private XmlDocument SignSmev2(GostFlavor gostFlavor, XmlDocument doc, X509Certificate2 certificate) { XmlNode root = doc.SelectSingleNode("/*"); string rootPrefix = root?.Prefix; //----------------------------------------------------------------------------------------------CREATE STRUCTURE XmlDocument tDoc = AddTemplate(doc, certificate); //----------------------------------------------------------------------------------------------ROOT PREFIX XmlElement bodyElement = tDoc.GetElementsByTagName(rootPrefix + ":Body")[0] as XmlElement; string referenceUri = bodyElement?.GetAttribute("wsu:Id"); //----------------------------------------------------------------------------------------------SignedXML CREATE //нужен для корректной отработки wsu:reference Smev2SignedXml signedXml = new Smev2SignedXml(tDoc) { SigningKey = certificate.PrivateKey }; //----------------------------------------------------------------------------------------------REFERNCE Reference reference = new Reference { #pragma warning disable 612 DigestMethod = GostAlgorithmSelector.GetHashAlgorithmDescriptor(gostFlavor), //CPSignedXml.XmlDsigGost3411UrlObsolete, #pragma warning restore 612 Uri = "#" + referenceUri }; XmlDsigExcC14NTransform c14 = new XmlDsigExcC14NTransform(); reference.AddTransform(c14); signedXml.AddReference(reference); //----------------------------------------------------------------------------------------------SIGNATURE SETUP signedXml.SignedInfo.CanonicalizationMethod = SignedXml.XmlDsigExcC14NTransformUrl; #pragma warning disable 612 signedXml.SignedInfo.SignatureMethod = GostAlgorithmSelector.GetSignatureAlgorithmDescriptor(gostFlavor); //CPSignedXml.XmlDsigGost3410UrlObsolete; #pragma warning disable 612 //----------------------------------------------------------------------------------------------KEYINFO KeyInfo keyInfo = new KeyInfo(); KeyInfoX509Data x509KeyInfo = new KeyInfoX509Data(certificate); keyInfo.AddClause(x509KeyInfo); signedXml.KeyInfo = keyInfo; //----------------------------------------------------------------------------------------------SIGN DOCUMENT signedXml.ComputeSignature(); //----------------------------------------------------------------------------------------------GET XML XmlElement xmlDigitalSignature = signedXml.GetXml(); //----------------------------------------------------------------------------------------------APPEND SIGNATURE TAGS tDoc.GetElementsByTagName("Signature")[0].PrependChild( tDoc.ImportNode(xmlDigitalSignature.GetElementsByTagName("SignatureValue")[0], true)); tDoc.GetElementsByTagName("Signature")[0].PrependChild( tDoc.ImportNode(xmlDigitalSignature.GetElementsByTagName("SignedInfo")[0], true)); ((XmlElement)tDoc.GetElementsByTagName("Signature")[0]).SetAttribute("xmlns", DS_NS); return(tDoc); }
private XmlDocument SignEnveloped( GostFlavor gostFlavor, XmlDocument doc, X509Certificate2 certificate, string nodeId = null) { //----------------------------------------------------------------------------------------------CREATE SIGNED XML SignedXml signedXml = new SignedXml(doc) { SigningKey = certificate.PrivateKey }; //----------------------------------------------------------------------------------------------REFERNCE Reference reference = new Reference { Uri = nodeId, #pragma warning disable 612 DigestMethod = GostAlgorithmSelector.GetHashAlgorithmDescriptor(gostFlavor) //CPSignedXml.XmlDsigGost3411UrlObsolete - old #pragma warning disable 612 }; XmlDsigEnvelopedSignatureTransform env = new XmlDsigEnvelopedSignatureTransform(); reference.AddTransform(env); XmlDsigExcC14NTransform c14 = new XmlDsigExcC14NTransform(); reference.AddTransform(c14); // Add the reference to the