static void Main(string[] args) { X509Certificate2 x509Certificate2 = GetCertificate("990B25F50DC7E2B548BE75AFED579448"); //X509Certificate2 x509Certificate2 = GetCertificate("0efb7eebdcda4f64a718db3ff908b085"); //X509Certificate2 x509Certificate2 = GetCertificate("2E0A6058EA90DB8C46D1FD3513A877F8"); DCinemaSecurityMessageType extraTheatreMessage = new DCinemaSecurityMessageType(); XmlSerializer xmlSerializer = new XmlSerializer(extraTheatreMessage.GetType()); extraTheatreMessage.AuthenticatedPublic = new AuthenticatedPublicType(); extraTheatreMessage.AuthenticatedPublic.Id = "AuthenticatedPublic.Id." + Guid.NewGuid().ToString(); extraTheatreMessage.AuthenticatedPublic.MessageId = "urn:uuid:" + Guid.NewGuid().ToString(); extraTheatreMessage.AuthenticatedPublic.MessageType = "http://www.smpte-ra.org/schemas/430-3/2006/ETM"; extraTheatreMessage.AuthenticatedPublic.AnnotationText = new UserText(); extraTheatreMessage.AuthenticatedPublic.AnnotationText.Value = "Empty Extra-Theatre Message"; extraTheatreMessage.AuthenticatedPublic.AnnotationText.language = "en-us"; extraTheatreMessage.AuthenticatedPublic.IssueDate = DateTime.Now; X509IssuerSerial issuerSerial = new X509IssuerSerial(); issuerSerial.IssuerName = x509Certificate2.IssuerName.Name; issuerSerial.SerialNumber = x509Certificate2.SerialNumber; extraTheatreMessage.AuthenticatedPublic.Signer = issuerSerial; extraTheatreMessage.AuthenticatedPrivate = new AuthenticatedPrivateType(); extraTheatreMessage.AuthenticatedPrivate.Id = "AuthenticatedPrivate.Id." + Guid.NewGuid().ToString(); #region Build the signature elements SignedXml signedXml = null; try { signedXml = new SignedXml(); signedXml.SigningKey = x509Certificate2.PrivateKey; //signedXml.SignedInfo.SignatureMethod = "http://www.w3.org/ 2001/04/xmldsig-more#rsasha256"; //signedXml.SignedInfo.SignatureMethod = "http://www.w3.org/2001/04/xmlenc#sha256"; signedXml.SignedInfo.CanonicalizationMethod = "http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"; StringWriter stringWriter = new StringWriter(); xmlSerializer.Serialize(stringWriter, extraTheatreMessage); string serializedXML = stringWriter.ToString(); #region Build the AuthenticatedPublic DataObject & Reference string xmlAuthenticatedPublic = GetCleanElement(serializedXML, "AuthenticatedPublic"); XmlDocument docAuthenticatedPublic = new XmlDocument(); docAuthenticatedPublic.LoadXml(xmlAuthenticatedPublic.ToString()); //XmlAttribute attrAuthenticatedPublic = docAuthenticatedPublic.CreateAttribute("xmlns"); //attrAuthenticatedPublic.Value = "http://www.smpte-ra.org/schemas/430-3/2006/ETM"; //docAuthenticatedPublic.DocumentElement.Attributes.Append(attrAuthenticatedPublic); DataObject dataObjectAuthenticatedPublic = new DataObject("AuthenticatedPublic", "", "", docAuthenticatedPublic.DocumentElement); //DataObject dataObjectAuthenticatedPublic = new DataObject(); dataObjectAuthenticatedPublic.Data = docAuthenticatedPublic.ChildNodes; dataObjectAuthenticatedPublic.Id = "AuthenticatedPublic"; signedXml.AddObject(dataObjectAuthenticatedPublic); Reference referenceAuthenticatedPublic = new Reference(); referenceAuthenticatedPublic.Uri = "#AuthenticatedPublic"; referenceAuthenticatedPublic.DigestMethod = "http://www.w3.org/2001/04/xmlenc#sha256"; signedXml.AddReference(referenceAuthenticatedPublic); #endregion #region Build the AuthenticatedPublic DataObject & Reference string xmlAuthenticatedPrivate = GetCleanElement(serializedXML, "AuthenticatedPrivate"); XmlDocument docAuthenticatedPrivate = new XmlDocument(); docAuthenticatedPrivate.LoadXml(xmlAuthenticatedPrivate.ToString()); //XmlAttribute attrAuthenticatedPrivate = docAuthenticatedPrivate.CreateAttribute("xmlns"); //attrAuthenticatedPrivate.Value = "http://www.smpte-ra.org/schemas/430-3/2006/FLM"; //docAuthenticatedPrivate.DocumentElement.Attributes.Append(attrAuthenticatedPrivate); DataObject dataObjectAuthenticatedPrivate = new DataObject("AuthenticatedPrivate", "", "", docAuthenticatedPrivate.DocumentElement); //DataObject dataObjectAuthenticatedPrivate = new DataObject("AuthenticatedPrivate", "", "", docAuthenticatedPrivate.DocumentElement); //dataObjectAuthenticatedPrivate.Data = docAuthenticatedPrivate.ChildNodes; //dataObjectAuthenticatedPrivate.Id = "AuthenticatedPrivate"; signedXml.AddObject(dataObjectAuthenticatedPrivate); Reference referenceAuthenticatedPrivate = new Reference(); referenceAuthenticatedPrivate.Uri = "#AuthenticatedPrivate"; referenceAuthenticatedPrivate.DigestMethod = "http://www.w3.org/2001/04/xmlenc#sha256"; // Add the reference to the message. signedXml.AddReference(referenceAuthenticatedPrivate); #endregion // Add a KeyInfo. KeyInfo keyInfo = new KeyInfo(); keyInfo.AddClause(new KeyInfoX509Data(x509Certificate2, X509IncludeOption.WholeChain)); signedXml.KeyInfo = keyInfo; // Compute the signature. signedXml.ComputeSignature(); XmlElement singedElement = signedXml.GetXml(); XmlSerializer signedSerializer = new XmlSerializer(singedElement.GetType()); StreamWriter signedWriter = new StreamWriter("D:\\signedSerializer.Test.xml"); signedSerializer.Serialize(signedWriter, singedElement); signedWriter.Close(); } catch (CryptographicException e) { Console.WriteLine(e.Message); } #endregion #region Fill in the signature element extraTheatreMessage.Signature = signedXml.Signature.GetXml(); #endregion xmlSerializer.Serialize(Console.Out, extraTheatreMessage); Console.WriteLine("\r\n"); TextWriter WriteFileStream = new StreamWriter(@"\Source_SMPTE\Output\ExtraTheatreMessage.xml"); xmlSerializer.Serialize(WriteFileStream, extraTheatreMessage); WriteFileStream.Close(); ServiceExtraTheatreMessageClient client = new ServiceExtraTheatreMessageClient(); string response = client.ETM(extraTheatreMessage); DCinemaSecurityMessageType existingETM = new DCinemaSecurityMessageType(); TextReader readFileStream = new StreamReader(@"\Source_SMPTE\Input\DCinemaSecurityMessageType_AMC.xml"); existingETM = (DCinemaSecurityMessageType)xmlSerializer.Deserialize(readFileStream); readFileStream.Close(); existingETM.AuthenticatedPrivate = new AuthenticatedPrivateType(); existingETM.Signature = signedXml.Signature.GetXml(); WriteFileStream = new StreamWriter(@"\Source_SMPTE\Output\Read_ExtraTheatreMessage.xml"); xmlSerializer.Serialize(WriteFileStream, existingETM); WriteFileStream.Close(); response = client.ETM(existingETM); }
public static void SignXmlDocument(Stream sourceXmlFile, Stream destinationXmlFile, X509Certificate2 certificate) { // Carico il documento XML XmlDocument doc = new XmlDocument(); doc.Load(sourceXmlFile); // Preparo un DOMDocument che conterrà il risultato XmlDocument outputDocument = new XmlDocument(); // Recupero un riferimento all'intero contenuto del documento XML XmlNodeList elementsToSign = doc.SelectNodes(String.Format("/{0}", doc.DocumentElement.Name)); // Costruisco la firma SignedXml signedXml = new SignedXml(); System.Security.Cryptography.Xml.DataObject dataSignature = new System.Security.Cryptography.Xml.DataObject(); dataSignature.Data = elementsToSign; dataSignature.Id = doc.DocumentElement.Name; signedXml.AddObject(dataSignature); Reference reference = new Reference(); reference.Uri = String.Format("#{0}", dataSignature.Id); signedXml.AddReference(reference); if ((certificate != null) && (certificate.HasPrivateKey)) { signedXml.SigningKey = certificate.PrivateKey; KeyInfo keyInfo = new KeyInfo(); keyInfo.AddClause(new KeyInfoX509Data(certificate)); signedXml.KeyInfo = keyInfo; signedXml.ComputeSignature(); // Aggiungo la firma al nuovo documento di output outputDocument.AppendChild( outputDocument.ImportNode(signedXml.GetXml(), true)); outputDocument.Save(destinationXmlFile); } }
string SignWithHMACSHA1 (string input, byte [] key, Transform transform) { XmlDocument doc = new XmlDocument (); doc.LoadXml (input); SignedXml sxml = new SignedXml (doc); HMACSHA1 keyhash = new HMACSHA1 (key); DataObject d = new DataObject (); //d.Data = doc.SelectNodes ("//*[local-name()='Body']/*"); d.Data = doc.SelectNodes ("//*[local-name()='Action']"); d.Id = "_1"; sxml.AddObject (d); Reference r = new Reference ("#_1"); r.AddTransform (transform); r.DigestMethod = SignedXml.XmlDsigSHA1Url; sxml.SignedInfo.AddReference (r); sxml.ComputeSignature (keyhash); StringWriter sw = new StringWriter (); XmlWriter w = new XmlTextWriter (sw); sxml.GetXml ().WriteTo (w); w.Close (); return sw.ToString (); }
public void Add_Null () { SignedXml sx = new SignedXml (); // no ArgumentNull exceptions for those sx.AddObject (null); sx.AddReference (null); }
