public static void Run()
{
try
{
// ExStart:DigitallySignature
string pbxFile = "";
// The path to the documents directory.
string dataDir = RunExamples.GetDataDir_AsposePdfFacades_SecuritySignatures();
// Create PdfFileSignature object and bind input and output PDF files
PdfFileSignature pdfSign = new PdfFileSignature();
pdfSign.BindPdf(dataDir + "DigitallySign.pdf");
// Create a rectangle for signature location
System.Drawing.Rectangle rect = new System.Drawing.Rectangle(100, 100, 200, 100);
// Set signature appearance
pdfSign.SignatureAppearance = dataDir + "aspose-logo.jpg";
// Create any of the three signature types
PKCS1 signature = new PKCS1(pbxFile, "password"); // PKCS#1 or
pdfSign.Sign(1, "Signature Reason", "Contact", "Location", true, rect, signature);
// Save output PDF file
pdfSign.Save(dataDir + "DigitallySignature_out.pdf");
// ExEnd:DigitallySignature
}
catch (Exception ex)
{
Console.WriteLine(ex.Message);
}
}
public static SecureBuffer CreateSignature(SignatureAndHashAlgorithm type, HashAlgorithm hash, SecureBuffer hashData, AsymmetricAlgorithm key)
{
if (!VerifyHashType(type, hash))
{
throw new TlsException(AlertDescription.IlegalParameter);
}
if (type.Signature == SignatureAlgorithmType.Rsa)
{
return(new SecureBuffer(PKCS1.Sign_v15((RSA)key, hash, hashData.Buffer)));
}
else
{
throw new NotSupportedException();
}
}
public override byte[] CreateKeyExchange(byte[] rgbData)
{
if (random == null)
{
random = RandomNumberGenerator.Create(); // create default
}
if (rsa == null)
{
string msg = Locale.GetText("No RSA key specified");
throw new CryptographicUnexpectedOperationException(msg);
}
SHA1 sha1 = SHA1.Create();
return(PKCS1.Encrypt_OAEP(rsa, sha1, random, rgbData));
}
public byte[] Sign(byte[] data, byte[] userID)
{
if (data == null)
{
throw new ArgumentNullException("data");
}
if (userID == null)
{
throw new ArgumentNullException("userID");
}
RSA rsaa = RSA.Create();
rsaa.ImportParameters(loggedInUsers [userID]);
return(PKCS1.Sign_v15(rsaa, SHA256.Create(), data));
}
public override byte[] DecryptKeyExchange(byte[] rgbIn)
{
if (rsa == null)
{
throw new CryptographicUnexpectedOperationException(
Locale.GetText("No key pair available."));
}
byte[] result = PKCS1.Decrypt_v15(rsa, rgbIn);
if (result != null)
{
return(result);
}
throw new CryptographicException(Locale.GetText("PKCS1 decoding error."));
}
public bool VerifyHash(byte[] rgbHash, string str, byte[] rgbSignature)
{
if (rgbHash == null)
{
throw new ArgumentNullException("rgbHash");
}
if (rgbSignature == null)
{
throw new ArgumentNullException("rgbSignature");
}
// Fx 2.0 defaults to the SHA-1
string hashName = (str == null) ? "SHA1" : GetHashNameFromOID(str);
HashAlgorithm hash = HashAlgorithm.Create(hashName);
return(PKCS1.Verify_v15(this, hash, rgbHash, rgbSignature));
}
// NOTE: this method can work with ANY configured (OID in machine.config)
// HashAlgorithm descendant
public bool VerifyData(byte[] buffer, object halg, byte[] signature)
{
if (buffer == null)
{
throw new ArgumentNullException("buffer");
}
if (signature == null)
{
throw new ArgumentNullException("signature");
}
HashAlgorithm hash = GetHash(halg);
byte[] toBeVerified = hash.ComputeHash(buffer);
return(PKCS1.Verify_v15(this, hash, toBeVerified, signature));
}
public override bool VerifySignature(byte[] rgbHash, byte[] rgbSignature)
{
if (this.key == null)
{
throw new CryptographicUnexpectedOperationException("The key is a null reference");
}
if (this.hash == null)
{
