Esempio n. 1
0
        static void PrintSignaturesInfo(string in_docpath)
        {
            Console.Out.WriteLine("================================================================================");
            Console.Out.WriteLine("Reading and printing digital signature information");

            using (PDFDoc doc = new PDFDoc(in_docpath))
            {
                if (!doc.HasSignatures())
                {
                    Console.Out.WriteLine("Doc has no signatures.");
                    Console.Out.WriteLine("================================================================================");
                    return;
                }
                else
                {
                    Console.Out.WriteLine("Doc has signatures.");
                }


                for (FieldIterator fitr = doc.GetFieldIterator(); fitr.HasNext(); fitr.Next())
                {
                    if (fitr.Current().IsLockedByDigitalSignature())
                    {
                        Console.Out.WriteLine("==========\nField locked by a digital signature");
                    }
                    else
                    {
                        Console.Out.WriteLine("==========\nField not locked by a digital signature");
                    }

                    Console.Out.WriteLine("Field name: " + fitr.Current().GetName());
                    Console.Out.WriteLine("==========");
                }

                Console.Out.WriteLine("====================\nNow iterating over digital signatures only.\n====================");

                DigitalSignatureFieldIterator digsig_fitr = doc.GetDigitalSignatureFieldIterator();
                for (; digsig_fitr.HasNext(); digsig_fitr.Next())
                {
                    Console.Out.WriteLine("==========");
                    Console.Out.WriteLine("Field name of digital signature: " + new Field(digsig_fitr.Current().GetSDFObj()).GetName());

                    DigitalSignatureField digsigfield = digsig_fitr.Current();
                    if (!digsigfield.HasCryptographicSignature())
                    {
                        Console.Out.WriteLine("Either digital signature field lacks a digital signature dictionary, " +
                                              "or digital signature dictionary lacks a cryptographic hash entry. " +
                                              "Digital signature field is not presently considered signed.\n" +
                                              "==========");
                        continue;
                    }

                    int cert_count = digsigfield.GetCertCount();
                    Console.Out.WriteLine("Cert count: " + cert_count);
                    for (int i = 0; i < cert_count; ++i)
                    {
                        byte[] cert = digsigfield.GetCert(i);
                        Console.Out.WriteLine("Cert #" + i + " size: " + cert.Length);
                    }

                    DigitalSignatureField.SubFilterType subfilter = digsigfield.GetSubFilter();

                    Console.Out.WriteLine("Subfilter type: " + (int)subfilter);

                    if (subfilter != DigitalSignatureField.SubFilterType.e_ETSI_RFC3161)
                    {
                        Console.Out.WriteLine("Signature's signer: " + digsigfield.GetSignatureName());

                        Date signing_time = digsigfield.GetSigningTime();
                        if (signing_time.IsValid())
                        {
                            Console.Out.WriteLine("Signing day: " + (int)signing_time.day);
                        }

                        Console.Out.WriteLine("Location: " + digsigfield.GetLocation());
                        Console.Out.WriteLine("Reason: " + digsigfield.GetReason());
                        Console.Out.WriteLine("Contact info: " + digsigfield.GetContactInfo());
                    }
                    else
                    {
                        Console.Out.WriteLine("SubFilter == e_ETSI_RFC3161 (DocTimeStamp; no signing info)\n");
                    }

                    Console.Out.WriteLine(((digsigfield.HasVisibleAppearance()) ? "Visible" : "Not visible"));

