/// <summary> /// Extend signature to publication. /// </summary> /// <param name="calendarHashChain">extended calendar hash chain</param> /// <param name="publicationRecord">extended publication record</param> /// <param name="signatureFactory">signature factory to be used when creating extended signature</param> /// <returns>extended KSI signature</returns> public IKsiSignature Extend(CalendarHashChain calendarHashChain, PublicationRecordInSignature publicationRecord, IKsiSignatureFactory signatureFactory = null) { Logger.Debug("Extending KSI signature."); if (calendarHashChain == null) { throw new ArgumentNullException(nameof(calendarHashChain)); } if (CalendarHashChain != null && !CalendarHashChain.AreRightLinksEqual(calendarHashChain)) { throw new KsiException("Right links of signature calendar hash chain and extended calendar hash chain do not match"); } if (publicationRecord == null) { publicationRecord = new PublicationRecordInSignature(false, false, calendarHashChain.PublicationData); } if (signatureFactory == null) { signatureFactory = new KsiSignatureFactory(); } using (TlvWriter writer = new TlvWriter(new MemoryStream())) { foreach (ITlvTag childTag in this) { switch (childTag.Type) { case Constants.CalendarHashChain.TagType: case Constants.CalendarAuthenticationRecord.TagType: case Constants.PublicationRecord.TagTypeInSignature: break; default: writer.WriteTag(childTag); break; } } writer.WriteTag(calendarHashChain); writer.WriteTag(publicationRecord); try { IKsiSignature signature = signatureFactory.CreateByContent(((MemoryStream)writer.BaseStream).ToArray(), InputHash); Logger.Debug("Extending KSI signature successful."); return(signature); } catch (TlvException e) { Logger.Warn("Extending KSI signature failed: {0}", e); throw; } } }
/// <summary> /// Get publication record from KSI signature /// </summary> /// <param name="signature">KSI signature</param> /// <returns>publication record</returns> public static PublicationRecordInSignature GetPublicationRecord(IKsiSignature signature) { PublicationRecordInSignature publicationRecord = signature.PublicationRecord; if (publicationRecord == null) { throw new KsiVerificationException("Publication record is missing from KSI signature."); } return(publicationRecord); }
/// <see cref="VerificationRule.Verify" /> public override VerificationResult Verify(IVerificationContext context) { IPublicationsFile publicationsFile = GetPublicationsFile(context); PublicationRecordInSignature publicationRecord = GetPublicationRecord(GetSignature(context)); ulong publicationTime = publicationRecord.PublicationData.PublicationTime; PublicationRecordInPublicationFile publicationRecordInPublicationFile = GetNearestPublicationRecord(publicationsFile, publicationTime, true); if (publicationRecordInPublicationFile == null || publicationRecordInPublicationFile.PublicationData.PublicationTime != publicationTime) { return(new VerificationResult(GetRuleName(), VerificationResultCode.Na, VerificationError.Gen02)); } return(publicationRecordInPublicationFile.PublicationData.PublicationHash != publicationRecord.PublicationData.PublicationHash ? new VerificationResult(GetRuleName(), VerificationResultCode.Fail, VerificationError.Pub05) : new VerificationResult(GetRuleName(), VerificationResultCode.Ok)); }
/// <summary> /// Extend signature to publication. /// </summary> /// <param name="signature">KSI signature</param> /// <param name="publicationRecord">publication</param> /// <returns>extended KSI signature</returns> public IKsiSignature Extend(IKsiSignature signature, PublicationRecordInSignature publicationRecord) { if (signature == null) { throw new ArgumentNullException(nameof(signature)); } if (publicationRecord == null) { throw new ArgumentNullException(nameof(publicationRecord)); } CalendarHashChain calendarHashChain = _ksiService.Extend(signature.AggregationTime, publicationRecord.PublicationData.PublicationTime); return(signature.Extend(calendarHashChain, publicationRecord, _ksiSignatureFactoryForExtending)); }
public void PublicationDataContentTest() { IKsiSignature signature = TestUtil.GetSignature(Resources.KsiSignature_Ok_Extended); PublicationRecordInSignature publicationRecord = signature.PublicationRecord; string code = publicationRecord.PublicationData.GetPublicationString(); DateTime date = publicationRecord.PublicationData.GetPublicationDate(); Assert.AreEqual("AAAAAA-CWYEKQ-AAIYPA-UJ4GRT-HXMFBE-OTB4AB-XH3PT3-KNIKGV-PYCJXU-HL2TN4-RG6SCC-3ZGSBM", code, "Publication string is invalid."); Assert.AreEqual(new DateTime(2016, 2, 15), date, "Publication date is invalid."); Assert.AreEqual(new DataHash(Base16.Decode("011878289E1A333DD85091D30F001B9F6F9ED4D428D57E049BD0EBD4DBC89BD210")), publicationRecord.PublicationData.PublicationHash, "Unexpected publication hash."); Assert.AreEqual(3, publicationRecord.PublicationReferences.Count, "Invalid publication reference count."); Assert.AreEqual("Financial Times, ISSN: 0307-1766, 2016-02-17", publicationRecord.PublicationReferences[0], "Invalid first publication reference."); Assert.AreEqual("Äripäev, ISSN: 1406-2585, 17.02.2016", publicationRecord.PublicationReferences[1], "Invalid second publication reference."); Assert.AreEqual("https://twitter.com/Guardtime/status/699919571084558336", publicationRecord.PublicationReferences[2], "Invalid third publication reference."); }
