/// <summary>
/// Will return the resources for the provided digital signature.
/// </summary>
/// <param name="signature">The signature to get resources for.</param>
/// <returns>The signature resources.</returns>
internal static SignatureResources GetResources(DigitalSignature signature, CertificatePriorityStatus certStatus)
{
const int defaultHeight = 35;
const int defaultWidth = 35;
SignatureResources resources = new SignatureResources();
string none = SR.Get(SRID.SignatureResourceHelperNone);
resources._displayImage = GetImageFromStatus(
defaultHeight, defaultWidth, signature.SignatureState, certStatus);
resources._location =
string.IsNullOrEmpty(signature.Location) ? none : signature.Location;
resources._reason =
string.IsNullOrEmpty(signature.Reason) ? none : signature.Reason;
resources._signBy = GetFormattedDate(signature.SignedOn);
resources._subjectName = signature.SubjectName;
resources._summaryMessage = GetSummaryMessage(signature, certStatus);
Trace.SafeWrite(
Trace.Rights,
"Resources generated for {0} summary: {1}",
resources._subjectName,
resources._summaryMessage);
return(resources);
}
/// <summary>
/// Gets the CertificateStatus for a specific certificate.
/// </summary>
private static CertificatePriorityStatus GetCertificateStatus(X509Certificate2 certificate)
{
//Default status is the most severe error: Corrupted
CertificatePriorityStatus certificatePriorityStatus = CertificatePriorityStatus.Corrupted;
X509ChainStatusFlags x509ChainStatusFlags;
// Use the static VerifyCertificate method on XpsDigitalSignature
// to verify the certificate
x509ChainStatusFlags = XpsDigitalSignature.VerifyCertificate(certificate);
//Strip out all known flags (minus Cyclic and NotSignatureValid). What is left are any unknown flags
//and flags that convert to Corrupted.
X509ChainStatusFlags x509RemainingFlags = (x509ChainStatusFlags ^ _x509NonCorruptedFlags) &
~(_x509NonCorruptedFlags);
//x509ChainStatusFlags is a flag we want to convert to a CertificatePriorityStatus.
//First we need to make sure there are no unknown flags. If there is an unknown
//flag we assume that it is the worst possible error and leave CertificateStatus
//set to Corrupted. Leaving out Cyclic and NotSignatureValid since they also convert
//to Corrupted.
if (x509RemainingFlags == X509ChainStatusFlags.NoError)
{
//The following flags convert to CannotBeVerified
if ((x509ChainStatusFlags & _x509CannotBeVerifiedFlags) != X509ChainStatusFlags.NoError)
{
certificatePriorityStatus = CertificatePriorityStatus.CannotBeVerified;
}
//The following flags convert to IssuerNotTrusted
else if ((x509ChainStatusFlags & _x509IssuerNotTrustedFlags) != X509ChainStatusFlags.NoError)
{
certificatePriorityStatus = CertificatePriorityStatus.IssuerNotTrusted;
}
//The following flags convert to Revoked
else if ((x509ChainStatusFlags & _x509RevokedFlags) != X509ChainStatusFlags.NoError)
{
certificatePriorityStatus = CertificatePriorityStatus.Revoked;
}
//The following flags convert to Expired
else if ((x509ChainStatusFlags & _x509ExpiredFlags) != X509ChainStatusFlags.NoError)
{
certificatePriorityStatus = CertificatePriorityStatus.Expired;
}
//The following flags are all considered Igorable
else
{
certificatePriorityStatus = CertificatePriorityStatus.Ok;
}
}
return(certificatePriorityStatus);
}
/// <summary>
/// Acquire the UI message associated with the certificate status
/// </summary>
/// <param name="certStatus">The status to represent</param>
/// <returns>The string associated with the status, otherwise String.Empty.</returns>
private static string GetCertificateSummaryMessage(CertificatePriorityStatus certStatus)
{
string message = String.Empty;
switch (certStatus)
{
case CertificatePriorityStatus.Ok:
message = SR.Get(SRID.SignatureResourceHelperCertificateStatusOk);
break;
case CertificatePriorityStatus.Corrupted:
message = SR.Get(SRID.SignatureResourceHelperCertificateStatusCorrupted);
break;
case CertificatePriorityStatus.CannotBeVerified:
message = SR.Get(SRID.SignatureResourceHelperCertificateStatusCannotBeVerified);
break;
case CertificatePriorityStatus.IssuerNotTrusted:
message = SR.Get(SRID.SignatureResourceHelperCertificateStatusIssuerNotTrusted);
break;
case CertificatePriorityStatus.Revoked:
message = SR.Get(SRID.SignatureResourceHelperCertificateStatusRevoked);
break;
case CertificatePriorityStatus.Expired:
message = SR.Get(SRID.SignatureResourceHelperCertificateStatusExpired);
break;
case CertificatePriorityStatus.NoCertificate:
message = SR.Get(SRID.SignatureResourceHelperCertificateStatusNoCertificate);
break;
case CertificatePriorityStatus.Verifying:
message = SR.Get(SRID.SignatureResourceHelperCertificateStatusVerifying);
break;
}
return(message);
}
/// <summary>
/// Acquire the UI message associated with the signature status
/// </summary>
/// <param name="sigStatus">The signature status to represent</param>
/// <param name="certStatus">The certificate status for the signature</param>
/// <returns>The string associated with the status, otherwise String.Empty.</returns>
private static string GetSignatureSummaryMessage(SignatureStatus sigStatus, CertificatePriorityStatus certStatus)
{
string message = String.Empty;
if (sigStatus == SignatureStatus.Valid)
{
message = (certStatus == CertificatePriorityStatus.Ok) ?
