public string AddSignature(string xml)
{
_logger.Log("signing xml...");
var xmlDoc = new XmlDocument {
PreserveWhitespace = true
};
xmlDoc.LoadXml(xml);
var certificate = _configuration.MerchantCertificate;
XmlSignature.Sign(ref xmlDoc, certificate, xmlDoc.DocumentElement);
var stringWriter = new StringWriter();
var xmlTextWriter = XmlWriter.Create(stringWriter);
xmlDoc.WriteTo(xmlTextWriter);
xmlTextWriter.Flush();
xml = stringWriter.GetStringBuilder().ToString();
return(xml);
}
internal BankIdSignature(IConfiguration configuration)
{
XmlSignature.RegisterSignatureAlghorighm();
_logger = configuration.GetLogger();
}
/// <summary>
/// Tries to verify the specified XML text signature.
/// </summary>
/// <param name="xmlText">The XML text.</param>
/// <param name="elementName">The name of the element signature to be verified.</param>
/// <param name="elementNamespace">The namespace of the element signature to be verified.</param>
/// <param name="isValidSignature">True if the signature is valid and placed properly, false otherwise.</param>
/// <returns>True if the verifying was possible, false otherwise.</returns>
public bool TryVerifyElement(string xmlText, string elementName, string elementNamespace, out bool isValidSignature)
{
_logger.Log("Debug: TryVerifyElement, xml={0}, elname={1}", xmlText, elementName);
isValidSignature = false;
if (string.IsNullOrEmpty(elementName))
{
_logger.Log("Debug: The element name is empty. There is no element to verify the signature for.");
return(false);
}
var xmlDoc = new XmlDocument {
PreserveWhitespace = true
};
xmlDoc.LoadXml(xmlText);
var elements = xmlDoc.GetElementsByTagName(elementName, elementNamespace);
if (elements.Count == 0)
{
_logger.Log("Debug: Cannot verify the signature of the '{0}' element. No '{0}' element was found in the document.", elementName);
return(false);
}
// not eligible to have signature
if (!IsEligibleForBankIdSignature(xmlDoc))
{
throw new CommunicatorException("Response should not have a BankId signature.");
}
var elementToSign = elements[0] as XmlElement;
var xmlElementDoc = new XmlDocument {
PreserveWhitespace = true
};
Debug.Assert(elementToSign != null, "elementToSign != null");
xmlElementDoc.LoadXml(elementToSign.OuterXml);
// the signature should have been placed inside the 'Assertion' element (more specific, right after the <Issuer> element)
var element = GetBankIdSignatureElement(xmlElementDoc.DocumentElement);
if (element == null)
{
_logger.Log("Debug: No 'Signature' element was found in the document at the expected location.", elementName);
return(false);
}
var keyInfo = XmlSignature.GetElementUnderRoot(element, "KeyInfo");
var x509Data = XmlSignature.GetElementUnderRoot(keyInfo as XmlElement, "X509Data");
var x509Certificate = XmlSignature.GetElementUnderRoot(x509Data as XmlElement, "X509Certificate");
var certificate = Convert.FromBase64String(x509Certificate.InnerText);
var cert = new X509Certificate2(certificate);
isValidSignature = XmlSignature.CheckSignature(xmlElementDoc, cert, GetBankIdSignatureElement(xmlElementDoc.DocumentElement));
_logger.Log("Debug: TryVerifyElement, isvalid={0}", isValidSignature);
return(true);
}
private static XmlElement GetBankIdSignatureElement(XmlElement xmlElement)
{
var signatureElement = XmlSignature.GetElementUnderRoot(xmlElement, "Signature", "http://www.w3.org/2000/09/xmldsig#") as XmlElement;
return(signatureElement);
}
