jeudi 9 février 2017

c# xml signature with reference (ws-security)

Vote count: 0

I try to sign xml with x509 certificate for a long time and still without success.

I have this code for sign:

public static void Sign(XmlDocument doc, X509Certificate2 cert)
    {
        SignedXml signedXml = new SignedXml(doc);
        signedXml.SigningKey = cert.PrivateKey;

        signedXml.SignedInfo.CanonicalizationMethod = SignedXml.XmlDsigExcC14NTransformUrl;

        XmlDsigExcC14NTransform canMethod = (XmlDsigExcC14NTransform)signedXml.SignedInfo.CanonicalizationMethodObject;

        Reference reference = new Reference();
        reference.Uri = "";
        reference.AddTransform(new XmlDsigEnvelopedSignatureTransform());
        reference.AddTransform(new XmlDsigExcC14NTransform());
        signedXml.AddReference(reference);
        reference.DigestMethod = "http://ift.tt/1jbsD3O";

        KeyInfo keyInfo = new KeyInfo();
        keyInfo.AddClause(new KeyInfoX509Data(cert));

        signedXml.ComputeSignature();

        XmlElement xmlSig = signedXml.GetXml();

        doc.DocumentElement.AppendChild(doc.ImportNode(xmlSig, true));
    }

And I need similar soap message:

<?xml version="1.0" encoding="UTF-8"?>
<soap:Envelope xmlns:soap="http://ift.tt/sVJIaE">
  <SOAP-ENV:Header xmlns:SOAP-ENV="http://ift.tt/sVJIaE">
    <wsse:Security xmlns:wsse="http://ift.tt/LRW8Ij" xmlns:wsu="http://ift.tt/Hm2joJ" soap:mustUnderstand="1">
      <wsse:BinarySecurityToken EncodingType="http://ift.tt/14yUvuM" ValueType="http://ift.tt/11idNQV" wsu:Id="X509">...</wsse:BinarySecurityToken>
      <ds:Signature xmlns:ds="http://ift.tt/uq6naF" Id="SIG">
        ds:SignedInfo>
      <ds:CanonicalizationMethod Algorithm="http://ift.tt/11kTCUR">
        <ec:InclusiveNamespaces xmlns:ec="http://ift.tt/11kTCUR" PrefixList="soap"/>
      </ds:CanonicalizationMethod>
      <ds:SignatureMethod Algorithm="http://ift.tt/18jbiFB"/>
      <ds:Reference URI="#id-1">
        <ds:Transforms>
          <ds:Transform Algorithm="http://ift.tt/11kTCUR">
            <ec:InclusiveNamespaces xmlns:ec="http://ift.tt/11kTCUR" PrefixList=""/>
          </ds:Transform>
        </ds:Transforms>
        <ds:DigestMethod Algorithm="http://ift.tt/1jbsD3O"/>
        <ds:DigestValue>TWpSLQpOXSUe8k6Q8lAd7DyMhWkTIcbHNifrPnWDG/M=</ds:DigestValue>
      </ds:Reference>
    </ds:SignedInfo>
    <ds:SignatureValue>SX8rtbZ6ip6ayGLQsmoSjd5wVKJEXfbOIqP75E3HchB5QD09YYKuMpXVzLawtJHNVFPE8AvN0jqQaQkJCS2NaI0BZfBsryEx/Pnoq8dkwEYbEa7XgBIzblVNmN9iiaQoQPC2Q/PHCwhOSYUmMRM8liwBnkdaqNWw/6BySw7PWcS/BMDm3d3O/igheuO8Tbi3ksybTDun5lf8xsWdFFRZ2hJX4rJm9p2ro128AbDO6yJIy/sfsyEvMFkpSQ8pms66EIgz0OflhplvPxOsYjA4V0aB31M5t2qXAUNKBcaZkyUZDhLSgBf63GzcfQ501s8R/fwmH07NxfDFmSsrsP3LHw==</ds:SignatureValue>
    <ds:KeyInfo Id="KI">
      <wsse:SecurityTokenReference xmlns:wsse="http://ift.tt/LRW8Ij" xmlns:wsu="http://ift.tt/Hm2joJ" wsu:Id="STR">
        <wsse:Reference URI="#X509" ValueType="http://ift.tt/11idNQV"/>
      </wsse:SecurityTokenReference>
    </ds:KeyInfo>
      </ds:Signature>
    </wsse:Security>
  </SOAP-ENV:Header>
  <soap:Body xmlns:wsu="http://ift.tt/Hm2joJ" wsu:Id="id-1">
    ...
  </soap:Body>
</soap:Envelope>

I do not know how to create a reference to soap:Body... I am a beginner with certificates and I am not able to find a solution.

asked 43 secs ago
cmaxik

Let's block ads! (Why?)



c# xml signature with reference (ws-security)
Publié par à
Libellés :

Aucun commentaire:

Enregistrer un commentaire

Inscription à : Publier les commentaires (Atom)