public override object EncodeCMS(X509Certificate2 certificate, string xmlFilePath) { XmlDocument Document = new XmlDocument(); Document.PreserveWhitespace = true; XmlTextReader XmlFile = new XmlTextReader(xmlFilePath); Document.Load(XmlFile); XmlFile.Close(); XmlNodeList SignaturesList = Document.GetElementsByTagName("Signature"); // Remove existing signatures, this is not a countersigning. for (int i = 0; i < SignaturesList.Count; i++) { SignaturesList[i].ParentNode.RemoveChild(SignaturesList[i]); i--; } SignedXml SignedXml = new SignedXml(Document); SignedXml.SigningKey = certificate.PrivateKey; Reference Reference = new Reference(); Reference.Uri = ""; XmlDsigEnvelopedSignatureTransform EnvelopedSignatureTransform = new XmlDsigEnvelopedSignatureTransform(); Reference.AddTransform(EnvelopedSignatureTransform); SignedXml.AddReference(Reference); KeyInfo Key = new KeyInfo(); Key.AddClause(new KeyInfoX509Data(certificate)); SignedXml.KeyInfo = Key; SignedXml.ComputeSignature(); // Get the XML representation of the signature and save // it to an XmlElement object. XmlElement XmlDigitalSignature = SignedXml.GetXml(); return XmlDigitalSignature; }
private static string SignXml(XmlDocument unsignedXml, AsymmetricAlgorithm key) { if (unsignedXml.DocumentElement == null) { throw new ArgumentNullException("unsignedXml"); } // Create a reference to be signed. Blank == Everything var emptyReference = new Reference { Uri = "" }; // Add an enveloped transformation to the reference. var envelope = new XmlDsigEnvelopedSignatureTransform(); emptyReference.AddTransform(envelope); var signedXml = new SignedXml(unsignedXml) { SigningKey = key }; signedXml.AddReference(emptyReference); signedXml.ComputeSignature(); var digitalSignature = signedXml.GetXml(); unsignedXml.DocumentElement.AppendChild( unsignedXml.ImportNode(digitalSignature, true)); var signedXmlOut = new StringBuilder(); using (var swOut = new StringWriter(signedXmlOut)) { unsignedXml.Save(swOut); } return signedXmlOut.ToString(); }
// Sign an XML file. // This document cannot be verified unless the verifying // code has the key with which it was signed. public static void SignXml(XmlDocument xmlDoc, RSA Key) { // Check arguments. if (xmlDoc == null) throw new ArgumentException("xmlDoc"); if (Key == null) throw new ArgumentException("Key"); // Create a SignedXml object. SignedXml signedXml = new SignedXml(xmlDoc); // Add the key to the SignedXml document. signedXml.SigningKey = Key; // Create a reference to be signed. Reference reference = new Reference(); reference.Uri = ""; // Add an enveloped transformation to the reference. XmlDsigEnvelopedSignatureTransform env = new XmlDsigEnvelopedSignatureTransform(); reference.AddTransform(env); // Add the reference to the SignedXml object. signedXml.AddReference(reference); // Compute the signature. signedXml.ComputeSignature(); // Get the XML representation of the signature and save // it to an XmlElement object. XmlElement xmlDigitalSignature = signedXml.GetXml(); // Append the element to the XML document. xmlDoc.DocumentElement.AppendChild(xmlDoc.ImportNode(xmlDigitalSignature, true)); }
public static void Sign(this XmlDocument xmlDocument, X509Certificate2 cert) { if (xmlDocument == null) { throw new ArgumentNullException("xmlDocument"); } if (cert == null) { throw new ArgumentNullException("cert"); } var signedXml = new SignedXml(xmlDocument); // The transform XmlDsigExcC14NTransform and canonicalization method XmlDsigExcC14NTransformUrl is important for partially signed XML files // see: http://msdn.microsoft.com/en-us/library/system.security.cryptography.xml.signedxml.xmldsigexcc14ntransformurl(v=vs.110).aspx // The reference URI has to be set correctly to avoid assertion injections // For both, the ID/Reference and the Transform/Canonicalization see as well: // https://www.oasis-open.org/committees/download.php/35711/sstc-saml-core-errata-2.0-wd-06-diff.pdf section 5.4.2 and 5.4.3 signedXml.SigningKey = (RSACryptoServiceProvider)cert.PrivateKey; signedXml.SignedInfo.CanonicalizationMethod = SignedXml.XmlDsigExcC14NTransformUrl; var reference = new Reference { Uri = "#" + xmlDocument.DocumentElement.GetAttribute("ID") }; reference.AddTransform(new XmlDsigEnvelopedSignatureTransform()); reference.AddTransform(new XmlDsigExcC14NTransform()); signedXml.AddReference(reference); signedXml.ComputeSignature(); xmlDocument.DocumentElement.AppendChild(xmlDocument.ImportNode(signedXml.GetXml(), true)); }
