Ejemplo n.º 1
0
        protected internal virtual SignatureLevelBES VerifyLevelBES(IAdvancedSignature signature, DateTime referenceTime, IValidationContext ctx, Document externalContent)
        {
            if (signature is null)
            {
                throw new ArgumentNullException(nameof(signature));
            }

            try
            {
                SignatureValidationResult signingCertRefVerification = new SignatureValidationResult();
                if (signature.SigningCertificate != null)
                {
                    signingCertRefVerification.SetStatus(ResultStatus.VALID, null);
                }
                else
                {
                    signingCertRefVerification.SetStatus(ResultStatus.INVALID, "$UI_Signatures_ValidationText_NoSigningCeritificate");
                }
                SignatureVerification[]   counterSigsVerif = VerifyCounterSignatures(signature, ctx, externalContent);
                SignatureValidationResult levelReached     = new SignatureValidationResult(signingCertRefVerification.IsValid);

                return(new SignatureLevelBES(levelReached, signature, signingCertRefVerification, counterSigsVerif, null));
            }
            catch (Exception)
            {
                return(new SignatureLevelBES(new SignatureValidationResult(ResultStatus.INVALID, "$UI_Signatures_ValidationText_ExceptionWhileVerifying"), null, new SignatureValidationResult(ResultStatus.INVALID, "$UI_Signatures_ValidationText_ExceptionWhileVerifying"), null, null));
            }
        }
Ejemplo n.º 2
0
 public QCStatementInformation(SignatureValidationResult qCPPresent, SignatureValidationResult qCPPlusPresent, SignatureValidationResult qcCompliancePresent, SignatureValidationResult qcSCCDPresent)
 {
     this.qCPPresent          = qCPPresent;
     this.qCPPlusPresent      = qCPPlusPresent;
     this.qcCompliancePresent = qcCompliancePresent;
     this.qcSCCDPresent       = qcSCCDPresent;
 }
Ejemplo n.º 3
0
 public QualificationsVerification(SignatureValidationResult qCWithSSCD, SignatureValidationResult qCNoSSCD, SignatureValidationResult qCSSCDStatusAsInCert, SignatureValidationResult qCForLegalPerson)
 {
     this.qCWithSSCD           = qCWithSSCD;
     this.qCNoSSCD             = qCNoSSCD;
     this.qCSSCDStatusAsInCert = qCSSCDStatusAsInCert;
     this.qCForLegalPerson     = qCForLegalPerson;
 }
Ejemplo n.º 4
0
 public SignatureLevelEPES(IAdvancedSignature signature, SignatureValidationResult levelReached) : base
         (levelReached)
 {
     if (signature != null)
     {
         signaturePolicy = signature.PolicyId;
     }
 }
Ejemplo n.º 5
0
 protected internal virtual SignatureLevelXL VerifyLevelXL(IAdvancedSignature signature, DateTime referenceTime, IValidationContext ctx, ICAdESLogger logger)
 {
     try
     {
         SignatureValidationResult levelReached = new SignatureValidationResult();
         SignatureValidationResult everyNeededCertAreInSignature = new SignatureValidationResult();
         everyNeededCertAreInSignature.SetStatus(ResultStatus.VALID, null);
         SignatureValidationResult everyNeededRevocationData = new SignatureValidationResult();
         everyNeededRevocationData.SetStatus(ResultStatus.VALID, null);
         IList <X509Certificate> refs = signature.Certificates;
         if (!refs.Any())
         {
             logger.Info("There is no certificate refs in the signature");
             everyNeededCertAreInSignature.SetStatus(ResultStatus.INVALID, "$UI_Signatures_ValidationText_NoCertificateValue");
         }
         else
         {
             if (!EveryCertificateValueAreThere(ctx, refs, signature.SigningCertificate, logger))
             {
                 everyNeededCertAreInSignature.SetStatus(ResultStatus.INVALID, "$UI_Signatures_ValidationText_NoAllNeededCertificateValues");
             }
         }
         logger.Info("Every certificate found " + everyNeededCertAreInSignature);
         int valueCount = 0;
         IList <BasicOcspResp> ocspValues = signature.OCSPs;
         if (ocspValues != null)
         {
             valueCount += ocspValues.Count;
             if (!EveryOCSPValueOrRefAreThere(ctx, ocspValues, logger))
             {
                 everyNeededRevocationData.SetStatus(ResultStatus.INVALID, "$UI_Signatures_ValidationText_NoAllNeededOCSPValues");
             }
         }
         IList <X509Crl> crlValues = signature.CRLs;
         if (crlValues != null)
         {
             valueCount += crlValues.Count;
             if (!EveryCRLValueOrRefAreThere(ctx, crlValues, logger))
             {
                 everyNeededRevocationData.SetStatus(ResultStatus.INVALID, "$UI_Signatures_ValidationText_NoAllNeededCRLValues");
             }
         }
         if (valueCount == 0)
         {
             everyNeededRevocationData.SetStatus(ResultStatus.INVALID, "$UI_Signatures_ValidationText_NoRevocationDataValue");
         }
         levelReached.SetStatus((everyNeededCertAreInSignature.Status == ResultStatus.VALID && everyNeededRevocationData.Status == ResultStatus.VALID) ?
