private static FirmaDigitale.FirmaDigitalePortTypeClient createClient(string endPoindAddress)
{
#region WCFRuntimeSettings
var binding = new CustomBinding();
binding.Name = "FirmaDigitalePortTypeEndpoint2BindingMIO";
XmlDictionaryReaderQuotas readquota = new XmlDictionaryReaderQuotas
{
MaxStringContentLength = 100000000,
MaxArrayLength = 100000000,
MaxBytesPerRead = 524288
};
MtomMessageEncodingBindingElement mtomEconding = new MtomMessageEncodingBindingElement
{
MaxReadPoolSize = 640,
MaxWritePoolSize = 160,
MessageVersion = MessageVersion.Soap12,
MaxBufferSize = 2147483647,
};
mtomEconding.ReaderQuotas.MaxArrayLength = 100000000;
mtomEconding.ReaderQuotas.MaxBytesPerRead = 524288;
mtomEconding.ReaderQuotas.MaxStringContentLength = 5242880;
HttpsTransportBindingElement httpsTransposport = new HttpsTransportBindingElement
{
ManualAddressing = false,
MaxBufferPoolSize = 524288,
MaxBufferSize = 2147483647,
MaxReceivedMessageSize = 2147483647,
AllowCookies = false,
AuthenticationScheme = System.Net.AuthenticationSchemes.Anonymous,
BypassProxyOnLocal = false,
HostNameComparisonMode = System.ServiceModel.HostNameComparisonMode.StrongWildcard,
KeepAliveEnabled = true,
ProxyAuthenticationScheme = System.Net.AuthenticationSchemes.Anonymous,
Realm = "",
TransferMode = System.ServiceModel.TransferMode.Streamed,
UnsafeConnectionNtlmAuthentication = false,
UseDefaultWebProxy = false,
RequireClientCertificate = true
};
binding.Elements.Add(mtomEconding);
binding.Elements.Add(httpsTransposport);
EndpointAddress epAddre = new EndpointAddress(endPoindAddress);
ContractDescription cd = new ContractDescription("FirmaDigitale.FirmaDigitalePortType");
FirmaDigitale.FirmaDigitalePortTypeClient channel = new FirmaDigitale.FirmaDigitalePortTypeClient(binding, epAddre);
string certFindData = "client.firma.s.pitre";
channel.ClientCredentials.ClientCertificate.SetCertificate(System.Security.Cryptography.X509Certificates.StoreLocation.LocalMachine, System.Security.Cryptography.X509Certificates.StoreName.My, System.Security.Cryptography.X509Certificates.X509FindType.FindBySubjectName, certFindData);
channel.Endpoint.Behaviors.Add(new MaxFaultSizeBehavior(2147483647));
return(channel);
}
private void OpenWcfChannel()
{
string serviceUrl = ConfigurationManager.AppSettings["SERVICE_URL"];
if (client == null)
{
logger.Debug("Il canale è null, apro un nuovo canale di comunicazione");
client = Verifica.createClient(serviceUrl);
}
if (client.State != System.ServiceModel.CommunicationState.Opened)
{
logger.Debug("Il canale è chiuso, lo apro nuovamente");
client = Verifica.createClient(serviceUrl);
}
}
public EsitoVerifica VerificaByteEVCompleta(byte[] fileContents, DateTime?dataverificaDT, FirmaDigitale.FirmaDigitalePortTypeClient client)
{
logger.Debug("INIZIO");
logger.Debug("VERIFICA FIRMA COMPLETA");
string verbosesgb = ConfigurationManager.AppSettings["VERBOSEDEBUG"];
bool verboseDebug = false;
Boolean.TryParse(verbosesgb, out verboseDebug);
EsitoVerifica ev = new EsitoVerifica();
FirmaDigitale.DettaglioFirmaDigitaleType ret = null;
string dataVerificaString = string.Empty;
try
{
if (dataverificaDT != null)
{
dataVerificaString = zeniDateConverter(dataverificaDT);
}
else
{
dataVerificaString = null;
}
System.Net.ServicePointManager.SecurityProtocol = System.Net.SecurityProtocolType.Tls | System.Net.SecurityProtocolType.Ssl3;
}
catch (Exception ex)
{
string inner = string.Empty;
ev.status = EsitoVerificaStatus.ErroreGenerico;
if (ex.InnerException != null)
{
inner = ex.InnerException.Message;
}
ev.message = string.Format("{0},{1} INNER {2} ", ex.Message, ex.StackTrace, inner);
return(ev);
}
try
{
