/// <summary> /// Realiza la contrafirma de la firma actual /// </summary> /// <param name="certificate"></param> /// <param name="signMethod"></param> public void CounterSign(X509Certificate2 certificate, SignMethod? signMethod = null) { SetSignatureId(); if (_xadesSignedXml == null) { throw new Exception("No hay ninguna firma XADES cargada previamente."); } if (certificate == null) { throw new Exception("Es necesario un certificado válido para la firma."); } if (signMethod.HasValue) { this.SignMethod = signMethod.Value; } _signCertificate = certificate; XadesSignedXml counterSignature = new XadesSignedXml(_document); SetCryptoServiceProvider(); counterSignature.SigningKey = _rsaKey; Reference reference = new Reference(); reference.Uri = "#" + _xadesSignedXml.SignatureValueId; reference.Id = "Reference-" + Guid.NewGuid().ToString(); reference.Type = "http://uri.etsi.org/01903#CountersignedSignature"; reference.AddTransform(new XmlDsigC14NTransform()); counterSignature.AddReference(reference); _objectReference = reference.Id; KeyInfo keyInfo = new KeyInfo(); keyInfo.Id = "KeyInfoId-" + _signatureId; keyInfo.AddClause(new KeyInfoX509Data((X509Certificate)_signCertificate)); keyInfo.AddClause(new RSAKeyValue((RSA)_rsaKey)); counterSignature.KeyInfo = keyInfo; Reference referenceKeyInfo = new Reference(); referenceKeyInfo.Id = "ReferenceKeyInfo-" + _signatureId; referenceKeyInfo.Uri = "#KeyInfoId-" + _signatureId; counterSignature.AddReference(referenceKeyInfo); counterSignature.Signature.Id = _signatureId; counterSignature.SignatureValueId = _signatureValueId; XadesObject counterSignatureXadesObject = new XadesObject(); counterSignatureXadesObject.Id = "CounterSignatureXadesObject-" + Guid.NewGuid().ToString(); counterSignatureXadesObject.QualifyingProperties.Target = "#" + _signatureId; counterSignatureXadesObject.QualifyingProperties.SignedProperties.Id = "SignedProperties-" + _signatureId; AddSignatureProperties(counterSignatureXadesObject.QualifyingProperties.SignedProperties.SignedSignatureProperties, counterSignatureXadesObject.QualifyingProperties.SignedProperties.SignedDataObjectProperties, counterSignatureXadesObject.QualifyingProperties.UnsignedProperties.UnsignedSignatureProperties, "text/xml", _signCertificate); counterSignature.AddXadesObject(counterSignatureXadesObject); foreach (Reference signReference in counterSignature.SignedInfo.References) { signReference.DigestMethod = _refsMethodUri; } counterSignature.AddXadesNamespace = true; counterSignature.ComputeSignature(); UnsignedProperties unsignedProperties = _xadesSignedXml.UnsignedProperties; unsignedProperties.UnsignedSignatureProperties.CounterSignatureCollection.Add(counterSignature); _xadesSignedXml.UnsignedProperties = unsignedProperties; UpdateDocument(); _xadesSignedXml = new XadesSignedXml(_document); XmlNode xmlNode = _document.SelectSingleNode("//*[@Id='" + _signatureId + "']"); _xadesSignedXml.LoadXml((XmlElement)xmlNode); }
private void addCounterSignatureButton_Click(object sender, System.EventArgs e) { X509Certificate2 certificateForCounterSignature = this.LetUserChooseCertificate(); if (certificateForCounterSignature != null) { this.xadesSignedXml.SignatureValueId = this.signatureValueIdTextBox.Text; XmlElement parentSignatureXmlElement = this.xadesSignedXml.GetXml(); XmlDocument parentSignatureXmlDocument = new XmlDocument(); parentSignatureXmlDocument.AppendChild(parentSignatureXmlDocument.ImportNode(parentSignatureXmlElement, true)); XadesSignedXml counterSignature = new XadesSignedXml(parentSignatureXmlDocument); RSACryptoServiceProvider rsaKey = (RSACryptoServiceProvider) this.Certificate.PrivateKey; counterSignature.SigningKey = rsaKey; KeyInfo keyInfo = new KeyInfo(); keyInfo.AddClause(new KeyInfoX509Data((X509Certificate) certificateForCounterSignature)); keyInfo.AddClause(new RSAKeyValue(rsaKey)); counterSignature.KeyInfo = keyInfo; Cert cert = new Cert(); cert.IssuerSerial.X509IssuerName = certificateForCounterSignature.IssuerName.Name; cert.IssuerSerial.X509SerialNumber = certificateForCounterSignature.SerialNumber; cert.CertDigest.DigestMethod.Algorithm = SignedXml.XmlDsigSHA1Url; cert.CertDigest.DigestValue = certificateForCounterSignature.GetCertHash(); counterSignature.Signature.Id = "CounterSignatureId"; XadesObject counterSignatureXadesObject = new XadesObject(); counterSignatureXadesObject.Id = "CounterSignatureXadesObjectId"; counterSignatureXadesObject.QualifyingProperties.Target = "#CounterSignatureId"; counterSignatureXadesObject.QualifyingProperties.SignedProperties.Id = "CounterSignatureSignedProperiesId"; Reference newReference = new Reference(); newReference.Uri = "#" + this.xadesSignedXml.SignatureValueId; counterSignature.AddReference(newReference); SignedSignatureProperties signedSignatureProperties = counterSignatureXadesObject.QualifyingProperties.SignedProperties.SignedSignatureProperties; signedSignatureProperties.SigningCertificate.CertCollection.Add(cert); signedSignatureProperties.SigningTime = DateTime.Parse(this.signingTimeTextBox.Text); signedSignatureProperties.SignaturePolicyIdentifier.SignaturePolicyImplied = true; counterSignature.AddXadesObject(counterSignatureXadesObject); counterSignature.ComputeSignature(); UnsignedProperties unsignedProperties = this.xadesSignedXml.UnsignedProperties; unsignedProperties.UnsignedSignatureProperties.CounterSignatureCollection.Add(counterSignature); this.xadesSignedXml.UnsignedProperties = unsignedProperties; this.ShowSignature(); } }