/////////////////////////////////////////////////////////////////////// /// /// <summary> /// Carry out the Sign command. /// </summary> /// static void DoSignCommand(string title, X509Certificate2 certificate) { Console.WriteLine(); Console.WriteLine("Signing Xml file \"" + fileNames[0] + "\"..."); Console.WriteLine(); // display more details for verbose operation. if (verbose) { DisplayDetail(null, certificate, detached); } SignedXml signedXml = new SignedXml(); ICspAsymmetricAlgorithm csp = (ICspAsymmetricAlgorithm) certificate.PrivateKey; if (csp.CspKeyContainerInfo.RandomlyGenerated) throw new InternalException("Internal error: This certificate does not have a corresponding private key."); signedXml.SigningKey = (AsymmetricAlgorithm) csp; Console.WriteLine(signedXml.SigningKey.ToXmlString(false)); if (detached) { Reference reference = new Reference(); reference.Uri = "file://" + Path.GetFullPath((string) fileNames[0]); signedXml.AddReference(reference); } else { Reference reference = new Reference(); reference.Uri = "#object-1"; // Add an object XmlDocument dataObject = new XmlDocument(); dataObject.PreserveWhitespace = true; XmlElement dataElement = (XmlElement) dataObject.CreateElement("DataObject", SignedXml.XmlDsigNamespaceUrl); dataElement.AppendChild(dataObject.CreateTextNode(new UTF8Encoding(false).GetString(ReadFile((string) fileNames[0])))); dataObject.AppendChild(dataElement); DataObject obj = new DataObject(); obj.Data = dataObject.ChildNodes; obj.Id = "object-1"; signedXml.AddObject(obj); signedXml.AddReference(reference); } signedXml.KeyInfo = new KeyInfo(); if (includeOptions.Count == 0) { signedXml.KeyInfo.AddClause(new KeyInfoX509Data(certificate, X509IncludeOption.ExcludeRoot)); } else { KeyInfoX509Data keyInfoX509Data = new KeyInfoX509Data(); foreach (IncludeOptions includeOption in includeOptions) { switch (includeOption) { case IncludeOptions.ExcludeRoot: case IncludeOptions.EndCertOnly: case IncludeOptions.WholeChain: keyInfoX509Data = new KeyInfoX509Data(certificate, (X509IncludeOption) includeOption); break; case IncludeOptions.SubjectName: keyInfoX509Data.AddSubjectName(certificate.SubjectName.Name); break; case IncludeOptions.SKI: X509ExtensionCollection extensions = certificate.Extensions; foreach (X509Extension extension in extensions) { if (extension.Oid.Value == "2.5.29.14") { // OID for SKI extension X509SubjectKeyIdentifierExtension ski = extension as X509SubjectKeyIdentifierExtension; if (ski != null) { keyInfoX509Data.AddSubjectKeyId(ski.SubjectKeyIdentifier); break; } } } break; case IncludeOptions.IssuerSerial: keyInfoX509Data.AddIssuerSerial(certificate.IssuerName.Name, certificate.SerialNumber); break; } signedXml.KeyInfo.AddClause(keyInfoX509Data); } } // compute the signature signedXml.ComputeSignature(); XmlElement xmlDigitalSignature = signedXml.GetXml(); // write it out XmlTextWriter xmltw = new XmlTextWriter((string) fileNames[1], new UTF8Encoding(false)); xmlDigitalSignature.WriteTo(xmltw); xmltw.Close(); Console.WriteLine(); Console.WriteLine("Signature written to file \"" + fileNames[1] + "\"."); Console.WriteLine(); return; }
public void Complex () { KeyInfoX509Data data1 = new KeyInfoX509Data (cert); KeyInfoX509Data data2 = new KeyInfoX509Data (); XmlElement xel = data1.GetXml (); data2.LoadXml (xel); Assert.AreEqual ((data1.GetXml ().OuterXml), (data2.GetXml ().OuterXml), "data1==data2"); byte[] c = (data1.Certificates[0] as X509Certificate).GetRawCertData(); AssertCrypto.AssertEquals ("Certificate[0]", cert, c); // add a second X.509 certificate X509Certificate x509 = new X509Certificate (cert2); data1.AddCertificate (x509); xel = data1.GetXml (); data2.LoadXml (xel); Assert.AreEqual ((data1.GetXml ().OuterXml), (data2.GetXml ().OuterXml), "data1==data2"); c = (data1.Certificates [1] as X509Certificate).GetRawCertData(); Assert.AreEqual (cert2, c, "Certificate[1]"); // add properties from a third X.509 certificate x509 = new X509Certificate (cert3); data1.AddIssuerSerial (x509.GetIssuerName (), x509.GetSerialNumberString ()); xel = data1.GetXml (); data2.LoadXml (xel); Assert.AreEqual ((data1.GetXml ().OuterXml), (data2.GetXml ().OuterXml), "data1==data2"); // TODO: The type of IssuerSerial isn't documented // X509Certificate doesn't export SubjectKeyId so we must improvise byte[] skid = { 0xDE, 0xAD, 0xC0, 0xDE }; data1.AddSubjectKeyId (skid); xel = data1.GetXml (); data2.LoadXml (xel); Assert.AreEqual ((data1.GetXml ().OuterXml), (data2.GetXml ().OuterXml), "data1==data2"); Assert.AreEqual (skid, (byte[])data1.SubjectKeyIds[0], "SubjectKeyId"); data1.AddSubjectName (x509.GetName ()); xel = data1.GetXml (); data2.LoadXml (xel); Assert.AreEqual ((data1.GetXml ().OuterXml), (data2.GetXml ().OuterXml), "data1==data2"); string s = (string) data1.SubjectNames [0]; Assert.AreEqual (x509.GetName (), s, "SubjectName"); }
public void AddSubjectKeyId_String_Null () { KeyInfoX509Data data1 = new KeyInfoX509Data (); data1.AddSubjectKeyId ((string)null); }
[Category ("NotWorking")] // beta2 bug public void AddSubjectKeyId_String_BadHexData () { KeyInfoX509Data data = new KeyInfoX509Data (); data.AddSubjectKeyId ("Hello"); Assert.IsNull (data.Certificates, "Certificates"); Assert.IsNull (data.CRL, "Certificates"); Assert.IsNull (data.IssuerSerials, "IssuerSerials"); // looks like "garbage" Assert.AreEqual (1, data.SubjectKeyIds.Count, "SubjectKeyIds"); Assert.IsNull (data.SubjectNames, "SubjectNames"); }
public void AddSubjectKeyId_Byte_Null () { KeyInfoX509Data data = new KeyInfoX509Data (); data.AddSubjectKeyId ((byte[])null); Assert.IsNull (data.Certificates, "Certificates"); Assert.IsNull (data.CRL, "Certificates"); Assert.IsNull (data.IssuerSerials, "IssuerSerials"); Assert.AreEqual (1, data.SubjectKeyIds.Count, "SubjectKeyIds"); Assert.IsNull (data.SubjectNames, "SubjectNames"); // beta2 bug - throw an ArgumentNullException (a little too late) // Assert.AreEqual ("<X509Data xmlns=\"http://www.w3.org/2000/09/xmldsig#\" />", data.GetXml ().OuterXml); }