private SignaturePermissions GetSignatureInfo(AcroFields fields, string name, SignaturePermissions perms, List <SignatureInfo> signatureInfoList)
{
var si = new SignatureInfo();
PdfPKCS7 pkcs7 = fields.VerifySignature(name);
X509Certificate cert = pkcs7.SigningCertificate;
PdfDictionary sigDict = fields.GetSignatureDictionary(name);
PdfString contact = sigDict.GetAsString(PdfName.CONTACTINFO);
si.Signer = CertificateInfo.GetSubjectFields(cert).GetField("CN");
if (contact != null)
{
si.ContactInfo = contact.ToString();
}
si.SignedOn = pkcs7.SignDate;
si.Location = pkcs7.Location;
si.Issuer = cert.IssuerDN.ToString();
si.Subject = cert.SubjectDN.ToString();
si.CertValidFrom = cert.NotBefore;
si.CertValidTo = cert.NotAfter;
si.Reason = pkcs7.Reason;
si.IntegrityCheck = pkcs7.Verify();
signatureInfoList.Add(si);
perms = new SignaturePermissions(sigDict, perms);
return(perms);
}
public SignaturePermissions InspectSignature(AcroFields fields, String name, SignaturePermissions perms)
{
IList <AcroFields.FieldPosition> fps = fields.GetFieldPositions(name);
if (fps != null && fps.Count > 0)
{
AcroFields.FieldPosition fp = fps[0];
Rectangle pos = fp.position;
if (pos.Width == 0 || pos.Height == 0)
{
Console.WriteLine("Invisible signature");
}
else
{
Console.WriteLine("Field on page {0}; llx: {1}, lly: {2}, urx: {3}; ury: {4}",
fp.page, pos.Left, pos.Bottom, pos.Right, pos.Top);
}
}
PdfPKCS7 pkcs7 = VerifySignature(fields, name);
Console.WriteLine("Digest algorithm: " + pkcs7.GetHashAlgorithm());
Console.WriteLine("Encryption algorithm: " + pkcs7.GetEncryptionAlgorithm());
Console.WriteLine("Filter subtype: " + pkcs7.GetFilterSubtype());
X509Certificate cert = pkcs7.SigningCertificate;
Console.WriteLine("Name of the signer: " + CertificateInfo.GetSubjectFields(cert).GetField("CN"));
if (pkcs7.SignName != null)
{
Console.WriteLine("Alternative name of the signer: " + pkcs7.SignName);
}
Console.WriteLine("Signed on: " + pkcs7.SignDate.ToString("yyyy-MM-dd HH:mm:ss.ff"));
if (!pkcs7.TimeStampDate.Equals(DateTime.MaxValue))
{
Console.WriteLine("TimeStamp: " + pkcs7.TimeStampDate.ToString("yyyy-MM-dd HH:mm:ss.ff"));
TimeStampToken ts = pkcs7.TimeStampToken;
Console.WriteLine("TimeStamp service: " + ts.TimeStampInfo.Tsa);
Console.WriteLine("Timestamp verified? " + pkcs7.VerifyTimestampImprint());
}
Console.WriteLine("Location: " + pkcs7.Location);
Console.WriteLine("Reason: " + pkcs7.Reason);
PdfDictionary sigDict = fields.GetSignatureDictionary(name);
PdfString contact = sigDict.GetAsString(PdfName.CONTACTINFO);
if (contact != null)
{
Console.WriteLine("Contact info: " + contact);
}
perms = new SignaturePermissions(sigDict, perms);
Console.WriteLine("Signature type: " + (perms.Certification ? "certification" : "approval"));
Console.WriteLine("Filling out fields allowed: " + perms.FillInAllowed);
Console.WriteLine("Adding annotations allowed: " + perms.AnnotationsAllowed);
foreach (SignaturePermissions.FieldLock Lock in perms.FieldLocks)
{
Console.WriteLine("Lock: " + Lock);
}
return(perms);
}
private void AssertSignatureDetails(string signatureName,
string expectedSignName, string expectedLocation, string expectedReason)
{
AcroFields fields = this.pdfReader.AcroFields;
PdfPKCS7 pk = fields.VerifySignature(signatureName);