throw new CryptographicUnexpectedOperationException("The hash algorithm is a null reference.");
}
if (rgbHash == null)
{
throw new ArgumentNullException("The rgbHash parameter is a null reference.");
}
return(PKCS1.Verify_v15(this.key, this.hash, rgbHash, rgbSignature));
}
public override byte[] Sign()
{
try {
ms.Position = 0;
HashAlgorithm hash = HashAlgorithm.Create("SHA1");
byte[] toBeSigned = hash.ComputeHash(ms);
ms = new MemoryStream();
return(PKCS1.Sign_v15(rsa, hash, toBeSigned));
// byte[] res = rsa.SignData (ms, "sha1");
// return res;
} catch (Exception ex) {
Console.WriteLine(ex);
throw;
}
}
public override byte[] CreateSignature(byte[] rgbHash)
{
if (key == null)
{
throw new CryptographicUnexpectedOperationException("The key is a null reference");
}
if (hash == null)
{
throw new CryptographicUnexpectedOperationException("The hash algorithm is a null reference.");
}
if (rgbHash == null)
{
throw new ArgumentNullException("The rgbHash parameter is a null reference.");
}
return(PKCS1.Sign_v15(key, hash, rgbHash));
}
public override byte[] CreateKeyExchange(byte[] rgbData)
{
if (rgbData == null)
{
throw new ArgumentNullException("rgbData");
}
if (rsa == null)
{
string msg = Locale.GetText("No RSA key specified");
throw new CryptographicUnexpectedOperationException(msg);
}
if (random == null)
{
random = RandomNumberGenerator.Create(); // create default
}
return(PKCS1.Encrypt_v15(rsa, random, rgbData));
}
public override byte[] DecryptKeyExchange(byte[] rgbData)
{
if (rsa == null)
{
string msg = Locale.GetText("No RSA key specified");
throw new CryptographicUnexpectedOperationException(msg);
}
SHA1 sha1 = SHA1.Create();
byte[] result = PKCS1.Decrypt_OAEP(rsa, sha1, rgbData);
if (result != null)
{
return(result);
}
throw new CryptographicException(Locale.GetText("OAEP decoding error."));
}
public byte[][] Sign(byte[] data)
{
if (data == null)
{
throw new ArgumentNullException("data");
}
List <byte[]> rv = new List <byte[]> ();
foreach (var userData in loggedInUsers)
{
RSA rsaa = RSA.Create();
rsaa.ImportParameters(userData.Value);
byte[] sig = PKCS1.Sign_v15(rsaa, SHA256.Create(), data);
rv.Add(userData.Key);
rv.Add(sig);
}
return(rv.ToArray());
}
public override byte[] CreateSignature(byte[] rgbHash)
{
if (rsa == null)
{
throw new CryptographicUnexpectedOperationException(
Locale.GetText("No key pair available."));
}
if (hash == null)
{
throw new CryptographicUnexpectedOperationException(
Locale.GetText("Missing hash algorithm."));
}
if (rgbHash == null)
{
throw new ArgumentNullException("rgbHash");
}
return(PKCS1.Sign_v15(rsa, hash, rgbHash));
}
public static void Run()
{
// ExStart:PDFSigningMechanism
// The path to the documents directory.
string dataDir = RunExamples.GetDataDir_AsposePdfFacades_TechnicalArticles();
Document doc = new Document(dataDir + "inFile.pdf");
// Create PdfFileSignature object and bind input and output PDF files
PdfFileSignature pdfSign = new PdfFileSignature(doc);
// Create a rectangle for signature location
System.Drawing.Rectangle rect = new System.Drawing.Rectangle(100, 100, 200, 100);
// Set signature appearance
pdfSign.SignatureAppearance = dataDir + "aspose-logo.jpg";
// Create any of the three signature types
PKCS1 signature = new PKCS1(dataDir + "inFile2.pdf", "password");
pdfSign.Sign(1, "Signature Reason", "Alice", "Odessa", true, rect, signature);
// ExEnd:PDFSigningMechanism
}
public static void Run()
{
// ExStart:PDFSigningMechanism
// The path to the documents directory.
