private SignaturePermissions GetSignatureInfo(AcroFields fields, string name, SignaturePermissions perms, List <SignatureInfo> signatureInfoList)
{
var si = new SignatureInfo();
PdfPKCS7 pkcs7 = fields.VerifySignature(name);
X509Certificate cert = pkcs7.SigningCertificate;
PdfDictionary sigDict = fields.GetSignatureDictionary(name);
PdfString contact = sigDict.GetAsString(PdfName.CONTACTINFO);
si.Signer = CertificateInfo.GetSubjectFields(cert).GetField("CN");
if (contact != null)
{
si.ContactInfo = contact.ToString();
}
si.SignedOn = pkcs7.SignDate;
si.Location = pkcs7.Location;
si.Issuer = cert.IssuerDN.ToString();
si.Subject = cert.SubjectDN.ToString();
si.CertValidFrom = cert.NotBefore;
si.CertValidTo = cert.NotAfter;
si.Reason = pkcs7.Reason;
si.IntegrityCheck = pkcs7.Verify();
signatureInfoList.Add(si);
perms = new SignaturePermissions(sigDict, perms);
return(perms);
}
public SignaturePermissions InspectSignature(AcroFields fields, String name, SignaturePermissions perms)
{
IList <AcroFields.FieldPosition> fps = fields.GetFieldPositions(name);
if (fps != null && fps.Count > 0)
{
AcroFields.FieldPosition fp = fps[0];
Rectangle pos = fp.position;
if (pos.Width == 0 || pos.Height == 0)
{
Console.WriteLine("Invisible signature");
}
else
{
Console.WriteLine("Field on page {0}; llx: {1}, lly: {2}, urx: {3}; ury: {4}",
fp.page, pos.Left, pos.Bottom, pos.Right, pos.Top);
}
}
PdfPKCS7 pkcs7 = VerifySignature(fields, name);
Console.WriteLine("Digest algorithm: " + pkcs7.GetHashAlgorithm());
Console.WriteLine("Encryption algorithm: " + pkcs7.GetEncryptionAlgorithm());
Console.WriteLine("Filter subtype: " + pkcs7.GetFilterSubtype());
X509Certificate cert = pkcs7.SigningCertificate;
Console.WriteLine("Name of the signer: " + CertificateInfo.GetSubjectFields(cert).GetField("CN"));
if (pkcs7.SignName != null)
{
Console.WriteLine("Alternative name of the signer: " + pkcs7.SignName);
}
Console.WriteLine("Signed on: " + pkcs7.SignDate.ToString("yyyy-MM-dd HH:mm:ss.ff"));
if (!pkcs7.TimeStampDate.Equals(DateTime.MaxValue))
{
Console.WriteLine("TimeStamp: " + pkcs7.TimeStampDate.ToString("yyyy-MM-dd HH:mm:ss.ff"));
TimeStampToken ts = pkcs7.TimeStampToken;
Console.WriteLine("TimeStamp service: " + ts.TimeStampInfo.Tsa);
Console.WriteLine("Timestamp verified? " + pkcs7.VerifyTimestampImprint());
}
Console.WriteLine("Location: " + pkcs7.Location);
Console.WriteLine("Reason: " + pkcs7.Reason);
PdfDictionary sigDict = fields.GetSignatureDictionary(name);
PdfString contact = sigDict.GetAsString(PdfName.CONTACTINFO);
if (contact != null)
{
Console.WriteLine("Contact info: " + contact);
}
perms = new SignaturePermissions(sigDict, perms);
Console.WriteLine("Signature type: " + (perms.Certification ? "certification" : "approval"));
Console.WriteLine("Filling out fields allowed: " + perms.FillInAllowed);
Console.WriteLine("Adding annotations allowed: " + perms.AnnotationsAllowed);
foreach (SignaturePermissions.FieldLock Lock in perms.FieldLocks)
{
Console.WriteLine("Lock: " + Lock);
}
return(perms);
}
public List <SignatureInfo> InspectSignatures(string path)
{
PdfReader reader = new PdfReader(path);
AcroFields fields = reader.AcroFields;
List <String> names = fields.GetSignatureNames();
SignaturePermissions perms = null;
var signatureInfoList = new List <SignatureInfo>();
foreach (String name in names)
{
perms = GetSignatureInfo(fields, name, perms, signatureInfoList);
}
return(signatureInfoList);
}