private static void AuthenticodeSignLicenseDom(XmlDocument licenseDom, System.Deployment.Internal.CodeSigning.CmiManifestSigner signer, string timeStampUrl) { if (signer.Certificate.PublicKey.Key.GetType() != typeof(RSACryptoServiceProvider)) { throw new NotSupportedException(); } System.Deployment.Internal.CodeSigning.ManifestSignedXml xml = new System.Deployment.Internal.CodeSigning.ManifestSignedXml(licenseDom) { SigningKey = signer.Certificate.PrivateKey }; xml.SignedInfo.CanonicalizationMethod = "http://www.w3.org/2001/10/xml-exc-c14n#"; xml.KeyInfo.AddClause(new RSAKeyValue(signer.Certificate.PublicKey.Key as RSA)); xml.KeyInfo.AddClause(new KeyInfoX509Data(signer.Certificate, signer.IncludeOption)); Reference reference = new Reference { Uri = "" }; reference.AddTransform(new XmlDsigEnvelopedSignatureTransform()); reference.AddTransform(new XmlDsigExcC14NTransform()); xml.AddReference(reference); xml.ComputeSignature(); XmlElement node = xml.GetXml(); node.SetAttribute("Id", "AuthenticodeSignature"); XmlNamespaceManager nsmgr = new XmlNamespaceManager(licenseDom.NameTable); nsmgr.AddNamespace("r", "urn:mpeg:mpeg21:2003:01-REL-R-NS"); (licenseDom.SelectSingleNode("r:license/r:issuer", nsmgr) as XmlElement).AppendChild(licenseDom.ImportNode(node, true)); if ((timeStampUrl != null) && (timeStampUrl.Length != 0)) { TimestampSignedLicenseDom(licenseDom, timeStampUrl); } licenseDom.DocumentElement.ParentNode.InnerXml = "<msrel:RelData xmlns:msrel=\"http://schemas.microsoft.com/windows/rel/2005/reldata\">" + licenseDom.OuterXml + "</msrel:RelData>"; }
/// <summary> /// Use an X509 certificate to append a computed signature to an XML serialized Response /// </summary> /// <param name="XMLSerializedSAMLResponse"></param> /// <param name="ReferenceURI">Assertion ID from SAML Response</param> /// <param name="SigningCert">X509 Certificate for signing</param> /// <remarks>Referenced this article: /// http://www.west-wind.com/weblog/posts/2008/Feb/23/Digitally-Signing-an-XML-Document-and-Verifying-the-Signature /// </remarks> public static void AppendSignatureToXMLDocument(ref XmlDocument XMLSerializedSAMLResponse, String ReferenceURI, X509Certificate2 SigningCert) { XmlNamespaceManager ns = new XmlNamespaceManager(XMLSerializedSAMLResponse.NameTable); ns.AddNamespace("saml", "urn:oasis:names:tc:SAML:2.0:assertion"); XmlElement xeAssertion = XMLSerializedSAMLResponse.DocumentElement.SelectSingleNode("saml:Assertion", ns) as XmlElement; //SignedXml signedXML = new SignedXml(XMLSerializedSAMLResponse); SignedXml signedXML = new SignedXml(xeAssertion); signedXML.SigningKey = SigningCert.PrivateKey; signedXML.SignedInfo.CanonicalizationMethod = SignedXml.XmlDsigExcC14NTransformUrl; Reference reference = new Reference(); reference.Uri = ReferenceURI; reference.AddTransform(new XmlDsigEnvelopedSignatureTransform()); reference.AddTransform(new XmlDsigExcC14NTransform()); signedXML.AddReference(reference); signedXML.ComputeSignature(); XmlElement signature = signedXML.GetXml(); XmlElement xeResponse = XMLSerializedSAMLResponse.DocumentElement; xeResponse.AppendChild(signature); }
public static string Sign(string xml, X509Certificate2 certificate) { if (xml == null) throw new ArgumentNullException("xml"); if (certificate == null) throw new ArgumentNullException("certificate"); if (!certificate.HasPrivateKey) throw new ArgumentException("certificate", "Certificate should have a private key"); XmlDocument doc = new XmlDocument(); doc.PreserveWhitespace = true; doc.LoadXml(xml); SignedXml signedXml = new SignedXml(doc); signedXml.SigningKey = certificate.PrivateKey; // Attach certificate KeyInfo KeyInfoX509Data keyInfoData = new KeyInfoX509Data(certificate); KeyInfo keyInfo = new KeyInfo(); keyInfo.AddClause(keyInfoData); signedXml.KeyInfo = keyInfo; // Attach transforms var reference = new Reference(""); reference.AddTransform(new XmlDsigEnvelopedSignatureTransform(includeComments: false)); reference.AddTransform(new XmlDsigExcC14NTransform(includeComments: false)); signedXml.AddReference(reference); // Compute signature signedXml.ComputeSignature(); var signatureElement = signedXml.GetXml(); // Add signature to bundle doc.DocumentElement.AppendChild(doc.ImportNode(signatureElement, true)); return doc.OuterXml; }
