/// <summary> /// Will return the resources for the provided digital signature. /// </summary> /// <param name="signature">The signature to get resources for.</param> /// <returns>The signature resources.</returns> internal static SignatureResources GetResources(DigitalSignature signature, CertificatePriorityStatus certStatus) { const int defaultHeight = 35; const int defaultWidth = 35; SignatureResources resources = new SignatureResources(); string none = SR.Get(SRID.SignatureResourceHelperNone); resources._displayImage = GetImageFromStatus( defaultHeight, defaultWidth, signature.SignatureState, certStatus); resources._location = string.IsNullOrEmpty(signature.Location) ? none : signature.Location; resources._reason = string.IsNullOrEmpty(signature.Reason) ? none : signature.Reason; resources._signBy = GetFormattedDate(signature.SignedOn); resources._subjectName = signature.SubjectName; resources._summaryMessage = GetSummaryMessage(signature, certStatus); Trace.SafeWrite( Trace.Rights, "Resources generated for {0} summary: {1}", resources._subjectName, resources._summaryMessage); return(resources); }
/// <summary> /// Gets the CertificateStatus for a specific certificate. /// </summary> private static CertificatePriorityStatus GetCertificateStatus(X509Certificate2 certificate) { //Default status is the most severe error: Corrupted CertificatePriorityStatus certificatePriorityStatus = CertificatePriorityStatus.Corrupted; X509ChainStatusFlags x509ChainStatusFlags; // Use the static VerifyCertificate method on XpsDigitalSignature // to verify the certificate x509ChainStatusFlags = XpsDigitalSignature.VerifyCertificate(certificate); //Strip out all known flags (minus Cyclic and NotSignatureValid). What is left are any unknown flags //and flags that convert to Corrupted. X509ChainStatusFlags x509RemainingFlags = (x509ChainStatusFlags ^ _x509NonCorruptedFlags) & ~(_x509NonCorruptedFlags); //x509ChainStatusFlags is a flag we want to convert to a CertificatePriorityStatus. //First we need to make sure there are no unknown flags. If there is an unknown //flag we assume that it is the worst possible error and leave CertificateStatus //set to Corrupted. Leaving out Cyclic and NotSignatureValid since they also convert //to Corrupted. if (x509RemainingFlags == X509ChainStatusFlags.NoError) { //The following flags convert to CannotBeVerified if ((x509ChainStatusFlags & _x509CannotBeVerifiedFlags) != X509ChainStatusFlags.NoError) { certificatePriorityStatus = CertificatePriorityStatus.CannotBeVerified; } //The following flags convert to IssuerNotTrusted else if ((x509ChainStatusFlags & _x509IssuerNotTrustedFlags) != X509ChainStatusFlags.NoError) { certificatePriorityStatus = CertificatePriorityStatus.IssuerNotTrusted; } //The following flags convert to Revoked else if ((x509ChainStatusFlags & _x509RevokedFlags) != X509ChainStatusFlags.NoError) { certificatePriorityStatus = CertificatePriorityStatus.Revoked; } //The following flags convert to Expired else if ((x509ChainStatusFlags & _x509ExpiredFlags) != X509ChainStatusFlags.NoError) { certificatePriorityStatus = CertificatePriorityStatus.Expired; } //The following flags are all considered Igorable else { certificatePriorityStatus = CertificatePriorityStatus.Ok; } } return(certificatePriorityStatus); }
/// <summary> /// Acquire the UI message associated with the certificate status /// </summary> /// <param name="certStatus">The status to represent</param> /// <returns>The string associated with the status, otherwise String.Empty.</returns> private static string GetCertificateSummaryMessage(CertificatePriorityStatus certStatus) { string message = String.Empty; switch (certStatus) { case CertificatePriorityStatus.Ok: message = SR.Get(SRID.SignatureResourceHelperCertificateStatusOk); break; case CertificatePriorityStatus.Corrupted: message = SR.Get(SRID.SignatureResourceHelperCertificateStatusCorrupted); break; case CertificatePriorityStatus.CannotBeVerified: message = SR.Get(SRID.SignatureResourceHelperCertificateStatusCannotBeVerified); break; case CertificatePriorityStatus.IssuerNotTrusted: message = SR.Get(SRID.SignatureResourceHelperCertificateStatusIssuerNotTrusted); break; case CertificatePriorityStatus.Revoked: message = SR.Get(SRID.SignatureResourceHelperCertificateStatusRevoked); break; case CertificatePriorityStatus.Expired: message = SR.Get(SRID.SignatureResourceHelperCertificateStatusExpired); break; case CertificatePriorityStatus.NoCertificate: message = SR.Get(SRID.SignatureResourceHelperCertificateStatusNoCertificate); break; case CertificatePriorityStatus.Verifying: message = SR.Get(SRID.SignatureResourceHelperCertificateStatusVerifying); break; } return(message); }
