Example #1
0
        IDataUnsealer CreateFromTimemarkAuthority(Level level, ITimemarkProvider timemarkauthority, EHealthP12[] p12s, WebKey[] ownWebKeys)
        {
            X509Certificate2Collection encCerts;
            X509Certificate2Collection allCerts;

            Extract(p12s, out encCerts, out allCerts);
            return(CreateFromTimemarkAuthority(level, timemarkauthority, encCerts, allCerts, ownWebKeys));
        }
Example #2
0
        internal TripleUnwrapper(Level? level, ITimemarkProvider timemarkauthority, X509Certificate2Collection encCerts)
        {
            if (level == Level.L_Level || level == Level.A_level ) throw new ArgumentException("level", "Only null or levels B, T, LT and LTA are allowed");

            this.level = level;
            this.timemarkauthority = timemarkauthority;
            //Wrap it inside a IX509Store to (incorrectly) returns an windows x509Certificate2
            encCertStore = encCerts == null || encCerts.Count == 0 ? null : new WinX509CollectionStore(encCerts);
        }
Example #3
0
        IDataVerifier CreateFromTimemarkAuthority(Level level, ITimemarkProvider timemarkAuthority)
        {
            if ((level & Level.T_Level) != Level.T_Level)
            {
                throw new ArgumentException("This method should for a level that requires time marking");
            }

            return(new TripleUnwrapper(
#if !NETFRAMEWORK
                       _loggerFactory,
#endif
                       level, timemarkAuthority, null, null, null));
        }
Example #4
0
        IDataUnsealer CreateFromTimemarkAuthority(Level level, ITimemarkProvider timemarkauthority, X509Certificate2Collection encCerts, X509Certificate2Collection authCertChains, params WebKey[] ownWebKeys)
        {
            if ((level & Level.T_Level) != Level.T_Level)
            {
                throw new ArgumentException("This method should for a level that requires time marking");
            }
            if (timemarkauthority == null)
            {
                throw new ArgumentNullException("time-mark authority", "This method requires an time-mark authority specified");
            }

            return(new TripleUnwrapper(
#if !NETFRAMEWORK
                       _loggerFactory,
#endif
                       level, timemarkauthority, encCerts, ToStore(authCertChains), ownWebKeys));
        }
Example #5
0
 IDataUnsealer CreateFromTimemarkAuthority(Level level, ITimemarkProvider timemarkauthority, params EHealthP12[] p12s)
 {
     return(CreateFromTimemarkAuthority(level, timemarkauthority, p12s, null));
 }
Example #6
0
 public SignatureSecurityInformation Verify(Stream sealedData, DateTime date, out TimemarkKey timemarkKey)
 {
     ITimemarkProvider provider = this.timemarkauthority;
     try
     {
         trace.TraceEvent(TraceEventType.Information, 0, "Presetting the time-mark to: {0}", date);
         this.timemarkauthority = new FixedTimemarkProvider(date);
         return Verify(sealedData, out timemarkKey);
     }
     finally
     {
         this.timemarkauthority = provider;
     }
 }
Example #7
0
 public static IDataUnsealer CreateFromTimemarkAuthority(Level level, ITimemarkProvider timemarkauthority, params EHealthP12[] p12s)
 {
     return CreateFromTimemarkAuthority(level, timemarkauthority, p12s.ToCollection());
 }
Example #8
0
        /// <summary>
        /// Creates an instance of the <see cref="IDataUnsealer"/> interface to unseal messages that where obtained from a time-mark authority.
        /// </summary>
        /// <remarks>
        /// <para>
        /// Can be used to unseal messages of LT-Level and TLA-Level that where obtained from a time-mark authority.  This time-mark authority can
        /// be centrals stores like ehBox but can also be internal stores that are considered secure and don't allow messages to be altered in any way.
        /// </para>
        /// <para>
        /// The provided decryption certificates aren't checked and should include expired certificates
        /// in order to unseal historical messages.  It may even include revoked certificates, this that
        /// doesn't mean the message that is sealed with it is invalid, just that it isn't confidential any more.
        /// </para>
        /// <para>
        /// In case the message does contain a time-stamp, it will be used and the time-mark authority will be ignored.
        /// </para>
        /// </remarks>
        /// <param name="encCerts">Own (eHealth issued) certificates with private key that can be used to decrypt, they must have an <strong>exportable</strong> private key</param>
        /// <param name="level">The required level of the sender signatures, either T-Level, LT-Level or LTA-Level</param>
        /// <param name="timemarkauthority">The client of the time-mark authority</param>
        /// <returns>Instance of the IDataUnsealer for messages of the specified a time-mark authority</returns>
        public static IDataUnsealer CreateFromTimemarkAuthority(Level level, ITimemarkProvider timemarkauthority, X509Certificate2Collection encCerts)
        {
            if ((level & Level.T_Level) != Level.T_Level) throw new ArgumentException("This method should for a level that requires time marking");
            if (timemarkauthority == null) throw new ArgumentNullException("time-mark authority", "This method requires an time-mark authority specified");

            return new TripleUnwrapper(level, timemarkauthority, encCerts);
        }
Example #9
0
        /// <summary>
        /// Creates an instance of the <see cref="ITmaDataVerifier"/> interface to verify messages retrieved from a time-mark authority.
        /// </summary>
        /// <remarks>
        /// For usage with messages that come from a time-mark authority (e.g. ehBox).  In case the message contains an embedded time-stamp,
        /// it takes precedence and the time mark authority isn't used.
        /// </remarks>
        /// <param name="level">The level to which a message must conform to: T, LT or LTA level</param>
        /// <param name="timemarkAuthority">The client of the time-mark authority used to retrieve the time-mark during verification</param>
        /// <returns>The completer of the required level that will verify the message with the provided time-mark authority</returns>
        public static IDataVerifier CreateFromTimemarkAuthority(Level level, ITimemarkProvider timemarkAuthority)
        {
            if ((level & Level.T_Level) != Level.T_Level) throw new ArgumentException("This method should for a level that requires time marking");

            return new TripleUnwrapper(level, timemarkAuthority, new X509Certificate2Collection());
        }