/// <summary>
/// Add typed object to the collection
/// </summary>
/// <param name="objectToAdd">Typed object to be added to collection</param>
/// <returns>The object that has been added to collection</returns>
public EncapsulatedX509Certificate Add(EncapsulatedX509Certificate objectToAdd)
{
base.Add(objectToAdd);
return(objectToAdd);
}
/// <summary>
/// Inserta en la lista de certificados el certificado y comprueba la valided del certificado.
/// </summary>
/// <param name="cert"></param>
/// <param name="unsignedProperties"></param>
/// <param name="addCertValue"></param>
/// <param name="extraCerts"></param>
private void AddCertificate(X509Certificate2 cert, UnsignedProperties unsignedProperties, bool addCert, X509Certificate2[] extraCerts = null)
{
if (addCert)
{
if (CertificateChecked(cert, unsignedProperties))
{
return;
}
string guidCert = Guid.NewGuid().ToString();
Cert chainCert = new Cert();
chainCert.IssuerSerial.X509IssuerName = cert.IssuerName.Name;
chainCert.IssuerSerial.X509SerialNumber = CertUtil.HexToDecimal(cert.SerialNumber);
DigestUtil.SetCertDigest(cert.GetRawCertData(), _firma.RefsDigestMethod, chainCert.CertDigest);
chainCert.URI = "#Cert" + guidCert;
unsignedProperties.UnsignedSignatureProperties.CompleteCertificateRefs.CertRefs.CertCollection.Add(chainCert);
EncapsulatedX509Certificate encapsulatedX509Certificate = new EncapsulatedX509Certificate();
encapsulatedX509Certificate.Id = "Cert" + guidCert;
encapsulatedX509Certificate.PkiData = cert.GetRawCertData();
unsignedProperties.UnsignedSignatureProperties.CertificateValues.EncapsulatedX509CertificateCollection.Add(encapsulatedX509Certificate);
}
var chain = CertUtil.GetCertChain(cert, extraCerts).ChainElements;
if (chain.Count > 1)
{
X509ChainElementEnumerator enumerator = chain.GetEnumerator();
enumerator.MoveNext(); // el mismo certificado que el pasado por parametro
enumerator.MoveNext();
bool valid = ValidateCertificateByCRL(unsignedProperties, cert, enumerator.Current.Certificate);
if (!valid)
{
var ocspCerts = ValidateCertificateByOCSP(unsignedProperties, cert, enumerator.Current.Certificate);
if (ocspCerts != null)
{
X509Certificate2 startOcspCert = DetermineStartCert(new List<X509Certificate2>(ocspCerts));
if (startOcspCert.IssuerName.Name != enumerator.Current.Certificate.SubjectName.Name)
{
var chainOcsp = CertUtil.GetCertChain(startOcspCert, ocspCerts);
AddCertificate(chainOcsp.ChainElements[1].Certificate, unsignedProperties, true, ocspCerts);
}
}
}
AddCertificate(enumerator.Current.Certificate, unsignedProperties, true, extraCerts);
}
}
/// <summary>
/// Load state from an XML element
/// </summary>
/// <param name="xmlElement">XML element containing new state</param>
public void LoadXml(System.Xml.XmlElement xmlElement)
{
XmlNamespaceManager xmlNamespaceManager;
XmlNodeList xmlNodeList;
IEnumerator enumerator;
XmlElement iterationXmlElement;
EncapsulatedX509Certificate newEncapsulatedX509Certificate;
OtherCertificate newOtherCertificate;
if (xmlElement == null)
{
throw new ArgumentNullException("xmlElement");
}
if (xmlElement.HasAttribute("Id"))
{
this.id = xmlElement.GetAttribute("Id");
}
else
{
this.id = "";
}
xmlNamespaceManager = new XmlNamespaceManager(xmlElement.OwnerDocument.NameTable);
xmlNamespaceManager.AddNamespace("xades", XadesSignedXml.XadesNamespaceUri);
this.encapsulatedX509CertificateCollection.Clear();
this.otherCertificateCollection.Clear();
xmlNodeList = xmlElement.SelectNodes("xades:EncapsulatedX509Certificate", xmlNamespaceManager);
enumerator = xmlNodeList.GetEnumerator();
try
{
while (enumerator.MoveNext())
{
iterationXmlElement = enumerator.Current as XmlElement;
if (iterationXmlElement != null)
{
newEncapsulatedX509Certificate = new EncapsulatedX509Certificate();
newEncapsulatedX509Certificate.LoadXml(iterationXmlElement);
