private void init(string aPfxFilePath, string aPassword) { FileStream fin = new FileStream(aPfxFilePath, FileMode.Open, FileAccess.Read); Pkcs12StoreBuilder storeBuilder = new Pkcs12StoreBuilder(); Pkcs12Store pkcs12Store = storeBuilder.Build(); pkcs12Store.Load(fin, aPassword.ToCharArray()); fin.Close(); IEnumerable aliases = pkcs12Store.Aliases; IEnumerator aliasesEnumerator = aliases.GetEnumerator(); while (aliasesEnumerator.MoveNext()) { string alias = (string)aliasesEnumerator.Current; signingBouncyCert = pkcs12Store.GetCertificate(alias); X509Certificate x509Certificate = signingBouncyCert.Certificate; ECertificate cert = new ECertificate(x509Certificate.GetEncoded()); EKeyUsage eKeyUsage = cert.getExtensions().getKeyUsage(); bool isDigitalSignature = eKeyUsage.isDigitalSignature(); if (isDigitalSignature) { signingBouncyKeyEntry = pkcs12Store.GetKey(alias); signingCertificate = cert; break; } } }
public bool isValidCertificate(ECertificate certificate) { try { ValidationPolicy validationPolicy = CertValidationPolicyManager.getInstance().getValidationPolicy(); ValidationSystem vs = CertificateValidation.createValidationSystem(validationPolicy); vs.setBaseValidationTime(DateTime.UtcNow); CertificateStatusInfo csi = CertificateValidation.validateCertificate(vs, certificate); CertificateStatus certificateStatus = csi.getCertificateStatus(); string statusText = certificateStatus.textAl(); //System.Console.WriteLine("Doğrulama Sonucu"); //System.Console.WriteLine(statusText); //System.Console.WriteLine(csi.checkResultsToString()); //System.Console.WriteLine(csi.getDetailedMessage()); Program.HataMesaji = "\n\r" + csi.checkResultsToString() + "\n\r" + csi.getDetailedMessage(); return(certificateStatus == CertificateStatus.VALID); } catch (Exception exc) { // System.Console.WriteLine(exc.Message); Program.HataMesaji = exc.Message; return(false); } }
public byte[] signWithPfxFile(string pfxFile, string pinCode, byte[] tobeSignBytes) { BaseSignedData bs = new BaseSignedData(); tr.gov.tubitak.uekae.esya.api.cmssignature.ISignable content = new SignableByteArray(tobeSignBytes); bs.addContent(content); //Since SigningTime attribute is optional,add it to optional attributes list List <IAttribute> optionalAttributes = new List <IAttribute>(); optionalAttributes.Add(new SigningTimeAttr(DateTime.UtcNow)); Dictionary <string, object> params_ = new Dictionary <string, object>(); ValidationPolicy policy = getPolicy(); //necessary for certificate validation.By default,certificate validation is done params_[EParameters.P_CERT_VALIDATION_POLICY] = policy; //if the user does not want certificate validation,he can add //P_VALIDATE_CERTIFICATE_BEFORE_SIGNING parameter with its value set to false params_[EParameters.P_VALIDATE_CERTIFICATE_BEFORE_SIGNING] = false; PfxSigner signer = new PfxSigner(SignatureAlg.RSA_SHA256.getName(), pfxFile, pinCode); ECertificate signatureCertificate = signer.getSignersCertificate(); bs.addSigner(ESignatureType.TYPE_BES, signatureCertificate, signer, optionalAttributes, params_); return(bs.getEncoded()); }
public bool KartveOkuyucuKontrol() { // ilk giriste terminal sayisini degiskene kaydet, sertifikayi goster ve degiskene kaydet String[] terminals = SmartOp.getCardTerminals(); Program.TerminalSayisi = terminals.Length; if (terminals == null || terminals.Length == 0) { MesajiIsle("Kart takılı bir kart okuyucu bulunamadı. E-İmza programına girmeden evvel imza için kullanacağınız kartı takmalısınız.", 1); // eskiden bundan sonra cikartmiyordum, eimza kısmında kart değiştigi veya sonradan takıldığı ortaya cikiyordu. // orada uyari alip cikiyordu (karti programa girdikten sonra degistirmeyin veya onceden takiniz gibi...) // Bir tus konulup kartlari Oku diye girdikten sonra manuel olarak kart bilgisi almasi saglanabilir ama gerekli oldugunu sanmiyorum. //MessageBox.Show("Kart takılı kart okuyucu bulunamadı", "", MessageBoxButtons.OK, // System.Windows.Forms.MessageBoxIcon.Error, // System.Windows.Forms.MessageBoxDefaultButton.Button1, MessageBoxOptions.DefaultDesktopOnly); return(false); // throw new SmartCardException("Kart takılı kart okuyucu bulunamadı"); } SmartCardManager scmgr = SmartCardManager.getInstance(); { ECertificate signingCert = scmgr.getSignatureCertificate(true, false); lbSertifikaSahibi.Text = "Sertifika ve Sahiplik Bilgisi: " + signingCert.ToString(); Program.SertifikaBilgisi = "Sertifika ve Sahiplik Bilgisi: " + signingCert.ToString(); //lbTCKimlikNo.Text = TerminalSayisi } return(true); }
