public SmartCardSignature(BaseSigner signer, X509Certificate2 certificate, String hashAlgorithm) { mSigner = signer; this.certificate = certificate; this.hashAlgorithm = DigestAlgorithms.GetDigest(DigestAlgorithms.GetAllowedDigests(hashAlgorithm)); encryptionAlgorithm = "RSA"; }
public byte[] signWithSmartCard(string terminal, ECertificate signatureCertificate, string pinCode, byte[] tobeSignBytes) { IBaseSmartCard smartCard = getSmartCard(terminal); BaseSignedData bs = new BaseSignedData(); tr.gov.tubitak.uekae.esya.api.cmssignature.ISignable content = new SignableByteArray(tobeSignBytes); bs.addContent(content); //Since SigningTime attribute is optional,add it to optional attributes list List <IAttribute> optionalAttributes = new List <IAttribute>(); optionalAttributes.Add(new SigningTimeAttr(DateTime.UtcNow)); Dictionary <string, object> params_ = new Dictionary <string, object>(); ValidationPolicy policy = getPolicy(); //necessary for certificate validation.By default,certificate validation is done params_[EParameters.P_CERT_VALIDATION_POLICY] = policy; //if the user does not want certificate validation,he can add //P_VALIDATE_CERTIFICATE_BEFORE_SIGNING parameter with its value set to false params_[EParameters.P_VALIDATE_CERTIFICATE_BEFORE_SIGNING] = false; BaseSigner signer = getSigner(smartCard, pinCode, signatureCertificate); bs.addSigner(ESignatureType.TYPE_BES, signatureCertificate, signer, optionalAttributes, params_); smartCard.logout(); smartCard.closeSession(); return(bs.getEncoded()); }
public string createParalelSignature(string eReceteSourceFilePath) { string retSignedXmlPath = null; //Load license from file //LisansHelper.loadFreeLicenseBase64(); LisansHelper.loadLicense(); try { // create context with working dir string currentDirectory = Directory.GetCurrentDirectory(); Context context = new Context(currentDirectory); SignedDocument signatures = new SignedDocument(context); //First Signature XMLSignature signature1 = signatures.createSignature(); signature1.SigningTime = DateTime.Now; signature1.addDocument(eReceteSourceFilePath, null, true); KeyOrSmartCardSignManager keyOrSmartCardSignManager = KeyOrSmartCardSignManager.Instance; ECertificate signingCert = keyOrSmartCardSignManager.getSigningCertificate(); bool validCertificate = isValidCertificate(signingCert); if (!validCertificate) { MesajiIsle("İmza atılmak istenen sertifika geçerli değil." + Program.HataMesaji, 1); return(null); } // add certificate to show who signed the document signature1.addKeyInfo(signingCert); BaseSigner smartCardSigner = keyOrSmartCardSignManager.getSigner(signingCert); signature1.sign(smartCardSigner); //Second Signature XMLSignature signature2 = signatures.createSignature(); signature2.SigningTime = DateTime.Now; signature2.addDocument(eReceteSourceFilePath, null, true); signature2.addKeyInfo(signingCert); signature2.sign(smartCardSigner); FileInfo sourceFileInfo = new FileInfo(eReceteSourceFilePath); string destDirPath = sourceFileInfo.Directory.FullName; retSignedXmlPath = destDirPath + "/" + sourceFileInfo.Name.Replace(".xml", "_PARALEL.xsig"); FileStream signatureFileStream = new FileStream(retSignedXmlPath, FileMode.Create); signatures.write(signatureFileStream); signatureFileStream.Close(); return(retSignedXmlPath); } catch (XMLSignatureException exc) { // cant create signature MesajiIsle("Hata Oluştu." + exc.Message, 1); } catch (Exception exc) { // probably couldn't write to the file MesajiIsle("Hata Oluştu." + exc.Message, 1); } return(retSignedXmlPath); }
BaseSigner getSigner(IBaseSmartCard bsc, String aCardPIN, ECertificate aCert) { if (mSigner == null) { bsc.login(aCardPIN); mSigner = bsc.getSigner(aCert, Algorithms.SIGNATURE_RSA_SHA256); } return(mSigner); }
