public void ToStringTest() { CalendarAuthenticationRecord tag = TestUtil.GetCompositeTag <CalendarAuthenticationRecord>(Constants.CalendarAuthenticationRecord.TagType, new ITlvTag[] { TestUtil.GetCompositeTag <PublicationData>(Constants.PublicationData.TagType, new ITlvTag[] { new IntegerTag(Constants.PublicationData.PublicationTimeTagType, false, false, 1), new ImprintTag(Constants.PublicationData.PublicationHashTagType, false, false, new DataHash(HashAlgorithm.Sha2256, new byte[] { 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32 })), }), TestUtil.GetCompositeTag <SignatureData>(Constants.SignatureData.TagType, new ITlvTag[] { new StringTag(Constants.SignatureData.SignatureTypeTagType, false, false, "Test SignatureType"), new RawTag(Constants.SignatureData.SignatureValueTagType, false, false, new byte[] { 0x2 }), new RawTag(Constants.SignatureData.CertificateIdTagType, false, false, new byte[] { 0x3 }), new StringTag(Constants.SignatureData.CertificateRepositoryUriTagType, false, false, "Test CertificateRepositoryUri") }) }); CalendarAuthenticationRecord tag2 = new CalendarAuthenticationRecord(new RawTag(tag.Type, tag.NonCritical, tag.Forward, tag.EncodeValue())); Assert.AreEqual(tag.ToString(), tag2.ToString()); }
/// <see cref="VerificationRule.Verify" /> public override VerificationResult Verify(IVerificationContext context) { CalendarAuthenticationRecord calendarAuthenticationRecord = GetCalendarAuthenticationRecord(GetSignature(context)); SignatureData signatureData = calendarAuthenticationRecord.SignatureData; return(GetPublicationsFile(context).FindCertificateById(signatureData.GetCertificateId()) == null ? new VerificationResult(GetRuleName(), VerificationResultCode.Fail, VerificationError.Key01) : new VerificationResult(GetRuleName(), VerificationResultCode.Ok)); }
/// <summary> /// Get calendar authentication record from KSI signature /// </summary> /// <param name="signature">KSI signature</param> /// <returns>calendar authentication record</returns> public static CalendarAuthenticationRecord GetCalendarAuthenticationRecord(IKsiSignature signature) { CalendarAuthenticationRecord calendarAuthenticationRecord = signature.CalendarAuthenticationRecord; if (calendarAuthenticationRecord == null) { throw new KsiVerificationException("Calendar authentication record in missing from KSI signature."); } return(calendarAuthenticationRecord); }
/// <see cref="VerificationRule.Verify" /> public override VerificationResult Verify(IVerificationContext context) { IKsiSignature signature = GetSignature(context); CalendarAuthenticationRecord calendarAuthenticationRecord = signature.CalendarAuthenticationRecord; if (calendarAuthenticationRecord == null) { return(new VerificationResult(GetRuleName(), VerificationResultCode.Ok)); } CalendarHashChain calendarHashChain = GetCalendarHashChain(signature); return(calendarHashChain.PublicationTime != calendarAuthenticationRecord.PublicationData.PublicationTime ? new VerificationResult(GetRuleName(), VerificationResultCode.Fail, VerificationError.Int06) : new VerificationResult(GetRuleName(), VerificationResultCode.Ok)); }
/// <see cref="VerificationRule.Verify" /> public override VerificationResult Verify(IVerificationContext context) { IKsiSignature signature = GetSignature(context); CalendarAuthenticationRecord calendarAuthenticationRecord = GetCalendarAuthenticationRecord(signature); SignatureData signatureData = calendarAuthenticationRecord.SignatureData; byte[] certificateBytes = GetPublicationsFile(context).FindCertificateById(signatureData.GetCertificateId()); if (certificateBytes == null) { throw new KsiVerificationException("No certificate found in publications file with id: " + Base16.Encode(signatureData.GetCertificateId()) + "."); } byte[] signedBytes = calendarAuthenticationRecord.PublicationData.Encode(); try { ICryptoSignatureVerifier cryptoSignatureVerifier = CryptoSignatureVerifierFactory.GetCryptoSignatureVerifierByOid(signatureData.SignatureType); CryptoSignatureVerificationData data = new CryptoSignatureVerificationData(certificateBytes, signature.AggregationTime); cryptoSignatureVerifier.Verify(signedBytes, signatureData.GetSignatureValue(), data); } catch (PkiVerificationFailedCertNotValidException ex) { Logger.Debug(ex); return(new VerificationResult(GetRuleName(), VerificationResultCode.Fail, VerificationError.Key03)); } catch (PkiVerificationFailedException ex) { Logger.Debug("Could not verify signature.{0}Signature type: {1}{0}{2}{0}{3}", Environment.NewLine, signatureData.SignatureType, ex, ex.AdditionalInfo); return(new VerificationResult(GetRuleName(), VerificationResultCode.Fail, VerificationError.Key02)); } catch (PkiVerificationErrorException ex) { Logger.Debug("Signature verification error.{0}Signature type: {1}{0}{2}", Environment.NewLine, signatureData.SignatureType, ex); return(new VerificationResult(GetRuleName(), VerificationResultCode.Fail, VerificationError.Key02)); } return(new VerificationResult(GetRuleName(), VerificationResultCode.Ok)); }
public void TestCalendarAuthenticationRecordOk() { CalendarAuthenticationRecord calendarAuthenticationRecord = GetCalendarAuthenticationRecordFromFile(Resources.CalendarAuthenticationRecord_Ok); Assert.AreEqual(2, calendarAuthenticationRecord.Count, "Invalid amount of child TLV objects"); PublicationData publicationData = new PublicationData(1398902400, new DataHash(Base16.Decode("01C45A4D73815CBECD5493197513A6C2C9058B0B16B99A64805368A7186D528E8B")), false, true); Assert.IsTrue(calendarAuthenticationRecord.PublicationData.Equals(publicationData)); SignatureData signatureData = new SignatureData(new RawTag(0xb, false, false, Base16.Decode( "0116312E322E3834302E3131333534392E312E312E3131008002010098D9A4D14722BB2C22425AC9112FBF6A2491B7051AD0CBFD8153E669BFCC6CDF20EEC80F7FCC7236985A4F83871DD6E245470BCA323A3902035B78764DDC4C6EB42416A3A7D7E5CEF6ED6AE8FADA668413758CF7DE1E9565EDF646170286D0F43CA30491DD3407B53DEEDDCBD2620057AB6580E3D3E938AE44EABAF3282357EEBB7B2325616755A1F20B3A78DE2F636DE10F7CCD75B6C5BB80EFEBA216F9BF1A302DCB93B9D3E3E9754620E6D8EC8672C5329CBBB00A9A4617242950D68B8A55CBA77E69DECDD49DD96F69FAA6BFBB0EF48A913F5F26AFA01FB08192D62123FC644BA2978CAF147229BD5702663494983A40ED77AA5016EAABC1FE8456DC17D40304C246B139"))); Assert.IsTrue(calendarAuthenticationRecord.SignatureData.Equals(signatureData)); }