/// <summary> /// 对XML文件内容进行数字签名 /// </summary> /// <param name="document">XML文档对象(输入参数)</param> /// <param name="key">RSA算法(输入参数)</param> public static void SignXml(XmlDocument document, RSA key) { // 参数验证 if (document == null) { throw new ArgumentException("document"); } if (key == null) { throw new ArgumentException("key"); } SignedXml XML = new SignedXml(document); XML.SigningKey = key; System.Security.Cryptography.Xml.Reference reference = new System.Security.Cryptography.Xml.Reference(); reference.Uri = ""; XmlDsigEnvelopedSignatureTransform transform = new XmlDsigEnvelopedSignatureTransform(); reference.AddTransform(transform); XML.AddReference(reference); XML.ComputeSignature(); XmlElement node = XML.GetXml(); document.DocumentElement.AppendChild(document.ImportNode(node, true)); }
private static XmlDocument SignXmlDocument(XmlDocument xmlDocument, X509Certificate2 signingCertificate) { // Создание подписчика XML-документа var signedXml = new GostSignedXml(xmlDocument); // Установка ключа для создания подписи signedXml.SetSigningCertificate(signingCertificate); // Ссылка на узел, который нужно подписать, с указанием алгоритма хэширования var dataReference = new Reference { Uri = "#Id1", DigestMethod = GostSignedXml.XmlDsigGost3411Url }; // Метод преобразования, применяемый к данным перед их подписью var dataTransform = CreateDataTransform(); dataReference.AddTransform(dataTransform); // Установка ссылки на узел signedXml.AddReference(dataReference); // Установка информации о сертификате, который использовался для создания подписи var keyInfo = new KeyInfo(); keyInfo.AddClause(new KeyInfoX509Data(signingCertificate)); signedXml.KeyInfo = keyInfo; // Вычисление подписи signedXml.ComputeSignature(); // Получение XML-представления подписи var signatureXml = signedXml.GetXml(); // Добавление подписи в исходный документ xmlDocument.DocumentElement.AppendChild(xmlDocument.ImportNode(signatureXml, true)); return xmlDocument; }
public string GetSignedXml(string xmlDocument, X509Certificate2 cert) { XmlDocument doc = new XmlDocument(); doc.LoadXml(xmlDocument); SignedXml signedXml = new SignedXml(doc) { SigningKey = cert.PrivateKey }; System.Security.Cryptography.Xml.Reference reference = new System.Security.Cryptography.Xml.Reference { Uri = "" }; XmlDsigEnvelopedSignatureTransform env = new XmlDsigEnvelopedSignatureTransform(); reference.AddTransform(env); signedXml.AddReference(reference); signedXml.ComputeSignature(); XmlElement xmlDigitalSignature = signedXml.GetXml(); doc.DocumentElement.AppendChild(doc.ImportNode(xmlDigitalSignature, true)); var response = xmlSerializer.Deserialize <SSOLibrary.Signature>(xmlDigitalSignature.OuterXml); signableObject.Signature = response; var signedRequest = this.xmlSerializer.Serialize(signableObject.GetType(), signableObject); return(signedRequest); }
/// <summary> /// Adds a digital signature to the outgoing request message, before sending it to Acquirer. /// </summary> /// <param name="requestXml"> /// The unsigned request XML message. /// </param> /// <returns> /// The request message, including digital signature. /// </returns> public string SignRequestXml(XDocument requestXml) { XmlDocument document = ToXmlDocument(requestXml); RSACryptoServiceProvider key = ExtractPrivateKeyFrom(acceptantPrivateCertificate); var signedXml = new SignedXml(document) { SigningKey = key }; signedXml.SignedInfo.SignatureMethod = "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"; signedXml.SignedInfo.CanonicalizationMethod = "http://www.w3.org/2001/10/xml-exc-c14n#"; // Add a signing reference, the uri is empty and so the whole document is signed. var reference = new Reference { DigestMethod = @"http://www.w3.org/2001/04/xmlenc#sha256" }; reference.AddTransform(new XmlDsigEnvelopedSignatureTransform()); reference.Uri = ""; signedXml.AddReference(reference); // Add the certificate as key info. Because of this, the certificate // with the public key will be added in the signature part. var keyInfo = new KeyInfo(); keyInfo.AddClause(new KeyInfoName(acceptantPrivateCertificate.Thumbprint)); signedXml.KeyInfo = keyInfo; // Generate the signature. signedXml.ComputeSignature(); XmlElement xmlSignature = signedXml.GetXml(); document.DocumentElement.AppendChild(document.ImportNode(xmlSignature, true)); // Check that outgoing signature is valid. Private certificate also contains public part. VerifyDocumentSignature(document, acceptantPrivateCertificate); return GetContentsFrom(document); }
private void AddReference(string id, Stream contents) { var reference = new System.Security.Cryptography.Xml.Reference(contents); reference.Uri = id; reference.DigestMethod = AlgorithmSuite.DefaultDigestAlgorithm; reference.AddTransform(new XmlDsigExcC14NTransform()); _signedXml.AddReference(reference); }
protected static void SetAttachmentTransformContentType(Reference reference, Attachment attachment) { foreach (object transform in reference.TransformChain) { if (transform is AttachmentSignatureTransform attachmentTransform) { attachmentTransform.ContentType = attachment.ContentType; } } }
private Reference getReference(XmlNode mainNode) { Reference reference = new Reference(); string mainNodeID = mainNode.Attributes["Id"].InnerText; reference.Uri = "#" + mainNodeID; reference.DigestMethod = @"http://www.w3.org/2001/04/xmlenc#sha256"; reference.AddTransform(new XmlDsigEnvelopedSignatureTransform()); return reference; }
private void AddXmlReference(string id, string hashFunction) { var reference = new Reference("#" + id) { DigestMethod = hashFunction }; Transform transform = new XmlDsigExcC14NTransform(); reference.AddTransform(transform); base.AddReference(reference); }
private void AddSignatureReference(MessageHeader header, string headerId, IPrefixGenerator prefixGenerator, XmlDictionaryWriter writer) { // No transforms added to Reference as the digest value has already been calculated byte[] hashValue; headerId = GetSignatureHash(header, headerId, prefixGenerator, writer, out hashValue); var reference = new System.Security.Cryptography.Xml.Reference(); reference.DigestMethod = AlgorithmSuite.DefaultDigestAlgorithm; reference.DigestValue = hashValue; reference.Id = headerId; _signedXml.AddReference(reference); }
/// <summary> /// Resets the reference stream position to 0. /// </summary> /// <param name="reference"></param> protected static void ResetReferenceStreamPosition(Reference reference) { if (RefTargetField == null) { return; } if (RefTargetField.GetValue(reference) is Stream referenceStream) { StreamUtilities.MovePositionToStreamStart(referenceStream); } }
public static Signature ObterAssinatura <T>(T objeto, string id, X509Certificate2 certificadoDigital, string signatureMethod = "http://www.w3.org/2000/09/xmldsig#rsa-sha1", string digestMethod = "http://www.w3.org/2000/09/xmldsig#sha1") where T : class { if (id == null) { throw new Exception("Não é possível assinar um objeto evento sem sua respectiva Id!"); } var documento = new XmlDocument { PreserveWhitespace = true }; var xml = XmlUtils.ClasseParaXmlString(objeto); documento.LoadXml(xml); var docXml = new SignedXml(documento) { SigningKey = certificadoDigital.PrivateKey }; docXml.SignedInfo.SignatureMethod = signatureMethod; var reference = new Reference { Uri = "#" + id, DigestMethod = digestMethod }; var envelopedSigntature = new XmlDsigEnvelopedSignatureTransform(); reference.AddTransform(envelopedSigntature); var c14Transform = new XmlDsigC14NTransform(); reference.AddTransform(c14Transform); docXml.AddReference(reference); var keyInfo = new KeyInfo(); keyInfo.AddClause(new KeyInfoX509Data(certificadoDigital)); docXml.KeyInfo = keyInfo; docXml.ComputeSignature(); var xmlDigitalSignature = docXml.GetXml(); var assinatura = XmlUtils.XmlStringParaClasse <Signature>(xmlDigitalSignature.OuterXml); return(assinatura); }
private byte[] GetReferenceHash(System.Security.Cryptography.Xml.Reference r) { XmlDocument doc = new XmlDocument(); doc.PreserveWhitespace = true; if (r.Uri == "") { doc = envdoc; } else { XmlElement element = GetIdElement(envdoc, r.Uri != null ? r.Uri.Remove(0, 1) : null); doc.LoadXml(element.OuterXml); if (r.TransformChain.Count > 0) { var namespaces = GetAllNamespaces(element); foreach (var item in namespaces) { AddNameSpace(doc, doc.DocumentElement, item.Name, item.Value); } } } Stream s = null; if (r.TransformChain.Count > 0) { foreach (System.Security.Cryptography.Xml.Transform t in r.TransformChain) { if (s == null) { s = ApplyTransform(t, doc); } else { s = ApplyTransform(t, s); } } } else { s = ApplyTransform(new System.Security.Cryptography.Xml.XmlDsigC14NTransform(), doc); } HashAlgorithm hash = (HashAlgorithm)CryptoConfig.CreateFromName(r.DigestMethod); return(hash.ComputeHash(s)); }
