Benim sorunum .NET api'leri ile imza attığımda matematiksel doğrulama hatası alıyor olmamdan kaynaklanıyor. iletinde bahsetti,ğin konuları inceledim, evet, orjinal xml dosyasını değiştirdiğini fark ettim. Hatta <cbc:UUID> tagındaki GUID verisini de değiştiriyor, bu kısmı anlamak mümkün değil. imza atan C# kodu aşağıda paylaşıyorum, umarım bir çözüm yolu bulabiliriz;
imzayı "createEnvelopedBes" yordamı atıyor, alıcı gözüyle bir inceleyebilir misiniz?
Kod: Tümünü seç
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Drawing;
using System.Reflection;
using System.Windows.Forms;
using System.Runtime.InteropServices;
using System.IO;
using NUnit.Framework;
using log4net;
using iaik.pkcs.pkcs11.wrapper;
using tr.gov.tubitak.uekae.esya.api.smartcard.gui;
using tr.gov.tubitak.uekae.esya.api.common.util.bag;
using System.Xml;
using tr.gov.tubitak.uekae.esya.api.common;
using tr.gov.tubitak.uekae.esya.api.xmlsignature;
using tr.gov.tubitak.uekae.esya.api.asn.x509;
using tr.gov.tubitak.uekae.esya.api.cmssignature.example.util;
using tr.gov.tubitak.uekae.esya.api.common.crypto;
using tr.gov.tubitak.uekae.esya.api.smartcard.pkcs11;
using tr.gov.tubitak.uekae.esya.api.common.util;
using tr.gov.tubitak.uekae.esya.api.xmlsignature.config;
using tr.gov.tubitak.uekae.esya.api.xmlsignature.transforms;
using TransformType = tr.gov.tubitak.uekae.esya.api.xmlsignature.TransformType;
using Transform = tr.gov.tubitak.uekae.esya.api.xmlsignature.model.Transform;
using Transforms = tr.gov.tubitak.uekae.esya.api.xmlsignature.model.Transforms;
using tr.gov.tubitak.uekae.esya.api.xmlsignature.document;
namespace ma3api_xmlsignature_test
{
[ComVisible(true)]
public interface arayuz
{
void Set_SMART_CARD_PIN(String aSMART_CARD_PIN);
void createEnvelopedBes(String aLisansYol, String aConfigXmlYol, String aPinNo, bool aNitelik, string aSignatureID, String aXML, string aSignedXmlFilePath);
}
public class DelphiComx: arayuz
{
protected IBaseSmartCard bsc;
protected BaseSigner mSigner;
public static string DETACHED_SIGNATURE_FILENAME = "sig_bes_detached.xsig";
public const System.String FILENAME_BES_ENVELOPED_SIGNATURE = "sig_bes_enveloped.xsig";
public const System.String FILENAME_BES_ENVELOPED_TRANSFORM_SIGNATURE = "sig_bes_envelopedTransform.xsig";
public const System.String FILENAME_BES_ENVELOPING_SIGNATURE = "sig_bes_enveloping.xsig";
public static string FILENAME_PARALLEL_DETACHED = "sig_parallel_detached.xsig";
public static string FILENAME_PARALLEL_ENVELOPED = "sig_parallel_enveloped.xsig";
public static string FILENAME_COUNTER_EXISTING = "sig_detached_counter.xsig";
public static string FILENAME_PARALLEL_COUNTER_EXISTING = "sig_parallel_counter.xsig";
public static string SIGNATURE_FILENAME_P1 = "profile_p1_bes.xsig";
public static string SIGNATURE_FILENAME_P2 = "profile_p2_t.xsig";
public static string SIGNATURE_FILENAME_P3 = "profile_p3_xl_crl.xsig";
public static string SIGNATURE_FILENAME_P4 = "profile_p4_xl_ocsp.xsig";
public static string SIGNATURE_FILENAME_A = "profile_p4_a.xsig";
public static string SIGNATURE_FILENAME_AA = "profile_p4_aa.xsig";
internal static readonly bool WORK_ONLY_WITH_QUALIFIED_CERTS = false;
public static String SMART_CARD_PIN = ""; /* createEnvelopedBes veya Set_SMART_CARD_PIN prosedüründen değerini alacak... */
public static readonly String TEST_PROJECT_FOLDER = Application.StartupPath; /* EXE'nin çalıştığı klasör kastediliyor... */
public static int askOption(Control aParent, Icon aIcon, String[] aSecenekList, String aBaslik, String[] aOptions)
{
SlotList sl = new SlotList(null, aIcon, aSecenekList, aBaslik);
DialogResult result = sl.ShowDialog();
if (result != DialogResult.OK)
return -1;
return sl.getSelectedIndex();
}
private ECertificate selectCertificate(bool checkIsQualified, bool checkBeingNonQualified, List<byte[]> aCerts)
{
if (aCerts != null && aCerts.Count == 0) throw new ESYAException("Kartta sertifika yok");
