public ValidationResult Validate(SignatureDocument sigDocument)
{
/* Los elementos que se validan son:
*
* 1. Las huellas de las referencias de la firma.
* 2. Se comprueba la huella del elemento SignedInfo y se verifica la firma con la clave pública del certificado.
* 3. Si la firma contiene un sello de tiempo se comprueba que la huella de la firma coincide con la del sello de tiempo.
*
* La validación de perfiles -C, -X, -XL y -A esta fuera del ámbito de este proyecto.
*/
ValidationResult result = new ValidationResult();
try
{
// Verifica las huellas de las referencias y la firma
sigDocument.XadesSignature.CheckXmldsigSignature();
}
catch
{
result.IsValid = false;
result.Message = "Signature verification is unsuccessful!";
return(result);
}
if (sigDocument.XadesSignature.UnsignedProperties.UnsignedSignatureProperties.SignatureTimeStampCollection.Count > 0)
{
// Se comprueba el sello de tiempo
TimeStamp timeStamp = sigDocument.XadesSignature.UnsignedProperties.UnsignedSignatureProperties.SignatureTimeStampCollection[0];
TimeStampToken token = new TimeStampToken(new CmsSignedData(timeStamp.EncapsulatedTimeStamp.PkiData));
byte[] tsHashValue = token.TimeStampInfo.GetMessageImprintDigest();
Crypto.DigestMethod tsDigestMethod = Crypto.DigestMethod.GetByOid(token.TimeStampInfo.HashAlgorithm.Algorithm.Id);
ArrayList signatureValueElementXpaths = new ArrayList
{
"ds:SignatureValue"
};
byte[] signatureValueHash = DigestUtil.ComputeHashValue(XMLUtil.ComputeValueOfElementList(sigDocument.XadesSignature, signatureValueElementXpaths), tsDigestMethod);
if (!Arrays.AreEqual(tsHashValue, signatureValueHash))
{
result.IsValid = false;
result.Message = "La huella del sello de tiempo no se corresponde con la calculada";
return(result);
}
}
result.IsValid = true;
result.Message = "Verificación de la firma satisfactoria";
return(result);
}
/// <summary>
/// The elements that are validated are:
/// 1.The traces of the references of the signature.
/// 2.The trace of the SignedInfo element is verified and the signature is verified with the public key of the ///certificate.
/// 3. If the signature contains a time stamp it is verified that the imprint of the signature coincides with that of the time stamp.
/// The validation of profiles -C, -X, -XL and -A is outside the scope of this project.
/// </summary>
/// <param name="sigDocument"></param>
/// <returns></returns>
public ValidationResult Validate(SignatureDocument sigDocument)
{
ValidationResult result = new ValidationResult();
try
{
// Check the traces of references and signature
sigDocument.XadesSignature.CheckXmldsigSignature();
}
catch
{
result.IsValid = false;
result.Message = "Signature verification is unsuccessful!";
return(result);
}
if (sigDocument.XadesSignature.UnsignedProperties.UnsignedSignatureProperties.SignatureTimeStampCollection.Count > 0)
{
// Check time stamp
TimeStamp timeStamp = sigDocument.XadesSignature.UnsignedProperties.UnsignedSignatureProperties.SignatureTimeStampCollection[0];
TimeStampToken token = new TimeStampToken(new CmsSignedData(timeStamp.EncapsulatedTimeStamp.PkiData));
byte[] tsHashValue = token.TimeStampInfo.GetMessageImprintDigest();
Crypto.DigestMethod tsDigestMethod = Crypto.DigestMethod.GetByOid(token.TimeStampInfo.HashAlgorithm.Algorithm.Id);
ArrayList signatureValueElementXpaths = new ArrayList
{
"ds:SignatureValue"
};
byte[] signatureValueHash = DigestUtil.ComputeHashValue(XMLUtil.ComputeValueOfElementList(sigDocument.XadesSignature, signatureValueElementXpaths), tsDigestMethod);
if (!Arrays.AreEqual(tsHashValue, signatureValueHash))
{
result.IsValid = false;
result.Message = "The imprint of the time stamp does not correspond with the calculated";
return(result);
}
}
result.IsValid = true;
result.Message = "Signature validated successfully";
return(result);
}
public ValidationResult Validate(SignatureDocument sigDocument)
{
/* Los elementos que se validan son:
*
* 1. Las huellas de las referencias de la firma.
* 2. Se comprueba la huella del elemento SignedInfo y se verifica la firma con la clave pública del certificado.
* 3. Si la firma contiene un sello de tiempo se comprueba que la huella de la firma coincide con la del sello de tiempo.
*
* La validación de perfiles -C, -X, -XL y -A esta fuera del ámbito de este proyecto.
*/
ValidationResult result = new ValidationResult();
try
{
// Verifica las huellas de las referencias y la firma
sigDocument.XadesSignature.CheckXmldsigSignature();
}
catch (Exception ex)
{
result.IsValid = false;
result.Message = "La verificación de la firma no ha sido satisfactoria";
return(result);
}
if (sigDocument.XadesSignature.UnsignedProperties.UnsignedSignatureProperties.SignatureTimeStampCollection.Count > 0)
{
// Se comprueba el sello de tiempo
TimeStamp timeStamp = sigDocument.XadesSignature.UnsignedProperties.UnsignedSignatureProperties.SignatureTimeStampCollection[0];
TimeStampToken token = new TimeStampToken(new CmsSignedData(timeStamp.EncapsulatedTimeStamp.PkiData));
byte[] tsHashValue = token.TimeStampInfo.GetMessageImprintDigest();
//TODO: Verificare
// Crypto.DigestMethod tsDigestMethod = Crypto.DigestMethod.GetByOid(token.TimeStampInfo.HashAlgorithm.ObjectID.Id);
Crypto.DigestMethod tsDigestMethod = Crypto.DigestMethod.GetByOid(token.TimeStampInfo.HashAlgorithm.Algorithm.Id);
System.Security.Cryptography.Xml.Transform transform = null;
if (timeStamp.CanonicalizationMethod != null)
{
transform = CryptoConfig.CreateFromName(timeStamp.CanonicalizationMethod.Algorithm) as System.Security.Cryptography.Xml.Transform;
}
else
{
transform = new XmlDsigC14NTransform();
}
ArrayList signatureValueElementXpaths = new ArrayList();
signatureValueElementXpaths.Add("ds:SignatureValue");
byte[] signatureValueHash = DigestUtil.ComputeHashValue(XMLUtil.ComputeValueOfElementList(sigDocument.XadesSignature, signatureValueElementXpaths, transform), tsDigestMethod);
if (!Arrays.AreEqual(tsHashValue, signatureValueHash))
{
result.IsValid = false;
result.Message = "La huella del sello de tiempo no se corresponde con la calculada";
return(result);
}
}
result.IsValid = true;
result.Message = "Verificación de la firma satisfactoria";
return(result);
}
