C# (CSharp) DB.SoapLibrary.WSSecurity SignedXmlWithId примеры использования

Пример #1

Файл: SignXml.cs Проект: marktopper/MobilePay-AppSwitch-1

        public void ValidateSignature(XmlDocument xmlDoc)
        {
            X509Certificate2         cert           = _certificateStore.DBSignatureCertificate();
            RSACryptoServiceProvider rsaSignChecker = (RSACryptoServiceProvider)cert.PublicKey.Key;

            SignedXmlWithId signedXml = new SignedXmlWithId(xmlDoc);

            var signatureNodes = xmlDoc.GetElementsByTagName("Signature");

            if (signatureNodes.Count != 1)
            {
                throw new SignatureVerificationFailedException("Response message does not contain a signature");
            }

            var signature = signatureNodes[0] as XmlElement;

            signedXml.LoadXml(signature);

            if (signedXml.CheckSignature(rsaSignChecker) == false)
            {
                throw new SignatureVerificationFailedException("Signature in response message could not be varified");
            }
        }

Пример #2

Файл: SignXml.cs Проект: marktopper/MobilePay-AppSwitch-1

        public void AddSignature(XmlDocument xmlDoc, string elementTag)
        {
            Algorithm algorithm = _soapEnvelopeConfiguration.ApplyElement(Direction.Outgoing, Usage.Signature).Algorithm;

            if (algorithm != Algorithm.RSASHA1)
            {
                throw new InvalidOperationException("Signature could not be created, only RSASHA1 is supported currently");
            }

            X509Certificate2 cert = _certificateStore.ClientSignatureCertificate();

            var signedXml = new SignedXmlWithId(xmlDoc)
            {
                SigningKey = cert.PrivateKey
            };

            // Specify a canonicalization method.
            signedXml.SignedInfo.CanonicalizationMethod = SignedXml.XmlDsigExcC14NTransformUrl;

            // Set the InclusiveNamespacesPrefixList property.
            XmlDsigExcC14NTransform canMethod = (XmlDsigExcC14NTransform)signedXml.SignedInfo.CanonicalizationMethodObject;

            canMethod.InclusiveNamespacesPrefixList = "oas sec ser s";

            // Create securitytoken from certificate
            SecurityToken securityToken = new X509SecurityToken(cert);

            // Create key info
            KeyInfo keyInfo = new KeyInfo();

            keyInfo.AddClause(new SecurityTokenReference(securityToken, SecurityTokenReference.SerializationOptions.Reference));
            signedXml.KeyInfo = keyInfo;

            // Create a reference to be signed.
            Reference reference = new Reference {
                Uri = elementTag ?? ""
            };

            // Add an enveloped transformation to the reference.
            var xmlDsigExcC14NTransform = new XmlDsigExcC14NTransform();

            xmlDsigExcC14NTransform.InclusiveNamespacesPrefixList = "wsu oas sec ser s";
            reference.AddTransform(xmlDsigExcC14NTransform);

            // Add the reference to the SignedXml object.
            signedXml.AddReference(reference);

            // Compute the signature.
            signedXml.ComputeSignature();

            // Get the XML representation of the signature and save
            // it to an XmlElement object.
            XmlElement xmlDigitalSignature = signedXml.GetXml();

            // Append the element to the XML document.
            XmlElement headerElement = xmlDoc.GetElementsByTagName("Security", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd")[0] as XmlElement;

            headerElement.AppendChild(xmlDoc.ImportNode(securityToken.GetXml(new XmlDocument()), true));
            headerElement.AppendChild(xmlDoc.ImportNode(xmlDigitalSignature, true));

            if (xmlDoc.FirstChild is XmlDeclaration)
            {
                xmlDoc.RemoveChild(xmlDoc.FirstChild);
            }
        }