public string createParalelSignature(string eReceteSourceFilePath) { string retSignedXmlPath = null; //Load license from file //LisansHelper.loadFreeLicenseBase64(); LisansHelper.loadLicense(); try { // create context with working dir string currentDirectory = Directory.GetCurrentDirectory(); Context context = new Context(currentDirectory); SignedDocument signatures = new SignedDocument(context); //First Signature XMLSignature signature1 = signatures.createSignature(); signature1.SigningTime = DateTime.Now; signature1.addDocument(eReceteSourceFilePath, null, true); KeyOrSmartCardSignManager keyOrSmartCardSignManager = KeyOrSmartCardSignManager.Instance; ECertificate signingCert = keyOrSmartCardSignManager.getSigningCertificate(); bool validCertificate = isValidCertificate(signingCert); if (!validCertificate) { MesajiIsle("İmza atılmak istenen sertifika geçerli değil." + Program.HataMesaji, 1); return(null); } // add certificate to show who signed the document signature1.addKeyInfo(signingCert); BaseSigner smartCardSigner = keyOrSmartCardSignManager.getSigner(signingCert); signature1.sign(smartCardSigner); //Second Signature XMLSignature signature2 = signatures.createSignature(); signature2.SigningTime = DateTime.Now; signature2.addDocument(eReceteSourceFilePath, null, true); signature2.addKeyInfo(signingCert); signature2.sign(smartCardSigner); FileInfo sourceFileInfo = new FileInfo(eReceteSourceFilePath); string destDirPath = sourceFileInfo.Directory.FullName; retSignedXmlPath = destDirPath + "/" + sourceFileInfo.Name.Replace(".xml", "_PARALEL.xsig"); FileStream signatureFileStream = new FileStream(retSignedXmlPath, FileMode.Create); signatures.write(signatureFileStream); signatureFileStream.Close(); return(retSignedXmlPath); } catch (XMLSignatureException exc) { // cant create signature MesajiIsle("Hata Oluştu." + exc.Message, 1); } catch (Exception exc) { // probably couldn't write to the file MesajiIsle("Hata Oluştu." + exc.Message, 1); } return(retSignedXmlPath); }
public ECertificate getEncryptionCertificate(bool checkIsQualified, bool checkBeingNonQualified) { if (mEncryptionCert == null) { List <byte[]> allCerts = bsc.getEncryptionCertificates(); mEncryptionCert = selectCertificate(checkIsQualified, checkBeingNonQualified, allCerts); } return(mEncryptionCert); }
BaseSigner getSigner(IBaseSmartCard bsc, String aCardPIN, ECertificate aCert) { if (mSigner == null) { bsc.login(aCardPIN); mSigner = bsc.getSigner(aCert, Algorithms.SIGNATURE_RSA_SHA256); } return(mSigner); }
/** * Generic validate function. Validates known types of xml signature. * @param fileName name of the signature file to be validated */ public static void validate(String fileName) { Context context = new Context(Conn.ROOT_DIR + "efatura\\config\\"); // add external resolver to resolve policies context.addExternalResolver(getPolicyResolver()); XMLSignature signature = XMLSignature.parse( new FileDocument(new FileInfo(fileName)), context); ECertificate cert = signature.SigningCertificate; ValidationSystem vs; if (cert.isMaliMuhurCertificate()) { ValidationPolicy policy = new ValidationPolicy(); String policyPath = Conn.ROOT_DIR + "efatura\\config\\certval-policy-malimuhur.xml"; policy = PolicyReader.readValidationPolicy(policyPath); vs = CertificateValidation.createValidationSystem(policy); context.setCertValidationSystem(vs); } else { ValidationPolicy policy = new ValidationPolicy(); String policyPath = Conn.ROOT_DIR + "efatura\\config\\certval-policy.xml"; policy = PolicyReader.readValidationPolicy(policyPath); vs = CertificateValidation.createValidationSystem(policy); context.setCertValidationSystem(vs); } // no params, use the certificate in key info ValidationResult result = signature.verify(); String sonuc = result.toXml(); Console.WriteLine(result.toXml()); // Assert.True(result.Type == ValidationResultType.VALID,"Cant verify " + fileName); UnsignedSignatureProperties usp = signature.QualifyingProperties.UnsignedSignatureProperties; if (usp != null) { IList <XMLSignature> counterSignatures = usp.AllCounterSignatures; foreach (XMLSignature counterSignature in counterSignatures) { ValidationResult counterResult = signature.verify(); Console.WriteLine(counterResult.toXml()); //Assert.True(counterResult.Type == ValidationResultType.VALID, // "Cant verify counter signature" + fileName + " : "+counterSignature.Id); } } }