string dataDir = RunExamples.GetDataDir_AsposePdfFacades_TechnicalArticles();
Document doc = new Document(dataDir + "inFile.pdf");
// Create PdfFileSignature object and bind input and output PDF files
PdfFileSignature pdfSign = new PdfFileSignature(doc);
// Create a rectangle for signature location
System.Drawing.Rectangle rect = new System.Drawing.Rectangle(100, 100, 200, 100);
// Set signature appearance
pdfSign.SignatureAppearance = dataDir + "aspose-logo.jpg";
// Create any of the three signature types
PKCS1 signature = new PKCS1(dataDir + "inFile2.pdf", "password");
pdfSign.Sign(1, "Signature Reason", "Alice", "Odessa", true, rect, signature);
// ExEnd:PDFSigningMechanism
}
public override bool VerifySignature(byte[] rgbHash, byte[] rgbSignature)
{
if (rsa == null)
{
throw new CryptographicUnexpectedOperationException(
Locale.GetText("No public key available."));
}
if (hashName == null)
{
throw new CryptographicUnexpectedOperationException(
Locale.GetText("Missing hash algorithm."));
}
if (rgbHash == null)
{
throw new ArgumentNullException("rgbHash");
}
if (rgbSignature == null)
{
throw new ArgumentNullException("rgbSignature");
}
return(PKCS1.Verify_v15(rsa, hashName, rgbHash, rgbSignature));
}
private bool VerifyCounterSignature (PKCS7.SignerInfo cs, byte[] signature)
{
// SEQUENCE {
// INTEGER 1
if (cs.Version != 1)
return false;
// SEQUENCE {
// SEQUENCE {
string contentType = null;
ASN1 messageDigest = null;
for (int i=0; i < cs.AuthenticatedAttributes.Count; i++)
{
// SEQUENCE {
// OBJECT IDENTIFIER
ASN1 attr = (ASN1) cs.AuthenticatedAttributes [i];
string oid = ASN1Convert.ToOid (attr[0]);
switch (oid)
{
case "1.2.840.113549.1.9.3":
// contentType
contentType = ASN1Convert.ToOid (attr[1][0]);
break;
case "1.2.840.113549.1.9.4":
// messageDigest
messageDigest = attr[1][0];
break;
case "1.2.840.113549.1.9.5":
// SEQUENCE {
// OBJECT IDENTIFIER
// signingTime (1 2 840 113549 1 9 5)
// SET {
// UTCTime '030124013651Z'
// }
// }
timestamp = ASN1Convert.ToDateTime (attr[1][0]);
break;
default:
break;
}
}
if (contentType != PKCS7.Oid.data)
return false;
// verify message digest
if (messageDigest == null)
return false;
// TODO: must be read from the ASN.1 structure
string hashName = null;
switch (messageDigest.Length)
{
case 16:
hashName = "MD5";
break;
case 20:
hashName = "SHA1";
break;
}
HashAlgorithm ha = HashAlgorithm.Create (hashName);
if (!messageDigest.CompareValue (ha.ComputeHash (signature)))
return false;
// verify signature
byte[] counterSignature = cs.Signature;
// change to SET OF (not [0]) as per PKCS #7 1.5
ASN1 aa = new ASN1 (0x31);
foreach (ASN1 a in cs.AuthenticatedAttributes)
aa.Add (a);
byte[] p7hash = ha.ComputeHash (aa.GetBytes ());
// we need to try all certificates
string issuer = cs.IssuerName;
byte[] serial = cs.SerialNumber;
foreach (X509Certificate x509 in coll)
{
if (CompareIssuerSerial (issuer, serial, x509))
{
if (x509.PublicKey.Length > counterSignature.Length)
{
RSACryptoServiceProvider rsa = (RSACryptoServiceProvider) x509.RSA;
// we need to HACK around bad (PKCS#1 1.5) signatures made by Verisign Timestamp Service
// and this means copying stuff into our own RSAManaged to get the required flexibility
RSAManaged rsam = new RSAManaged ();
rsam.ImportParameters (rsa.ExportParameters (false));
if (PKCS1.Verify_v15 (rsam, ha, p7hash, counterSignature, true))
{
timestampChain.LoadCertificates (coll);
return (timestampChain.Build (x509));
}
}
}
}
// no certificate can verify this signature!
