IList <IDigitalSignature> GetDigitalSignatures(CmsSignedDataParser parser)
{
var certificates = parser.GetCertificates("Collection");
var signatures = new List <IDigitalSignature> ();
var store = parser.GetSignerInfos();
foreach (SignerInformation signerInfo in store.GetSigners())
{
var certificate = GetCertificate(certificates, signerInfo.SignerID);
var signature = new SecureMimeDigitalSignature(signerInfo);
Asn1EncodableVector vector = signerInfo.UnsignedAttributes.GetAll(CmsAttributes.SigningTime);
foreach (Org.BouncyCastle.Asn1.Cms.Attribute attr in vector)
{
Time time = (Time)((DerSet)attr.AttrValues)[0];
signature.CreationDate = time.Date;
break;
}
if (certificate != null)
{
signature.SignerCertificate = new SecureMimeDigitalCertificate(certificate);
}
// FIXME: verify the certificate chain with what we have in our local store
// var chain = new X509Chain ();
// chain.ChainPolicy.UrlRetrievalTimeout = OnlineCertificateRetrievalTimeout;
// chain.ChainPolicy.RevocationMode = AllowOnlineCertificateRetrieval ? X509RevocationMode.Online : X509RevocationMode.Offline;
// chain.ChainPolicy.RevocationFlag = X509RevocationFlag.EntireChain;
// //if (AllowSelfSignedCertificates)
// // chain.ChainPolicy.VerificationFlags = X509VerificationFlags.AllowUnknownCertificateAuthority;
// chain.ChainPolicy.VerificationTime = DateTime.Now;
//
// if (!chain.Build (signerInfo.Certificate)) {
// for (int i = 0; i < chain.ChainStatus.Length; i++) {
// if (chain.ChainStatus[i].Status.HasFlag (X509ChainStatusFlags.Revoked)) {
// signature.Errors |= DigitalSignatureError.CertificateRevoked;
// signature.Status = DigitalSignatureStatus.Error;
// }
//
// certificate.ChainStatus |= chain.ChainStatus[i].Status;
// }
// }
signatures.Add(signature);
}
return(signatures);
}
DigitalSignatureCollection GetDigitalSignatures(CmsSignedDataParser parser)
{
var certificates = parser.GetCertificates ("Collection");
var signatures = new List<IDigitalSignature> ();
var crls = parser.GetCrls ("Collection");
var store = parser.GetSignerInfos ();
foreach (X509Certificate certificate in certificates.GetMatches (null))
Import (certificate);
foreach (X509Crl crl in crls.GetMatches (null))
Import (crl);
foreach (SignerInformation signerInfo in store.GetSigners ()) {
var certificate = GetCertificate (certificates, signerInfo.SignerID);
var signature = new SecureMimeDigitalSignature (signerInfo);
DateTime? signedDate = null;
if (signerInfo.SignedAttributes != null) {
Asn1EncodableVector vector = signerInfo.SignedAttributes.GetAll (CmsAttributes.SigningTime);
foreach (Org.BouncyCastle.Asn1.Cms.Attribute attr in vector) {
var signingTime = (DerUtcTime) ((DerSet) attr.AttrValues)[0];
signature.CreationDate = signingTime.ToAdjustedDateTime ();
signedDate = signature.CreationDate;
break;
}
}
if (certificate != null)
signature.SignerCertificate = new SecureMimeDigitalCertificate (certificate);
var anchors = GetTrustedAnchors ();
try {
signature.Chain = BuildCertPath (anchors, certificates, crls, certificate, signedDate);
} catch (Exception ex) {
signature.ChainException = ex;
}
signatures.Add (signature);
}
return new DigitalSignatureCollection (signatures);
}