Assert.AreEqual(expectedSignName, CertificateInfo.GetSubjectFields(pk.SigningCertificate).GetField("CN"));
Assert.AreEqual(expectedLocation, pk.Location);
Assert.AreEqual(expectedReason, pk.Reason);
Assert.That(pk.SignDate, Is.EqualTo(DateTime.Now).Within(1).Minutes);
}
private Nenshkrim MerrNenshkrimInfo(AcroFields af, string name)
{
PdfPKCS7 pkcs7 = af.VerifySignature(name);
var certificate = new X509Certificate2();
var cert = (Org.BouncyCastle.X509.X509Certificate)pkcs7.Certificates[0];
certificate.Import(cert.GetEncoded());
Nenshkrim nenshkruesi = new Nenshkrim();
nenshkruesi.Nenshkruesi = CertificateInfo.GetSubjectFields(cert).GetField("CN");
string issuer = certificate.Issuer;
nenshkruesi.IssuerCN = GetIssuer(issuer, "CN=");
nenshkruesi.IssuerOU = GetIssuer(issuer, "OU=");
nenshkruesi.IssuerO = GetIssuer(issuer, "O=");
nenshkruesi.IssuerC = GetIssuer(issuer, "C=");
if (nenshkruesi.IssuerC == "KS")
{
//largimi i [EMAIL] prej cn
nenshkruesi.Nenshkruesi = nenshkruesi.Nenshkruesi.Substring(8);
}
nenshkruesi.Emri = CertificateInfo.GetSubjectFields(cert).GetField("GIVENNAME");
nenshkruesi.Mbiemri = CertificateInfo.GetSubjectFields(cert).GetField("SURNAME");
//algoritmi hash
nenshkruesi.AlgoritmiHash = pkcs7.GetHashAlgorithm();
//algoritmi hash
nenshkruesi.AlgoritmiEnkriptimit = pkcs7.GetEncryptionAlgorithm();
//data e nenshrimit
nenshkruesi.DataNenshkrimit = pkcs7.SignDate;
//certifikata valide prej, deri
nenshkruesi.CertifikataValidePrej = certificate.GetEffectiveDateString();
nenshkruesi.CertifikataValideDeri = certificate.GetExpirationDateString();
nenshkruesi.SerialNumber = certificate.SerialNumber;
//verifikimi
if (pkcs7.Verify())
{
nenshkruesi.Valid = true;
}
else
{
nenshkruesi.Valid = false;
}
return(nenshkruesi);
}
public PdfSignInfo(PdfPKCS7 pkcs7)
{
SignType = SignTypes.PAdES.ToString();
SignDate = pkcs7.SignDate;
Reason = pkcs7.Reason;
try
{
IsVerified = pkcs7.Verify();
}
catch (Exception ex)
{
Console.WriteLine(string.Format("Verifica validità fallita: {0}", ex.Message));
}
Certificate = new SigningCertificate()
{
SerialNumber = pkcs7.SigningCertificate.SerialNumber.IntValue.ToString("X"),
NotBefore = pkcs7.SigningCertificate.NotBefore,
NotAfter = pkcs7.SigningCertificate.NotAfter
};
var issuerFields = CertificateInfo.GetIssuerFields(pkcs7.SigningCertificate);
Certificate.Issuer = new IssuerDN()
{
SerialNumber = issuerFields.GetField("SN"),
Organization = issuerFields.GetField("O"),
OrganizationUnit = issuerFields.GetField("OU")
};
var subjectFields = CertificateInfo.GetSubjectFields(pkcs7.SigningCertificate);
Certificate.Subject = new SubjectDN()
{
SerialNumber = subjectFields.GetField("SN"),
GivenName = subjectFields.GetField("GIVENNAME"),
Surname = subjectFields.GetField("SURNAME"),
CommonName = subjectFields.GetField("CN"),
Organization = subjectFields.GetField("O")
};
if (pkcs7.TimeStampToken != null)
{
Children = new List <SignInfo>()
{
new TsSignInfo(pkcs7)
}
}
;
}
}
public PdfPKCS7 VerifySignature(AcroFields fields, String name)
{
Console.WriteLine("Signature covers whole document: " + fields.SignatureCoversWholeDocument(name));
Console.WriteLine("Document revision: " + fields.GetRevision(name) + " of " + fields.TotalRevisions);
PdfPKCS7 pkcs7 = fields.VerifySignature(name);
Console.WriteLine("Integrity check OK? " + pkcs7.Verify());
