GetSignature() public method

public GetSignature ( ) : byte[]
return byte[]
Esempio n. 1
0
	    /**
	     * Fetches the signature time-stamp attributes from a SignerInformation object.
	     * Checks that the MessageImprint for each time-stamp matches the signature field.
	     * (see RFC 3161 Appendix A).
	     * 
	     * @param signerInfo a SignerInformation to search for time-stamps
	     * @return a collection of TimeStampToken objects
	     * @throws TSPValidationException
	     */
		public static ICollection GetSignatureTimestamps(
			SignerInformation signerInfo)
		{
			IList timestamps = new ArrayList();

			Asn1.Cms.AttributeTable unsignedAttrs = signerInfo.UnsignedAttributes;
			if (unsignedAttrs != null)
			{
				foreach (Asn1.Cms.Attribute tsAttr in unsignedAttrs.GetAll(
					PkcsObjectIdentifiers.IdAASignatureTimeStampToken))
				{
					foreach (Asn1Encodable asn1 in tsAttr.AttrValues)
					{
						try
						{
							Asn1.Cms.ContentInfo contentInfo = Asn1.Cms.ContentInfo.GetInstance(
								asn1.ToAsn1Object());
							TimeStampToken timeStampToken = new TimeStampToken(contentInfo);
							TimeStampTokenInfo tstInfo = timeStampToken.TimeStampInfo;

							byte[] expectedDigest = DigestUtilities.CalculateDigest(
								GetDigestAlgName(tstInfo.MessageImprintAlgOid),
							    signerInfo.GetSignature());

							if (!Arrays.ConstantTimeAreEqual(expectedDigest, tstInfo.GetMessageImprintDigest()))
								throw new TspValidationException("Incorrect digest in message imprint");

							timestamps.Add(timeStampToken);
						}
						catch (SecurityUtilityException)
						{
							throw new TspValidationException("Unknown hash algorithm specified in timestamp");
						}
						catch (Exception)
						{
							throw new TspValidationException("Timestamp could not be parsed");
						}
					}
				}
			}

			return timestamps;
		}
		/**
		* generate a set of one or more SignerInformation objects representing counter signatures on
		* the passed in SignerInformation object.
		*
		* @param signer the signer to be countersigned
		* @param sigProvider the provider to be used for counter signing.
		* @return a store containing the signers.
		*/
		public SignerInformationStore GenerateCounterSigners(
			SignerInformation signer)
		{
			return this.Generate(null, new CmsProcessableByteArray(signer.GetSignature()), false).GetSignerInfos();
		}
 /**
  * generate a set of one or more SignerInformation objects representing counter signatures on
  * the passed in SignerInformation object.
  *
  * @param signer the signer to be countersigned
  * @param sigProvider the provider to be used for counter signing.
  * @return a store containing the signers.
  */
 public SignerInformationStore GenerateCounterSigners(
     SignerInformation signer)
 {
     return(this.Generate(null, new CmsProcessableByteArray(signer.GetSignature()), false).GetSignerInfos());
 }
Esempio n. 4
0
		/// <exception cref="System.IO.IOException"></exception>
		protected internal override SignerInformation ExtendCMSSignature(CmsSignedData signedData
			, SignerInformation si, SignatureParameters parameters, Document originalData)
		{
			if (this.signatureTsa == null)
			{
				throw new ConfigurationException(ConfigurationException.MSG.CONFIGURE_TSP_SERVER);
			}
			LOG.Info("Extend signature with id " + si.SignerID);
			BcCms.AttributeTable unsigned = si.UnsignedAttributes;
			//IDictionary<DerObjectIdentifier, Attribute> unsignedAttrHash = null;
            IDictionary unsignedAttrHash = null;
			if (unsigned == null)
			{
				unsignedAttrHash = new Dictionary<DerObjectIdentifier, Attribute>();
			}
			else
			{
				unsignedAttrHash = si.UnsignedAttributes.ToDictionary();
			}
            
            //TODO jbonilla - ¿Qué ocurre si ya es CAdES-T? No se debería volver a extender.
			Attribute signatureTimeStamp = GetTimeStampAttribute(PkcsObjectIdentifiers.IdAASignatureTimeStampToken
				, this.signatureTsa, digestAlgorithm, si.GetSignature());
			//unsignedAttrHash.Put(PkcsObjectIdentifiers.IdAASignatureTimeStampToken, signatureTimeStamp);
            unsignedAttrHash.Add(PkcsObjectIdentifiers.IdAASignatureTimeStampToken, signatureTimeStamp);
			SignerInformation newsi = SignerInformation.ReplaceUnsignedAttributes(si, new BcCms.AttributeTable
				(unsignedAttrHash));
			return newsi;
		}
Esempio n. 5
-1
		/// <exception cref="System.IO.IOException"></exception>
		protected internal override SignerInformation ExtendCMSSignature(CmsSignedData signedData
			, SignerInformation si, SignatureParameters parameters, Document originalData)
		{
			si = base.ExtendCMSSignature(signedData, si, parameters, originalData);
			DerObjectIdentifier attributeId = null;
			ByteArrayOutputStream toTimestamp = new ByteArrayOutputStream();
			switch (GetExtendedValidationType())
			{
				case 1:
				{
					attributeId = PkcsObjectIdentifiers.IdAAEtsEscTimeStamp;
					toTimestamp.Write(si.GetSignature());
					// We don't include the outer SEQUENCE, only the attrType and attrValues as stated by the TS §6.3.5,
					// NOTE 2)
					toTimestamp.Write(si.UnsignedAttributes[PkcsObjectIdentifiers.IdAASignatureTimeStampToken]
						.AttrType.GetDerEncoded());
					toTimestamp.Write(si.UnsignedAttributes[PkcsObjectIdentifiers.IdAASignatureTimeStampToken]
						.AttrValues.GetDerEncoded());
					break;
				}

				case 2:
				{
					attributeId = PkcsObjectIdentifiers.IdAAEtsCertCrlTimestamp;
					break;
				}

				default:
				{
					throw new InvalidOperationException("CAdES-X Profile: Extended validation is set but no valid type (1 or 2)"
						);
				}
			}
			toTimestamp.Write(si.UnsignedAttributes[PkcsObjectIdentifiers.IdAAEtsCertificateRefs]
				.AttrType.GetDerEncoded());
			toTimestamp.Write(si.UnsignedAttributes[PkcsObjectIdentifiers.IdAAEtsCertificateRefs]
				.AttrValues.GetDerEncoded());
			toTimestamp.Write(si.UnsignedAttributes[PkcsObjectIdentifiers.IdAAEtsRevocationRefs]
				.AttrType.GetDerEncoded());
			toTimestamp.Write(si.UnsignedAttributes[PkcsObjectIdentifiers.IdAAEtsRevocationRefs]
				.AttrValues.GetDerEncoded());
			//IDictionary<DerObjectIdentifier, Attribute> unsignedAttrHash = si.UnsignedAttributes.ToDictionary();
            IDictionary unsignedAttrHash = si.UnsignedAttributes.ToDictionary();
			BcCms.Attribute extendedTimeStamp = GetTimeStampAttribute(attributeId, GetSignatureTsa(
				), digestAlgorithm, toTimestamp.ToByteArray());
			//unsignedAttrHash.Put(attributeId, extendedTimeStamp);
            unsignedAttrHash.Add(attributeId, extendedTimeStamp);
			return SignerInformation.ReplaceUnsignedAttributes(si, new BcCms.AttributeTable(unsignedAttrHash
				));
		}