public void AsymmetricRSAVerify ()
{
string value = "<Signature xmlns=\"http://www.w3.org/2000/09/xmldsig#\"><SignedInfo><CanonicalizationMethod Algorithm=\"http://www.w3.org/TR/2001/REC-xml-c14n-20010315\" /><SignatureMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#rsa-sha1\" /><Reference URI=\"#MyObjectId\"><DigestMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#sha1\" /><DigestValue>/Vvq6sXEVbtZC8GwNtLQnGOy/VI=</DigestValue></Reference></SignedInfo><SignatureValue>A6XuE8Cy9iOffRXaW9b0+dUcMUJQnlmwLsiqtQnADbCtZXnXAaeJ6nGnQ4Mm0IGi0AJc7/2CoJReXl7iW4hltmFguG1e3nl0VxCyCTHKGOCo1u8R3K+B1rTaenFbSxs42EM7/D9KETsPlzfYfis36yM3PqatiCUOsoMsAiMGzlc=</SignatureValue><KeyInfo><KeyValue xmlns=\"http://www.w3.org/2000/09/xmldsig#\"><RSAKeyValue><Modulus>tI8QYIpbG/m6JLyvP+S3X8mzcaAIayxomyTimSh9UCpEucRnGvLw0P73uStNpiF7wltTZA1HEsv+Ha39dY/0j/Wiy3RAodGDRNuKQao1wu34aNybZ673brbsbHFUfw/o7nlKD2xO84fbajBZmKtBBDy63NHt+QL+grSrREPfCTM=</Modulus><Exponent>AQAB</Exponent></RSAKeyValue></KeyValue></KeyInfo><Object Id=\"MyObjectId\"><MyElement xmlns=\"samples\">This is some text</MyElement></Object></Signature>";
XmlDocument doc = new XmlDocument ();
doc.LoadXml (value);
SignedXml v1 = new SignedXml ();
v1.LoadXml (doc.DocumentElement);
Assert.IsTrue (v1.CheckSignature (), "RSA-CheckSignature()");
SignedXml v2 = new SignedXml ();
v2.LoadXml (doc.DocumentElement);
AsymmetricAlgorithm key = null;
bool vrfy = v2.CheckSignatureReturningKey (out key);
Assert.IsTrue (vrfy, "RSA-CheckSignatureReturningKey()");
SignedXml v3 = new SignedXml ();
v3.LoadXml (doc.DocumentElement);
Assert.IsTrue (v3.CheckSignature (key), "RSA-CheckSignature(key)");
}
public void AsymmetricDSAVerify ()
{
string value = "<Signature xmlns=\"http://www.w3.org/2000/09/xmldsig#\"><SignedInfo><CanonicalizationMethod Algorithm=\"http://www.w3.org/TR/2001/REC-xml-c14n-20010315\" /><SignatureMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#dsa-sha1\" /><Reference URI=\"#MyObjectId\"><DigestMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#sha1\" /><DigestValue>/Vvq6sXEVbtZC8GwNtLQnGOy/VI=</DigestValue></Reference></SignedInfo><SignatureValue>BYz/qRGjGsN1yMFPxWa3awUZm1y4I/IxOQroMxkOteRGgk1HIwhRYw==</SignatureValue><KeyInfo><KeyValue xmlns=\"http://www.w3.org/2000/09/xmldsig#\"><DSAKeyValue><P>iglVaZ+LsSL8Y0aDXmFMBwva3xHqIypr3l/LtqBH9ziV2Sh1M4JVasAiKqytWIWt/s/Uk8Ckf2tO2Ww1vsNi1NL+Kg9T7FE52sn380/rF0miwGkZeidzm74OWhykb3J+wCTXaIwOzAWI1yN7FoeoN7wzF12jjlSXAXeqPMlViqk=</P><Q>u4sowiJMHilNRojtdmIuQY2YnB8=</Q><G>SdnN7d+wn1n+HH4Hr8MIryIRYgcXdbZ5TH7jAnuWc1koqRc1AZfcYAZ6RDf+orx6Lzn055FTFiN+1NHQfGUtXJCWW0zz0FVV1NJux7WRj8vGTldjJ5ef0oCenkpwDjcIxWsZgVobve4GPoyN1sAc1scnkJB59oupibklmF4y72A=</G><Y>XejzS8Z51yfl0zbYnxSYYbHqreSLjNCoGPB/KjM1TOyV5sMjz0StKtGrFWryTWc7EgvFY7kUth4e04VKf9HbK8z/FifHTXj8+Tszbjzw8GfInnBwLN+vJgbpnjtypmiI5Bm2nLiRbfkdAHP+OrKtr/EauM9GQfYuaxm3/Vj8B84=</Y><J>vGwGg9wqwwWP9xsoPoXu6kHArJtadiNKe9azBiUx5Ob883gd5wlKfEcGuKkBmBySGbgwxyOsIBovd9Kk48hF01ymfQzAAuHR0EdJECSsTsTTKVTLQNBU32O+PRbLYpv4E8kt6rNL83JLJCBY</J><Seed>sqzn8J6fd2gtEyq6YOqiUSHgPE8=</Seed><PgenCounter>sQ==</PgenCounter></DSAKeyValue></KeyValue></KeyInfo><Object Id=\"MyObjectId\"><MyElement xmlns=\"samples\">This is some text</MyElement></Object></Signature>";