if (checkIsQualified && checkBeingNonQualified) throw new ESYAException("Bir sertifika ya niteliklidir ya da niteliksizdir. Aynı anda hem nitelikli hem de niteliksiz sertifika olmaz");
List<ECertificate> certs = new List<ECertificate>();
foreach (byte[] bs in aCerts)
{
ECertificate cert = new ECertificate(bs);
if (checkIsQualified) { if (cert.isQualifiedCertificate()) certs.Add(cert); } else
if (checkBeingNonQualified) { if (!cert.isQualifiedCertificate()) certs.Add(cert); } else
{ certs.Add(cert); }
}
ECertificate selectedCert = null;
if (certs.Count == 0)
{
if (checkIsQualified) throw new ESYAException("Kartta nitelikli sertifika yok"); else
if (checkBeingNonQualified) throw new ESYAException("Kartta niteliksiz sertifika yok");
} else
if (certs.Count == 1)
{
selectedCert = certs[0];
} else
{
String[] optionList = new String[certs.Count];
for (int i = 0; i < certs.Count; i++) { optionList[i] = certs[i].getSubject().getCommonNameAttribute(); }
int result = askOption(null, null, optionList, "Sertifika Listesi", new[] { "Tamam" });
if (result < 0) selectedCert = null; else selectedCert = certs[result];
}
return selectedCert;
}
private XmlDocument newEnvelope2(String aXML)
{
try
{
XmlDocument xmlDocument = new XmlDocument();
xmlDocument.LoadXml(aXML);
return xmlDocument;
}
catch (System.Exception x)
{
SupportClass.WriteStackTrace(x, Console.Error);
}
throw new ESYAException("XML verisinde hata var. İmza üretilemedi.");
}
public static void EnvelopedSignatureInitialize(string lisansFilePath)
{
LicenseUtil.setLicenseXml(new FileStream(lisansFilePath, FileMode.Open));
}
public void Set_SMART_CARD_PIN(String aSMART_CARD_PIN)
{
SMART_CARD_PIN = aSMART_CARD_PIN;
}
[b]public void createEnvelopedBes(String aLisansFile, String aConfigXmlYol, String aPinNo, bool aNitelik, string aSignatureID, String aXML, string aSignedXmlFilePath)
{
EnvelopedSignatureInitialize(aLisansFile);
Set_SMART_CARD_PIN(aPinNo);
String aConfigXmlFile = aConfigXmlYol + @"xmlsignature-config.xml";
// here is our custom envelope xml
XmlDocument envelopeDoc = newEnvelope2(aXML);
// create context with working dir
Context context = new Context(aConfigXmlYol);
context.Config = new Config(aConfigXmlFile);
// define where signature belongs to
context.Document = envelopeDoc;
// create signature according to context,
// with default type (XADES_BES)
XMLSignature signature = new XMLSignature(context, false);
signature.SigningTime = DateTime.Now;
// attach signature to envelope
envelopeDoc.DocumentElement.GetElementsByTagName("ext:ExtensionContent").Item(0).AppendChild(signature.Element); // NORMALDE BU SATIRI KULLANIYORDUK AMA BİZE ARADA BİR YERDE KULLANMAK GEREKİYOR...
// add document as reference,
Transforms transforms = new Transforms(context);
transforms.addTransform(new Transform(context, TransformType.ENVELOPED.Url));
// add whole document(="") with envelope transform, with SHA256
// and don't include it into signature(false)
signature.addDocument("", "text/xml", transforms, DigestMethod.SHA_256, false);
String[] terminals = SmartOp.getCardTerminals();
String terminal;
if (terminals == null || terminals.Length == 0) throw new SmartCardException("Kart takılı bir e-imza/e-mühür kartı yok");
int index = 0;
if (terminals.Length == 1) terminal = terminals[index];
else
{
index = askOption(null, null, terminals, "Okuyucu Listesi", new String[] { "Tamam" });
terminal = terminals[index];
}
Pair<long, CardType> slotAndCardType = SmartOp.getSlotAndCardType(terminal);
bsc = new P11SmartCard(slotAndCardType.getmObj2());
bsc.openSession(slotAndCardType.getmObj1());
List<byte[]> allCerts = bsc.getSignatureCertificates();
ECertificate signingCert = selectCertificate(aNitelik, false, allCerts);
signature.addKeyInfo(signingCert);
bsc.login(aPinNo);
mSigner = bsc.getSigner(signingCert, Algorithms.SIGNATURE_RSA_SHA256);
signature.sign(mSigner);
envelopeDoc.Save(aSignedXmlFilePath);
// MessageBox.Show("XML imzası atıldı, dosya (3): " + aSignedXmlFilePath);
}
}[/b]
}