static void Main(string[] args)
{
X509Certificate2 x509Certificate2 = GetCertificate("990B25F50DC7E2B548BE75AFED579448");
//X509Certificate2 x509Certificate2 = GetCertificate("0efb7eebdcda4f64a718db3ff908b085");
//X509Certificate2 x509Certificate2 = GetCertificate("2E0A6058EA90DB8C46D1FD3513A877F8");
DCinemaSecurityMessageType extraTheatreMessage = new DCinemaSecurityMessageType();
XmlSerializer xmlSerializer = new XmlSerializer(extraTheatreMessage.GetType());
extraTheatreMessage.AuthenticatedPublic = new AuthenticatedPublicType();
extraTheatreMessage.AuthenticatedPublic.Id = "AuthenticatedPublic.Id." + Guid.NewGuid().ToString();
extraTheatreMessage.AuthenticatedPublic.MessageId = "urn:uuid:" + Guid.NewGuid().ToString();
extraTheatreMessage.AuthenticatedPublic.MessageType = "http://www.smpte-ra.org/schemas/430-3/2006/ETM";
extraTheatreMessage.AuthenticatedPublic.AnnotationText = new UserText();
extraTheatreMessage.AuthenticatedPublic.AnnotationText.Value = "Empty Extra-Theatre Message";
extraTheatreMessage.AuthenticatedPublic.AnnotationText.language = "en-us";
extraTheatreMessage.AuthenticatedPublic.IssueDate = DateTime.Now;
X509IssuerSerial issuerSerial = new X509IssuerSerial();
issuerSerial.IssuerName = x509Certificate2.IssuerName.Name;
issuerSerial.SerialNumber = x509Certificate2.SerialNumber;
extraTheatreMessage.AuthenticatedPublic.Signer = issuerSerial;
extraTheatreMessage.AuthenticatedPrivate = new AuthenticatedPrivateType();
extraTheatreMessage.AuthenticatedPrivate.Id = "AuthenticatedPrivate.Id." + Guid.NewGuid().ToString();
#region Build the signature elements
SignedXml signedXml = null;
try
{
signedXml = new SignedXml();
signedXml.SigningKey = x509Certificate2.PrivateKey;
//signedXml.SignedInfo.SignatureMethod = "http://www.w3.org/ 2001/04/xmldsig-more#rsasha256";
//signedXml.SignedInfo.SignatureMethod = "http://www.w3.org/2001/04/xmlenc#sha256";
signedXml.SignedInfo.CanonicalizationMethod = "http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments";
StringWriter stringWriter = new StringWriter();
xmlSerializer.Serialize(stringWriter, extraTheatreMessage);
string serializedXML = stringWriter.ToString();
#region Build the AuthenticatedPublic DataObject & Reference
string xmlAuthenticatedPublic = GetCleanElement(serializedXML, "AuthenticatedPublic");
XmlDocument docAuthenticatedPublic = new XmlDocument();
docAuthenticatedPublic.LoadXml(xmlAuthenticatedPublic.ToString());
//XmlAttribute attrAuthenticatedPublic = docAuthenticatedPublic.CreateAttribute("xmlns");
//attrAuthenticatedPublic.Value = "http://www.smpte-ra.org/schemas/430-3/2006/ETM";
//docAuthenticatedPublic.DocumentElement.Attributes.Append(attrAuthenticatedPublic);
DataObject dataObjectAuthenticatedPublic = new DataObject("AuthenticatedPublic", "", "", docAuthenticatedPublic.DocumentElement);
//DataObject dataObjectAuthenticatedPublic = new DataObject();
dataObjectAuthenticatedPublic.Data = docAuthenticatedPublic.ChildNodes;
dataObjectAuthenticatedPublic.Id = "AuthenticatedPublic";
signedXml.AddObject(dataObjectAuthenticatedPublic);
Reference referenceAuthenticatedPublic = new Reference();
