public void HttpAsyncGetPublicationsFileTest()
{
HAKsiService haService = new HAKsiService(SigningServices, ExtendingServices, PublicationsFileService);
ManualResetEvent waitHandle = new ManualResetEvent(false);
IPublicationsFile pubFile = null;
object testObject = new object();
bool isAsyncCorrect = false;
haService.BeginGetPublicationsFile(delegate(IAsyncResult ar)
{
try
{
isAsyncCorrect = ar.AsyncState == testObject;
pubFile = haService.EndGetPublicationsFile(ar);
}
finally
{
waitHandle.Set();
}
}, testObject);
Assert.IsTrue(waitHandle.WaitOne(10000), "Wait handle timed out.");
Assert.IsNotNull(pubFile, "Publications file should not be null.");
Assert.AreEqual(true, isAsyncCorrect, "Unexpected async state.");
}
public void HttpAsyncGetPublicationsFileTest()
{
KsiService service = GetHttpKsiService();
ManualResetEvent waitHandle = new ManualResetEvent(false);
IPublicationsFile pubFile = null;
object testObject = new object();
bool isAsyncCorrect = false;
service.BeginGetPublicationsFile(delegate(IAsyncResult ar)
{
try
{
isAsyncCorrect = ar.AsyncState == testObject;
pubFile = service.EndGetPublicationsFile(ar);
}
catch (Exception ex)
{
Assert.Fail("Unexpected exception: " + ex);
}
finally
{
waitHandle.Set();
}
}, testObject);
Assert.IsTrue(waitHandle.WaitOne(10000), "Wait handle timed out.");
Assert.IsNotNull(pubFile, "Publications file should not be null.");
Assert.AreEqual(true, isAsyncCorrect, "Unexpected async state.");
}
public void GetPublicationsFileStaticTest()
{
Ksi ksi = GetKsi();
IPublicationsFile pubFile = ksi.GetPublicationsFile();
Assert.AreEqual(1515974400, pubFile.GetLatestPublication().PublicationData.PublicationTime, "Unexpected last publication time");
}
/// <summary>
/// Get publication record from publications file that is nearest to the given time.
/// </summary>
/// <param name="publicationsFile">publications file</param>
/// <param name="time">time</param>
/// <param name="allowNullValue">indicates if returning null value is allowed</param>
/// <returns></returns>
public static PublicationRecordInPublicationFile GetNearestPublicationRecord(IPublicationsFile publicationsFile, ulong time, bool allowNullValue = false)
{
PublicationRecordInPublicationFile publicationRecord = publicationsFile.GetNearestPublicationRecord(time);
if (!allowNullValue && publicationRecord == null)
{
throw new KsiVerificationException("No publication record found after given time in publications file: " + time + ".");
}
return(publicationRecord);
}
public void GetPublicationsFileTest(Ksi ksi)
{
IPublicationsFile publicationsFile = ksi.GetPublicationsFile();
PublicationRecordInPublicationFile latest = publicationsFile.GetLatestPublication();
PublicationRecordInPublicationFile prev = publicationsFile.GetNearestPublicationRecord(latest.PublicationData.PublicationTime - 35 * 24 * 3600);
Assert.True(latest.PublicationData.PublicationTime > prev.PublicationData.PublicationTime);
prev = publicationsFile.GetNearestPublicationRecord(Util.ConvertUnixTimeToDateTime(latest.PublicationData.PublicationTime).AddDays(-35));
Assert.True(latest.PublicationData.PublicationTime > prev.PublicationData.PublicationTime);
}
/// <see cref="VerificationRule.Verify" />
public override VerificationResult Verify(IVerificationContext context)
{
IPublicationsFile publicationsFile = GetPublicationsFile(context);
PublicationRecordInSignature publicationRecord = GetPublicationRecord(GetSignature(context));
ulong publicationTime = publicationRecord.PublicationData.PublicationTime;
PublicationRecordInPublicationFile publicationRecordInPublicationFile = GetNearestPublicationRecord(publicationsFile, publicationTime, true);
if (publicationRecordInPublicationFile == null || publicationRecordInPublicationFile.PublicationData.PublicationTime != publicationTime)
{
return(new VerificationResult(GetRuleName(), VerificationResultCode.Na, VerificationError.Gen02));
}
return(publicationRecordInPublicationFile.PublicationData.PublicationHash != publicationRecord.PublicationData.PublicationHash
? new VerificationResult(GetRuleName(), VerificationResultCode.Fail, VerificationError.Pub05)
: new VerificationResult(GetRuleName(), VerificationResultCode.Ok));
}
public void HAPublicationsFileRequestTest()
{
IKsiService haService =
new HAKsiService(
null,
null,
GetPublicationsFileService()
);
Assert.AreEqual("test.publications.file.address", haService.PublicationsFileAddress,
"Unexpected publications file address.");
IPublicationsFile publicationsFile = haService.GetPublicationsFile();
Assert.AreEqual(1515974400, publicationsFile.GetLatestPublication().PublicationData.PublicationTime, "Unexpected last publication time");
}
