Data><X509IssuerSerial><X509IssuerName>"); sb.Append(certifikat.Issuer); sb.Append("</X509IssuerName><X509SerialNumber>"); sb.Append(Convert.ToUInt32(certifikat.SerialNumber, 16).ToString()); //serijski broj certifikata pretvori iz hex u decimal oblik sb.Append("</X509SerialNumber></X509IssuerSerial><X509Certificate>"); sb.Append(Convert.ToBase64String(certifikat.RawCertData)); //X509 certifikat u base64 formatu sb.Append("</X509Certificate></X509Data></KeyInfo></Signature>"); //dodaj <Signature> u glavni dokument //dokument.DocumentElement.AppendChild(dok2); XmlDocumentFragment dok3 = dokument.CreateDocumentFragment(); dok3.InnerXml = sb.ToString(); dokument.DocumentElement.AppendChild(dok3); //XmlNode signedInfoNode = dok2.CreateElement("SignedInfo"); //dok2.AppendChild(signedInfoNode); //XmlNode CanonicalizationMethodNode = dok2.CreateElement("CanonicalizationMethod"); //XmlAttribute at1 = dok2.CreateAttribute("Algorithm").Value = @"http://www.w3.org/2001/10/xml-exc-c14n#"; //CanonicalizationMethodNode.Attributes.Append(at1); //signedInfoNode.AppendChild(CanonicalizationMethodNode); //XmlNode SignatureMethodNode = dok2.CreateElement("SignatureMethod"); //XmlAttribute at2 = dok2.CreateAttribute("Algorithm").Value = @"http://www.w3.org/2000/09/xmldsig#rsa-sha1"; //SignatureMethodNode.Attributes.Append(at2); //signedInfoNode.AppendChild(SignatureMethodNode); //XmlNode ReferenceNode = dok2.CreateElement("Reference"); //XmlAttribute at3 = dok2.CreateAttribute("URI").Value = "#" + node.Attributes["Id"].Value; //SignatureMethodNode.Attributes.Append(at3); //signedInfoNode.AppendChild(ReferenceNode); //XmlNode TransformsNode = dok2.CreateElement("Transforms"); //ReferenceNode.AppendChild(TransformsNode); //input xml //<?xml version="1.0" encoding="utf-8"?><tns:RacunZahtjev xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" Id="signXmlId" xmlns:tns="http://www.apis-it.hr/fin/2012/types/f73"><tns:Zaglavlje><tns:IdPoruke>4226d126-19c4-4471-84e8-85efc1ebe9f1</tns:IdPoruke><tns:DatumVrijeme>28.03.2013T17:54:00</tns:DatumVrijeme></tns:Zaglavlje><tns:Racun><tns:Oib>58069356381</tns:Oib><tns:USustPdv>true</tns:USustPdv><tns:DatVrijeme>28.03.2013T17:38:00</tns:DatVrijeme><tns:OznSlijed>P</tns:OznSlijed><tns:BrRac><tns:BrOznRac>1</tns:BrOznRac><tns:OznPosPr>1</tns:OznPosPr><tns:OznNapUr>1</tns:OznNapUr></tns:BrRac><tns:Pdv><tns:Porez><tns:Stopa>25.00</tns:Stopa><tns:Osnovica>100.00</tns:Osnovica><tns:Iznos>25.00</tns:Iznos></tns:Porez></tns:Pdv><tns:IznosUkupno>125.00</tns:IznosUkupno><tns:NacinPlac>G</tns:NacinPlac><tns:OibOper>12345678901</tns:OibOper><tns:ZastKod>ceb0ae98c7789070de2502f0ff6c960a</tns:ZastKod><tns:NakDost>true</tns:NakDost></tns:Racun></tns:RacunZahtjev> //excan format //<tns:RacunZahtjev xmlns:tns="http://www.apis-it.hr/fin/2012/types/f73" Id="signXmlId"><tns:Zaglavlje><tns:IdPoruke>4226d126-19c4-4471-84e8-85efc1ebe9f1</tns:IdPoruke><tns:DatumVrijeme>28.03.2013T17:54:00</tns:DatumVrijeme></tns:Zaglavlje><tns:Racun><tns:Oib>58069356381</tns:Oib><tns:USustPdv>true</tns:USustPdv><tns:DatVrijeme>28.03.2013T17:38:00</tns:DatVrijeme><tns:OznSlijed>P</tns:OznSlijed><tns:BrRac><tns:BrOznRac>1</tns:BrOznRac><tns:OznPosPr>1</tns:OznPosPr><tns:OznNapUr>1</tns:OznNapUr></tns:BrRac><tns:Pdv><tns:Porez><tns:Stopa>25.00</tns:Stopa><tns:Osnovica>100.00</tns:Osnovica><tns:Iznos>25.00</tns:Iznos></tns:Porez></tns:Pdv><tns:IznosUkupno>125.00</tns:IznosUkupno><tns:NacinPlac>G</tns:NacinPlac><tns:OibOper>12345678901</tns:OibOper><tns:ZastKod>ceb0ae98c7789070de2502f0ff6c960a</tns:ZastKod><tns:NakDost>true</tns:NakDost></tns:Racun></tns:RacunZahtjev> //DigestValue (base64 string) -> SHA1 hash (excan forme RacunZahtjev xmla) //6dcCFA2TnlkT+Sdb8NZmrCIai2A= //SignatureValue (base64 string) -> RSA secert key (SHA1 hash (excan forme SignedInfo xmla)) //L9hT5ta+xIbpiYshNTSv0yzp4E7nRAv4yy6ZML7yfc207beq+vTU0j8+8ZXK3ReoitTt+4ZN5iyzFKs3YoAUrIjruL6acnHHJo/46L4Ikkq6K7A4P+2k9g8NNviOmf/TI7DWSVp6RAdekDLoP/MZxss/X0fqKqNwlDBy2HHUtoywRUQf3VEg4mHfBM5nMBvJXCRvJyQhT28JRbQ3ztOGSDgGIBeGnDoZ/r/jQ4QgOnoXBY8GZzDtG93B6hz04+p+bpCPLrWZEOWfjZomQphogREw4FcMGvi1QrcF2t7t6EH5Ug/EUei7YNX8ot2dydy2aUS04ZiIK8LLN2WIcrE8uw== //X509Certificate u xml-u //MIIExzCCA6+gAwIBAgIEPssdODANBgkqhkiG9w0BAQUFADArMQswCQYDVQQGEwJIUjENMAsGA1UEChMERklOQTENMAsGA1UECxMEREVNTzAeFw0xMjExMTMxMzI1MTJaFw0xNDExMTMxMzU1MTJaMFwxCzAJBgNVBAYTAkhSMSkwJwYDVQQKEyBCRVRBIFNUVURJTyBELk8uTy4gSFI1ODA2OTM1NjM4MTEPMA0GA1UEBxMGT1NJSkVLMREwDwYDVQQDEwhGSVNLQUwgMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMA+VUSs+PcSkZSMZmbIjcLV23xkyMv9vtmw/BuOnNEPBl092vjKY/xUspzL+Px7hQFO1jTWRl1lVl44dkz28dURDiYoKoSLx/1wlD8Nzimu7oSs/DntXuuUy08rtLbY5MEKRXutftyE/+3K0mN300vsm6nPqdcp9ii6th8Th+6+fOH2IsoRUmecpz+3h/rV70e++sBaZF/SHJ0tceyv2zIt4wluHDsNHB1NxM638m1ZB8T5UaprpJRqRiKRJHIYzB6U3Tgrva6Kyp9wqeUktX0KpCUf72p9eqSBVPei6Dk1wvGhTQkuRjqDtJB3hF1heVf7XdrXeE08afsZdnoBeJkCAwEAAaOCAcAwggG8MAsGA1UdDwQEAwIFoDBCBgNVHSAEOzA5MDcGCSt8iFAFHwUDATAqMCgGCCsGAQUFBwIBFhxodHRwOi8vZGVtby1wa2kuZmluYS5oci9jcHMvMCAGA1UdEQQZMBeBFXNpbmlzYS5rdW5hQHlhaG9vLmNvbTCBzgYDVR0fBIHGMIHDMEKgQKA+pDwwOjELMAkGA1UEBhMCSFIxDTALBgNVBAoTBEZJTkExDTALBgNVBAsTBERFTU8xDTALBgNVBAMTBENSTDgwfaB7oHmGT2xkYXA6Ly9kZW1vLWxkYXAuZmluYS5oci9vdT1ERU1PLG89RklOQSxjPUhSP2NlcnRpZmljYXRlUmV2b2NhdGlvbkxpc3QlM0JiaW5hcnmGJmh0dHA6Ly9kZW1vLXBraS5maW5hLmhyL2NybC9kZW1vY2EuY3JsMCsGA1UdEAQkMCKADzIwMTIxMTEzMTMyNTEyWoEPMjAxNDExMTMxMzU1MTJaMB8GA1UdIwQYMBaAFHpgI45InTJrpOUt3bhZtJT8QmKeMB0GA1UdDgQWBBTQzeijJOVGv6magTJhkcw6HPnDGDAJBgNVHRMEAjAAMA0GCSqGSIb3DQEBBQUAA4IBAQA3J2xwQDwtHuPhtUyEEe0AuqSJUMRRUiYNMfgqtHk7tqMetQ3OpHDspzj2Of80tSMtR0I7xACQ+FVT376Jw9ERoilWYK3g/3tKCMiIBroJfkQRxVaNw/BrwqXvvXZvN+lBCaCFXQnIOQ3fL+++zYuTxm+k3HBbchG4ruKx0Ax0Q3HnEng7UcW9QlEkCHyN2UVNu73P/W8HyJ+9plVYM0UhJVSwyzMcxANPjeMRFlzSaaFku4TQraJuxnmm1Haz25O3NERhIJHDH51cvnSXG34PeQvv41guFNOv+scwACU3mHM6wkLvwznwCqBiLDLoMiLQCSimpYwU/mHTxx+l7dOt //xml = new SignedXml(dokument); //xml.SigningKey = provider; //xml.SignedInfo.CanonicalizationMethod = SignedXml.XmlDsigExcC14NTransformUrl; //KeyInfo keyInfo = new KeyInfo(); //KeyInfoX509Data keyInfoData = new KeyInfoX509Data(); //keyInfoData.AddCertificate(certifikat); //keyInfoData.AddIssuerSerial(certifikat.Issuer, certifikat.GetSerialNumberString()); //keyInfo.AddClause(keyInfoData); //xml.KeyInfo = keyInfo; //Reference reference = new Reference(""); //reference.AddTransform(new XmlDsigEnvelopedSignatureTransform(false)); //reference.AddTransform(new XmlDsigExcC14NTransform(false)); //reference.Uri = "#signXmlId"; //xml.AddReference(reference); //xml.ComputeSignature(); //XmlElement element = xml.GetXml(); //dokument.DocumentElement.AppendChild(element); } catch (Exception ex) { Trace.WriteLine(String.Format("Greška kod potpisivanja XML dokumenta: {0}", ex.Message)); throw; } return(dokument); }