Adding Object tag to the X509Certificate2 in c#

Question

I have a problem to add the Object tag to my signature as our participant need it to be in the signature of the signed XML. I need to add the bellow Object tag to my signature:

<ds:Object>
    <xades:QualifyingProperties xmlns:xades="http://uri.etsi.org/01903/v1.3.2#">
        <xades:SignedProperties Id="_aba0ee84-5f37-499e-a8e8-caa7f398341c-signedprops">
            <xades:SignedSignatureProperties>
                <xades:SigningTime>2019-02-15T21:09:10+13:00</xades:SigningTime>
            </xades:SignedSignatureProperties>
        </xades:SignedProperties>
    </xades:QualifyingProperties>
</ds:Object>

my current signutare looks like:

    <MyElement xmlns="samples">Example text to be signed.
    <Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
        <SignedInfo>
            <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
            <SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
            <Reference URI="">
                <Transforms>
                    <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
                </Transforms>
                <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
                <DigestValue>Kglqb8fjGmMi2n4W8qXldBIY7VBi0xbNn+dZml7H3xw=</DigestValue>
            </Reference>
        </SignedInfo>
        <SignatureValue>Iz5LOjZGefMHvIYs/cr1Vmrg/9gXPDGpJetBEx+k/yzHVAdJf18P2/udFkeOoVMCpVUnNn+H4eVihD2idqg7SMosZeFA4LCQC2/Wn7GCE6k+y0mivCtFZTaXu0yUbwDGWDBvvqMUT87uaRx4o61cm7V3DH8wOUJ05mKtoVFpG20=</SignatureValue>
    </Signature>
</MyElement>

The final signature I need should look like:

 <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
    <ds:SignedInfo>
        <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
        <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
        <ds:Reference URI="#_33d232d2-4591-4b49-b28d-3cb825fbeaa4">
            <ds:Transforms>
                <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
            </ds:Transforms>
            <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
            <ds:DigestValue>uFw2hAp5tSL4VidzHtTvv3aziis=</ds:DigestValue>
        </ds:Reference>
        <ds:Reference Type="http://uri.etsi.org/01903/v1.3.2#SignedProperties" URI="#_aba0ee84-5f37-499e-a8e8-caa7f398341c-signedprops">
            <ds:Transforms>
                <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
            </ds:Transforms>
            <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
            <ds:DigestValue>X01eQjqcHvYtQbFkpNT7WcvBSxI=</ds:DigestValue>
        </ds:Reference>
        <ds:Reference>
            <ds:Transforms>
                <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
            </ds:Transforms>
            <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
            <ds:DigestValue>OCCzP5CU0TAgyYSLMR+SIMchxrE=</ds:DigestValue>
        </ds:Reference>
    </ds:SignedInfo>
    <ds:SignatureValue>b8AhGMpa+fK6Q5q/HXiPttGIKn2PMXc/GQSrxnI+jnW9Agg6E6R/q+cwMKiYkdlskI/P0UAdwxd+
KQ44k6r2OET4HjMyatG99HFQnS0C0awVO7CPF6cO9069DDmXplWIkHIoBPWSgXh7SQHMpaQihJYo
S9iVr5+qhYQBZYCVwHg=</ds:SignatureValue>
    <ds:KeyInfo Id="_33d232d2-4591-4b49-b28d-3cb825fbeaa4">
        <ds:X509Data>
            <ds:X509IssuerSerial>
                <ds:X509IssuerName>CN=Test CA, O=Test Institution, C=BD</ds:X509IssuerName>
                <ds:X509SerialNumber>12345678</ds:X509SerialNumber>
            </ds:X509IssuerSerial>
        </ds:X509Data>
    </ds:KeyInfo>
    <ds:Object>
        <xades:QualifyingProperties xmlns:xades="http://uri.etsi.org/01903/v1.3.2#">
            <xades:SignedProperties Id="_aba0ee84-5f37-499e-a8e8-caa7f398341c-signedprops">
                <xades:SignedSignatureProperties>
                    <xades:SigningTime>2019-02-15T21:09:10+13:00</xades:SigningTime>
                </xades:SignedSignatureProperties>
            </xades:SignedProperties>
        </xades:QualifyingProperties>
    </ds:Object>
</ds:Signature>

you can check the c# code in the link: https://learn.microsoft.com/en-us/dotnet/api/system.security.cryptography.xml.x509issuerserial?view=net-5.0