public void TestKsiSignatureExtendWithPublicationRecordInSignature() { IKsiSignature signature = GetKsiSignatureFromFile(Resources.KsiSignature_Ok); PublicationRecordInSignature publicationRecord = new PublicationRecordInSignature(false, false, new ITlvTag[] { new PublicationData(1455494400, new DataHash(Base16.Decode("011878289E1A333DD85091D30F001B9F6F9ED4D428D57E049BD0EBD4DBC89BD210"))), new StringTag(Constants.PublicationRecord.PublicationRepositoryUriTagType, false, false, "Test uri (publication record in signature)") }); IKsiSignature extendedSignature = signature.Extend(GetCalendarHashChain(), publicationRecord); Assert.True(extendedSignature.IsExtended, "IsExtended should be true."); Assert.AreEqual(1455494400, extendedSignature.PublicationRecord.PublicationData.PublicationTime, "Unexpected publication time"); VerificationResult result = new DefaultVerificationPolicy().Verify(extendedSignature, null, TestUtil.GetPublicationsFile()); Assert.AreEqual(VerificationResultCode.Ok, result.ResultCode, "Unexpected verification result code."); Assert.AreEqual("Test uri (publication record in signature)", extendedSignature.PublicationRecord.RepositoryUri[0], "Unexpected repository uri."); }
public void ToStringInSignatureTest() { PublicationRecord tag = TestUtil.GetCompositeTag <PublicationRecordInSignature>(Constants.PublicationRecord.TagTypeInSignature, new ITlvTag[] { TestUtil.GetCompositeTag <PublicationData>(Constants.PublicationData.TagType, new ITlvTag[] { new IntegerTag(Constants.PublicationData.PublicationTimeTagType, false, false, 1), new ImprintTag(Constants.PublicationData.PublicationHashTagType, false, false, new DataHash(HashAlgorithm.Sha2256, new byte[] { 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32 })), }), new StringTag(Constants.PublicationRecord.PublicationReferencesTagType, false, false, "Test publication reference 1"), new StringTag(Constants.PublicationRecord.PublicationReferencesTagType, false, false, "Test publication reference 2"), new StringTag(Constants.PublicationRecord.PublicationRepositoryUriTagType, false, false, "Test publication repository uri 1"), new StringTag(Constants.PublicationRecord.PublicationRepositoryUriTagType, false, false, "Test publication repository uri 2"), }); PublicationRecord tag2 = new PublicationRecordInSignature(new RawTag(tag.Type, tag.NonCritical, tag.Forward, tag.EncodeValue())); Assert.AreEqual(tag.ToString(), tag2.ToString()); }
/// <summary> /// Create KSI signature instance from tlv tags /// </summary> /// <param name="aggregationHashChains">Aggregation hash chain tlv elements</param> /// <param name="calendarHashChain">Calendar hash chain tlv element</param> /// <param name="calendarAuthenticationRecord">Calendar authentication record tlv element</param> /// <param name="publicationRecord">Publication record tlv element</param> /// <param name="rfc3161Record">RFC3161 record tlv element</param> /// <param name="hash">Signed hash</param> /// <returns></returns> public IKsiSignature Create(ICollection <AggregationHashChain> aggregationHashChains, CalendarHashChain calendarHashChain, CalendarAuthenticationRecord calendarAuthenticationRecord, PublicationRecordInSignature publicationRecord, Rfc3161Record rfc3161Record, DataHash hash) { List <ITlvTag> childTags = new List <ITlvTag>(); if (rfc3161Record != null) { childTags.Add(rfc3161Record); } if (aggregationHashChains == null) { throw new ArgumentNullException(nameof(aggregationHashChains)); } foreach (AggregationHashChain childTag in aggregationHashChains) { childTags.Add(childTag); } if (calendarHashChain != null) { childTags.Add(calendarHashChain); } if (publicationRecord != null) { childTags.Add(publicationRecord); } if (calendarAuthenticationRecord != null) { childTags.Add(calendarAuthenticationRecord); } return(CreateAndVerify(childTags.ToArray(), hash)); }
public IKsiSignature Extend(CalendarHashChain calendarHashChain, PublicationRecordInSignature publicationRecord, IKsiSignatureFactory signatureFactory) { return(ExtendedKsiSignature); }