/// <summary> /// Creates a signature from the enqueued parts. /// </summary> /// <param name="configuration">The configuration of properties used to create the signature. /// See the documented of <see cref="CertificateSignConfigurationSet"/> for more information.</param> public async Task <OpcSignature> SignAsync(CertificateSignConfigurationSet configuration) { var fileName = configuration.SigningCertificate.GetCertHashString() + ".psdsxs"; var(allParts, signatureFile) = SignCore(fileName); using (var signingContext = new CertificateSigningContext(configuration.SigningCertificate, configuration.PkcsDigestAlgorithm, configuration.FileDigestAlgorithm)) { var fileManifest = OpcSignatureManifest.Build(signingContext, allParts); var builder = new XmlSignatureBuilder(signingContext); builder.SetFileManifest(fileManifest); var result = await builder.BuildAsync(); PublishSignature(result, signatureFile); } _package.Flush(); return(new OpcSignature(signatureFile)); }
/// <summary> /// Creates a new signing context. /// </summary> /// <param name="certificate">The certificate for signing and verifying data.</param> /// <param name="pkcsHashAlgorithmName"> /// A hash algorithm. Currently, this is used in the PKCS#1 padding operation with RSA. The value is ignored for /// ECC signatures. This should usually match the algorithm used to hash the data that will be signed and verified. /// </param> /// <param name="fileDigestAlgorithmName"> /// A hash algorithm. This is the digest algorting used for digesting files. /// </param> public CertificateSigningContext(CertificateSignConfigurationSet configuration) { Certificate = configuration.SigningCertificate; ContextCreationTime = DateTimeOffset.Now; _pkcsHashAlgorithmName = configuration.PkcsDigestAlgorithm; FileDigestAlgorithmName = configuration.FileDigestAlgorithm; switch (Certificate.PublicKey.Oid.Value) { case KnownOids.X509Algorithms.RSA: SignatureAlgorithm = SigningAlgorithm.RSA; _signProvider = new RSAPkcsCertificateSign(Certificate); break; case KnownOids.X509Algorithms.Ecc: SignatureAlgorithm = SigningAlgorithm.ECDSA; _signProvider = new ECDsaCertificateSign(Certificate); break; default: throw new NotSupportedException("The specified signature algorithm is not supported."); } }
/// <summary> /// Creates a signature from the enqueued parts. /// </summary> /// <param name="configuration">The configuration of properties used to create the signature. /// See the documented of <see cref="CertificateSignConfigurationSet"/> for more information.</param> public Task <OpcSignature> SignAsync(CertificateSignConfigurationSet configuration) { return(SignAsyncImpl <CertificateSignConfigurationSet, CertificateSigningContext>(configuration)); }