private void btnSignFile_Click(object sender, EventArgs e) { string fileName = dtData.Rows[0]["FileName"].ToString(); string fileExtension = new FileInfo(fileName).Extension.ToLower(); string tempFile = Application.StartupPath + "\\tmpFile.pdf"; if (".pdf".Equals(fileExtension)) { if (File.Exists(tempFile)) { File.Delete(tempFile); } FileServices.WSFileManagerSoapClient client = new FileServices.WSFileManagerSoapClient(); byte[] fileBytes = client.getFileBytes(documentId, dtData.Rows[0]["SessionId"].ToString()); if (fileBytes != null) { FileStream fs = new FileStream(tempFile, FileMode.OpenOrCreate); fs.Write(fileBytes, 0, fileBytes.Length); fs.Flush(); fs.Close(); Classes.SelectedESignProperties selectedESignProperties = Classes.SmartCardUtils.selectESignProperties(esignUtil); if (selectedESignProperties == null) { return; } string terminal = selectedESignProperties.SelectedTerminal; ECertificate cert = selectedESignProperties.SelectedCertificate; string pinCode = selectedESignProperties.EnteredPinCode; try { byte[] signedFileBytes = esignUtil.signPdfWithSmartCard(terminal, cert, pinCode, tempFile); if (client.uploadSignedFile(documentId, signedFileBytes)) { MessageBox.Show(resMan.GetString("msgSignCompleted")); } } catch (Exception ex) { MessageBox.Show(ex.Message); } } } else { MessageBox.Show(resMan.GetString("msgJustPdfFileCanSign")); } }
public byte[] signPdfWithPfxFile(string pfxFile, string pinCode, string pdfFileName) { PfxSigner signer = new PfxSigner(SignatureAlg.RSA_SHA256.getName(), pfxFile, pinCode); ECertificate signatureCertificate = signer.getSignersCertificate(); Pkcs12Store store = new Pkcs12Store(new FileStream(pfxFile, FileMode.Open), pinCode.ToCharArray()); String alias = ""; string dest = AppDomain.CurrentDomain.BaseDirectory + "\\tmp.pdf"; if (File.Exists(dest)) { File.Delete(dest); } ICollection <Org.BouncyCastle.X509.X509Certificate> chain = new List <Org.BouncyCastle.X509.X509Certificate>(); // searching for private key foreach (string al in store.Aliases) { if (store.IsKeyEntry(al) && store.GetKey(al).Key.IsPrivate) { alias = al; break; } } AsymmetricKeyEntry pk = store.GetKey(alias); foreach (X509CertificateEntry c in store.GetCertificateChain(alias)) { chain.Add(c.Certificate); } RsaPrivateCrtKeyParameters parameters = pk.Key as RsaPrivateCrtKeyParameters; // Creating the reader and the stamper PdfReader reader = new PdfReader(pdfFileName); FileStream os = new FileStream(dest, FileMode.Create); PdfStamper stamper = PdfStamper.CreateSignature(reader, os, '\0'); // Creating the appearance PdfSignatureAppearance appearance = stamper.SignatureAppearance; appearance.Reason = ""; appearance.Location = ""; //appearance.SetVisibleSignature(new Rectangle(36, 748, 144, 780), 1, "sig");//don't show rectangle on pdf // Creating the signature IExternalSignature pks = new PrivateKeySignature(parameters, DigestAlgorithms.SHA256); MakeSignature.SignDetached(appearance, pks, chain, null, null, null, 0, CryptoStandard.CADES); byte[] buffer = File.ReadAllBytes(dest); File.Delete(dest); return(buffer); }
public List <ECertificate> getSignatureCertificates(string terminal) { List <ECertificate> certs = new List <ECertificate>(); Pair <long, CardType> slotAndCardType = SmartOp.getSlotAndCardType(terminal); IBaseSmartCard smartCard = getSmartCard(terminal); smartCard.openSession(slotAndCardType.getmObj1()); List <byte[]> byteOfCerts = smartCard.getSignatureCertificates(); foreach (byte[] bs in byteOfCerts) { ECertificate cert = new ECertificate(bs); certs.Add(cert); } return(certs); }
public string addSerialSignature(String signedEReceteFilePath) { LisansHelper.loadLicense(); String retSignedXmlPath = null; try { //create context with working dir string currentDirectory = Directory.GetCurrentDirectory(); Context context = new Context(currentDirectory); XMLSignature signature = XMLSignature.parse(new FileDocument(new FileInfo(signedEReceteFilePath)), context); // create counter signature XMLSignature counterSignature = signature.createCounterSignature(); counterSignature.SigningTime = DateTime.Now; // sign // add certificate to show who signed the document KeyOrSmartCardSignManager keyOrSmartCardSignManager = KeyOrSmartCardSignManager.Instance; ECertificate signingCert = keyOrSmartCardSignManager.getSigningCertificate(); counterSignature.addKeyInfo(signingCert); // now sign it by using smart card // now sign it BaseSigner baseSigner = keyOrSmartCardSignManager.getSigner(signingCert); counterSignature.sign(baseSigner); FileInfo sourceFileInfo = new FileInfo(signedEReceteFilePath); string destDirPath = sourceFileInfo.Directory.FullName; retSignedXmlPath = destDirPath + "/" + sourceFileInfo.Name.Replace(".xsig", "_Counter.xsig"); FileStream signatureFileStream = new FileStream(retSignedXmlPath, FileMode.Create); signature.write(signatureFileStream); signatureFileStream.Close(); } catch (XMLSignatureException exc) { // cant create signature MesajiIsle("Hata Oluştu." + exc.Message, 1); } catch (Exception exc) { // probably couldn't write to the file MesajiIsle("Hata Oluştu." + exc.Message, 1); } return(retSignedXmlPath); }
