private XmlDocument SignSmev2(GostFlavor gostFlavor, XmlDocument doc, X509Certificate2 certificate)
{
XmlNode root = doc.SelectSingleNode("/*");
string rootPrefix = root?.Prefix;
//----------------------------------------------------------------------------------------------CREATE STRUCTURE
XmlDocument tDoc = AddTemplate(doc, certificate);
//----------------------------------------------------------------------------------------------ROOT PREFIX
XmlElement bodyElement = tDoc.GetElementsByTagName(rootPrefix + ":Body")[0] as XmlElement;
string referenceUri = bodyElement?.GetAttribute("wsu:Id");
//----------------------------------------------------------------------------------------------SignedXML CREATE
//нужен для корректной отработки wsu:reference
Smev2SignedXml signedXml = new Smev2SignedXml(tDoc)
{
SigningKey = certificate.PrivateKey
};
//----------------------------------------------------------------------------------------------REFERNCE
Reference reference = new Reference
{
#pragma warning disable 612
DigestMethod = GostAlgorithmSelector.GetHashAlgorithmDescriptor(gostFlavor),
//CPSignedXml.XmlDsigGost3411UrlObsolete,
#pragma warning restore 612
Uri = "#" + referenceUri
};
XmlDsigExcC14NTransform c14 = new XmlDsigExcC14NTransform();
reference.AddTransform(c14);
signedXml.AddReference(reference);
//----------------------------------------------------------------------------------------------SIGNATURE SETUP
signedXml.SignedInfo.CanonicalizationMethod = SignedXml.XmlDsigExcC14NTransformUrl;
#pragma warning disable 612
signedXml.SignedInfo.SignatureMethod = GostAlgorithmSelector.GetSignatureAlgorithmDescriptor(gostFlavor);
//CPSignedXml.XmlDsigGost3410UrlObsolete;
#pragma warning disable 612
//----------------------------------------------------------------------------------------------KEYINFO
KeyInfo keyInfo = new KeyInfo();
KeyInfoX509Data x509KeyInfo = new KeyInfoX509Data(certificate);
keyInfo.AddClause(x509KeyInfo);
signedXml.KeyInfo = keyInfo;
//----------------------------------------------------------------------------------------------SIGN DOCUMENT
signedXml.ComputeSignature();
//----------------------------------------------------------------------------------------------GET XML
XmlElement xmlDigitalSignature = signedXml.GetXml();
//----------------------------------------------------------------------------------------------APPEND SIGNATURE TAGS
tDoc.GetElementsByTagName("Signature")[0].PrependChild(
tDoc.ImportNode(xmlDigitalSignature.GetElementsByTagName("SignatureValue")[0], true));
tDoc.GetElementsByTagName("Signature")[0].PrependChild(
tDoc.ImportNode(xmlDigitalSignature.GetElementsByTagName("SignedInfo")[0], true));
((XmlElement)tDoc.GetElementsByTagName("Signature")[0]).SetAttribute("xmlns", DS_NS);
return(tDoc);
}
private XmlDocument SignEnveloped(
GostFlavor gostFlavor,
XmlDocument doc,
X509Certificate2 certificate,
string nodeId = null)
{
//----------------------------------------------------------------------------------------------CREATE SIGNED XML
SignedXml signedXml = new SignedXml(doc)
{
SigningKey = certificate.PrivateKey
};
//----------------------------------------------------------------------------------------------REFERNCE
Reference reference = new Reference
{
Uri = nodeId,
#pragma warning disable 612
DigestMethod = GostAlgorithmSelector.GetHashAlgorithmDescriptor(gostFlavor)
//CPSignedXml.XmlDsigGost3411UrlObsolete - old
#pragma warning disable 612
};
XmlDsigEnvelopedSignatureTransform env = new XmlDsigEnvelopedSignatureTransform();
reference.AddTransform(env);
XmlDsigExcC14NTransform c14 = new XmlDsigExcC14NTransform();
reference.AddTransform(c14);
// Add the reference to the SignedXml object.