public byte[] Sign(byte[] message) { Pair <long, CardType> pair = SmartOp.getSlotAndCardType(terminal); P11SmartCard smartCard = new P11SmartCard(pair.getmObj2()); smartCard.openSession(pair.getmObj1()); smartCard.login(pin); BaseSigner signer = smartCard.getSigner(cert, Algorithms.SIGNATURE_RSA_SHA256); byte[] buffer = signer.sign(message); smartCard.logout(); smartCard.closeSession(); return(buffer); }
public string addSerialSignature(String signedEReceteFilePath) { LisansHelper.loadLicense(); String retSignedXmlPath = null; try { //create context with working dir string currentDirectory = Directory.GetCurrentDirectory(); Context context = new Context(currentDirectory); XMLSignature signature = XMLSignature.parse(new FileDocument(new FileInfo(signedEReceteFilePath)), context); // create counter signature XMLSignature counterSignature = signature.createCounterSignature(); counterSignature.SigningTime = DateTime.Now; // sign // add certificate to show who signed the document KeyOrSmartCardSignManager keyOrSmartCardSignManager = KeyOrSmartCardSignManager.Instance; ECertificate signingCert = keyOrSmartCardSignManager.getSigningCertificate(); counterSignature.addKeyInfo(signingCert); // now sign it by using smart card // now sign it BaseSigner baseSigner = keyOrSmartCardSignManager.getSigner(signingCert); counterSignature.sign(baseSigner); FileInfo sourceFileInfo = new FileInfo(signedEReceteFilePath); string destDirPath = sourceFileInfo.Directory.FullName; retSignedXmlPath = destDirPath + "/" + sourceFileInfo.Name.Replace(".xsig", "_Counter.xsig"); FileStream signatureFileStream = new FileStream(retSignedXmlPath, FileMode.Create); signature.write(signatureFileStream); signatureFileStream.Close(); } catch (XMLSignatureException exc) { // cant create signature MesajiIsle("Hata Oluştu." + exc.Message, 1); } catch (Exception exc) { // probably couldn't write to the file MesajiIsle("Hata Oluştu." + exc.Message, 1); } return(retSignedXmlPath); }
public BaseSigner getSigner(String aCardPIN, ECertificate aCert) { try { if (mSigner == null) { bsc.login(aCardPIN); mSigner = bsc.getSigner(aCert, Algorithms.SIGNATURE_RSA_SHA256); } } catch (PKCS11Exception e) { throw new SmartCardException("Pkcs11 exception - Detay bilgilere bakınız", e); } catch (Exception exc) { // probably couldn't write to the file MesajiIsle("Hata Oluştu." + exc.Message, 1); } return(mSigner); }
public BaseSigner getSigner(ECertificate signingCert) { if (useSmartCard) { string smartCardPin = Constants.SMART_CARD_PIN; if (smartCardPin.Length == 0) { throw new Exception("Please define smart card password in Constants class."); } if (signingCert == null) { signingCert = getSigningCertificate(); } BaseSigner smartCardSigner = smartCardManager.getSigner(smartCardPin, signingCert); return(smartCardSigner); } else { return(pfxSigner); } return(null); }
public string eReceteImzala(string eReceteSourceFilePath, string eReceteDestFilePath, string GelenXML, Boolean DosyayaYaz) { string retSignedXmlPath = null; //Load license from file //LisansHelper.loadFreeLicenseBase64(); //LisansHelper.loadFullTestLicense(); // LisansHelper.loadFreeLicense(); // LisansHelper.loadLicense(); try { // create context with working dir string currentDirectory = Directory.GetCurrentDirectory(); Context context = new Context(currentDirectory); // create signature according to context, // with default type (XADES_BES) XMLSignature signature = new XMLSignature(context); signature.SigningTime = DateTime.Now; if (GelenXML != "") { InMemoryDocument inMMDoc = new InMemoryDocument(System.Text.Encoding.UTF8.GetBytes(GelenXML), "", null, null); signature.addDocument(inMMDoc); } else { // add document as reference, and keep BASE64 version of data // in an <Object tag, in a way that reference points to // that <Object // (embed=true) null signature.addDocument(eReceteSourceFilePath, "text/plain", true); } // bu kismin alternatifi TestEnvelopingSignature dosyasinda var // if (Program.ParamTCKimlikNo != "") if (Program.ParamOto == "1") { SmartCardManagerKimlikNodanSec smc = SmartCardManagerKimlikNodanSec.getInstance(0); // 0 server version // sanirim smc nesnesi getInstance icinde uygun karta gore olusuyor... altta masaustu icin de uygula... 