public string SignData(string serverUrl, string thumbprint, IPdfSignerSessionData sessionData, IDictionary<string, string> otherParameters)
{
var signedHashData = SignHash(thumbprint, sessionData);
var parameters = new NameValueCollection();
parameters.Add("sessionId", sessionData.SessionId);
parameters.Add("signedHashBase64", Convert.ToBase64String(signedHashData));
parameters.Add("serializedParameters", JsonConvert.SerializeObject(otherParameters));
serverUrl = CombineUrl(serverUrl, UrlSignData);
return HttpGet.Execute(serverUrl, parameters);
}
public void SignData(IPdfSignerSessionData sessionData, string signedHashBase64)
{
var publicKeyManager = GetPublicKeyManager(sessionData.UserCertificate, sessionData.RootCertificate);
var signedPdfData = Convert.FromBase64String(signedHashBase64);
publicKeyManager.SetExternalDigest(signedPdfData, null, CryptographicAlgorithms.RSA);
var encodedSignature = publicKeyManager.GetEncodedPKCS7(
sessionData.DigestedData,
null,
null,
null,
CryptoStandard.CMS
);
UpdatePdfDictionaryContents(sessionData.PdfSignatureAppearance as PdfSignatureAppearance, encodedSignature);
}
private byte[] SignHash(string thumbprint, IPdfSignerSessionData sessionData)
{
var certificates = GetCertificates(thumbprint);
var pdfData = Convert.FromBase64String(sessionData.AuthenticatedAttributeBase64);
using (var rsaCryptoServiceProvider = (RSACryptoServiceProvider)certificates.User.PrivateKey)
{
var enhancedCsp = new RSACryptoServiceProvider().CspKeyContainerInfo;
var cspParameters = new CspParameters(
enhancedCsp.ProviderType,
enhancedCsp.ProviderName,
rsaCryptoServiceProvider.CspKeyContainerInfo.KeyContainerName
);
return rsaCryptoServiceProvider.SignData(pdfData, HashAlgorithms.SHA256);
//validate signedHash
//var rsaCryptoServiceProvider = (RSACryptoServiceProvider)certificates.User.PublicKey.Key;
//if (!rsaCryptoServiceProvider.VerifyData(pdfData, HashAlgorithms.SHA256, signedHashData))
//{
// throw new CryptographicException();
//}
}
}