public SmartCardSignature(BaseSigner signer, X509Certificate2 certificate, String hashAlgorithm)
{
mSigner = signer;
this.certificate = certificate;
this.hashAlgorithm = DigestAlgorithms.GetDigest(DigestAlgorithms.GetAllowedDigests(hashAlgorithm));
encryptionAlgorithm = "RSA";
}
public byte[] signWithSmartCard(string terminal, ECertificate signatureCertificate, string pinCode, byte[] tobeSignBytes)
{
IBaseSmartCard smartCard = getSmartCard(terminal);
BaseSignedData bs = new BaseSignedData();
tr.gov.tubitak.uekae.esya.api.cmssignature.ISignable content = new SignableByteArray(tobeSignBytes);
bs.addContent(content);
//Since SigningTime attribute is optional,add it to optional attributes list
List <IAttribute> optionalAttributes = new List <IAttribute>();
optionalAttributes.Add(new SigningTimeAttr(DateTime.UtcNow));
Dictionary <string, object> params_ = new Dictionary <string, object>();
ValidationPolicy policy = getPolicy();
//necessary for certificate validation.By default,certificate validation is done
params_[EParameters.P_CERT_VALIDATION_POLICY] = policy;
//if the user does not want certificate validation,he can add
//P_VALIDATE_CERTIFICATE_BEFORE_SIGNING parameter with its value set to false
params_[EParameters.P_VALIDATE_CERTIFICATE_BEFORE_SIGNING] = false;
BaseSigner signer = getSigner(smartCard, pinCode, signatureCertificate);
bs.addSigner(ESignatureType.TYPE_BES, signatureCertificate, signer, optionalAttributes, params_);
smartCard.logout();
smartCard.closeSession();
return(bs.getEncoded());
}
public string createParalelSignature(string eReceteSourceFilePath)
{
string retSignedXmlPath = null;
//Load license from file
//LisansHelper.loadFreeLicenseBase64();
LisansHelper.loadLicense();
try
{
// create context with working dir
string currentDirectory = Directory.GetCurrentDirectory();
Context context = new Context(currentDirectory);
SignedDocument signatures = new SignedDocument(context);
//First Signature
XMLSignature signature1 = signatures.createSignature();
signature1.SigningTime = DateTime.Now;
signature1.addDocument(eReceteSourceFilePath, null, true);
KeyOrSmartCardSignManager keyOrSmartCardSignManager = KeyOrSmartCardSignManager.Instance;
ECertificate signingCert = keyOrSmartCardSignManager.getSigningCertificate();
bool validCertificate = isValidCertificate(signingCert);
if (!validCertificate)
{
MesajiIsle("İmza atılmak istenen sertifika geçerli değil." + Program.HataMesaji, 1);
return(null);
}
// add certificate to show who signed the document
signature1.addKeyInfo(signingCert);
BaseSigner smartCardSigner = keyOrSmartCardSignManager.getSigner(signingCert);
signature1.sign(smartCardSigner);
//Second Signature
XMLSignature signature2 = signatures.createSignature();
signature2.SigningTime = DateTime.Now;
signature2.addDocument(eReceteSourceFilePath, null, true);
signature2.addKeyInfo(signingCert);
signature2.sign(smartCardSigner);
FileInfo sourceFileInfo = new FileInfo(eReceteSourceFilePath);
string destDirPath = sourceFileInfo.Directory.FullName;
retSignedXmlPath = destDirPath + "/" + sourceFileInfo.Name.Replace(".xml", "_PARALEL.xsig");
FileStream signatureFileStream = new FileStream(retSignedXmlPath, FileMode.Create);
signatures.write(signatureFileStream);
signatureFileStream.Close();
return(retSignedXmlPath);
}
catch (XMLSignatureException exc)
{
// cant create signature
MesajiIsle("Hata Oluştu." + exc.Message, 1);
}
catch (Exception exc)
{
// probably couldn't write to the file
MesajiIsle("Hata Oluştu." + exc.Message, 1);
}
return(retSignedXmlPath);
}
BaseSigner getSigner(IBaseSmartCard bsc, String aCardPIN, ECertificate aCert)
{
if (mSigner == null)
{
bsc.login(aCardPIN);
mSigner = bsc.getSigner(aCert, Algorithms.SIGNATURE_RSA_SHA256);
}
return(mSigner);
}
public byte[] Sign(byte[] message)
{
Pair <long, CardType> pair = SmartOp.getSlotAndCardType(terminal);
