/// <summary>
/// Extend signature to publication.
/// </summary>
/// <param name="calendarHashChain">extended calendar hash chain</param>
/// <param name="publicationRecord">extended publication record</param>
/// <param name="signatureFactory">signature factory to be used when creating extended signature</param>
/// <returns>extended KSI signature</returns>
public IKsiSignature Extend(CalendarHashChain calendarHashChain, PublicationRecordInSignature publicationRecord, IKsiSignatureFactory signatureFactory = null)
{
Logger.Debug("Extending KSI signature.");
if (calendarHashChain == null)
{
throw new ArgumentNullException(nameof(calendarHashChain));
}
if (CalendarHashChain != null && !CalendarHashChain.AreRightLinksEqual(calendarHashChain))
{
throw new KsiException("Right links of signature calendar hash chain and extended calendar hash chain do not match");
}
if (publicationRecord == null)
{
publicationRecord = new PublicationRecordInSignature(false, false, calendarHashChain.PublicationData);
}
if (signatureFactory == null)
{
signatureFactory = new KsiSignatureFactory();
}
using (TlvWriter writer = new TlvWriter(new MemoryStream()))
{
foreach (ITlvTag childTag in this)
{
switch (childTag.Type)
{
case Constants.CalendarHashChain.TagType:
case Constants.CalendarAuthenticationRecord.TagType:
case Constants.PublicationRecord.TagTypeInSignature:
break;
default:
writer.WriteTag(childTag);
break;
}
}
writer.WriteTag(calendarHashChain);
writer.WriteTag(publicationRecord);
try
{
IKsiSignature signature = signatureFactory.CreateByContent(((MemoryStream)writer.BaseStream).ToArray(), InputHash);
Logger.Debug("Extending KSI signature successful.");
return(signature);
}
catch (TlvException e)
{
Logger.Warn("Extending KSI signature failed: {0}", e);
throw;
}
}
}
/// <summary>
/// Get publication record from KSI signature
/// </summary>
/// <param name="signature">KSI signature</param>
/// <returns>publication record</returns>
public static PublicationRecordInSignature GetPublicationRecord(IKsiSignature signature)
{
PublicationRecordInSignature publicationRecord = signature.PublicationRecord;
if (publicationRecord == null)
{
throw new KsiVerificationException("Publication record is missing from KSI signature.");
}
return(publicationRecord);
}
/// <see cref="VerificationRule.Verify" />
public override VerificationResult Verify(IVerificationContext context)
{
IPublicationsFile publicationsFile = GetPublicationsFile(context);
PublicationRecordInSignature publicationRecord = GetPublicationRecord(GetSignature(context));
ulong publicationTime = publicationRecord.PublicationData.PublicationTime;
PublicationRecordInPublicationFile publicationRecordInPublicationFile = GetNearestPublicationRecord(publicationsFile, publicationTime, true);
if (publicationRecordInPublicationFile == null || publicationRecordInPublicationFile.PublicationData.PublicationTime != publicationTime)
{
return(new VerificationResult(GetRuleName(), VerificationResultCode.Na, VerificationError.Gen02));
}
return(publicationRecordInPublicationFile.PublicationData.PublicationHash != publicationRecord.PublicationData.PublicationHash
? new VerificationResult(GetRuleName(), VerificationResultCode.Fail, VerificationError.Pub05)
: new VerificationResult(GetRuleName(), VerificationResultCode.Ok));
}
/// <summary>
/// Extend signature to publication.
/// </summary>
/// <param name="signature">KSI signature</param>
/// <param name="publicationRecord">publication</param>
/// <returns>extended KSI signature</returns>
public IKsiSignature Extend(IKsiSignature signature, PublicationRecordInSignature publicationRecord)
{
if (signature == null)
{
throw new ArgumentNullException(nameof(signature));
}
if (publicationRecord == null)
{
throw new ArgumentNullException(nameof(publicationRecord));
}
CalendarHashChain calendarHashChain = _ksiService.Extend(signature.AggregationTime, publicationRecord.PublicationData.PublicationTime);
return(signature.Extend(calendarHashChain, publicationRecord, _ksiSignatureFactoryForExtending));
}
public void PublicationDataContentTest()
{
IKsiSignature signature = TestUtil.GetSignature(Resources.KsiSignature_Ok_Extended);
PublicationRecordInSignature publicationRecord = signature.PublicationRecord;
string code = publicationRecord.PublicationData.GetPublicationString();
DateTime date = publicationRecord.PublicationData.GetPublicationDate();
Assert.AreEqual("AAAAAA-CWYEKQ-AAIYPA-UJ4GRT-HXMFBE-OTB4AB-XH3PT3-KNIKGV-PYCJXU-HL2TN4-RG6SCC-3ZGSBM", code, "Publication string is invalid.");
Assert.AreEqual(new DateTime(2016, 2, 15), date, "Publication date is invalid.");
Assert.AreEqual(new DataHash(Base16.Decode("011878289E1A333DD85091D30F001B9F6F9ED4D428D57E049BD0EBD4DBC89BD210")), publicationRecord.PublicationData.PublicationHash,