See my solution at this posting : https://stackoverflow.com/questions/46722997/saml-assertion-in-a-xml-using-c-sharp/46724392 — jdweng, Mar 10 '21 at 11:17
I need to add this Object field to my signature which I did not find anything about in your answer!!! 2019-02-15T21:09:10+13:00 — Mohammad Jalal Ahmadzai, Mar 10 '21 at 12:40
My code the tag names are different but the process is the same. You need to modify CreateSubject to create your required xml tags. The when you call SignXmlWithCertificate the signed Node will be added to the XML. — jdweng, Mar 10 '21 at 13:02
but how about this Id="_aba0ee84-5f37-499e-a8e8-caa7f398341c-signedprops" — Mohammad Jalal Ahmadzai, Mar 10 '21 at 13:07
plz if you can customize your code, it will be very helpful. — Mohammad Jalal Ahmadzai, Mar 10 '21 at 13:24
yes it is an attribute but the value is I think not string it should be some calculated or may be encrypted!!! — Mohammad Jalal Ahmadzai, Mar 11 '21 at 08:16

score 1 · Answer 1 · answered Mar 10 '21 at 16:36

Here is the first step :

        public static void CreateKeyInfo(XmlElement xSubject)
        {
            string keyinfo = "<ds:KeyInfo Id=\"_33d232d2-4591-4b49-b28d-3cb825fbeaa4\">"+
                                "<ds:X509Data>" +
                                   "<ds:X509IssuerSerial>" +
                                      "<ds:X509IssuerName>CN=Test CA, O=Test Institution, C=BD</ds:X509IssuerName>" +
                                      "<ds:X509SerialNumber>12345678</ds:X509SerialNumber>" +
                                   "</ds:X509IssuerSerial>"+
                                "</ds:X509Data>" +
                             "</ds:KeyInfo>";

            xSubject.InnerXml = keyinfo;
        }

        public static void CreateObject(XmlElement xSubject)
        {
            string keyObject = "<ds:Object>" +
                                  "<xades:QualifyingProperties xmlns:xades=\"http://uri.etsi.org/01903/v1.3.2#\">" +
                                     "<xades:SignedProperties Id=\"_aba0ee84-5f37-499e-a8e8-caa7f398341c-signedprops\">" +
                                        "<xades:SignedSignatureProperties>" +
                                           "<xades:SigningTime>2019-02-15T21:09:10+13:00</xades:SigningTime>" +
                                        "</xades:SignedSignatureProperties>" +
                                     "</xades:SignedProperties>" +
                                  "</xades:QualifyingProperties>" +
                               "</ds:Object>";

            xSubject.InnerXml = keyObject;
        }

this only add some static object, I think the Id attribute of the SignedProperties comes from some where else. if you solve that I will mark your answer. thanks in advance. — Mohammad Jalal Ahmadzai, Mar 11 '21 at 08:19
You need to add the ID to the parameter list of CrtateObject. Then modify the string keyObject to make the ID use the value in the parameter list instead of being fixed. You would also want to do something similar with other properties like the SigningTime. — jdweng, Mar 11 '21 at 09:19
Adding references to signedproperties and KeyInfo is the challenge where this is a static object appended at the end. — Mohammad Jalal Ahmadzai, Mar 12 '21 at 05:15
Look at my link that creates the SOAP. The main method builds the xml. Look at the way I call the method CreateSubject(subject); — jdweng, Mar 12 '21 at 06:14
I have checked your code that is great but I need to add reference to signedproperties and keyinfo elements like this. X01eQjqcHvYtQbFkpNT7WcvBSxI= — Mohammad Jalal Ahmadzai, Mar 12 '21 at 09:58

Adding Object tag to the X509Certificate2 in c#

1 Answers1