/// <exception cref="System.IO.IOException"></exception> protected internal override SignerInformation ExtendCMSSignature(CmsSignedData signedData , SignerInformation si, SignatureParameters parameters, Document originalData) { if (this.signatureTsa == null) { throw new ConfigurationException(ConfigurationException.MSG.CONFIGURE_TSP_SERVER); } LOG.Info("Extend signature with id " + si.SignerID); BcCms.AttributeTable unsigned = si.UnsignedAttributes; //IDictionary<DerObjectIdentifier, Attribute> unsignedAttrHash = null; IDictionary unsignedAttrHash = null; if (unsigned == null) { unsignedAttrHash = new Dictionary<DerObjectIdentifier, Attribute>(); } else { unsignedAttrHash = si.UnsignedAttributes.ToDictionary(); } //TODO jbonilla - ¿Qué ocurre si ya es CAdES-T? No se debería volver a extender. Attribute signatureTimeStamp = GetTimeStampAttribute(PkcsObjectIdentifiers.IdAASignatureTimeStampToken , this.signatureTsa, digestAlgorithm, si.GetSignature()); //unsignedAttrHash.Put(PkcsObjectIdentifiers.IdAASignatureTimeStampToken, signatureTimeStamp); unsignedAttrHash.Add(PkcsObjectIdentifiers.IdAASignatureTimeStampToken, signatureTimeStamp); SignerInformation newsi = SignerInformation.ReplaceUnsignedAttributes(si, new BcCms.AttributeTable (unsignedAttrHash)); return newsi; }
//internal override IDictionary<DerObjectIdentifier, Asn1Encodable> GetSignedAttributes internal override IDictionary GetSignedAttributes (SignatureParameters parameters) { try { //IDictionary<DerObjectIdentifier, Asn1Encodable> signedAttrs = base.GetSignedAttributes(parameters); IDictionary signedAttrs = base.GetSignedAttributes(parameters); Attribute policy = null; SignaturePolicyIdentifier sigPolicy = null; switch (parameters.SignaturePolicy) { case SignaturePolicy.EXPLICIT: { sigPolicy = new SignaturePolicyIdentifier(new SignaturePolicyId(new DerObjectIdentifier (parameters.SignaturePolicyID), new OtherHashAlgAndValue(new AlgorithmIdentifier (DigestAlgorithm.GetByName(parameters.SignaturePolicyHashAlgo).GetOid()), new DerOctetString(parameters.SignaturePolicyHashValue)))); policy = new Attribute(PkcsObjectIdentifiers.IdAAEtsSigPolicyID, new DerSet(sigPolicy )); signedAttrs.Add(PkcsObjectIdentifiers.IdAAEtsSigPolicyID, policy); break; } case SignaturePolicy.IMPLICIT: { sigPolicy = new SignaturePolicyIdentifier(); //sigPolicy.IsSignaturePolicyImplied(); TODO jbonilla - validar policy = new Attribute(PkcsObjectIdentifiers.IdAAEtsSigPolicyID, new DerSet(sigPolicy )); signedAttrs.Add(PkcsObjectIdentifiers.IdAAEtsSigPolicyID, policy); break; } case SignaturePolicy.NO_POLICY: { break; } } return signedAttrs; } catch (NoSuchAlgorithmException ex) { throw new ProfileException(ex.Message); } }
/// <exception cref="System.IO.IOException"></exception> public virtual Document ExtendSignatures(Document document, Document originalData , SignatureParameters parameters) { try { CmsSignedData signedData = new CmsSignedData(document.OpenStream()); SignerInformationStore signerStore = signedData.GetSignerInfos(); AList<SignerInformation> siArray = new AList<SignerInformation>(); foreach (SignerInformation si in signerStore.GetSigners()) { try { //jbonilla - Hack para evitar errores cuando una firma ya ha sido extendida. //Se asume que sólo se extiende las firmas desde BES. //TODO jbonilla - Se debería validar hasta qué punto se extendió (BES, T, C, X, XL). if(si.UnsignedAttributes.Count == 0) { siArray.AddItem(ExtendCMSSignature(signedData, si, parameters, originalData)); } else { LOG.Error("Already extended?"); siArray.AddItem(si); } } catch (IOException) { LOG.Error("Exception when extending signature"); siArray.AddItem(si); } } SignerInformationStore newSignerStore = new SignerInformationStore(siArray); CmsSignedData extended = CmsSignedData.ReplaceSigners(signedData, newSignerStore); return new InMemoryDocument(extended.GetEncoded()); } catch (CmsException) { throw new IOException("Cannot parse CMS data"); } }