/// <summary> /// Add Cid Attachment Reference /// </summary> /// <param name="attachment"></param> /// <param name="digestMethod"></param> private void AddAttachmentReference(Attachment attachment, string digestMethod) { var attachmentReference = new Reference(uri: CidPrefix + attachment.Id) { DigestMethod = digestMethod }; attachmentReference.AddTransform(new AttachmentSignatureTransform()); base.AddReference(attachmentReference); SetReferenceStream(attachmentReference, attachment); SetAttachmentTransformContentType(attachmentReference, attachment); ResetReferenceStreamPosition(attachmentReference); }
public static XmlElement GenerateSignature(XmlDocument licenseDocument, IPrivateCryptoKey privateKey) { using (var privateKeyProvider = new RsaPrivateKeyProvider()) { var reference = new Reference { Uri = string.Empty }; reference.AddTransform(new XmlDsigEnvelopedSignatureTransform()); var signedXml = new SignedXml(licenseDocument) { SigningKey = privateKeyProvider.Recreate(privateKey) }; signedXml.AddReference(reference); signedXml.ComputeSignature(); return signedXml.GetXml(); } }
/// <summary> /// Sets the stream of a SignedInfo reference. /// </summary> /// <param name="reference"></param> /// <param name="attachment"></param> protected static void SetReferenceStream(Reference reference, Attachment attachment) { // We need reflection to set these 2 types. They are implicitly set to Xml references, // but this causes problems with cid: references, since they're not part of the original stream. // If performance is slow on this, we can investigate the Delegate.CreateDelegate method to speed things up, // however keep in mind that the reference object changes with every call, so we can't just keep the same delegate and call that. if (RefTargetTypeField != null) { const int streamReferenceTargetType = 0; RefTargetTypeField.SetValue(reference, streamReferenceTargetType); } if (RefTargetField != null) { RefTargetField.SetValue(reference, new NonCloseableStream(attachment.Content)); } }
public void ComputeSignature(X509Certificate2 certificate, X509IncludeOption includeOption, string id) { SigningKey = (RSACryptoServiceProvider)certificate.PrivateKey; SignedInfo.CanonicalizationMethod = Saml2SignedXml.XmlDsigExcC14NTransformUrl; //SignedInfo.SignatureMethod = SecurityAlgorithms.RsaSha256Signature; var reference = new Reference("#" + id); // reference.DigestMethod = SecurityAlgorithms.Sha1Digest; reference.AddTransform(new XmlDsigEnvelopedSignatureTransform()); reference.AddTransform(new XmlDsigExcC14NTransform()); AddReference(reference); ComputeSignature(); KeyInfo = new KeyInfo(); KeyInfo.AddClause(new KeyInfoX509Data(certificate, includeOption)); }
private static XmlElement GerarAssinatura(XmlDocument doc, string infoElement, string signAtribute, X509Certificate2 certificado, bool comments = false, SignDigest digest = SignDigest.SHA1) { Guard.Against <ArgumentException>(!infoElement.IsEmpty() && doc.GetElementsByTagName(infoElement).Count != 1, "Referencia invalida ou não é unica."); //Adiciona Certificado ao Key Info var keyInfo = new KeyInfo(); keyInfo.AddClause(new KeyInfoX509Data(certificado)); //Seta chaves var signedDocument = new SignedXml(doc) { SigningKey = certificado.PrivateKey, KeyInfo = keyInfo, SignedInfo = { SignatureMethod = GetSignatureMethod(digest) } }; var uri = infoElement.IsEmpty() || signAtribute.IsEmpty() ? "" : $"#{doc.GetElementsByTagName(infoElement)[0].Attributes?[signAtribute]?.InnerText}"; // Cria referencia var reference = new Reference { Uri = uri, DigestMethod = GetDigestMethod(digest) }; // Adiciona transformação a referencia reference.AddTransform(new XmlDsigEnvelopedSignatureTransform()); reference.AddTransform(new XmlDsigC14NTransform(comments)); // Adiciona referencia ao xml signedDocument.AddReference(reference); // Calcula Assinatura signedDocument.ComputeSignature(); // Pega representação da assinatura return(signedDocument.GetXml()); }
/// <summary> /// Sign /// </summary> /// <param name="input">The input.</param> /// <param name="output">The output.</param> /// <param name="certificate">The certificate.</param> public override void Sign(Stream input, Stream output, X509Certificate2 certificate) { CheckInputOutputAndCertificate(input, output, certificate); using (var rsaKey = (RSACryptoServiceProvider)certificate.PrivateKey) { var xmlDoc = new XmlDocument { PreserveWhitespace = true }; xmlDoc.Load(input); var signedXml = new SignedXml(xmlDoc) {SigningKey = rsaKey}; var envelope = new XmlDsigEnvelopedSignatureTransform(); var reference = new Reference {Uri = ""}; reference.AddTransform(envelope); signedXml.AddReference(reference); signedXml.ComputeSignature(); var xmlDigitalSignature = signedXml.GetXml(); xmlDoc.DocumentElement.AppendChild(xmlDoc.ImportNode(xmlDigitalSignature, true)); xmlDoc.Save(output); } }
// code outline borrowed from: http://blogs.msdn.com/shawnfa/archive/2003/11/12/57030.aspx public static void Sign(XmlDocument doc, RSA key) { SignedXml signer = new SignedXml(doc); // setup the key used to sign signer.KeyInfo = new KeyInfo(); signer.KeyInfo.AddClause(new RSAKeyValue(key)); signer.SigningKey = key; // create a reference to the root of the document Reference orderRef = new Reference(""); orderRef.AddTransform(new XmlDsigEnvelopedSignatureTransform()); signer.AddReference(orderRef); // add transforms that only select the order items, type, and // compute the signature, and add it to the document signer.ComputeSignature(); doc.DocumentElement.PrependChild(signer.GetXml()); }
public void ApplySignature(SamlResponse response, X509Certificate2 certificate, XmlDocument document) { var keyInfo = new KeyInfo(); keyInfo.AddClause(new KeyInfoX509Data(certificate)); var signedXml = new SignedXml(document) { SigningKey = certificate.PrivateKey, KeyInfo = keyInfo }; var reference = new Reference(AssertionIdPrefix + response.Id); reference.AddTransform(new XmlDsigEnvelopedSignatureTransform()); signedXml.AddReference(reference); signedXml.ComputeSignature(); var xml = signedXml.GetXml(); document.FindChild(AssertionElem).AppendChild(xml); }
public static XmlElement CreateSignature(XmlDocument document, X509Certificate2 certificate, string referenceId, string referenceValue) { var samlSignedXml = new SamlSignedXml(document, referenceId); // Add the key to the SignedXml xmlDocument. samlSignedXml.SigningKey = certificate.PrivateKey; // Create a reference to be signed. var reference = new Reference(); reference.Uri = string.Empty; reference.Uri = "#" + referenceValue; // Add an enveloped transformation to the reference. var env = new XmlDsigEnvelopedSignatureTransform(); var env2 = new XmlDsigC14NTransform(); reference.AddTransform(env); reference.AddTransform(env2); // Add the reference to the SignedXml object. samlSignedXml.AddReference(reference); // Add an RSAKeyValue KeyInfo (optional; helps recipient find key to validate). var keyInfo = new KeyInfo(); var keyData = new KeyInfoX509Data(certificate); keyInfo.AddClause(keyData); samlSignedXml.KeyInfo = keyInfo; // Compute the signature. samlSignedXml.ComputeSignature(); // Get the XML representation of the signature and save it to an XmlElement object. var xmlDigitalSignature = samlSignedXml.GetXml(); return xmlDigitalSignature; }
/// <summary> /// Creates a <see cref="Reference"/> model from a <see cref="System.Security.Cryptography.Xml.Reference"/> element. /// </summary> /// <param name="refElement"></param> /// <returns></returns> public static Reference CreateFromReferenceElement(System.Security.Cryptography.Xml.Reference refElement) { if (refElement == null) { throw new ArgumentNullException(nameof(refElement)); } IEnumerable <ReferenceTransform> CreateTransformsFromChain(TransformChain chain) { if (chain != null) { foreach (Transform transform in chain) { yield return(new ReferenceTransform(transform.Algorithm)); } } } return(new Reference( refElement.Uri, CreateTransformsFromChain(refElement.TransformChain), new ReferenceDigestMethod(refElement.DigestMethod), refElement.DigestValue)); }