public XmlDocument assinaturaXmlEnviar(XmlDocument _xml) { XmlDocument xmlDocAss = _xml; try { if (cert == null) throw new Exception("Nao foi encontrado o certificado: " + config.configNFCe.NomeCertificadoDigital); Reference reference = new Reference(); SignedXml docXML = new SignedXml(xmlDocAss); docXML.SigningKey = cert.PrivateKey; XmlAttributeCollection uri = xmlDocAss.GetElementsByTagName("infNFe").Item(0).Attributes; foreach (XmlAttribute atributo in uri) { if (atributo.Name == "Id") reference.Uri = "#" + atributo.InnerText; } XmlDsigEnvelopedSignatureTransform envelopedSigntature = new XmlDsigEnvelopedSignatureTransform(); reference.AddTransform(envelopedSigntature); XmlDsigC14NTransform c14Transform = new XmlDsigC14NTransform(); reference.AddTransform(c14Transform); docXML.AddReference(reference); KeyInfo keyInfo = new KeyInfo(); keyInfo.AddClause(new KeyInfoX509Data(cert)); docXML.KeyInfo = keyInfo; docXML.ComputeSignature(); XmlElement xmlDigitalSignature = docXML.GetXml(); foreach (var _nfe in xmlDocAss.GetElementsByTagName("NFe").Cast<XmlElement>()) _nfe.AppendChild(xmlDocAss.ImportNode(xmlDigitalSignature, true)); xmlDocAss.PreserveWhitespace = true; return xmlDocAss; } catch (Exception e) { Utils.Logger.getInstance.error(e); return null; throw new Exception(e.ToString()); } }
public string AssinarComCertificado(string textXML, X509Certificate2 certificado) { try { string xmlString = textXML; XmlDocument doc = new XmlDocument(); doc.PreserveWhitespace = false; doc.LoadXml(xmlString); Reference reference = new Reference(); reference.Uri = ""; XmlDocument documentoNovo = new XmlDocument(); documentoNovo.LoadXml(doc.OuterXml); SignedXml signedXml = new SignedXml(documentoNovo); signedXml.SigningKey = certificado.PrivateKey; XmlDsigEnvelopedSignatureTransform env = new XmlDsigEnvelopedSignatureTransform(); reference.AddTransform(env); XmlDsigC14NTransform c14 = new XmlDsigC14NTransform(); reference.AddTransform(c14); signedXml.AddReference(reference); KeyInfo keyInfo = new KeyInfo(); keyInfo.AddClause(new KeyInfoX509Data(certificado)); signedXml.KeyInfo = keyInfo; signedXml.ComputeSignature(); XmlElement xmlDigitalSignature = signedXml.GetXml(); XmlNode sign = doc.ImportNode(xmlDigitalSignature, true); doc.ChildNodes.Item(0).AppendChild(sign); XmlDocument XMLDoc = new XmlDocument(); XMLDoc.PreserveWhitespace = false; XMLDoc = doc; return XMLDoc.OuterXml; } catch (Exception error) { throw new Exception(error.Message); } }
public static XmlDocument SignDocument(XmlDocument doc) { //////////////// string signatureCanonicalizationMethod = "http://www.w3.org/2001/10/xml-exc-c14n#"; string signatureMethod = @"http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"; string digestMethod = @"http://www.w3.org/2001/04/xmlenc#sha256"; string signatureReferenceURI = "#_73e63a41-156d-4fda-a26c-8d79dcade713"; CryptoConfig.AddAlgorithm(typeof(RSAPKCS1SHA256SignatureDescription), signatureMethod); X509Certificate2 signingCertificate = GetCertificate(); // /* add the following lines of code after var signingCertificate = GetCertificate();*/ CspParameters cspParams = new CspParameters(24); //cspParams.KeyContainerName = "XML_DISG_RSA_KEY"; RSACryptoServiceProvider key = new RSACryptoServiceProvider(cspParams); var strKey = signingCertificate.PrivateKey.ToXmlString(true); key.FromXmlString(strKey); /*assign the new key to signer's SigningKey */ //metadataSigner.SigningKey = key; // SignedXml signer = new SignedXml(doc); signer.SigningKey = key;//signingCertificate.PrivateKey; signer.KeyInfo = new KeyInfo(); signer.KeyInfo.AddClause(new