                    DigitalSignatureField.DocumentPermissions digsig_doc_perms = digsigfield.GetDocumentPermissions();
                    string[] locked_fields = digsigfield.GetLockedFields();
                    foreach (string field_name in locked_fields)
                    {
                        Console.Out.WriteLine("This digital signature locks a field named: " + field_name);
                    }

                    switch (digsig_doc_perms)
                    {
                    case DigitalSignatureField.DocumentPermissions.e_no_changes_allowed:
                        Console.Out.WriteLine("No changes to the document can be made without invalidating this digital signature.");
                        break;

                    case DigitalSignatureField.DocumentPermissions.e_formfilling_signing_allowed:
                        Console.Out.WriteLine("Page template instantiation, form filling, and signing digital signatures are allowed without invalidating this digital signature.");
                        break;

                    case DigitalSignatureField.DocumentPermissions.e_annotating_formfilling_signing_allowed:
                        Console.Out.WriteLine("Annotating, page template instantiation, form filling, and signing digital signatures are allowed without invalidating this digital signature.");
                        break;

                    case DigitalSignatureField.DocumentPermissions.e_unrestricted:
                        Console.Out.WriteLine("Document not restricted by this digital signature.");
                        break;

                    default:
                        throw new Exception("Unrecognized digital signature document permission level.");
                    }
                    Console.Out.WriteLine("==========");
                }
            }

            Console.Out.WriteLine("================================================================================");
        }
Esempio n. 2
0
        public void AdhocTest()
        {
            PDFDoc doc = new PDFDoc(GetTestPdf(SamplePdf));

            // Ad-hoc field added for signing the PDF
            var signatureField = doc.FieldCreate("sample-field-name", Field.Type.e_signature, "signer name");

            signatureField.SetValue("Signature Name");

            var digitalSignatureField = new DigitalSignatureField(signatureField);

            // Before the rest of the lines or else it fails due to dictionary being empty
            digitalSignatureField.SignOnNextSave(GetCertificatePath("pdf-signing.pfx"), CertPassword);

            digitalSignatureField.SetReason("reason");
            digitalSignatureField.SetContactInfo("*****@*****.**");
            digitalSignatureField.SetLocation("location");
            digitalSignatureField.SetFieldPermissions(DigitalSignatureField.FieldPermissions.e_include, new string[0]);
            digitalSignatureField.SetDocumentPermissions(DigitalSignatureField.DocumentPermissions
                                                         .e_formfilling_signing_allowed);

            // Save file
            var temporaryFile = Path.GetTempFileName();

            doc.Save(temporaryFile, pdftron.SDF.SDFDoc.SaveOptions.e_incremental);

            // VALIDATE
            var result = new PDFDoc(temporaryFile);

            var verificationOptions = new VerificationOptions(VerificationOptions.SignatureVerificationSecurityLevel
                                                              .e_compatibility_and_archiving);
            // Using filepath/password directly makes it fail on adding trusted cert
            // THIS ONE FAILS:
            // verificationOptions.AddTrustedCertificate(GetCertificatePath("pdf-signing.crt"));
            var x509 = new X509Certificate(GetCertificatePath("pdf-signing.pfx"), CertPassword);

            verificationOptions.AddTrustedCertificate(x509.GetRawCertData());

            DigitalSignatureFieldIterator signatureFieldIterator = result.GetDigitalSignatureFieldIterator();

            for (; signatureFieldIterator.HasNext(); signatureFieldIterator.Next())
            {
                var dsField            = signatureFieldIterator.Current();
                var verificationResult = dsField.Verify(verificationOptions);

                var status    = verificationResult.GetTrustStatus();
                var certCount = dsField.GetCertCount();

                Console.WriteLine($"Verification status {status}");
                Console.WriteLine($"Digest status {verificationResult.GetDigestStatus()}");
                Console.WriteLine($"Digest document status {verificationResult.GetDocumentStatus()}");
                Console.WriteLine($"Verification status {verificationResult.GetVerificationStatus()}");

                Console.WriteLine($"Cert count: {certCount}");
                Console.WriteLine($"Signature Name{dsField.GetSignatureName()}");

                var sigTime = dsField.GetSigningTime();
                Console.WriteLine($"Signing Time: {sigTime.day}/{sigTime.month}/{sigTime.year} {sigTime.hour}:{sigTime.minute}.{sigTime.second}");

                Assert.True(status != VerificationResult.TrustStatus.e_untrusted, "Unexpected status e_untrusted");
                Assert.True(certCount > 0, "DigitalSignatureField should have a certificate");
            }
        }