public void LoadXml(XmlElement value) { if (value == null) { throw new ArgumentNullException("value"); } // SignedInfo XmlElement signedInfoElement = value; if (!signedInfoElement.LocalName.Equals("SignedInfo")) { throw new CryptographicException(SecurityResources.GetResourceString("Cryptography_Xml_InvalidElement"), "SignedInfo"); } XmlNamespaceManager nsm = new XmlNamespaceManager(value.OwnerDocument.NameTable); nsm.AddNamespace("ds", SignedXml.XmlDsigNamespaceUrl); // Id attribute -- optional m_id = Utils.GetAttribute(signedInfoElement, "Id", SignedXml.XmlDsigNamespaceUrl); // CanonicalizationMethod -- must be present XmlElement canonicalizationMethodElement = signedInfoElement.SelectSingleNode("ds:CanonicalizationMethod", nsm) as XmlElement; if (canonicalizationMethodElement == null) { throw new CryptographicException(SecurityResources.GetResourceString("Cryptography_Xml_InvalidElement"), "SignedInfo/CanonicalizationMethod"); } m_canonicalizationMethod = Utils.GetAttribute(canonicalizationMethodElement, "Algorithm", SignedXml.XmlDsigNamespaceUrl); m_canonicalizationMethodTransform = null; if (canonicalizationMethodElement.ChildNodes.Count > 0) { this.CanonicalizationMethodObject.LoadInnerXml(canonicalizationMethodElement.ChildNodes); } // SignatureMethod -- must be present XmlElement signatureMethodElement = signedInfoElement.SelectSingleNode("ds:SignatureMethod", nsm) as XmlElement; if (signatureMethodElement == null) { throw new CryptographicException(SecurityResources.GetResourceString("Cryptography_Xml_InvalidElement"), "SignedInfo/SignatureMethod"); } m_signatureMethod = Utils.GetAttribute(signatureMethodElement, "Algorithm", SignedXml.XmlDsigNamespaceUrl); // Now get the output length if we are using a MAC algorithm XmlElement signatureLengthElement = signatureMethodElement.SelectSingleNode("ds:HMACOutputLength", nsm) as XmlElement; if (signatureLengthElement != null) { m_signatureLength = signatureLengthElement.InnerXml; } // flush out any reference that was there m_references.Clear(); XmlNodeList referenceNodes = signedInfoElement.SelectNodes("ds:Reference", nsm); if (referenceNodes != null) { foreach (XmlNode node in referenceNodes) { XmlElement referenceElement = node as XmlElement; Reference reference = new Reference(); AddReference(reference); reference.LoadXml(referenceElement); } } // Save away the cached value m_cachedXml = signedInfoElement; }
private SoapFilterResult Sign(SoapEnvelope envelope) { XmlNode securityNode = envelope.CreateNode(XmlNodeType.Element, "wsse:Security", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"); envelope.PreserveWhitespace = false; /* * <wsu:Timestamp wsu:Id="Timestamp-10ba255c-ea41-4041-ab07-2b7a3220ef88"> * <wsu:Created>2011-01-07T07:49:08Z</wsu:Created> * <wsu:Expires>2011-01-07T07:54:08Z</wsu:Expires> * </wsu:Timestamp> */ XmlNode timestampNode = envelope.CreateNode( XmlNodeType.Element, "wsu:Timestamp", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"); XmlElement timestampElement = timestampNode as XmlElement; XmlAttribute IdAttTs = envelope.CreateAttribute("wsu", "Id", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"); IdAttTs.Value = "Timestamp-" + Guid.NewGuid().ToString(); XmlNode created = envelope.CreateNode(XmlNodeType.Element, "wsu:Created", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"); created.InnerText = DateTime.Now.ToUniversalTime().ToString("o"); DateTime expiration = DateTime.Now.AddMinutes(5); XmlNode expires = envelope.CreateNode(XmlNodeType.Element, "wsu:Expires", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"); expires.InnerText = expiration.ToUniversalTime().ToString("o"); timestampElement.Attributes.Append(IdAttTs); timestampElement.AppendChild(created); timestampElement.AppendChild(expires); XmlNode binarySecurityTokenNode = envelope.CreateNode( XmlNodeType.Element, "wsse:BinarySecurityToken", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"); XmlElement binarySecurityTokenElement = binarySecurityTokenNode as XmlElement; binarySecurityTokenElement.SetAttribute( "xmlns:wsu", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"); binarySecurityTokenElement.SetAttribute( "EncodingType", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"); binarySecurityTokenElement.SetAttribute( "ValueType", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"); XmlAttribute IdAtt = envelope.CreateAttribute("wsu", "Id", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"); IdAtt.Value = _parentAssertion.Token.Id; binarySecurityTokenElement.Attributes.Append(IdAtt); byte[] publicCert = _parentAssertion.Token.Certificate.GetRawCertData(); binarySecurityTokenElement.InnerXml = Convert.ToBase64String(publicCert, Base64FormattingOptions.None); SignatureFramework.SignedXml signature = new SignatureFramework.SignedXml(envelope); signature.Signature.Id = "Signature-" + Guid.NewGuid().ToString(); KeyInfo ki = new KeyInfo(); ki.Id = "KeyInfo-" + Guid.NewGuid().ToString(); SecurityTokenReference sectokenReference = new SecurityTokenReference(_parentAssertion.Token, SecurityTokenReference.SerializationOptions.Reference); ki.AddClause(sectokenReference); signature.KeyInfo = ki; SignatureFramework.SignedInfo si = new SignatureFramework.SignedInfo(); si.SignatureMethod = _parentAssertion.SignatureMethod; si.CanonicalizationMethod = SignatureFramework.XmlSignatureConstants.XmlDsigExcC14NTransformUrl; String bodyId = "Body-" + Guid.NewGuid().ToString(); envelope.Body.SetAttribute("Id", bodyId); System.Security.Cryptography.Xml.Reference bsBody = new System.Security.Cryptography.Xml.Reference(); bsBody.Uri = "#" + bodyId; bsBody.AddTransform(new System.Security.Cryptography.Xml.XmlDsigExcC14NTransform()); si.AddReference(bsBody); System.Security.Cryptography.Xml.Reference refTimestamp = new System.Security.Cryptography.Xml.Reference(); refTimestamp.Uri = "#" + IdAttTs.Value; refTimestamp.AddTransform(new System.Security.Cryptography.Xml.XmlDsigExcC14NTransform()); si.AddReference(refTimestamp); signature.SignedInfo = si; bool disposeCryptoProvider = false; var key = (RSACryptoServiceProvider)_parentAssertion.Token.Certificate.PrivateKey; if (key.CspKeyContainerInfo.ProviderName == "Microsoft Strong Cryptographic Provider" || key.CspKeyContainerInfo.ProviderName == "Microsoft Enhanced Cryptographic Provider v1.0" || key.CspKeyContainerInfo.ProviderName == "Microsoft Base Cryptographic Provider v1.0" || key.CspKeyContainerInfo.ProviderName == "Microsoft RSA SChannel Cryptographic Provider") { Type CspKeyContainerInfo_Type = typeof(CspKeyContainerInfo); FieldInfo CspKeyContainerInfo_m_parameters = CspKeyContainerInfo_Type.GetField("m_parameters", BindingFlags.NonPublic | BindingFlags.Instance); CspParameters parameters = (CspParameters)CspKeyContainerInfo_m_parameters.GetValue(key.CspKeyContainerInfo); var cspparams = new CspParameters(24, "Microsoft Enhanced RSA and AES Cryptographic Provider", key.CspKeyContainerInfo.KeyContainerName); cspparams.KeyNumber = parameters.KeyNumber; cspparams.Flags = parameters.Flags; signature.SigningKey = new RSACryptoServiceProvider(cspparams); disposeCryptoProvider = true; } else { signature.SigningKey = _parentAssertion.Token.Certificate.PrivateKey; } securityNode.AppendChild(binarySecurityTokenNode); securityNode.AppendChild(timestampNode); envelope.ImportNode(securityNode, true); XmlNode node = envelope.Header; node.AppendChild(securityNode); signature.ComputeSignature(); securityNode.AppendChild(envelope.ImportNode(signature.GetXml(), true)); if (disposeCryptoProvider) { signature.SigningKey.Dispose(); } return(SoapFilterResult.Continue); }
/// <summary> /// Signs the document given as an argument. /// </summary> /// <param name="doc">The doc.</param> private static void SignDocument(XmlDocument doc) { var signedXml = new SignedXml(doc); signedXml.SignedInfo.CanonicalizationMethod = SignedXml.XmlDsigExcC14NTransformUrl; // TODO Dynamically dig out the correct ID attribute from the XmlDocument. var reference = new Reference("#_b8977dc86cda41493fba68b32ae9291d"); var envelope = new XmlDsigEnvelopedSignatureTransform(); reference.AddTransform(envelope); // NOTE: C14n may require the following list of namespace prefixes. Seems to work without it, though. // List<string> prefixes = new List<string>(); // prefixes.Add(doc.DocumentElement.GetPrefixOfNamespace("http://www.w3.org/2000/09/xmldsig#")); // prefixes.Add(doc.DocumentElement.GetPrefixOfNamespace("http://www.w3.org/2001/XMLSchema-instance")); // prefixes.Add(doc.DocumentElement.GetPrefixOfNamespace("http://www.w3.org/2001/XMLSchema")); // prefixes.Add(doc.DocumentElement.GetPrefixOfNamespace("urn:oasis:names:tc:SAML:2.0:assertion")); // XmlDsigExcC14NTransform C14NTransformer = new XmlDsigExcC14NTransform(string.Join(" ", prefixes.ToArray()).Trim()); var c14NTransformer = new XmlDsigExcC14NTransform(); reference.AddTransform(c14NTransformer); signedXml.AddReference(reference); // Add the key to the signature, so the assertion can be verified by itself. signedXml.KeyInfo = new KeyInfo(); // Use RSA key for signing. // CspParameters parameters = new CspParameters(); // parameters.KeyContainerName = "XML_DSIG_RSA_KEY"; // RSACryptoServiceProvider rsaKey = new RSACryptoServiceProvider(parameters); // signedXml.SigningKey = rsaKey; // signedXml.KeyInfo.AddClause(new RSAKeyValue(rsaKey)); // Use X509 Certificate for signing. var cert = new X509Certificate2(@"Certificates\sts_dev_certificate.pfx", "test1234"); Assert.That(cert.HasPrivateKey); signedXml.SigningKey = cert.PrivateKey; signedXml.KeyInfo.AddClause(new KeyInfoX509Data(cert, X509IncludeOption.EndCertOnly)); // Information on the these and other "key info clause" types can be found at: // ms-help://MS.MSDNQTR.v80.en/MS.MSDN.v80/MS.NETDEVFX.v20.en/CPref18/html/T_System_Security_Cryptography_Xml_KeyInfoClause_DerivedTypes.htm // Do it! signedXml.ComputeSignature(); var nodes = doc.DocumentElement.GetElementsByTagName("Issuer", Saml20Constants.Assertion); Assert.That(nodes.Count == 1); var node = nodes[0]; doc.DocumentElement.InsertAfter(doc.ImportNode(signedXml.GetXml(), true), node); }