KeyInfoX509Data(signingCertificate)); signer.SignedInfo.CanonicalizationMethod = signatureCanonicalizationMethod; signer.SignedInfo.SignatureMethod = signatureMethod; XmlDsigEnvelopedSignatureTransform envelopeTransform = new XmlDsigEnvelopedSignatureTransform(); XmlDsigExcC14NTransform cn14Transform = new XmlDsigExcC14NTransform(); Reference signatureReference = new Reference("#FATCA"); signatureReference.Uri = signatureReferenceURI; signatureReference.AddTransform(envelopeTransform); signatureReference.AddTransform(cn14Transform); signatureReference.DigestMethod = digestMethod; signer.AddReference(signatureReference); signer.ComputeSignature(); XmlElement signatureElement = signer.GetXml(); doc.DocumentElement.AppendChild(signer.GetXml()); return doc; }
private static XmlDocument SignXmlDocument(XmlDocument xmlDocument, X509Certificate2 signingCertificate) { // Создание подписчика XML-документа var signedXml = new GostSignedXml(xmlDocument); // Установка ключа для создания подписи signedXml.SetSigningCertificate(signingCertificate); // Ссылка на узел, который нужно подписать, с указанием алгоритма хэширования var dataReference = new Reference { Uri = "#Id1", DigestMethod = GostSignedXml.XmlDsigGost3411Url }; // Метод преобразования, применяемый к данным перед их подписью var dataTransform = CreateDataTransform(); dataReference.AddTransform(dataTransform); // Установка ссылки на узел signedXml.AddReference(dataReference); // Установка информации о сертификате, который использовался для создания подписи var keyInfo = new KeyInfo(); keyInfo.AddClause(new KeyInfoX509Data(signingCertificate)); signedXml.KeyInfo = keyInfo; // Вычисление подписи signedXml.ComputeSignature(); // Получение XML-представления подписи var signatureXml = signedXml.GetXml(); // Добавление подписи в исходный документ xmlDocument.DocumentElement.AppendChild(xmlDocument.ImportNode(signatureXml, true)); return xmlDocument; }
public static void Sign(this XmlDocument xmlDocument, X509Certificate2 cert) { if(xmlDocument == null) { throw new ArgumentNullException("xmlDocument"); } if (cert == null) { throw new ArgumentNullException("cert"); } var signedXml = new SignedXml(xmlDocument); signedXml.SigningKey = (RSACryptoServiceProvider)cert.PrivateKey; var reference = new Reference(); reference.Uri = ""; reference.AddTransform(new XmlDsigEnvelopedSignatureTransform()); signedXml.AddReference(reference); signedXml.ComputeSignature(); xmlDocument.DocumentElement.AppendChild(xmlDocument.ImportNode(signedXml.GetXml(), true)); }
/// <summary> /// Adds a digital signature to the outgoing request message, before sending it to Acquirer. /// </summary> /// <param name="requestXml"> /// The unsigned request XML message. /// </param> /// <returns> /// The request message, including digital signature. /// </returns> public string SignRequestXml(XDocument requestXml) { XmlDocument document = ToXmlDocument(requestXml); RSACryptoServiceProvider key = ExtractPrivateKeyFrom(acceptantPrivateCertificate); var signedXml = new SignedXml(document) { SigningKey = key }; signedXml.SignedInfo.SignatureMethod = "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"; signedXml.SignedInfo.CanonicalizationMethod = "http://www.w3.org/2001/10/xml-exc-c14n#"; // Add a signing reference, the uri is empty and so the whole document is signed. var reference = new Reference { DigestMethod = @"http://www.w3.org/2001/04/xmlenc#sha256" }; reference.AddTransform(new XmlDsigEnvelopedSignatureTransform()); reference.Uri = ""; signedXml.AddReference(reference); // Add the certificate as key info. Because of this, the certificate // with the public key will be added in the signature part. var keyInfo = new KeyInfo(); keyInfo.AddClause(new KeyInfoName(acceptantPrivateCertificate.Thumbprint)); signedXml.KeyInfo = keyInfo; // Generate the signature. signedXml.ComputeSignature(); XmlElement xmlSignature = signedXml.GetXml(); document.DocumentElement.AppendChild(document.ImportNode(xmlSignature, true)); // Check that outgoing signature is valid. Private certificate also contains public part. VerifyDocumentSignature(document, acceptantPrivateCertificate); return GetContentsFrom(document); }