                                ResultStatus.VALID : ResultStatus.INVALID, null);
         return(new SignatureLevelXL(levelReached, everyNeededCertAreInSignature, everyNeededRevocationData));
     }
     catch (Exception)
     {
         return(new SignatureLevelXL(new SignatureValidationResult(ResultStatus.INVALID, "$UI_Signatures_ValidationText_ExceptionWhileVerifying"), new SignatureValidationResult(ResultStatus.INVALID, "$UI_Signatures_ValidationText_ExceptionWhileVerifying"), new SignatureValidationResult(ResultStatus.INVALID, "$UI_Signatures_ValidationText_ExceptionWhileVerifying")));
     }
 }
Ejemplo n.º 6
0
 protected internal virtual SignatureLevelEPES VerifyLevelEPES(IAdvancedSignature signature, DateTime referenceTime, IValidationContext ctx)
 {
     try
     {
         PolicyValue policyValue = signature.PolicyId;
         SignatureValidationResult levelReached = new SignatureValidationResult(policyValue != null);
         return(new SignatureLevelEPES(signature, levelReached));
     }
     catch (Exception)
     {
         return(new SignatureLevelEPES(signature, new SignatureValidationResult(ResultStatus.INVALID, "$UI_Signatures_ValidationText_ExceptionWhileVerifying")));
     }
 }
Ejemplo n.º 7
0
 protected internal virtual QCStatementInformation VerifyQStatement(X509Certificate certificate)
 {
     if (certificate != null)
     {
         SignatureValidationResult qCPPresent          = new SignatureValidationResult(qcp.Check(new CertificateAndContext(certificate)));
         SignatureValidationResult qCPPlusPresent      = new SignatureValidationResult(qcpplus.Check(new CertificateAndContext(certificate)));
         SignatureValidationResult qcCompliancePresent = new SignatureValidationResult(qccompliance.Check(new CertificateAndContext(certificate)));
         SignatureValidationResult qcSCCDPresent       = new SignatureValidationResult(qcsscd.Check(new CertificateAndContext(certificate)));
         return(new QCStatementInformation(qCPPresent, qCPPlusPresent, qcCompliancePresent, qcSCCDPresent));
     }
     else
     {
         return(new QCStatementInformation(null, null, null, null));
     }
 }
Ejemplo n.º 8
0
        public SignatureLevelX(IAdvancedSignature signature, SignatureValidationResult levelReached, List <TimestampVerificationResult> signatureAndRefsTimestampsVerification, List <TimestampVerificationResult> referencesTimestampsVerification) : base(levelReached)
        {
            if (signatureAndRefsTimestampsVerification is null)
            {
                throw new System.ArgumentNullException(nameof(signatureAndRefsTimestampsVerification));
            }

            if (referencesTimestampsVerification is null)
            {
                throw new System.ArgumentNullException(nameof(referencesTimestampsVerification));
            }

            this.signatureAndRefsTimestampsVerification = signatureAndRefsTimestampsVerification.ToArray();
            this.referencesTimestampsVerification       = referencesTimestampsVerification.ToArray();
        }
Ejemplo n.º 9
0
        protected internal virtual QualificationsVerification VerifyQualificationsElement(IAdvancedSignature signature, DateTime referenceTime, IValidationContext ctx)
        {
            SignatureValidationResult qCWithSSCD           = new SignatureValidationResult();
            SignatureValidationResult qCNoSSCD             = new SignatureValidationResult();
            SignatureValidationResult qCSSCDStatusAsInCert = new SignatureValidationResult();
            SignatureValidationResult qCForLegalPerson     = new SignatureValidationResult();
            IList <string>            qualifiers           = ctx.GetQualificationStatement();

            if (qualifiers != null)
            {
                qCWithSSCD           = new SignatureValidationResult(qualifiers.Contains(SVC_INFO + "QCWithSSCD"));
                qCNoSSCD             = new SignatureValidationResult(qualifiers.Contains(SVC_INFO + "QCNoSSCD"));
                qCSSCDStatusAsInCert = new SignatureValidationResult(qualifiers.Contains(SVC_INFO + "QCSSCDStatusAsInCert"));
                qCForLegalPerson     = new SignatureValidationResult(qualifiers.Contains(SVC_INFO + "QCForLegalPerson"));