SR.Get(SRID.SignatureResourceHelperSignatureStatusValid) : // Cert valid
SR.Get(SRID.SignatureResourceHelperSignatureStatusValidCertInvalid); // Cert invalid
}
else if (sigStatus == SignatureStatus.Unverifiable)
{
message = SR.Get(SRID.SignatureResourceHelperSignatureStatusUnverifiable);
}
else
{
message = SR.Get(SRID.SignatureResourceHelperSignatureStatusInvalid);
}
return(message);
}
/// <summary>
/// Get the Image icon for the status.
/// </summary>
/// <param name="sigStatus">Requested signature status</param>
/// <param name="certStatus">Requested certificate status</param>
/// <returns>A Image on success (valid status, DrawingBrush found), null
/// otherwise.</returns>
internal static Drawing.Image GetImageFromStatus(
int height,
int width,
SignatureStatus sigStatus,
CertificatePriorityStatus certStatus)
{
// TODO: #1239315 - Mongoose: Restore Dynamic Rendering of Icons from DrawingBrush
// If the signature is okay, but the certificate cannot be trusted then display
// invalid signature image.
if ((sigStatus == SignatureStatus.Valid) && (certStatus != CertificatePriorityStatus.Ok))
{
sigStatus = SignatureStatus.Invalid;
}
string resourceName = string.Format(
CultureInfo.InvariantCulture,
@"{0}_{1}x{2}",
sigStatus.ToString(),
height,
width);
return((Drawing.Image)Resources.ResourceManager.GetObject(resourceName));
}
/// <summary>
/// Builds the summary message.
/// </summary>
/// <param name="signature">A DigitalSignature</param>
/// <returns>A summary message.</returns>
private static string GetSummaryMessage(DigitalSignature signature, CertificatePriorityStatus certStatus)
{
if (signature == null)
{
return(string.Empty);
}
// Setup the location text. If not currently set, replace with the
// string "<none>" to denote that no value was set.
string location = (String.IsNullOrEmpty(signature.Location)) ?
SR.Get(SRID.SignatureResourceHelperNone) : signature.Location;
string result = String.Empty;
switch (signature.SignatureState)
{
case SignatureStatus.Valid:
case SignatureStatus.Invalid:
case SignatureStatus.Unverifiable:
// Verify that if the signature is valid, it has a certificate
Invariant.Assert(
!(signature.SignatureState == SignatureStatus.Valid && signature.Certificate == null),
SR.Get(SRID.SignatureResourceHelperMissingCertificate));
// Create the signature status message
string sigSummary = string.Format(CultureInfo.CurrentCulture,
SR.Get(SRID.SignatureResourceHelperSummaryBreakLine),
GetSignatureSummaryMessage(signature.SignatureState, certStatus));
// Create the certificate status message (if required)
string certSummary = String.Empty;
if (certStatus != CertificatePriorityStatus.Ok)
{
certSummary = string.Format(CultureInfo.CurrentCulture,
SR.Get(SRID.SignatureResourceHelperSummaryBreakLine),
GetCertificateSummaryMessage(certStatus));
}
// Create the summary message using the signature and certificate messages
// along with details from the current signature.
result = string.Format(CultureInfo.CurrentCulture,
SR.Get(SRID.SignatureResourceHelperSummaryFormat),
sigSummary,
certSummary,
signature.SubjectName,
signature.SignedOn,
location);
break;
case SignatureStatus.NotSigned:
// Create the summary message using signature information
result = string.Format(CultureInfo.CurrentCulture,
SR.Get(SRID.SignatureResourceHelperValidSigSummaryPending),
signature.SubjectName,
GetFormattedDate(signature.SignedOn),
location);
break;
}
return(result);
}