/// <exception cref="System.IO.IOException"></exception> public virtual Document ExtendSignatures(Document document, Document originalData , SignatureParameters parameters) { InputStream input = document.OpenStream(); if (this.tspSource == null) { throw new ConfigurationException(ConfigurationException.MSG.CONFIGURE_TSP_SERVER); } try { throw new NotImplementedException(); } finally { if (input != null) { input.Close(); } } }
/// <exception cref="System.IO.IOException"></exception> public virtual Document ExtendSignature(object signatureId, Document document, Document originalData, SignatureParameters parameters) { if (this.tspSource == null) { throw new ConfigurationException(ConfigurationException.MSG.CONFIGURE_TSP_SERVER); } XmlDocument envelopedSignatureXmlDocument; XmlDocument xadesDocument; XmlElement signature; XadesSignedXml xadesSignedXml; xadesDocument = XmlUtils.ToXmlDocument(document); xadesDocument.PreserveWhitespace = true; xadesDocument.Load(document.OpenStream()); xadesSignedXml = new XadesSignedXml(xadesDocument.DocumentElement); //Needed if it is a enveloped signature document signature = xadesSignedXml.GetIdElement(xadesDocument, (string)signatureId); xadesSignedXml.LoadXml(signature); ExtendSignatureTag(xadesSignedXml); envelopedSignatureXmlDocument = XmlUtils.ToXmlDocument(originalData); return XmlUtils.ToDocument(envelopedSignatureXmlDocument, xadesSignedXml); }
/// <exception cref="System.IO.IOException"></exception> protected internal override SignerInformation ExtendCMSSignature(CmsSignedData signedData , SignerInformation si, SignatureParameters parameters, Document originalData) { si = base.ExtendCMSSignature(signedData, si, parameters, originalData); //IDictionary<DerObjectIdentifier, Asn1Encodable> unsignedAttrs = si.UnsignedAttributes.ToDictionary(); IDictionary unsignedAttrs = si.UnsignedAttributes.ToDictionary(); CAdESSignature signature = new CAdESSignature(signedData, si.SignerID); DateTime signingTime = signature.GetSigningTime().Value; if (signingTime == null) { signingTime = parameters.SigningDate; } if (signingTime == null) { signingTime = DateTime.Now; } unsignedAttrs = ExtendUnsignedAttributes(unsignedAttrs, signature.GetSigningCertificate (), signingTime, signature.GetCertificateSource()); SignerInformation newsi = SignerInformation.ReplaceUnsignedAttributes(si, new BcCms.AttributeTable (unsignedAttrs)); return newsi; }
/// <param name="signedData"></param> /// <returns></returns> public virtual CmsSignedData ExtendCMSSignedData(CmsSignedData signedData, Document originalData, SignatureParameters parameters) { SignerInformationStore signerStore = signedData.GetSignerInfos(); AList<SignerInformation> siArray = new AList<SignerInformation>(); //Iterator<SignerInformation> infos = signerStore.GetSigners().Iterator(); IEnumerator infos = signerStore.GetSigners().GetEnumerator(); while (infos.MoveNext()) { SignerInformation si = (SignerInformation)infos.Current; try { siArray.AddItem(ExtendCMSSignature(signedData, si, parameters, originalData)); } catch (IOException) { LOG.Error("Exception when extending signature"); siArray.AddItem(si); } } SignerInformationStore newSignerStore = new SignerInformationStore(siArray); return CmsSignedData.ReplaceSigners(signedData, newSignerStore); }
/// <exception cref="System.IO.IOException"></exception> protected internal abstract SignerInformation ExtendCMSSignature(CmsSignedData signedData , SignerInformation si, SignatureParameters parameters, Document originalData);
