Ejemplo n.º 1
0
 public TimestampVerificationResult(TimestampToken token)
 {
     if (token != null && token.GetTimeStamp() != null)
     {
         var signers = token.GetTimeStamp().ToCmsSignedData().GetSignerInfos().GetSigners().GetEnumerator();
         signers.MoveNext();
         signatureAlgorithm = ((SignerInformation)signers.Current).EncryptionAlgOid;
         serialNumber       = token.GetTimeStamp().TimeStampInfo.SerialNumber.ToString();
         creationTime       = token.GetTimeStamp().TimeStampInfo.GenTime;
         issuerName         = token.GetSignerSubjectName().ToString();
     }
 }
Ejemplo n.º 2
0
        /// <summary>
        /// Validate the timestamp
        /// </summary>
        public virtual void ValidateTimestamp(TimestampToken timestamp, ICertificateSource optionalSource, ICrlSource optionalCRLSource, IOcspSource optionalOCPSSource, IList <CertificateAndContext> usedCerts)
        {
            if (timestamp is null)
            {
                throw new ArgumentNullException(nameof(timestamp));
            }

            AddNotYetVerifiedToken(timestamp);
            Validate(
                timestamp.GetTimeStamp().TimeStampInfo.GenTime,
                new CompositeCertificateSource(timestamp.GetWrappedCertificateSource(), optionalSource),
                optionalCRLSource,
                optionalOCPSSource,
                usedCerts);
        }
Ejemplo n.º 3
0
 private void CheckTimeStampCertPath(TimestampToken t, TimestampVerificationResult result, IValidationContext ctx, IAdvancedSignature signature)
 {
     try
     {
         result.CertPathUpToTrustedList.SetStatus(ResultStatus.INVALID, "$UI_Signatures_ValidationText_CannotReachTSL");
         ctx.ValidateTimestamp(t, signature.CertificateSource, signature.CRLSource, signature.OCSPSource, result.UsedCerts);
         var tsSignerSubjectName = t.GetSignerSubjectName();
         foreach (CertificateAndContext c in ctx.NeededCertificates)
         {
             if (c.Certificate.SubjectDN.Equals(tsSignerSubjectName))
             {
                 if (ctx.GetParentFromTrustedList(c) != null)
                 {
                     result.CertPathUpToTrustedList.SetStatus(ResultStatus.VALID, null);
                     break;
                 }
             }
         }
     }
     catch (IOException)
     {
         result.CertPathUpToTrustedList.SetStatus(ResultStatus.UNDETERMINED, "$UI_Signatures_ValidationText_ExceptionWhileVerifying");
     }
 }
Ejemplo n.º 4
0
        protected internal virtual SignatureLevelX VerifyLevelX(IAdvancedSignature signature, DateTime referenceTime, IValidationContext ctx)
        {
            if (signature is null)
            {
                throw new ArgumentNullException(nameof(signature));
            }

            try
            {
                SignatureValidationResult levelReached = new SignatureValidationResult();
                levelReached.SetStatus(ResultStatus.VALID, null);
                TimestampVerificationResult[] x1Results   = null;
                TimestampVerificationResult[] x2Results   = null;
                IList <TimestampToken>        timestampX1 = signature.TimestampsX1;
                if (timestampX1 != null && timestampX1.Any())
                {
                    byte[] data = signature.TimestampX1Data;
                    x1Results = new TimestampVerificationResult[timestampX1.Count];
                    for (int i = 0; i < timestampX1.Count; i++)
                    {
                        TimestampToken t = timestampX1[i];
                        x1Results[i] = new TimestampVerificationResult(t);
                        if (!t.MatchData(data))
                        {
                            levelReached.SetStatus(ResultStatus.INVALID, "$UI_Signatures_ValidationText_TimestampDontSignData");
                            x1Results[i].SetSameDigest(new SignatureValidationResult(ResultStatus.INVALID, "$UI_Signatures_ValidationText_TimestampDontSignData"));
                        }
                        else
                        {
                            x1Results[i].SetSameDigest(new SignatureValidationResult(ResultStatus.VALID, null));
                        }
                        CheckTimeStampCertPath(t, x1Results[i], ctx, signature);
                    }
                }
                IList <TimestampToken> timestampX2 = signature.TimestampsX2;
                if (timestampX2 != null && timestampX2.Any())
                {
                    byte[] data = signature.TimestampX2Data;
                    x2Results = new TimestampVerificationResult[timestampX2.Count];
                    int i = 0;
                    foreach (TimestampToken t in timestampX2)
                    {
                        x2Results[i] = new TimestampVerificationResult(t);
                        if (!t.MatchData(data))
                        {
                            levelReached.SetStatus(ResultStatus.INVALID, "$UI_Signatures_ValidationText_TimestampDontSignData");
                            x2Results[i].SetSameDigest(new SignatureValidationResult(ResultStatus.INVALID, "$UI_Signatures_ValidationText_TimestampDontSignData"));
                        }
                        else
                        {
                            x2Results[i].SetSameDigest(new SignatureValidationResult(ResultStatus.VALID, null));
                        }
                        CheckTimeStampCertPath(t, x2Results[i], ctx, signature);
                    }
                }
                if ((timestampX1 == null || !timestampX1.Any()) && (timestampX2 == null || !timestampX2.Any()))
                {
                    levelReached.SetStatus(ResultStatus.INVALID, "$UI_Signatures_ValidationText_NoTimestamp");
                }
                return(new SignatureLevelX(signature, levelReached, x1Results, x2Results));
            }
            catch (Exception)
            {
                return(new SignatureLevelX(signature, new SignatureValidationResult(ResultStatus.INVALID, "$UI_Signatures_ValidationText_ExceptionWhileVerifying")));
            }
        }