Add C# web signing support

IB-4339

Author: metsma

examples/DigiDocCSharp/Program.cs

@@ -3,6 +3,7 @@
 
 using System;
 using System.IO;
+using System.Linq;
 using System.Security.Cryptography.X509Certificates;
 using digidoc;
 
@@ -23,6 +24,7 @@ static void Main(string[] args)
             {
                 case "extract": extract(Convert.ToInt32(args[1]), args[2]); return;
                 case "sign": sign(args); return;
+                case "websign": websign(args); return;
                 case "verify": verify(args[1]); return;
                 case "version": version(); return;
                 case "help":
@@ -36,7 +38,7 @@ static void extract(int index, string file)
             try
             {
                 Console.WriteLine("Opening file: " + file);
-                Container b = new Container(file);
+                Container b = Container.open(file);
                 DataFile d = b.dataFiles()[index];
                 string dest = Path.Combine(Directory.GetCurrentDirectory(), d.fileName());
                 Console.WriteLine("Extracting file {0} to {1}", d.fileName(), dest);
@@ -59,13 +61,19 @@ static void extract(int index, string file)
 
         static void help()
         {
-            Console.WriteLine("DigiDocCSharpt command");
+            Console.WriteLine("DigiDocCSharp command [params]");
             Console.WriteLine("Command:");
             Console.WriteLine(" extract\tExtracts files from document");
             Console.WriteLine("    num");
             Console.WriteLine("    file");
             Console.WriteLine(" help\t\tPrints utility commands");
             Console.WriteLine(" sign\t\tSigns file");
+            Console.WriteLine("    datafile1 datafile2 ...");
+            Console.WriteLine("    file");
+            Console.WriteLine(" websign\t\tSigns file");
+            Console.WriteLine("    datafile1 datafile2 ...");
+            Console.WriteLine("    cert");
+            Console.WriteLine("    file");
             Console.WriteLine(" verify\t\tVerifies document signature and shows info");
             Console.WriteLine("    file");
             Console.WriteLine(" version\tPrints utility version");
@@ -78,11 +86,46 @@ static void sign(string[] args)
             try
             {
                 Console.WriteLine("Creating file: " + args[args.Length-1]);
-                Container b = new Container(Container.DocumentType.BDocType);
+                Container b = Container.create(args[args.Length - 1]);
                 for (int i = 1; i < args.Length - 1; ++i)
-                    b.addDataFile(args[i], "");
-                b.sign("", "", "", "", new StringVector { }, "");
-                b.save(args[args.Length - 1]);
+                    b.addDataFile(args[i], "application/octet-stream");
+                using (WinSigner signer = new WinSigner())
+                    b.sign(signer);
+                b.save();
+            }
+            catch (Exception e)
+            {
+                Console.WriteLine(e.Message);
+            }
+            digidoc.digidoc.terminate();
+        }
+
+        static void websign(string[] args)
+        {
+            digidoc.digidoc.initialize();
+            try
+            {
+                Console.WriteLine("Creating file: " + args[args.Length - 1]);
+                Container b = Container.create(args[args.Length - 1]);
+                for (int i = 1; i < args.Length - 2; ++i)
+                    b.addDataFile(args[i], "application/octet-stream");
+
+                X509Certificate cert = new X509Certificate();
+                cert.Import(args[args.Length - 2]);
+                Signature c = b.prepareWebSignature(cert.Export(X509ContentType.Cert), "BES/time-stamp");
+                Console.WriteLine("Signature method: " + c.signatureMethod());
+                Console.WriteLine("Digest to sign: " + BitConverter.ToString(c.dataToSign()).Replace("-", string.Empty));
+                Console.WriteLine("Please enter signed digest in hex: ");
+
+                byte[] inputBuffer = new byte[1024];
+                Stream inputStream = Console.OpenStandardInput(inputBuffer.Length);
+                Console.SetIn(new StreamReader(inputStream, Console.InputEncoding, false, inputBuffer.Length));
+                String hex = Console.ReadLine();
+
+                byte[] signature = Enumerable.Range(0, hex.Length / 2).Select(x => Convert.ToByte(hex.Substring(x * 2, 2), 16)).ToArray();
+                c.setSignatureValue(signature);
+                c.extendSignatureProfile("BES/time-stamp");
+                b.save();
             }
             catch (Exception e)
             {
@@ -97,7 +140,7 @@ static void verify(string file)
             try
             {
                 Console.WriteLine("Opening file: " + file);
-                Container b = new Container(file);
+                Container b = Container.open(file);
 
