Exemple #1
0
 protected CryptoBase()
 {
     //
     // TODO: 在此加入建構函式的程式碼
     //
     try
     {
         if (!String.IsNullOrEmpty(Settings.Default.PKCS7LogType))
         {
             Type type = Type.GetType(Settings.Default.PKCS7LogType);
             if (type.IsSubclassOf(typeof(dsPKCS7)))
             {
                 _ds = (dsPKCS7)type.Assembly.CreateInstance(type.FullName);
             }
         }
     }
     finally
     {
         if (_ds == null)
         {
             _ds = new dsPKCS7();
         }
         _log = _ds.pkcs7Envelop.Newpkcs7EnvelopRow();
         _ds.pkcs7Envelop.Addpkcs7EnvelopRow(_log);
     }
 }
Exemple #2
0
        private bool verify(byte[] dataToSign, byte[] dataSignature)
        {
            #region 建立驗簽記錄檔
            _log = _ds.pkcs7Envelop.Newpkcs7EnvelopRow();
            _ds.pkcs7Envelop.Addpkcs7EnvelopRow(_log);

            _log.DataToSign    = System.Text.Encoding.Default.GetString(dataToSign);
            _log.DataSignature = Convert.ToBase64String(dataSignature);
            _log.ActionTime    = DateTime.Now;

            #endregion
            bool        result      = false;
            ContentInfo contentInfo = new ContentInfo(dataToSign);

            // Create a new, detached SignedCms message.

            SignedCms signedCms = new SignedCms(contentInfo, true);

            //解密文
            signedCms.Decode(dataSignature);
            // 驗證資料完整性
            signedCms.CheckHash();

            //取得密文中的第一張憑證
            _cert = signedCms.Certificates[0];
            X509Certificate2 cert2 = new X509Certificate2(_cert);

            _log.Issuer    = cert2.Issuer;
            _log.NotAfter  = cert2.NotAfter.ToString();
            _log.NotBefore = cert2.NotBefore.ToString();
            _log.Subject   = cert2.Subject;
            _log.UniqueID  = cert2.SerialNumber;

            IntPtr pCertCtx = IntPtr.Zero;
            pCertCtx = Win32.Win32.CertCreateCertificateContext(MY_ENCODING_TYPE, _cert.GetRawCertData(), _cert.GetRawCertData().Length);

            #region 驗簽

            try
            {
                signedCms.CheckSignature(true);
                #region 檢查憑證是否被信任

                if (isCertTrusted())
                {
                    #region 檢查憑證是否已撤銷
                    if (isCertNotRevoked(pCertCtx, getCertCRLUrl(cert2)))
                    {
                        #region 檢查憑證是否過期
                        if (cert2.NotAfter >= DateTime.Now)
                        {
                            result = true;
                        }
                        else
                        {
                            _log.Message = "憑證已過期!";
                        }

                        #endregion
                    }
                    else
                    {
                        _log.Message = "憑證已撤銷!";
                    }

                    #endregion
                }
                else
                {
                    _log.Message = "憑證是由未被信任的發證單位所發出!";
                }


                #endregion
            }
            catch (Exception ex)
            {
                Logger.Error(ex);
                _log.Message = "簽章驗證失敗:" + ex.Message;
            }

            #endregion

            if (pCertCtx != IntPtr.Zero)
            {
                Win32.Win32.CertFreeCertificateContext(pCertCtx);
            }

            if (result)
            {
                Logger.Info(_ds);
            }
            else
            {
                Logger.Warn(_ds);
            }

            return(result);
        }