public static DOCXField[] GetSignatureFields(string DocxFile)
{
int rc;
int NumOfFields = 0;
SAPIContext ctxSigField = new SAPIContext();
rc = SAPI.SignatureFieldEnumInit(
hSession,
ctxSigField,
SAPI_ENUM_FILE_TYPE.SAPI_ENUM_FILE_OFFICE_XML_PACKAGE,
DocxFile,
0,
ref NumOfFields);
if (rc != 0)
{
throw new Exception("Failed in SAPISignatureFieldEnumInit (" + rc.ToString("X") + ")");
}
//There are no signature fields
if (NumOfFields == 0)
{
return(null);
}
DOCXField[] Fields = new DOCXField[NumOfFields];
for (int i = 0; i < NumOfFields; i++)
{
Fields[i] = new DOCXField();
//Get Signature Field Handle
rc = SAPI.SignatureFieldEnumCont(hSession, ctxSigField, out Fields[i].hSigField);
if (rc != 0)
{
throw new Exception("Failed in SignatureFieldEnumCont (" + rc.ToString("X") + ")");
}
//Get Signature Field Details
rc = SAPI.SignatureFieldInfoGet(
hSession,
Fields[i].hSigField,
Fields[i].sSettings,
Fields[i].sInfo);
if (rc != 0)
{
throw new Exception("Failed in SignatureFieldInfoGet (" + rc.ToString("X") + ")");
}
}
SAPI.ContextRelease(ctxSigField);
return(Fields);
}
static void Main(string[] args)
{
string InFileName = "C:\\temp\\tag-sample.pdf";
string OutFileName = "C:\\temp\\tag-sample-signed.pdf";
string startDelim = "<<";
string endDelim = ">>";
int rc;
SESHandle SesHandle;
SigFieldSettingsClass SFS = new SigFieldSettingsClass();
TimeFormatClass TF = new TimeFormatClass();
int Flags = AR_PDF_FLAG_FIELD_NAME_SET;
int LocNumber;
SAPICrypt SAPI = new SAPICryptClass();
// SAPIInit() should be called once per process
if ((rc = SAPI.Init()) != 0) throw new Exception("Failed to initialize SAPI! (" + rc.ToString("X") + ")");
// Open a new SAPI context
if ((rc = SAPI.HandleAcquire(out SesHandle)) != 0) throw new Exception("Failed in SAPIHandleAcquire() with rc = " + rc.ToString("X"));
if ((rc = SAPI.Logon(SesHandle, "testuser", null, "12345678")) != 0)
{
SAPI.HandleRelease(SesHandle);
throw new Exception("Failed in SAPILogon() with rc = " + rc.ToString("X"));
}
//
// Locate all field tags in the PDF
// The PDF filename to be used is defined above.
// The format of each field locator in the PDF should be:
// << w={width}; h={height}; n={field name}; a={appearance mask} >>
//
// For example:
// << w=120; h=80; n=Signer1; a=15; >>
//
SAPIContext SigLocatorCtx = new SAPIContext();
Array fileBytes = File.ReadAllBytes(InFileName);
SAPIByteArray doc = new SAPIByteArrayClass();
doc.FromArray(ref fileBytes);
FileHandle fh;
if ((rc = SAPI.CreateFileHandleByMem(out fh, SAPI_ENUM_FILE_TYPE.SAPI_ENUM_FILE_ADOBE, 0, doc)) != 0)
{
SAPI.HandleRelease(SesHandle);
throw new Exception("Failed to create file handle with rc = " + rc.ToString("X"));
}
// Initiate a new Field Locator enumerator.
// The argument LocNumber will contain the number of signature tags found in the PDF document.
//
if ((rc = SAPI.SignatureFieldLocatorEnumInit(SesHandle, SigLocatorCtx, fh, startDelim, endDelim, 0, out LocNumber)) != 0)
{
SAPI.HandleRelease(fh);
SAPI.HandleRelease(SesHandle);
throw new Exception("LocatorEnumInit failed with rc = " + rc.ToString("X"));
}
// Do for all tags in the document
string strEncMsg;
for (int i = 0; i < LocNumber; i++)
{
// Get settings for the next field locator.
