private void AddXadesInfo()
{
_xadesSignedXml.Signature.Id = _signatureId;
XadesObject xadesObject = new XadesObject();
xadesObject.Id = "XadesObjectId-" + Guid.NewGuid().ToString();
xadesObject.QualifyingProperties.Id = "QualifyingProperties-" + Guid.NewGuid().ToString();
xadesObject.QualifyingProperties.Target = "#" + _signatureId;
xadesObject.QualifyingProperties.SignedProperties.Id = "SignedProperties-" + _signatureId;
AddSignatureProperties(
xadesObject.QualifyingProperties.SignedProperties.SignedSignatureProperties,
xadesObject.QualifyingProperties.SignedProperties.SignedDataObjectProperties,
xadesObject.QualifyingProperties.UnsignedProperties.UnsignedSignatureProperties,
_mimeType, _signCertificate);
_xadesSignedXml.AddXadesObject(xadesObject);
}
/// <summary>
/// Realiza la contrafirma de la firma actual
/// </summary>
/// <param name="sigDocument"></param>
/// <param name="parameters"></param>
public SignatureDocument CounterSign(SignatureDocument sigDocument, SignatureParameters parameters)
{
if (parameters.Signer == null)
{
throw new Exception("Es necesario un certificado válido para la firma.");
}
SignatureDocument.CheckSignatureDocument(sigDocument);
SignatureDocument counterSigDocument = new SignatureDocument();
counterSigDocument.Document = (XmlDocument)sigDocument.Document.Clone();
counterSigDocument.Document.PreserveWhitespace = true;
XadesSignedXml counterSignature = new XadesSignedXml(counterSigDocument.Document);
SetSignatureId(counterSignature);
counterSignature.SigningKey = parameters.Signer.SigningKey;
_refContent = new Reference();
_refContent.Uri = "#" + sigDocument.XadesSignature.SignatureValueId;
_refContent.Id = "Reference-" + Guid.NewGuid().ToString();
_refContent.Type = "http://uri.etsi.org/01903#CountersignedSignature";
_refContent.AddTransform(new XmlDsigC14NTransform());
counterSignature.AddReference(_refContent);
_dataFormat = new DataObjectFormat();
_dataFormat.MimeType = "text/xml";
_dataFormat.Encoding = "UTF-8";
KeyInfo keyInfo = new KeyInfo();
keyInfo.Id = "KeyInfoId-" + counterSignature.Signature.Id;
keyInfo.AddClause(new KeyInfoX509Data((X509Certificate)parameters.Signer.Certificate));
keyInfo.AddClause(new RSAKeyValue((RSA)parameters.Signer.SigningKey));
counterSignature.KeyInfo = keyInfo;
Reference referenceKeyInfo = new Reference();
referenceKeyInfo.Id = "ReferenceKeyInfo-" + counterSignature.Signature.Id;
referenceKeyInfo.Uri = "#KeyInfoId-" + counterSignature.Signature.Id;
counterSignature.AddReference(referenceKeyInfo);
XadesObject counterSignatureXadesObject = new XadesObject();
counterSignatureXadesObject.Id = "CounterSignatureXadesObject-" + Guid.NewGuid().ToString();
counterSignatureXadesObject.QualifyingProperties.Target = "#" + counterSignature.Signature.Id;
counterSignatureXadesObject.QualifyingProperties.SignedProperties.Id = "SignedProperties-" + counterSignature.Signature.Id;
AddSignatureProperties(counterSigDocument, counterSignatureXadesObject.QualifyingProperties.SignedProperties.SignedSignatureProperties,
counterSignatureXadesObject.QualifyingProperties.SignedProperties.SignedDataObjectProperties,
counterSignatureXadesObject.QualifyingProperties.UnsignedProperties.UnsignedSignatureProperties, parameters);
counterSignature.AddXadesObject(counterSignatureXadesObject);
foreach (Reference signReference in counterSignature.SignedInfo.References)
{
signReference.DigestMethod = parameters.DigestMethod.URI;
}
counterSignature.SignedInfo.SignatureMethod = parameters.SignatureMethod.URI;
counterSignature.AddXadesNamespace = true;
counterSignature.ComputeSignature();
UnsignedProperties unsignedProperties = sigDocument.XadesSignature.UnsignedProperties;
unsignedProperties.UnsignedSignatureProperties.CounterSignatureCollection.Add(counterSignature);
sigDocument.XadesSignature.UnsignedProperties = unsignedProperties;
UpdateXadesSignature(sigDocument);
counterSigDocument.Document = (XmlDocument)sigDocument.Document.Clone();
counterSigDocument.Document.PreserveWhitespace = true;
XmlElement signatureElement = (XmlElement)sigDocument.Document.SelectSingleNode("//*[@Id='" + counterSignature.Signature.Id + "']");
counterSigDocument.XadesSignature = new XadesSignedXml(counterSigDocument.Document);
counterSigDocument.XadesSignature.LoadXml(signatureElement);
return(counterSigDocument);
}
public static string Sign(string xml, X509Certificate2 x509)
{
// Wczytaj.