public virtual void InspectSignatures(String path)
{
PdfDocument pdfDoc = new PdfDocument(new PdfReader(path));
PdfAcroForm form = PdfAcroForm.GetAcroForm(pdfDoc, false);
SignaturePermissions perms = null;
SignatureUtil signUtil = new SignatureUtil(pdfDoc);
IList <String> names = signUtil.GetSignatureNames();
Console.WriteLine(path);
foreach (String name in names)
{
Console.Out.WriteLine("===== " + name + " =====");
perms = InspectSignature(pdfDoc, signUtil, form, name, perms);
}
}
public void InspectSignatures(String path)
{
Console.WriteLine(path);
PdfReader reader = new PdfReader(path);
AcroFields fields = reader.AcroFields;
List <String> names = fields.GetSignatureNames();
SignaturePermissions perms = null;
foreach (String name in names)
{
Console.WriteLine("===== " + name + " =====");
perms = InspectSignature(fields, name, perms);
}
Console.WriteLine();
}
public static bool validatePDF(string filename, ref MessageReport msg)
{
try
{
X509CertificateParser parser = new X509CertificateParser();
if (certificates.Count() == 0)
{
certificates.Add(parser.ReadCertificate(new FileStream(ROOT1, FileMode.Open)));
certificates.Add(parser.ReadCertificate(new FileStream(ROOT2, FileMode.Open)));
certificates.Add(parser.ReadCertificate(new FileStream(ROOT3, FileMode.Open)));
}
PdfReader pdfReader = new PdfReader(filename);
AcroFields acroFields = pdfReader.AcroFields;
List <String> signatureNames = acroFields.GetSignatureNames();
msg.signaturesCount = signatureNames.Count();
if (signatureNames.Count == 0)
{
msg.StatusText = "Δεν βρέθηκαν ψηφιακές υπογραφές στο έγγραφο!";
return(false);
}
SignaturePermissions perms = null;
MessageReport.Signature sigInfo = new MessageReport.Signature();
foreach (String name in signatureNames)
{
sigInfo = InspectSignature(acroFields, name, perms);
UpdateSignatureResults(ref sigInfo); //produce human friendly result text
msg.Signatures.Add(sigInfo);
}
msg.StatusText = String.Format("Ο έλεγχος ολοκληρώθηκε επιτυχώς. Βρέθηκαν {0} ψηφιακές υπογραφές στο έγγραφο!", msg.signaturesCount);
return(true);
}
catch
{
return(false);
}
} //end validatePDF
public static List <FileDetailsModel> InspectSignatures(String path)
{
List <FileDetailsModel> fileModelList = new List <FileDetailsModel>();
PdfDocument pdfDoc = new PdfDocument(new PdfReader(path));
PdfAcroForm form = PdfAcroForm.GetAcroForm(pdfDoc, false);
SignaturePermissions perms = null;
SignatureUtil signUtil = new SignatureUtil(pdfDoc);
IList <String> names = signUtil.GetSignatureNames();
foreach (String name in names)
{
FileDetailsModel fileModel = new FileDetailsModel();
logger.Error("===== " + name + " =====");
fileModel.Signature = name;
(perms, fileModel) = InspectSignature(fileModel, pdfDoc, signUtil, form, name, perms);
fileModelList.Add(fileModel);
}
return(fileModelList);
}
public virtual void InspectSignatures(String path)
{
Console.WriteLine("\n\n");
PdfDocument pdfDoc = new PdfDocument(new PdfReader(path));
PdfAcroForm form = PdfAcroForm.GetAcroForm(pdfDoc, false);
SignaturePermissions perms = null;
SignatureUtil signUtil = new SignatureUtil(pdfDoc);
IList <String> names = signUtil.GetSignatureNames();
Console.WriteLine(path);
foreach (String name in names)
{
Console.Out.WriteLine("===== " + name + " =====");
perms = InspectSignature(pdfDoc, signUtil, form, name, perms);
}
PdfAConformanceLevel conformanceLevel = pdfDoc.GetReader().GetPdfAConformanceLevel();
string conformance = conformanceLevel == null ? string.Empty : conformanceLevel.GetConformance();