"Unexpected publication hash.");
Assert.AreEqual(3, publicationRecord.PublicationReferences.Count, "Invalid publication reference count.");
Assert.AreEqual("Financial Times, ISSN: 0307-1766, 2016-02-17", publicationRecord.PublicationReferences[0], "Invalid first publication reference.");
Assert.AreEqual("Äripäev, ISSN: 1406-2585, 17.02.2016", publicationRecord.PublicationReferences[1], "Invalid second publication reference.");
Assert.AreEqual("https://twitter.com/Guardtime/status/699919571084558336", publicationRecord.PublicationReferences[2], "Invalid third publication reference.");
}
public void TestKsiSignatureExtendWithPublicationRecordInSignature()
{
IKsiSignature signature = GetKsiSignatureFromFile(Resources.KsiSignature_Ok);
PublicationRecordInSignature publicationRecord = new PublicationRecordInSignature(false, false, new ITlvTag[]
{
new PublicationData(1455494400, new DataHash(Base16.Decode("011878289E1A333DD85091D30F001B9F6F9ED4D428D57E049BD0EBD4DBC89BD210"))),
new StringTag(Constants.PublicationRecord.PublicationRepositoryUriTagType, false, false, "Test uri (publication record in signature)")
});
IKsiSignature extendedSignature = signature.Extend(GetCalendarHashChain(), publicationRecord);
Assert.True(extendedSignature.IsExtended, "IsExtended should be true.");
Assert.AreEqual(1455494400, extendedSignature.PublicationRecord.PublicationData.PublicationTime, "Unexpected publication time");
VerificationResult result = new DefaultVerificationPolicy().Verify(extendedSignature, null, TestUtil.GetPublicationsFile());
Assert.AreEqual(VerificationResultCode.Ok, result.ResultCode, "Unexpected verification result code.");
Assert.AreEqual("Test uri (publication record in signature)", extendedSignature.PublicationRecord.RepositoryUri[0], "Unexpected repository uri.");
}
public void ToStringInSignatureTest()
{
PublicationRecord tag =
TestUtil.GetCompositeTag <PublicationRecordInSignature>(Constants.PublicationRecord.TagTypeInSignature,
new ITlvTag[]
{
TestUtil.GetCompositeTag <PublicationData>(Constants.PublicationData.TagType,
new ITlvTag[]
{
new IntegerTag(Constants.PublicationData.PublicationTimeTagType, false, false, 1),
new ImprintTag(Constants.PublicationData.PublicationHashTagType, false, false,
new DataHash(HashAlgorithm.Sha2256,
new byte[] { 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32 })),
}),
new StringTag(Constants.PublicationRecord.PublicationReferencesTagType, false, false, "Test publication reference 1"),
new StringTag(Constants.PublicationRecord.PublicationReferencesTagType, false, false, "Test publication reference 2"),
new StringTag(Constants.PublicationRecord.PublicationRepositoryUriTagType, false, false, "Test publication repository uri 1"),
new StringTag(Constants.PublicationRecord.PublicationRepositoryUriTagType, false, false, "Test publication repository uri 2"),
});
PublicationRecord tag2 = new PublicationRecordInSignature(new RawTag(tag.Type, tag.NonCritical, tag.Forward, tag.EncodeValue()));
Assert.AreEqual(tag.ToString(), tag2.ToString());
}
/// <summary>
/// Create KSI signature instance from tlv tags
/// </summary>
/// <param name="aggregationHashChains">Aggregation hash chain tlv elements</param>
/// <param name="calendarHashChain">Calendar hash chain tlv element</param>
/// <param name="calendarAuthenticationRecord">Calendar authentication record tlv element</param>
/// <param name="publicationRecord">Publication record tlv element</param>
/// <param name="rfc3161Record">RFC3161 record tlv element</param>
/// <param name="hash">Signed hash</param>
/// <returns></returns>
public IKsiSignature Create(ICollection <AggregationHashChain> aggregationHashChains, CalendarHashChain calendarHashChain,
CalendarAuthenticationRecord calendarAuthenticationRecord, PublicationRecordInSignature publicationRecord,
Rfc3161Record rfc3161Record, DataHash hash)
{
List <ITlvTag> childTags = new List <ITlvTag>();
if (rfc3161Record != null)
{
childTags.Add(rfc3161Record);
}
if (aggregationHashChains == null)
{
throw new ArgumentNullException(nameof(aggregationHashChains));
}
foreach (AggregationHashChain childTag in aggregationHashChains)
{
childTags.Add(childTag);
}
if (calendarHashChain != null)
{
childTags.Add(calendarHashChain);
}
if (publicationRecord != null)
{
childTags.Add(publicationRecord);
}
if (calendarAuthenticationRecord != null)
{
childTags.Add(calendarAuthenticationRecord);
}
return(CreateAndVerify(childTags.ToArray(), hash));
}
public IKsiSignature Extend(CalendarHashChain calendarHashChain, PublicationRecordInSignature publicationRecord, IKsiSignatureFactory signatureFactory)
{
return(ExtendedKsiSignature);
}