XmlDocument doc = new XmlDocument
{
PreserveWhitespace = true
};
doc.LoadXml(xml);
// SignedXml object
XadesSignedXml signedXml = new XadesSignedXml(doc);
signedXml.Signature.Id = "ID-1234";
signedXml.SigningKey = x509.PrivateKey;
signedXml.SignedInfo.CanonicalizationMethod = SignedXml.XmlDsigCanonicalizationUrl;
signedXml.SignedInfo.SignatureMethod = SignedXml.XmlDsigRSASHA1Url;
// dodaj referencję na dokument
Reference reference = new Reference("#Dokument");
reference.AddTransform(new XmlDsigEnvelopedSignatureTransform());
signedXml.AddReference(reference);
// dodaj KeyInfo
KeyInfo keyInfo = new KeyInfo();
keyInfo.AddClause(new KeyInfoX509Data(x509)); // ??? WholeChain ???
signedXml.KeyInfo = keyInfo;
//
XadesObject xo = new XadesObject();
{
Cert cert = new Cert();
cert.IssuerSerial.X509IssuerName = x509.IssuerName.Name;
cert.IssuerSerial.X509SerialNumber = x509.SerialNumber;
{
SHA1 cryptoServiceProvider = new SHA1CryptoServiceProvider();
cert.CertDigest.DigestValue = cryptoServiceProvider.ComputeHash(x509.RawData);
cert.CertDigest.DigestMethod.Algorithm = SignedXml.XmlDsigSHA1Url;
}
xo.QualifyingProperties.Target = "#" + signedXml.Signature.Id;
xo.QualifyingProperties.SignedProperties.SignedSignatureProperties.SigningTime = DateTime.Now;
xo.QualifyingProperties.SignedProperties.SignedSignatureProperties.SignaturePolicyIdentifier.SignaturePolicyImplied = true;
xo.QualifyingProperties.SignedProperties.SignedSignatureProperties.SigningCertificate.CertCollection.Add(cert);
DataObjectFormat dof = new DataObjectFormat
{
ObjectReferenceAttribute = "#Dokument",
Description = "Dokument w formacie xml [XML]",
Encoding = SignedXml.XmlDsigBase64TransformUrl, // ...xmldsig/#base64
MimeType = "text/plain"
};
xo.QualifyingProperties.SignedProperties.SignedDataObjectProperties.DataObjectFormatCollection.Add(dof);
}
signedXml.AddXadesObject(xo);
//// W dokumentacji 2.9.9.a, Id dla <ds:Object> ma mieć wartość "Dokument", ale nie ma tego w przykładach
var data = new DataObject("Dokument", "text/xml", "", doc.DocumentElement);
signedXml.AddObject(data);
// Podpisz
signedXml.ComputeSignature();
// Get the XML representation of the signature and save
// it to an XmlElement object.
XmlElement xmlDigitalSignature = signedXml.GetXml();
return(xmlDigitalSignature.OuterXml);
}
/// <summary>
/// Realiza la contrafirma de la firma actual
/// </summary>
/// <param name="certificate"></param>
/// <param name="signMethod"></param>
public void CounterSign(X509Certificate2 certificate, SignMethod?signMethod = null)
{
SetSignatureId();
if (_xadesSignedXml == null)
{
throw new Exception("No hay ninguna firma XADES cargada previamente.");
}
if (certificate == null)
{
throw new Exception("Es necesario un certificado válido para la firma.");
}
if (signMethod.HasValue)
{
this.SignMethod = signMethod.Value;
}
_signCertificate = certificate;
XadesSignedXml counterSignature = new XadesSignedXml(_document);
SetCryptoServiceProvider();
counterSignature.SigningKey = _rsaKey;
Reference reference = new Reference();
reference.Uri = "#" + _xadesSignedXml.SignatureValueId;
reference.Id = "Reference-" + Guid.NewGuid().ToString();
reference.Type = "http://uri.etsi.org/01903#CountersignedSignature";
reference.AddTransform(new XmlDsigC14NTransform());
counterSignature.AddReference(reference);
_objectReference = reference.Id;
KeyInfo keyInfo = new KeyInfo();
keyInfo.Id = "KeyInfoId-" + _signatureId;
keyInfo.AddClause(new KeyInfoX509Data((X509Certificate)_signCertificate));
keyInfo.AddClause(new RSAKeyValue((RSA)_rsaKey));
counterSignature.KeyInfo = keyInfo;
Reference referenceKeyInfo = new Reference();
referenceKeyInfo.Id = "ReferenceKeyInfo-" + _signatureId;
referenceKeyInfo.Uri = "#KeyInfoId-" + _signatureId;
counterSignature.AddReference(referenceKeyInfo);
counterSignature.Signature.Id = _signatureId;
