private static int RunValidateAndReturnExitCode(ValidadeOptions opts)
{
var cadesSignature = CadesSignature.Open(opts.SignatureFile);
using var stream = File.OpenRead(opts.InputFile);
var digestAlgorithm = DigestAlgorithm.SHA256;
var digest = digestAlgorithm.ComputeHash(stream);
cadesSignature.SetExternalDataDigest(digestAlgorithm, digest);
var cadesSI = cadesSignature.Signers.First();
var vr = cadesSignature.ValidateSignature(cadesSI, CadesPoliciesForValidation.GetPkiBrazil());
if (vr.IsValid)
{
Console.WriteLine("");
Console.WriteLine($"{opts.SignatureFile} is a valid signature for {opts.InputFile}");
Console.WriteLine($"Hash algorithm SHA256 value : {String.Concat(digest.Select(b => b.ToString("X2"))) }");
Console.WriteLine($"Signed by {cadesSI.SigningCertificate.SubjectDisplayName}");
Console.WriteLine($"Signature date: {cadesSI.SigningTime:dd/MM/yyyy HH:mm:ss} GMT");
}
else
{
Console.WriteLine("");
Console.WriteLine($"{opts.SignatureFile} is a invalid signature for {opts.InputFile}");
}
return(0);
}
public ManifestContainer CreateManifest(IEnumerable <AsicePackageEntry> entries)
{
var manifest = new ASiCManifestType {
DataObjectReference = entries.Select(ToDataObject).ToArray()
};
SignatureFileRef signatureFileRef = null;
if (addSignatureFile)
{
signatureFileRef = CadesSignature.CreateSignatureRef();
manifest.SigReference = new SigReferenceType
{
MimeType = signatureFileRef.MimeType.ToString(), URI = signatureFileRef.FileName
};
}
using (var outStream = new MemoryStream())
using (var xmlWriter = CreateXmlWriter(outStream))
{
new XmlSerializer(typeof(ASiCManifestType)).Serialize(xmlWriter, manifest, CreateNamespaces());
//Stupid whitespace manipulation to please DNB
var resultString = Encoding.UTF8.GetString(outStream.ToArray());
resultString = resultString.Replace(" />", "/>").Replace(" xmlns=\"http://uri.etsi.org/02918/v1.2.1#\"", "") + "\n";
var x = Encoding.UTF8.GetBytes(resultString);
return(new ManifestContainer(AsiceConstants.CadesManifestFilename, x, signatureFileRef, ManifestSpec.Cades));
}
}
public void MergeSignatures()
{
if (SignatureFiles.Count < 2)
{
MessageBox.Show("Please add at least two CAdES signature files");
return;
}
if (!string.IsNullOrEmpty(EncapsulatedContentFile) && !File.Exists(EncapsulatedContentFile))
{
MessageBox.Show($"Data file not found: {EncapsulatedContentFile}");
return;
}
try {
// Read encapsulated content file
byte[] encapsulatedContent = null;
if (!string.IsNullOrEmpty(EncapsulatedContentFile))
{
encapsulatedContent = File.ReadAllBytes(EncapsulatedContentFile);
}
// read signature files
var signatures = new List <CadesSignature>();
foreach (var signatureFile in SignatureFiles)
{
signatures.Add(CadesSignature.Open(signatureFile));
}
// merge signatures
var mergedSignature = CadesSignatureEditor.MergeSignatures(signatures, encapsulatedContent);
// save file
var saveFileDialog = new SaveFileDialog()
{
FileName = $"merged-signature.p7s",
};
if (saveFileDialog.ShowDialog() != true)
{
return;
}
File.WriteAllBytes(saveFileDialog.FileName, mergedSignature);
MessageBox.Show($"Merged signature saved on {saveFileDialog.FileName}");
} catch (Exception ex) {
MessageBox.Show(ex.ToString(), "An error has occurred");
}
}
public CadesSignatureModel(CadesSignature signature, ICadesPolicyMapperBySignerInfo policyMapper = null)
{
HasEncapsulatedContent = signature.HasEncapsulatedContent;
EncapsulatedContent = signature.GetEncapsulatedContent();
// Convert signers validating each one.