public void ComputeSignature(X509Certificate2 certificate, X509IncludeOption includeOption, string id) { SigningKey = (RSACryptoServiceProvider)certificate.PrivateKey; SignedInfo.CanonicalizationMethod = Saml2SignedXml.XmlDsigExcC14NTransformUrl; //SignedInfo.SignatureMethod = SecurityAlgorithms.RsaSha256Signature; var reference = new Reference("#" + id); // reference.DigestMethod = SecurityAlgorithms.Sha1Digest; reference.AddTransform(new XmlDsigEnvelopedSignatureTransform()); reference.AddTransform(new XmlDsigExcC14NTransform()); AddReference(reference); ComputeSignature(); KeyInfo = new KeyInfo(); KeyInfo.AddClause(new KeyInfoX509Data(certificate, includeOption)); }
/// <summary> /// Obtiene los datos de la referencia /// </summary> private Reference GetReference(string strReferenceToSign) { Reference objXmlReference = new Reference(); // Crea una referencia a firmar objXmlReference.Uri = "#" + strReferenceToSign; // Añade una transformación a la referencia objXmlReference.AddTransform(new XmlDsigEnvelopedSignatureTransform()); // Devuelve la referencia creada return objXmlReference; }
/// <summary> /// Use an X509 certificate to append a computed signature to an XML serialized Response /// </summary> /// <param name="XMLSerializedSAMLResponse"></param> /// <param name="ReferenceURI">Assertion ID from SAML Response</param> /// <param name="SigningCert">X509 Certificate for signing</param> /// <remarks>Referenced this article: /// http://www.west-wind.com/weblog/posts/2008/Feb/23/Digitally-Signing-an-XML-Document-and-Verifying-the-Signature /// </remarks> public static void AppendSignatureToXMLDocument(ref XmlDocument XMLSerializedSAMLResponse, String ReferenceURI, X509Certificate2 SigningCert) { SignedXml signedXML = new SignedXml(XMLSerializedSAMLResponse); signedXML.SigningKey = SigningCert.PrivateKey; signedXML.SignedInfo.CanonicalizationMethod = SignedXml.XmlDsigExcC14NTransformUrl; Reference reference = new Reference(); reference.Uri = "#" + ReferenceURI; reference.AddTransform(new XmlDsigEnvelopedSignatureTransform()); reference.AddTransform(new XmlDsigExcC14NTransform()); signedXML.AddReference(reference); signedXML.ComputeSignature(); XmlElement signature = signedXML.GetXml(); XmlElement xeResponse = XMLSerializedSAMLResponse.DocumentElement; xeResponse.AppendChild(signature); }
public static void SignSingleEntity( this GisGmp.Message message, X509Certificate2 certificate, XmlNode entityXml) { XmlDocument signingDoc = new XmlDocument(); signingDoc.LoadXml(entityXml.OuterXml); SmevSignedXml signedXml = new SmevSignedXml(signingDoc); signedXml.SigningKey = certificate.PrivateKey; Reference reference = new Reference(); reference.Uri = ""; reference.DigestMethod = CryptoPro.Sharpei.Xml.CPSignedXml.XmlDsigGost3411UrlObsolete; XmlDsigEnvelopedSignatureTransform envelopedSignature = new XmlDsigEnvelopedSignatureTransform(); reference.AddTransform(envelopedSignature); XmlDsigExcC14NTransform c14 = new XmlDsigExcC14NTransform(); reference.AddTransform(c14); KeyInfo ki = new KeyInfo(); ki.AddClause(new KeyInfoX509Data(certificate)); signedXml.KeyInfo = ki; signedXml.SignedInfo.CanonicalizationMethod = SignedXml.XmlDsigExcC14NTransformUrl; signedXml.SignedInfo.SignatureMethod = CryptoPro.Sharpei.Xml.CPSignedXml.XmlDsigGost3410UrlObsolete; signedXml.AddReference(reference); signedXml.ComputeSignature(); XmlElement xmlDigitalSignature = signedXml.GetXml(); signingDoc.DocumentElement.AppendChild(xmlDigitalSignature); XmlDocumentFragment signedFinalPayment = message.Xml.CreateDocumentFragment(); signedFinalPayment.InnerXml = signingDoc.OuterXml; var documentNode = entityXml.ParentNode; documentNode.RemoveChild(entityXml); documentNode.AppendChild(signedFinalPayment); }