P11SmartCard smartCard = new P11SmartCard(pair.getmObj2());
smartCard.openSession(pair.getmObj1());
smartCard.login(pin);
BaseSigner signer = smartCard.getSigner(cert, Algorithms.SIGNATURE_RSA_SHA256);
byte[] buffer = signer.sign(message);
smartCard.logout();
smartCard.closeSession();
return(buffer);
}
public string addSerialSignature(String signedEReceteFilePath)
{
LisansHelper.loadLicense();
String retSignedXmlPath = null;
try
{
//create context with working dir
string currentDirectory = Directory.GetCurrentDirectory();
Context context = new Context(currentDirectory);
XMLSignature signature = XMLSignature.parse(new FileDocument(new FileInfo(signedEReceteFilePath)), context);
// create counter signature
XMLSignature counterSignature = signature.createCounterSignature();
counterSignature.SigningTime = DateTime.Now;
// sign
// add certificate to show who signed the document
KeyOrSmartCardSignManager keyOrSmartCardSignManager = KeyOrSmartCardSignManager.Instance;
ECertificate signingCert = keyOrSmartCardSignManager.getSigningCertificate();
counterSignature.addKeyInfo(signingCert);
// now sign it by using smart card
// now sign it
BaseSigner baseSigner = keyOrSmartCardSignManager.getSigner(signingCert);
counterSignature.sign(baseSigner);
FileInfo sourceFileInfo = new FileInfo(signedEReceteFilePath);
string destDirPath = sourceFileInfo.Directory.FullName;
retSignedXmlPath = destDirPath + "/" + sourceFileInfo.Name.Replace(".xsig", "_Counter.xsig");
FileStream signatureFileStream = new FileStream(retSignedXmlPath, FileMode.Create);
signature.write(signatureFileStream);
signatureFileStream.Close();
}
catch (XMLSignatureException exc)
{
// cant create signature
MesajiIsle("Hata Oluştu." + exc.Message, 1);
}
catch (Exception exc)
{
// probably couldn't write to the file
MesajiIsle("Hata Oluştu." + exc.Message, 1);
}
return(retSignedXmlPath);
}
public BaseSigner getSigner(String aCardPIN, ECertificate aCert)
{
try
{
if (mSigner == null)
{
bsc.login(aCardPIN);
mSigner = bsc.getSigner(aCert, Algorithms.SIGNATURE_RSA_SHA256);
}
}
catch (PKCS11Exception e)
{
throw new SmartCardException("Pkcs11 exception - Detay bilgilere bakınız", e);
}
catch (Exception exc)
{
// probably couldn't write to the file
MesajiIsle("Hata Oluştu." + exc.Message, 1);
}
return(mSigner);
}
public BaseSigner getSigner(ECertificate signingCert)
{
if (useSmartCard)
{
string smartCardPin = Constants.SMART_CARD_PIN;
if (smartCardPin.Length == 0)
{
throw new Exception("Please define smart card password in Constants class.");
}
if (signingCert == null)
{
signingCert = getSigningCertificate();
}
BaseSigner smartCardSigner = smartCardManager.getSigner(smartCardPin, signingCert);
return(smartCardSigner);
}
else
{
return(pfxSigner);
}
return(null);
}
public string eReceteImzala(string eReceteSourceFilePath, string eReceteDestFilePath, string GelenXML, Boolean DosyayaYaz)
{
string retSignedXmlPath = null;
//Load license from file
//LisansHelper.loadFreeLicenseBase64();
//LisansHelper.loadFullTestLicense();
// LisansHelper.loadFreeLicense();
// LisansHelper.loadLicense();
try
{
// create context with working dir
string currentDirectory = Directory.GetCurrentDirectory();
Context context = new Context(currentDirectory);
// create signature according to context,
// with default type (XADES_BES)
XMLSignature signature = new XMLSignature(context);
signature.SigningTime = DateTime.Now;
if (GelenXML != "")
{
InMemoryDocument inMMDoc = new InMemoryDocument(System.Text.Encoding.UTF8.GetBytes(GelenXML), "", null, null);
signature.addDocument(inMMDoc);
}
else
{
// add document as reference, and keep BASE64 version of data
// in an <Object tag, in a way that reference points to
// that <Object
// (embed=true) null
signature.addDocument(eReceteSourceFilePath, "text/plain", true);
}
