private static DocsPaVO.documento.SignerInfo ExtractSignerInfo(EsitoVerificaStatus status, FirmaDigitale.DatiFirmaType firmatario, FirmaDigitale.MarcaType marcaFirma)
{
DocsPaVO.documento.SignerInfo si = new DocsPaVO.documento.SignerInfo();
if (firmatario != null)
{
// firmatari
si.CertificateInfo = new DocsPaVO.documento.CertificateInfo
{
ValidFromDate = firmatario.dataInizioValiditaCert,
ValidToDate = firmatario.dataFineValiditaCert,
RevocationStatusDescription = status.ToString(),
RevocationStatus = (int)status,
IssuerName = "CN=" + firmatario.cnCertAuthority,
SerialNumber = firmatario.serialNumber,
SubjectName = firmatario.commonName,
SignatureAlgorithm = "N.D.",
ThumbPrint = "N.D"
};
if (firmatario.dataRevocaCertificato != DateTime.MinValue)
{
si.CertificateInfo.RevocationStatus = 4; //Revocato
si.CertificateInfo.RevocationDate = firmatario.dataRevocaCertificato;
}
si.SubjectInfo = new DocsPaVO.documento.SubjectInfo
{
CodiceFiscale = firmatario.codiceFiscale,
CommonName = firmatario.commonName,
CertId = firmatario.distinguishName,
Organizzazione = firmatario.organizzazione,
SerialNumber = firmatario.serialNumber,
Nome = firmatario.nome,
Cognome = firmatario.cognome,
Country = firmatario.nazione
};
si.SignatureAlgorithm = convertOidToString(firmatario.digestAlgorithm);
}
if (marcaFirma != null)
{
List <TSInfo> tsList = new List <TSInfo>();
TSInfo tsi = new TSInfo
{
dataInizioValiditaCert = marcaFirma.dataInizioValiditaCert,
dataFineValiditaCert = marcaFirma.dataFineValiditaCert,
TSdateTime = marcaFirma.TSdateTime,
TSimprint = marcaFirma.TSimprint,
TSANameIssuer = marcaFirma.TSANameIssuer,
TSANameSubject = marcaFirma.TSANameSubject,
TSserialNumber = marcaFirma.TSserialNumber,
TSType = TsType.PKCS
};
tsList.Add(tsi);
si.SignatureTimeStampInfo = tsList.ToArray();
}
return(si);
}
public override void ReadFromBinary(IBinaryReader reader)
{
while (reader.CurrentArg < reader.Arguments.Length)
{
var info = new TSInfo
{
Type = reader.ReadIndex(),
Indicator = reader.ReadBool()
};
Infos.Add(info);
}
}
private static TSInfo ConvertFromActalisTS(signerTimeStamp sTs)
{
if (sTs == null)
{
return(null);
}
TSInfo tsi = new TSInfo
{
TSdateTime = sTs.tsGenTime,
TSimprint = sTs.tsDigestMessageImprint,
TSANameIssuer = sTs.tsTsaName,
TSserialNumber = sTs.tsSerialNumber,
TSType = TsType.PKCS
};
return(tsi);
}
private DocsPaVO.documento.SignerInfo ExtractSignerInfo(List <string> ErrorMessageLst, IX509Store store, SignerInformation signer)
{
DocsPaVO.documento.SignerInfo thisSinger = new DocsPaVO.documento.SignerInfo();
Org.BouncyCastle.X509.X509Certificate cert1 = GetCertificate(signer, store);
try
{
if (!signer.Verify(cert1))
{
ErrorMessageLst.Add("Not valid signature");
}
}
catch (Exception e)
{
ErrorMessageLst.Add(e.Message);
}
thisSinger.isCountersigner = signer.IsCounterSignature;
if (signer.SignedAttributes != null)
{
