private string GetSignatureMethodUri(SignAlgorithm signAlgorithm)
{
if (signAlgorithm == SignAlgorithm.Sha1)
{
return("http://www.w3.org/2000/09/xmldsig#rsa-sha1");
}
if (signAlgorithm == SignAlgorithm.Sha256)
{
return("http://www.w3.org/2001/04/xmldsig-more#rsa-sha256");
}
throw new InvalidEnumArgumentException($"Unsupported signing algorithm {signAlgorithm}.");
}
private RSA GetRsaKey(SignAlgorithm signAlgorithm, X509Certificate2 certificate)
{
if (signAlgorithm == SignAlgorithm.Sha1)
{
return(certificate.GetRSAPrivateKey());
}
if (signAlgorithm == SignAlgorithm.Sha256)
{
return(certificate.GetRSAPrivateKey());
}
throw new InvalidEnumArgumentException($"Unsupported signing algorithm {signAlgorithm}.");
}
private RSACryptoServiceProvider GetRsaKey(SignAlgorithm signAlgorithm, X509Certificate2 certificate)
{
if (signAlgorithm == SignAlgorithm.Sha1)
{
return(certificate.PrivateKey as RSACryptoServiceProvider);
}
if (signAlgorithm == SignAlgorithm.Sha256)
{
return(certificate.GetPrivateKeyRsaCryptoServiceProvider(Certificate.UseMachineKeyStore));
}
throw new InvalidEnumArgumentException($"Unsupported signing algorithm {signAlgorithm}.");
}
private RSACryptoServiceProvider GetRsaKey(SignAlgorithm signAlgorithm, X509Certificate2 certificate)
{
if (signAlgorithm == SignAlgorithm.Sha1)
{
return(certificate.PrivateKey as RSACryptoServiceProvider);
}
if (signAlgorithm == SignAlgorithm.Sha256)
{
var key = certificate.PrivateKey as RSACryptoServiceProvider;
var enhCsp = new RSACryptoServiceProvider().CspKeyContainerInfo;
var cspparams = new CspParameters(enhCsp.ProviderType, enhCsp.ProviderName, key.CspKeyContainerInfo.KeyContainerName);
return(new RSACryptoServiceProvider(cspparams));
}
throw new InvalidEnumArgumentException($"Unsupported signing algorithm {signAlgorithm}.");
}
private RSACryptoServiceProvider GetRsaKey(SignAlgorithm signAlgorithm, X509Certificate2 certificate)
{
if (signAlgorithm == SignAlgorithm.Sha1)
{
return(certificate.PrivateKey as RSACryptoServiceProvider);
}
if (signAlgorithm == SignAlgorithm.Sha256)
{
var key = certificate.PrivateKey as RSACryptoServiceProvider;
var cspKeyContainerInfo = new RSACryptoServiceProvider().CspKeyContainerInfo;
var cspParameters = new CspParameters(cspKeyContainerInfo.ProviderType, cspKeyContainerInfo.ProviderName, key.CspKeyContainerInfo.KeyContainerName)
{
Flags = Certificate.UseMachineKeyStore ? CspProviderFlags.UseMachineKeyStore : CspProviderFlags.NoFlags
};
return(new RSACryptoServiceProvider(cspParameters));
}
throw new InvalidEnumArgumentException($"Unsupported signing algorithm {signAlgorithm}.");
}
public SignAlgoritmTest()
{
_mockPath = string.Format("{0}/Tests/MockAsset", Application.dataPath);
_signAlgoritm = new SignAlgorithm(_mockPath);
}
public SoapClient(Uri endpointUri, Certificate certificate, TimeSpan httpTimeout, SignAlgorithm signAlgorithm = SignAlgorithm.Sha256, EetLogger logger = null)
{
HttpClient = new SoapHttpClient(endpointUri, httpTimeout, logger);
Certificate = certificate;
SignAlgorithm = signAlgorithm;
XmlManipulator = new XmlManipulator();
Logger = logger;
HttpClient.HttpRequestFinished += (sender, args) => HttpRequestFinished?.Invoke(this, args);
}
public XmlDocument SignMessage(XmlDocument xmlDoc, X509Certificate2 certificate, SignAlgorithm signAlgorithm)
{
XmlNamespaceManager ns = new XmlNamespaceManager(xmlDoc.NameTable);
ns.AddNamespace("s", "http://schemas.xmlsoap.org/soap/envelope/");
XmlElement soapHeader = xmlDoc.DocumentElement.SelectSingleNode("//s:Header", ns) as XmlElement;
XmlElement body = xmlDoc.DocumentElement.SelectSingleNode("//s:Body", ns) as XmlElement;
if (body == null)
{
throw new Exception("No body tag found.");
}
XmlElement securityNode = xmlDoc.CreateElement(
"wsse",
"Security",
"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd");
XmlElement binarySecurityToken = xmlDoc.CreateElement("wse", "BinarySecurityToken", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd");
binarySecurityToken.SetAttribute("EncodingType", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary");
binarySecurityToken.SetAttribute("ValueType", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3");
binarySecurityToken.SetAttribute("Id", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd", "BinaryToken1");
binarySecurityToken.InnerText = Convert.ToBase64String(certificate.GetRawCertData());
securityNode.AppendChild(binarySecurityToken);
soapHeader.AppendChild(securityNode);
SignedXmlWithId signedXml = new SignedXmlWithId(xmlDoc);
if (signAlgorithm == SignAlgorithm.SHA1)
{
signedXml.SignedInfo.SignatureMethod = "http://www.w3.org/2000/09/xmldsig#rsa-sha1";
}
else
{
signedXml.SignedInfo.SignatureMethod = "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256";
}
RSACryptoServiceProvider rsaKey = null;
if (signAlgorithm == SignAlgorithm.SHA1)
{
rsaKey = (RSACryptoServiceProvider)certificate.PrivateKey;
}
else
{
var key = (RSACryptoServiceProvider)certificate.PrivateKey;
var enhCsp = new RSACryptoServiceProvider().CspKeyContainerInfo;
var cspparams = new CspParameters(enhCsp.ProviderType, enhCsp.ProviderName, key.CspKeyContainerInfo.KeyContainerName);
rsaKey = new RSACryptoServiceProvider(cspparams);
}
signedXml.SigningKey = rsaKey;
KeyInfo keyInfo = new KeyInfo();
keyInfo.AddClause(new SecurityTokenReference("BinaryToken1"));
signedXml.KeyInfo = keyInfo;
signedXml.SignedInfo.CanonicalizationMethod = SignedXml.XmlDsigExcC14NTransformUrl;
Reference reference = new Reference {
Uri = "#_1"
};
if (signAlgorithm == SignAlgorithm.SHA1)
{
reference.DigestMethod = "http://www.w3.org/2000/09/xmldsig#sha1";
}
else
{
reference.DigestMethod = "http://www.w3.org/2001/04/xmlenc#sha256";
}
reference.AddTransform(new XmlDsigExcC14NTransform());
signedXml.AddReference(reference);
signedXml.ComputeSignature();
XmlElement signedElement = signedXml.GetXml();
securityNode.AppendChild(signedElement);
if (soapHeader == null)
{
soapHeader = xmlDoc.CreateElement("s:Header", "");
xmlDoc.DocumentElement.InsertBefore(soapHeader, xmlDoc.DocumentElement.ChildNodes[0]);
}
return(xmlDoc);
}
private RSA GetRsaKey(SignAlgorithm signAlgorithm, X509Certificate2 certificate)
{
throw new InvalidEnumArgumentException($"Unsupported signing algorithm {signAlgorithm}.");
}