// bu kismin alternatifi TestEnvelopingSignature dosyasinda var
// if (Program.ParamTCKimlikNo != "")
if (Program.ParamOto == "1")
{
SmartCardManagerKimlikNodanSec smc = SmartCardManagerKimlikNodanSec.getInstance(0); // 0 server version
// sanirim smc nesnesi getInstance icinde uygun karta gore olusuyor... altta masaustu icin de uygula... 10.12.2015
if (Program.KartOkuyucuYok == 1)
{
return(null);
}
ECertificate signingCert = smc.getSignatureCertificate(true, false);
//İlk parameter Kart Pin
BaseSigner baseSigner = smc.getSigner(Program.PinKodu, signingCert); // "12345"
bool validCertificate = isValidCertificate(signingCert);
if (!validCertificate)
{
MesajiIsle("İmza atılmak istenen sertifika geçerli değil." + Program.HataMesaji, 1);
return(null);
}
// add certificate to show who signed the document
signature.addKeyInfo(signingCert);
//Signer Oluşturma
signature.sign(baseSigner);
}
else
{
// 1 desktop version
// imzalama oncesi kartta instance acma
SmartCardManagerKimlikNodanSec smc = SmartCardManagerKimlikNodanSec.getInstance(1); // 1 desktop version
// smc nesnesi getInstance icinde uygun karta gore olusacak
if (Program.KartOkuyucuYok == 1)
{
return(null);
}
ECertificate signingCert = smc.getSignatureCertificate(true, false);
//İlk parameter Kart Pin
BaseSigner baseSigner = smc.getSigner(Program.PinKodu, signingCert); // "12345"
if (baseSigner == null)
{
return(null);
}
bool validCertificate = isValidCertificate(signingCert);
if (!validCertificate)
{
MesajiIsle("İmza atılmak istenen sertifika geçerli değil." + Program.HataMesaji, 1);
return(null);
}
if (Program.SertifikaBilgisi != "Sertifika ve Sahiplik Bilgisi: " + signingCert.ToString())
{
if (Program.SertifikaBilgisi == "Sertifika ve Sahiplik Bilgisi: ")
{
MesajiIsle("Akıllı kartı, imza ekranına girmeden evvel takınız." + Program.HataMesaji, 1);
return(null);
}
MesajiIsle("Akıllı kart, imza ekranına girildikten sonra değiştirilmiş, işlemi kart değiştirmeden yapınız." + Program.HataMesaji, 1);
return(null);
}
// add certificate to show who signed the document
signature.addKeyInfo(signingCert);
//Signer Oluşturma
signature.sign(baseSigner);
// eski yontem
//if (Program.KartOkuyucuYok == 1) return null;
//ECertificate signingCert = smc.getSignatureCertificate(true, false);
//BaseSigner baseSigner = smc.getSigner(Program.PinKodu, signingCert); // "12345"
//bool validCertificate = isValidCertificate(signingCert);
//if (!validCertificate)
//{
// MesajiIsle("İmza atılmak istenen sertifika geçerli değil." + Program.HataMesaji, 1);
// return null;
//}
//// add certificate to show who signed the document
//signature.addKeyInfo(signingCert);
////Signer Oluşturma
//signature.sign(baseSigner);
}
//FileInfo sourceFileInfo = new FileInfo(eReceteSourceFilePath);
//string destDirPath = sourceFileInfo.Directory.FullName;
if (DosyayaYaz)
{
retSignedXmlPath = eReceteDestFilePath.Replace(".xml", ".xsig");
FileStream signatureFileStream = new FileStream(retSignedXmlPath, FileMode.Create);
signature.write(signatureFileStream);
signatureFileStream.Close();
// mesaji main'de button click sonundan buraya aldim
if (retSignedXmlPath != null)
{
// tBoxSignedERecetePath.Text = signedFilePath;
MesajiIsle(retSignedXmlPath + " konumunda imzalı E-Reçete oluşturuldu.", 0);
}
}
else
{
MesajiIsle("E-Reçete imza verisi hazır", 0);
}
// return retSignedXmlPath;
return(signature.Document.OuterXml);
}
catch (XMLSignatureRuntimeException exc)
{
// cant create signature
MesajiIsle("Hata Oluştu." + exc.Message, 1);
}
catch (XMLSignatureException exc)
{
// cant create signature
MesajiIsle("Hata Oluştu." + exc.Message, 1);
}
catch (Exception exc)
{
// probably couldn't write to the file
MesajiIsle("Hata Oluştu." + exc.Message, 1);
}
// return retSignedXmlPath;
return("");
}
public void logout()
{
mSigner = null;
bsc.logout();
}
