public static SignStrategy ForAS4Message(AS4Message as4Message, CalculateSignatureConfig config)
{
return(new SignStrategy(
as4Message,
as4Message.EnvelopeDocument ?? AS4XmlSerializer.ToSoapEnvelopeDocument(as4Message, CancellationToken.None),
config));
}
/// <summary>
/// Sign the <see cref="AS4Message" />
/// </summary>
/// <param name="messagingContext"></param>
/// <returns></returns>
public async Task <StepResult> ExecuteAsync(MessagingContext messagingContext)
{
if (messagingContext == null)
{
throw new ArgumentNullException(nameof(messagingContext));
}
if (messagingContext.AS4Message == null)
{
throw new InvalidOperationException(
$"{nameof(SignAS4MessageStep)} requires an AS4Message to sign but no AS4Message is present in the MessagingContext");
}
if (messagingContext.AS4Message.IsEmpty)
{
Logger.Debug("No signing will be performed on the message because it's empty");
return(await StepResult.SuccessAsync(messagingContext));
}
Signing signInfo = RetrieveSigningInformation(
messagingContext.AS4Message,
messagingContext.SendingPMode,
messagingContext.ReceivingPMode);
if (signInfo == null)
{
Logger.Trace("No signing will be performend on the message because no signing information was found in either Sending or Receiving PMode");
return(await StepResult.SuccessAsync(messagingContext));
}
if (signInfo.IsEnabled == false)
{
Logger.Trace("No signing will be performend on the message because the PMode siging information is disabled");
return(await StepResult.SuccessAsync(messagingContext));
}
Logger.Info($"(Outbound)[{messagingContext.AS4Message.GetPrimaryMessageId()}] Sign AS4Message with given signing information of the PMode");
X509Certificate2 certificate = RetrieveCertificate(signInfo);
var settings =
new CalculateSignatureConfig(
signingCertificate: certificate,
referenceTokenType: signInfo.KeyReferenceMethod,
signingAlgorithm: signInfo.Algorithm,
hashFunction: signInfo.HashFunction);
SignAS4Message(settings, messagingContext.AS4Message);
JournalLogEntry logEntry = JournalLogEntry.CreateFrom(
messagingContext.AS4Message,
$"Signed with certificate {settings.SigningCertificate.FriendlyName} and reference {settings.ReferenceTokenType} "
+ $"using algorithm {settings.SigningAlgorithm} and hash {settings.HashFunction}");
return(await StepResult
.Success(messagingContext)
.WithJournalAsync(logEntry));
}
/// <summary>
/// Digitally signs the AS4Message using the given <paramref name="signatureConfiguration"/>
/// </summary>
/// <param name="signatureConfiguration"></param>
public void Sign(CalculateSignatureConfig signatureConfiguration)
{
if (signatureConfiguration == null)
{
throw new ArgumentNullException(nameof(signatureConfiguration));
}
SignStrategy signingStrategy = SignStrategy.ForAS4Message(this, signatureConfiguration);
SecurityHeader.Sign(signingStrategy);
}
public static AS4Message SignWithCertificate(AS4Message message, X509Certificate2 certificate)
{
var config = new CalculateSignatureConfig(certificate,
X509ReferenceType.BSTReference,
Constants.SignAlgorithms.Sha256,
Constants.HashFunctions.Sha256);
message.Sign(config);
return(message);
}
private static SignStrategy CreateSignStrategyForSigning()
{
var signingId = new SigningId("header-id", "body-id");
AS4Message as4Message = AS4Message.Empty;
as4Message.SigningId = signingId;
var signingConfig = new CalculateSignatureConfig(new StubCertificateRepository().GetStubCertificate(),
X509ReferenceType.BSTReference, Constants.SignAlgorithms.Sha256, Constants.HashFunctions.Sha256);
return(SignStrategy.ForAS4Message(as4Message, signingConfig));
}
private string SaveAS4MessageUnit(MessageUnit unit, bool signed)
{
AS4Message as4Message = AS4Message.Create(unit);
if (signed)
{
var config = new CalculateSignatureConfig(
new X509Certificate2(
holodeck_partya_certificate,
certificate_password,
X509KeyStorageFlags.Exportable));
as4Message.Sign(config);
}
return(_bodyStore.SaveAS4Message("not used location", as4Message));
}
private static void SignAS4Message(CalculateSignatureConfig settings, AS4Message message)
{
try
{
message.Sign(settings);
}
catch (Exception exception)
{
Logger.Error(exception.Message);
if (exception.InnerException != null)
{
Logger.Error(exception.InnerException.Message);
}
Logger.Trace(exception.StackTrace);
throw;
}
}
private static AS4Message SignAS4MessageWithPullRequestCert(AS4Message message)
{
var certificate =
new X509Certificate2(
@".\samples\certificates\AccessPointA.pfx",
"Pz4cZK4SULUwmraZa",
X509KeyStorageFlags.Exportable);
var config = new CalculateSignatureConfig(certificate,
X509ReferenceType.BSTReference,
Constants.SignAlgorithms.Sha256,
Constants.HashFunctions.Sha256);
message.SecurityHeader.Sign(
SignStrategy.ForAS4Message(message, config));
return(message);
}
private SignStrategy(AS4Message message, XmlDocument soapEnvelope, CalculateSignatureConfig config)
: base(soapEnvelope)
{
_as4Message = message;
_config = config;
}