SignedXml object. signedXml.AddReference(reference); //----------------------------------------------------------------------------------------------SIGNATURE SETUP signedXml.SignedInfo.CanonicalizationMethod = SignedXml.XmlDsigExcC14NTransformUrl; signedXml.SignedInfo.SignatureMethod = GostAlgorithmSelector.GetSignatureAlgorithmDescriptor(gostFlavor); //CPSignedXml.XmlDsigGost3410UrlObsolete; - old //----------------------------------------------------------------------------------------------KEYINFO KeyInfo keyInfo = new KeyInfo(); KeyInfoX509Data x509KeyInfo = new KeyInfoX509Data(certificate); keyInfo.AddClause(x509KeyInfo); signedXml.KeyInfo = keyInfo; //----------------------------------------------------------------------------------------------SIGN DOCUMENT signedXml.ComputeSignature(); //----------------------------------------------------------------------------------------------GET XML XmlElement xmlDigitalSignature = signedXml.GetXml(); //----------------------------------------------------------------------------------------------APPEND SIGNATURE XmlNode root = doc.SelectSingleNode("/*"); root?.AppendChild(doc.ImportNode(xmlDigitalSignature, true)); return(doc); }
private XmlDocument SignXmlNode( GostFlavor gostFlavor, XmlDocument doc, X509Certificate2 certificate, string nodeId) { //----------------------------------------------------------------------------------------------CREATE SIGNED XML SignedXml signedXml = new SignedXml(doc) { SigningKey = certificate.PrivateKey }; //----------------------------------------------------------------------------------------------REFERNCE Reference reference = new Reference { Uri = "#" + nodeId, #pragma warning disable 612 DigestMethod = GostAlgorithmSelector.GetHashAlgorithmDescriptor(gostFlavor) //CPSignedXml.XmlDsigGost3411UrlObsolete - old #pragma warning disable 612 }; XmlDsigExcC14NTransform c14 = new XmlDsigExcC14NTransform(); reference.AddTransform(c14); // Add the reference to the SignedXml object. signedXml.AddReference(reference); //----------------------------------------------------------------------------------------------SIGNATURE SETUP signedXml.SignedInfo.CanonicalizationMethod = SignedXml.XmlDsigExcC14NTransformUrl; signedXml.SignedInfo.SignatureMethod = GostAlgorithmSelector.GetSignatureAlgorithmDescriptor(gostFlavor); //CPSignedXml.XmlDsigGost3410UrlObsolete; //----------------------------------------------------------------------------------------------KEYINFO KeyInfo keyInfo = new KeyInfo(); KeyInfoX509Data x509KeyInfo = new KeyInfoX509Data(certificate); keyInfo.AddClause(x509KeyInfo); signedXml.KeyInfo = keyInfo; //----------------------------------------------------------------------------------------------SIGN DOCUMENT signedXml.ComputeSignature(); //----------------------------------------------------------------------------------------------GET XML XmlElement xmlDigitalSignature = signedXml.GetXml(); //=============================================================================APPEND SIGNATURE TO DOCUMENT GetNodeWithAttributeValue(doc.ChildNodes, nodeId)?.ParentNode?.AppendChild(xmlDigitalSignature); return(doc); }