referenceAuthenticatedPublic.Uri = "#AuthenticatedPublic";
referenceAuthenticatedPublic.DigestMethod = "http://www.w3.org/2001/04/xmlenc#sha256";
signedXml.AddReference(referenceAuthenticatedPublic);
#endregion
#region Build the AuthenticatedPublic DataObject & Reference
string xmlAuthenticatedPrivate = GetCleanElement(serializedXML, "AuthenticatedPrivate");
XmlDocument docAuthenticatedPrivate = new XmlDocument();
docAuthenticatedPrivate.LoadXml(xmlAuthenticatedPrivate.ToString());
//XmlAttribute attrAuthenticatedPrivate = docAuthenticatedPrivate.CreateAttribute("xmlns");
//attrAuthenticatedPrivate.Value = "http://www.smpte-ra.org/schemas/430-3/2006/FLM";
//docAuthenticatedPrivate.DocumentElement.Attributes.Append(attrAuthenticatedPrivate);
DataObject dataObjectAuthenticatedPrivate = new DataObject("AuthenticatedPrivate", "", "", docAuthenticatedPrivate.DocumentElement);
//DataObject dataObjectAuthenticatedPrivate = new DataObject("AuthenticatedPrivate", "", "", docAuthenticatedPrivate.DocumentElement);
//dataObjectAuthenticatedPrivate.Data = docAuthenticatedPrivate.ChildNodes;
//dataObjectAuthenticatedPrivate.Id = "AuthenticatedPrivate";
signedXml.AddObject(dataObjectAuthenticatedPrivate);
Reference referenceAuthenticatedPrivate = new Reference();
referenceAuthenticatedPrivate.Uri = "#AuthenticatedPrivate";
referenceAuthenticatedPrivate.DigestMethod = "http://www.w3.org/2001/04/xmlenc#sha256";
// Add the reference to the message.
signedXml.AddReference(referenceAuthenticatedPrivate);
#endregion
// Add a KeyInfo.
KeyInfo keyInfo = new KeyInfo();
keyInfo.AddClause(new KeyInfoX509Data(x509Certificate2, X509IncludeOption.WholeChain));
signedXml.KeyInfo = keyInfo;
// Compute the signature.
signedXml.ComputeSignature();
XmlElement singedElement = signedXml.GetXml();
XmlSerializer signedSerializer = new XmlSerializer(singedElement.GetType());
StreamWriter signedWriter = new StreamWriter("D:\\signedSerializer.Test.xml");
signedSerializer.Serialize(signedWriter, singedElement);
signedWriter.Close();
}
catch (CryptographicException e)
{
Console.WriteLine(e.Message);
}
#endregion
#region Fill in the signature element
extraTheatreMessage.Signature = signedXml.Signature.GetXml();
#endregion
xmlSerializer.Serialize(Console.Out, extraTheatreMessage);
Console.WriteLine("\r\n");
TextWriter WriteFileStream = new StreamWriter(@"\Source_SMPTE\Output\ExtraTheatreMessage.xml");
xmlSerializer.Serialize(WriteFileStream, extraTheatreMessage);
WriteFileStream.Close();
ServiceExtraTheatreMessageClient client = new ServiceExtraTheatreMessageClient();
string response = client.ETM(extraTheatreMessage);
DCinemaSecurityMessageType existingETM = new DCinemaSecurityMessageType();
TextReader readFileStream = new StreamReader(@"\Source_SMPTE\Input\DCinemaSecurityMessageType_AMC.xml");
existingETM = (DCinemaSecurityMessageType)xmlSerializer.Deserialize(readFileStream);
readFileStream.Close();
existingETM.AuthenticatedPrivate = new AuthenticatedPrivateType();
existingETM.Signature = signedXml.Signature.GetXml();
WriteFileStream = new StreamWriter(@"\Source_SMPTE\Output\Read_ExtraTheatreMessage.xml");
