|
public VerifySignature ( String name ) : |
||
| name | String | |
| return | ||
private Nenshkrim MerrNenshkrimInfo(AcroFields af, string name)
{
PdfPKCS7 pkcs7 = af.VerifySignature(name);
var certificate = new X509Certificate2();
var cert = (Org.BouncyCastle.X509.X509Certificate)pkcs7.Certificates[0];
certificate.Import(cert.GetEncoded());
Nenshkrim nenshkruesi = new Nenshkrim();
nenshkruesi.Nenshkruesi = CertificateInfo.GetSubjectFields(cert).GetField("CN");
string issuer = certificate.Issuer;
nenshkruesi.IssuerCN = GetIssuer(issuer, "CN=");
nenshkruesi.IssuerOU = GetIssuer(issuer, "OU=");
nenshkruesi.IssuerO = GetIssuer(issuer, "O=");
nenshkruesi.IssuerC = GetIssuer(issuer, "C=");
if (nenshkruesi.IssuerC == "KS")
{
//largimi i [EMAIL] prej cn
nenshkruesi.Nenshkruesi = nenshkruesi.Nenshkruesi.Substring(8);
}
nenshkruesi.Emri = CertificateInfo.GetSubjectFields(cert).GetField("GIVENNAME");
nenshkruesi.Mbiemri = CertificateInfo.GetSubjectFields(cert).GetField("SURNAME");
//algoritmi hash
nenshkruesi.AlgoritmiHash = pkcs7.GetHashAlgorithm();
//algoritmi hash
nenshkruesi.AlgoritmiEnkriptimit = pkcs7.GetEncryptionAlgorithm();
//data e nenshrimit
nenshkruesi.DataNenshkrimit = pkcs7.SignDate;
//certifikata valide prej, deri
nenshkruesi.CertifikataValidePrej = certificate.GetEffectiveDateString();
nenshkruesi.CertifikataValideDeri = certificate.GetExpirationDateString();
nenshkruesi.SerialNumber = certificate.SerialNumber;
//verifikimi
if (pkcs7.Verify())
{
nenshkruesi.Valid = true;
}
else
{
nenshkruesi.Valid = false;
}
return nenshkruesi;
}
public static SignaturePermissions InspectSignature(AcroFields fields, String name, SignaturePermissions perms)
{
IList<AcroFields.FieldPosition> fps = fields.GetFieldPositions(name);
if (fps != null && fps.Count > 0)
{
AcroFields.FieldPosition fp = fps[0];
Rectangle pos = fp.position;
if (pos.Width == 0 || pos.Height == 0)
{
Console.WriteLine("Invisible signature");
}
else
{
Console.WriteLine("Field en página {0}; llx: {1}, lly: {2}, urx: {3}; ury: {4}",
fp.page, pos.Left, pos.Bottom, pos.Right, pos.Top);
}
}
PdfPKCS7 pkcs7 = fields.VerifySignature(name);
Console.WriteLine("Algoritmo de Digest: " + pkcs7.GetHashAlgorithm());
Console.WriteLine("Algoritmo Encripción: " + pkcs7.GetEncryptionAlgorithm());
Console.WriteLine("Filter subtype: " + pkcs7.GetFilterSubtype());
X509Certificate cert = pkcs7.SigningCertificate;
Console.WriteLine("Nombre del firmante: " + CertificateInfo.GetSubjectFields(cert).GetField("CN"));
if (pkcs7.SignName != null)
Console.WriteLine("Nombre Alternativo del firmante: " + pkcs7.SignName);
Console.WriteLine("Firmado en: " + pkcs7.SignDate.ToString("yyyy-MM-dd HH:mm:ss.ff"));
if (!pkcs7.TimeStampDate.Equals(DateTime.MaxValue))
{
Console.WriteLine("TimeStamp: " + pkcs7.TimeStampDate.ToString("yyyy-MM-dd HH:mm:ss.ff"));
TimeStampToken ts = pkcs7.TimeStampToken;
Console.WriteLine("TimeStamp service: " + ts.TimeStampInfo.Tsa);
Console.WriteLine("Timestamp verificado? " + pkcs7.VerifyTimestampImprint());
}
Console.WriteLine("Ubicación: " + pkcs7.Location);
Console.WriteLine("Motivo: " + pkcs7.Reason);
PdfDictionary sigDict = fields.GetSignatureDictionary(name);
PdfString contact = sigDict.GetAsString(PdfName.CONTACTINFO);
if (contact != null)
Console.WriteLine("Datos de contacto: " + contact);
perms = new SignaturePermissions(sigDict, perms);
Console.WriteLine("Tipo de firma: " + (perms.Certification ? "certification" : "approval"));
//Console.WriteLine("Filling out fields allowed: " + perms.FillInAllowed);
//Console.WriteLine("Adding annotations allowed: " + perms.AnnotationsAllowed);
foreach (SignaturePermissions.FieldLock Lock in perms.FieldLocks)
{
Console.WriteLine("Lock: " + Lock);
}
return perms;
}
private static PdfPKCS7 VerifySignature(AcroFields fields, String name, ref MessageReport.Signature sigInfo)
{
sigInfo.isCoveringWholeDocument = fields.SignatureCoversWholeDocument(name);
PdfPKCS7 pkcs7 = fields.VerifySignature(name);
sigInfo.isIntegral = pkcs7.Verify();
X509Certificate[] certs = pkcs7.SignCertificateChain;
DateTime cal = pkcs7.SignDate;