XmlDocument doc = new XmlDocument ();
doc.LoadXml (value);
SignedXml v1 = new SignedXml ();
v1.LoadXml (doc.DocumentElement);
Assert.IsTrue (v1.CheckSignature (), "DSA-CheckSignature()");
SignedXml v2 = new SignedXml ();
v2.LoadXml (doc.DocumentElement);
AsymmetricAlgorithm key = null;
bool vrfy = v2.CheckSignatureReturningKey (out key);
Assert.IsTrue (vrfy, "DSA-CheckSignatureReturningKey()");
SignedXml v3 = new SignedXml ();
v3.LoadXml (doc.DocumentElement);
Assert.IsTrue (v3.CheckSignature (key), "DSA-CheckSignature(key)");
}
public ActionResult Index(XmlModel model)
{
if (model.Action == "encrypt")
{
var recipientCertificate = LoadCertificate(model.RecipientThumbprint);
var signingCertificate = LoadCertificate(model.SenderThumbprint);
var xmlDocument = new XmlDocument();
xmlDocument.LoadXml(model.PlainText);
var elementToEncrypt = xmlDocument.GetElementsByTagName("message")[0] as XmlElement;
var encryptedXml = new EncryptedXml();
// Encrypt the element.
var encryptedElement = encryptedXml.Encrypt(elementToEncrypt, recipientCertificate);
EncryptedXml.ReplaceElement(elementToEncrypt, encryptedElement, false);
// Sign the document
var signedXml = new SignedXml(xmlDocument) { SigningKey = signingCertificate.PrivateKey };
var reference = new Reference { Uri = string.Empty };
var transform = new XmlDsigC14NTransform();
reference.AddTransform(transform);
var envelope = new XmlDsigEnvelopedSignatureTransform();
reference.AddTransform(envelope);
signedXml.AddReference(reference);
var keyInfo = new KeyInfo();
keyInfo.AddClause(new KeyInfoX509Data(signingCertificate));
signedXml.KeyInfo = keyInfo;
signedXml.ComputeSignature();
var xmlDigitalSignature = signedXml.GetXml();
xmlDocument.DocumentElement.AppendChild(xmlDocument.ImportNode(xmlDigitalSignature, true));
model.PlainText = "";
model.Envelope = XmlToString(xmlDocument);
}
else if (model.Action == "decrypt")
{
var xmlDocument = new XmlDocument();
xmlDocument.LoadXml(model.Envelope);
// Validate the signature
var signedXml = new SignedXml(xmlDocument);
var nodeList = xmlDocument.GetElementsByTagName("Signature");
if (nodeList.Count <= 0)
{
throw new Exception("No signature found.");
}
signedXml.LoadXml((XmlElement)nodeList[0]);
AsymmetricAlgorithm signingKey;
if (!signedXml.CheckSignatureReturningKey(out signingKey))
{
throw new Exception("Invalid Signature");
}
else
{
IEnumerable<X509Certificate2> keyInfoCertificates =
signedXml.KeyInfo.OfType<KeyInfoX509Data>()
.SelectMany(x => x.Certificates.Cast<X509Certificate2>());
var signingCertificate = keyInfoCertificates.FirstOrDefault(x => x.PublicKey.Key == signingKey);
if (signingCertificate == null)
{
throw new Exception("Signing certificate not found in KeyInfo.");
}
model.SenderSubject = signingCertificate.Subject;
}
var encryptedXml = new EncryptedXml(xmlDocument);
encryptedXml.DecryptDocument();
model.Envelope = "";
model.PlainText = XmlToString(xmlDocument);
}
ModelState.Clear();
model.RecipientThumbprint = RecipientThumbprint;
model.SenderThumbprint = SenderThumbprint;
return View(model);
}