10.12.2015 if (Program.KartOkuyucuYok == 1) { return(null); } ECertificate signingCert = smc.getSignatureCertificate(true, false); //İlk parameter Kart Pin BaseSigner baseSigner = smc.getSigner(Program.PinKodu, signingCert); // "12345" bool validCertificate = isValidCertificate(signingCert); if (!validCertificate) { MesajiIsle("İmza atılmak istenen sertifika geçerli değil." + Program.HataMesaji, 1); return(null); } // add certificate to show who signed the document signature.addKeyInfo(signingCert); //Signer Oluşturma signature.sign(baseSigner); } else { // 1 desktop version // imzalama oncesi kartta instance acma SmartCardManagerKimlikNodanSec smc = SmartCardManagerKimlikNodanSec.getInstance(1); // 1 desktop version // smc nesnesi getInstance icinde uygun karta gore olusacak if (Program.KartOkuyucuYok == 1) { return(null); } ECertificate signingCert = smc.getSignatureCertificate(true, false); //İlk parameter Kart Pin BaseSigner baseSigner = smc.getSigner(Program.PinKodu, signingCert); // "12345" if (baseSigner == null) { return(null); } bool validCertificate = isValidCertificate(signingCert); if (!validCertificate) { MesajiIsle("İmza atılmak istenen sertifika geçerli değil." + Program.HataMesaji, 1); return(null); } if (Program.SertifikaBilgisi != "Sertifika ve Sahiplik Bilgisi: " + signingCert.ToString()) { if (Program.SertifikaBilgisi == "Sertifika ve Sahiplik Bilgisi: ") { MesajiIsle("Akıllı kartı, imza ekranına girmeden evvel takınız." + Program.HataMesaji, 1); return(null); } MesajiIsle("Akıllı kart, imza ekranına girildikten sonra değiştirilmiş, işlemi kart değiştirmeden yapınız." + Program.HataMesaji, 1); return(null); } // add certificate to show who signed the document signature.addKeyInfo(signingCert); //Signer Oluşturma signature.sign(baseSigner); // eski yontem //if (Program.KartOkuyucuYok == 1) return null; //ECertificate signingCert = smc.getSignatureCertificate(true, false); //BaseSigner baseSigner = smc.getSigner(Program.PinKodu, signingCert); // "12345" //bool validCertificate = isValidCertificate(signingCert); //if (!validCertificate) //{ // MesajiIsle("İmza atılmak istenen sertifika geçerli değil." + Program.HataMesaji, 1); // return null; //} //// add certificate to show who signed the document //signature.addKeyInfo(signingCert); ////Signer Oluşturma //signature.sign(baseSigner); } //FileInfo sourceFileInfo = new FileInfo(eReceteSourceFilePath); //string destDirPath = sourceFileInfo.Directory.FullName; if (DosyayaYaz) { retSignedXmlPath = eReceteDestFilePath.Replace(".xml", ".xsig"); FileStream signatureFileStream = new FileStream(retSignedXmlPath, FileMode.Create); signature.write(signatureFileStream); signatureFileStream.Close(); // mesaji main'de button click sonundan buraya aldim if (retSignedXmlPath != null) { // tBoxSignedERecetePath.Text = signedFilePath; MesajiIsle(retSignedXmlPath + " konumunda imzalı E-Reçete oluşturuldu.", 0); } } else { MesajiIsle("E-Reçete imza verisi hazır", 0); } // return retSignedXmlPath; return(signature.Document.OuterXml); } catch (XMLSignatureRuntimeException exc) { // cant create signature MesajiIsle("Hata Oluştu." + exc.Message, 1); } catch (XMLSignatureException exc) { // cant create signature MesajiIsle("Hata Oluştu." + exc.Message, 1); } catch (Exception exc) { // probably couldn't write to the file MesajiIsle("Hata Oluştu." + exc.Message, 1); } // return retSignedXmlPath; return(""); }
public void logout() { mSigner = null; bsc.logout(); }
