/// <param name="ocspResp"></param>
/// <returns></returns>
public virtual bool Match(BasicOcspResp ocspResp)
{
try
{
IDigest digest = DigestUtilities.GetDigest(algorithm);
byte[] oscpBytes;
if (matchOnlyBasicOCSPResponse)
{
oscpBytes = ocspResp.GetEncoded();
}
else
{
oscpBytes = OCSPUtils.FromBasicToResp(ocspResp).GetEncoded();
}
digest.BlockUpdate(oscpBytes, 0, oscpBytes.Length);
byte[] computedValue = DigestUtilities.DoFinal(digest);
LOG.Info("Compare " + Hex.ToHexString(digestValue) + " to computed value " +
Hex.ToHexString(computedValue) + " of BasicOcspResp produced at " + ocspResp
.ProducedAt);
return(Arrays.Equals(digestValue, computedValue));
}
catch (NoSuchAlgorithmException ex)
{
throw new RuntimeException("Maybe BouncyCastle provider is not installed ?", ex);
}
catch (IOException ex)
{
throw new RuntimeException(ex);
}
}
public virtual bool Match(BasicOcspResp ocspResp)
{
IDigest digest = DigestUtilities.GetDigest(algorithm);
byte[] oscpBytes;
if (matchOnlyBasicOCSPResponse)
{
oscpBytes = ocspResp.GetEncoded();
}
else
{
oscpBytes = OCSPUtils.FromBasicToResp(ocspResp).GetEncoded();
}
digest.BlockUpdate(oscpBytes, 0, oscpBytes.Length);
byte[] computedValue = DigestUtilities.DoFinal(digest);
logger.Info("Compare " + Hex.ToHexString(digestValue) + " to computed value " +
Hex.ToHexString(computedValue) + " of BasicOcspResp produced at " + ocspResp
.ProducedAt);
return(digestValue.SequenceEqual(computedValue));
}
protected internal override void ExtendSignatureTag(XadesSignedXml xadesSignedXml)
{
base.ExtendSignatureTag(xadesSignedXml);
X509Certificate signingCertificate = DotNetUtilities.FromX509Certificate(
xadesSignedXml.GetSigningCertificate());
DateTime signingTime = xadesSignedXml.XadesObject.QualifyingProperties
.SignedProperties.SignedSignatureProperties.SigningTime;
ValidationContext ctx = certificateVerifier.ValidateCertificate(signingCertificate
, signingTime, new XAdESCertificateSource(xadesSignedXml.GetXml(), false), null, null);
UnsignedProperties unsignedProperties = null;
//int certificateValuesCounter;
CertificateValues certificateValues;
EncapsulatedX509Certificate encapsulatedX509Certificate;
RevocationValues revocationValues;
CRLValue newCRLValue;
OCSPValue newOCSPValue;
unsignedProperties = xadesSignedXml.UnsignedProperties;
//TODO jbonilla Validate certificate refs.
{
unsignedProperties.UnsignedSignatureProperties.CertificateValues = new CertificateValues();
certificateValues = unsignedProperties.UnsignedSignatureProperties.CertificateValues;
//certificateValues.Id = this.certificateValuesIdTextBox.Text;
//certificateValuesCounter = 0;
foreach (CertificateAndContext certificate in ctx.GetNeededCertificates())
{
encapsulatedX509Certificate = new EncapsulatedX509Certificate();
//encapsulatedX509Certificate.Id = this.certificateValuesIdTextBox.Text + certificateValuesCounter.ToString();
encapsulatedX509Certificate.PkiData = certificate.GetCertificate().GetEncoded();
//certificateValuesCounter++;
certificateValues.EncapsulatedX509CertificateCollection.Add(encapsulatedX509Certificate);
}
}
unsignedProperties = xadesSignedXml.UnsignedProperties;
unsignedProperties.UnsignedSignatureProperties.RevocationValues = new RevocationValues();
revocationValues = unsignedProperties.UnsignedSignatureProperties.RevocationValues;
//revocationValues.Id = this.revocationValuesIdTextBox.Text;
if (ctx.GetNeededOCSPResp().Count > 0)
{
foreach (BasicOcspResp ocsp in ctx.GetNeededOCSPResp())
{
newOCSPValue = new OCSPValue();
newOCSPValue.PkiData = OCSPUtils.FromBasicToResp(ocsp).GetEncoded();
revocationValues.OCSPValues.OCSPValueCollection.Add(newOCSPValue);
}
}
if (ctx.GetNeededCRL().Count > 0)
{
foreach (X509Crl crl in ctx.GetNeededCRL())
{
newCRLValue = new CRLValue();
newCRLValue.PkiData = crl.GetEncoded();
revocationValues.CRLValues.CRLValueCollection.Add(newCRLValue);
}
}
xadesSignedXml.UnsignedProperties = unsignedProperties;
}