private byte[] GetReferenceHash(Reference r, bool check_hmac) { Stream s = null; XmlDocument doc = null; if (r.Uri == String.Empty) { doc = envdoc; } else if (r.Type == XmlSignature.Uri.Manifest) { doc = GetManifest(r); } else { doc = new XmlDocument(); doc.PreserveWhitespace = true; string objectName = null; if (r.Uri.StartsWith("#xpointer")) { string uri = string.Join("", r.Uri.Substring(9).Split(whitespaceChars)); if (uri.Length < 2 || uri [0] != '(' || uri [uri.Length - 1] != ')') { // FIXME: how to handle invalid xpointer? uri = String.Empty; } else { uri = uri.Substring(1, uri.Length - 2); } if (uri == "/") { doc = envdoc; } else if (uri.Length > 6 && uri.StartsWith("id(") && uri [uri.Length - 1] == ')') { // id('foo'), id("foo") objectName = uri.Substring(4, uri.Length - 6); } } else if (r.Uri [0] == '#') { objectName = r.Uri.Substring(1); } else if (xmlResolver != null) { // TODO: test but doc says that Resolver = null -> no access try { // no way to know if valid without throwing an exception Uri uri = new Uri(r.Uri); s = (Stream)xmlResolver.GetEntity(uri, null, typeof(Stream)); } catch { // may still be a local file (and maybe not xml) s = File.OpenRead(r.Uri); } } if (objectName != null) { XmlElement found = null; foreach (DataObject obj in m_signature.ObjectList) { if (obj.Id == objectName) { found = obj.GetXml(); found.SetAttribute("xmlns", SignedXml.XmlDsigNamespaceUrl); doc.AppendChild(doc.ImportNode(found, true)); // FIXME: there should be theoretical justification of copying namespace declaration nodes this way. foreach (XmlNode n in found.ChildNodes) { // Do not copy default namespace as it must be xmldsig namespace for "Object" element. if (n.NodeType == XmlNodeType.Element) { FixupNamespaceNodes(n as XmlElement, doc.DocumentElement, true); } } break; } } if (found == null && envdoc != null) { found = GetIdElement(envdoc, objectName); if (found != null) { doc.AppendChild(doc.ImportNode(found, true)); FixupNamespaceNodes(found, doc.DocumentElement, false); } } if (found == null) { throw new CryptographicException(String.Format("Malformed reference object: {0}", objectName)); } } } if (r.TransformChain.Count > 0) { foreach (Transform t in r.TransformChain) { if (s == null) { s = ApplyTransform(t, doc); } else { t.LoadInput(s); object o = t.GetOutput(); if (o is Stream) { s = (Stream)o; } else { s = CanonicalizeOutput(o); } } } } else if (s == null) { // we must not C14N references from outside the document // e.g. non-xml documents if (r.Uri [0] != '#') { s = new MemoryStream(); doc.Save(s); } else { // apply default C14N transformation s = ApplyTransform(new XmlDsigC14NTransform(), doc); } } HashAlgorithm digest = GetHash(r.DigestMethod, check_hmac); return((digest == null) ? null : digest.ComputeHash(s)); }
protected override ISignatureValueSecurityElement CompletePrimarySignatureCore( SendSecurityHeaderElement[] signatureConfirmations, SecurityToken[] signedEndorsingTokens, SecurityToken[] signedTokens, SendSecurityHeaderElement[] basicTokens, bool isPrimarySignature) { if (_signedXml == null) { return(null); } SecurityTimestamp timestamp = Timestamp; if (timestamp != null) { if (timestamp.Id == null) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.TimestampToSignHasNoId)); } var buffer = new byte[64]; var ms = new MemoryStream(); StandardsManager.WSUtilitySpecificationVersion.WriteTimestampCanonicalForm( ms, timestamp, buffer); ms.Position = 0; AddReference("#" + timestamp.Id, ms); var reference = new System.Security.Cryptography.Xml.Reference(ms); } if ((ShouldSignToHeader) && (_signingKey != null || _signedXml.SigningKey != null) && (Version.Addressing != AddressingVersion.None)) { if (_toHeaderStream != null) { AddReference("#" + _toHeaderId, _toHeaderStream); } else { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new InvalidOperationException(SR.TransportSecurityRequireToHeader)); } } AddSignatureReference(signatureConfirmations); if (isPrimarySignature && ShouldProtectTokens) { AddPrimaryTokenSignatureReference(ElementContainer.SourceSigningToken, SigningTokenParameters); } if (RequireMessageProtection) { throw new PlatformNotSupportedException(nameof(RequireMessageProtection)); } if (_signedXml.SignedInfo.References.Count == 0) { throw TraceUtility.ThrowHelperError(new MessageSecurityException(SR.NoPartsOfMessageMatchedPartsToSign), Message); } try { if (_signingKey != null) { _signedXml.ComputeSignature(_signingKey); } else { _signedXml.ComputeSignature(); } return(new SignatureValue(_signedXml.Signature)); } finally { _hashStream = null; _signingKey = null; _signedXml = null; _effectiveSignatureParts = null; } }
/// <summary> /// Añade un objeto de tipo <code>Reference</code> /// </summary> /// <param name="reference"></param> public void AddReference(System.Security.Cryptography.Xml.Reference reference) { signature.SignedInfo.AddReference(reference); }
public static void SignXmlFile(string fileName, ref string signedContent, RSA key) { // Check the arguments. if (fileName == null) { throw new ArgumentNullException("fileName"); } if (signedContent == null) { throw new ArgumentNullException("signedFileName"); } if (key == null) { throw new ArgumentNullException("key"); } // Create a new XML document. XmlDocument doc = new XmlDocument(); // Format the document to ignore white spaces. doc.PreserveWhitespace = false; // Load the passed XML file using it's name. //doc.Load(new XmlTextReader(FileName)); doc.LoadXml(fileName); // Create a SignedXml object. SignedXml signedXml = new SignedXml(doc); // Add the key to the SignedXml document. signedXml.SigningKey = key; // Get the signature object from the SignedXml object. System.Security.Cryptography.Xml.Signature XMLSignature = signedXml.Signature; // Create a reference to be signed. Pass "" // to specify that all of the current XML // document should be signed. System.Security.Cryptography.Xml.Reference reference = new System.Security.Cryptography.Xml.Reference(""); // Add an enveloped transformation to the reference. XmlDsigEnvelopedSignatureTransform env = new XmlDsigEnvelopedSignatureTransform(); reference.AddTransform(env); // Add the Reference object to the Signature object. XMLSignature.SignedInfo.AddReference(reference); // Add an RSAKeyValue KeyInfo (optional; helps recipient find key to validate). System.Security.Cryptography.Xml.KeyInfo keyInfo = new System.Security.Cryptography.Xml.KeyInfo(); keyInfo.AddClause(new RSAKeyValue((RSA)key)); // Add the KeyInfo object to the Reference object. XMLSignature.KeyInfo = keyInfo; // Compute the signature. signedXml.ComputeSignature(); // Get the XML representation of the signature and save // it to an XmlElement object. XmlElement xmlDigitalSignature = signedXml.GetXml(); // Append the element to the XML document. doc.DocumentElement.AppendChild(doc.ImportNode(xmlDigitalSignature, true)); if (doc.FirstChild is XmlDeclaration) { doc.RemoveChild(doc.FirstChild); } signedContent = doc.InnerXml; }
public void AddReference (Reference reference) { references.Add (reference); }
private XmlDocument GetManifest (Reference r) { XmlDocument doc = new XmlDocument (); doc.PreserveWhitespace = true; if (r.Uri [0] == '#') { // local manifest if (signatureElement != null) { XmlElement xel = GetIdElement (signatureElement.OwnerDocument, r.Uri.Substring (1)); if (xel == null) throw new CryptographicException ("Manifest targeted by Reference was not found: " + r.Uri.Substring (1)); doc.AppendChild (doc.ImportNode (xel, true)); FixupNamespaceNodes (xel, doc.DocumentElement, false); } } else if (xmlResolver != null) { // TODO: need testing Stream s = (Stream) xmlResolver.GetEntity (new Uri (r.Uri), null, typeof (Stream)); doc.Load (s); } if (doc.FirstChild != null) { // keep a copy of the manifests to check their references later if (manifests == null) manifests = new ArrayList (); manifests.Add (doc); return doc; } return null; }