public ECertificate getSignatureCertificate(bool checkIsQualified, bool checkBeingNonQualified) { try { if (mSignatureCert == null) { List <byte[]> allCerts = bsc.getSignatureCertificates(); mSignatureCert = selectCertificate(checkIsQualified, checkBeingNonQualified, allCerts); } } catch (Exception ex) { MessageBox.Show(ex.Message); } return(mSignatureCert); }
/** * Validates given certificate */ public static Boolean validateCertificate(ECertificate certificate) { try { ValidationSystem vs; // generate policy which going to be used in validation if (certificate.isMaliMuhurCertificate()) { ValidationPolicy policy = new ValidationPolicy(); String policyPath = Conn.ROOT_DIR + "efatura\\config\\certval-policy-malimuhur.xml"; policy = PolicyReader.readValidationPolicy(policyPath); vs = CertificateValidation.createValidationSystem(policy); } else { ValidationPolicy policy = new ValidationPolicy(); String policyPath = Conn.ROOT_DIR + "efatura\\config\\certval-policy.xml"; policy = PolicyReader.readValidationPolicy(policyPath); vs = CertificateValidation.createValidationSystem(policy); } vs.setBaseValidationTime(DateTime.UtcNow); // validate certificate CertificateStatusInfo csi = CertificateValidation.validateCertificate(vs, certificate); // return true if certificate is valid, false otherwise if (csi.getCertificateStatus() != CertificateStatus.VALID) { return(false); } else if (csi.getCertificateStatus() == CertificateStatus.VALID) { return(true); } } catch (Exception e) { throw new Exception("An error occured while validating certificate", e); } return(false); }
public BaseSigner getSigner(String aCardPIN, ECertificate aCert) { try { if (mSigner == null) { bsc.login(aCardPIN); mSigner = bsc.getSigner(aCert, Algorithms.SIGNATURE_RSA_SHA256); } } catch (PKCS11Exception e) { throw new SmartCardException("Pkcs11 exception - Detay bilgilere bakınız", e); } catch (Exception exc) { // probably couldn't write to the file MesajiIsle("Hata Oluştu." + exc.Message, 1); } return(mSigner); }
public ECertificate getSignatureCertificate(bool checkIsQualified, bool checkBeingNonQualified) { if (mSignatureCert == null) { List <byte[]> allCerts = bsc.getSignatureCertificates(); mSignatureCert = selectCertificate(checkIsQualified, checkBeingNonQualified, allCerts); // tcno ve adsoyad alma denemesi string AdiSoyadi, TCKimlikNo = mSignatureCert.ToString(); AdiSoyadi = TCKimlikNo; int startIndex = TCKimlikNo.IndexOf("SERIALNUMBER="); TCKimlikNo = TCKimlikNo.Substring(startIndex + 13, 11); startIndex = AdiSoyadi.IndexOf("CN="); int endIndex = AdiSoyadi.IndexOf(",", startIndex); AdiSoyadi = AdiSoyadi.Substring(startIndex + 3, endIndex - (startIndex + 3)); // tcno ve adsoyad alma denemesi } return(mSignatureCert); }
public BaseSigner getSigner(ECertificate signingCert) { if (useSmartCard) { string smartCardPin = Constants.SMART_CARD_PIN; if (smartCardPin.Length == 0) { throw new Exception("Please define smart card password in Constants class."); } if (signingCert == null) { signingCert = getSigningCertificate(); } BaseSigner smartCardSigner = smartCardManager.getSigner(smartCardPin, signingCert); return(smartCardSigner); } else { return(pfxSigner); } return(null); }
public bool KartveOkuyucuKontrol() { String[] terminals = SmartOp.getCardTerminals(); Program.TerminalSayisi = terminals.Length; if (terminals == null || terminals.Length == 0) { return(false); } SmartCardManager scmgr = SmartCardManager.getInstance(); { ECertificate signingCert = scmgr.getSignatureCertificate(true, false); LBLTCKIMLIK.Text = Bul(signingCert.ToString(), "SERIALNUMBER=", ","); LBLADISOYADI.Text = Bul(signingCert.ToString(), "CN=", ","); LBLSERIAL.Text = Bul(signingCert.ToString(), "Serial:", "Valid from").TrimStart(' '); LBLBASTARIH.Text = Bul(signingCert.ToString(), "Valid from", "to").TrimStart(' ').TrimEnd(' '); LBLBITTARIH.Text = Bul(signingCert.ToString(), " to", "Ca:").TrimStart(' ').TrimEnd(' '); DateTime bitis_tarihi = DateTime.Parse(LBLBITTARIH.Text); DateTime baslangic_tarihi = DateTime.Parse(LBLBASTARIH.Text); DateTime simdi = DateTime.Now; int kalangun = GunFarkikBul(simdi, bitis_tarihi); if (bitis_tarihi < simdi) { LBLKALANGUN.Text = "- " + kalangun.ToString(); LBLKALANGUN.ForeColor = Color.Red; } else { LBLKALANGUN.Text = kalangun.ToString(); } Program.SertifikaBilgisi = "Sertifika ve Sahiplik Bilgisi: " + signingCert.ToString(); } return(true); }
