Example #1
0
        /// <summary>
        /// Given the output data from the Open Sign applet, signed text is extracted if the login data is valid.
        /// </summary>
        /// <param name="loginData">the output data from the Open Sign applet (base64 encoded).</param>
        /// <param name="agreement">the string to match against the signed text in the login data.</param>
        /// <param name="logonto">expected value of the signature parameter <code>logonto</code> for OCESI applet responses or
        /// of the signature parameter <code>RequestIssuer</code> for OCESII applet responses. Can be set to <code>null</code>
        /// if validation should not be performed (this is not recommended)</param>.
        /// <returns>true if the signed text matches the agreement parameter</returns>
        /// <throws>AppletException in case the applet returned an error code.</throws>
        public static SignatureValidationStatus ValidateSignatureAgainstAgreement(string loginData, string agreement, string stylesheet, string challenge, string logonto)
        {
            var errorCodeChecker = new ErrorCodeChecker(loginData);

            if (errorCodeChecker.HasError())
            {
                throw new AppletException(errorCodeChecker.ExtractError());
            }
            var opensignSignature = CreateOpensignSignature(Base64Decode(loginData));

            ValidateSignatureParameters(opensignSignature, challenge, logonto);
            var encodedSignature = EncodeSignature(opensignSignature);
            var encodedAgreement = Base64Encode(agreement);

            var certificate          = opensignSignature.SigningCertificate;
            CertificateStatus status = certificate.ValidityStatus();

            if (ServiceProviderSetup.CurrentChecker.IsRevoked(certificate))
            {
                status = CertificateStatus.Revoked;
            }

            var signatureMatches = SignatureMatches(encodedSignature, encodedAgreement, stylesheet, opensignSignature);

            return(new SignatureValidationStatus(opensignSignature, status, signatureMatches));
        }
Example #2
0
        public static SignatureValidationStatus validateSignatureAgainstAgreementPDF(String loginData, String agreement, String challenge, String logonto)
        {
            var errorCodeChecker = new ErrorCodeChecker(loginData);

            if (errorCodeChecker.HasError())
            {
                throw new AppletException(errorCodeChecker.ExtractError());
            }
            var opensignSignature = CreateOpensignSignature(Base64Decode(loginData));

            ValidateChallenge(opensignSignature, challenge);

            if (logonto != null)
            {
                ValidateLogonto(opensignSignature, logonto);
            }

            String encodedSignature = Base64Encode(Encoding.ASCII.GetString(opensignSignature.SignedDocument.SignedContent));
            var    encodedAgreement = Base64Encode(agreement);

            var certificate          = opensignSignature.SigningCertificate;
            CertificateStatus status = certificate.ValidityStatus();

            if (ServiceProviderSetup.CurrentChecker.IsRevoked(certificate))
            {
                status = CertificateStatus.Revoked;
            }

            var signatureMatches = SignatureMatches(encodedSignature, encodedAgreement, null, opensignSignature);

            //@TODO HER MANGLER CHECK AF ATTACHMENTS !

            return(new SignatureValidationStatus(opensignSignature, status, signatureMatches));
        }
Example #3
0
        private static OpenlogonSignature CreateOpenlogonSignature(string loginData)
        {
            var errorCodeChecker = new ErrorCodeChecker(loginData);

            if (errorCodeChecker.HasError())
            {
                throw new AppletException(errorCodeChecker.ExtractError());
            }
            var abstractSignature =
                OpensignSignatureFactory.Instance.GenerateOpensignSignature(loginData);

            if (!(abstractSignature is OpenlogonSignature))
            {
                throw new ArgumentException("argument of type " + abstractSignature.GetType() +
                                            " is not valid output from the logon applet");
            }
            var signature = (OpenlogonSignature)abstractSignature;

            return(signature);
        }