IList<VerificationException> errors = CertificateVerification.VerifyCertificates(certs, certificates, null, cal);
if (errors == null)
Console.WriteLine("Certificates verified against the KeyStore");
else
foreach (object error in errors)
Console.WriteLine(error);
for (int i = 0; i < certs.Length; ++i)
{
X509Certificate cert = certs[i];
}
X509Certificate signCert = certs[0];
X509Certificate issuerCert = (certs.Length > 1 ? certs[1] : null);
sigInfo.Certificate = GetCertificateInfo(signCert, cal.ToLocalTime());
sigInfo.isValidDateSigning = CheckRevocation(pkcs7, signCert, issuerCert, cal);
sigInfo.isValidToday = CheckRevocation(pkcs7, signCert, issuerCert, DateTime.Now.AddDays(-1));
return pkcs7;
}
public static PdfPKCS7 VerifySignatureOld(AcroFields fields, String name)
{
Console.WriteLine("Signature covers whole document: " + fields.SignatureCoversWholeDocument(name));
Console.WriteLine("Document revision: " + fields.GetRevision(name) + " of " + fields.TotalRevisions);
PdfPKCS7 pkcs7 = fields.VerifySignature(name);
Console.WriteLine("Integrity check OK? " + pkcs7.Verify());
return pkcs7;
}
/// <summary>
/// Valida arquivos PDF
/// </summary>
/// <param name="filePath">Caminho do arquivo a ser validado</param>
/// <param name="onlyRoot">
/// Determina se irá considerar apenas certificados de Autoridades Certificadoras.
/// True: Considera apenas certificados de Autoridades Certificadoras.
/// False: Considera todos os certificados instalados na máquina.
/// Default: True.
/// </param>
/// <returns>Lista de assinaturas, válidas ou não</returns>
internal static SignatureList validate(string filePath, bool onlyRoot = true)
{
try
{
#region [obsolete code]
/*
*
* // list of valid certificates
* List<BCX.X509Certificate> kall = new List<BCX.X509Certificate>();
*
* // get the root certificates
* getSystemCertificates(StoreName.Root, StoreLocation.CurrentUser, ref kall);
*
* // if not only root, get others certificates
* if (!onlyRoot)
* {
* getSystemCertificates(StoreName.AddressBook, StoreLocation.CurrentUser, ref kall);
* getSystemCertificates(StoreName.AuthRoot, StoreLocation.CurrentUser, ref kall);
* getSystemCertificates(StoreName.CertificateAuthority, StoreLocation.CurrentUser, ref kall);
* getSystemCertificates(StoreName.My, StoreLocation.CurrentUser, ref kall);
* getSystemCertificates(StoreName.TrustedPeople, StoreLocation.CurrentUser, ref kall);
* getSystemCertificates(StoreName.TrustedPublisher, StoreLocation.CurrentUser, ref kall);
* }
* */
#endregion
// open the pdf file
TS.PdfReader reader = new TS.PdfReader(filePath);
// get the fields inside the file
TS.AcroFields af = reader.AcroFields;
// get the signatures
List <string> names = af.GetSignatureNames();
// if don't found signature
if (names == null || names.Count == 0)
{
throw new NoSignatureFoundException();
}
// signatures to return
SignatureList signatures = new SignatureList();
// for each signature in pdf file
foreach (string name in names)
{
// verify the signature
TSS.PdfPKCS7 pk = af.VerifySignature(name);
// get the datetime of signature
DateTime cal = pk.SignDate;
cal = (pk.TimeStampToken != null ? pk.TimeStampDate : cal);
// create the signature
Signature sig = new Signature
(
filePath, // file path
FileFormat.PDFDocument, // pdf format
pk.Reason, // objective
getSubject(pk.SigningCertificate.SubjectDN), // subject
cal, // date time
//verifySignature(pk.SignCertificateChain, kall, cal, pk.SigningCertificate), // signature validate, obsolete
verifySignature(pk.SigningCertificate),
getSignatureCertificates(pk.SignCertificateChain) // get the certificates
);
// set the x509certificates
sig.SX509Certificate = convertCertificate(pk.SigningCertificate);
// set the issuer
sig.SIssuer = pk.SigningCertificate.IssuerDN.ToString();
// set the file properties
foreach (KeyValuePair <string, string> prop in reader.Info)
{
FileProperties?fp = null;
try
{
fp = (FileProperties)Enum.Parse(typeof(FileProperties), prop.Key, true);
}
catch { }
if (fp.HasValue)
{
sig.addProperties(fp.Value, prop.Value);
}
}
// add signature to the list
signatures.Add(sig);
}
return(signatures);
}
catch (Exception ex)
{
throw ex;
}
}