this.encapsulatedX509CertificateCollection.Add(newEncapsulatedX509Certificate);
}
}
}
finally
{
IDisposable disposable = enumerator as IDisposable;
if (disposable != null)
{
disposable.Dispose();
}
}
xmlNodeList = xmlElement.SelectNodes("xades:OtherCertificate", xmlNamespaceManager);
enumerator = xmlNodeList.GetEnumerator();
try
{
while (enumerator.MoveNext())
{
iterationXmlElement = enumerator.Current as XmlElement;
if (iterationXmlElement != null)
{
newOtherCertificate = new OtherCertificate();
newOtherCertificate.LoadXml(iterationXmlElement);
this.otherCertificateCollection.Add(newOtherCertificate);
}
}
}
finally
{
IDisposable disposable = enumerator as IDisposable;
if (disposable != null)
{
disposable.Dispose();
}
}
}
/// <summary>
/// Add typed object to the collection
/// </summary>
/// <param name="objectToAdd">Typed object to be added to collection</param>
/// <returns>The object that has been added to collection</returns>
public EncapsulatedX509Certificate Add(EncapsulatedX509Certificate objectToAdd)
{
base.Add(objectToAdd);
return objectToAdd;
}
private void injectXadesXLInformationButton_Click(object sender, System.EventArgs e)
{
UnsignedProperties unsignedProperties = null;
int certificateValuesCounter;
CertificateValues certificateValues;
EncapsulatedX509Certificate encapsulatedX509Certificate;
RevocationValues revocationValues;
CRLValue newCRLValue;
if (this.includeCertificateValuesCheckBox.Checked)
{
if (this.Chain != null)
{
unsignedProperties = this.xadesSignedXml.UnsignedProperties;
unsignedProperties.UnsignedSignatureProperties.CertificateValues = new CertificateValues();
certificateValues = unsignedProperties.UnsignedSignatureProperties.CertificateValues;
certificateValues.Id = this.certificateValuesIdTextBox.Text;
certificateValuesCounter = 0;
foreach (X509ChainElement element in this.Chain.ChainElements)
{
encapsulatedX509Certificate = new EncapsulatedX509Certificate();
encapsulatedX509Certificate.Id = this.certificateValuesIdTextBox.Text + certificateValuesCounter.ToString();
encapsulatedX509Certificate.PkiData = element.Certificate.GetRawCertData();
certificateValuesCounter++;
certificateValues.EncapsulatedX509CertificateCollection.Add(encapsulatedX509Certificate);
}
this.xadesSignedXml.UnsignedProperties = unsignedProperties;
}
else
{
MessageBox.Show("To add certificates, you need to add certificate references (XAdES-C) first");
}
}
if (this.includeRevocationValuesCheckBox.Checked)
{
unsignedProperties = this.xadesSignedXml.UnsignedProperties;
unsignedProperties.UnsignedSignatureProperties.RevocationValues = new RevocationValues();
revocationValues = unsignedProperties.UnsignedSignatureProperties.RevocationValues;
revocationValues.Id = this.revocationValuesIdTextBox.Text;
newCRLValue = new CRLValue();
newCRLValue.PkiData = this.GetFileBytes(this.crlFileTextBox.Text);
revocationValues.CRLValues.CRLValueCollection.Add(newCRLValue);
this.xadesSignedXml.UnsignedProperties = unsignedProperties;
if (this.includeCertificateValuesCheckBox.Checked || this.includeRevocationValuesCheckBox.Checked)
{
this.ShowSignature();
}
}
}
/// <summary>
/// Load state from an XML element
/// </summary>
/// <param name="xmlElement">XML element containing new state</param>
public void LoadXml(System.Xml.XmlElement xmlElement)
{
XmlNamespaceManager xmlNamespaceManager;
XmlNodeList xmlNodeList;
IEnumerator enumerator;
XmlElement iterationXmlElement;
EncapsulatedX509Certificate newEncapsulatedX509Certificate;
OtherCertificate newOtherCertificate;
if (xmlElement == null)
{
throw new ArgumentNullException("xmlElement");
}
if (xmlElement.HasAttribute("Id"))
{
this.id = xmlElement.GetAttribute("Id");
}
else
{
this.id = "";
}
xmlNamespaceManager = new XmlNamespaceManager(xmlElement.OwnerDocument.NameTable);
