public void SignWithStreamAndLevelTest(Ksi ksi)
{
IKsiSignature signature;
using (MemoryStream stream = new MemoryStream())
{
byte[] data = Encoding.UTF8.GetBytes("This is my document");
stream.Write(data, 0, data.Length);
stream.Seek(0, SeekOrigin.Begin);
signature = ksi.Sign(stream, 3);
}
Assert.LessOrEqual(3, signature.GetAggregationHashChains()[0].GetChainLinks()[0].LevelCorrection, "Level correction is invalid.");
VerificationContext verificationContext = new VerificationContext(signature)
{
DocumentHash = new DataHash(HashAlgorithm.Sha2256,
Base16.Decode("D439459856BEF5ED25772646F73A70A841FC078D3CBBC24AB7F47C464683768D")),
PublicationsFile = ksi.GetPublicationsFile()
};
KeyBasedVerificationPolicy policy = new KeyBasedVerificationPolicy();
VerificationResult verificationResult = policy.Verify(verificationContext);
Assert.AreEqual(VerificationResultCode.Ok, verificationResult.ResultCode, "Signature should verify with key based policy");
}
private static void Verify(Ksi ksi, IKsiSignature signature, DataHash documentHash)
{
VerificationContext verificationContext = new VerificationContext(signature)
{
DocumentHash = documentHash,
PublicationsFile = ksi.GetPublicationsFile()
};
AggregationHashChain.Link firstChainLink = signature.GetAggregationHashChains()[0].GetChainLinks()[0];
if (firstChainLink.Metadata != null && firstChainLink.Metadata.Padding == null)
{
throw new Exception("Metadata padding is missing.");
}
KeyBasedVerificationPolicy policy = new KeyBasedVerificationPolicy();
VerificationResult verificationResult = policy.Verify(verificationContext);
if (verificationResult.ResultCode != VerificationResultCode.Ok)
{
Console.WriteLine("Verification result code: " + verificationResult.ResultCode);
Console.WriteLine("Verification rule name: " + verificationResult.RuleName);
Console.WriteLine("Verification error: " + verificationResult.VerificationError);
}
Assert.AreEqual(VerificationResultCode.Ok, verificationResult.ResultCode, "Signature should verify with key based policy");
}
public void GetPublicationsFileStaticTest()
{
Ksi ksi = GetKsi();
IPublicationsFile pubFile = ksi.GetPublicationsFile();
Assert.AreEqual(1515974400, pubFile.GetLatestPublication().PublicationData.PublicationTime, "Unexpected last publication time");
}
public void VerifyNewSignatureWithPublicationsFile(Ksi ksi)
{
DataHash documentHash = new DataHash(Base16.Decode("0111A700B0C8066C47ECBA05ED37BC14DCADB238552D86C659342D1D7E87B8772D"));
IKsiSignature signature = ksi.Sign(documentHash);
VerificationResult result = ksi.Verify(signature, null, ksi.GetPublicationsFile());
Assert.AreEqual(VerificationResultCode.Ok, result.ResultCode, "Unexpected verification result code.");
Assert.AreEqual(nameof(DefaultVerificationPolicy), result.RuleName, "Unexpected policy used.");
}
public void ExtendToNearestPublicationTest(Ksi ksi)
{
IKsiSignature ksiSignature = TestUtil.GetSignature();
IKsiSignature extendedToLatest = ksi.Extend(ksiSignature, ksi.GetPublicationsFile().GetLatestPublication());
IKsiSignature extendedToNearest = ksi.Extend(ksiSignature);
Assert.True(extendedToLatest.PublicationRecord.PublicationData.PublicationTime > extendedToNearest.PublicationRecord.PublicationData.PublicationTime);
Assert.AreEqual(1455494400, extendedToNearest.PublicationRecord.PublicationData.PublicationTime);
}
public void VerifyWithExtendingAllowed(Ksi ksi)
{
VerificationResult result = ksi.Verify(new DefaultVerificationPolicy(), new VerificationContext(TestUtil.GetSignature(Resources.KsiSignature_Ok))
{
PublicationsFile = ksi.GetPublicationsFile(),
IsExtendingAllowed = true
});
Assert.AreEqual(VerificationResultCode.Ok, result.ResultCode, "Unexpected verification result code.");
Assert.AreEqual(nameof(DefaultVerificationPolicy), result.RuleName, "Unexpected policy used.");
}
public void GetPublicationsFileWithInvalidUrlTest(Ksi ksi)
{
Exception ex = Assert.Throws <KsiServiceProtocolException>(delegate
{
ksi.GetPublicationsFile();
});
Assert.That(ex.Message.StartsWith("Get publication http response failed"), "Unexpected exception message: " + ex.Message);
Assert.IsNotNull(ex.InnerException, "Inner exception should not be null");
Assert.That(ex.InnerException.Message.StartsWith("The remote name could not be resolved"), "Unexpected inner exception message: " + ex.InnerException.Message);
}
public void GetPublicationsFileTest(Ksi ksi)
{
IPublicationsFile publicationsFile = ksi.GetPublicationsFile();
PublicationRecordInPublicationFile latest = publicationsFile.GetLatestPublication();
PublicationRecordInPublicationFile prev = publicationsFile.GetNearestPublicationRecord(latest.PublicationData.PublicationTime - 35 * 24 * 3600);
Assert.True(latest.PublicationData.PublicationTime > prev.PublicationData.PublicationTime);
prev = publicationsFile.GetNearestPublicationRecord(Util.ConvertUnixTimeToDateTime(latest.PublicationData.PublicationTime).AddDays(-35));
Assert.True(latest.PublicationData.PublicationTime > prev.PublicationData.PublicationTime);