Console.WriteLine("Digest algorithm: " + pkcs7.GetHashAlgorithm());
Console.WriteLine("Encryption algorithm: " + pkcs7.GetEncryptionAlgorithm());
Console.WriteLine("Filter subtype: " + pkcs7.GetFilterSubtype());
X509Certificate cert = pkcs7.SigningCertificate;
Console.WriteLine("Name of the signer: " + CertificateInfo.GetSubjectFields(cert).GetField("CN"));
return(pkcs7);
}
private string BuildVisibleInformation(string?reason = "null", string?location = null)
{
CertificateInfo.X500Name subjectFields = CertificateInfo.GetSubjectFields(_userCertificateChain[0]);
var stringBuilder = new StringBuilder();
stringBuilder.AppendLine($"Assinado por {subjectFields?.GetField("CN") ?? subjectFields?.GetField("E") ?? ""}");
stringBuilder.AppendLine($"BI: {subjectFields?.GetField("SN") ?? ""}");
stringBuilder.AppendLine($"Date: {DateTime.Now:yyyy.MM.dd HH:mm:ss}");
if (!string.IsNullOrEmpty(location))
{
stringBuilder.AppendLine($"Local: {location ?? ""}");
}
if (!string.IsNullOrEmpty(reason))
{
stringBuilder.AppendLine($"Motivo: {reason ?? ""}");
}
return(stringBuilder.ToString());
}
public SignaturePermissions InspectSignature(PdfDocument pdfDoc, SignatureUtil signUtil, PdfAcroForm form,
String name, SignaturePermissions perms)
{
IList <PdfWidgetAnnotation> widgets = form.GetField(name).GetWidgets();
// Check the visibility of the signature annotation
if (widgets != null && widgets.Count > 0)
{
Rectangle pos = widgets[0].GetRectangle().ToRectangle();
int pageNum = pdfDoc.GetPageNumber(widgets[0].GetPage());
int numberOfPages = pdfDoc.GetNumberOfPages();
if (pos.GetWidth() == 0 || pos.GetHeight() == 0)
{
Console.Out.WriteLine("Invisible signature");
}
else
{
Console.Out.WriteLine(String.Format("Field on page {0} out of {1}; left: {2}, bottom: {3}, right: {4}; top: {5}",
pageNum, numberOfPages, pos.GetLeft(), pos.GetBottom(), pos.GetRight(), pos.GetTop()));
}
}
/* Find out how the message digest of the PDF bytes was created,
* how these bytes and additional attributes were signed
* and how the signed bytes are stored in the PDF
*/
PdfPKCS7 pkcs7 = VerifySignature(signUtil, name);
Console.Out.WriteLine("Digest algorithm: " + pkcs7.GetHashAlgorithm());
Console.Out.WriteLine("Encryption algorithm: " + pkcs7.GetEncryptionAlgorithm());
Console.Out.WriteLine("Filter subtype: " + pkcs7.GetFilterSubtype());
// Get the signing certificate to find out the name of the signer.
X509Certificate cert = (X509Certificate)pkcs7.GetSigningCertificate();
ShowCertificateInfo(cert, pkcs7.GetSignDate());
Console.Out.WriteLine("Name of the signer: "
+ CertificateInfo.GetSubjectFields(cert).GetField("CN"));
if (pkcs7.GetSignName() != null)
{
Console.Out.WriteLine("Alternative name of the signer: " + pkcs7.GetSignName());
}
/* Get the signing time.
* Mind that the getSignDate() method is not that secure as timestamp
* because it's based only on signature author claim. I.e. this value can only be trusted
* if signature is trusted and it cannot be used for signature verification.
*/
Console.Out.WriteLine("Signed on: " + pkcs7.GetSignDate().ToUniversalTime().ToString("yyyy-MM-dd"));
/* If a timestamp was applied, retrieve information about it.
* Timestamp is a secure source of signature creation time,
* because it's based on Time Stamping Authority service.