public void setSignRequestCertificate(ECertificate signRequestCertificate) { this.signRequestCertificate = signRequestCertificate; }
public Task <List <SignatureInfo> > CheckSignaturesAsync(byte[] input) { return(Task.Factory.StartNew(() => { if (!IsSignedData(input) && !IsSignedPDF(input)) { throw new SignatureNotFoundException("İmza bilgisi bulunamdı."); } List <SignatureInfo> signInfo = new List <SignatureInfo>(); if (IsSignedData(input)) { BaseSignedData bs = new BaseSignedData(input); Dictionary <string, object> params_ = new Dictionary <string, object>(); params_[EParameters.P_CERT_VALIDATION_POLICY] = _policy; params_[EParameters.P_FORCE_STRICT_REFERENCE_USE] = true; SignedDataValidation sdv = new SignedDataValidation(); SignedDataValidationResult sdvr = sdv.verify(input, params_); for (int i = 0; i < sdvr.getSDValidationResults().Count; i++) { var item = sdvr.getSDValidationResults()[i]; var signatureType = bs.getSignerList()[i].getType().name(); var certificate = item.getSignerCertificate(); var name = certificate.getSubject().getCommonNameAttribute(); var identity = certificate.getSubject().getSerialNumberAttribute(); var serialnumber = certificate.getSerialNumber().ToString(); var issuer = certificate.getIssuer().getCommonNameAttribute(); bool isvalid = false; if (item.getSignatureStatus() == Types.Signature_Status.VALID) { isvalid = true; } var info = new SignatureInfo() { Identity = identity, Name = name, IsValid = isvalid, Issuer = issuer, SerialNumber = serialnumber, SignatureType = signatureType }; if (certificate.getNotAfter().HasValue) { info.ValidUntil = certificate.getNotAfter().Value; } if (certificate.getNotBefore().HasValue) { info.ValidFrom = certificate.getNotBefore().Value; } var signaturealgorithm = SignatureAlg.fromAlgorithmIdentifier(certificate.getSignatureAlgorithm()).first().getName(); var publickeyalgorithm = SignatureAlg.fromAlgorithmIdentifier(certificate.getPublicKeyAlgorithm()).first().getName(); var publicKey = certificate.asX509Certificate2().GetPublicKeyString(); info.PublicKey = publicKey; info.SignatureAlgorithm = signaturealgorithm; info.PublicKeyAlgorithm = publickeyalgorithm; info.IsTimeStampedCertificate = certificate.isTimeStampingCertificate(); info.IsQualifiedCertificate = certificate.isQualifiedCertificate(); if (item.getSigningTime().HasValue) { info.SignedOn = item.getSigningTime().Value; } signInfo.Add(info); } } if (IsSignedPDF(input)) { PdfReader reader = new PdfReader(input); AcroFields af = reader.AcroFields; var names = af.GetSignatureNames(); for (int i = 0; i < names.Count; ++i) { String name = (string)names[i]; PdfPKCS7 pk = af.VerifySignature(name); var cert = new ECertificate(pk.SigningCertificate.GetEncoded()); var signatureType = "ES_XL"; var commonname = cert.getSubject().getCommonNameAttribute(); var identity = cert.getSubject().getSerialNumberAttribute(); var serialnumber = cert.getSerialNumber().ToString(); var issuer = cert.getIssuer().getCommonNameAttribute(); var info = new SignatureInfo() { Identity = identity, Name = commonname, IsValid = pk.SigningCertificate.IsValidNow, Issuer = issuer, SerialNumber = serialnumber, SignatureType = signatureType }; if (cert.getNotAfter().HasValue) { info.ValidUntil = cert.getNotAfter().Value; } if (cert.getNotBefore().HasValue) { info.ValidFrom = cert.getNotBefore().Value; } var signaturealgorithm = SignatureAlg.fromAlgorithmIdentifier(cert.getSignatureAlgorithm()).first().getName(); var publickeyalgorithm = SignatureAlg.fromAlgorithmIdentifier(cert.getPublicKeyAlgorithm()).first().getName(); var publicKey = cert.asX509Certificate2().GetPublicKeyString(); info.PublicKey = publicKey; info.SignatureAlgorithm = signaturealgorithm; info.PublicKeyAlgorithm = publickeyalgorithm; info.IsTimeStampedCertificate = cert.isTimeStampingCertificate(); info.IsQualifiedCertificate = cert.isQualifiedCertificate(); if (cert.isQualifiedCertificate()) { info.SignedOn = pk.SignDate; } else if (cert.isTimeStampingCertificate()) { info.SignedOn = pk.TimeStampDate; } signInfo.Add(info); } } return signInfo; })); }