            }
            return(new QualificationsVerification(qCWithSSCD, qCNoSSCD, qCSSCDStatusAsInCert,
                                                  qCForLegalPerson));
        }
Ejemplo n.º 10
0
        protected internal virtual SignatureVerification[] VerifyCounterSignatures(IAdvancedSignature signature, IValidationContext ctx, Document externalContent)
        {
            IList <IAdvancedSignature> counterSignatures = signature.CounterSignatures;

            if (counterSignatures == null)
            {
                return(null);
            }
            List <SignatureVerification> counterSigVerifs = new List <SignatureVerification>();

            foreach (IAdvancedSignature counterSig in counterSignatures)
            {
                var    counterSigSignatureValidationResult = new SignatureValidationResult(counterSig.CheckIntegrity(externalContent));
                string counterSigAlg = counterSig.SignatureAlgorithm;
                counterSigVerifs.Add(new SignatureVerification(counterSigSignatureValidationResult, counterSigAlg));
            }
            return(counterSigVerifs.ToArray());
        }
Ejemplo n.º 11
0
 public SignatureLevelBES(
     SignatureValidationResult levelReached,
     IAdvancedSignature signature,
     SignatureValidationResult signingCertificateVerification,
     SignatureVerification[] counterSignatureVerification,
     IList <TimestampVerificationResult> timestampsVerification) : base(levelReached)
 {
     signingCertRefVerification    = signingCertificateVerification;
     counterSignaturesVerification = counterSignatureVerification;
     this.timestampsVerification   = timestampsVerification;
     if (signature != null)
     {
         certificates       = signature.Certificates;
         signingCertificate = signature.SigningCertificate;
         signingTime        = signature.SigningTime.Value;
         location           = signature.Location;
         claimedSignerRole  = signature.ClaimedSignerRoles;
         contentType        = signature.ContentType;
     }
 }
Ejemplo n.º 12
0
 public CertPathRevocationAnalysis(IValidationContext ctx, TrustedListInformation info)
 {
     summary = new SignatureValidationResult();
     trustedListInformation = info;
     if (ctx != null && ctx.NeededCertificates != null)
     {
         foreach (CertificateAndContext cert in ctx.NeededCertificates)
         {
             CertificateVerification verif = new CertificateVerification(cert, ctx);
             certificatePathVerification.Add(verif);
         }
     }
     summary.SetStatus(ResultStatus.VALID, null);
     if (certificatePathVerification != null)
     {
         foreach (CertificateVerification verif in certificatePathVerification)
         {
             if (verif.Summary.IsInvalid)
             {
                 summary.SetStatus(ResultStatus.INVALID, verif.Summary.Description ?? "$UI_Signatures_ValidationText_CertificateIsNotValid");
                 break;
             }
             if (verif.Summary.IsUndetermined)
             {
                 summary.SetStatus(ResultStatus.UNDETERMINED, verif.Summary.Description ?? "$UI_Signatures_ValidationText_NoRevocationData");
             }
         }
     }
     if (trustedListInformation != null)
     {
         if (!trustedListInformation.IsServiceWasFound)
         {
             summary.SetStatus(ResultStatus.INVALID, "$UI_Signatures_ValidationText_NoTrustedListServiceWasFound");
         }
     }
     else
     {
         summary.SetStatus(ResultStatus.INVALID, "$UI_Signatures_ValidationText_NoTrustedListServiceWasFound");
     }
 }
Ejemplo n.º 13
0
 protected internal virtual SignatureLevelA VerifyLevelA(IAdvancedSignature signature, DateTime referenceTime, IValidationContext ctx, ICAdESLogger logger, Document externalContent)
 {
     try
     {
         SignatureValidationResult           levelReached = new SignatureValidationResult();
         IList <TimestampVerificationResult> verifs       = null;
         try
         {
             IList <TimestampToken> timestamps = signature.ArchiveTimestamps;
             verifs = VerifyTimestamps(signature, referenceTime, ctx, timestamps, signature.GetArchiveTimestampData(0, externalContent));
