public static Boolean VerifyEpovInFile(XmlDocument docToCheck) { var signedXml = new SmevSignedXml(docToCheck); var nodeList = docToCheck.GetElementsByTagName("Signature", SignedXml.XmlDsigNamespaceUrl); signedXml.LoadXml((XmlElement)nodeList[0]); var referenceList = docToCheck.GetElementsByTagName("Reference", SmevSignedXml.WsSecurityWsseNamespaceUrl); if (referenceList.Count == 0) { throw new XmlException("Не удалось найти указатель подписи \n"); } var binaryTokenReference = ((XmlElement)referenceList[0]).GetAttribute("URI"); if (string.IsNullOrEmpty(binaryTokenReference) || binaryTokenReference[0] != '#') { throw new XmlException("Не удалось найти ссылку на сертификат \n"); } var binaryTokenElement = signedXml.GetIdElement(docToCheck, binaryTokenReference.Substring(1)); if (binaryTokenElement == null) { throw new XmlException("Не удалось найти сертификат \n"); } var cert = new X509Certificate2(Convert.FromBase64String(binaryTokenElement.InnerText)); return signedXml.CheckSignature(cert.PublicKey.Key); }
private static XmlDocument ApplySignatureEpov(XmlDocument docToApply, X509Certificate2 cert, String partitionToSign) { var signedXml = new SmevSignedXml(docToApply) { SigningKey = cert.PrivateKey }; signedXml.SignedInfo.CanonicalizationMethod = SmevSignedXml.CanonMethodUrl; signedXml.SignedInfo.SignatureMethod = SmevSignedXml.SignatureMethodUrl; var reference = new Reference {Uri = "#" + partitionToSign, DigestMethod = SmevSignedXml.DigestMethodUrl}; reference.AddTransform(new XmlDsigExcC14NTransform()); signedXml.AddReference(reference); try { signedXml.ComputeSignature(); } catch (Exception ex) { throw new ApplicationException("Не установлен КриптоПро CSP. \n", ex); } var xmlDigitalSignature = signedXml.GetXml(); docToApply.GetElementsByTagName("Signature", SignedXml.XmlDsigNamespaceUrl)[0].PrependChild( docToApply.ImportNode(xmlDigitalSignature.GetElementsByTagName("SignatureValue")[0], true)); docToApply.GetElementsByTagName("Signature", SignedXml.XmlDsigNamespaceUrl)[0].PrependChild( docToApply.ImportNode(xmlDigitalSignature.GetElementsByTagName("SignedInfo")[0], true)); docToApply.GetElementsByTagName("BinarySecurityToken", SmevSignedXml.WsSecurityWsseNamespaceUrl)[0].InnerText = Convert.ToBase64String(cert.RawData); return docToApply; }