// [ExpectedException (typeof (ArgumentNullException))] public void AddObject_Null () { SignedXml sx = new SignedXml (); // still no ArgumentNullExceptions for this one sx.AddObject (null); }
// The same as MSDNSample(), but adding a few attributes public SignedXml MSDNSampleMixedCaseAttributes () { // Create example data to sign. XmlDocument document = new XmlDocument (); XmlNode node = document.CreateNode (XmlNodeType.Element, "", "MyElement", "samples"); node.InnerText = "This is some text"; XmlAttribute a1 = document.CreateAttribute ("Aa"); XmlAttribute a2 = document.CreateAttribute ("Bb"); XmlAttribute a3 = document.CreateAttribute ("aa"); XmlAttribute a4 = document.CreateAttribute ("bb"); a1.Value = "one"; a2.Value = "two"; a3.Value = "three"; a4.Value = "four"; node.Attributes.Append (a1); node.Attributes.Append (a2); node.Attributes.Append (a3); node.Attributes.Append (a4); document.AppendChild (node); // Create the SignedXml message. SignedXml signedXml = new SignedXml (); // Create a data object to hold the data to sign. DataObject dataObject = new DataObject (); dataObject.Data = document.ChildNodes; dataObject.Id = "MyObjectId"; // Add the data object to the signature. signedXml.AddObject (dataObject); // Create a reference to be able to package everything into the // message. Reference reference = new Reference (); reference.Uri = "#MyObjectId"; // Add it to the message. signedXml.AddReference (reference); return signedXml; }
// sample from MSDN (url) public SignedXml MSDNSample () { // Create example data to sign. XmlDocument document = new XmlDocument (); XmlNode node = document.CreateNode (XmlNodeType.Element, "", "MyElement", "samples"); node.InnerText = "This is some text"; document.AppendChild (node); // Create the SignedXml message. SignedXml signedXml = new SignedXml (); // Create a data object to hold the data to sign. DataObject dataObject = new DataObject (); dataObject.Data = document.ChildNodes; dataObject.Id = "MyObjectId"; // Add the data object to the signature. signedXml.AddObject (dataObject); // Create a reference to be able to package everything into the // message. Reference reference = new Reference (); reference.Uri = "#MyObjectId"; // Add it to the message. signedXml.AddReference (reference); return signedXml; }
/////////////////////////////////////////////////////////////////////// /// /// <summary> /// Carry out the Sign command. /// </summary> /// static void DoSignCommand(string title, X509Certificate2 certificate) { Console.WriteLine(); Console.WriteLine("Signing Xml file \"" + fileNames[0] + "\"..."); Console.WriteLine(); // display more details for verbose operation. if (verbose) { DisplayDetail(null, certificate, detached); } SignedXml signedXml = new SignedXml(); ICspAsymmetricAlgorithm csp = (ICspAsymmetricAlgorithm) certificate.PrivateKey; if (csp.CspKeyContainerInfo.RandomlyGenerated) throw new InternalException("Internal error: This certificate does not have a corresponding private key."); signedXml.SigningKey = (AsymmetricAlgorithm) csp; Console.WriteLine(signedXml.SigningKey.ToXmlString(false)); if (detached) { Reference reference = new Reference(); reference.Uri = "file://" + Path.GetFullPath((string) fileNames[0]); signedXml.AddReference(reference); } else { Reference reference = new Reference(); reference.Uri = "#object-1"; // Add an object XmlDocument dataObject = new XmlDocument(); dataObject.PreserveWhitespace = true; XmlElement dataElement = (XmlElement) dataObject.CreateElement("DataObject", SignedXml.XmlDsigNamespaceUrl); dataElement.AppendChild(dataObject.CreateTextNode(new UTF8Encoding(false).GetString(ReadFile((string) fileNames[0])))); dataObject.AppendChild(dataElement); DataObject obj = new DataObject(); obj.Data = dataObject.ChildNodes; obj.Id = "object-1"; signedXml.AddObject(obj); signedXml.AddReference(reference); } signedXml.KeyInfo = new KeyInfo(); if (includeOptions.Count == 0) { signedXml.KeyInfo.AddClause(new KeyInfoX509Data(certificate, X509IncludeOption.ExcludeRoot)); } else { KeyInfoX509Data keyInfoX509Data = new KeyInfoX509Data(); foreach (IncludeOptions includeOption in includeOptions) { switch (includeOption) { case IncludeOptions.ExcludeRoot: case IncludeOptions.EndCertOnly: case IncludeOptions.WholeChain: keyInfoX509Data = new KeyInfoX509Data(certificate, (X509IncludeOption) includeOption); break; case IncludeOptions.SubjectName: keyInfoX509Data.AddSubjectName(certificate.SubjectName.Name); break; case IncludeOptions.SKI: X509ExtensionCollection extensions = certificate.Extensions; foreach (X509Extension extension in extensions) { if (extension.Oid.Value == "2.5.29.14") { // OID for SKI extension X509SubjectKeyIdentifierExtension ski = extension as X509SubjectKeyIdentifierExtension; if (ski != null) { keyInfoX509Data.AddSubjectKeyId(ski.SubjectKeyIdentifier); break; } } } break; case IncludeOptions.IssuerSerial: keyInfoX509Data.AddIssuerSerial(certificate.IssuerName.Name, certificate.SerialNumber); break; } signedXml.KeyInfo.AddClause(keyInfoX509Data); } } // compute the signature signedXml.ComputeSignature(); XmlElement xmlDigitalSignature = signedXml.GetXml(); // write it out XmlTextWriter xmltw = new XmlTextWriter((string) fileNames[1], new UTF8Encoding(false)); xmlDigitalSignature.WriteTo(xmltw); xmltw.Close(); Console.WriteLine(); Console.WriteLine("Signature written to file \"" + fileNames[1] + "\"."); Console.WriteLine(); return; }
public static string SignXMLX509Data(string strXML) { string strResult = ""; try { SignedXml signedXml = new SignedXml(); // Get the signature key. For this demo, we look for keys associated with a certificate in the "MY" store RSACryptoServiceProvider rsa = null; X509Certificate x509Cert = null; GetSignatureKey(out rsa, out x509Cert); if (rsa == null) return ""; signedXml.SigningKey = rsa; Reference reference = new Reference(); reference.Uri = "#object-1"; reference.Type = "http://www.w3.org/2000/09/xmldsig#Object"; // Add an object System.Security.Cryptography.Xml.DataObject obj = new System.Security.Cryptography.Xml.DataObject(); XmlDocument doc = new XmlDocument(); doc.PreserveWhitespace = true; doc.LoadXml(strXML); obj.Data = doc.ChildNodes; obj.Id = "object-1"; signedXml.AddObject(obj); signedXml.AddReference(reference); KeyInfo keyInfo = new KeyInfo(); // Include the certificate raw data with the signed file keyInfo.AddClause(new KeyInfoX509Data(x509Cert)); signedXml.KeyInfo = keyInfo; // compute the signature signedXml.ComputeSignature(); strResult = signedXml.GetXml().OuterXml; } catch (Exception exc) { MessageBox.Show(exc.ToString(), Messages.ExceptionTitle, MessageBoxButtons.OK, MessageBoxIcon.Stop); return strResult; } return strResult; }
/// <summary> /// Sign this information card and write it to a file. /// </summary> /// <param name="filename">Path to where this card should be stored.</param> /// <param name="cert">Certificate to use for signing this card.</param> public void SerializeAndSign( string filename, X509Certificate2 cert ) { MemoryStream stream = new MemoryStream(); XmlWriter writer = XmlWriter.Create( stream ); writer.WriteStartElement( XmlNames.WSIdentity.InfoCardElement, XmlNames.WSIdentity.Namespace ); // // write the InformationCardReference element // writer.WriteAttributeString( XmlNames.Xml.Language, XmlNames.Xml.Namespace, m_language ); writer.WriteStartElement( XmlNames.WSIdentity.InfoCardRefElement, XmlNames.WSIdentity.Namespace ); writer.WriteElementString( XmlNames.WSIdentity.CardIdElement, XmlNames.WSIdentity.Namespace, m_cardId ); writer.WriteElementString( XmlNames.WSIdentity.CardVersionElement, XmlNames.WSIdentity.Namespace, m_cardVersion ); writer.WriteEndElement(); // // card name // if( !String.IsNullOrEmpty( m_cardName ) ) { writer.WriteStartElement( XmlNames.WSIdentity.CardNameElement, XmlNames.WSIdentity.Namespace ); writer.WriteString( m_cardName ); writer.WriteEndElement(); } // // card image // if( null != m_logo && 0 != m_logo.Length ) { writer.WriteStartElement( XmlNames.WSIdentity.CardImageElement, XmlNames.WSIdentity.Namespace ); if( !String.IsNullOrEmpty( m_mimeType ) ) { writer.WriteAttributeString( XmlNames.WSIdentity.MimeTypeAttribute, m_mimeType ); } string val = Convert.ToBase64String( m_logo ); writer.WriteString( val ); writer.WriteEndElement(); } // // card issuer uri // writer.WriteStartElement( XmlNames.WSIdentity.IssuerElement, XmlNames.WSIdentity.Namespace ); writer.WriteString( m_issuerId ); writer.WriteEndElement(); // // issue time // writer.WriteStartElement( XmlNames.WSIdentity.TimeIssuedElement, XmlNames.WSIdentity.Namespace ); writer.WriteString( XmlConvert.ToString( m_issuedOn, XmlDateTimeSerializationMode.Utc ) ); writer.WriteEndElement(); // // expiry time // writer.WriteStartElement( XmlNames.WSIdentity.TimeExpiresElement, XmlNames.WSIdentity.Namespace ); writer.WriteString( XmlConvert.ToString( m_expiresOn, XmlDateTimeSerializationMode.Utc ) ); writer.WriteEndElement(); // // Start the tokenservice list // writer.WriteStartElement( XmlNames.WSIdentity.TokenServiceListElement, XmlNames.WSIdentity.Namespace ); EndpointAddressBuilder eprBuilder = new EndpointAddressBuilder(); eprBuilder.Uri = new Uri( m_issuerId ); eprBuilder.Identity = new X509CertificateEndpointIdentity( cert ); if( null != m_mexUri ) { MetadataReference mexRef = new MetadataReference(); mexRef.Address = new EndpointAddress( m_mexUri ); mexRef.AddressVersion = AddressingVersion.WSAddressing10; MetadataSection mexSection = new MetadataSection(); mexSection.Metadata = mexRef; MetadataSet mexSet = new MetadataSet(); mexSet.MetadataSections.Add( mexSection ); MemoryStream memStream = new MemoryStream(); XmlTextWriter writer1 = new XmlTextWriter( memStream, System.Text.Encoding.UTF8 ); mexSet.WriteTo( writer1 ); writer1.Flush(); memStream.Seek( 0, SeekOrigin.Begin ); XmlDictionaryReader reader = XmlDictionaryReader.CreateTextReader( memStream, XmlDictionaryReaderQuotas.Max ); eprBuilder.SetMetadataReader( reader ); } m_epr = eprBuilder.ToEndpointAddress(); writer.WriteStartElement( XmlNames.WSIdentity.TokenServiceElement, XmlNames.WSIdentity.Namespace ); // // Write the EndPointReference // m_epr.WriteTo( AddressingVersion.WSAddressing10, writer ); // // Write the UserCredential Element // writer.WriteStartElement( XmlNames.WSIdentity.UserCredentialElement, XmlNames.WSIdentity.Namespace ); // // Write the hint // if( !String.IsNullOrEmpty( m_hint ) ) { writer.WriteStartElement( XmlNames.WSIdentity.DisplayCredentialHintElement, XmlNames.WSIdentity.Namespace ); writer.WriteString( m_hint ); writer.WriteEndElement(); } switch( m_cardType ) { case DefaultValues.CardType.UserNamePassword: writer.WriteStartElement( XmlNames.WSIdentity.UserNamePasswordCredentialElement, XmlNames.WSIdentity.Namespace ); if( !string.IsNullOrEmpty( m_credentialIdentifier ) ) { writer.WriteStartElement( XmlNames.WSIdentity.UserNameElement, XmlNames.WSIdentity.Namespace ); writer.WriteString( m_credentialIdentifier ); writer.WriteEndElement(); } writer.WriteEndElement(); break; case DefaultValues.CardType.KerberosAuth: writer.WriteStartElement( XmlNames.WSIdentity.KerberosV5CredentialElement, XmlNames.WSIdentity.Namespace ); writer.WriteEndElement(); break; case DefaultValues.CardType.SelfIssuedAuth: writer.WriteStartElement( XmlNames.WSIdentity.SelfIssuedCredentialElement, XmlNames.WSIdentity.Namespace ); if( !string.IsNullOrEmpty( m_credentialIdentifier ) ) { writer.WriteStartElement( XmlNames.WSIdentity.PrivatePersonalIdentifierElement, XmlNames.WSIdentity.Namespace ); writer.WriteString( m_credentialIdentifier ); writer.WriteEndElement(); } else { throw new InvalidDataException( "No PPID was specified" ); } writer.WriteEndElement(); break; case DefaultValues.CardType.SmartCard: writer.WriteStartElement( XmlNames.WSIdentity.X509V3CredentialElement, XmlNames.WSIdentity.Namespace ); writer.WriteStartElement( XmlNames.XmlDSig.X509DataElement, XmlNames.XmlDSig.Namespace ); if( !string.IsNullOrEmpty( m_credentialIdentifier ) ) { writer.WriteStartElement( XmlNames.WSSecurityExt.KeyIdentifierElement, XmlNames.WSSecurityExt.Namespace ); writer.WriteAttributeString( XmlNames.WSSecurityExt.ValueTypeAttribute, null, XmlNames.WSSecurityExt.Sha1ThumbrpintKeyTypeValue ); writer.WriteString( m_credentialIdentifier ); writer.WriteEndElement(); } else { throw new InvalidDataException( "No thumbprint was specified" ); } writer.WriteEndElement(); writer.WriteEndElement(); break; default: break; } writer.WriteEndElement(); //end of user credential writer.WriteEndElement(); // end of tokenservice writer.WriteEndElement(); //end of tokenservice list // // tokentypes // writer.WriteStartElement( XmlNames.WSIdentity.SupportedTokenTypeListElement, XmlNames.WSIdentity.Namespace ); foreach( string type in m_tokenTypes ) { writer.WriteElementString( XmlNames.WSTrust.TokenType, XmlNames.WSTrust.Namespace, type ); } writer.WriteEndElement(); // // claims // writer.WriteStartElement( XmlNames.WSIdentity.SupportedClaimTypeListElement, XmlNames.WSIdentity.Namespace ); foreach( ClaimInfo clm in m_supportedClaims ) { writer.WriteStartElement( XmlNames.WSIdentity.SupportedClaimTypeElement, XmlNames.WSIdentity.Namespace ); writer.WriteAttributeString( XmlNames.WSIdentity.UriAttribute, clm.Id ); if( !String.IsNullOrEmpty( clm.DisplayTag ) ) { writer.WriteElementString( XmlNames.WSIdentity.DisplayTagElement, XmlNames.WSIdentity.Namespace, clm.DisplayTag ); } if( !String.IsNullOrEmpty( clm.Description ) ) { writer.WriteElementString( XmlNames.WSIdentity.DescriptionElement, XmlNames.WSIdentity.Namespace, clm.Description ); } writer.WriteEndElement(); } writer.WriteEndElement(); // // RequireAppliesTo // if( m_requireAppliesTo ) { writer.WriteElementString( XmlNames.WSIdentity.RequireAppliesToElement, XmlNames.WSIdentity.Namespace, null ); } // // Privacy Notice // if( !String.IsNullOrEmpty( m_privacyNoticeAt ) ) { writer.WriteStartElement( XmlNames.WSIdentity.PrivacyNoticeAtElement, XmlNames.WSIdentity.Namespace ); writer.WriteString( m_privacyNoticeAt ); writer.WriteEndElement(); } writer.WriteEndElement(); writer.Close(); // // Sign the xml content // stream.Position = 0; XmlDocument doc = new XmlDocument(); doc.PreserveWhitespace = false; doc.Load( stream ); SignedXml signed = new SignedXml(); signed.SigningKey = cert.PrivateKey; signed.Signature.SignedInfo.CanonicalizationMethod = SignedXml.XmlDsigExcC14NTransformUrl; Reference reference = new Reference(); reference.Uri = "#_Object_InfoCard"; reference.AddTransform( new XmlDsigExcC14NTransform() ); signed.AddReference( reference ); KeyInfo info = new KeyInfo(); KeyInfoX509Data data = new KeyInfoX509Data( cert, X509IncludeOption.WholeChain ); info.AddClause( data ); signed.KeyInfo = info; DataObject cardData = new DataObject( "_Object_InfoCard", null, null, doc.DocumentElement ); signed.AddObject( cardData ); signed.ComputeSignature(); XmlElement e = signed.GetXml(); XmlTextWriter fileWriter = new XmlTextWriter( filename, Encoding.UTF8 ); e.WriteTo( fileWriter ); fileWriter.Flush(); fileWriter.Close(); }
/** * Sign the payloadBody as-is. Note that this is going to be encrypted anyway * so we avoid any incompatibilities due to canonicalisation, and we don't * care if the payloadBody is text, compressed and so on. Re-writes payloadBody * with a serialised XML Digital Signature "Signature" element containing an * enveloping signature, or throws an exception to signal failure. * * @param pk Private key * @param cert certificate associated with private key * @throws Exception */ private void signPayload(AsymmetricAlgorithm pk, X509Certificate2 cert) { if ((pk == null) || (cert == null)) { throw new Exception("Null signing material"); } if (!checkCertificateDateRange(cert)) { throw new Exception("Cannot use certificate " + cert.SubjectName + " as it is out of date"); } Reference reference = null; DataObject dataObject = null; XmlDocument doc = new XmlDocument(); String objectRef = "uuid" + Guid.NewGuid().ToString().ToLower(); reference = new Reference("#" + objectRef); if (compressed || base64 || !mimeType.Contains("xml")) { // Reference to the encoded binary content, using the (default) SHA1 DigestMethod // dataObject = new DataObject(); XmlText t = doc.CreateTextNode(payloadBody); // This element is just created as a workaround to contain the text, because .Net // won't let us include an XmlTextNode directly like the JDK will. We actually // grab the text node back out again in an XmlNodeList, which seems to keep the // .Net signer happy. // XmlElement element = doc.CreateElement("X"); element.AppendChild(t); XmlNodeList nl = element.ChildNodes; dataObject.Data = nl; } else { // Reference to the XML payload, using the (default) SHA1 DigestMethod and // exclusive canonicalisation. // reference.AddTransform(new XmlDsigExcC14NTransform()); doc.LoadXml(payloadBody); dataObject.Data = doc.ChildNodes; } dataObject.Encoding = ""; dataObject.Id = objectRef; dataObject.MimeType = ""; SignedXml signedXml = new SignedXml(); signedXml.AddObject(dataObject); signedXml.AddReference(reference); signedXml.SigningKey = pk; KeyInfo ki = new KeyInfo(); ki.AddClause(new KeyInfoX509Data(cert)); signedXml.KeyInfo = ki; signedXml.SignedInfo.CanonicalizationMethod = SignedXml.XmlDsigC14NWithCommentsTransformUrl; signedXml.ComputeSignature(); payloadBody = signedXml.Signature.GetXml().OuterXml; }