}
private VerificationResult SignHash(Ksi ksi)
{
DataHash hash = new DataHash(HashAlgorithm.Sha2256, Base16.Decode("9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08"));
IKsiSignature signature = ksi.Sign(hash);
VerificationContext verificationContext = new VerificationContext(signature)
{
DocumentHash = hash,
PublicationsFile = ksi.GetPublicationsFile()
};
KeyBasedVerificationPolicy policy = new KeyBasedVerificationPolicy();
return(policy.Verify(verificationContext));
}
public void HttpSignSm3HashTest(Ksi ksi)
{
DataHash hash = new DataHash(HashAlgorithm.Sm3, Base16.Decode("9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08"));
IKsiSignature signature = ksi.Sign(hash);
VerificationContext verificationContext = new VerificationContext(signature)
{
DocumentHash = hash,
PublicationsFile = ksi.GetPublicationsFile()
};
KeyBasedVerificationPolicy policy = new KeyBasedVerificationPolicy();
VerificationResult verificationResult = policy.Verify(verificationContext);
Assert.AreEqual(VerificationResultCode.Ok, verificationResult.ResultCode, "Signature should verify with key based policy");
}
public void SignByteArrayTest(Ksi ksi)
{
byte[] data = Encoding.UTF8.GetBytes("This is my document");
IKsiSignature signature = ksi.Sign(data);
VerificationContext verificationContext = new VerificationContext(signature)
{
DocumentHash = new DataHash(HashAlgorithm.Sha2256,
Base16.Decode("D439459856BEF5ED25772646F73A70A841FC078D3CBBC24AB7F47C464683768D")),
PublicationsFile = ksi.GetPublicationsFile()
};
KeyBasedVerificationPolicy policy = new KeyBasedVerificationPolicy();
VerificationResult verificationResult = policy.Verify(verificationContext);
Assert.AreEqual(VerificationResultCode.Ok, verificationResult.ResultCode, "Signature should verify with key based policy");
}
public void ExtendAndVerifySignatureWithAggregationChainsOnly(Ksi ksi)
{
PublicationBasedVerificationPolicy rule = new PublicationBasedVerificationPolicy();
// signature contains only aggregation chains
IKsiSignature ksiSignature = TestUtil.GetSignature(Resources.KsiSignature_Ok_Only_Aggregtion_Chains);
IKsiSignature extendedSignature = ksi.Extend(ksiSignature);
PublicationData publicationData = ksi.GetPublicationsFile().GetNearestPublicationRecord(ksiSignature.AggregationTime).PublicationData;
VerificationContext context = new VerificationContext(extendedSignature)
{
UserPublication = publicationData
};
VerificationResult verificationResult = rule.Verify(context);
Assert.AreEqual(VerificationResultCode.Ok, verificationResult.ResultCode);
}
public void ExtendAndVerifyTest(Ksi ksi)
{
PublicationBasedVerificationPolicy policy = new PublicationBasedVerificationPolicy();
IKsiSignature ksiSignature = TestUtil.GetSignature();
IKsiSignature extendedSignature = ksi.Extend(ksiSignature);
PublicationData publicationData = ksi.GetPublicationsFile().GetNearestPublicationRecord(ksiSignature.AggregationTime).PublicationData;
VerificationContext context = new VerificationContext(extendedSignature)
{
UserPublication = publicationData,
KsiService = GetHttpKsiService()
};
VerificationResult verificationResult = policy.Verify(context);
Assert.AreEqual(VerificationResultCode.Ok, verificationResult.ResultCode);
}
public void HttpSignHashWithLevelTest(Ksi ksi)
{
DataHash documentHash = new DataHash(HashAlgorithm.Sha2256, Base16.Decode("9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08"));
IKsiSignature signature = ksi.Sign(documentHash, 3);
Assert.LessOrEqual(3, signature.GetAggregationHashChains()[0].GetChainLinks()[0].LevelCorrection, "Level correction is invalid.");
VerificationContext verificationContext = new VerificationContext(signature)
{
DocumentHash = documentHash,
PublicationsFile = ksi.GetPublicationsFile()
};
KeyBasedVerificationPolicy policy = new KeyBasedVerificationPolicy();
VerificationResult verificationResult = policy.Verify(verificationContext);
Assert.AreEqual(VerificationResultCode.Ok, verificationResult.ResultCode, "Signature should verify with key based policy");
}
public void VerifySignedHashWithInvalidHashTest(Ksi ksi)
{
VerificationResult verificationResult;
using (MemoryStream memoryStream = new MemoryStream(Encoding.UTF8.GetBytes("test")))
{
IDataHasher dataHasher = CryptoTestFactory.CreateDataHasher(HashAlgorithm.Sha2256);
dataHasher.AddData(memoryStream);
IKsiSignature signature = ksi.Sign(dataHasher.GetHash());
VerificationContext verificationContext = new VerificationContext(signature)
{
DocumentHash = new DataHash(HashAlgorithm.Sha2256,
Base16.Decode("1f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08")),
PublicationsFile = ksi.GetPublicationsFile()
};
KeyBasedVerificationPolicy policy = new KeyBasedVerificationPolicy();
verificationResult = policy.Verify(verificationContext);
}
Assert.AreEqual(VerificationResultCode.Fail, verificationResult.ResultCode, "Invalid hash should not verify with key based policy");
Assert.AreEqual(VerificationError.Gen01, verificationResult.VerificationError);
}