                 Console.WriteLine("Files:");
                 foreach (DataFile d in b.dataFiles())
@@ -114,13 +157,8 @@ static void verify(string file)
                         Console.Write(" " + role);
                     Console.WriteLine();
 
-                    Console.WriteLine("Time: " + s.signingTime());
-                    X509Certificate2 c = new X509Certificate2(s.signingCert());
-                    Console.WriteLine("Cert: " + c.Subject);
-
-                    Console.WriteLine("ProducedAt: " + s.producedAt());
-                    c = new X509Certificate2(s.OCSPCert());
-                    Console.WriteLine("OCSP Cert: " + c.Subject);
+                    Console.WriteLine("Time: " + s.trustedSigningTime());
+                    Console.WriteLine("Cert: " + new X509Certificate2(s.signingCertificateDer()).Subject);
 
                     s.validate();
                     Console.WriteLine("Signature is valid");
@@ -136,7 +174,7 @@ static void verify(string file)
 
         static void version()
         {
-            Console.WriteLine("DigiDocCSharp 0.1 libdigidocpp " + digidoc.digidoc.version());
+            Console.WriteLine("DigiDocCSharp 0.2 libdigidocpp " + digidoc.digidoc.version());
         }
     }
 }

src/digidoc.i

@@ -36,17 +36,33 @@
 #include "Container.h"
 #include "DataFile.h"
 #include "Exception.h"
+#include "log.h"
 #include "Signature.h"
 #include "XmlConf.h"
 #include "crypto/PKCS11Signer.h"
 #include "crypto/PKCS12Signer.h"
 #include "crypto/X509Cert.h"
-#ifdef SWIGWIN
+#ifdef _WIN32
 #include "crypto/WinSigner.h"
 #endif
 
 #include <vector>
 
+class WebSignerPrivate: public digidoc::Signer
+{
+public:
+    WebSignerPrivate(const digidoc::X509Cert &cert): _cert(cert) {}
+
+private:
+    digidoc::X509Cert cert() const override { return _cert; }
+    std::vector<unsigned char> sign(const std::string &, const std::vector<unsigned char> &) const override
+    {
+        THROW("Not implemented");
+    }
+
+    digidoc::X509Cert _cert;
+};
+
 static std::string parseException(const digidoc::Exception &e) {
     std::string msg = e.msg();
     for(const digidoc::Exception &ex: e.causes())
@@ -203,9 +219,9 @@ SWIGEXPORT void JNICALL Java_ee_ria_libdigidocpp_digidocJNI_initJava(JNIEnv *jen
 %include "crypto/Signer.h"
 %include "crypto/PKCS12Signer.h"
 %include "crypto/PKCS11Signer.h"
-#ifdef SWIGWIN
+//#ifdef SWIGWIN
 %include "crypto/WinSigner.h"
-#endif
+//#endif
 
 %template(StringVector) std::vector<std::string>;
 %template(DataFiles) std::vector<digidoc::DataFile*>;
@@ -223,20 +239,34 @@ SWIGEXPORT void JNICALL Java_ee_ria_libdigidocpp_digidocJNI_initJava(JNIEnv *jen
     {
         return $self->signingCertificate();
     }
-    std::vector<unsigned char> OCSPCertificate() const
+    std::vector<unsigned char> OCSPCertificateDer() const
     {
         return $self->OCSPCertificate();
     }
-    std::vector<unsigned char> TimeStampCertificate() const
+    std::vector<unsigned char> TimeStampCertificateDer() const
     {
         return $self->TimeStampCertificate();
     }
-    std::vector<unsigned char> ArchiveTimeStampCertificate() const
+    std::vector<unsigned char> ArchiveTimeStampCertificateDer() const
     {
         return $self->ArchiveTimeStampCertificate();
     }
 }
 
+%extend digidoc::Container {
+    Signature* prepareWebSignature(const std::vector<unsigned char> &cert, const std::string &profile = "",
+                                   const std::vector<std::string> &roles = std::vector<std::string>(),
+                                   const std::string &city = "", const std::string &state = "",
+                                   const std::string &postalCode = "", const std::string &country = "")
+    {
+        WebSignerPrivate signer(X509Cert(cert, X509Cert::Der));
+        signer.setProfile(profile);
+        signer.setSignatureProductionPlace(city, state, postalCode, country);
+        signer.setSignerRoles(roles);
+        return $self->prepareSignature(&signer);
+    }
+}
+
 // Target language specific functions
 #ifdef SWIGPHP
 %minit %{ %}