public override string SignXml(XmlDocument Document) { SignedXmlWithId signedXml = new SignedXmlWithId(Document); signedXml.SigningKey = manager.Certificate.PrivateKey; // Create a reference to be signed. Reference reference = new Reference(); reference.Uri = ""; // Add an enveloped transformation to the reference. XmlDsigEnvelopedSignatureTransform env = new XmlDsigEnvelopedSignatureTransform(true); reference.AddTransform(env); if (c14) { XmlDsigC14NTransform c14t = new XmlDsigC14NTransform(); reference.AddTransform(c14t); } KeyInfo keyInfo = new KeyInfo(); KeyInfoX509Data keyInfoData = new KeyInfoX509Data(manager.Certificate); keyInfo.AddClause(keyInfoData); signedXml.KeyInfo = keyInfo; // Add the reference to the SignedXml object. signedXml.AddReference(reference); // Compute the signature. signedXml.ComputeSignature(); // Get the XML representation of the signature and save // it to an XmlElement object. XmlElement xmlDigitalSignature = signedXml.GetXml(); Document.DocumentElement.AppendChild( Document.ImportNode(xmlDigitalSignature, true)); return Document.OuterXml; }
public string SignXml(XDocument xml) { using (MemoryStream streamIn = new MemoryStream()) { xml.Save(streamIn); streamIn.Position = 0; // var rsaKey = (RSACryptoServiceProvider)_privateCertificate.PrivateKey; // Create rsa crypto provider from private key contained in certificate, weirdest cast ever!; // string sCertFileLocation = @"C:\plugins\idealtest\bin\Debug\certficate.pfx"; // X509Certificate2 certificate = new X509Certificate2(sCertFileLocation, "D3M@ast3rsR0cks"); RSA rsaKey = (RSACryptoServiceProvider)_privateCertificate.PrivateKey; XmlDocument xmlDoc = new XmlDocument(); xmlDoc.PreserveWhitespace = true; xmlDoc.Load(streamIn); SignedXml signedXml = new SignedXml(xmlDoc); signedXml.SigningKey = rsaKey; Reference reference = new Reference(); reference.Uri = ""; XmlDsigEnvelopedSignatureTransform env = new XmlDsigEnvelopedSignatureTransform(); reference.AddTransform(env); signedXml.AddReference(reference); KeyInfo keyInfo = new KeyInfo(); KeyInfoName kin = new KeyInfoName(); kin.Value = _privateCertificate.Thumbprint; keyInfo.AddClause(kin); signedXml.KeyInfo = keyInfo; signedXml.ComputeSignature(); XmlElement xmlDigitalSignature = signedXml.GetXml(); xmlDoc.DocumentElement.AppendChild(xmlDoc.ImportNode(xmlDigitalSignature, true)); using (MemoryStream sout = new MemoryStream()) { xmlDoc.Save(sout); sout.Position = 0; using (StreamReader reader = new StreamReader(sout)) { string xmlOut = reader.ReadToEnd(); return xmlOut; } } } }
/// <summary> /// Signs an XML Document for a Saml Response /// </summary> /// <param name="xml"></param> /// <param name="cert2"></param> /// <param name="referenceId"></param> /// <returns></returns> public static XmlElement SignDoc(XmlDocument doc, X509Certificate2 cert2, string referenceId, string referenceValue) { SamlSignedXml sig = new SamlSignedXml(doc, referenceId); // Add the key to the SignedXml xmlDocument. sig.SigningKey = cert2.PrivateKey; // Create a reference to be signed. Reference reference = new Reference(); reference.Uri = String.Empty; // reference.Uri = "#" + referenceValue; // Add an enveloped transformation to the reference. XmlDsigEnvelopedSignatureTransform env = new XmlDsigEnvelopedSignatureTransform(); XmlDsigExcC14NTransform env2 = new XmlDsigExcC14NTransform(); reference.AddTransform(env); reference.AddTransform(env2); // Add the reference to the SignedXml object. sig.AddReference(reference); // Add an RSAKeyValue KeyInfo (optional; helps recipient find key to validate). KeyInfo keyInfo = new KeyInfo(); KeyInfoX509Data keyData = new KeyInfoX509Data(cert2); keyInfo.AddClause(keyData); sig.KeyInfo = keyInfo; // Compute the signature. sig.ComputeSignature(); // Get the XML representation of the signature and save it to an XmlElement object. XmlElement xmlDigitalSignature = sig.GetXml(); return xmlDigitalSignature; }
internal static XmlElement GetXmlDigitalSignature(XmlDocument doc, AsymmetricAlgorithm key) { if(IsDebugEnabled) log.Debug("암호화된 Xml 문서를 만듭니다..."); var signedXml = new SignedXml(doc) { SigningKey = key }; var reference = new Reference { Uri = string.Empty }; reference.AddTransform(new XmlDsigEnvelopedSignatureTransform()); signedXml.AddReference(reference); signedXml.ComputeSignature(); return signedXml.GetXml(); }