// (Use strEncMsg string to parse the field locator content if a custom string format has been used)
if ((rc = SAPI.SignatureFieldLocatorEnumCont(SesHandle, SigLocatorCtx, SFS, out strEncMsg)) != 0)
{
SAPI.ContextRelease(SigLocatorCtx);
SAPI.HandleRelease(fh);
SAPI.HandleRelease(SesHandle);
throw new Exception("LocatorEnumCont failed with rc = " + rc.ToString("X"));
}
// The following values of the SignatureFieldSettings will be automatically set by SAPI:
// X/Y Location (including page number)
// Width
// Height
// Field Name
// Appearance Mask
//
SFS.LabelsMask = 0;
SFS.DependencyMode = SAPI_ENUM_DEPENDENCY_MODE.SAPI_ENUM_DEPENDENCY_MODE_INDEPENDENT;
SFS.SignatureType = SAPI_ENUM_SIGNATURE_TYPE.SAPI_ENUM_SIGNATURE_DIGITAL;
SFS.Flags = 0;
// time:
TF.DateFormat = "dd MMM yyyy";
TF.TimeFormat = "hh:mm:ss";
TF.ExtTimeFormat = SAPI_ENUM_EXTENDED_TIME_FORMAT.SAPI_ENUM_EXTENDED_TIME_FORMAT_NONE;
SFS.TimeFormat = TF;
// Now create the signature field on the PDF
// We make use of SignatureFieldCreateEx function in order to pass the FileHandle for the in-memory
// file rather than a UNC file path.
if ((rc = SAPI.SignatureFieldCreateSignEx2(SesHandle, SAPI_ENUM_FILE_TYPE.SAPI_ENUM_FILE_ADOBE,
"", fh, SFS, Flags, null)) != 0)
{
SAPI.ContextRelease(SigLocatorCtx);
SAPI.HandleRelease(fh);
SAPI.HandleRelease(SesHandle);
throw new Exception("Failed to create new signature field with rc = " + rc.ToString("X"));
}
}
// Write the PDF to an output file
if ((rc = SAPI.GetFileMemData(fh, 0, doc)) != 0)
{
SAPI.ContextRelease(SigLocatorCtx);
SAPI.HandleRelease(fh);
SAPI.HandleRelease(SesHandle);
throw new Exception("Failed to GetFileMem with rc = " + rc.ToString("X"));
}
File.WriteAllBytes(OutFileName, (byte[])doc.ToArray());
// Finalize work with SAPI
SAPI.ContextRelease(SigLocatorCtx);
SAPI.HandleRelease(fh);
SAPI.HandleRelease(SesHandle);
}
static void Main(string[] args)
{
string InFileName = "C:\\temp\\tag-sample.pdf";
string OutFileName = "C:\\temp\\tag-sample-signed.pdf";
string startDelim = "<<";
string endDelim = ">>";
int rc;
SESHandle SesHandle;
SigFieldSettingsClass SFS = new SigFieldSettingsClass();
TimeFormatClass TF = new TimeFormatClass();
int Flags = AR_PDF_FLAG_FIELD_NAME_SET;
int LocNumber;
SAPICrypt SAPI = new SAPICryptClass();
// SAPIInit() should be called once per process
if ((rc = SAPI.Init()) != 0)
{
throw new Exception("Failed to initialize SAPI! (" + rc.ToString("X") + ")");
}
// Open a new SAPI context
if ((rc = SAPI.HandleAcquire(out SesHandle)) != 0)
{
throw new Exception("Failed in SAPIHandleAcquire() with rc = " + rc.ToString("X"));
}
if ((rc = SAPI.Logon(SesHandle, "testuser", null, "12345678")) != 0)
{
SAPI.HandleRelease(SesHandle);
throw new Exception("Failed in SAPILogon() with rc = " + rc.ToString("X"));
}
//
// Locate all field tags in the PDF
// The PDF filename to be used is defined above.