         }
         catch (IOException e)
         {
             logger.Error("Error verifyind level A " + e.Message);
             levelReached.SetStatus(ResultStatus.UNDETERMINED, "$UI_Signatures_ValidationText_ExceptionWhileVerifying");
         }
         return(new SignatureLevelA(ResultForTimestamps(verifs, levelReached), verifs));
     }
     catch (Exception)
     {
         return(new SignatureLevelA(new SignatureValidationResult(ResultStatus.INVALID, "$UI_Signatures_ValidationText_ExceptionWhileVerifying"), null));
     }
 }
Ejemplo n.º 14
0
 public SignatureLevelX(IAdvancedSignature signature, SignatureValidationResult levelReached, TimestampVerificationResult
                        [] signatureAndRefsTimestampsVerification, TimestampVerificationResult[] referencesTimestampsVerification) : base(levelReached)
 {
     this.signatureAndRefsTimestampsVerification = signatureAndRefsTimestampsVerification;
     this.referencesTimestampsVerification       = referencesTimestampsVerification;
 }
Ejemplo n.º 15
0
        protected internal virtual SignatureLevelX VerifyLevelX(IAdvancedSignature signature, DateTime referenceTime, IValidationContext ctx)
        {
            if (signature is null)
            {
                throw new ArgumentNullException(nameof(signature));
            }

            try
            {
                SignatureValidationResult levelReached = new SignatureValidationResult();
                levelReached.SetStatus(ResultStatus.VALID, null);
                TimestampVerificationResult[] x1Results   = null;
                TimestampVerificationResult[] x2Results   = null;
                IList <TimestampToken>        timestampX1 = signature.TimestampsX1;
                if (timestampX1 != null && timestampX1.Any())
                {
                    byte[] data = signature.TimestampX1Data;
                    x1Results = new TimestampVerificationResult[timestampX1.Count];
                    for (int i = 0; i < timestampX1.Count; i++)
                    {
                        TimestampToken t = timestampX1[i];
                        x1Results[i] = new TimestampVerificationResult(t);
                        if (!t.MatchData(data))
                        {
                            levelReached.SetStatus(ResultStatus.INVALID, "$UI_Signatures_ValidationText_TimestampDontSignData");
                            x1Results[i].SetSameDigest(new SignatureValidationResult(ResultStatus.INVALID, "$UI_Signatures_ValidationText_TimestampDontSignData"));
                        }
                        else
                        {
                            x1Results[i].SetSameDigest(new SignatureValidationResult(ResultStatus.VALID, null));
                        }
                        CheckTimeStampCertPath(t, x1Results[i], ctx, signature);
                    }
                }
                IList <TimestampToken> timestampX2 = signature.TimestampsX2;
                if (timestampX2 != null && timestampX2.Any())
                {
                    byte[] data = signature.TimestampX2Data;
                    x2Results = new TimestampVerificationResult[timestampX2.Count];
                    int i = 0;
                    foreach (TimestampToken t in timestampX2)
                    {
                        x2Results[i] = new TimestampVerificationResult(t);
                        if (!t.MatchData(data))
                        {
                            levelReached.SetStatus(ResultStatus.INVALID, "$UI_Signatures_ValidationText_TimestampDontSignData");
                            x2Results[i].SetSameDigest(new SignatureValidationResult(ResultStatus.INVALID, "$UI_Signatures_ValidationText_TimestampDontSignData"));
                        }
                        else
                        {
                            x2Results[i].SetSameDigest(new SignatureValidationResult(ResultStatus.VALID, null));
                        }
                        CheckTimeStampCertPath(t, x2Results[i], ctx, signature);
                    }
                }
                if ((timestampX1 == null || !timestampX1.Any()) && (timestampX2 == null || !timestampX2.Any()))