sbyte?controlloFirmeAnnidate = 1;
logger.Debug("Data Verifica: " + dataVerificaString + " (" + dataverificaDT.ToString() + ")");
FirmaDigitale.DocumentoType doc = new FirmaDigitale.DocumentoType();
ret = client.VerificaFirmaCompleta(fileContents, dataVerificaString, controlloFirmeAnnidate, out doc);
ev.status = EsitoVerificaStatus.Valid;
if (ret != null)
{
ev.VerifySignatureResult = ConvertToVerifySignatureResult(ev.status, ret);
}
;
if (verboseDebug)
{
logger.Info(Utils.SerializeObject <EsitoVerifica>(ev));
}
logger.Debug("Firma OK");
return(ev);
}
catch (FaultException <FirmaDigitale.FaultType> f)
{
ev.status = EsitoVerificaStatus.ErroreGenerico;
ev.message = f.Detail.userMessage;
ev.errorCode = f.Detail.errorCode;
logger.Error("errore in verifica firma completa:" + ev.message);
if (logger.IsInfoEnabled)
{
logger.Info(Utils.SerializeObject <EsitoVerifica>(ev));
}
return(ev);
}
catch (FaultException <FirmaDigitale.WarningResponseType> w)
{
List <string> lstW = new List <string>();
foreach (FirmaDigitale.WarningType s in w.Detail.WarningFault)
{
lstW.Add(Utils.SerializeObject <FirmaDigitale.WarningType>(s));
ev.message = s.errorMsg;
ev.errorCode = s.errorCode;
ev.SubjectDN = s.SubjectDN;
ev.SubjectCN = s.SubjectCN;
ev.status = EsitoVerificaStatus.ErroreGenerico;
if (s.errorCode == "1426")
{
ev.status = EsitoVerificaStatus.CtlNotTimeValid;
}
if (s.errorCode == "1468")
{
ev.status = EsitoVerificaStatus.SHA1NonSupportato;
}
if (s.errorCode == "1407") // check
{
ev.status = EsitoVerificaStatus.NotTimeValid;
}
if (s.errorCode == "1408") // check
{
ev.status = EsitoVerificaStatus.Revoked;
foreach (FirmaDigitale.FirmatarioType ft in w.Detail.DettaglioFirmaDigitale.datiFirmatari)
{
if (ft.firmatario.dataRevocaCertificato != DateTime.MinValue)
{
ev.dataRevocaCertificato = ft.firmatario.dataRevocaCertificato;
}
}
}
}
//TEST!!!!
FirmaDigitale.DettaglioFirmaDigitaleType d = w.Detail.DettaglioFirmaDigitale;
if (w.Detail.Documento != null)
{
ev.content = w.Detail.Documento.fileOriginale;
}
ev.VerifySignatureResult = ConvertToVerifySignatureResult(ev.status, d);;
ev.additionalData = lstW.ToArray();
logger.Debug("Firma verificata con warning");
if (logger.IsInfoEnabled)
{
logger.Info(Utils.SerializeObject <EsitoVerifica>(ev));
}
return(ev);
}
catch (Exception ex)
{
ev.status = EsitoVerificaStatus.ErroreGenerico;
ev.message = string.Format("{0},{1}", ex.Message, ex.StackTrace);
logger.Error(ev.message);
if (logger.IsInfoEnabled)
{
logger.Info(Utils.SerializeObject <EsitoVerifica>(ev));
}
return(ev);
}
}
public EsitoVerifica VerificaByteEV(byte[] fileContents, string endPoint, Object[] args)
{
EsitoVerifica ev = new EsitoVerifica();
string dataVerificaString = string.Empty;
DateTime?dataverificaDT;
if (args.Length > 0)
{
dataverificaDT = args[0] as DateTime?;
if (dataverificaDT == null)
{
dataVerificaString = args[0] as string;
if (dataVerificaString == null)
{
ev.status = EsitoVerificaStatus.ErroreGenerico;
return(ev);
}
}
else
{
dataVerificaString = zeniDateConverter(dataverificaDT);
}
}
System.Net.ServicePointManager.SecurityProtocol = System.Net.SecurityProtocolType.Ssl3;
FirmaDigitale.FirmaDigitalePortTypeClient client = createClient(endPoint);
FirmaDigitale.DocumentoType doc = new FirmaDigitale.DocumentoType();
FirmaDigitale.DettaglioFirmaDigitaleType ret = null;
try
{
sbyte?arg1 = 0;
sbyte?arg2 = 0;
sbyte?arg3 = 1;
ret = client.VerificaFirma(fileContents, arg1, arg2, dataVerificaString, arg3, out doc);
ev.status = EsitoVerificaStatus.Valid;
ev.content = doc.fileOriginale;
if (ret != null)
{
ev.VerifySignatureResult = ConvertToVerifySignatureResult(ev.status, ret);
}
;
return(ev);
}
