private void AddInfoNode(SignerInfoNode infoNode, TreeNode parentNode)
{
TreeNode newNode = new TreeNode(infoNode.Certificate.SubjectDN.ToString());
newNode.Tag = infoNode;
foreach (var counterInfoNode in infoNode.CounterSignatures)
{
AddInfoNode(counterInfoNode, newNode);
}
parentNode.Nodes.Add(newNode);
}
/// <summary>
/// Realiza la contrafirma de una firma CAdES existente
/// </summary>
/// <param name="sigDocument"></param>
/// <param name="signerInfoNode"></param>
/// <param name="parameters"></param>
/// <returns></returns>
public SignatureDocument CounterSign(SignatureDocument sigDocument, SignerInfoNode signerInfoNode, SignatureParameters parameters)
{
if (sigDocument == null)
{
throw new Exception("Se necesita una firma previa para poder realizar la cofirma");
}
if (signerInfoNode == null)
{
throw new Exception("Se necesita especificar el nodo de firma para aplicar la contrafirma");
}
CheckParameters(parameters);
byte[] signature = null;
using (MemoryStream ms = new MemoryStream(signerInfoNode.SignerInformation.GetSignature()))
{
byte[] toBeSigned = ToBeSigned(new CmsProcessableInputStream(ms), parameters, null, true);
signature = parameters.Signer.SignData(toBeSigned, parameters.DigestMethod);
}
CustomCMSSignedDataGenerator generator = CreateSignedGenerator(new PreComputedSigner(signature), parameters, null);
var result = generator.GenerateCounterSigners(signerInfoNode.SignerInformation);
SignerInformation updatedSI = SignerInformation.AddCounterSigners(signerInfoNode.SignerInformation, result);
List <X509Certificate> certs = new List <X509Certificate>();
IX509Store originalCertStore = sigDocument.SignedData.GetCertificates("Collection");
signerInfoNode.SignerInformation = updatedSI;
CollectionUtilities.AddRange(certs, GetCertificatesFromStore(originalCertStore));
X509CertificateParser parser = new X509CertificateParser();
var signerCertificate = parser.ReadCertificate(parameters.Certificate.GetRawCertData());
if (!CheckCertExists(signerCertificate, originalCertStore))
{
certs.Add(signerCertificate);
}
IX509Store certStore = X509StoreFactory.Create("Certificate/Collection", new X509CollectionStoreParameters(certs));
CmsSignedData newSignedData = CmsSignedData.ReplaceCertificatesAndCrls(sigDocument.SignedData, certStore, sigDocument.SignedData.GetCrls("Collection"), null);
return(new SignatureDocument(newSignedData));
}
public ValidationResult Validate(SignatureDocument sigDocument, SignerInfoNode signerNode)
{
ValidationResult result = new ValidationResult();
try
{
if (!signerNode.SignerInformation.Verify(signerNode.Certificate))
{
result.IsValid = false;
result.Message = "Signature verification failed";
return(result);
}
if (signerNode.TimeStamp != null)
{
DigestMethod tokenDigestMethod = DigestMethod.GetByOid(signerNode.TimeStamp.TimeStampInfo.HashAlgorithm.ObjectID.Id);
byte[] signatureValueHash = tokenDigestMethod.CalculateDigest(signerNode.SignerInformation.GetSignature());
if (!signerNode.TimeStamp.TimeStampInfo.GetMessageImprintDigest().SequenceEqual(signatureValueHash))
{
result.IsValid = false;
result.Message = "The stamp of the time stamp does not correspond to the one calculated";
return(result);
}
}
result.IsValid = true;
result.Message = "Signature verification suceeded";
}
catch (Exception ex)
{
result.IsValid = false;
result.Message = ex.Message;
}
return(result);
}
public ValidationResult Validate(SignatureDocument sigDocument, SignerInfoNode signerNode)
{
ValidationResult result = new ValidationResult();
try
{
if (!signerNode.SignerInformation.Verify(signerNode.Certificate))
{
result.IsValid = false;
result.Message = "La verificación de la firma no ha sido satisfactoria";
return(result);
}
if (signerNode.TimeStamp != null)
{
DigestMethod tokenDigestMethod = DigestMethod.GetByOid(signerNode.TimeStamp.TimeStampInfo.HashAlgorithm.ObjectID.Id);
byte[] signatureValueHash = tokenDigestMethod.CalculateDigest(signerNode.SignerInformation.GetSignature());
if (!signerNode.TimeStamp.TimeStampInfo.GetMessageImprintDigest().SequenceEqual(signatureValueHash))
{
result.IsValid = false;
result.Message = "La huella del sello de tiempo no se corresponde con la calculada";
return(result);
}
}
result.IsValid = true;
result.Message = "Verificación de la firma satisfactoria";
}
catch (Exception ex)
{
result.IsValid = false;
result.Message = ex.Message;
}
return(result);
}
public void Upgrade(SignatureDocument signatureDocument, SignerInfoNode signerInfoNode, UpgradeParameters parameters)
{
BcCms.AttributeTable unsigned = signerInfoNode.SignerInformation.UnsignedAttributes;
IDictionary unsignedAttrHash = null;
if (unsigned == null)
{
unsignedAttrHash = new Dictionary <DerObjectIdentifier, BcCms.Attribute>();
}
else
{
unsignedAttrHash = signerInfoNode.SignerInformation.UnsignedAttributes.ToDictionary();
}
BcCms.Attribute signatureTimeStamp = GetTimeStampAttribute(PkcsObjectIdentifiers.IdAASignatureTimeStampToken
, parameters.TsaClient, parameters.DigestMethod, signerInfoNode.SignerInformation.GetSignature());
unsignedAttrHash.Add(PkcsObjectIdentifiers.IdAASignatureTimeStampToken, signatureTimeStamp);
SignerInformation newsi = SignerInformation.ReplaceUnsignedAttributes(signerInfoNode.SignerInformation,
new BcCms.AttributeTable(unsignedAttrHash));
signerInfoNode.SignerInformation = newsi;
}