                {
                    levelReached.SetStatus(ResultStatus.INVALID, "$UI_Signatures_ValidationText_NoTimestamp");
                }
                return(new SignatureLevelX(signature, levelReached, x1Results, x2Results));
            }
            catch (Exception)
            {
                return(new SignatureLevelX(signature, new SignatureValidationResult(ResultStatus.INVALID, "$UI_Signatures_ValidationText_ExceptionWhileVerifying")));
            }
        }
Ejemplo n.º 16
0
 /// <param name="qcSCCDPresent"></param>
 public virtual void SetQcSCCDPresent(SignatureValidationResult qcSCCDPresent)
 {
     this.qcSCCDPresent = qcSCCDPresent;
 }
Ejemplo n.º 17
0
 /// <param name="qCPPlusPresent"></param>
 public virtual void SetQCPPlusPresent(SignatureValidationResult qCPPlusPresent)
 {
     this.qCPPlusPresent = qCPPlusPresent;
 }
Ejemplo n.º 18
0
 /// <param>
 /// the sameDigest to set
 /// </param>
 public virtual void SetSameDigest(SignatureValidationResult sameDigest)
 {
     this.sameDigest = sameDigest;
 }
Ejemplo n.º 19
0
 public SignatureLevelA(SignatureValidationResult levelReached, IList <TimestampVerificationResult> archiveTimestampsVerification) : base(levelReached)
 {
     this.archiveTimestampsVerification = archiveTimestampsVerification;
 }
Ejemplo n.º 20
0
 /// <param>
 /// the summary to set
 /// </param>
 public virtual void SetSummary(SignatureValidationResult summary)
 {
     this.summary = summary;
 }
Ejemplo n.º 21
0
 public SignatureVerification(SignatureValidationResult signatureVerificationResult, string signatureAlgorithm)
 {
     SignatureVerificationResult = signatureVerificationResult;
     SignatureAlgorithm          = signatureAlgorithm;
 }
Ejemplo n.º 22
0
 public SignatureLevelC(SignatureValidationResult levelReached, SignatureValidationResult certificateRefsVerification, SignatureValidationResult
                        revocationRefsVerification) : base(levelReached)
 {
     this.certificateRefsVerification = certificateRefsVerification;
     this.revocationRefsVerification  = revocationRefsVerification;
 }
Ejemplo n.º 23
0
 public SignatureLevelX(IAdvancedSignature signature, SignatureValidationResult levelReached) : base(levelReached)
 {
 }
Ejemplo n.º 24
0
 /// <param name="qcCompliancePresent"></param>
 public virtual void SetQcCompliancePresent(SignatureValidationResult qcCompliancePresent)
 {
     this.qcCompliancePresent = qcCompliancePresent;
 }
Ejemplo n.º 25
0
 private SignatureValidationResult ResultForTimestamps(IList <TimestampVerificationResult> signatureTimestampsVerification, SignatureValidationResult levelReached)
 {
     if (signatureTimestampsVerification == null || !signatureTimestampsVerification.Any())
     {
         levelReached.SetStatus(ResultStatus.INVALID, "$UI_Signatures_ValidationText_NoTimestamp");
     }
     else
     {
         levelReached.SetStatus(ResultStatus.VALID, null);
         foreach (TimestampVerificationResult result in signatureTimestampsVerification)
         {
             if (result.SameDigest.IsUndetermined)
             {
                 levelReached.SetStatus(ResultStatus.UNDETERMINED, "$UI_Signatures_ValidationText_OneTimestampDigestUndetermined");
             }
             else
             {
                 if (result.SameDigest.IsInvalid)
                 {
                     levelReached.SetStatus(ResultStatus.INVALID, "$UI_Signatures_ValidationText_TimestampDontSignData");
                     break;
                 }
             }
         }
     }
     return(levelReached);
 }
Ejemplo n.º 26
0
        protected internal virtual SignatureLevelC VerifyLevelC(IAdvancedSignature signature, DateTime referenceTime, IValidationContext ctx, bool rehashValues, ICAdESLogger logger)
        {
            if (signature is null)
            {
                throw new ArgumentNullException(nameof(signature));
            }

            try
            {
                IList <CertificateRef>    refs = signature.CertificateRefs;
                SignatureValidationResult everyNeededCertAreInSignature = new SignatureValidationResult();
                if (refs == null || !refs.Any())
                {
