コード例 #1
0
        public void TestSignatureDataOk()
        {
            SignatureData signatureData = GetSignatureDataFromFile(Resources.SignatureData_Ok);

            Assert.AreEqual(4, signatureData.Count, "Invalid amount of child TLV objects");

            CollectionAssert.AreEqual(signatureData.GetCertificateId(), new byte[] { 0xc2, 0x46, 0xb1, 0x39 }, "Certificate Id should be equal");
            CollectionAssert.AreEqual(signatureData.GetSignatureValue(),
                                      Base16.Decode(
                                          "98D9A4D14722BB2C22425AC9112FBF6A2491B7051AD0CBFD8153E669BFCC6CDF20EEC80F7FCC7236985A4F83871DD6E245470BCA323A3902035B78764DDC4C6EB42416A3A7D7E5CEF6ED6AE8FADA668413758CF7DE1E9565EDF646170286D0F43CA30491DD3407B53DEEDDCBD2620057AB6580E3D3E938AE44EABAF3282357EEBB7B2325616755A1F20B3A78DE2F636DE10F7CCD75B6C5BB80EFEBA216F9BF1A302DCB93B9D3E3E9754620E6D8EC8672C5329CBBB00A9A4617242950D68B8A55CBA77E69DECDD49DD96F69FAA6BFBB0EF48A913F5F26AFA01FB08192D62123FC644BA2978CAF147229BD5702663494983A40ED77AA5016EAABC1FE8456DC17D4"),
                                      "Signature value should be correct");
            Assert.AreEqual(signatureData.SignatureType, "1.2.840.113549.1.1.11", "Signature type should be correct");
            Assert.AreEqual("https://www.guardtime.com", signatureData.CertificateRepositoryUri, "Unexpected certificate repository uri.");
        }
コード例 #2
0
        /// <see cref="VerificationRule.Verify" />
        public override VerificationResult Verify(IVerificationContext context)
        {
            IKsiSignature signature = GetSignature(context);
            CalendarAuthenticationRecord calendarAuthenticationRecord = GetCalendarAuthenticationRecord(signature);
            SignatureData signatureData = calendarAuthenticationRecord.SignatureData;

            byte[] certificateBytes = GetPublicationsFile(context).FindCertificateById(signatureData.GetCertificateId());

            if (certificateBytes == null)
            {
                throw new KsiVerificationException("No certificate found in publications file with id: " + Base16.Encode(signatureData.GetCertificateId()) + ".");
            }

            byte[] signedBytes = calendarAuthenticationRecord.PublicationData.Encode();

            try
            {
                ICryptoSignatureVerifier        cryptoSignatureVerifier = CryptoSignatureVerifierFactory.GetCryptoSignatureVerifierByOid(signatureData.SignatureType);
                CryptoSignatureVerificationData data = new CryptoSignatureVerificationData(certificateBytes, signature.AggregationTime);
                cryptoSignatureVerifier.Verify(signedBytes, signatureData.GetSignatureValue(), data);
            }
            catch (PkiVerificationFailedCertNotValidException ex)
            {
                Logger.Debug(ex);
                return(new VerificationResult(GetRuleName(), VerificationResultCode.Fail, VerificationError.Key03));
            }
            catch (PkiVerificationFailedException ex)
            {
                Logger.Debug("Could not verify signature.{0}Signature type: {1}{0}{2}{0}{3}",
                             Environment.NewLine,
                             signatureData.SignatureType,
                             ex,
                             ex.AdditionalInfo);
                return(new VerificationResult(GetRuleName(), VerificationResultCode.Fail, VerificationError.Key02));
            }
            catch (PkiVerificationErrorException ex)
            {
                Logger.Debug("Signature verification error.{0}Signature type: {1}{0}{2}",
                             Environment.NewLine,
                             signatureData.SignatureType,
                             ex);
                return(new VerificationResult(GetRuleName(), VerificationResultCode.Fail, VerificationError.Key02));
            }

            return(new VerificationResult(GetRuleName(), VerificationResultCode.Ok));
        }