string part = conformanceLevel == null ? string.Empty : conformanceLevel.GetPart();
Console.Out.WriteLine($"Document conformance: {conformance}/{part}");
GetMetaInfo(pdfDoc);
}
public SignaturePermissions InspectSignature(PdfDocument pdfDoc, SignatureUtil signUtil, PdfAcroForm form,
String name, SignaturePermissions perms)
{
IList <PdfWidgetAnnotation> widgets = form.GetField(name).GetWidgets();
// Check the visibility of the signature annotation
if (widgets != null && widgets.Count > 0)
{
Rectangle pos = widgets[0].GetRectangle().ToRectangle();
int pageNum = pdfDoc.GetPageNumber(widgets[0].GetPage());
if (pos.GetWidth() == 0 || pos.GetHeight() == 0)
{
Console.Out.WriteLine("Invisible signature");
}
else
{
Console.Out.WriteLine(String.Format("Field on page {0}; llx: {1}, lly: {2}, urx: {3}; ury: {4}",
pageNum, pos.GetLeft(), pos.GetBottom(), pos.GetRight(), pos.GetTop()));
}
}
/* Find out how the message digest of the PDF bytes was created,
* how these bytes and additional attributes were signed
* and how the signed bytes are stored in the PDF
*/
PdfPKCS7 pkcs7 = VerifySignature(signUtil, name);
Console.Out.WriteLine("Digest algorithm: " + pkcs7.GetHashAlgorithm());
Console.Out.WriteLine("Encryption algorithm: " + pkcs7.GetEncryptionAlgorithm());
Console.Out.WriteLine("Filter subtype: " + pkcs7.GetFilterSubtype());
// Get the signing certificate to find out the name of the signer.
X509Certificate cert = (X509Certificate)pkcs7.GetSigningCertificate();
Console.Out.WriteLine("Name of the signer: "
+ iText.Signatures.CertificateInfo.GetSubjectFields(cert).GetField("CN"));
if (pkcs7.GetSignName() != null)
{
Console.Out.WriteLine("Alternative name of the signer: " + pkcs7.GetSignName());
}
/* Get the signing time.
* Mind that the getSignDate() method is not that secure as timestamp
* because it's based only on signature author claim. I.e. this value can only be trusted
* if signature is trusted and it cannot be used for signature verification.
*/
Console.Out.WriteLine("Signed on: " + pkcs7.GetSignDate().ToUniversalTime().ToString("yyyy-MM-dd"));
/* If a timestamp was applied, retrieve information about it.
* Timestamp is a secure source of signature creation time,
* because it's based on Time Stamping Authority service.
*/
if (TimestampConstants.UNDEFINED_TIMESTAMP_DATE != pkcs7.GetTimeStampDate())
{
Console.Out.WriteLine("TimeStamp: " +
pkcs7.GetTimeStampDate().ToUniversalTime().ToString("yyyy-MM-dd"));
TimeStampToken ts = pkcs7.GetTimeStampToken();
Console.Out.WriteLine("TimeStamp service: " + ts.TimeStampInfo.Tsa);
Console.Out.WriteLine("Timestamp verified? " + pkcs7.VerifyTimestampImprint());
}
Console.Out.WriteLine("Location: " + pkcs7.GetLocation());
Console.Out.WriteLine("Reason: " + pkcs7.GetReason());
/* If you want less common entries than PdfPKCS7 object has, such as the contact info,
* you should use the signature dictionary and get the properties by name.
*/
PdfDictionary sigDict = signUtil.GetSignatureDictionary(name);
PdfString contact = sigDict.GetAsString(PdfName.ContactInfo);
if (contact != null)
{
Console.Out.WriteLine("Contact info: " + contact);
}
/* Every new signature can add more restrictions to a document, but it can’t take away previous restrictions.
* So if you want to retrieve information about signatures restrictions, you need to pass
* the SignaturePermissions instance of the previous signature, or null if there was none.