                    everyNeededCertAreInSignature.SetStatus(ResultStatus.INVALID, "$UI_Signatures_ValidationText_NoCertificateRef");
                }
                else
                {
                    if (EveryCertificateRefAreThere(ctx, refs, signature.SigningCertificate, logger))
                    {
                        everyNeededCertAreInSignature.SetStatus(ResultStatus.VALID, null);
                    }
                    else
                    {
                        everyNeededCertAreInSignature.SetStatus(ResultStatus.INVALID, "$UI_Signatures_ValidationText_NoAllNeededcertificateRef");
                    }
                }
                logger.Info("Every CertificateRef found " + everyNeededCertAreInSignature);
                IList <OCSPRef>           ocspRefs = signature.OCSPRefs;
                IList <CRLRef>            crlRefs  = signature.CRLRefs;
                int                       refCount = 0;
                SignatureValidationResult everyNeededRevocationData = new SignatureValidationResult(ResultStatus.VALID, null);
                refCount += ocspRefs.Count;
                refCount += crlRefs.Count;
                SignatureValidationResult thereIsRevocationData = null;
                SignatureValidationResult levelCReached         = null;
                if (rehashValues)
                {
                    if (!EveryOCSPValueOrRefAreThere(ctx, ocspRefs, logger))
                    {
                        everyNeededRevocationData.SetStatus(ResultStatus.INVALID, "$UI_Signatures_ValidationText_NoAllNeededOCSPRef");
                    }
                    if (!EveryCRLValueOrRefAreThere(ctx, crlRefs, logger))
                    {
                        everyNeededRevocationData.SetStatus(ResultStatus.INVALID, "$UI_Signatures_ValidationText_NoAllNeededCRLRef");
                    }
                    levelCReached = new SignatureValidationResult(
                        everyNeededCertAreInSignature.Status == ResultStatus.VALID && everyNeededRevocationData.Status == ResultStatus.VALID);
                    return(new SignatureLevelC(levelCReached, everyNeededCertAreInSignature, everyNeededRevocationData));
                }
                else
                {
                    thereIsRevocationData = new SignatureValidationResult();
                    if (refCount == 0)
                    {
                        thereIsRevocationData.SetStatus(ResultStatus.INVALID, "$UI_Signatures_ValidationText_NoRevocationDataRefs");
                    }
                    else
                    {
                        thereIsRevocationData.SetStatus(ResultStatus.VALID, "$UI_Signatures_ValidationText_AtLeastOneRef");
                    }
                    levelCReached = new SignatureValidationResult(everyNeededCertAreInSignature.Status == ResultStatus.VALID && thereIsRevocationData.Status == ResultStatus.VALID);
                    return(new SignatureLevelC(levelCReached, everyNeededCertAreInSignature, thereIsRevocationData));
                }
            }
            catch (Exception)
            {
                return(new SignatureLevelC(
                           new SignatureValidationResult(ResultStatus.INVALID, "$UI_Signatures_ValidationText_ExceptionWhileVerifying"),
                           new SignatureValidationResult(ResultStatus.INVALID, "$UI_Signatures_ValidationText_ExceptionWhileVerifying"),
                           new SignatureValidationResult(ResultStatus.INVALID, "$UI_Signatures_ValidationText_ExceptionWhileVerifying")
                           ));
            }
        }
Ejemplo n.º 27
0
 public SignatureLevel(SignatureValidationResult levelReached)
 {
     this.levelReached = levelReached;
 }
Ejemplo n.º 28
0
 /// <param>
 /// the certPathVerification to set
 /// </param>
 public virtual void SetCertPathVerification(SignatureValidationResult certPathVerification)
 {
     this.certPathVerification = certPathVerification;
 }
Ejemplo n.º 29
0
 public SignatureLevelT(SignatureValidationResult levelReached, IList <TimestampVerificationResult> signatureTimestampsVerification) : base(levelReached)
 {
     this.signatureTimestampsVerification = signatureTimestampsVerification;
 }