//public static string RetornarXmlFirmado(string xmlString, string rutaCertificado, string claveCertificado, out string hash) //{ // hash = null; // XmlDocument documentXml = new XmlDocument(); // documentXml.PreserveWhitespace = true; // documentXml.LoadXml(xmlString); // var nodoExtension = documentXml.GetElementsByTagName("ExtensionContent", "urn:oasis:names:specification:ubl:schema:xsd:CommonExtensionComponents-2").Item(0); // if (nodoExtension == null) // { // throw new InvalidOperationException("No se pudo encontrar el nodo ExtensionContent en el XML"); // } // nodoExtension.RemoveAll(); // SignedXml firmado = new SignedXml(documentXml); // var xmlSignature = firmado.Signature; // byte[] certificadoByte = File.ReadAllBytes(rutaCertificado); // X509Certificate2 certificado = new X509Certificate2(); // //certificado.Import(certificadoByte, claveCertificado, X509KeyStorageFlags.MachineKeySet | X509KeyStorageFlags.PersistKeySet | X509KeyStorageFlags.Exportable); // certificado.Import(certificadoByte, claveCertificado, X509KeyStorageFlags.Exportable); // firmado.SigningKey = certificado.GetRSAPrivateKey(); // //firmado.SigningKey = (RSA)certificado.PrivateKey; // //firmado.SigningKey = certificado.PrivateKey; // //digest info agregada en la seccion firma // var env = new XmlDsigEnvelopedSignatureTransform(); // Reference reference = new Reference(); // reference.AddTransform(env); // reference.Uri = ""; // firmado.AddReference(reference); // firmado.SignedInfo.SignatureMethod = "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"; // reference.DigestMethod = "http://www.w3.org/2001/04/xmlenc#sha256"; // var keyInfoData = new KeyInfoX509Data(certificado); // keyInfoData.AddSubjectName(certificado.Subject); // // info para la llave publica // KeyInfo keyInfo = new KeyInfo(); // keyInfo.AddClause(keyInfoData); // //keyInfo.sub // xmlSignature.KeyInfo = keyInfo; // xmlSignature.Id = "signatureKG"; // firmado.ComputeSignature(); // // Recuperamos el valor Hash de la firma para este documento. // if (reference.DigestValue != null) // { // hash = Convert.ToBase64String(reference.DigestValue); // } // XmlNode xmlNodeFirmado = firmado.GetXml(); // xmlNodeFirmado.Prefix = "ds"; // //XmlNode xmlNodeContent = documentXml.CreateElement("ext", "ExtensionContent", "urn:oasis:names:specification:ubl:schema:xsd:CommonExtensionComponents-2"); // //xmlNodeContent.AppendChild(xmlNodeFirmado); // //XmlNode xmlNode = documentXml.CreateElement("ext", "UBLExtension", "urn:oasis:names:specification:ubl:schema:xsd:CommonExtensionComponents-2"); // //xmlNode.AppendChild(xmlNodeContent); // nodoExtension.AppendChild(xmlNodeFirmado); // var settings = new XmlWriterSettings() // { // Encoding = Encoding.UTF8, // Indent = true, // IndentChars = "\t", // NewLineChars = Environment.NewLine // }; // string resultado = String.Empty; // using (var memDoc = new MemoryStream()) // { // using (var writer = XmlWriter.Create(memDoc, settings)) // { // //XDocument xDocument = XDocument.Parse(documentXml.OuterXml); // //xDocument.WriteTo(writer); // documentXml.WriteTo(writer); // } // //resultado = Encoding.Unicode.GetString(memDoc.ToArray()); // //resultado = Encoding.GetEncoding("ISO-8859-1").GetString(memDoc.ToArray()); // //resultado = Convert.ToBase64String(memDoc.ToArray()); // resultado = Encoding.UTF8.GetString(memDoc.ToArray()); // } // return resultado; //} public static string RetornarXmlFirmado(string prefijoComprobanteBusqueda, string tnsString, string xmlString, string rutaCertificado, string claveCertificado, out string hash) { hash = null; XmlDocument xmlDocument = new XmlDocument(); xmlDocument.PreserveWhitespace = true; xmlDocument.LoadXml(xmlString); X509Certificate2 certificado = new X509Certificate2(rutaCertificado, claveCertificado); XmlNamespaceManager nsMgr = new XmlNamespaceManager(xmlDocument.NameTable); nsMgr.AddNamespace("tns", tnsString); nsMgr.AddNamespace("ext", "urn:oasis:names:specification:ubl:schema:xsd:CommonExtensionComponents-2"); XmlElement elem = xmlDocument.CreateElement("ext:ExtensionContent", "urn:oasis:names:specification:ubl:schema:xsd:CommonExtensionComponents-2"); xmlDocument.SelectSingleNode($"{prefijoComprobanteBusqueda}/ext:UBLExtensions/ext:UBLExtension", nsMgr).AppendChild(elem); SignedXml signedXml = new SignedXml(xmlDocument); signedXml.SigningKey = certificado.GetRSAPrivateKey(); System.Security.Cryptography.Xml.KeyInfo KeyInfo = new System.Security.Cryptography.Xml.KeyInfo(); System.Security.Cryptography.Xml.Reference Reference = new System.Security.Cryptography.Xml.Reference(); Reference.Uri = ""; Reference.AddTransform(new XmlDsigEnvelopedSignatureTransform()); signedXml.AddReference(Reference); X509Chain X509Chain = new X509Chain(); X509Chain.Build(certificado); X509ChainElement local_element = X509Chain.ChainElements[0]; KeyInfoX509Data x509Data = new KeyInfoX509Data(local_element.Certificate); string subjectName = local_element.Certificate.Subject; x509Data.AddSubjectName(subjectName); KeyInfo.AddClause(x509Data); signedXml.Signature.Id = "signatureKG"; signedXml.KeyInfo = KeyInfo; signedXml.ComputeSignature(); XmlElement signature = signedXml.GetXml(); XmlNode dg = signature.GetElementsByTagName("DigestValue", "http://www.w3.org/2000/09/xmldsig#")[0]; XmlNode sg = signature.GetElementsByTagName("SignatureValue", "http://www.w3.org/2000/09/xmldsig#")[0]; hash = dg.InnerText; //SignatureValue = sg.InnerText; signature.Prefix = "ds"; //SetPrefix("ds", signature); elem.AppendChild(signature); MemoryStream msXMLFirmado = new MemoryStream(); xmlDocument.Save(msXMLFirmado); //msXMLFirmado.Position = 1; return(Encoding.UTF8.GetString(msXMLFirmado.ToArray()).Substring(1)); }
public void LoadXml (XmlElement value) { if (value == null) throw new ArgumentNullException ("value"); if ((value.LocalName != XmlSignature.ElementNames.Manifest) || (value.NamespaceURI != XmlSignature.NamespaceURI)) throw new CryptographicException (); id = GetAttribute (value, XmlSignature.AttributeNames.Id); for (int i = 0; i < value.ChildNodes.Count; i++) { XmlNode n = value.ChildNodes [i]; if (n.NodeType == XmlNodeType.Element && n.LocalName == XmlSignature.ElementNames.Reference && n.NamespaceURI == XmlSignature.NamespaceURI) { Reference r = new Reference (); r.LoadXml ((XmlElement) n); AddReference (r); } } element = value; }
public void LoadXml(XmlElement value) { if (value == null) { throw new ArgumentNullException(nameof(value)); } // SignedInfo XmlElement signedInfoElement = value; if (!signedInfoElement.LocalName.Equals("SignedInfo")) { throw new CryptographicException(SR.Cryptography_Xml_InvalidElement, "SignedInfo"); } XmlNamespaceManager nsm = new XmlNamespaceManager(value.OwnerDocument.NameTable); nsm.AddNamespace("ds", SignedXml.XmlDsigNamespaceUrl); int expectedChildNodes = 0; // Id attribute -- optional _id = Utils.GetAttribute(signedInfoElement, "Id", SignedXml.XmlDsigNamespaceUrl); if (!Utils.VerifyAttributes(signedInfoElement, "Id")) { throw new CryptographicException(SR.Cryptography_Xml_InvalidElement, "SignedInfo"); } // CanonicalizationMethod -- must be present XmlNodeList canonicalizationMethodNodes = signedInfoElement.SelectNodes("ds:CanonicalizationMethod", nsm); if (canonicalizationMethodNodes == null || canonicalizationMethodNodes.Count == 0 || canonicalizationMethodNodes.Count > 1) { throw new CryptographicException(SR.Cryptography_Xml_InvalidElement, "SignedInfo/CanonicalizationMethod"); } XmlElement canonicalizationMethodElement = canonicalizationMethodNodes.Item(0) as XmlElement; expectedChildNodes += canonicalizationMethodNodes.Count; _canonicalizationMethod = Utils.GetAttribute(canonicalizationMethodElement, "Algorithm", SignedXml.XmlDsigNamespaceUrl); if (_canonicalizationMethod == null || !Utils.VerifyAttributes(canonicalizationMethodElement, "Algorithm")) { throw new CryptographicException(SR.Cryptography_Xml_InvalidElement, "SignedInfo/CanonicalizationMethod"); } _canonicalizationMethodTransform = null; if (canonicalizationMethodElement.ChildNodes.Count > 0) { CanonicalizationMethodObject.LoadInnerXml(canonicalizationMethodElement.ChildNodes); } // SignatureMethod -- must be present XmlNodeList signatureMethodNodes = signedInfoElement.SelectNodes("ds:SignatureMethod", nsm); if (signatureMethodNodes == null || signatureMethodNodes.Count == 0 || signatureMethodNodes.Count > 1) { throw new CryptographicException(SR.Cryptography_Xml_InvalidElement, "SignedInfo/SignatureMethod"); } XmlElement signatureMethodElement = signatureMethodNodes.Item(0) as XmlElement; expectedChildNodes += signatureMethodNodes.Count; _signatureMethod = Utils.GetAttribute(signatureMethodElement, "Algorithm", SignedXml.XmlDsigNamespaceUrl); if (_signatureMethod == null || !Utils.VerifyAttributes(signatureMethodElement, "Algorithm")) { throw new CryptographicException(SR.Cryptography_Xml_InvalidElement, "SignedInfo/SignatureMethod"); } // Now get the output length if we are using a MAC algorithm XmlElement signatureLengthElement = signatureMethodElement.SelectSingleNode("ds:HMACOutputLength", nsm) as XmlElement; if (signatureLengthElement != null) { _signatureLength = signatureLengthElement.InnerXml; } // flush out any reference that was there _references.Clear(); // Reference - 0 or more XmlNodeList referenceNodes = signedInfoElement.SelectNodes("ds:Reference", nsm); if (referenceNodes != null) { if (referenceNodes.Count > Utils.MaxReferencesPerSignedInfo) { throw new CryptographicException(SR.Cryptography_Xml_InvalidElement, "SignedInfo/Reference"); } foreach (XmlNode node in referenceNodes) { XmlElement referenceElement = node as XmlElement; Reference reference = new Reference(); AddReference(reference); reference.LoadXml(referenceElement); } expectedChildNodes += referenceNodes.Count; // Verify that there aren't any extra nodes that aren't allowed if (signedInfoElement.SelectNodes("*").Count != expectedChildNodes) { throw new CryptographicException(SR.Cryptography_Xml_InvalidElement, "SignedInfo"); } } // Save away the cached value _cachedXml = signedInfoElement; }