public static bool createEnvelopedBes(string pinNo, string signXML, String outXML, bool bInTest) { bool res = false; cardPinNo = pinNo; TestEnvelopedSignatureInitialize(); try { // here is our custom envelope xml // XmlDocument envelopeDoc = newEnvelope("edefter.xml"); XmlDocument envelopeDoc = Conn.newEnvelope(signXML); XmlElement exts = (XmlElement)envelopeDoc.GetElementsByTagName("ext:UBLExtensions").Item(0); XmlElement ext = (XmlElement)exts.GetElementsByTagName("ext:UBLExtension").Item(0); XmlElement extContent = (XmlElement)ext.GetElementsByTagName("ext:ExtensionContent").Item(0); UriBuilder ub = new UriBuilder(Conn.ROOT_DIR + "efatura\\config\\"); // create context with working dir Context context = new Context(ub.Uri); //UriBuilder ub2 = new UriBuilder(Conn.ROOT_DIR + "efatura\\config\\xmlsignature-config.xml"); context.Config = new Config(Conn.ROOT_DIR + "efatura\\config\\xmlsignature-config.xml"); // define where signature belongs to context.Document = envelopeDoc; // create signature according to context, // with default type (XADES_BES) XMLSignature signature = new XMLSignature(context, false); String setID = "Signature_" + envelopeDoc.GetElementsByTagName("cbc:ID").Item(0).InnerText; signature.Id = setID; signature.SigningTime = DateTime.Now; // attach signature to envelope //envelopeDoc.DocumentElement.AppendChild(signature.Element); extContent.AppendChild(signature.Element); //add transforms for efatura Transforms transforms = new Transforms(context); transforms.addTransform(new Transform(context, TransformType.ENVELOPED.Url)); // add document as reference, //signature.addDocument("#data1", "text/xml", false); signature.addDocument("", "text/xml", transforms, DigestMethod.SHA_256, false); ECertificate certificate = SmartCardManager.getInstance().getEInvoiceCertificate(cardPinNo);// getSignatureCertificate(true, false); if (certificate.isMaliMuhurCertificate()) { ValidationPolicy policy = new ValidationPolicy(); String policyPath = Conn.ROOT_DIR + "efatura\\config\\certval-policy-malimuhur.xml"; policy = PolicyReader.readValidationPolicy(policyPath); ValidationSystem vs = CertificateValidation.createValidationSystem(policy); context.setCertValidationSystem(vs); } else { ValidationPolicy policy = new ValidationPolicy(); String policyPath = Conn.ROOT_DIR + "efatura\\config\\certval-policy.xml"; policy = PolicyReader.readValidationPolicy(policyPath); ValidationSystem vs = CertificateValidation.createValidationSystem(policy); context.setCertValidationSystem(vs); } if (CertValidation.validateCertificate(certificate) || bInTest) { BaseSigner signer = SmartCardManager.getInstance().getSigner(cardPinNo, certificate); X509Certificate2 msCert = certificate.asX509Certificate2(); signature.addKeyInfo(msCert.PublicKey.Key); signature.addKeyInfo(certificate); KeyInfo keyInfo = signature.createOrGetKeyInfo(); int elementCount = keyInfo.ElementCount; for (int k = 0; k < elementCount; k++) { KeyInfoElement kiElement = keyInfo.get(k); if (kiElement.GetType().IsAssignableFrom(typeof(X509Data))) { X509Data x509Data = (X509Data)kiElement; X509SubjectName x509SubjectName = new X509SubjectName(context, certificate.getSubject().stringValue()); x509Data.add(x509SubjectName); break; } } //signature.addKeyInfo(certificate); signature.SignedInfo.CanonicalizationMethod = C14nMethod.EXCLUSIVE_WITH_COMMENTS; signature.sign(signer); // this time we dont use signature.write because we need to write // whole document instead of signature using (Stream s = new FileStream(outXML, FileMode.Create)) { try { envelopeDoc.Save(s); s.Flush(); s.Close(); res = true; } catch (Exception e) { res = false; MessageBox.Show("Dosya kaydedilirken hata oluştu " + e.Message.ToString()); s.Close(); } } } } catch (Exception e) { res = false; MessageBox.Show("Hata Oluştu \r\n" + e.Message.ToString()); } return(res); }
public byte[] signPdfWithSmartCard(string terminal, ECertificate signatureCertificate, string pinCode, string pdfFileName) { byte[] buffer = null; PdfReader reader = null; PdfStamper stamper = null; FileStream os = null; try { string dest = AppDomain.CurrentDomain.BaseDirectory + "\\tmp.pdf"; if (File.Exists(dest)) { File.Delete(dest); } IExternalSignature pks = new SmartCardPrivateKeySignature(terminal, pinCode, signatureCertificate); reader = new PdfReader(pdfFileName); os = new FileStream(dest, FileMode.Create); stamper = PdfStamper.CreateSignature(reader, os, '\0'); Org.BouncyCastle.Asn1.Esf.SignaturePolicyIdentifier policy = new Org.BouncyCastle.Asn1.Esf.SignaturePolicyIdentifier(); DateTime dtNow = DateTime.Now; PdfSignatureAppearance appearance = stamper.SignatureAppearance; appearance.Reason = ""; appearance.Location = ""; appearance.SignDate = dtNow; PdfSignature dic = new PdfSignature(PdfName.ADOBE_PPKMS, PdfName.ADBE_PKCS7_SHA1); dic.Date = new PdfDate(dtNow); appearance.CryptoDictionary = dic; ICollection <Org.BouncyCastle.X509.X509Certificate> chain = new List <Org.BouncyCastle.X509.X509Certificate>(); X509Certificate2 cert = signatureCertificate.asX509Certificate2(); X509Chain x509chain = new X509Chain(); x509chain.Build(cert); foreach (X509ChainElement x509ChainElement in x509chain.ChainElements) { chain.Add(DotNetUtilities.FromX509Certificate(x509ChainElement.Certificate)); } MakeSignature.SignDetached(appearance, pks, chain, null, null, null, 0, CryptoStandard.CADES, policy); buffer = File.ReadAllBytes(dest); File.Delete(dest); } finally { if (reader != null) { reader.Close(); } if (stamper != null) { stamper.Close(); } if (os != null) { os.Close(); } } return(buffer); }