/// <summary> /// Acquire the UI message associated with the signature status /// </summary> /// <param name="sigStatus">The signature status to represent</param> /// <param name="certStatus">The certificate status for the signature</param> /// <returns>The string associated with the status, otherwise String.Empty.</returns> private static string GetSignatureSummaryMessage(SignatureStatus sigStatus, CertificatePriorityStatus certStatus) { string message = String.Empty; if (sigStatus == SignatureStatus.Valid) { message = (certStatus == CertificatePriorityStatus.Ok) ? SR.Get(SRID.SignatureResourceHelperSignatureStatusValid) : // Cert valid SR.Get(SRID.SignatureResourceHelperSignatureStatusValidCertInvalid); // Cert invalid } else if (sigStatus == SignatureStatus.Unverifiable) { message = SR.Get(SRID.SignatureResourceHelperSignatureStatusUnverifiable); } else { message = SR.Get(SRID.SignatureResourceHelperSignatureStatusInvalid); } return(message); }
/// <summary> /// Get the Image icon for the status. /// </summary> /// <param name="sigStatus">Requested signature status</param> /// <param name="certStatus">Requested certificate status</param> /// <returns>A Image on success (valid status, DrawingBrush found), null /// otherwise.</returns> internal static Drawing.Image GetImageFromStatus( int height, int width, SignatureStatus sigStatus, CertificatePriorityStatus certStatus) { // TODO: #1239315 - Mongoose: Restore Dynamic Rendering of Icons from DrawingBrush // If the signature is okay, but the certificate cannot be trusted then display // invalid signature image. if ((sigStatus == SignatureStatus.Valid) && (certStatus != CertificatePriorityStatus.Ok)) { sigStatus = SignatureStatus.Invalid; } string resourceName = string.Format( CultureInfo.InvariantCulture, @"{0}_{1}x{2}", sigStatus.ToString(), height, width); return((Drawing.Image)Resources.ResourceManager.GetObject(resourceName)); }
/// <summary> /// Builds the summary message. /// </summary> /// <param name="signature">A DigitalSignature</param> /// <returns>A summary message.</returns> private static string GetSummaryMessage(DigitalSignature signature, CertificatePriorityStatus certStatus) { if (signature == null) { return(string.Empty); } // Setup the location text. If not currently set, replace with the // string "<none>" to denote that no value was set. string location = (String.IsNullOrEmpty(signature.Location)) ? SR.Get(SRID.SignatureResourceHelperNone) : signature.Location; string result = String.Empty; switch (signature.SignatureState) { case SignatureStatus.Valid: case SignatureStatus.Invalid: case SignatureStatus.Unverifiable: // Verify that if the signature is valid, it has a certificate Invariant.Assert( !(signature.SignatureState == SignatureStatus.Valid && signature.Certificate == null), SR.Get(SRID.SignatureResourceHelperMissingCertificate)); // Create the signature status message string sigSummary = string.Format(CultureInfo.CurrentCulture, SR.Get(SRID.SignatureResourceHelperSummaryBreakLine), GetSignatureSummaryMessage(signature.SignatureState, certStatus)); // Create the certificate status message (if required) string certSummary = String.Empty; if (certStatus != CertificatePriorityStatus.Ok) { certSummary = string.Format(CultureInfo.CurrentCulture, SR.Get(SRID.SignatureResourceHelperSummaryBreakLine), GetCertificateSummaryMessage(certStatus)); } // Create the summary message using the signature and certificate messages // along with details from the current signature. result = string.Format(CultureInfo.CurrentCulture, SR.Get(SRID.SignatureResourceHelperSummaryFormat), sigSummary, certSummary, signature.SubjectName, signature.SignedOn, location); break; case SignatureStatus.NotSigned: // Create the summary message using signature information result = string.Format(CultureInfo.CurrentCulture, SR.Get(SRID.SignatureResourceHelperValidSigSummaryPending), signature.SubjectName, GetFormattedDate(signature.SignedOn), location); break; } return(result); }