static DCinemaSecurityMessageType SignETM(DCinemaSecurityMessageType extraTheatreMessage, X509Certificate2 x509Certificate2) { SignedXml signedXml = null; try { signedXml = new SignedXml(); signedXml.SigningKey = x509Certificate2.PrivateKey; //signedXml.SignedInfo.SignatureMethod = "http://www.w3.org/ 2001/04/xmldsig-more#rsasha256"; //signedXml.SignedInfo.SignatureMethod = "http://www.w3.org/2001/04/xmlenc#sha256"; signedXml.SignedInfo.CanonicalizationMethod = "http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"; StringWriter stringWriter = new StringWriter(); XmlSerializer xmlSerializer = new XmlSerializer(typeof(DCinemaSecurityMessageType)); xmlSerializer.Serialize(stringWriter, extraTheatreMessage); string serializedXML = stringWriter.ToString(); #region Build the AuthenticatedPublic DataObject & Reference string xmlAuthenticatedPublic = GetCleanElement(serializedXML, "AuthenticatedPublic"); XmlDocument docAuthenticatedPublic = new XmlDocument(); docAuthenticatedPublic.LoadXml(xmlAuthenticatedPublic.ToString()); //XmlAttribute attrAuthenticatedPublic = docAuthenticatedPublic.CreateAttribute("xmlns"); //attrAuthenticatedPublic.Value = "http://www.smpte-ra.org/schemas/430-3/2006/ETM"; //docAuthenticatedPublic.DocumentElement.Attributes.Append(attrAuthenticatedPublic); DataObject dataObjectAuthenticatedPublic = new DataObject("AuthenticatedPublic", "", "", docAuthenticatedPublic.DocumentElement); //DataObject dataObjectAuthenticatedPublic = new DataObject(); dataObjectAuthenticatedPublic.Data = docAuthenticatedPublic.ChildNodes; dataObjectAuthenticatedPublic.Id = "AuthenticatedPublic"; signedXml.AddObject(dataObjectAuthenticatedPublic); Reference referenceAuthenticatedPublic = new Reference(); referenceAuthenticatedPublic.Uri = "#AuthenticatedPublic"; referenceAuthenticatedPublic.DigestMethod = "http://www.w3.org/2001/04/xmlenc#sha256"; signedXml.AddReference(referenceAuthenticatedPublic); #endregion #region Build the AuthenticatedPublic DataObject & Reference string xmlAuthenticatedPrivate = GetCleanElement(serializedXML, "AuthenticatedPrivate"); XmlDocument docAuthenticatedPrivate = new XmlDocument(); docAuthenticatedPrivate.LoadXml(xmlAuthenticatedPrivate.ToString()); //XmlAttribute attrAuthenticatedPrivate = docAuthenticatedPrivate.CreateAttribute("xmlns"); //attrAuthenticatedPrivate.Value = "http://www.smpte-ra.org/schemas/430-3/2006/FLM"; //docAuthenticatedPrivate.DocumentElement.Attributes.Append(attrAuthenticatedPrivate); DataObject dataObjectAuthenticatedPrivate = new DataObject("AuthenticatedPrivate", "", "", docAuthenticatedPrivate.DocumentElement); //DataObject dataObjectAuthenticatedPrivate = new DataObject("AuthenticatedPrivate", "", "", docAuthenticatedPrivate.DocumentElement); //dataObjectAuthenticatedPrivate.Data = docAuthenticatedPrivate.ChildNodes; //dataObjectAuthenticatedPrivate.Id = "AuthenticatedPrivate"; signedXml.AddObject(dataObjectAuthenticatedPrivate); Reference referenceAuthenticatedPrivate = new Reference(); referenceAuthenticatedPrivate.Uri = "#AuthenticatedPrivate"; referenceAuthenticatedPrivate.DigestMethod = "http://www.w3.org/2001/04/xmlenc#sha256"; // Add the reference to the message. signedXml.AddReference(referenceAuthenticatedPrivate); #endregion // Add a KeyInfo. KeyInfo keyInfo = new KeyInfo(); keyInfo.AddClause(new KeyInfoX509Data(x509Certificate2, X509IncludeOption.WholeChain)); signedXml.KeyInfo = keyInfo; // Compute the signature. signedXml.ComputeSignature(); XmlElement singedElement = signedXml.GetXml(); XmlSerializer signedSerializer = new XmlSerializer(singedElement.GetType()); StreamWriter signedWriter = new StreamWriter(@"\SOURCE_SMPTE\Output\signedSerializer.Test.xml"); signedSerializer.Serialize(signedWriter, singedElement); signedWriter.Close(); } catch (CryptographicException e) { Console.WriteLine(e.Message); } extraTheatreMessage.Signature = signedXml.Signature.GetXml(); return extraTheatreMessage; }