catch (FaultException <FirmaDigitale.FaultType> f)
{
ev.status = EsitoVerificaStatus.ErroreGenerico;
ev.message = f.Detail.userMessage;
ev.errorCode = f.Detail.errorCode;
return(ev);
}
catch (FaultException <FirmaDigitale.WarningResponseType> w)
{
List <string> lstW = new List <string> ();
foreach (FirmaDigitale.WarningType s in w.Detail.WarinigFault)
{
lstW.Add(Utils.SerializeObject <FirmaDigitale.WarningType>(s));
ev.message = s.errorMsg;
ev.errorCode = s.errorCode;
ev.SubjectDN = s.SubjectDN;
ev.SubjectCN = s.SubjectCN;
ev.status = EsitoVerificaStatus.ErroreGenerico;
if (s.errorCode == "1468")
{
ev.status = EsitoVerificaStatus.SHA1NonSupportato;
}
if (s.errorCode == "1407") // check
{
ev.status = EsitoVerificaStatus.NotTimeValid;
}
if (s.errorCode == "1408") // check
{
ev.status = EsitoVerificaStatus.Revoked;
foreach (FirmaDigitale.FirmatarioType ft in w.Detail.DettaglioFirmaDigitale.datiFirmatari)
{
if (ft.firmatario.dataRevocaCertificato != DateTime.MinValue)
{
ev.dataRevocaCertificato = ft.firmatario.dataRevocaCertificato;
}
}
}
}
//TEST!!!!
FirmaDigitale.DettaglioFirmaDigitaleType d = w.Detail.DettaglioFirmaDigitale;
ev.content = w.Detail.Documento.fileOriginale;
ev.VerifySignatureResult = ConvertToVerifySignatureResult(ev.status, d);;
ev.additionalData = lstW.ToArray();
return(ev);
}
}
public EsitoVerifica VerificaCertificato(byte[] certificateDER, byte[] certificateCAPEM, FirmaDigitale.FirmaDigitalePortTypeClient client)
{
logger.Debug("INIZIO");
List <string> addiData = new List <string>();
EsitoVerifica ev = new EsitoVerifica();
// FirmaDigitale.DettaglioFirmaDigitaleType ret = null;
CertificateInfo ciInfo = new CertificateInfo();
sbyte? controlloCRLCert = 0;
sbyte? controlloCRLCa = 1;
ciInfo.X509Certificate = certificateDER;
ciInfo.ThumbPrint = BitConverter.ToString(System.Security.Cryptography.SHA1.Create().ComputeHash(certificateDER)).Replace("-", "");
controlloCRLCert = null;
int statusInt = -1;
System.Net.ServicePointManager.SecurityProtocol = System.Net.SecurityProtocolType.Tls | System.Net.SecurityProtocolType.Ssl3;
DateTime dataverifica;
try
{
logger.DebugFormat("len {0}", certificateDER.Length);
FirmaDigitale.CertificatoType certOut = client.VerificaCertificato(certificateDER, certificateCAPEM, controlloCRLCert, controlloCRLCa, out dataverifica);
logger.Debug("verificaOK");
ciInfo = convertFromCertificatoType(certOut);
statusInt = 0;
}
catch (FaultException <FirmaDigitale.WarningCertificatoType> w)
{
string status = w.Detail.status;
string errMsg = w.Detail.errorMsg;
logger.Debug(status);
logger.Debug(errMsg);
addiData.Add(status);
addiData.Add(errMsg);
ciInfo = convertFromWarningCertificatoType(w.Detail);
Int32.TryParse(w.Detail.status, out statusInt);
ciInfo.RevocationStatus = statusInt;
ev.errorCode = w.Detail.status.ToString();
if (errMsg.ToLower().Contains("revoc"))
{
ev.status = EsitoVerificaStatus.Revoked;
}
else
{
ev.status = EsitoVerificaStatus.NotTimeValid;
}
}
catch (Exception e)
{
logger.ErrorFormat("errore {0} {1}", e.Message, e.StackTrace);
ev.message = e.Message;
}
// ciInfo.ThumbPrint = BitConverter.ToString(System.Security.Cryptography.SHA1.Create().ComputeHash(certificateDER)).Replace("-", "");
ev.additionalData = addiData.ToArray();
//quarda che devo fare per restituire il certificateinfo
List <SignerInfo> retSI = new List <SignerInfo>();
List <PKCS7Document> p7doc = new List <PKCS7Document>();
retSI.Add(new SignerInfo {
CertificateInfo = ciInfo
});
p7doc.Add(new PKCS7Document {
SignersInfo = retSI.ToArray()
});
ev.VerifySignatureResult = new VerifySignatureResult {
StatusCode = statusInt, PKCS7Documents = p7doc.ToArray()
};
return(ev);
}