xmlSerializer.Serialize(WriteFileStream, existingETM);
WriteFileStream.Close();
response = client.ETM(existingETM);
}
private string ToXmlString(X509IssuerSerial issuerSerial)
{
StringBuilder sb = new StringBuilder();
sb.Append("<X509IssuerSerial><X509IssuerName>" + issuerSerial.IssuerName + "</X509IssuerName><X509SerialNumber>" + issuerSerial.SerialNumber + "</X509SerialNumber></X509IssuerSerial>");
return(sb.ToString());
}
public void AddIssuerSerial(string issuerName, string serialNumber)
{
if (issuerName == null)
{
throw new ArgumentException("issuerName");
}
if (IssuerSerialList == null)
{
IssuerSerialList = new ArrayList();
}
X509IssuerSerial xis = new X509IssuerSerial(issuerName, serialNumber);
IssuerSerialList.Add(xis);
}
// methods
private X509IssuerSerial GetIssuerSerial (string issuer, byte[] serial)
{
X509IssuerSerial xis = new X509IssuerSerial ();
xis.IssuerName = issuer;
StringBuilder sb = new StringBuilder ();
foreach (byte b in serial)
sb.Append (b.ToString ("X2"));
xis.SerialNumber = sb.ToString ();
return xis;
}
public void AddIssuerSerial (string issuerName, string serialNumber)
{
#if NET_2_0
if (issuerName == null)
throw new ArgumentException ("issuerName");
#endif
if (IssuerSerialList == null)
IssuerSerialList = new ArrayList ();
X509IssuerSerial xis = new X509IssuerSerial (issuerName, serialNumber);
IssuerSerialList.Add (xis);
}
internal static unsafe X509IssuerSerial DecodeIssuerSerial(System.Security.Cryptography.CAPI.CERT_ISSUER_SERIAL_NUMBER pIssuerAndSerial)
{
System.Security.Cryptography.SafeLocalAllocHandle invalidHandle = System.Security.Cryptography.SafeLocalAllocHandle.InvalidHandle;
uint csz = System.Security.Cryptography.CAPI.CAPISafe.CertNameToStrW(0x10001, new IntPtr((void*) &pIssuerAndSerial.Issuer), 0x2000003, invalidHandle, 0);
if (csz <= 1)
{
throw new CryptographicException(Marshal.GetLastWin32Error());
}
invalidHandle = System.Security.Cryptography.CAPI.LocalAlloc(0, new IntPtr((long) (2 * csz)));
if (System.Security.Cryptography.CAPI.CAPISafe.CertNameToStrW(0x10001, new IntPtr((void*) &pIssuerAndSerial.Issuer), 0x2000003, invalidHandle, csz) <= 1)
{
throw new CryptographicException(Marshal.GetLastWin32Error());
}
X509IssuerSerial serial = new X509IssuerSerial {
IssuerName = Marshal.PtrToStringUni(invalidHandle.DangerousGetHandle())
};
byte[] destination = new byte[pIssuerAndSerial.SerialNumber.cbData];
Marshal.Copy(pIssuerAndSerial.SerialNumber.pbData, destination, 0, destination.Length);
serial.SerialNumber = System.Security.Cryptography.X509Certificates.X509Utils.EncodeHexStringFromInt(destination);
invalidHandle.Dispose();
return serial;
}
internal unsafe static X509IssuerSerial DecodeIssuerSerial (CAPI.CERT_ISSUER_SERIAL_NUMBER pIssuerAndSerial) {
SafeLocalAllocHandle ptr = SafeLocalAllocHandle.InvalidHandle;
uint cbSize = CAPI.CAPISafe.CertNameToStrW(CAPI.X509_ASN_ENCODING | CAPI.PKCS_7_ASN_ENCODING,
new IntPtr(&pIssuerAndSerial.Issuer),
CAPI.CERT_X500_NAME_STR | CAPI.CERT_NAME_STR_REVERSE_FLAG,
ptr,
0);
if (cbSize <= 1) // The API actually return 1 when It fails; which is not what the documentation says.