*/
if (TimestampConstants.UNDEFINED_TIMESTAMP_DATE != pkcs7.GetTimeStampDate())
{
Console.Out.WriteLine("TimeStamp: " +
pkcs7.GetTimeStampDate().ToUniversalTime().ToString("yyyy-MM-dd"));
TimeStampToken ts = pkcs7.GetTimeStampToken();
Console.Out.WriteLine("TimeStamp service: " + ts.TimeStampInfo.Tsa);
Console.Out.WriteLine("Timestamp verified? " + pkcs7.VerifyTimestampImprint());
}
Console.Out.WriteLine("Location: " + pkcs7.GetLocation());
Console.Out.WriteLine("Reason: " + pkcs7.GetReason());
Console.Out.WriteLine("Timestamp date: " + pkcs7.GetTimeStampDate());
Console.Out.WriteLine("Timestamp token: " + pkcs7.GetTimeStampToken());
Console.Out.WriteLine("Timestamp verified? " + pkcs7.VerifyTimestampImprint());
/* If you want less common entries than PdfPKCS7 object has, such as the contact info,
* you should use the signature dictionary and get the properties by name.
*/
PdfDictionary sigDict = signUtil.GetSignatureDictionary(name);
PdfString contact = sigDict.GetAsString(PdfName.ContactInfo);
if (contact != null)
{
Console.Out.WriteLine("Contact info: " + contact);
}
/* Every new signature can add more restrictions to a document, but it can’t take away previous restrictions.
* So if you want to retrieve information about signatures restrictions, you need to pass
* the SignaturePermissions instance of the previous signature, or null if there was none.
*/
perms = new SignaturePermissions(sigDict, perms);
Console.Out.WriteLine("Signature type: " + (perms.IsCertification() ? "certification" : "approval"));
Console.Out.WriteLine("Filling out fields allowed: " + perms.IsFillInAllowed());
Console.Out.WriteLine("Adding annotations allowed: " + perms.IsAnnotationsAllowed());
foreach (SignaturePermissions.FieldLock Lock in perms.GetFieldLocks())
{
Console.Out.WriteLine("Lock: " + Lock);
}
return(perms);
}
private static MessageReport.Signature InspectSignature(AcroFields fields, String name, SignaturePermissions perms)
{
MessageReport.Signature sigInfo = new MessageReport.Signature();
IList <AcroFields.FieldPosition> fps = fields.GetFieldPositions(name);
if (fps != null && fps.Count > 0)
{
AcroFields.FieldPosition fp = fps[0];
Rectangle pos = fp.position;
if (pos.Width == 0 || pos.Height == 0)
{
sigInfo.visible = false;
}
else
{
sigInfo.visible = true;
}
}
PdfPKCS7 pkcs7 = VerifySignature(fields, name, ref sigInfo);
sigInfo.digestAlgorithm = pkcs7.GetHashAlgorithm();
sigInfo.encryptionAlgorithm = pkcs7.GetEncryptionAlgorithm();
sigInfo.isRevocationValid = pkcs7.IsRevocationValid();
X509Certificate cert = pkcs7.SigningCertificate;
sigInfo.signerName = CertificateInfo.GetSubjectFields(cert).GetField("CN");
if (pkcs7.SignName != null)
{
sigInfo.signerName = pkcs7.SignName;
}
sigInfo.signDate = pkcs7.SignDate.ToString("yyyy-MM-dd HH:mm:ss.ff");
if (!pkcs7.TimeStampDate.Equals(DateTime.MaxValue))
{
sigInfo.isTimestampped = true;
sigInfo.timestampDate = pkcs7.TimeStampDate.ToString("yyyy-MM-dd HH:mm:ss.ff");
TimeStampToken ts = pkcs7.TimeStampToken;
sigInfo.timestampName = ts.TimeStampInfo.Tsa.ToString();
}
sigInfo.signLocation = pkcs7.Location;
sigInfo.signReason = pkcs7.Reason;
PdfDictionary sigDict = fields.GetSignatureDictionary(name);
PdfString contact = sigDict.GetAsString(PdfName.CONTACTINFO);
if (contact != null)
{
Console.WriteLine("Contact info: " + contact);
}
perms = new SignaturePermissions(sigDict, perms);
sigInfo.signatureType = (perms.Certification ? "certification" : "approval");
return(sigInfo);
}