public SmartCardPrivateKeySignature(string terminal, string pin, ECertificate cert) { this.terminal = terminal; this.pin = pin; this.cert = cert; }
public ECertificate getEInvoiceCertificate(string pinNo) { if (mSignatureCert == null) { List <byte[]> aCerts = bsc.getSignatureCertificates(); List <ECertificate> certs = new List <ECertificate>(); foreach (byte[] bs in aCerts) { ECertificate cert = new ECertificate(bs); if (cert.isQualifiedCertificate()) { certs.Add(cert); } else if (cert.isMaliMuhurCertificate()) { certs.Add(cert); } } if (certs.Count == 0) { throw new ESYAException("Kartta fatura imzalayabiliceğiniz bir sertifika bulunmuyor"); } else if (certs.Count == 1) { mSignatureCert = certs[0]; } else { String[] optionList = new String[certs.Count]; for (int i = 0; i < certs.Count; i++) { if (certs[i].isQualifiedCertificate()) { optionList[i] = certs[i].getSubject().getCommonNameAttribute() + " (Nitelikli)"; } else { optionList[i] = certs[i].getSubject().getCommonNameAttribute() + " (MaliMühür)"; } } int result = askOption(null, null, optionList, "Sertifika Listesi", new String[] { "Tamam", "\u0130ptal" }); if (result < 0) { throw new ESYAException("Sertifika secmediniz"); } else { mSignatureCert = certs[result]; } } return(mSignatureCert); } return(mSignatureCert); }
private ECertificate selectCertificate(bool checkIsQualified, bool checkBeingNonQualified, List <byte[]> aCerts) { if (aCerts != null && aCerts.Count == 0) { throw new ESYAException("Kartta sertifika bulunmuyor"); } if (checkIsQualified && checkBeingNonQualified) { throw new ESYAException( "Bir sertifika ya nitelikli sertifikadir, ya niteliksiz sertifikadir. Hem nitelikli hem niteliksiz olamaz"); } List <ECertificate> certs = new List <ECertificate>(); foreach (byte[] bs in aCerts) { ECertificate cert = new ECertificate(bs); if (checkIsQualified) { if (cert.isQualifiedCertificate()) { certs.Add(cert); } } else if (checkBeingNonQualified) { if (!cert.isQualifiedCertificate()) { certs.Add(cert); } } else { certs.Add(cert); } } ECertificate selectedCert = null; if (certs.Count == 0) { if (checkIsQualified) { throw new ESYAException("Kartta nitelikli sertifika bulunmuyor"); } else if (checkBeingNonQualified) { throw new ESYAException("Kartta niteliksiz sertifika bulunmuyor"); } } else if (certs.Count == 1) { selectedCert = certs[0]; } else { selectedCert = certs[0]; } return(selectedCert); }
private ECertificate selectCertificate(bool checkIsQualified, bool checkBeingNonQualified, List <byte[]> aCerts) { if (aCerts != null && aCerts.Count == 0) { throw new ESYAException("Kartta sertifika bulunmuyor"); } if (checkIsQualified && checkBeingNonQualified) { throw new ESYAException( "Bir sertifika ya nitelikli sertifikadir, ya niteliksiz sertifikadir. Hem nitelikli hem niteliksiz olamaz"); } List <ECertificate> certs = new List <ECertificate>(); foreach (byte[] bs in aCerts) { ECertificate cert = new ECertificate(bs); if (checkIsQualified) { if (cert.isQualifiedCertificate()) { certs.Add(cert); } } else if (checkBeingNonQualified) { if (!cert.isQualifiedCertificate()) { certs.Add(cert); } } else { certs.Add(cert); } } ECertificate selectedCert = null; if (certs.Count == 0) { if (checkIsQualified) { throw new ESYAException("Kartta nitelikli sertifika bulunmuyor"); } else if (checkBeingNonQualified) { throw new ESYAException("Kartta niteliksiz sertifika bulunmuyor"); } } else if (certs.Count == 1) { selectedCert = certs[0]; } else { String[] optionList = new String[certs.Count]; for (int i = 0; i < certs.Count; i++) { optionList[i] = certs[i].getSubject().getCommonNameAttribute(); } int result = askOption(null, null, optionList, "Sertifika Listesi", new[] { "Tamam" }); if (result < 0) { selectedCert = null; } else { selectedCert = certs[result]; } } return(selectedCert); }