public static bool createEnvelopedBes(string pinNo, string signXML, String outXML, bool bInTest)
{
bool res = false;
cardPinNo = pinNo;
TestEnvelopedSignatureInitialize();
try
{
// here is our custom envelope xml
// XmlDocument envelopeDoc = newEnvelope("edefter.xml");
XmlDocument envelopeDoc = Conn.newEnvelope(signXML);
XmlElement exts = (XmlElement)envelopeDoc.GetElementsByTagName("ext:UBLExtensions").Item(0);
XmlElement ext = (XmlElement)exts.GetElementsByTagName("ext:UBLExtension").Item(0);
XmlElement extContent = (XmlElement)ext.GetElementsByTagName("ext:ExtensionContent").Item(0);
UriBuilder ub = new UriBuilder(Conn.ROOT_DIR + "efatura\\config\\");
// create context with working dir
Context context = new Context(ub.Uri);
//UriBuilder ub2 = new UriBuilder(Conn.ROOT_DIR + "efatura\\config\\xmlsignature-config.xml");
context.Config = new Config(Conn.ROOT_DIR + "efatura\\config\\xmlsignature-config.xml");
// define where signature belongs to
context.Document = envelopeDoc;
// create signature according to context,
// with default type (XADES_BES)
XMLSignature signature = new XMLSignature(context, false);
String setID = "Signature_" + envelopeDoc.GetElementsByTagName("cbc:ID").Item(0).InnerText;
signature.Id = setID;
signature.SigningTime = DateTime.Now;
// attach signature to envelope
//envelopeDoc.DocumentElement.AppendChild(signature.Element);
extContent.AppendChild(signature.Element);
//add transforms for efatura
Transforms transforms = new Transforms(context);
transforms.addTransform(new Transform(context, TransformType.ENVELOPED.Url));
// add document as reference,
//signature.addDocument("#data1", "text/xml", false);
signature.addDocument("", "text/xml", transforms, DigestMethod.SHA_256, false);
ECertificate certificate = SmartCardManager.getInstance().getEInvoiceCertificate(cardPinNo);// getSignatureCertificate(true, false);
if (certificate.isMaliMuhurCertificate())
{
ValidationPolicy policy = new ValidationPolicy();
String policyPath = Conn.ROOT_DIR + "efatura\\config\\certval-policy-malimuhur.xml";
policy = PolicyReader.readValidationPolicy(policyPath);
ValidationSystem vs = CertificateValidation.createValidationSystem(policy);
context.setCertValidationSystem(vs);
}
else
{
ValidationPolicy policy = new ValidationPolicy();
String policyPath = Conn.ROOT_DIR + "efatura\\config\\certval-policy.xml";
policy = PolicyReader.readValidationPolicy(policyPath);
ValidationSystem vs = CertificateValidation.createValidationSystem(policy);
context.setCertValidationSystem(vs);
}
if (CertValidation.validateCertificate(certificate) || bInTest)
{
BaseSigner signer = SmartCardManager.getInstance().getSigner(cardPinNo, certificate);
X509Certificate2 msCert = certificate.asX509Certificate2();
signature.addKeyInfo(msCert.PublicKey.Key);
signature.addKeyInfo(certificate);
KeyInfo keyInfo = signature.createOrGetKeyInfo();
int elementCount = keyInfo.ElementCount;
for (int k = 0; k < elementCount; k++)
{
KeyInfoElement kiElement = keyInfo.get(k);
if (kiElement.GetType().IsAssignableFrom(typeof(X509Data)))
{
X509Data x509Data = (X509Data)kiElement;
X509SubjectName x509SubjectName = new X509SubjectName(context,
certificate.getSubject().stringValue());
x509Data.add(x509SubjectName);
break;
}
}
//signature.addKeyInfo(certificate);
signature.SignedInfo.CanonicalizationMethod = C14nMethod.EXCLUSIVE_WITH_COMMENTS;
signature.sign(signer);
// this time we dont use signature.write because we need to write
// whole document instead of signature
using (Stream s = new FileStream(outXML, FileMode.Create))
{
try
{
envelopeDoc.Save(s);
s.Flush();
s.Close();
res = true;
}
catch (Exception e)
{
res = false;
MessageBox.Show("Dosya kaydedilirken hata oluştu " + e.Message.ToString());
s.Close();
}
}
}
}
catch (Exception e)
{
res = false;
MessageBox.Show("Hata Oluştu \r\n" + e.Message.ToString());
}
return(res);
}
