Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- using System;
- using System.Collections.Generic;
- using System.Diagnostics.Contracts;
- using System.Linq;
- using System.Security.Cryptography.X509Certificates;
- using System.Security.Cryptography.Xml;
- using System.Text;
- using System.Xml;
- using CryptoPro.Sharpei.Xml;
- using OpenEhr.V1.Its.Xml.RM;
- using OpenHealth.Common.Extensions;
- using OpenHealth.Common.OpenEHR.Extensions;
- using OpenHealth.KnowledgeManager.Definition;
- namespace OpenHealth.Storage.Ehr
- {
- public class VersionSigner : IVersionSigner
- {
- readonly ICertificateContainer _certificateContainer;
- readonly IKnowledgeManager _knowledgeManager;
- public VersionSigner(ICertificateContainer certificateContainer, IKnowledgeManager knowledgeManager)
- {
- Contract.Requires(certificateContainer != null);
- Contract.Requires(knowledgeManager != null);
- _certificateContainer = certificateContainer;
- _knowledgeManager = knowledgeManager;
- }
- public string GetSignatureForVersion(VERSION version)
- {
- var composition = version.Cast<ORIGINAL_VERSION>().data as COMPOSITION;
- // При создании Ehr в data приходит EHR_STATUS, а не COMPOSITION
- if (composition == null)
- return string.Empty;
- X509Certificate2 certificate = GetCertificate(composition.archetype_details.template_id.value);
- if (certificate == null)
- return string.Empty;
- var doc = new XmlDocument
- {
- PreserveWhitespace = false
- };
- doc.LoadXml(version.Serialize<VERSION>());
- var reference = new Reference { DigestMethod = CPSignedXml.XmlDsigGost3411Url, Uri = string.Empty };
- // Добавляем transform на подписываемые данные для удаления вложенной подписи.
- reference.AddTransform(new XmlDsigEnvelopedSignatureTransform());
- // Добавляем transform для канонизации.
- reference.AddTransform(new XmlDsigC14NTransform());
- var keyInfo = new KeyInfo();
- keyInfo.AddClause(new KeyInfoX509Data(certificate));
- var signedXml = new SignedXml(doc)
- {
- SigningKey = certificate.PrivateKey
- };
- signedXml.AddReference(reference);
- signedXml.KeyInfo = keyInfo;
- signedXml.ComputeSignature();
- XmlElement xmlElement = signedXml.GetXml();
- return Convert.ToBase64String(Encoding.UTF8.GetBytes(xmlElement.InnerXml));
- }
- X509Certificate2 GetCertificate(string templateId)
- {
- if (_certificateContainer == null)
- return null;
- if (templateId.IsNullOrWhiteSpace())
- return _certificateContainer.DefaultCertificate;
- var path = _knowledgeManager.GetFullPathById(templateId);
- return _certificateContainer.Certificates
- .Where(c => path.Contains(c.Key) && c.Key.IsNullOrWhiteSpace().Not())
- .DefaultIfEmpty(new KeyValuePair<string, X509Certificate2>("", _certificateContainer.DefaultCertificate))
- .FirstOrDefault().Value;
- }
- }
- }
Add Comment
Please, Sign In to add comment