public void LoadXml (XmlElement value) { if (value == null) throw new ArgumentNullException ("value"); if ((value.LocalName != XmlSignature.ElementNames.SignedInfo) || (value.NamespaceURI != XmlSignature.NamespaceURI)) throw new CryptographicException (); id = GetAttribute (value, XmlSignature.AttributeNames.Id); c14nMethod = XmlSignature.GetAttributeFromElement (value, XmlSignature.AttributeNames.Algorithm, XmlSignature.ElementNames.CanonicalizationMethod); XmlElement sm = XmlSignature.GetChildElement (value, XmlSignature.ElementNames.SignatureMethod, XmlSignature.NamespaceURI); if (sm != null) { signatureMethod = sm.GetAttribute (XmlSignature.AttributeNames.Algorithm); XmlElement length = XmlSignature.GetChildElement (sm, XmlSignature.ElementNames.HMACOutputLength, XmlSignature.NamespaceURI); if (length != null) { signatureLength = length.InnerText; } } for (int i = 0; i < value.ChildNodes.Count; i++) { XmlNode n = value.ChildNodes [i]; if (n.NodeType == XmlNodeType.Element && n.LocalName == XmlSignature.ElementNames.Reference && n.NamespaceURI == XmlSignature.NamespaceURI) { Reference r = new Reference (); r.LoadXml ((XmlElement) n); AddReference (r); } } element = value; }
public void AddReference (Reference reference) { if (reference == null) throw new ArgumentNullException ("reference"); m_signature.SignedInfo.AddReference (reference); }
// // public methods // public void AddReference(Reference reference) { m_signature.SignedInfo.AddReference(reference); }
private byte[] GetReferenceHash (Reference r, bool check_hmac) { Stream s = null; XmlDocument doc = null; if (r.Uri == String.Empty) { doc = envdoc; } else if (r.Type == XmlSignature.Uri.Manifest) { doc = GetManifest (r); } else { doc = new XmlDocument (); doc.PreserveWhitespace = true; string objectName = null; if (r.Uri.StartsWith ("#xpointer")) { string uri = string.Join ("", r.Uri.Substring (9).Split (whitespaceChars)); if (uri.Length < 2 || uri [0] != '(' || uri [uri.Length - 1] != ')') // FIXME: how to handle invalid xpointer? uri = String.Empty; else uri = uri.Substring (1, uri.Length - 2); if (uri == "/") doc = envdoc; else if (uri.Length > 6 && uri.StartsWith ("id(") && uri [uri.Length - 1] == ')') // id('foo'), id("foo") objectName = uri.Substring (4, uri.Length - 6); } else if (r.Uri [0] == '#') { objectName = r.Uri.Substring (1); } else if (xmlResolver != null) { // TODO: test but doc says that Resolver = null -> no access try { // no way to know if valid without throwing an exception Uri uri = new Uri (r.Uri); s = (Stream) xmlResolver.GetEntity (uri, null, typeof (Stream)); } catch { // may still be a local file (and maybe not xml) s = File.OpenRead (r.Uri); } } if (objectName != null) { XmlElement found = null; foreach (DataObject obj in m_signature.ObjectList) { if (obj.Id == objectName) { found = obj.GetXml (); found.SetAttribute ("xmlns", SignedXml.XmlDsigNamespaceUrl); doc.AppendChild (doc.ImportNode (found, true)); // FIXME: there should be theoretical justification of copying namespace declaration nodes this way. foreach (XmlNode n in found.ChildNodes) // Do not copy default namespace as it must be xmldsig namespace for "Object" element. if (n.NodeType == XmlNodeType.Element) FixupNamespaceNodes (n as XmlElement, doc.DocumentElement, true); break; } } if (found == null && envdoc != null) { found = GetIdElement (envdoc, objectName); if (found != null) { doc.AppendChild (doc.ImportNode (found, true)); FixupNamespaceNodes (found, doc.DocumentElement, false); } } if (found == null) throw new CryptographicException (String.Format ("Malformed reference object: {0}", objectName)); } } if (r.TransformChain.Count > 0) { foreach (Transform t in r.TransformChain) { if (s == null) { s = ApplyTransform (t, doc); } else { t.LoadInput (s); object o = t.GetOutput (); if (o is Stream) s = (Stream) o; else s = CanonicalizeOutput (o); } } } else if (s == null) { // we must not C14N references from outside the document // e.g. non-xml documents if (r.Uri [0] != '#') { s = new MemoryStream (); doc.Save (s); } else { // apply default C14N transformation s = ApplyTransform (new XmlDsigC14NTransform (), doc); } } HashAlgorithm digest = GetHash (r.DigestMethod, check_hmac); return (digest == null) ? null : digest.ComputeHash (s); }
/// <summary> /// Firmar y Encriptar el Documento XML usando un Certificado x509. /// </summary> /// <param name="xmldoc">el documento XML a firmar y encriptar.</param> /// <param name="certificado">el certificado para poder firmar el XML</param> /// <param name="certificadopublico">el certificado publico para poder encriptar</param> /// <returns></returns> private static XmlDocument FirmaryEncriptarSoapRequest(XmlDocument xmldoc, X509Certificate2 certificadoPrivado, X509Certificate2 certificadopublico) { #region Firmar //añadir las referencias de espacios de nombres para asegurarnos de que podamos trabajar contra //cualquier documento elemento XML sin importar el nombramiento de los Tags siempre y cuando sepamos sus Namespaces. XmlNamespaceManager namespaceManager = new XmlNamespaceManager(xmldoc.NameTable); namespaceManager.AddNamespace("wsse", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"); namespaceManager.AddNamespace("wsu", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"); namespaceManager.AddNamespace("soapenv", "http://schemas.xmlsoap.org/soap/envelope/"); //Seleccionar el Header para agregarle elementos. XmlElement headerNode = xmldoc.DocumentElement.SelectSingleNode("//soapenv:Header", namespaceManager) as XmlElement; //Creamos el nodo de seguridad <Security> XmlElement securityNode = xmldoc.CreateElement("wsse", "Security", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"); securityNode.SetAttribute("xmlns:wsu", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"); securityNode.SetAttribute("mustUnderstand", "http://schemas.xmlsoap.org/soap/envelope/", "1"); XmlAttribute mustUnderstandSecurityAttribute = securityNode.GetAttributeNode("mustUnderstand"); mustUnderstandSecurityAttribute.Prefix = "soapenv"; #region Preparar elementos a ser firmados //Ahora vamos a crear otro BinarySecurityToken //Ahora creamos un BinarySecurityToken que será el certificado x509 de la clave privada //Con este BinarySecurityToken se espera que el receptor pueda verificar el Digest de la firma que se //genera con este BinarySecurityToken. //este BinarySecurityToken es firmado también. XmlElement binarySecurityTokenNode2 = xmldoc.CreateElement("wsse", "BinarySecurityToken", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"); //El atributo EncodingType dice cómo el Token está codificado, en este caso, Base64Binary. binarySecurityTokenNode2.SetAttribute("EncodingType", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"); //El atributo ValueType indica qué es el BinarySecurityToken, en este caso un Certificado X509v3. binarySecurityTokenNode2.SetAttribute("ValueType", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"); binarySecurityTokenNode2.SetAttribute("Id", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd", XmlElementsIds.PrivateKeyBinarySecurityTokenUri); XmlAttribute attribute2 = binarySecurityTokenNode2.GetAttributeNode("Id"); attribute2.Prefix = "wsu"; binarySecurityTokenNode2.InnerText = Convert.ToBase64String(certificadoPrivado.GetRawCertData()); //Creamos una estampa de tiempo, la cuál será firmada también: Timestamp timestamp = new Timestamp(); timestamp.TtlInSeconds = 5000; //El body también será firmado, pero todavía no tiene los atributos requeridos para que pueda ser firmado //Aquí se los agrego. //Ahora vamos a ponerle un Id. XmlElement body = xmldoc.DocumentElement.SelectSingleNode("//soapenv:Body", namespaceManager) as XmlElement; body.SetAttribute("xmlns:wsu", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"); body.SetAttribute("Id", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd", XmlElementsIds.BodyId); var bodyId = body.GetAttributeNode("Id"); bodyId.Prefix = "wsu"; #endregion #region Agregar elementos a ser firmados al nodo Security securityNode.AppendChild(timestamp.GetXml(xmldoc)); securityNode.AppendChild(binarySecurityTokenNode2); //agregar headerNode.AppendChild(securityNode); //el body ya existe, y no pertenece al nodo security. #endregion //Al momento de computar la firma, la