/// <exception cref="System.IO.IOException"></exception> public virtual Document ExtendSignature(object signatureId, Document document, Document originalData, SignatureParameters parameters) { SignerID toExtendId = (SignerID)signatureId; try { CmsSignedData signedData = new CmsSignedData(document.OpenStream()); SignerInformationStore signerStore = signedData.GetSignerInfos(); AList<SignerInformation> siArray = new AList<SignerInformation>(); //Iterator<object> infos = signerStore.GetSigners().Iterator(); IEnumerator infos = signerStore.GetSigners().GetEnumerator(); while (infos.MoveNext()) { SignerInformation si = (SignerInformation)infos.Current; if (si.SignerID.Equals(toExtendId)) { try { siArray.AddItem(ExtendCMSSignature(signedData, si, parameters, originalData)); } catch (IOException) { LOG.Error("Exception when extending signature"); siArray.AddItem(si); } } } SignerInformationStore newSignerStore = new SignerInformationStore(siArray); CmsSignedData extended = CmsSignedData.ReplaceSigners(signedData, newSignerStore); return new InMemoryDocument(extended.GetEncoded()); } catch (CmsException) { throw new IOException("Cannot parse CMS data"); } }
protected abstract Document SignDocumentInternal(Document document, SignatureParameters parameters, DigestSigner signer);
public Document SignDocument(Document document, SignatureParameters parameters, DigestSigner signer) { return(SignDocumentInternal(document, parameters, signer)); }
public Document SignDocument(Document document, SignatureParameters parameters, IDssPrivateKeyEntry privateKey) { return(SignDocumentInternal(document, parameters, (bytes) => privateKey.Encrypt(bytes))); }
/// <exception cref="System.IO.IOException"></exception> protected internal override SignerInformation ExtendCMSSignature(CmsSignedData signedData , SignerInformation si, SignatureParameters parameters, Document originalData) { si = base.ExtendCMSSignature(signedData, si, parameters, originalData); DerObjectIdentifier attributeId = null; ByteArrayOutputStream toTimestamp = new ByteArrayOutputStream(); switch (GetExtendedValidationType()) { case 1: { attributeId = PkcsObjectIdentifiers.IdAAEtsEscTimeStamp; toTimestamp.Write(si.GetSignature()); // We don't include the outer SEQUENCE, only the attrType and attrValues as stated by the TS §6.3.5, // NOTE 2) toTimestamp.Write(si.UnsignedAttributes[PkcsObjectIdentifiers.IdAASignatureTimeStampToken] .AttrType.GetDerEncoded()); toTimestamp.Write(si.UnsignedAttributes[PkcsObjectIdentifiers.IdAASignatureTimeStampToken] .AttrValues.GetDerEncoded()); break; } case 2: { attributeId = PkcsObjectIdentifiers.IdAAEtsCertCrlTimestamp; break; } default: { throw new InvalidOperationException("CAdES-X Profile: Extended validation is set but no valid type (1 or 2)" ); } } toTimestamp.Write(si.UnsignedAttributes[PkcsObjectIdentifiers.IdAAEtsCertificateRefs] .AttrType.GetDerEncoded()); toTimestamp.Write(si.UnsignedAttributes[PkcsObjectIdentifiers.IdAAEtsCertificateRefs] .AttrValues.GetDerEncoded()); toTimestamp.Write(si.UnsignedAttributes[PkcsObjectIdentifiers.IdAAEtsRevocationRefs] .AttrType.GetDerEncoded()); toTimestamp.Write(si.UnsignedAttributes[PkcsObjectIdentifiers.IdAAEtsRevocationRefs] .AttrValues.GetDerEncoded()); //IDictionary<DerObjectIdentifier, Attribute> unsignedAttrHash = si.UnsignedAttributes.ToDictionary(); IDictionary unsignedAttrHash = si.UnsignedAttributes.ToDictionary(); BcCms.Attribute extendedTimeStamp = GetTimeStampAttribute(attributeId, GetSignatureTsa( ), digestAlgorithm, toTimestamp.ToByteArray()); //unsignedAttrHash.Put(attributeId, extendedTimeStamp); unsignedAttrHash.Add(attributeId, extendedTimeStamp); return SignerInformation.ReplaceUnsignedAttributes(si, new BcCms.AttributeTable(unsignedAttrHash )); }