counterSignature.SignatureValueId = _signatureValueId;
XadesObject counterSignatureXadesObject = new XadesObject();
counterSignatureXadesObject.Id = "CounterSignatureXadesObject-" + Guid.NewGuid().ToString();
counterSignatureXadesObject.QualifyingProperties.Target = "#" + _signatureId;
counterSignatureXadesObject.QualifyingProperties.SignedProperties.Id = "SignedProperties-" + _signatureId;
AddSignatureProperties(counterSignatureXadesObject.QualifyingProperties.SignedProperties.SignedSignatureProperties,
counterSignatureXadesObject.QualifyingProperties.SignedProperties.SignedDataObjectProperties,
counterSignatureXadesObject.QualifyingProperties.UnsignedProperties.UnsignedSignatureProperties,
"text/xml", _signCertificate);
counterSignature.AddXadesObject(counterSignatureXadesObject);
foreach (Reference signReference in counterSignature.SignedInfo.References)
{
signReference.DigestMethod = _refsMethodUri;
}
counterSignature.AddXadesNamespace = true;
counterSignature.ComputeSignature();
UnsignedProperties unsignedProperties = _xadesSignedXml.UnsignedProperties;
unsignedProperties.UnsignedSignatureProperties.CounterSignatureCollection.Add(counterSignature);
_xadesSignedXml.UnsignedProperties = unsignedProperties;
UpdateDocument();
_xadesSignedXml = new XadesSignedXml(_document);
XmlNode xmlNode = _document.SelectSingleNode("//*[@Id='" + _signatureId + "']");
_xadesSignedXml.LoadXml((XmlElement)xmlNode);
}
/// <summary>
/// Realiza la contrafirma de la firma actual
/// </summary>
/// <param name="sigDocument"></param>
/// <param name="parameters"></param>
public SignatureDocument CounterSign(SignatureDocument sigDocument, SignatureParameters parameters)
{
if (parameters.Signer == null)
{
throw new Exception("A valid certificate is required for the signature");
}
SignatureDocument.CheckSignatureDocument(sigDocument);
SignatureDocument counterSigDocument = new SignatureDocument
{
Document = (XmlDocument)sigDocument.Document.Clone()
};
counterSigDocument.Document.PreserveWhitespace = true;
XadesSignedXml counterSignature = new XadesSignedXml(counterSigDocument.Document);
SetSignatureId(counterSignature);
counterSignature.SigningKey = parameters.Signer.SigningKey;
_refContent = new Reference
{
Uri = "#" + sigDocument.XadesSignature.SignatureValueId,
Id = "Reference-" + Guid.NewGuid().ToString(),
Type = "http://uri.etsi.org/01903#CountersignedSignature"
};
_refContent.AddTransform(new XmlDsigC14NTransform());
counterSignature.AddReference(_refContent);
_mimeType = "text/xml";
_encoding = "UTF-8";
KeyInfo keyInfo = new KeyInfo
{
Id = "KeyInfoId-" + counterSignature.Signature.Id
};
keyInfo.AddClause(new KeyInfoX509Data((X509Certificate)parameters.Signer.Certificate));
keyInfo.AddClause(new RSAKeyValue((RSA)parameters.Signer.SigningKey));
counterSignature.KeyInfo = keyInfo;
Reference referenceKeyInfo = new Reference
{
Id = "ReferenceKeyInfo-" + counterSignature.Signature.Id,
Uri = "#KeyInfoId-" + counterSignature.Signature.Id
};
counterSignature.AddReference(referenceKeyInfo);
XadesObject counterSignatureXadesObject = new XadesObject
{
Id = "CounterSignatureXadesObject-" + Guid.NewGuid().ToString()
};
counterSignatureXadesObject.QualifyingProperties.Target = "#" + counterSignature.Signature.Id;
counterSignatureXadesObject.QualifyingProperties.SignedProperties.Id = "SignedProperties-" + counterSignature.Signature.Id;
AddSignatureProperties(counterSigDocument, counterSignatureXadesObject.QualifyingProperties.SignedProperties.SignedSignatureProperties,
counterSignatureXadesObject.QualifyingProperties.SignedProperties.SignedDataObjectProperties,
counterSignatureXadesObject.QualifyingProperties.UnsignedProperties.UnsignedSignatureProperties, parameters);
counterSignature.AddXadesObject(counterSignatureXadesObject);
foreach (Reference signReference in counterSignature.SignedInfo.References)