xmlNamespaceManager.AddNamespace("xades", XadesSignedXml.XadesNamespaceUri);
this.encapsulatedX509CertificateCollection.Clear();
this.otherCertificateCollection.Clear();
xmlNodeList = xmlElement.SelectNodes("xades:EncapsulatedX509Certificate", xmlNamespaceManager);
enumerator = xmlNodeList.GetEnumerator();
try
{
while (enumerator.MoveNext())
{
iterationXmlElement = enumerator.Current as XmlElement;
if (iterationXmlElement != null)
{
newEncapsulatedX509Certificate = new EncapsulatedX509Certificate();
newEncapsulatedX509Certificate.LoadXml(iterationXmlElement);
this.encapsulatedX509CertificateCollection.Add(newEncapsulatedX509Certificate);
}
}
}
finally
{
IDisposable disposable = enumerator as IDisposable;
if (disposable != null)
{
disposable.Dispose();
}
}
xmlNodeList = xmlElement.SelectNodes("xades:OtherCertificate", xmlNamespaceManager);
enumerator = xmlNodeList.GetEnumerator();
try
{
while (enumerator.MoveNext())
{
iterationXmlElement = enumerator.Current as XmlElement;
if (iterationXmlElement != null)
{
newOtherCertificate = new OtherCertificate();
newOtherCertificate.LoadXml(iterationXmlElement);
this.otherCertificateCollection.Add(newOtherCertificate);
}
}
}
finally
{
IDisposable disposable = enumerator as IDisposable;
if (disposable != null)
{
disposable.Dispose();
}
}
}
protected internal override void ExtendSignatureTag(XadesSignedXml xadesSignedXml)
{
base.ExtendSignatureTag(xadesSignedXml);
X509Certificate signingCertificate = DotNetUtilities.FromX509Certificate(
xadesSignedXml.GetSigningCertificate());
DateTime signingTime = xadesSignedXml.XadesObject.QualifyingProperties
.SignedProperties.SignedSignatureProperties.SigningTime;
ValidationContext ctx = certificateVerifier.ValidateCertificate(signingCertificate
, signingTime, new XAdESCertificateSource(xadesSignedXml.GetXml(), false), null, null);
UnsignedProperties unsignedProperties = null;
//int certificateValuesCounter;
CertificateValues certificateValues;
EncapsulatedX509Certificate encapsulatedX509Certificate;
RevocationValues revocationValues;
CRLValue newCRLValue;
OCSPValue newOCSPValue;
unsignedProperties = xadesSignedXml.UnsignedProperties;
//TODO jbonilla Validate certificate refs.
{
unsignedProperties.UnsignedSignatureProperties.CertificateValues = new CertificateValues();
certificateValues = unsignedProperties.UnsignedSignatureProperties.CertificateValues;
//certificateValues.Id = this.certificateValuesIdTextBox.Text;
//certificateValuesCounter = 0;
foreach (CertificateAndContext certificate in ctx.GetNeededCertificates())
{
encapsulatedX509Certificate = new EncapsulatedX509Certificate();
//encapsulatedX509Certificate.Id = this.certificateValuesIdTextBox.Text + certificateValuesCounter.ToString();
encapsulatedX509Certificate.PkiData = certificate.GetCertificate().GetEncoded();
//certificateValuesCounter++;
certificateValues.EncapsulatedX509CertificateCollection.Add(encapsulatedX509Certificate);
}
}
unsignedProperties = xadesSignedXml.UnsignedProperties;
unsignedProperties.UnsignedSignatureProperties.RevocationValues = new RevocationValues();
revocationValues = unsignedProperties.UnsignedSignatureProperties.RevocationValues;
//revocationValues.Id = this.revocationValuesIdTextBox.Text;
if (ctx.GetNeededOCSPResp().Count > 0)
{
foreach(BasicOcspResp ocsp in ctx.GetNeededOCSPResp())
{
newOCSPValue = new OCSPValue();
newOCSPValue.PkiData = OCSPUtils.FromBasicToResp(ocsp).GetEncoded();
revocationValues.OCSPValues.OCSPValueCollection.Add(newOCSPValue);
}
}
if (ctx.GetNeededCRL().Count > 0)
{
foreach (X509Crl crl in ctx.GetNeededCRL())
{
newCRLValue = new CRLValue();
newCRLValue.PkiData = crl.GetEncoded();
revocationValues.CRLValues.CRLValueCollection.Add(newCRLValue);
}
}
xadesSignedXml.UnsignedProperties = unsignedProperties;
}