signedXml.AddReference(reference);
//----------------------------------------------------------------------------------------------SIGNATURE SETUP
signedXml.SignedInfo.CanonicalizationMethod = SignedXml.XmlDsigExcC14NTransformUrl;
signedXml.SignedInfo.SignatureMethod = GostAlgorithmSelector.GetSignatureAlgorithmDescriptor(gostFlavor);
//CPSignedXml.XmlDsigGost3410UrlObsolete; - old
//----------------------------------------------------------------------------------------------KEYINFO
KeyInfo keyInfo = new KeyInfo();
KeyInfoX509Data x509KeyInfo = new KeyInfoX509Data(certificate);
keyInfo.AddClause(x509KeyInfo);
signedXml.KeyInfo = keyInfo;
//----------------------------------------------------------------------------------------------SIGN DOCUMENT
signedXml.ComputeSignature();
//----------------------------------------------------------------------------------------------GET XML
XmlElement xmlDigitalSignature = signedXml.GetXml();
//----------------------------------------------------------------------------------------------APPEND SIGNATURE
XmlNode root = doc.SelectSingleNode("/*");
root?.AppendChild(doc.ImportNode(xmlDigitalSignature, true));
return(doc);
}
private XmlDocument SignXmlNode(
GostFlavor gostFlavor,
XmlDocument doc,
X509Certificate2 certificate,
string nodeId)
{
//----------------------------------------------------------------------------------------------CREATE SIGNED XML
SignedXml signedXml = new SignedXml(doc)
{
SigningKey = certificate.PrivateKey
};
//----------------------------------------------------------------------------------------------REFERNCE
Reference reference = new Reference
{
Uri = "#" + nodeId,
#pragma warning disable 612
DigestMethod = GostAlgorithmSelector.GetHashAlgorithmDescriptor(gostFlavor)
//CPSignedXml.XmlDsigGost3411UrlObsolete - old
#pragma warning disable 612
};
XmlDsigExcC14NTransform c14 = new XmlDsigExcC14NTransform();
reference.AddTransform(c14);
// Add the reference to the SignedXml object.
signedXml.AddReference(reference);
//----------------------------------------------------------------------------------------------SIGNATURE SETUP
signedXml.SignedInfo.CanonicalizationMethod = SignedXml.XmlDsigExcC14NTransformUrl;
signedXml.SignedInfo.SignatureMethod = GostAlgorithmSelector.GetSignatureAlgorithmDescriptor(gostFlavor);
//CPSignedXml.XmlDsigGost3410UrlObsolete;
//----------------------------------------------------------------------------------------------KEYINFO
KeyInfo keyInfo = new KeyInfo();
KeyInfoX509Data x509KeyInfo = new KeyInfoX509Data(certificate);
keyInfo.AddClause(x509KeyInfo);
signedXml.KeyInfo = keyInfo;
//----------------------------------------------------------------------------------------------SIGN DOCUMENT
signedXml.ComputeSignature();
//----------------------------------------------------------------------------------------------GET XML
XmlElement xmlDigitalSignature = signedXml.GetXml();
//=============================================================================APPEND SIGNATURE TO DOCUMENT
GetNodeWithAttributeValue(doc.ChildNodes, nodeId)?.ParentNode?.AppendChild(xmlDigitalSignature);
return(doc);
}
private XmlDocument SignSmev3(
GostFlavor gostFlavor,
XmlDocument doc,
X509Certificate2 certificate,
string signingNodeId,
bool assignDs,
bool isAck = false,
bool isSidebyside = false)
{
XmlNamespaceManager nsm = new XmlNamespaceManager(doc.NameTable);
nsm.AddNamespace("ns", "urn://x-artefacts-smev-gov-ru/services/message-exchange/types/1.1");
nsm.AddNamespace("ns1", "urn://x-artefacts-smev-gov-ru/services/message-exchange/types/basic/1.1");
nsm.AddNamespace("ds", "http://www.w3.org/2000/09/xmldsig#");
SignedXml sxml = new SignedXml(doc)