// The format of each field locator in the PDF should be:
// << w={width}; h={height}; n={field name}; a={appearance mask} >>
//
// For example:
// << w=120; h=80; n=Signer1; a=15; >>
//
SAPIContext SigLocatorCtx = new SAPIContext();
Array fileBytes = File.ReadAllBytes(InFileName);
SAPIByteArray doc = new SAPIByteArrayClass();
doc.FromArray(ref fileBytes);
FileHandle fh;
if ((rc = SAPI.CreateFileHandleByMem(out fh, SAPI_ENUM_FILE_TYPE.SAPI_ENUM_FILE_ADOBE, 0, doc)) != 0)
{
SAPI.HandleRelease(SesHandle);
throw new Exception("Failed to create file handle with rc = " + rc.ToString("X"));
}
// Initiate a new Field Locator enumerator.
// The argument LocNumber will contain the number of signature tags found in the PDF document.
//
if ((rc = SAPI.SignatureFieldLocatorEnumInit(SesHandle, SigLocatorCtx, fh, startDelim, endDelim, 0, out LocNumber)) != 0)
{
SAPI.HandleRelease(fh);
SAPI.HandleRelease(SesHandle);
throw new Exception("LocatorEnumInit failed with rc = " + rc.ToString("X"));
}
// Do for all tags in the document
string strEncMsg;
for (int i = 0; i < LocNumber; i++)
{
// Get settings for the next field locator.
// (Use strEncMsg string to parse the field locator content if a custom string format has been used)
if ((rc = SAPI.SignatureFieldLocatorEnumCont(SesHandle, SigLocatorCtx, SFS, out strEncMsg)) != 0)
{
SAPI.ContextRelease(SigLocatorCtx);
SAPI.HandleRelease(fh);
SAPI.HandleRelease(SesHandle);
throw new Exception("LocatorEnumCont failed with rc = " + rc.ToString("X"));
}
// The following values of the SignatureFieldSettings will be automatically set by SAPI:
// X/Y Location (including page number)
// Width
// Height
// Field Name
// Appearance Mask
//
SFS.LabelsMask = 0;
SFS.DependencyMode = SAPI_ENUM_DEPENDENCY_MODE.SAPI_ENUM_DEPENDENCY_MODE_INDEPENDENT;
SFS.SignatureType = SAPI_ENUM_SIGNATURE_TYPE.SAPI_ENUM_SIGNATURE_DIGITAL;
SFS.Flags = 0;
// time:
TF.DateFormat = "dd MMM yyyy";
TF.TimeFormat = "hh:mm:ss";
TF.ExtTimeFormat = SAPI_ENUM_EXTENDED_TIME_FORMAT.SAPI_ENUM_EXTENDED_TIME_FORMAT_NONE;
SFS.TimeFormat = TF;
// Now create the signature field on the PDF
// We make use of SignatureFieldCreateEx function in order to pass the FileHandle for the in-memory
// file rather than a UNC file path.
if ((rc = SAPI.SignatureFieldCreateSignEx2(SesHandle, SAPI_ENUM_FILE_TYPE.SAPI_ENUM_FILE_ADOBE,
"", fh, SFS, Flags, null)) != 0)
{
SAPI.ContextRelease(SigLocatorCtx);
SAPI.HandleRelease(fh);
SAPI.HandleRelease(SesHandle);
throw new Exception("Failed to create new signature field with rc = " + rc.ToString("X"));
}
}
// Write the PDF to an output file
if ((rc = SAPI.GetFileMemData(fh, 0, doc)) != 0)
{
SAPI.ContextRelease(SigLocatorCtx);
SAPI.HandleRelease(fh);
SAPI.HandleRelease(SesHandle);
throw new Exception("Failed to GetFileMem with rc = " + rc.ToString("X"));
}
File.WriteAllBytes(OutFileName, (byte[])doc.ToArray());
// Finalize work with SAPI
SAPI.ContextRelease(SigLocatorCtx);
SAPI.HandleRelease(fh);
SAPI.HandleRelease(SesHandle);
}
// This function is thread-safe and could be called by a few threads simoltaneously.
