/// <summary>
/// Initializes a new instance of the <see cref="CalculateSignatureConfig"/> class.
/// </summary>
/// <param name="signingCertificate"></param>
/// <param name="referenceTokenType"></param>
/// <param name="signingAlgorithm"></param>
/// <param name="hashFunction"></param>
public CalculateSignatureConfig(
X509Certificate2 signingCertificate,
X509ReferenceType referenceTokenType,
string signingAlgorithm,
string hashFunction)
{
if (signingCertificate == null)
{
throw new ArgumentNullException(nameof(signingCertificate));
}
if (String.IsNullOrWhiteSpace(signingAlgorithm))
{
throw new ArgumentException(@"Signing algorithm cannot be blank", nameof(signingAlgorithm));
}
if (String.IsNullOrEmpty(hashFunction))
{
throw new ArgumentException(@"Hash function cannot be blank", nameof(hashFunction));
}
SigningCertificate = signingCertificate;
ReferenceTokenType = referenceTokenType;
SigningAlgorithm = signingAlgorithm;
HashFunction = hashFunction;
}
private void SetSecurityTokenReference(X509Certificate2 signingCertificate, X509ReferenceType securityTokenType)
{
var securityTokenReference = SecurityTokenReferenceProvider.Create(signingCertificate, securityTokenType);
SigningKey = GetSigningKeyFromCertificate(signingCertificate);
KeyInfo = new KeyInfo();
KeyInfo.AddClause(securityTokenReference);
}
public async Task Correctly_Verifies_Encrypted_And_Signed_Message_With_SecurityTokenReference(
X509ReferenceType securityTokenReferenceType)
{
// Arrange
var pdf = new Attachment("pdf", new MemoryStream(pdf_document), "application/pdf");
var xml = new Attachment("xml", new MemoryStream(Encoding.UTF8.GetBytes("<Root>Don't modify me</Root>")), "application/xml");
var as4Message = AS4Message.Create(
new UserMessage(
$"user-{Guid.NewGuid()}",
new CollaborationInfo(
new AgreementReference("http://agreements.europa.org/agreement"),
new Service("getting:started", "org:europa:services"),
"eu:sample:03",
"eu:edelivery:as4:sampleconversation"),
new Party("Sender", new PartyId("org:eu:europa:as4:example:accesspoint:A")),
new Party("Receiver", new PartyId("org:eu:europa:as4:example:accesspoint:B")),
new[]
{
PartInfo.CreateFor(pdf),
PartInfo.CreateFor(xml)
},
Enumerable.Empty <MessageProperty>()));
as4Message.AddAttachments(new[] { pdf, xml });
as4Message.Sign(
new CalculateSignatureConfig(
Registry.Instance.CertificateRepository.GetCertificate(
X509FindType.FindBySubjectName,
"AccessPointA"),
securityTokenReferenceType,
Constants.SignAlgorithms.Sha256,
Constants.HashFunctions.Sha256));
as4Message.Encrypt(
new KeyEncryptionConfiguration(
Registry.Instance.CertificateRepository.GetCertificate(
X509FindType.FindBySubjectName,
"AccessPointB")),
DataEncryptionConfiguration.Default);
// Act
HttpResponseMessage response = await StubSender.SendAS4Message(_receiveAgentUrl, as4Message);
// Assert
AS4Message message = await response.DeserializeToAS4Message();
Assert.False(
message.PrimaryMessageUnit is Error,
(message.PrimaryMessageUnit as Error)?.FormatErrorLines());
Assert.IsType <Receipt>(message.PrimaryMessageUnit);
}
public static SecurityTokenReference Create(X509Certificate2 certificate, X509ReferenceType referenceType)
{
switch (referenceType)
{
case X509ReferenceType.BSTReference:
return(new BinarySecurityTokenReference(certificate));
case X509ReferenceType.IssuerSerial:
return(new IssuerSecurityTokenReference(certificate));
case X509ReferenceType.KeyIdentifier:
return(new KeyIdentifierSecurityTokenReference(certificate));
default:
return(new BinarySecurityTokenReference(certificate));
}
}