{
SigningKey = certificate.PrivateKey
};
XmlDsigSmevTransform smevTransform = new XmlDsigSmevTransform();
sxml.SafeCanonicalizationMethods.Add(smevTransform.Algorithm);
//=====================================================================================REFERENCE TRASFORMS
Reference reference = new Reference
{
Uri = "#" + signingNodeId,
#pragma warning disable 612
//Расчет хеш-суммы ГОСТ Р 34.11-94 / 34.11.2012 http://www.w3.org/2001/04/xmldsig-more#gostr3411
DigestMethod = GostAlgorithmSelector.GetHashAlgorithmDescriptor(gostFlavor)
//CPSignedXml.XmlDsigGost3411UrlObsolete - old one
#pragma warning disable 612
};
XmlDsigExcC14NTransform excC14N = new XmlDsigExcC14NTransform();
reference.AddTransform(excC14N);
reference.AddTransform(smevTransform);
if (isAck)
{
XmlDsigEnvelopedSignatureTransform enveloped
= new XmlDsigEnvelopedSignatureTransform();
reference.AddTransform(enveloped);
}
sxml.AddReference(reference);
//=========================================================================================CREATE SIGNATURE
sxml.SignedInfo.CanonicalizationMethod = SignedXml.XmlDsigExcC14NTransformUrl;
//Формирование подписи ГОСТ Р 34.10-2001 / 34.10-2012 http://www.w3.org/2001/04/xmldsig-more#gostr34102001-gostr3411
sxml.SignedInfo.SignatureMethod = GostAlgorithmSelector.GetSignatureAlgorithmDescriptor(gostFlavor);
//CPSignedXml.XmlDsigGost3410UrlObsolete; - old one
KeyInfo keyInfo = new KeyInfo();
KeyInfoX509Data x509KeyInfo = new KeyInfoX509Data(certificate);
keyInfo.AddClause(x509KeyInfo);
sxml.KeyInfo = keyInfo;
sxml.ComputeSignature();
XmlElement signature = sxml.GetXml();
//==================================================================================================add ds:
if (assignDs)
{
AssignNsPrefix(signature, "ds");
XmlElement xmlSignedInfo = signature.SelectSingleNode("ds:SignedInfo", nsm) as XmlElement;
XmlDocument document = new XmlDocument();
document.PreserveWhitespace = false;
document.LoadXml(xmlSignedInfo.OuterXml);
//create new canonicalization object based on original one
Transform canonicalizationMethodObject
= sxml.SignedInfo.CanonicalizationMethodObject;
canonicalizationMethodObject.LoadInput(document);
//get new hshing object based on original one
SignatureDescription description =
CryptoConfig.CreateFromName(sxml.SignedInfo.SignatureMethod) as SignatureDescription;
if (description == null)
{
throw new CryptographicException(
$"Не удалось создать объект SignatureDescription по имени [{sxml.SignedInfo.SignatureMethod}]");
}
HashAlgorithm hash = description.CreateDigest();
if (hash == null)
{
throw new CryptographicException(
$"Не удалось создать объект HashAlgorithm из SignatureDescription по имени [{sxml.SignedInfo.SignatureMethod}]");
}
//compute new SignedInfo digest value
byte[] hashVal = canonicalizationMethodObject.GetDigestedOutput(hash);
//compute new signature
XmlElement xmlSignatureValue = signature.SelectSingleNode("ds:SignatureValue", nsm) as XmlElement;
xmlSignatureValue.InnerText =
Convert.ToBase64String(description.CreateFormatter(sxml.SigningKey).CreateSignature(hashVal));
}
//=============================================================================APPEND SIGNATURE TO DOCUMENT
if (!isSidebyside)
{
//TODO: is using SMEV types 1.2 edit this code!
doc.GetElementsByTagName(
"CallerInformationSystemSignature",
"urn://x-artefacts-smev-gov-ru/services/message-exchange/types/1.1")[0].InnerXml = "";
doc.GetElementsByTagName(
"CallerInformationSystemSignature",
"urn://x-artefacts-smev-gov-ru/services/message-exchange/types/1.1")[0].AppendChild(signature);
}
else
{
GetNodeWithAttributeValue(doc.ChildNodes, signingNodeId)?.ParentNode?.AppendChild(signature);
}
return(doc);
}