// If FieldName parameter is NULL, a new field will be created, otherwise existing field will be signed
// and all field-related parameters will be ignored
public static void SAPI_sign_file(string FileName, string FieldName, string User, string Password, string SignPassword,
int page, int x, int y, int height, int width,
bool Invisible, string Reason, int AppearanceMask, string NewFieldName, string GraphImgName)
{
int rc;
SESHandle SesHandle;
SigFieldHandle sf = null;
SAPICrypt SAPI = new SAPICrypt();
if ((rc = SAPI.HandleAcquire(out SesHandle)) != 0)
{
throw new Exception("Failed in SAPIHandleAcquire() with rc = " + rc.ToString("X"));
}
//Logon
if ((rc = SAPI.Logon(SesHandle, User, null, Password)) != 0)
{
SAPI.HandleRelease(SesHandle);
throw new Exception("Failed to authenticate user with rc = " + rc.ToString("X"));
}
//Set Graphical Image if required
if (GraphImgName != null && GraphImgName.Length > 1)
{
SAPIContext ctxGraphImg = new SAPIContext();
//Start Graphical Images Enumeration
if ((rc = SAPI.GraphicSigImageEnumInit(SesHandle, ctxGraphImg, AR_GR_SIG_DATA_FORMAT_ALL, 0)) != 0)
{
SAPI.Logoff(SesHandle);
SAPI.HandleRelease(SesHandle);
throw new Exception("Failed to enumerate graphical signatures with rc = " + rc.ToString());
}
GraphicImageHandle hGrImg = null;
bool isFound = false;
while (((uint)(rc = SAPI.GraphicSigImageEnumCont(SesHandle, ctxGraphImg, out hGrImg))) != SAPI_ERROR_NO_MORE_ITEMS)
{
if (rc != 0)
{
SAPI.ContextRelease(ctxGraphImg);
SAPI.Logoff(SesHandle);
SAPI.HandleRelease(SesHandle);
throw new Exception("Failed to retrieve next graphical signature with rc = " + rc.ToString());
}
//Get Graphical Signature Info
GraphicImageInfo giInfo = null;
if ((rc = SAPI.GraphicSigImageInfoGet(SesHandle, hGrImg, out giInfo,
SAPI_ENUM_GRAPHIC_IMAGE_FORMAT.SAPI_ENUM_GRAPHIC_IMAGE_NONE, 0)) != 0)
{
SAPI.ContextRelease(ctxGraphImg);
SAPI.HandleRelease(hGrImg);
SAPI.Logoff(SesHandle);
SAPI.HandleRelease(SesHandle);
throw new Exception("Failed to retrieve graphical signature info with rc = " + rc.ToString());
}
//Check if required Graphical image has been found
if (giInfo.Name.Trim().ToLower() == GraphImgName.Trim().ToLower())
{
//If found - set is as default Graph. Image
if ((rc = SAPI.GraphicSigImageSetDefault(SesHandle, hGrImg)) != 0)
{
SAPI.ContextRelease(ctxGraphImg);
SAPI.HandleRelease(hGrImg);
SAPI.Logoff(SesHandle);
SAPI.HandleRelease(SesHandle);
throw new Exception("Failed to define default graphical signature with rc = " + rc.ToString());
}
isFound = true;
SAPI.ContextRelease(ctxGraphImg);
SAPI.HandleRelease(hGrImg);
break;
}
SAPI.HandleRelease(hGrImg);
}
SAPI.ContextRelease(ctxGraphImg);
//If required Graph Image wasn't found...