throw new CryptographicException(Marshal.GetLastWin32Error());
ptr = CAPI.LocalAlloc(CAPI.LMEM_FIXED, new IntPtr(checked(2 * cbSize)));
cbSize = CAPI.CAPISafe.CertNameToStrW(CAPI.X509_ASN_ENCODING | CAPI.PKCS_7_ASN_ENCODING,
new IntPtr(&pIssuerAndSerial.Issuer),
CAPI.CERT_X500_NAME_STR | CAPI.CERT_NAME_STR_REVERSE_FLAG,
ptr,
cbSize);
if (cbSize <= 1)
throw new CryptographicException(Marshal.GetLastWin32Error());
X509IssuerSerial issuerSerial = new X509IssuerSerial();
issuerSerial.IssuerName = Marshal.PtrToStringUni(ptr.DangerousGetHandle());
byte[] serial = new byte[pIssuerAndSerial.SerialNumber.cbData];
Marshal.Copy(pIssuerAndSerial.SerialNumber.pbData, serial, 0, serial.Length);
issuerSerial.SerialNumber = X509Utils.EncodeHexStringFromInt(serial);
ptr.Dispose();
return issuerSerial;
}
static DCinemaSecurityMessageType BuildDCinemaSecurityMessage(X509Certificate2 x509Certificate2)
{
DCinemaSecurityMessageType dCinemaSecurityMessageType = new DCinemaSecurityMessageType();
dCinemaSecurityMessageType.AuthenticatedPublic = new AuthenticatedPublicType();
dCinemaSecurityMessageType.AuthenticatedPublic.Id = "AuthenticatedPublic.Id." + Guid.NewGuid().ToString();
dCinemaSecurityMessageType.AuthenticatedPublic.MessageId = "urn:uuid:" + Guid.NewGuid().ToString();
dCinemaSecurityMessageType.AuthenticatedPublic.MessageType = "http://www.smpte-ra.org/schemas/430-3/2006/ETM";
dCinemaSecurityMessageType.AuthenticatedPublic.AnnotationText = new UserText();
dCinemaSecurityMessageType.AuthenticatedPublic.AnnotationText.Value = "Empty Extra-Theatre Message";
dCinemaSecurityMessageType.AuthenticatedPublic.AnnotationText.language = "en-us";
dCinemaSecurityMessageType.AuthenticatedPublic.IssueDate = DateTime.Now;
X509IssuerSerial issuerSerial = new X509IssuerSerial();
issuerSerial.IssuerName = x509Certificate2.IssuerName.Name;
issuerSerial.SerialNumber = x509Certificate2.SerialNumber;
dCinemaSecurityMessageType.AuthenticatedPublic.Signer = issuerSerial;
dCinemaSecurityMessageType.AuthenticatedPrivate = new AuthenticatedPrivateType();
dCinemaSecurityMessageType.AuthenticatedPrivate.Id = "AuthenticatedPrivate.Id." + Guid.NewGuid().ToString();
return dCinemaSecurityMessageType;
}
public static XmlDocument FLM_Sign(XmlDocument facilityListMessage, X509Certificate2 x509Certificate2)
{
MemoryStream memStream = null;
XmlSerializer xmlSerializer = null;
#region Convert the facilityListMessage [XmlDocument] to DCinemaSecurityMessageType
DCinemaSecurityMessageType extraTheatreMessage = null;
try
{
memStream = new MemoryStream();
facilityListMessage.Save(memStream);
memStream.Seek(0, System.IO.SeekOrigin.Begin);
xmlSerializer = new XmlSerializer(typeof(DCinemaSecurityMessageType));
extraTheatreMessage = (DCinemaSecurityMessageType)xmlSerializer.Deserialize(memStream);
}
catch (XmlException xe)
{
Exception throwException = new Exception("Error reading the Facility List Message", xe);
throw (throwException);
}
catch (InvalidOperationException ioe)
{
Exception throwException = new Exception("Error building DCinema Security Element", ioe);
throw (throwException);
}
catch (Exception e)
{
Exception throwException = new Exception("General Error building DCinema Security Element", e);
throw (throwException);
}
finally
{
memStream.Close();
}
#endregion
#region Sign the DCinemaSecurityMessage
try
{
SignETM(extraTheatreMessage, x509Certificate2);
RemoveSignatureObjects(extraTheatreMessage);
}
catch (Exception e)