clase SignedXml buscará las referencias previamente puestas, (las busca por los Id de cada uno //de los elementos a ser firmados. //y firmará los elementos que las referencias han referenciado //valga la redundancia. #region Crear firma XML //Ahora vamos a agregar un elemento Signature, que representa la firma digital. SignedXml signedXml = new SignedXmlWithId(xmldoc); signedXml.Signature.Id = "SIG-3"; //la canonicalización indica como se deben interpretar los espacios en blanco y similares //porque el valor de firma puede cambiar inclusive cuando hayan espacios u otros caracteres- signedXml.SignedInfo.CanonicalizationMethod = SignedXml.XmlDsigExcC14NTransformUrl; //cual fue el algoritmo usado para firmar. signedXml.SignedInfo.SignatureMethod = SignedXml.XmlDsigRSASHA1Url; //Cada una de las referencias apunta a un Id, que deberán tener los elementos //a ser firmados. System.Security.Cryptography.Xml.Reference reference = new System.Security.Cryptography.Xml.Reference { Uri = "#" + XmlElementsIds.PrivateKeyBinarySecurityTokenUri }; reference.AddTransform(new XmlDsigExcC14NTransform("")); reference.DigestMethod = SignedXml.XmlDsigSHA1Url; System.Security.Cryptography.Xml.Reference reference2 = new System.Security.Cryptography.Xml.Reference { Uri = "#" + timestamp.Id }; reference2.AddTransform(new XmlDsigExcC14NTransform("wsse lib soapenv")); reference2.DigestMethod = SignedXml.XmlDsigSHA1Url; System.Security.Cryptography.Xml.Reference reference3 = new System.Security.Cryptography.Xml.Reference { Uri = "#" + XmlElementsIds.BodyId }; reference3.AddTransform(new XmlDsigExcC14NTransform("lib")); reference3.DigestMethod = SignedXml.XmlDsigSHA1Url; signedXml.SignedInfo.AddReference(reference); signedXml.SignedInfo.AddReference(reference2); signedXml.SignedInfo.AddReference(reference3); signedXml.SigningKey = certificadoPrivado.PrivateKey; //la clave privada para firmar. //La Keyinfo representa un identificador de un Token de seguridad. //en el caso de las firmas, identifica cómo encontrar el token que se usó para firmar. KeyInfo keyInfoInsideSignature = new KeyInfo(); keyInfoInsideSignature.Id = "KI-D313N3M1G0"; //en este caso Una referencia a un token de seguridad. SecurityTokenReference securityTokenReferenceInsideSignature = new SecurityTokenReference(); securityTokenReferenceInsideSignature.Id = "STR-SecurityTokenReference"; securityTokenReferenceInsideSignature.ValueType = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"; securityTokenReferenceInsideSignature.Reference = XmlElementsIds.PrivateKeyBinarySecurityTokenUri; //El BinarySecurityToken que contiene el Certificado x509v3 usado para la firma (usando su clave privada) KeyInfoClause keyInfoClauseInsideSignature = new KeyInfoNode(securityTokenReferenceInsideSignature.GetXml()); keyInfoInsideSignature.AddClause(keyInfoClauseInsideSignature); signedXml.KeyInfo = keyInfoInsideSignature; signedXml.ComputeSignature(); //revisar que la firma sea válida.(para propósitos de desarrollo) bool firstcheck = signedXml.CheckSignature(certificadoPrivado, true); XmlNode signatureNode = signedXml.GetXml(); //Finalmente ya obtenemos un elemento <signature> totalmente formado y listo para ser anexado al nodo <security> #endregion securityNode.AppendChild(signatureNode); #endregion #region Encriptar //Ahora vamos a obtener el certificado público, y usar su clave para encriptar el contenido del body Encriptar(ref xmldoc, "lib:quotationCarGenericRq", certificadopublico, ref securityNode); #endregion //Devolver un XML Firmado y Encriptado. #region testing, se puede dejar comentado: //HttpWebRequest req = (HttpWebRequest)WebRequest.Create("https://wsqa.libertycolombia.com.co:8443/soa-infra/services/GenericAuto/GenericAutoQuotation/GenericAutoQuotationMediator_ep"); //req.Headers.Add("SOAPAction", "urn:quotationCarGeneric"); //req.Method = "POST"; //req.UserAgent = "Apache-HttpClient/4.1.1 (java 1.5)"; //req.ContentType = "text/xml;charset=\"utf-8\""; //req.Host = "wsqa.libertycolombia.com.co:8443"; ////XmlDocument xmldoctest = new XmlDocument(); ////xmldoctest.Load(@"C:\Users\CarlosAlbertoFiguere\Desktop\test.xml"); //using (Stream stream = req.GetRequestStream()) //{ // using (StreamWriter streamWriter = new StreamWriter(stream)) // { // streamWriter.Write(xmldoc.OuterXml); // } //} //try //{ // WebResponse lol = req.GetResponse(); // string response = (new StreamReader(lol.GetResponseStream())).ReadToEnd(); //} //catch (WebException wex) //{ // string response = (new StreamReader(wex.Response.GetResponseStream())).ReadToEnd(); //} #endregion return(xmldoc); }
public static string SignXmlFile(string xml, RSA Key) { // Create a new XML document. var doc = new XmlDocument(); // Format the document to ignore white spaces. doc.PreserveWhitespace = false; using (var textReader = new StringReader(xml)) { doc.Load(new XmlTextReader(textReader)); } // Create a SignedXml object. var signedXml = new SignedXmlWithId(doc); // Add the key to the SignedXml document. signedXml.SigningKey = Key; // Specify a canonicalization method. signedXml.SignedInfo.CanonicalizationMethod = SignedXml.XmlDsigExcC14NTransformUrl; // Set the InclusiveNamespacesPrefixList property. var canMethod = (XmlDsigExcC14NTransform)signedXml.SignedInfo.CanonicalizationMethodObject; var ref1 = new Reference("#Body52be6364-045f-1550-625d-b20b0390691e"); var ref2 = new Reference("#Timestamp5257ab43-882c-4937-3835-6763e9a2d700"); // Add an enveloped transformation to the reference. var env = new XmlDsigEnvelopedSignatureTransform(); ref1.AddTransform(canMethod); ref2.AddTransform(canMethod); // Add the reference to the SignedXml object. signedXml.AddReference(ref1); signedXml.AddReference(ref2); string keyInfoStr = "<KeyInfo><wsse:SecurityTokenReference xmlns:wsse=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd\"><wsse:Reference URI=\"#holderOfKeyCertificate\" ValueType=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3\"/></wsse:SecurityTokenReference></KeyInfo>"; var xd = new XmlDocument(); xd.LoadXml(keyInfoStr); var ki = new KeyInfo(); ki.LoadXml(xd.DocumentElement); signedXml.KeyInfo = ki; // Compute the signature. //signedXml.ComputeSignature(KeyedHashAlgorithm.Create("HMACSHA256")); signedXml.ComputeSignature(); // Get the XML representation of the signature and save // it to an XmlElement object. XmlElement xmlDigitalSignature = signedXml.GetXml(); xmlDigitalSignature.SetAttribute("Id", "holderOfKeyProofSignature"); var sb = new StringBuilder(); using (var sw = new StringWriter(sb)) { using (var writer = new XmlTextWriter(sw)) { xmlDigitalSignature.WriteTo(writer); } } return sb.ToString(); }
private bool WriteLicenseToFile(string appDir, bool spfold, int version) { var str1 = string.Format("{0}-{1}-{2}-{3}-{4}", "U3", "AAAA", "AAAA", "AAAA", "AAAA"); var byteList1 = new List <byte>(); byteList1.AddRange(Encoding.ASCII.GetBytes(string.Format("{0}-{1}", str1, "NUUN"))); if (version != 20172) { List <string> stringList = new List <string>() { "<root>", " <TimeStamp2 Value=\"cn/lkLOZ3vFvbQ==\"/>", " <TimeStamp Value=\"jWj8PXAeZMPzUw==\"/>", " <License id=\"Terms\">", " <ClientProvidedVersion Value=\"\"/>", string.Format(" <DeveloperData Value=\"{0}\"/>", (object)Convert.ToBase64String(byteList1.ToArray())), " <Features>" }; foreach (var num in LicHeader.ReadAll()) { stringList.Add(string.Format(" <Feature Value=\"{0}\"/>", (object)num)); } stringList.Add(" </Features>"); if (version < 500) { stringList.Add(" <LicenseVersion Value=\"4.x\"/>"); } if (version >= 500 && version < 2017) { stringList.Add(" <LicenseVersion Value=\"5.x\"/>"); } if (version == 2017) { stringList.Add(" <LicenseVersion Value=\"2017.x\"/>"); } if (version == 20171) { stringList.Add(" <LicenseVersion Value=\"6.x\"/>"); } stringList.Add(" <MachineBindings>"); stringList.Add(" </MachineBindings>"); stringList.Add(" <MachineID Value=\"\"/>"); stringList.Add(" <SerialHash Value=\"\"/>"); stringList.Add(string.Format(" <SerialMasked Value=\"{0}-XXXX\"/>", (object)str1)); DateTime now = DateTime.Now; stringList.Add(string.Format(" <StartDate Value=\"{0}T00:00:00\"/>", (object)now.AddDays(-1.0).ToString("yyyy-MM-dd"))); stringList.Add(" <StopDate Value=\"\"/>"); stringList.Add(string.Format(" <UpdateDate Value=\"{0}T00:00:00\"/>", (object)now.AddYears(10).ToString("yyyy-MM-dd"))); stringList.Add(" </License>"); stringList.Add(""); stringList.Add("<Signature xmlns=\"http://www.w3.org/2000/09/xmldsig#\">"); stringList.Add("<SignedInfo>"); stringList.Add("<CanonicalizationMethod Algorithm=\"http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments\"/>"); stringList.Add("<SignatureMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#rsa-sha1\"/>"); stringList.Add("<Reference URI=\"#Terms\">"); stringList.Add("<Transforms>"); stringList.Add("<Transform