private XmlDocument SignSmev3( GostFlavor gostFlavor, XmlDocument doc, X509Certificate2 certificate, string signingNodeId, bool assignDs, bool isAck = false, bool isSidebyside = false) { XmlNamespaceManager nsm = new XmlNamespaceManager(doc.NameTable); nsm.AddNamespace("ns", "urn://x-artefacts-smev-gov-ru/services/message-exchange/types/1.1"); nsm.AddNamespace("ns1", "urn://x-artefacts-smev-gov-ru/services/message-exchange/types/basic/1.1"); nsm.AddNamespace("ds", "http://www.w3.org/2000/09/xmldsig#"); SignedXml sxml = new SignedXml(doc) { SigningKey = certificate.PrivateKey }; XmlDsigSmevTransform smevTransform = new XmlDsigSmevTransform(); sxml.SafeCanonicalizationMethods.Add(smevTransform.Algorithm); //=====================================================================================REFERENCE TRASFORMS Reference reference = new Reference { Uri = "#" + signingNodeId, #pragma warning disable 612 //Расчет хеш-суммы ГОСТ Р 34.11-94 / 34.11.2012 http://www.w3.org/2001/04/xmldsig-more#gostr3411 DigestMethod = GostAlgorithmSelector.GetHashAlgorithmDescriptor(gostFlavor) //CPSignedXml.XmlDsigGost3411UrlObsolete - old one #pragma warning disable 612 }; XmlDsigExcC14NTransform excC14N = new XmlDsigExcC14NTransform(); reference.AddTransform(excC14N); reference.AddTransform(smevTransform); if (isAck) { XmlDsigEnvelopedSignatureTransform enveloped = new XmlDsigEnvelopedSignatureTransform(); reference.AddTransform(enveloped); } sxml.AddReference(reference); //=========================================================================================CREATE SIGNATURE sxml.SignedInfo.CanonicalizationMethod = SignedXml.XmlDsigExcC14NTransformUrl; //Формирование подписи ГОСТ Р 34.10-2001 / 34.10-2012 http://www.w3.org/2001/04/xmldsig-more#gostr34102001-gostr3411 sxml.SignedInfo.SignatureMethod = GostAlgorithmSelector.GetSignatureAlgorithmDescriptor(gostFlavor); //CPSignedXml.XmlDsigGost3410UrlObsolete; - old one KeyInfo keyInfo = new KeyInfo(); KeyInfoX509Data x509KeyInfo = new KeyInfoX509Data(certificate); keyInfo.AddClause(x509KeyInfo); sxml.KeyInfo = keyInfo; sxml.ComputeSignature(); XmlElement signature = sxml.GetXml(); //==================================================================================================add ds: if (assignDs) { AssignNsPrefix(signature, "ds"); XmlElement xmlSignedInfo = signature.SelectSingleNode("ds:SignedInfo", nsm) as XmlElement; XmlDocument document = new XmlDocument(); document.PreserveWhitespace = false; document.LoadXml(xmlSignedInfo.OuterXml); //create new canonicalization object based on original one Transform canonicalizationMethodObject = sxml.SignedInfo.CanonicalizationMethodObject; canonicalizationMethodObject.LoadInput(document); //get new hshing object based on original one SignatureDescription description = CryptoConfig.CreateFromName(sxml.SignedInfo.SignatureMethod) as SignatureDescription; if (description == null) { throw new CryptographicException( $"Не удалось создать объект SignatureDescription по имени [{sxml.SignedInfo.SignatureMethod}]"); } HashAlgorithm hash = description.CreateDigest(); if (hash == null) { throw new CryptographicException( $"Не удалось создать объект HashAlgorithm из SignatureDescription по имени [{sxml.SignedInfo.SignatureMethod}]"); } //compute new SignedInfo digest value byte[] hashVal = canonicalizationMethodObject.GetDigestedOutput(hash); //compute new signature XmlElement xmlSignatureValue = signature.SelectSingleNode("ds:SignatureValue", nsm) as XmlElement; xmlSignatureValue.InnerText = Convert.ToBase64String(description.CreateFormatter(sxml.SigningKey).CreateSignature(hashVal)); } //=============================================================================APPEND SIGNATURE TO DOCUMENT if (!isSidebyside) { //TODO: is using SMEV types 1.2 edit this code! doc.GetElementsByTagName( "CallerInformationSystemSignature", "urn://x-artefacts-smev-gov-ru/services/message-exchange/types/1.1")[0].InnerXml = ""; doc.GetElementsByTagName( "CallerInformationSystemSignature", "urn://x-artefacts-smev-gov-ru/services/message-exchange/types/1.1")[0].AppendChild(signature); } else { GetNodeWithAttributeValue(doc.ChildNodes, signingNodeId)?.ParentNode?.AppendChild(signature); } return(doc); }