{
Exception throwException = new Exception("General Error signing the DCinema Security Element", e);
throw (throwException);
}
#endregion
#region Update the Issuer
X509IssuerSerial issuerSerial = new X509IssuerSerial();
try
{
issuerSerial.IssuerName = x509Certificate2.IssuerName.Name;
issuerSerial.SerialNumber = x509Certificate2.SerialNumber;
extraTheatreMessage.AuthenticatedPublic.Signer = issuerSerial;
}
catch (Exception e)
{
Exception throwException = new Exception("General Error adding Issuer to DCinema Security Element", e);
throw (throwException);
}
#endregion
#region Write the Extra Theatre Message to xmlDocument
XmlDocument xmlDocument = null;
try
{
xmlSerializer = new XmlSerializer(extraTheatreMessage.GetType());
memStream = new MemoryStream();
xmlSerializer.Serialize(memStream, extraTheatreMessage);
memStream.Seek(0, System.IO.SeekOrigin.Begin);
xmlDocument = new XmlDocument();
xmlDocument.Load(memStream);
}
catch (XmlException xe)
{
Exception throwException = new Exception("Error reading the Facility List Message", xe);
throw (throwException);
}
catch (InvalidOperationException ioe)
{
Exception throwException = new Exception("Error building DCinema Security Element", ioe);
throw (throwException);
}
catch (Exception e)
{
Exception throwException = new Exception("General Error building DCinema Security Element", e);
throw (throwException);
}
finally
{
memStream.Close();
}
#endregion
return xmlDocument;
}
public void Decode (byte[] encodedMessage)
{
PKCS7.ContentInfo ci = new PKCS7.ContentInfo (encodedMessage);
if (ci.ContentType != PKCS7.Oid.signedData)
throw new Exception ("");
PKCS7.SignedData sd = new PKCS7.SignedData (ci.Content);
SubjectIdentifierType type = SubjectIdentifierType.Unknown;
object o = null;
X509Certificate2 x509 = null;
if (sd.SignerInfo.Certificate != null) {
x509 = new X509Certificate2 (sd.SignerInfo.Certificate.RawData);
}
else if ((sd.SignerInfo.IssuerName != null) && (sd.SignerInfo.SerialNumber != null)) {
byte[] serial = sd.SignerInfo.SerialNumber;
Array.Reverse (serial); // ???
type = SubjectIdentifierType.IssuerAndSerialNumber;
X509IssuerSerial xis = new X509IssuerSerial ();
xis.IssuerName = sd.SignerInfo.IssuerName;
xis.SerialNumber = ToString (serial, true);
o = xis;
// TODO: move to a FindCertificate (issuer, serial, collection)
foreach (Mono.Security.X509.X509Certificate x in sd.Certificates) {
if (x.IssuerName == sd.SignerInfo.IssuerName) {
if (ToString (x.SerialNumber, true) == xis.SerialNumber) {
x509 = new X509Certificate2 (x.RawData);
break;
}
}
}
}
else if (sd.SignerInfo.SubjectKeyIdentifier != null) {
string ski = ToString (sd.SignerInfo.SubjectKeyIdentifier, false);
type = SubjectIdentifierType.SubjectKeyIdentifier;
o = (object) ski;
// TODO: move to a FindCertificate (ski, collection)
foreach (Mono.Security.X509.X509Certificate x in sd.Certificates) {
if (ToString (GetKeyIdentifier (x), false) == ski) {
x509 = new X509Certificate2 (x.RawData);
break;
}
}
}
SignerInfo si = new SignerInfo (sd.SignerInfo.HashName, x509, type, o, sd.SignerInfo.Version);
// si.AuthenticatedAttributes
// si.UnauthenticatedAttributes
_info.Add (si);
ASN1 content = sd.ContentInfo.Content;
Oid oid = new Oid (sd.ContentInfo.ContentType);
_content = new ContentInfo (oid, content[0].Value);
foreach (Mono.Security.X509.X509Certificate x in sd.Certificates) {
_certs.Add (new X509Certificate2 (x.RawData));
}
_version = sd.Version;
}