if (!isFound)
{
SAPI.Logoff(SesHandle);
SAPI.HandleRelease(SesHandle);
throw new Exception("Failed to find Graphical Image with name: " + GraphImgName);
}
}
//Create new signature field
if (FieldName == null)
{
SigFieldSettings SFS = new SigFieldSettings();
TimeFormat TF = new TimeFormat();
int Flags = 0;
//Define name of the new signature field
if (NewFieldName.Length > 0)
{
SFS.Name = NewFieldName;
Flags |= AR_PDF_FLAG_FIELD_NAME_SET;
}
if (Invisible)
{
SFS.Invisible = 1;
SFS.Page = -1;
}
else
{
// VISIBLE:
SFS.Invisible = 0;
// location:
SFS.Page = page;
SFS.X = x;
SFS.Y = y;
SFS.Height = height;
SFS.Width = width;
// appearance:
SFS.AppearanceMask = AppearanceMask;
SFS.LabelsMask = AppearanceMask;
SFS.DependencyMode = SAPI_ENUM_DEPENDENCY_MODE.SAPI_ENUM_DEPENDENCY_MODE_INDEPENDENT;
SFS.SignatureType = SAPI_ENUM_SIGNATURE_TYPE.SAPI_ENUM_SIGNATURE_DIGITAL;
SFS.Flags = 0;
// time:
TF.DateFormat = "dd MMM yyyy";
TF.TimeFormat = "hh:mm:ss";
TF.ExtTimeFormat = SAPI_ENUM_EXTENDED_TIME_FORMAT.SAPI_ENUM_EXTENDED_TIME_FORMAT_NONE;
SFS.TimeFormat = TF;
}
//Create the Field
if ((rc = SAPI.SignatureFieldCreate(SesHandle, SAPI_ENUM_FILE_TYPE.SAPI_ENUM_FILE_ADOBE,
FileName, SFS, Flags, out sf)) != 0)
{
SAPI.Logoff(SesHandle);
SAPI.HandleRelease(SesHandle);
throw new Exception("Failed to create new signature field with rc = " + rc.ToString("X"));
}
}
//Find an existing signature field by name
else
{
SAPIContext ctxField = new SAPIContext();
int NumOfFields = 0;
//Initiate the Signature Fields enumeration process
if ((rc = SAPI.SignatureFieldEnumInit(SesHandle, ctxField, SAPI_ENUM_FILE_TYPE.SAPI_ENUM_FILE_ADOBE,
FileName, 0, ref NumOfFields)) != 0)
{
SAPI.Logoff(SesHandle);
SAPI.HandleRelease(SesHandle);
throw new Exception("Failed to start signature field enumeration with rc = " + rc.ToString("X"));
}
bool isFound = false;
for (int i = 0; i < NumOfFields; i++)
{
//Get Next field's handle
if ((rc = SAPI.SignatureFieldEnumCont(SesHandle, ctxField, out sf)) != 0)
{
SAPI.ContextRelease(ctxField);
SAPI.Logoff(SesHandle);
SAPI.HandleRelease(SesHandle);
throw new Exception("Failed in signature fields enumeration with rc = " + rc.ToString("X"));
}
//Retrieve Signature Field's info
SigFieldSettings sfs = new SigFieldSettings();
SigFieldInfo sfi = new SigFieldInfo();
if ((rc = SAPI.SignatureFieldInfoGet(SesHandle, sf, sfs, sfi)) != 0)
{
SAPI.HandleRelease(sf);
SAPI.ContextRelease(ctxField);
SAPI.Logoff(SesHandle);
SAPI.HandleRelease(SesHandle);
throw new Exception("Failed to retrieve signature field details with rc = " + rc.ToString("X"));
}
//Check that the field we've found is not signed. If Signed - just skip it.
