protected void SaveNewSignatures(XmlDocument document, XmlElement containerElement) { if (!NewSigners.Any()) { return; } // We need an ID on the element to sign it, so let's give it the same ID as its name. // Unless it already has an ID, of course, in which case use the existing one. var elementId = containerElement.GetAttribute("id"); if (elementId == "") { containerElement.SetAttribute("id", ContainerName); elementId = ContainerName; } // Add any signatures and mark them as applied. foreach (var signer in _newSigners.ToArray()) { var signature = CryptographyHelpers.SignXmlElement(document, elementId, signer); _newSigners.Remove(signer); _loadedSignatures.Add(new Tuple <XmlElement, X509Certificate2>(signature, signer)); } }
/// <summary> /// Applies a digital signature to the collection. /// /// The signature is generated when the document is saved, so you can still modify the collection after this call. /// </summary> public void AddSignature(X509Certificate2 signerCertificate) { if (signerCertificate == null) { throw new ArgumentNullException(nameof(signerCertificate)); } // Cannot add signatures to the collection if the document itself is signed! Document.VerifyIsNotReadOnly(); if (SignedBy.Contains(signerCertificate)) { throw new InvalidOperationException("The collection is already signed by this identity."); } CryptographyHelpers.ValidateSignerCertificate(signerCertificate); _newSigners.Add(signerCertificate); }
internal override void ValidateNewEntity(CpixDocument document) { CryptographyHelpers.ValidateRecipientCertificateAndPublicKey(Certificate); }