public string eReceteImzala(string eReceteSourceFilePath, string eReceteDestFilePath, string GelenXML, Boolean DosyayaYaz) { string retSignedXmlPath = null; //Load license from file //LisansHelper.loadFreeLicenseBase64(); //LisansHelper.loadFullTestLicense(); // LisansHelper.loadFreeLicense(); // LisansHelper.loadLicense(); try { // create context with working dir string currentDirectory = Directory.GetCurrentDirectory(); Context context = new Context(currentDirectory); // create signature according to context, // with default type (XADES_BES) XMLSignature signature = new XMLSignature(context); signature.SigningTime = DateTime.Now; if (GelenXML != "") { InMemoryDocument inMMDoc = new InMemoryDocument(System.Text.Encoding.UTF8.GetBytes(GelenXML), "", null, null); signature.addDocument(inMMDoc); } else { // add document as reference, and keep BASE64 version of data // in an <Object tag, in a way that reference points to // that <Object // (embed=true) null signature.addDocument(eReceteSourceFilePath, "text/plain", true); } // bu kismin alternatifi TestEnvelopingSignature dosyasinda var // if (Program.ParamTCKimlikNo != "") if (Program.ParamOto == "1") { SmartCardManagerKimlikNodanSec smc = SmartCardManagerKimlikNodanSec.getInstance(0); // 0 server version // sanirim smc nesnesi getInstance icinde uygun karta gore olusuyor... altta masaustu icin de uygula... 10.12.2015 if (Program.KartOkuyucuYok == 1) { return(null); } ECertificate signingCert = smc.getSignatureCertificate(true, false); //İlk parameter Kart Pin BaseSigner baseSigner = smc.getSigner(Program.PinKodu, signingCert); // "12345" bool validCertificate = isValidCertificate(signingCert); if (!validCertificate) { MesajiIsle("İmza atılmak istenen sertifika geçerli değil." + Program.HataMesaji, 1); return(null); } // add certificate to show who signed the document signature.addKeyInfo(signingCert); //Signer Oluşturma signature.sign(baseSigner); } else { // 1 desktop version // imzalama oncesi kartta instance acma SmartCardManagerKimlikNodanSec smc = SmartCardManagerKimlikNodanSec.getInstance(1); // 1 desktop version // smc nesnesi getInstance icinde uygun karta gore olusacak if (Program.KartOkuyucuYok == 1) { return(null); } ECertificate signingCert = smc.getSignatureCertificate(true, false); //İlk parameter Kart Pin BaseSigner baseSigner = smc.getSigner(Program.PinKodu, signingCert); // "12345" if (baseSigner == null) { return(null); } bool validCertificate = isValidCertificate(signingCert); if (!validCertificate) { MesajiIsle("İmza atılmak istenen sertifika geçerli değil." + Program.HataMesaji, 1); return(null); } if (Program.SertifikaBilgisi != "Sertifika ve Sahiplik Bilgisi: " + signingCert.ToString()) { if (Program.SertifikaBilgisi == "Sertifika ve Sahiplik Bilgisi: ") { MesajiIsle("Akıllı kartı, imza ekranına girmeden evvel takınız." + Program.HataMesaji, 1); return(null); } MesajiIsle("Akıllı kart, imza ekranına girildikten sonra değiştirilmiş, işlemi kart değiştirmeden yapınız." + Program.HataMesaji, 1); return(null); } // add certificate to show who signed the document signature.addKeyInfo(signingCert); //Signer Oluşturma signature.sign(baseSigner); // eski yontem //if (Program.KartOkuyucuYok == 1) return null; //ECertificate signingCert = smc.getSignatureCertificate(true, false); //BaseSigner baseSigner = smc.getSigner(Program.PinKodu, signingCert); // "12345" //bool validCertificate = isValidCertificate(signingCert); //if (!validCertificate) //{ // MesajiIsle("İmza atılmak istenen sertifika geçerli değil." + Program.HataMesaji, 1); // return null; //} //// add certificate to show who signed the document //signature.addKeyInfo(signingCert); ////Signer Oluşturma //signature.sign(baseSigner); } //FileInfo sourceFileInfo = new FileInfo(eReceteSourceFilePath); //string destDirPath = sourceFileInfo.Directory.FullName; if (DosyayaYaz) { retSignedXmlPath = eReceteDestFilePath.Replace(".xml", ".xsig"); FileStream signatureFileStream = new FileStream(retSignedXmlPath, FileMode.Create); signature.write(signatureFileStream); signatureFileStream.Close(); // mesaji main'de button click sonundan buraya aldim if (retSignedXmlPath != null) { // tBoxSignedERecetePath.Text = signedFilePath; MesajiIsle(retSignedXmlPath + " konumunda imzalı E-Reçete oluşturuldu.", 0); } } else { MesajiIsle("E-Reçete imza verisi hazır", 0); } // return retSignedXmlPath; return(signature.Document.OuterXml); } catch (XMLSignatureRuntimeException exc) { // cant create signature MesajiIsle("Hata Oluştu." + exc.Message, 1); } catch (XMLSignatureException exc) { // cant create signature MesajiIsle("Hata Oluştu." + exc.Message, 1); } catch (Exception exc) { // probably couldn't write to the file MesajiIsle("Hata Oluştu." + exc.Message, 1); } // return retSignedXmlPath; return(""); }