if (sfi.IsSigned != 0)
{
continue;
}
if (sfs.Name == FieldName)
{
SAPI.ContextRelease(ctxField);
isFound = true;
break;
}
//Release handle of irrelevant signature field
SAPI.HandleRelease(sf);
}
if (!isFound)
{
SAPI.ContextRelease(ctxField);
SAPI.Logoff(SesHandle);
SAPI.HandleRelease(SesHandle);
throw new Exception("The file doesn't contain any signature field named: " + FieldName);
}
}
//Define the Reason
if ((rc = SAPI.ConfigurationValueSet(SesHandle, SAPI_ENUM_CONF_ID.SAPI_ENUM_CONF_ID_REASON,
SAPI_ENUM_DATA_TYPE.SAPI_ENUM_DATA_TYPE_STR, Reason, 1)) != 0)
{
SAPI.HandleRelease(sf);
SAPI.Logoff(SesHandle);
SAPI.HandleRelease(SesHandle);
throw new Exception("Failed in SAPIConfigurationValueSet with rc = " + rc.ToString("X"));
}
if (string.IsNullOrEmpty(SignPassword))
{
//Prompt-for-sign mode is disabled
rc = SAPI.SignatureFieldSign(SesHandle, sf, 0);
}
else
{
//Prompt-for-sign mode is enabled
rc = SAPI.SignatureFieldSignEx(SesHandle, sf, 0, SignPassword);
}
if (rc != 0)
{
SAPI.Logoff(SesHandle);
SAPI.HandleRelease(sf);
SAPI.HandleRelease(SesHandle);
throw new Exception("Failed to Sign signature field with rc = " + rc.ToString("X"));
}
SAPI.Logoff(SesHandle);
SAPI.HandleRelease(sf);
SAPI.HandleRelease(SesHandle);
return;
}
public static SignatureDetails ValidateXMLSignature(string SignedXML)
{
if (SignedXML == null)
{
throw new ArgumentNullException("SignedXML");
}
//Make sure the SAPI Library is loaded
SAPIInit();
SignatureDetails SigDetails = new SignatureDetails();
SigFieldSettings SigFieldSettings = new SigFieldSettings();
SigFieldInfo SignatureFieldInfo = new SigFieldInfo();
SAPICrypt SAPI = new SAPICrypt();
SigFieldHandle hField = null;
int rc;
SESHandle hSession = new SESHandle();
if ((rc = SAPI.HandleAcquire(out hSession)) != 0)
{
throw new Exception(string.Format(
"Memory allocation error (#{0})", rc.ToString("X")));
}
SAPIContext ctxValidateSignature = new SAPIContext();
int num = 0;
if ((rc = SAPI.SignatureFieldEnumInit(hSession, ctxValidateSignature, SAPI_ENUM_FILE_TYPE.SAPI_ENUM_FILE_XML, SignedXML, 0, ref num)) != 0)
{
SAPI.HandleRelease(hSession);
throw new Exception(string.Format(
"An error occured while initializing the signature validation process (#{0})", rc.ToString("X")));
}
if (num < 1)
{
throw new Exception("The XML file is not signed!");
}
if (num > 1)
{
throw new Exception("SAPI only supports a single signature per XML file!");
}
if ((rc = SAPI.SignatureFieldEnumCont(hSession, ctxValidateSignature, out hField)) != 0)
{
SAPI.ContextRelease(ctxValidateSignature);
SAPI.HandleRelease(hSession);
throw new Exception(string.Format(
"Failed to retrieve signature (#{0})", rc.ToString("X")));
}
if ((rc = SAPI.SignatureFieldInfoGet(hSession, hField, SigFieldSettings, SignatureFieldInfo)) != 0)
{
SAPI.ContextRelease(ctxValidateSignature);
SAPI.HandleRelease(hSession);
throw new Exception(string.Format(
"Failed to parse signature details (#{0})", rc.ToString("X")));
}
CertStatus not_used = new CertStatus();
SigDetails.isValid = SAPI.SignatureFieldVerify(hSession, hField, not_used, 0) == 0;
SigDetails.SignerCertificate = new X509Certificate2(
(byte[])(((SAPIByteArray)SignatureFieldInfo.Certificate).ToArray()));
SigDetails.SignerName = SignatureFieldInfo.SignerName;
//Convert FILE_TIME to ticks
ulong filetime = SignatureFieldInfo.SignatureTime.HighDateTime;
filetime <<= 32;
filetime += SignatureFieldInfo.SignatureTime.LowDateTime;
SigDetails.SignatureTimeTicks = DateTime.FromFileTimeUtc((long)filetime).Ticks;
//Cleanup memory