private void OpprettReferanser(SignedXml signaturnode, IEnumerable<IAsiceAttachable> referanser) { foreach (var item in referanser) { signaturnode.AddReference(Sha256Referanse(item)); } signaturnode.AddObject( new QualifyingPropertiesObject( _sertifikat, "#Signature", referanser.ToArray(), _xml.DocumentElement) ); signaturnode.AddReference(SignedPropertiesReferanse()); }
/// <summary> /// Signiert ein Xml-Document. /// </summary> /// <param name="xDoc">Das Dokument welches die Daten enthält die signiert werden sollen.</param> /// <param name="privateKey">Der private Schlüssel.</param> /// <returns>Gibt ein Xml Element mit den Signierten daten zurück.</returns> public static XmlElement SignXmlDocument(XmlDocument xDoc, string privateKey) { var signedXml = new SignedXml(); System.Security.Cryptography.RSA pvk = System.Security.Cryptography.RSA.Create(); pvk.FromXmlString(privateKey); signedXml.SigningKey = pvk; var dataObject = new DataObject(); dataObject.Id = "content"; dataObject.Data = xDoc.ChildNodes; signedXml.AddObject(dataObject); var reference = new Reference(); reference.Uri = "#content"; signedXml.AddReference(reference); var keyinfo = new KeyInfo(); keyinfo.AddClause(new RSAKeyValue(pvk)); signedXml.KeyInfo = keyinfo; signedXml.ComputeSignature(); return signedXml.GetXml(); }
static DCinemaSecurityMessageType SignETM(DCinemaSecurityMessageType extraTheatreMessage, X509Certificate2 x509Certificate2) { SignedXml signedXml = null; try { #region build the signature object signedXml = new SignedXml(); signedXml.SigningKey = x509Certificate2.PrivateKey; //signedXml.SignedInfo.SignatureMethod = "http://www.w3.org/ 2001/04/xmldsig-more#rsasha256"; //signedXml.SignedInfo.SignatureMethod = "http://www.w3.org/2001/04/xmlenc#sha256"; signedXml.SignedInfo.CanonicalizationMethod = "http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"; #endregion #region build a DCinemaSecurityMessage string to pull Data Objects StringWriter stringWriter = new StringWriter(); XmlSerializer xmlSerializer = new XmlSerializer(typeof(DCinemaSecurityMessageType)); xmlSerializer.Serialize(stringWriter, extraTheatreMessage); string serializedXML = stringWriter.ToString(); #endregion #region Build the AuthenticatedPublic DataObject & Reference string xmlAuthenticatedPublic = GetCleanElement(serializedXML, "AuthenticatedPublic"); XmlDocument docAuthenticatedPublic = new XmlDocument(); docAuthenticatedPublic.LoadXml(xmlAuthenticatedPublic.ToString()); DataObject dataObjectAuthenticatedPublic = new DataObject("AuthenticatedPublic", "", "", docAuthenticatedPublic.DocumentElement); dataObjectAuthenticatedPublic.Data = docAuthenticatedPublic.ChildNodes; dataObjectAuthenticatedPublic.Id = "AuthenticatedPublic"; signedXml.AddObject(dataObjectAuthenticatedPublic); Reference referenceAuthenticatedPublic = new Reference(); referenceAuthenticatedPublic.Uri = "#AuthenticatedPublic"; referenceAuthenticatedPublic.DigestMethod = "http://www.w3.org/2001/04/xmlenc#sha256"; signedXml.AddReference(referenceAuthenticatedPublic); #endregion #region Build the AuthenticatedPublic DataObject & Reference string xmlAuthenticatedPrivate = GetCleanElement(serializedXML, "AuthenticatedPrivate"); XmlDocument docAuthenticatedPrivate = new XmlDocument(); docAuthenticatedPrivate.LoadXml(xmlAuthenticatedPrivate.ToString()); DataObject dataObjectAuthenticatedPrivate = new DataObject("AuthenticatedPrivate", "", "", docAuthenticatedPrivate.DocumentElement); signedXml.AddObject(dataObjectAuthenticatedPrivate); Reference referenceAuthenticatedPrivate = new Reference(); referenceAuthenticatedPrivate.Uri = "#AuthenticatedPrivate"; referenceAuthenticatedPrivate.DigestMethod = "http://www.w3.org/2001/04/xmlenc#sha256"; // Add the reference to the message. signedXml.AddReference(referenceAuthenticatedPrivate); #endregion #region Add KeyInfo. KeyInfo keyInfo = new KeyInfo(); keyInfo.AddClause(new KeyInfoX509Data(x509Certificate2, X509IncludeOption.WholeChain)); signedXml.KeyInfo = keyInfo; #endregion // Compute the signature. signedXml.ComputeSignature(); } catch (CryptographicException e) { Console.WriteLine(e.Message); } //add the signature to the DCinemaSecurityMessage extraTheatreMessage.Signature = signedXml.Signature.GetXml(); return extraTheatreMessage; }