MainForm.cs | searchcode

/Visual Studio 2008/CSXmlDigitalSignature/MainForm.cs

#
C# | 261 lines | 141 code | 44 blank | 76 comment | 13 complexity | cec18d741e9bc04f1f39e0137d510ab4 MD5 | raw file

/******************************** Module Header ********************************\

* Module Name:  MainForm.cs

* Project:      CSXmlDigitalSignature

* Copyright (c) Microsoft Corporation.

* 

* You can use the classes in the System.Security.Cryptography.Xml namespace to

* sign an XML document or part of an XML document with a digital signature. 

* XML digital signatures (XMLDSIG) allow you to verify that data was not 

* altered after it was signed. For more information about the XMLDSIG standard

* see the World Wide Web Consortium (W3C) specification at 

* http://www.w3.org/TR/xmldsig-core/. 

*

* The code example in this procedure demonstrates how to digitally sign an 

* entire XML document and attach the signature to the document in a 

* <Signature> element. The example creates an RSA signing key, adds the key

* to a secure key container, and then uses the key to digitally sign an XML 

* document. The key can then be retrieved to verify the XML digital signature,

* or be used to sign another XML document.

* 

* Code Logic:

* 1 Create Xml document 

* 2 Click Sign button to sign one Xml document

* 2.1 Create one RSACryptoServiceProvider object for signing

* 2.2 Creaet one SignedXml object to facilitate creating XML signatures

* 2.3 Append the element to the XML document

* 2.4 Save Xml document to file

* 3 Click Verify button to verify Xml document

* 3.1 Create one RSACryptoServiceProvider object to verify digital signature

* 3.2 Creaet one SignedXml object to verify digital signature

* 4 Modify Xml Document. Then verify the XmlDocument to know its correctness

* 

* This source is subject to the Microsoft Public License.

* See http://www.microsoft.com/opensource/licenses.mspx#Ms-PL.

* All other rights reserved.

* 

* History:

* * 4/14/2009 12:00 AM Riquel Dong Created

\*******************************************************************************/



#region Using Directives

using System;

using System.Collections.Generic;

using System.ComponentModel;

using System.Data;

using System.Drawing;

using System.Linq;

using System.Text;

using System.Windows.Forms;

using System.Xml.Linq;

using System.Xml;

using System.Security.Cryptography;

using System.Security.Cryptography.Xml;

#endregion





namespace CSXmlDigitalSignature

{

    public partial class MainForm : Form

    {

        private XmlDocument xmlDoc;



        public MainForm()

        {

            InitializeComponent();

        }



        private void XMLDigitalSignatureForm_Load(object sender, EventArgs e)

        {

            GenerateXmlDocument();

            tbxPlaintext.Text = xmlDoc.OuterXml;

        }



        private void GenerateXmlDocument()

        {

            XDocument xdoc = new XDocument(

                new XDeclaration("1.0", "utf-8", "yes"),

                new XComment("This is a comment"),

                new XElement("invoice",

                    new XElement("items",

                        new XElement("item",

                            new XElement("desc", ""),

                            new XElement("unitprice", "14.95"),

                            new XElement("quantity", "1")),

                            new XElement("creditcard",

                                new XElement("number", "19834209"),

                                new XElement("expiry", "02/02/2002")

                                ))));

            xdoc.Save("test.xml");

            xmlDoc = new XmlDocument();

            xmlDoc.Load("test.xml");

        }



        // Save public key to verify digital signature

        private String publicOnlyKey;

        private void btnSign_Click(object sender, EventArgs e)

        {

            try

            {

                /////////////////////////////////////////////////////////////////

                // Create a new RSA signing key and export public key for 

                // verification.



                RSACryptoServiceProvider rsaKey = new RSACryptoServiceProvider();

                publicOnlyKey = rsaKey.ToXmlString(false);

                tbxRSAParameters.Text = publicOnlyKey;





                /////////////////////////////////////////////////////////////////

                // Sign the XML document.