public static bool createEnvelopedBes(string pinNo, string signXML, String outXML, bool bInTest) { bool res = false; cardPinNo = pinNo; TestEnvelopedSignatureInitialize(); try { // here is our custom envelope xml // XmlDocument envelopeDoc = newEnvelope("edefter.xml"); XmlDocument envelopeDoc = Conn.newEnvelope(signXML); XmlElement exts = (XmlElement)envelopeDoc.GetElementsByTagName("ext:UBLExtensions").Item(0); XmlElement ext = (XmlElement)exts.GetElementsByTagName("ext:UBLExtension").Item(0); XmlElement extContent = (XmlElement)ext.GetElementsByTagName("ext:ExtensionContent").Item(0); UriBuilder ub = new UriBuilder(Conn.ROOT_DIR + "efatura\\config\\"); // create context with working dir Context context = new Context(ub.Uri); //UriBuilder ub2 = new UriBuilder(Conn.ROOT_DIR + "efatura\\config\\xmlsignature-config.xml"); context.Config = new Config(Conn.ROOT_DIR + "efatura\\config\\xmlsignature-config.xml"); // define where signature belongs to context.Document = envelopeDoc; // create signature according to context, // with default type (XADES_BES) XMLSignature signature = new XMLSignature(context, false); String setID = "Signature_" + envelopeDoc.GetElementsByTagName("cbc:ID").Item(0).InnerText; signature.Id = setID; signature.SigningTime = DateTime.Now; // attach signature to envelope //envelopeDoc.DocumentElement.AppendChild(signature.Element); extContent.AppendChild(signature.Element); //add transforms for efatura Transforms transforms = new Transforms(context); transforms.addTransform(new Transform(context, TransformType.ENVELOPED.Url)); // add document as reference, //signature.addDocument("#data1", "text/xml", false); signature.addDocument("", "text/xml", transforms, DigestMethod.SHA_256, false); ECertificate certificate = SmartCardManager.getInstance().getEInvoiceCertificate(cardPinNo);// getSignatureCertificate(true, false); if (certificate.isMaliMuhurCertificate()) { ValidationPolicy policy = new ValidationPolicy(); String policyPath = Conn.ROOT_DIR + "efatura\\config\\certval-policy-malimuhur.xml"; policy = PolicyReader.readValidationPolicy(policyPath); ValidationSystem vs = CertificateValidation.createValidationSystem(policy); context.setCertValidationSystem(vs); } else { ValidationPolicy policy = new ValidationPolicy(); String policyPath = Conn.ROOT_DIR + "efatura\\config\\certval-policy.xml"; policy = PolicyReader.readValidationPolicy(policyPath); ValidationSystem vs = CertificateValidation.createValidationSystem(policy); context.setCertValidationSystem(vs); } if (CertValidation.validateCertificate(certificate) || bInTest) { BaseSigner signer = SmartCardManager.getInstance().getSigner(cardPinNo, certificate); X509Certificate2 msCert = certificate.asX509Certificate2(); signature.addKeyInfo(msCert.PublicKey.Key); signature.addKeyInfo(certificate); KeyInfo keyInfo = signature.createOrGetKeyInfo(); int elementCount = keyInfo.ElementCount; for (int k = 0; k < elementCount; k++) { KeyInfoElement kiElement = keyInfo.get(k); if (kiElement.GetType().IsAssignableFrom(typeof(X509Data))) { X509Data x509Data = (X509Data)kiElement; X509SubjectName x509SubjectName = new X509SubjectName(context, certificate.getSubject().stringValue()); x509Data.add(x509SubjectName); break; } } //signature.addKeyInfo(certificate); signature.SignedInfo.CanonicalizationMethod = C14nMethod.EXCLUSIVE_WITH_COMMENTS; signature.sign(signer); // this time we dont use signature.write because we need to write // whole document instead of signature using (Stream s = new FileStream(outXML, FileMode.Create)) { try { envelopeDoc.Save(s); s.Flush(); s.Close(); res = true; } catch (Exception e) { res = false; MessageBox.Show("Dosya kaydedilirken hata oluştu " + e.Message.ToString()); s.Close(); } } } } catch (Exception e) { res = false; MessageBox.Show("Hata Oluştu \r\n" + e.Message.ToString()); } return(res); }