/// <summary> /// Use an X509 certificate to append a computed signature to an XML serialized Response /// </summary> /// <param name="XMLSerializedSAMLResponse"></param> /// <param name="ReferenceURI">Assertion ID from SAML Response</param> /// <param name="SigningCert">X509 Certificate for signing</param> /// <remarks>Referenced this article: /// http://www.west-wind.com/weblog/posts/2008/Feb/23/Digitally-Signing-an-XML-Document-and-Verifying-the-Signature /// </remarks> public static void AppendSignatureToXMLDocument(ref XmlDocument XMLSerializedSAMLResponse, String ReferenceURI) { var signCertificate = SAMLConfiguration.Current.GetLocalIdentityProviderCertificate(); var signedXML = new PrefixedSignedXml(XMLSerializedSAMLResponse); signedXML.SigningKey = signCertificate.PrivateKey; signedXML.SignedInfo.CanonicalizationMethod = SignedXml.XmlDsigExcC14NTransformUrl; var reference = new Reference(); reference.Uri = ""; reference.AddTransform(new XmlDsigEnvelopedSignatureTransform()); reference.AddTransform(new XmlDsigExcC14NTransform()); signedXML.AddReference(reference); signedXML.ComputeSignature("ds"); var signature = signedXML.GetXml("ds"); var xeResponse = XMLSerializedSAMLResponse.DocumentElement; xeResponse.AppendChild(signature); }
public void References () { Reference r1 = new Reference (); r1.Uri = "http://www.go-mono.com/"; r1.AddTransform (new XmlDsigBase64Transform ()); info.AddReference (r1); AssertEquals ("References.Count 1", 1, info.References.Count); Reference r2 = new Reference ("http://www.motus.com/"); r2.AddTransform (new XmlDsigBase64Transform ()); info.AddReference (r2); AssertEquals ("References.Count 2", 2, info.References.Count); info.SignatureMethod = "http://www.w3.org/2000/09/xmldsig#dsa-sha1"; }
private Reference getReference(XmlNode mainNode) { Reference reference = new Reference(); XmlAttribute mainNodeAttr = mainNode.Attributes["Id"]; if (mainNodeAttr == null) throw new ArgumentException("Element 'Invoice' nima argumenta 'Id' / Node 'Invoice' is missing 'Id' attribute"); string mainNodeID = mainNode.Attributes["Id"].InnerText; reference.Uri = "#" + mainNodeID; reference.DigestMethod = @"http://www.w3.org/2001/04/xmlenc#sha256"; reference.AddTransform(new XmlDsigEnvelopedSignatureTransform()); return reference; }
public static XmlElement GenerateSignature(XmlDocument licenseDocument, IPrivateCryptoKey privateKey) { using (var privateKeyProvider = new RsaPrivateKeyProvider()) { var reference = new Reference { Uri = string.Empty }; reference.AddTransform(new XmlDsigEnvelopedSignatureTransform()); var signedXml = new SignedXml(licenseDocument) { SigningKey = privateKeyProvider.Recreate(privateKey) }; signedXml.AddReference(reference); signedXml.ComputeSignature(); return signedXml.GetXml(); } }
private static void AddSignatureToXmlDocument(XmlDocument toSign, X509Certificate2 cert) { var signedXml = new SignedXml(toSign); signedXml.SigningKey = cert.PrivateKey; var reference = new Reference(); reference.Uri = ""; reference.AddTransform(new XmlDsigEnvelopedSignatureTransform()); signedXml.AddReference(reference); signedXml.ComputeSignature(); var xmlDigitalSignature = signedXml.GetXml(); toSign.DocumentElement.AppendChild(toSign.ImportNode(xmlDigitalSignature, true)); if (toSign.FirstChild is XmlDeclaration) { toSign.RemoveChild(toSign.FirstChild); } }
public bool Execute() { Console.Out.WriteLine("Signing xml file"); Console.Out.WriteLine("input file = {0}", _inputFile); Console.Out.WriteLine("output file = {0}", _signatureFile); Console.Out.WriteLine("key file = {0}", _keyFile); using (var key = new RSACryptoServiceProvider()) { key.FromXmlString(File.ReadAllText(_keyFile)); var doc = new XmlDocument {PreserveWhitespace = true}; doc.Load(new XmlTextReader(_inputFile)); var signedXml = new SignedXml(doc) {SigningKey = key}; var xmlSignature = signedXml.Signature; var reference = new Reference(""); var env = new XmlDsigEnvelopedSignatureTransform(); reference.AddTransform(env); xmlSignature.SignedInfo.AddReference(reference); var keyInfo = new KeyInfo(); keyInfo.AddClause(new RSAKeyValue(key)); xmlSignature.KeyInfo = keyInfo; signedXml.ComputeSignature(); var xmlDigitalSignature = signedXml.GetXml(); using (var writer = new XmlTextWriter(_signatureFile, new UTF8Encoding(false))) { var signatureDocument = new XmlDocument(); var importNode = signatureDocument.ImportNode(xmlDigitalSignature, true); signatureDocument.AppendChild(importNode); signatureDocument.WriteTo(writer); writer.Close(); } } Console.Out.WriteLine("done"); return true; }
