/// <param name="ocspResp"></param> /// <returns></returns> public virtual bool Match(BasicOcspResp ocspResp) { try { IDigest digest = DigestUtilities.GetDigest(algorithm); byte[] oscpBytes; if (matchOnlyBasicOCSPResponse) { oscpBytes = ocspResp.GetEncoded(); } else { oscpBytes = OCSPUtils.FromBasicToResp(ocspResp).GetEncoded(); } digest.BlockUpdate(oscpBytes, 0, oscpBytes.Length); byte[] computedValue = DigestUtilities.DoFinal(digest); LOG.Info("Compare " + Hex.ToHexString(digestValue) + " to computed value " + Hex.ToHexString(computedValue) + " of BasicOcspResp produced at " + ocspResp .ProducedAt); return(Arrays.Equals(digestValue, computedValue)); } catch (NoSuchAlgorithmException ex) { throw new RuntimeException("Maybe BouncyCastle provider is not installed ?", ex); } catch (IOException ex) { throw new RuntimeException(ex); } }
public virtual bool Match(BasicOcspResp ocspResp) { IDigest digest = DigestUtilities.GetDigest(algorithm); byte[] oscpBytes; if (matchOnlyBasicOCSPResponse) { oscpBytes = ocspResp.GetEncoded(); } else { oscpBytes = OCSPUtils.FromBasicToResp(ocspResp).GetEncoded(); } digest.BlockUpdate(oscpBytes, 0, oscpBytes.Length); byte[] computedValue = DigestUtilities.DoFinal(digest); logger.Info("Compare " + Hex.ToHexString(digestValue) + " to computed value " + Hex.ToHexString(computedValue) + " of BasicOcspResp produced at " + ocspResp .ProducedAt); return(digestValue.SequenceEqual(computedValue)); }
protected internal override void ExtendSignatureTag(XadesSignedXml xadesSignedXml) { base.ExtendSignatureTag(xadesSignedXml); X509Certificate signingCertificate = DotNetUtilities.FromX509Certificate( xadesSignedXml.GetSigningCertificate()); DateTime signingTime = xadesSignedXml.XadesObject.QualifyingProperties .SignedProperties.SignedSignatureProperties.SigningTime; ValidationContext ctx = certificateVerifier.ValidateCertificate(signingCertificate , signingTime, new XAdESCertificateSource(xadesSignedXml.GetXml(), false), null, null); UnsignedProperties unsignedProperties = null; //int certificateValuesCounter; CertificateValues certificateValues; EncapsulatedX509Certificate encapsulatedX509Certificate; RevocationValues revocationValues; CRLValue newCRLValue; OCSPValue newOCSPValue; unsignedProperties = xadesSignedXml.UnsignedProperties; //TODO jbonilla Validate certificate refs. { unsignedProperties.UnsignedSignatureProperties.CertificateValues = new CertificateValues(); certificateValues = unsignedProperties.UnsignedSignatureProperties.CertificateValues; //certificateValues.Id = this.certificateValuesIdTextBox.Text; //certificateValuesCounter = 0; foreach (CertificateAndContext certificate in ctx.GetNeededCertificates()) { encapsulatedX509Certificate = new EncapsulatedX509Certificate(); //encapsulatedX509Certificate.Id = this.certificateValuesIdTextBox.Text + certificateValuesCounter.ToString(); encapsulatedX509Certificate.PkiData = certificate.GetCertificate().GetEncoded(); //certificateValuesCounter++; certificateValues.EncapsulatedX509CertificateCollection.Add(encapsulatedX509Certificate); } } unsignedProperties = xadesSignedXml.UnsignedProperties; unsignedProperties.UnsignedSignatureProperties.RevocationValues = new RevocationValues(); revocationValues = unsignedProperties.UnsignedSignatureProperties.RevocationValues; //revocationValues.Id = this.revocationValuesIdTextBox.Text; if (ctx.GetNeededOCSPResp().Count > 0) { foreach (BasicOcspResp ocsp in ctx.GetNeededOCSPResp()) { newOCSPValue = new OCSPValue(); newOCSPValue.PkiData = OCSPUtils.FromBasicToResp(ocsp).GetEncoded(); revocationValues.OCSPValues.OCSPValueCollection.Add(newOCSPValue); } } if (ctx.GetNeededCRL().Count > 0) { foreach (X509Crl crl in ctx.GetNeededCRL()) { newCRLValue = new CRLValue(); newCRLValue.PkiData = crl.GetEncoded(); revocationValues.CRLValues.CRLValueCollection.Add(newCRLValue); } } xadesSignedXml.UnsignedProperties = unsignedProperties; }