Algorithm=\"http://www.w3.org/2000/09/xmldsig#enveloped-signature\"/>"); stringList.Add("</Transforms>"); stringList.Add("<DigestMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#sha1\"/>"); stringList.Add("<DigestValue>oeMc1KScgy617DHMPTxbYhqNjIM=</DigestValue>"); stringList.Add("</Reference>"); stringList.Add("</SignedInfo>"); stringList.Add("<SignatureValue>WuzMPTi0Ko1vffk9gf9ds/iU0b0K8UHaLpi4kWgm6q1am5MPTYYnzH1InaSWuzYo"); stringList.Add("EpJThKspOZdO0JISeEolNdJVf3JpsY55OsD8UaruvhwZn4r9pLeNSC7SzQ1rvAWP"); stringList.Add("h77XaHizhVVs15w6NYevP27LTxbZaem5L8Zs+34VKXQFeG4g0dEI/Jhl70TqE0CS"); stringList.Add("YNF+D0zqEtyMNHsh0Rq/vPLSzPXUN12jfPLZ3dO9B+9/mG7Ljd6emZjjLZUVuSKQ"); stringList.Add("uKxN5jlHZsm2kRMudijICV6YOWMPT+oZePlCg+BJQg5/xcN5aYVBDZhNeuNwQL1H"); stringList.Add("MPT/GJPxVuETgd9k8c4uDg==</SignatureValue>"); stringList.Add("</Signature>"); stringList.Add("</root>"); string str2 = ""; if (version < 500) { str2 = "Unity_v4.x.ulf"; } if (version >= 500 && version < 2017) { str2 = "Unity_v5.x.ulf"; } if (version == 2017) { str2 = "Unity_v2017.x.ulf"; } if (version == 20171) { str2 = "Unity_lic.ulf"; } var path = string.Empty; if (spfold) { path = Environment.GetFolderPath(Environment.SpecialFolder.CommonApplicationData) + "\\Unity"; if (!Directory.Exists(path)) { try { Directory.CreateDirectory(path); } catch (Exception ex) { spfold = false; var num = (int)MessageBox.Show(ex.Message, string.Empty, MessageBoxButtons.OK); } } } if (spfold) { if (File.Exists(path + "/" + str2)) { spfold = TestAtr(path + "/" + str2); if (spfold && MessageBox.Show(string.Format("Replace the \"{0}\\{1}\"?", path, str2), string.Empty, MessageBoxButtons.YesNo, MessageBoxIcon.Question) != System.Windows.Forms.DialogResult.OK) { stringList.Clear(); return(true); } } if (spfold) { try { if (version < 500) { str2 = "Unity_v4.x.ulf"; } if (version >= 500 && version < 2017) { str2 = "Unity_v5.x.ulf"; } if (version == 2017) { str2 = "Unity_v2017.x.ulf"; } if (version == 20171) { str2 = "Unity_lic.ulf"; } if (str2 == "Unity_lic.ulf") { using (FileStream fileStream = new FileStream(path + "/" + str2, FileMode.Append)) { foreach (object obj in stringList) { byte[] bytes = Encoding.ASCII.GetBytes(string.Format("{0}\r", obj)); fileStream.Write(bytes, 0, bytes.Length); } fileStream.Flush(); fileStream.Close(); } } else { File.WriteAllLines(path + "/" + str2, (IEnumerable <string>)stringList); } } catch (Exception ex) { spfold = false; int num = (int)MessageBox.Show(ex.Message, string.Empty, MessageBoxButtons.OK); } } } if (!spfold) { if (File.Exists(appDir + "/" + str2)) { if (TestAtr(appDir + "/" + str2)) { if (MessageBox.Show(string.Format("Replace the \"{0}\\{1}\"?", appDir, str2), string.Empty, MessageBoxButtons.YesNo, MessageBoxIcon.Question) != System.Windows.Forms.DialogResult.OK) { stringList.Clear(); return(true); } } else { stringList.Clear(); return(false); } } try { if (version < 500) { str2 = "Unity_v4.x.ulf"; } if (version >= 500 && version < 2017) { str2 = "Unity_v5.x.ulf"; } if (version == 2017) { str2 = "Unity_v2017.x.ulf"; } if (version == 20171) { str2 = "Unity_lic.ulf"; } if (str2 == "Unity_lic.ulf") { using (FileStream fileStream = new FileStream(path + "/" + str2, FileMode.Append)) { foreach (object obj in stringList) { byte[] bytes = Encoding.ASCII.GetBytes(string.Format("{0}\r", obj)); fileStream.Write(bytes, 0, bytes.Length); } fileStream.Flush(); fileStream.Close(); } } else { File.WriteAllLines(path + "/" + str2, (IEnumerable <string>)stringList); } } catch (Exception ex) { stringList.Clear(); int num = (int)MessageBox.Show(ex.Message, string.Empty, MessageBoxButtons.OK); return(false); } } stringList.Clear(); return(true); } string s = string.Format("{0}-{1}-{2}-{3}-{4}-{5}", "U3", "AAAA", "AAAA", "AAAA", "AAAA", "AAAA"); int[] numArray = LicHeader.ReadAll(); if (s.Length != 27) { int num = (int)MessageBox.Show("Invalid Key must be \"27\" chars.", string.Empty, MessageBoxButtons.OK); return(false); } string path2 = "Unity_lic.ulf"; string str3 = s.Remove(s.Length - 4, 4) + "XXXX"; string base64String = Convert.ToBase64String(((IEnumerable <byte>)((IEnumerable <byte>) new byte[4] { (byte)1, (byte)0, (byte)0, (byte)0 }).Concat <byte>((IEnumerable <byte>)Encoding.ASCII.GetBytes(s)).ToArray <byte>()).ToArray <byte>()); string str4 = "6.x"; string str5 = "false"; string str6 = ""; DateTime dateTime = DateTime.UtcNow; dateTime = dateTime.AddDays(-1.0); string str7 = dateTime.ToString("s", (IFormatProvider)CultureInfo.InvariantCulture); Dictionary <string, string> dictionary = new Dictionary <string, string>(); string str8 = ""; string str9 = ""; string str10 = ""; string str11 = ""; dateTime = DateTime.UtcNow; dateTime = dateTime.AddYears(10); string str12 = dateTime.ToString("s", (IFormatProvider)CultureInfo.InvariantCulture); MemoryStream memoryStream = new MemoryStream(); XmlWriterSettings settings = new XmlWriterSettings() { Indent = true, IndentChars = " ", NewLineChars = "\n", OmitXmlDeclaration = true, Encoding = Encoding.ASCII }; using (XmlWriter xmlWriter = XmlWriter.Create((Stream)memoryStream, settings)) { xmlWriter.WriteStartElement("root"); xmlWriter.WriteStartElement("License"); xmlWriter.WriteAttributeString("id", "Terms"); xmlWriter.WriteStartElement("AlwaysOnline"); xmlWriter.WriteAttributeString("Value", str5); xmlWriter.WriteEndElement(); xmlWriter.WriteStartElement("ClientProvidedVersion"); xmlWriter.WriteAttributeString("Value", str6); xmlWriter.WriteEndElement(); xmlWriter.WriteStartElement("DeveloperData"); xmlWriter.WriteAttributeString("Value", base64String); xmlWriter.WriteEndElement(); xmlWriter.WriteStartElement("Features"); foreach (int num in numArray) { xmlWriter.WriteStartElement("Feature"); xmlWriter.WriteAttributeString("Value", num.ToString()); xmlWriter.WriteEndElement(); } xmlWriter.WriteFullEndElement(); xmlWriter.WriteStartElement("InitialActivationDate"); xmlWriter.WriteAttributeString("Value", str7); xmlWriter.WriteEndElement(); xmlWriter.WriteStartElement("LicenseVersion"); xmlWriter.WriteAttributeString("Value", str4); xmlWriter.WriteEndElement(); xmlWriter.WriteStartElement("MachineBindings"); foreach (KeyValuePair <string, string> keyValuePair in dictionary) { xmlWriter.WriteStartElement("Binding"); xmlWriter.WriteAttributeString("Key", keyValuePair.Key); xmlWriter.WriteAttributeString("Value", keyValuePair.Value); xmlWriter.WriteEndElement(); } xmlWriter.WriteFullEndElement(); xmlWriter.WriteStartElement("MachineID"); xmlWriter.WriteAttributeString("Value", str8); xmlWriter.WriteEndElement(); xmlWriter.WriteStartElement("SerialHash"); xmlWriter.WriteAttributeString("Value", str9); xmlWriter.WriteEndElement(); xmlWriter.WriteStartElement("SerialMasked"); xmlWriter.WriteAttributeString("Value", str3); xmlWriter.WriteEndElement(); xmlWriter.WriteStartElement("StartDate"); xmlWriter.WriteAttributeString("Value", str10); xmlWriter.WriteEndElement(); xmlWriter.WriteStartElement("StopDate"); xmlWriter.WriteAttributeString("Value", str11); xmlWriter.WriteEndElement(); xmlWriter.WriteStartElement("UpdateDate"); xmlWriter.WriteAttributeString("Value", str12); xmlWriter.WriteEndElement(); xmlWriter.WriteEndElement(); xmlWriter.WriteEndElement(); xmlWriter.Flush(); } memoryStream.Position = 0L; XmlDocument document = new XmlDocument() { PreserveWhitespace = true }; document.Load((Stream)memoryStream); SignedXml signedXml = new SignedXml(document) { SigningKey = (AsymmetricAlgorithm) new RSACryptoServiceProvider() }; Reference reference = new Reference() { Uri = "#Terms" }; reference.AddTransform((System.Security.Cryptography.Xml.Transform) new XmlDsigEnvelopedSignatureTransform()); signedXml.AddReference(reference); signedXml.ComputeSignature(); StringBuilder output = new StringBuilder(); using (XmlWriter w = XmlWriter.Create(output, settings)) { XmlDocument xmlDocument1 = new XmlDocument(); string innerXml = document.InnerXml; xmlDocument1.InnerXml = innerXml; XmlDocument xmlDocument2 = xmlDocument1; XmlElement documentElement = xmlDocument2.DocumentElement; if (documentElement != null) { XmlNode newChild = xmlDocument2.ImportNode((XmlNode)signedXml.GetXml(), true); documentElement.AppendChild(newChild); } xmlDocument2.Save(w); w.Flush(); } string contents = output.Replace(" />", "/>").ToString(); string str13 = spfold ? Path.Combine(Environment.GetFolderPath(Environment.SpecialFolder.CommonApplicationData), "Unity") : appDir; string path1 = Path.Combine(str13, path2); try { Directory.CreateDirectory(str13); if (File.Exists(path1) && this.TestAtr(path1) && MessageBox.Show(string.Format("Replace the \"{0}\"?", (object)path1), string.Empty, MessageBoxButtons.YesNo, MessageBoxIcon.Question) != System.Windows.Forms.DialogResult.OK) { return(true); } File.WriteAllText(path1, contents); } catch (Exception ex) { int num = (int)MessageBox.Show(ex.Message, string.Empty, MessageBoxButtons.OK); return(false); } return(true); }