public override string SignXml(XmlDocument Document) { // create detached envelope XmlDocument envelope = new XmlDocument(); envelope.PreserveWhitespace = true; envelope.AppendChild(envelope.CreateElement("Envelope")); XmlElement message = envelope.CreateElement("Message"); message.InnerXml = Document.DocumentElement.OuterXml; message.SetAttribute("Id", "MyObjectID"); envelope.DocumentElement.AppendChild(message); SignedXmlWithId signedXml = new SignedXmlWithId(envelope); signedXml.SigningKey = manager.Certificate.PrivateKey; // Create a reference to be signed. Reference reference = new Reference(); reference.Uri = "#MyObjectID"; if (c14) { XmlDsigC14NTransform env = new XmlDsigC14NTransform(); reference.AddTransform(env); } KeyInfo keyInfo = new KeyInfo(); KeyInfoX509Data keyInfoData = new KeyInfoX509Data(manager.Certificate); keyInfo.AddClause(keyInfoData); signedXml.KeyInfo = keyInfo; // Add the reference to the SignedXml object. signedXml.AddReference(reference); // Compute the signature. signedXml.ComputeSignature(); // Get the XML representation of the signature and save // it to an XmlElement object. XmlElement xmlDigitalSignature = signedXml.GetXml(); envelope.DocumentElement.AppendChild( envelope.ImportNode(xmlDigitalSignature, true)); return envelope.OuterXml; }
public override string SignXml(XmlDocument Document) { SignedXmlWithId signedXml = new SignedXmlWithId(Document); signedXml.SigningKey = manager.Certificate.PrivateKey; KeyInfo keyInfo = new KeyInfo(); KeyInfoX509Data keyInfoData = new KeyInfoX509Data(manager.Certificate); keyInfo.AddClause(keyInfoData); signedXml.KeyInfo = keyInfo; // the DataObject has to point to a XmlNodeList DataObject dataObject = new DataObject(); dataObject.Id = "MyObjectID1"; dataObject.Data = new CustomXmlNodeList(new[] { Document.DocumentElement }); signedXml.AddObject(dataObject); // Add the reference to the SignedXml object. Reference reference = new Reference(); reference.Uri = "#MyObjectID1"; signedXml.AddReference(reference); // Create a reference to be signed. if (c14) { XmlDsigC14NTransform env = new XmlDsigC14NTransform(); reference.AddTransform(env); } // Compute the signature. signedXml.ComputeSignature(); // Get the XML representation of the signature and save // it to an XmlElement object. XmlElement xmlDigitalSignature = signedXml.GetXml(); // create detached envelope XmlDocument envelope = new XmlDocument(); envelope.AppendChild(envelope.CreateElement("Envelope")); envelope.DocumentElement.AppendChild( envelope.ImportNode(xmlDigitalSignature, true)); return envelope.OuterXml; }
public string GenerateSignedXml(LicenseDetails details) { if (details == null) throw new ArgumentNullException("details"); string rawXml; var serializer = new XmlSerializer(typeof (LicenseDetails)); using (var stream = new MemoryStream()) { serializer.Serialize(stream, details); stream.Position = 0; using (var streamReader = new StreamReader(stream)) rawXml = streamReader.ReadToEnd(); } // Sign the xml var doc = new XmlDocument(); TextReader reader = new StringReader(rawXml); doc.Load(reader); var signedXml = new SignedXml(doc); signedXml.SigningKey = _key; var reference = new Reference { Uri = "" }; reference.AddTransform(new XmlDsigEnvelopedSignatureTransform()); signedXml.AddReference(reference); signedXml.ComputeSignature(); var signature = signedXml.GetXml(); if (doc.DocumentElement != null) doc.DocumentElement.AppendChild(doc.ImportNode(signature, true)); if (doc.FirstChild is XmlDeclaration) doc.RemoveChild(doc.FirstChild); // Return the resulting xml using (var stringWriter = new StringWriter()) using (var xmlTextWriter = XmlWriter.Create(stringWriter)) { doc.WriteTo(xmlTextWriter); xmlTextWriter.Flush(); return stringWriter.GetStringBuilder().ToString(); } }