return false;
}
private bool VerifyCounterSignature(PKCS7.SignerInfo cs, byte[] signature)
{
if (cs.Version != 1)
{
return(false);
}
string a = null;
ASN1 aSN = null;
for (int i = 0; i < cs.AuthenticatedAttributes.Count; i++)
{
ASN1 aSN2 = (ASN1)cs.AuthenticatedAttributes[i];
switch (ASN1Convert.ToOid(aSN2[0]))
{
case "1.2.840.113549.1.9.3":
a = ASN1Convert.ToOid(aSN2[1][0]);
break;
case "1.2.840.113549.1.9.4":
aSN = aSN2[1][0];
break;
case "1.2.840.113549.1.9.5":
timestamp = ASN1Convert.ToDateTime(aSN2[1][0]);
break;
}
}
if (a != "1.2.840.113549.1.7.1")
{
return(false);
}
if (aSN == null)
{
return(false);
}
string hashName = null;
switch (aSN.Length)
{
case 16:
hashName = "MD5";
break;
case 20:
hashName = "SHA1";
break;
}
HashAlgorithm hashAlgorithm = HashAlgorithm.Create(hashName);
if (!aSN.CompareValue(hashAlgorithm.ComputeHash(signature)))
{
return(false);
}
byte[] signature2 = cs.Signature;
ASN1 aSN3 = new ASN1(49);
foreach (ASN1 authenticatedAttribute in cs.AuthenticatedAttributes)
{
aSN3.Add(authenticatedAttribute);
}
byte[] hashValue = hashAlgorithm.ComputeHash(aSN3.GetBytes());
string issuerName = cs.IssuerName;
byte[] serialNumber = cs.SerialNumber;
foreach (X509Certificate item in coll)
{
if (CompareIssuerSerial(issuerName, serialNumber, item) && item.PublicKey.Length > signature2.Length)
{
RSACryptoServiceProvider rSACryptoServiceProvider = (RSACryptoServiceProvider)item.RSA;
RSAManaged rSAManaged = new RSAManaged();
rSAManaged.ImportParameters(rSACryptoServiceProvider.ExportParameters(includePrivateParameters: false));
if (PKCS1.Verify_v15(rSAManaged, hashAlgorithm, hashValue, signature2, tryNonStandardEncoding: true))
{
timestampChain.LoadCertificates(coll);
return(timestampChain.Build(item));
}
}
}
return(false);
}
private bool VerifyCounterSignature(PKCS7.SignerInfo cs, byte[] signature)
{
if (cs.Version != 1)
{
return(false);
}
string a = null;
ASN1 asn = null;
int i = 0;
while (i < cs.AuthenticatedAttributes.Count)
{
ASN1 asn2 = (ASN1)cs.AuthenticatedAttributes[i];
string text = ASN1Convert.ToOid(asn2[0]);
string text2 = text;
switch (text2)
{
case "1.2.840.113549.1.9.3":
a = ASN1Convert.ToOid(asn2[1][0]);
break;
case "1.2.840.113549.1.9.4":
asn = asn2[1][0];
break;
case "1.2.840.113549.1.9.5":
this.timestamp = ASN1Convert.ToDateTime(asn2[1][0]);
break;
}
IL_FC:
i++;
continue;
goto IL_FC;
}
if (a != "1.2.840.113549.1.7.1")
{
return(false);
}
if (asn == null)
{
return(false);
}
string hashName = null;
int length = asn.Length;
if (length != 16)
{
if (length == 20)
{
hashName = "SHA1";
}
}
else
{
hashName = "MD5";
}
HashAlgorithm hashAlgorithm = HashAlgorithm.Create(hashName);
if (!asn.CompareValue(hashAlgorithm.ComputeHash(signature)))
{
return(false);
}
byte[] signature2 = cs.Signature;
ASN1 asn3 = new ASN1(49);
foreach (object obj in cs.AuthenticatedAttributes)
{
ASN1 asn4 = (ASN1)obj;
asn3.Add(asn4);
}
byte[] hashValue = hashAlgorithm.ComputeHash(asn3.GetBytes());
