/// <summary> /// Load state from an XML element /// </summary> /// <param name="xmlElement">XML element containing new state</param> public void LoadXml(System.Xml.XmlElement xmlElement) { XmlNamespaceManager xmlNamespaceManager; XmlNodeList xmlNodeList; CRLValue newCRLValue; IEnumerator enumerator; XmlElement iterationXmlElement; if (xmlElement == null) { throw new ArgumentNullException("xmlElement"); } xmlNamespaceManager = new XmlNamespaceManager(xmlElement.OwnerDocument.NameTable); xmlNamespaceManager.AddNamespace("xsd", XadesSignedXml.XadesNamespaceUri); this.crlValueCollection.Clear(); xmlNodeList = xmlElement.SelectNodes("xsd:EncapsulatedCRLValue", xmlNamespaceManager); enumerator = xmlNodeList.GetEnumerator(); try { while (enumerator.MoveNext()) { iterationXmlElement = enumerator.Current as XmlElement; if (iterationXmlElement != null) { newCRLValue = new CRLValue(); newCRLValue.LoadXml(iterationXmlElement); this.crlValueCollection.Add(newCRLValue); } } } finally { IDisposable disposable = enumerator as IDisposable; if (disposable != null) { disposable.Dispose(); } } }
private bool ValidateCertificateByCRL(UnsignedProperties unsignedProperties, X509Certificate2 certificate, X509Certificate2 issuer) { Org.BouncyCastle.X509.X509Certificate clientCert = CertUtil.ConvertToX509Certificate(certificate); Org.BouncyCastle.X509.X509Certificate issuerCert = CertUtil.ConvertToX509Certificate(issuer); foreach (var crlEntry in _firma.CRLEntries) { if (crlEntry.IssuerDN.Equivalent(issuerCert.SubjectDN) && crlEntry.NextUpdate.Value > DateTime.Now) { if (!crlEntry.IsRevoked(clientCert)) { if (!ExistsCRL(unsignedProperties.UnsignedSignatureProperties.CompleteRevocationRefs.CRLRefs.CRLRefCollection, issuer.Subject)) { string idCrlValue = "CRLValue-" + Guid.NewGuid().ToString(); CRLRef crlRef = new CRLRef(); crlRef.CRLIdentifier.UriAttribute = "#" + idCrlValue; crlRef.CRLIdentifier.Issuer = issuer.Subject; crlRef.CRLIdentifier.IssueTime = crlEntry.ThisUpdate.ToLocalTime(); var crlNumber = GetCRLNumber(crlEntry); if (crlNumber.HasValue) { crlRef.CRLIdentifier.Number = crlNumber.Value; } byte[] crlEncoded = crlEntry.GetEncoded(); DigestUtil.SetCertDigest(crlEncoded, _firma.RefsDigestMethod, crlRef.CertDigest); CRLValue crlValue = new CRLValue(); crlValue.PkiData = crlEncoded; crlValue.Id = idCrlValue; unsignedProperties.UnsignedSignatureProperties.CompleteRevocationRefs.CRLRefs.CRLRefCollection.Add(crlRef); unsignedProperties.UnsignedSignatureProperties.RevocationValues.CRLValues.CRLValueCollection.Add(crlValue); } return true; } else { throw new Exception("Certificado revocado"); } } } return false; }
/// <summary> /// Add typed object to the collection /// </summary> /// <param name="objectToAdd">Typed object to be added to collection</param> /// <returns>The object that has been added to collection</returns> public CRLValue Add(CRLValue objectToAdd) { base.Add(objectToAdd); return(objectToAdd); }
private void injectXadesXLInformationButton_Click(object sender, System.EventArgs e) { UnsignedProperties unsignedProperties = null; int certificateValuesCounter; CertificateValues certificateValues; EncapsulatedX509Certificate encapsulatedX509Certificate; RevocationValues revocationValues; CRLValue newCRLValue; if (this.includeCertificateValuesCheckBox.Checked) { if (this.Chain != null) { unsignedProperties = this.xadesSignedXml.UnsignedProperties; unsignedProperties.UnsignedSignatureProperties.CertificateValues = new CertificateValues(); certificateValues = unsignedProperties.UnsignedSignatureProperties.CertificateValues; certificateValues.Id = this.certificateValuesIdTextBox.Text; certificateValuesCounter = 0; foreach (X509ChainElement element in this.Chain.ChainElements) { encapsulatedX509Certificate = new EncapsulatedX509Certificate(); encapsulatedX509Certificate.Id = this.certificateValuesIdTextBox.Text + certificateValuesCounter.ToString(); encapsulatedX509Certificate.PkiData = element.Certificate.GetRawCertData(); certificateValuesCounter++; certificateValues.EncapsulatedX509CertificateCollection.Add(encapsulatedX509Certificate); } this.xadesSignedXml.UnsignedProperties = unsignedProperties; } else { MessageBox.Show("To add certificates, you need to add certificate references (XAdES-C) first"); } } if (this.includeRevocationValuesCheckBox.Checked) { unsignedProperties = this.xadesSignedXml.UnsignedProperties; unsignedProperties.UnsignedSignatureProperties.RevocationValues = new RevocationValues(); revocationValues = unsignedProperties.UnsignedSignatureProperties.RevocationValues; revocationValues.Id = this.revocationValuesIdTextBox.Text; newCRLValue = new CRLValue(); newCRLValue.PkiData = this.GetFileBytes(this.crlFileTextBox.Text); revocationValues.CRLValues.CRLValueCollection.Add(newCRLValue); this.xadesSignedXml.UnsignedProperties = unsignedProperties; if (this.includeCertificateValuesCheckBox.Checked || this.includeRevocationValuesCheckBox.Checked) { this.ShowSignature(); } } }
protected internal override void ExtendSignatureTag(XadesSignedXml xadesSignedXml) { base.ExtendSignatureTag(xadesSignedXml); X509Certificate signingCertificate = DotNetUtilities.FromX509Certificate( xadesSignedXml.GetSigningCertificate()); DateTime signingTime = xadesSignedXml.XadesObject.QualifyingProperties .SignedProperties.SignedSignatureProperties.SigningTime; ValidationContext ctx = certificateVerifier.ValidateCertificate(signingCertificate , signingTime, new XAdESCertificateSource(xadesSignedXml.GetXml(), false), null, null); UnsignedProperties unsignedProperties = null; //int certificateValuesCounter; CertificateValues certificateValues; EncapsulatedX509Certificate encapsulatedX509Certificate; RevocationValues revocationValues; CRLValue newCRLValue; OCSPValue newOCSPValue; unsignedProperties = xadesSignedXml.UnsignedProperties; //TODO jbonilla Validate certificate refs. { unsignedProperties.UnsignedSignatureProperties.CertificateValues = new CertificateValues(); certificateValues = unsignedProperties.UnsignedSignatureProperties.CertificateValues; //certificateValues.Id = this.certificateValuesIdTextBox.Text; //certificateValuesCounter = 0; foreach (CertificateAndContext certificate in ctx.GetNeededCertificates()) { encapsulatedX509Certificate = new EncapsulatedX509Certificate(); //encapsulatedX509Certificate.Id = this.certificateValuesIdTextBox.Text + certificateValuesCounter.ToString(); encapsulatedX509Certificate.PkiData = certificate.GetCertificate().GetEncoded(); //certificateValuesCounter++; certificateValues.EncapsulatedX509CertificateCollection.Add(encapsulatedX509Certificate); } } unsignedProperties = xadesSignedXml.UnsignedProperties; unsignedProperties.UnsignedSignatureProperties.RevocationValues = new RevocationValues(); revocationValues = unsignedProperties.UnsignedSignatureProperties.RevocationValues; //revocationValues.Id = this.revocationValuesIdTextBox.Text; if (ctx.GetNeededOCSPResp().Count > 0) { foreach(BasicOcspResp ocsp in ctx.GetNeededOCSPResp()) { newOCSPValue = new OCSPValue(); newOCSPValue.PkiData = OCSPUtils.FromBasicToResp(ocsp).GetEncoded(); revocationValues.OCSPValues.OCSPValueCollection.Add(newOCSPValue); } } if (ctx.GetNeededCRL().Count > 0) { foreach (X509Crl crl in ctx.GetNeededCRL()) { newCRLValue = new CRLValue(); newCRLValue.PkiData = crl.GetEncoded(); revocationValues.CRLValues.CRLValueCollection.Add(newCRLValue); } } xadesSignedXml.UnsignedProperties = unsignedProperties; }
/// <summary> /// Add typed object to the collection /// </summary> /// <param name="objectToAdd">Typed object to be added to collection</param> /// <returns>The object that has been added to collection</returns> public CRLValue Add(CRLValue objectToAdd) { base.Add(objectToAdd); return objectToAdd; }