*/
perms = new SignaturePermissions(sigDict, perms);
Console.Out.WriteLine("Signature type: " + (perms.IsCertification() ? "certification" : "approval"));
Console.Out.WriteLine("Filling out fields allowed: " + perms.IsFillInAllowed());
Console.Out.WriteLine("Adding annotations allowed: " + perms.IsAnnotationsAllowed());
foreach (SignaturePermissions.FieldLock Lock in perms.GetFieldLocks())
{
Console.Out.WriteLine("Lock: " + Lock);
}
return(perms);
}
private SignedDocumentInfo CollectInfo(String documentPath)
{
SignedDocumentInfo docInfo = new SignedDocumentInfo();
PdfDocument pdfDoc = new PdfDocument(new PdfReader(documentPath));
PdfAcroForm form = PdfAcroForm.GetAcroForm(pdfDoc, false);
SignatureUtil signUtil = new SignatureUtil(pdfDoc);
IList <String> names = signUtil.GetSignatureNames();
docInfo.SetNumberOfTotalRevisions(signUtil.GetTotalRevisions());
SignaturePermissions perms = null;
IList <SignatureInfo> signInfos = new List <SignatureInfo>();
foreach (String name in names)
{
SignatureInfo sigInfo = new SignatureInfo();
sigInfo.SetSignatureName(name);
sigInfo.SetRevisionNumber(signUtil.GetRevision(name));
sigInfo.SetSignatureCoversWholeDocument(signUtil.SignatureCoversWholeDocument(name));
IList <PdfWidgetAnnotation> widgetAnnotationsList = form.GetField(name).GetWidgets();
if (widgetAnnotationsList != null && widgetAnnotationsList.Count > 0)
{
sigInfo.SetSignaturePosition(widgetAnnotationsList[0].GetRectangle().ToRectangle());
}
PdfPKCS7 pkcs7 = signUtil.ReadSignatureData(name);
sigInfo.SetDigestAlgorithm(pkcs7.GetHashAlgorithm());
sigInfo.SetEncryptionAlgorithm(pkcs7.GetEncryptionAlgorithm());
PdfName filterSubtype = pkcs7.GetFilterSubtype();
if (filterSubtype != null)
{
sigInfo.SetFilterSubtype(filterSubtype.ToString());
}
X509Certificate signCert = pkcs7.GetSigningCertificate();
sigInfo.SetSignerName(iText.Signatures.CertificateInfo.GetSubjectFields(signCert).GetField("CN"));
sigInfo.SetAlternativeSignerName(pkcs7.GetSignName());
sigInfo.SetSignDate(pkcs7.GetSignDate().ToUniversalTime());
if (TimestampConstants.UNDEFINED_TIMESTAMP_DATE != pkcs7.GetTimeStampDate())
{
sigInfo.SetTimeStamp(pkcs7.GetTimeStampDate().ToUniversalTime());
TimeStampToken ts = pkcs7.GetTimeStampToken();
sigInfo.SetTimeStampService(ts.TimeStampInfo.Tsa.ToString());
}
sigInfo.SetLocation(pkcs7.GetLocation());
sigInfo.SetReason(pkcs7.GetReason());
PdfDictionary sigDict = signUtil.GetSignatureDictionary(name);
PdfString contactInfo = sigDict.GetAsString(PdfName.ContactInfo);
if (contactInfo != null)
{
sigInfo.SetContactInfo(contactInfo.ToString());
}
perms = new SignaturePermissions(sigDict, perms);
sigInfo.SetIsCertifiaction(perms.IsCertification());
sigInfo.SetIsFieldsFillAllowed(perms.IsFillInAllowed());
sigInfo.SetIsAddingAnnotationsAllowed(perms.IsAnnotationsAllowed());
IList <String> fieldLocks = new List <String>();
foreach (SignaturePermissions.FieldLock Lock in perms.GetFieldLocks())
{
fieldLocks.Add(Lock.ToString());
}
sigInfo.SetFieldsLocks(fieldLocks);
X509Certificate[] certs = pkcs7.GetSignCertificateChain();
IList <CertificateInfo> certInfos = new List <CertificateInfo>();
for (int i = 0; i < certs.Length; i++)
{
X509Certificate cert = (X509Certificate)certs[i];
CertificateInfo certInfo = new CertificateInfo();
certInfo.SetIssuer(cert.IssuerDN);