                // 



                SignXml(xmlDoc, rsaKey);

                MessageBox.Show("XML file signed.");





                /////////////////////////////////////////////////////////////////

                // Save and display the signed document.

                // 



                xmlDoc.Save("test1.xml");

                tbxDigitalSignature.Text = xmlDoc.OuterXml;

            }

            catch (Exception ex)

            {

                Console.WriteLine(ex.Message);

            }

        }



        public static void SignXml(XmlDocument Doc, RSA Key)

        {

            // Check arguments.

            if (Doc == null)

                throw new ArgumentException("Doc");

            if (Key == null)

                throw new ArgumentException("Key");



            try

            {

                // Create a SignedXml object to generate signature.

                SignedXml signedXml = new SignedXml(Doc);



                // Add the key to the SignedXml document

                signedXml.SigningKey = Key;



                // Create a reference to be signed

                Reference reference = new Reference();

                reference.Uri = "";



                // Add an enveloped transformation to the reference

                XmlDsigEnvelopedSignatureTransform env =

                    new XmlDsigEnvelopedSignatureTransform();

                reference.AddTransform(env);



                // Add the reference to the SignedXml object

                signedXml.AddReference(reference);



                // Compute the signature

                signedXml.ComputeSignature();



                // Get the XML representation of the signature and save

                // it to an XmlElement object.

                XmlElement xmlDigitalSignature = signedXml.GetXml();



                // Append the element to the XML document.

                Doc.DocumentElement.AppendChild(Doc.ImportNode(xmlDigitalSignature, true));

            }

            catch (Exception ex)

            {

                MessageBox.Show(ex.Message);

            }

        }



        private void btnVerify_Click(object sender, EventArgs e)

        {

            /////////////////////////////////////////////////////////////////////

            // Create a new RSA signing key and import public key for 

            // verification.

            //



            RSACryptoServiceProvider rsaKey = new RSACryptoServiceProvider();

            rsaKey.FromXmlString(publicOnlyKey);





            /////////////////////////////////////////////////////////////////////

            // Load the signed XML, and call VerifyXml to verify the signature of 

            // the signed XML.

            // 



            XmlDocument xmlDoc = new XmlDocument();

            xmlDoc.Load("test1.xml");



            bool result = VerifyXml(xmlDoc, rsaKey);



            if (result)

            {

                MessageBox.Show("The XML signature is valid.");

            }

            else

            {

                MessageBox.Show("The XML signature is not valid.");

            }

        }



        public static Boolean VerifyXml(XmlDocument Doc, RSA Key)

        {

            // Check arguments.

            if (Doc == null)

                throw new ArgumentException("Doc");

            if (Key == null)

                throw new ArgumentException("Key");





            /////////////////////////////////////////////////////////////////////

            // Create a SignedXml object to verify the signature

            //



            SignedXml signedXml = new SignedXml(Doc);



            // Find Signature node and create a new XmlNodeList object

            XmlNodeList nodeList = Doc.GetElementsByTagName("Signature");



            // Throw an exception if no signature was found.

            if (nodeList.Count <= 0)

            {

                throw new CryptographicException(

                    "Verification failed:" +

                    " No Signature was found in the document.");

            }



            // This example only supports one signature for entire XML document

            if (nodeList.Count >= 2)

            {

                throw new CryptographicException(

                    "Verification failed: More that one signature was found.");

            }



            // Load the first <signature> node.  

            signedXml.LoadXml((XmlElement)nodeList[0]);



            // Check the signature and return the result.

            return signedXml.CheckSignature(Key);

        }



        private void btnChangeXML_Click(object sender, EventArgs e)

        {

            // Modify the value of the Xml document for test. 



            XDocument xDoc = XDocument.Load("test1.xml");



            if (xDoc != null)

            {

                xDoc.Element("invoice").Element("items").

                    Element("creditcard").Element("number").SetValue("19834210");



                xDoc.Save("test1.xml");



                tbxModifiedMessage.Text = xDoc.ToString();

            }

        }

    }

}