private static IVerificationContext GetVerificationContext(TestingRow testingRow, IKsiSignature signature, string testDataDir, bool setUserPublication = false)
{
IPublicationsFile publicationsFile = null;
IKsiService service;
if (!setUserPublication)
{
publicationsFile = GetPublicationsFile(string.IsNullOrEmpty(testingRow.PublicationsFilePath) ? null : testDataDir + testingRow.PublicationsFilePath,
string.IsNullOrEmpty(testingRow.CertFilePath) ? null : testDataDir + testingRow.CertFilePath);
}
if (string.IsNullOrEmpty(testingRow.ResourceFile))
{
service = IntegrationTests.GetHttpKsiService();
}
else
{
TestKsiServiceProtocol protocol = new TestKsiServiceProtocol
{
RequestResult = File.ReadAllBytes(Path.Combine(TestSetup.LocalPath, testDataDir + testingRow.ResourceFile))
};
service =
new TestKsiService(
protocol,
new ServiceCredentials(Properties.Settings.Default.HttpSigningServiceUser, Properties.Settings.Default.HttpSigningServicePass,
TestUtil.GetHashAlgorithm(Properties.Settings.Default.HttpSigningServiceHmacAlgorithm)),
protocol,
new ServiceCredentials(Properties.Settings.Default.HttpExtendingServiceUser, Properties.Settings.Default.HttpExtendingServicePass,
TestUtil.GetHashAlgorithm(Properties.Settings.Default.HttpExtendingServiceHmacAlgorithm)),
protocol,
new PublicationsFileFactory(
new PkiTrustStoreProvider(new X509Store(StoreName.Root),
CryptoTestFactory.CreateCertificateSubjectRdnSelector("[email protected]"))), 1, PduVersion.v2);
}
return(new VerificationContext(signature)
{
DocumentHash = testingRow.InputHash,
UserPublication = setUserPublication ? testingRow.PublicationData : null,
IsExtendingAllowed = testingRow.IsExtendingAllowed,
KsiService = service,
PublicationsFile = publicationsFile,
DocumentHashLevel = testingRow.InputHashLevel
});
}
/// <summary>
/// Get publications file.
/// </summary>
/// <returns>publications file</returns>
public IPublicationsFile GetPublicationsFile()
{
if (_publicationsFileLoadTime > DateTime.Now.AddHours(-1) && _publicationsFile != null)
{
return(_publicationsFile);
}
_publicationsFile = _ksiService.GetPublicationsFile();
if (_publicationsFile == null)
{
throw new KsiException("Invalid publications file: null.");
}
_publicationsFileLoadTime = DateTime.Now;
return(_publicationsFile);
}
/// <see cref="VerificationRule.Verify" />
public override VerificationResult Verify(IVerificationContext context)
{
IPublicationsFile publicationsFile = GetPublicationsFile(context);
IKsiSignature signature = GetSignature(context);
PublicationRecordInPublicationFile publicationRecord = GetNearestPublicationRecord(publicationsFile, signature.AggregationTime, true);
if (publicationRecord == null)
{
// if suitable publication record does not exist in publications file then return NA
return(new VerificationResult(GetRuleName(), VerificationResultCode.Na, VerificationError.Gen02));
}
CalendarHashChain extendedCalendarHashChain = GetExtendedCalendarHashChain(context, publicationRecord.PublicationData.PublicationTime);
return(extendedCalendarHashChain.OutputHash != publicationRecord.PublicationData.PublicationHash
? new VerificationResult(GetRuleName(), VerificationResultCode.Fail, VerificationError.Pub01)
: new VerificationResult(GetRuleName(), VerificationResultCode.Ok));
}
/// <summary>
/// Verify KSI signature using DefaultVerificationPolicy with publications file. Extending not allowed.
/// </summary>
/// <param name="ksiSignature">KSI signature to be verified.</param>
/// <param name="documentHash">Document hash</param>
/// <param name="publicationsFile">Publications file.</param>
/// <returns></returns>
public VerificationResult Verify(IKsiSignature ksiSignature, DataHash documentHash, IPublicationsFile publicationsFile)
{
return(new DefaultVerificationPolicy().Verify(ksiSignature, documentHash, publicationsFile));
}
/// <summary>
/// Verify given KSI signature.
/// At first the signature is verified against given document hash and publications file.
/// If suitable publication is not found in publications file then key based verification is done.
/// </summary>
/// <param name="ksiSignature">KSI signature to be verified.</param>
/// <param name="documentHash">Document hash</param>
/// <param name="publicationsFile">Publications file.</param>
/// <returns>verification result</returns>
public VerificationResult Verify(IKsiSignature ksiSignature, DataHash documentHash, IPublicationsFile publicationsFile)
{
if (ksiSignature == null)
{
throw new ArgumentNullException(nameof(ksiSignature));
}
if (publicationsFile == null)
{
throw new ArgumentNullException(nameof(publicationsFile));
}
return(base.Verify(new VerificationContext()
{
Signature = ksiSignature,
DocumentHash = documentHash,
PublicationsFile = publicationsFile,
}));
}