certInfo.SetSubject(cert.SubjectDN);
certInfo.SetValidFrom(cert.NotBefore);
certInfo.SetValidTo(cert.NotAfter);
certInfos.Add(certInfo);
}
sigInfo.SetCertificateInfos(certInfos);
signInfos.Add(sigInfo);
}
docInfo.SetSignatureInfos(signInfos);
return(docInfo);
}
public static (SignaturePermissions, FileDetailsModel) InspectSignature(FileDetailsModel model, PdfDocument pdfDoc, SignatureUtil signUtil, PdfAcroForm form,
String name, SignaturePermissions perms)
{
IList <PdfWidgetAnnotation> widgets = form.GetField(name).GetWidgets();
PdfPKCS7 pkcs7 = null;
(pkcs7, model) = VerifySignature(model, signUtil, name);
logger.Error("Digest algorithm: " + pkcs7.GetHashAlgorithm());
logger.Error("Encryption algorithm: " + pkcs7.GetEncryptionAlgorithm());
logger.Error("Filter subtype: " + pkcs7.GetFilterSubtype());
X509Certificate cert = (X509Certificate)pkcs7.GetSigningCertificate();
logger.Error("Name of the signer: "
+ iText.Signatures.CertificateInfo.GetSubjectFields(cert).GetField("CN"));
model.SignerName = iText.Signatures.CertificateInfo.GetSubjectFields(cert).GetField("CN");
if (pkcs7.GetSignName() != null)
{
logger.Error("Alternative name of the signer: " + pkcs7.GetSignName());
}
logger.Error("Signed on: " + pkcs7.GetSignDate().ToUniversalTime().ToString("yyyy-MM-dd"));
model.SignatureDate = pkcs7.GetSignDate().ToUniversalTime().ToString("yyyy-MM-dd");
logger.Error("Location: " + pkcs7.GetLocation());
logger.Error("Reason: " + pkcs7.GetReason());
PdfDictionary sigDict = signUtil.GetSignatureDictionary(name);
PdfString contact = sigDict.GetAsString(PdfName.ContactInfo);
if (contact != null)
{
logger.Error("Contact info: " + contact);
}
return(perms, model);
}
private static MessageReport.Signature InspectSignature(AcroFields fields, String name, SignaturePermissions perms)
{
MessageReport.Signature sigInfo = new MessageReport.Signature();
IList <AcroFields.FieldPosition> fps = fields.GetFieldPositions(name);
if (fps != null && fps.Count > 0)
{
AcroFields.FieldPosition fp = fps[0];
Rectangle pos = fp.position;
if (pos.Width == 0 || pos.Height == 0)
{
sigInfo.visible = false;
}
else
{
sigInfo.visible = true;
}
}
PdfPKCS7 pkcs7 = VerifySignature(fields, name, ref sigInfo);
sigInfo.digestAlgorithm = pkcs7.GetHashAlgorithm();
sigInfo.encryptionAlgorithm = pkcs7.GetEncryptionAlgorithm();
sigInfo.isRevocationValid = pkcs7.IsRevocationValid();
X509Certificate cert = pkcs7.SigningCertificate;
sigInfo.signerName = CertificateInfo.GetSubjectFields(cert).GetField("CN");
if (pkcs7.SignName != null)
{
sigInfo.signerName = pkcs7.SignName;
}
sigInfo.signDate = pkcs7.SignDate.ToString("yyyy-MM-dd HH:mm:ss.ff");
if (!pkcs7.TimeStampDate.Equals(DateTime.MaxValue))
{
sigInfo.isTimestampped = true;
sigInfo.timestampDate = pkcs7.TimeStampDate.ToString("yyyy-MM-dd HH:mm:ss.ff");
TimeStampToken ts = pkcs7.TimeStampToken;
sigInfo.timestampName = ts.TimeStampInfo.Tsa.ToString();
}
sigInfo.signLocation = pkcs7.Location;
sigInfo.signReason = pkcs7.Reason;
PdfDictionary sigDict = fields.GetSignatureDictionary(name);
PdfString contact = sigDict.GetAsString(PdfName.CONTACTINFO);
if (contact != null)
{
Console.WriteLine("Contact info: " + contact);
}
perms = new SignaturePermissions(sigDict, perms);
sigInfo.signatureType = (perms.Certification ? "certification" : "approval");
return(sigInfo);
}