{
signReference.DigestMethod = parameters.DigestMethod.URI;
}
counterSignature.SignedInfo.SignatureMethod = parameters.SignatureMethod.URI;
counterSignature.AddXadesNamespace = true;
counterSignature.ComputeSignature();
counterSigDocument.XadesSignature = new XadesSignedXml(counterSigDocument.Document);
counterSigDocument.XadesSignature.LoadXml(sigDocument.XadesSignature.GetXml());
UnsignedProperties unsignedProperties = counterSigDocument.XadesSignature.UnsignedProperties;
unsignedProperties.UnsignedSignatureProperties.CounterSignatureCollection.Add(counterSignature);
counterSigDocument.XadesSignature.UnsignedProperties = unsignedProperties;
counterSigDocument.UpdateDocument();
return(counterSigDocument);
}
public SignatureDocument CounterSign(SignatureDocument sigDocument, SignatureParameters parameters)
{
if (parameters.Signer == null)
{
throw new Exception("Es necesario un certificado válido para la firma.");
}
SignatureDocument.CheckSignatureDocument(sigDocument);
SignatureDocument signatureDocument = new SignatureDocument();
signatureDocument.Document = (XmlDocument)sigDocument.Document.Clone();
signatureDocument.Document.PreserveWhitespace = true;
XadesSignedXml xadesSignedXml = new XadesSignedXml(signatureDocument.Document);
xadesSignedXml.Signature.Id = "xmldsig-" + Guid.NewGuid().ToString();
xadesSignedXml.SignatureValueId = sigDocument.XadesSignature.Signature.Id + "-sigvalue";
xadesSignedXml.SigningKey = parameters.Signer.SigningKey;
_refContent = new Reference();
_refContent.Uri = "#" + sigDocument.XadesSignature.SignatureValueId;
Reference refContent = _refContent;
Guid guid = Guid.NewGuid();
refContent.Id = "Reference-" + guid.ToString();
_refContent.Type = "http://uri.etsi.org/01903#CountersignedSignature";
_refContent.AddTransform(new XmlDsigC14NTransform());
xadesSignedXml.AddReference(_refContent);
_mimeType = "text/xml";
_encoding = "UTF-8";
KeyInfo keyInfo = new KeyInfo();
keyInfo.Id = "KeyInfoId-" + xadesSignedXml.Signature.Id;
keyInfo.AddClause(new KeyInfoX509Data(parameters.Signer.Certificate));
keyInfo.AddClause(new RSAKeyValue((RSA)parameters.Signer.SigningKey));
xadesSignedXml.KeyInfo = keyInfo;
Reference reference = new Reference();
reference.Id = "ReferenceKeyInfo-" + xadesSignedXml.Signature.Id;
reference.Uri = "#KeyInfoId-" + xadesSignedXml.Signature.Id;
xadesSignedXml.AddReference(reference);
XadesObject xadesObject = new XadesObject();
XadesObject xadesObject2 = xadesObject;
guid = Guid.NewGuid();
xadesObject2.Id = "CounterSignatureXadesObject-" + guid.ToString();
xadesObject.QualifyingProperties.Target = "#" + xadesSignedXml.Signature.Id;
xadesObject.QualifyingProperties.SignedProperties.Id = "SignedProperties-" + xadesSignedXml.Signature.Id;
AddSignatureProperties(signatureDocument, xadesObject.QualifyingProperties.SignedProperties.SignedSignatureProperties, xadesObject.QualifyingProperties.SignedProperties.SignedDataObjectProperties, xadesObject.QualifyingProperties.UnsignedProperties.UnsignedSignatureProperties, parameters);
xadesSignedXml.AddXadesObject(xadesObject);
foreach (Reference reference2 in xadesSignedXml.SignedInfo.References)
{
reference2.DigestMethod = parameters.DigestMethod.URI;
}
xadesSignedXml.SignedInfo.SignatureMethod = parameters.SignatureMethod.URI;
xadesSignedXml.AddXadesNamespace = true;
xadesSignedXml.ComputeSignature();
signatureDocument.XadesSignature = new XadesSignedXml(signatureDocument.Document);
signatureDocument.XadesSignature.LoadXml(sigDocument.XadesSignature.GetXml());
UnsignedProperties unsignedProperties = signatureDocument.XadesSignature.UnsignedProperties;
unsignedProperties.UnsignedSignatureProperties.CounterSignatureCollection.Add(xadesSignedXml);
signatureDocument.XadesSignature.UnsignedProperties = unsignedProperties;
signatureDocument.UpdateDocument();
return(signatureDocument);
}