string issuerName = cs.IssuerName;
byte[] serialNumber = cs.SerialNumber;
foreach (X509Certificate x509Certificate in this.coll)
{
if (this.CompareIssuerSerial(issuerName, serialNumber, x509Certificate) && x509Certificate.PublicKey.Length > signature2.Length)
{
RSACryptoServiceProvider rsacryptoServiceProvider = (RSACryptoServiceProvider)x509Certificate.RSA;
RSAManaged rsamanaged = new RSAManaged();
rsamanaged.ImportParameters(rsacryptoServiceProvider.ExportParameters(false));
if (PKCS1.Verify_v15(rsamanaged, hashAlgorithm, hashValue, signature2, true))
{
this.timestampChain.LoadCertificates(this.coll);
return(this.timestampChain.Build(x509Certificate));
}
}
}
return(false);
}
private bool VerifyCounterSignature(PKCS7.SignerInfo cs, byte[] signature)
{
if (cs.Version == 1)
{
string str = null;
ASN1 asn = null;
for (int i = 0; i < cs.AuthenticatedAttributes.Count; i++)
{
ASN1 asn2 = (ASN1)cs.AuthenticatedAttributes[i];
string key = ASN1Convert.ToOid(asn2[0]);
if (key != null)
{
if (__f__switch_map3 == null)
{
Dictionary <string, int> dictionary = new Dictionary <string, int>(3)
{
{
"1.2.840.113549.1.9.3",
0
},
{
"1.2.840.113549.1.9.4",
1
},
{
"1.2.840.113549.1.9.5",
2
}
};
__f__switch_map3 = dictionary;
}
if (__f__switch_map3.TryGetValue(key, out int num2))
{
switch (num2)
{
case 0:
str = ASN1Convert.ToOid(asn2[1][0]);
break;
case 1:
asn = asn2[1][0];
break;
case 2:
this.timestamp = ASN1Convert.ToDateTime(asn2[1][0]);
break;
}
}
}
}
if (str != "1.2.840.113549.1.7.1")
{
return(false);
}
if (asn == null)
{
return(false);
}
string hashName = null;
switch (asn.Length)
{
case 0x10:
hashName = "MD5";
break;
case 20:
hashName = "SHA1";
break;
}
HashAlgorithm hash = HashAlgorithm.Create(hashName);
if (asn.CompareValue(hash.ComputeHash(signature)))
{
byte[] buffer = cs.Signature;
ASN1 asn3 = new ASN1(0x31);
IEnumerator enumerator = cs.AuthenticatedAttributes.GetEnumerator();
try
{
while (enumerator.MoveNext())
{
ASN1 current = (ASN1)enumerator.Current;
asn3.Add(current);
}
}
finally
{
if (enumerator is IDisposable disposable)
{
disposable.Dispose();
}
}
byte[] hashValue = hash.ComputeHash(asn3.GetBytes());
string issuerName = cs.IssuerName;
byte[] serialNumber = cs.SerialNumber;
X509CertificateCollection.X509CertificateEnumerator enumerator2 = this.coll.GetEnumerator();
try
{
while (enumerator2.MoveNext())
{
X509Certificate current = enumerator2.Current;
if (this.CompareIssuerSerial(issuerName, serialNumber, current) &&
(current.PublicKey.Length > buffer.Length))
{
RSACryptoServiceProvider rSA = (RSACryptoServiceProvider)current.RSA;
RSAManaged rsa = new RSAManaged();
rsa.ImportParameters(rSA.ExportParameters(false));
if (PKCS1.Verify_v15(rsa, hash, hashValue, buffer, true))
{
this.timestampChain.LoadCertificates(this.coll);
return(this.timestampChain.Build(current));
}
}
}
}
finally
{
if (enumerator2 is IDisposable disposable2)
{
disposable2.Dispose();
}
}
}
}
return(false);
}