SAPI.ContextRelease(ctxValidateSignature);
SAPI.HandleRelease(hSession);
return(SigDetails);
}
public static void SignStream(
string Username,
string Domain,
string Password,
Stream DataToSign, //The stream to read the data to be signed from
Stream SignatureData //The stream to write the signature data to
)
{
if (string.IsNullOrEmpty(Username))
{
throw new ArgumentNullException("Username");
}
if (string.IsNullOrEmpty(Password))
{
throw new ArgumentNullException("Password");
}
if (DataToSign == null)
{
throw new ArgumentNullException("DataToSign");
}
if (SignatureData == null)
{
throw new ArgumentNullException("SignatureData");
}
//Make sure the SAPI library is loaded into the current process
SAPIInit();
//Instantiate SAPI object
SAPICrypt SAPI = new SAPICrypt();
SESHandle hSes = null;
int rc = 0;
if ((rc = SAPI.HandleAcquire(out hSes)) != 0)
{
throw new Exception(string.Format(
"Memory allocation error (#{0})", rc.ToString("X")));
}
if ((rc = SAPI.Logon(hSes, Username, Domain, Password)) != 0)
{
SAPI.HandleRelease(hSes);
throw new Exception(string.Format(
"Failed to authenticate the user(#{0})", rc.ToString("X")));
}
//Allocate new signing context
SAPIContext ctxBuffSign = new SAPIContext();
if ((rc = SAPI.BufferSignInit(hSes, ctxBuffSign, 0)) != 0)
{
SAPI.Logoff(hSes);
SAPI.HandleRelease(hSes);
throw new Exception(string.Format(
"Failed to initialize buffer signing process(#{0})", rc.ToString("X")));
}
int remaining = (int)DataToSign.Length;
//Check that the stream is not empty
if ((int)DataToSign.Length < 1)
{
SAPI.Logoff(hSes);
SAPI.HandleRelease(hSes);
throw new Exception("Cannot sign empty stream!");
}
int chunkMaxSize = 1 << 20; //1MB
//Calculate first chunk size
int chunkSize = remaining < chunkMaxSize ?
remaining : chunkMaxSize;
while (remaining > 0)
{
Array chunk = new byte[chunkSize]; //Read in chunks of 1MB
int read = DataToSign.Read((byte[])chunk, 0, chunkSize);
if (read <= 0)
{
throw new EndOfStreamException(String.Format("End of stream reached with {0} bytes left to read", remaining));
}
//Build SAPI-Compatible bytes array
SAPIByteArray tmpBuff = new SAPIByteArray();
tmpBuff.FromArray(ref chunk);
//Add read buffer to the signature calculation
if ((rc = SAPI.BufferSignCont(hSes, ctxBuffSign, tmpBuff)) != 0)
{
SAPI.ContextRelease(ctxBuffSign);
SAPI.Logoff(hSes);
SAPI.HandleRelease(hSes);
throw new Exception(string.Format(
"An error occured while calculating the digital signature (#{0})", rc.ToString("X")));
}
remaining -= read;
chunkSize = Math.Min(remaining, chunkSize);
}
SAPIByteArray signature = new SAPIByteArray();
//Get the final signature
if ((rc = SAPI.BufferSignEnd(hSes, ctxBuffSign, signature)) != 0)
{
SAPI.ContextRelease(ctxBuffSign);
SAPI.Logoff(hSes);
SAPI.HandleRelease(hSes);
throw new Exception(string.Format(
"Failed to sign the data (#{0})", rc.ToString("X")));
}
//Write signature data to the stream
byte[] tmpSig = (byte[])signature.ToArray();
SignatureData.Write(tmpSig, 0, tmpSig.Length);
//Cleanup memory
SAPI.ContextRelease(ctxBuffSign);
SAPI.Logoff(hSes);
SAPI.HandleRelease(hSes);
}
public static SignatureDetails ValidateSignature(Stream SignedData, Stream Signature)
{
if (SignedData == null)
{
throw new ArgumentNullException("SignedData");
}
if (Signature == null)
{
throw new ArgumentNullException("Signature");
}
//Make sure the SAPI Library is loaded
SAPIInit();
SignatureDetails SigDetails = new SignatureDetails();
int rc;
SAPICrypt SAPI = new SAPICrypt();
SESHandle hSession = new SESHandle();
