IList <IDigitalSignature> GetDigitalSignatures(CmsSignedDataParser parser) { var certificates = parser.GetCertificates("Collection"); var signatures = new List <IDigitalSignature> (); var store = parser.GetSignerInfos(); foreach (SignerInformation signerInfo in store.GetSigners()) { var certificate = GetCertificate(certificates, signerInfo.SignerID); var signature = new SecureMimeDigitalSignature(signerInfo); Asn1EncodableVector vector = signerInfo.UnsignedAttributes.GetAll(CmsAttributes.SigningTime); foreach (Org.BouncyCastle.Asn1.Cms.Attribute attr in vector) { Time time = (Time)((DerSet)attr.AttrValues)[0]; signature.CreationDate = time.Date; break; } if (certificate != null) { signature.SignerCertificate = new SecureMimeDigitalCertificate(certificate); } // FIXME: verify the certificate chain with what we have in our local store // var chain = new X509Chain (); // chain.ChainPolicy.UrlRetrievalTimeout = OnlineCertificateRetrievalTimeout; // chain.ChainPolicy.RevocationMode = AllowOnlineCertificateRetrieval ? X509RevocationMode.Online : X509RevocationMode.Offline; // chain.ChainPolicy.RevocationFlag = X509RevocationFlag.EntireChain; // //if (AllowSelfSignedCertificates) // // chain.ChainPolicy.VerificationFlags = X509VerificationFlags.AllowUnknownCertificateAuthority; // chain.ChainPolicy.VerificationTime = DateTime.Now; // // if (!chain.Build (signerInfo.Certificate)) { // for (int i = 0; i < chain.ChainStatus.Length; i++) { // if (chain.ChainStatus[i].Status.HasFlag (X509ChainStatusFlags.Revoked)) { // signature.Errors |= DigitalSignatureError.CertificateRevoked; // signature.Status = DigitalSignatureStatus.Error; // } // // certificate.ChainStatus |= chain.ChainStatus[i].Status; // } // } signatures.Add(signature); } return(signatures); }
DigitalSignatureCollection GetDigitalSignatures(CmsSignedDataParser parser) { var certificates = parser.GetCertificates ("Collection"); var signatures = new List<IDigitalSignature> (); var crls = parser.GetCrls ("Collection"); var store = parser.GetSignerInfos (); foreach (X509Certificate certificate in certificates.GetMatches (null)) Import (certificate); foreach (X509Crl crl in crls.GetMatches (null)) Import (crl); foreach (SignerInformation signerInfo in store.GetSigners ()) { var certificate = GetCertificate (certificates, signerInfo.SignerID); var signature = new SecureMimeDigitalSignature (signerInfo); DateTime? signedDate = null; if (signerInfo.SignedAttributes != null) { Asn1EncodableVector vector = signerInfo.SignedAttributes.GetAll (CmsAttributes.SigningTime); foreach (Org.BouncyCastle.Asn1.Cms.Attribute attr in vector) { var signingTime = (DerUtcTime) ((DerSet) attr.AttrValues)[0]; signature.CreationDate = signingTime.ToAdjustedDateTime (); signedDate = signature.CreationDate; break; } } if (certificate != null) signature.SignerCertificate = new SecureMimeDigitalCertificate (certificate); var anchors = GetTrustedAnchors (); try { signature.Chain = BuildCertPath (anchors, certificates, crls, certificate, signedDate); } catch (Exception ex) { signature.ChainException = ex; } signatures.Add (signature); } return new DigitalSignatureCollection (signatures); }