Signers = signature.Signers.Select(s => {
// Validate signature according to the provided policy.
if (policyMapper != null)
{
var vr = signature.ValidateSignature(s, policyMapper);
return(new CadesSignerModel(s)
{
ValidationResults = new ValidationResultsModel(vr)
});
}
return(new CadesSignerModel(s));
}).ToList();
var contentType = signature.EncapsulatedContentType;
if (contentType == CmsContentType.Data)
{
EncapsulatedContentType = CmsContentTypes.Data;
}
else if (contentType == CmsContentType.SignedData)
{
EncapsulatedContentType = CmsContentTypes.SignedData;
}
else if (contentType == CmsContentType.DigestedData)
{
EncapsulatedContentType = CmsContentTypes.DigestedData;
}
else if (contentType == CmsContentType.EncryptedData)
{
EncapsulatedContentType = CmsContentTypes.EncryptedData;
}
else if (contentType == CmsContentType.AuthenticatedData)
{
EncapsulatedContentType = CmsContentTypes.AuthenticatedData;
}
else if (contentType == CmsContentType.TstInfo)
{
EncapsulatedContentType = CmsContentTypes.TstInfo;
}
}
// GET: CheckCadesSdk?c={id}
public ActionResult Index(string c)
{
// On PrinterFriendlyVersionController, we stored the unformatted version of the verification
// code (without hyphens) but used the formatted version (with hiphens) on the printer-friendly
// PDF. Now, we remove the hyphens before looking it up.
var verificationCode = AlphaCode.Parse(c);
// Get document associated with verification code.
var fileId = StorageMock.LookupVerificationCode(verificationCode);
if (fileId == null)
{
// Invalid code give!
// Small delay to slow down brute-force attacks (if you want to be extra careful you might
// want to add a CAPTCHA to the process).
Thread.Sleep(TimeSpan.FromSeconds(2));
// Return Not Found
return(HttpNotFound());
}
// Read document from storage.
var fileContent = StorageMock.Read(fileId);
var signature = CadesSignature.Open(fileContent);
// Specify the parameters for the signature validation:
// Define the trust arbitrator used to validate the certificate.
var trustArbitrator = Util.GetTrustArbitrator();
var policyMapper = CadesPoliciesForValidation.GetCadesBasic(trustArbitrator);
// Render the information (see file Check/Index.html for more information on
// the information returned).
return(View(new OpenCadesSignatureModel()
{
Signature = new CadesSignatureModel(signature, policyMapper),
File = fileId
}));
}
public ManifestContainer CreateManifest(IEnumerable <AsicePackageEntry> entries)
{
var manifest = new ASiCManifestType {
DataObjectReference = entries.Select(ToDataObject).ToArray()
};
SignatureFileRef signatureFileRef = null;
if (addSignatureFile)
{
signatureFileRef = CadesSignature.CreateSignatureRef();
manifest.SigReference = new SigReferenceType
{
MimeType = signatureFileRef.MimeType.ToString(), URI = signatureFileRef.FileName
};
}
using (var outStream = new MemoryStream())
using (var xmlWriter = CreateXmlWriter(outStream))
{
new XmlSerializer(typeof(ASiCManifestType)).Serialize(xmlWriter, manifest, CreateNamespaces());
return(new ManifestContainer(AsiceConstants.CadesManifestFilename, outStream.ToArray(), signatureFileRef, ManifestSpec.Cades));
}
}
/**
* This action open a Cades file and inspect its signatures.
*/
public ActionResult Index(string userfile)
{
// Our action only works if a userfile is given to work with.
byte[] userfileContent;
if (!StorageMock.TryGetFile(userfile, out userfileContent))
{
return(HttpNotFound());
}
// Open Cades file
var cadesSignature = CadesSignature.Open(userfileContent);
// Specify the parameters for the signature validation:
// Define the trust arbitrator used to validate the certificate.
var trustArbitrator = Util.GetTrustArbitrator();
var policyMapper = CadesPoliciesForValidation.GetCadesBasic(trustArbitrator);
return(View(new OpenCadesSignatureModel()
{
// WARNING: this sample always consider the encapsulated content type as pdf, so the downloadable file uses pdf extension
File = cadesSignature.HasEncapsulatedContent ? StorageMock.Store(cadesSignature.GetEncapsulatedContent(), ".pdf") : "",
Signature = new CadesSignatureModel(cadesSignature, policyMapper)
}));
}
private void validateCadesSignature(string filePath)
{
var policy = CadesPoliciesForValidation.GetCadesBasic(App.GetTrustArbitrator());
var cadesSignature = CadesSignature.Open(filePath);
if (!cadesSignature.HasEncapsulatedContent)
{
MessageBox.Show("This CAdES signature does not have an encapsulated content (\"detached signature\"). Please provide the data file to continue with the validation.", "Data file needed");
var dataFileDialog = new OpenFileDialog()
{
};
if (dataFileDialog.ShowDialog() != true)
{
return;
}
cadesSignature.SetExternalData(File.ReadAllBytes(dataFileDialog.FileName));
}
Signers.Clear();
foreach (var signer in cadesSignature.Signers)
{
var vr = cadesSignature.ValidateSignature(signer, policy);
Signers.Add(new SignerItem(getSignerDescription(signer, vr), vr));
}
}