if ((rc = SAPI.HandleAcquire(out hSession)) != 0)
{
throw new Exception(string.Format(
"Memory allocation error (#{0})", rc.ToString("X")));
}
//Extract Signer Data from the Signature stream
//Read Signature content from stream to the SAPI bytes array
Array baSignature = new byte[(int)Signature.Length];
Signature.Read((byte[])baSignature, 0, (int)Signature.Length);
SAPIByteArray sSignature = new SAPIByteArray();
sSignature.FromArray(ref baSignature);
//SAPIByteArray sSignedData = new SAPIByteArray();
//Array t1 = (Array)SignedData; sSignedData.FromArray(ref t1);
object Certificate;
// Extract the signer's certificate from signature
SAPI_ENUM_DATA_TYPE SAPIType = SAPI_ENUM_DATA_TYPE.SAPI_ENUM_DATA_TYPE_NONE;
if ((rc = SAPI.PKCS7BlobGetValue(hSession, sSignature, SAPI_ENUM_PKCS7_FIELD.SAPI_ENUM_PKCS7_FIELD_CERT, out Certificate, ref SAPIType)) != 0)
{
SAPI.HandleRelease(hSession);
throw new Exception(string.Format(
"An error occured while extracting the signer's certificate from the signature stream (#{0})", rc.ToString("X")));
}
SigDetails.SignerCertificate = new X509Certificate2((byte[])(((SAPIByteArray)Certificate).ToArray()));
SigDetails.SignerName = SigDetails.SignerCertificate.GetNameInfo(X509NameType.SimpleName, false);
SigDetails.SignerEmail = SigDetails.SignerCertificate.GetNameInfo(X509NameType.EmailName, false);
//Run the signature validation process
SAPIContext ctxValidateSignature = new SAPIContext();
if ((rc = SAPI.BufferVerifySignatureInit(hSession,
ctxValidateSignature, sSignature, 0)) != 0)
{
SAPI.HandleRelease(hSession);
throw new Exception(string.Format(
"An error occured while initializing the signature validation process (#{0})", rc.ToString("X")));
}
int remaining = (int)SignedData.Length;
int chunkMaxSize = 1 << 20; //1MB
//Calculate first chunk size
int chunkSize = remaining < chunkMaxSize ?
remaining : chunkMaxSize;
while (remaining > 0)
{
Array chunk = new byte[chunkSize]; //Read in chunks of 1MB
int read = SignedData.Read((byte[])chunk, 0, chunkSize);
if (read <= 0)
{
throw new EndOfStreamException(String.Format("End of stream reached with {0} bytes left to read", remaining));
}
//Build SAPI-Compatible byte array
SAPIByteArray tmpBuff = new SAPIByteArray();
tmpBuff.FromArray(ref chunk);
//Add read buffer to the validation calculation
if ((rc = SAPI.BufferVerifySignatureCont(hSession, ctxValidateSignature, tmpBuff)) != 0)
{
SAPI.ContextRelease(ctxValidateSignature);
SAPI.HandleRelease(hSession);
throw new Exception(string.Format(
"An error occured while validating the digital signature (#{0})", rc.ToString("X")));
}
remaining -= read;
chunkSize = Math.Min(remaining, chunkSize);
}
//Get the final validation result
SAPIFileTime signingTime = new SAPIFileTime();
rc = SAPI.BufferVerifySignatureEnd(hSession, ctxValidateSignature, signingTime, new CertStatus());
if ((uint)rc == 0x90030360) //SAPI_SIGNATURE_NOT_VALID
{
SigDetails.isValid = false;
SigDetails.SignatureTimeTicks = 0;
}
else if (rc == 0)
{
SigDetails.isValid = true;
//Convert FILE_TIME to ticks
ulong filetime = signingTime.HighDateTime;
filetime <<= 32;
filetime += signingTime.LowDateTime;
SigDetails.SignatureTimeTicks = DateTime.FromFileTimeUtc((long)filetime).Ticks;
}
else
{
SAPI.ContextRelease(ctxValidateSignature);
SAPI.HandleRelease(hSession);
throw new Exception(string.Format(
"Failed to validate Digital Signature (#{0})", rc.ToString("X")));
}
//Cleanup memory
SAPI.ContextRelease(ctxValidateSignature);
SAPI.HandleRelease(hSession);
return(SigDetails);
}