if (signer.SignedAttributes[Org.BouncyCastle.Asn1.Pkcs.PkcsObjectIdentifiers.IdAASigningCertificateV2] == null)
{
ErrorMessageLst.Add("Id-AA-SigningCertificateV2 not found");
}
if (signer.SignedAttributes[CmsAttributes.MessageDigest] == null)
{
ErrorMessageLst.Add("Pkcs9AtMessageDigest not found");
}
if (!signer.IsCounterSignature) //Pare che i controfirmatari non ncessitino di questo parametro
{
if (signer.SignedAttributes[Org.BouncyCastle.Asn1.Pkcs.PkcsObjectIdentifiers.Pkcs9AtContentType] == null)
{
ErrorMessageLst.Add("Pkcs9AtContentType not found");
}
}
thisSinger.SignatureAlgorithm = Org.BouncyCastle.Security.DigestUtilities.GetAlgorithmName(signer.DigestAlgorithmID.ObjectID);
if (signer.SignedAttributes[CmsAttributes.SigningTime] != null)
{
Org.BouncyCastle.Asn1.Cms.Attribute sigTime = signer.SignedAttributes[CmsAttributes.SigningTime];
if (sigTime.AttrValues.Count > 0)
{
try
{
thisSinger.SigningTime = GetSigningTime(sigTime.AttrValues[0]);
}
catch (Exception e)
{
ErrorMessageLst.Add("Error retriving SigningTime");
}
}
}
}
else
{
ErrorMessageLst.Add("Missing SignedAttributes");
}
if (gestioneTSFirma)
{
List <TSInfo> tsArr = new List <TSInfo>();
if (signer.UnsignedAttributes != null && signer.UnsignedAttributes[Org.BouncyCastle.Asn1.Pkcs.PkcsObjectIdentifiers.IdAASignatureTimeStampToken] != null)
{
ICollection ret = Org.BouncyCastle.Tsp.TspUtil.GetSignatureTimestamps(signer);
foreach (Org.BouncyCastle.Tsp.TimeStampToken token in ret)
{
VerifyTimeStamp verifyTimeStamp = new VerifyTimeStamp();
ICollection certsColl = token.GetCertificates("COLLECTION").GetMatches(null);
TSInfo timeStamp = verifyTimeStamp.getTSCertInfo(certsColl);
timeStamp.TSdateTime = token.TimeStampInfo.GenTime.ToLocalTime();
timeStamp.TSserialNumber = token.TimeStampInfo.SerialNumber.ToString();
timeStamp.TSimprint = Convert.ToBase64String(token.TimeStampInfo.TstInfo.MessageImprint.GetEncoded());
timeStamp.TSdateTime = token.TimeStampInfo.GenTime;
timeStamp.TSType = TsType.PKCS;
tsArr.Add(timeStamp);
}
}
if (tsArr.Count > 0)
{
thisSinger.SignatureTimeStampInfo = tsArr.ToArray();
}
}
X509Certificate2 cert = new X509Certificate2(cert1.GetEncoded());
thisSinger.CertificateInfo.RevocationStatus = CheckCertificate(cert);
thisSinger.CertificateInfo.X509Certificate = cert1.GetEncoded();
thisSinger.CertificateInfo.RevocationStatusDescription = DecodeStatus(thisSinger.CertificateInfo.RevocationStatus);
ParseCNIPASubjectInfo(ref thisSinger.SubjectInfo, cert.SubjectName.Name);
thisSinger.CertificateInfo.IssuerName = cert.IssuerName.Name;
thisSinger.CertificateInfo.SerialNumber = cert.SerialNumber;
thisSinger.CertificateInfo.SignatureAlgorithm = cert.SignatureAlgorithm.FriendlyName;
thisSinger.CertificateInfo.SubjectName = cert.SubjectName.Name;
thisSinger.CertificateInfo.ValidFromDate = cert.NotBefore;
thisSinger.CertificateInfo.ValidToDate = cert.NotAfter;
thisSinger.CertificateInfo.ThumbPrint = cert.Thumbprint;
StringBuilder sb = new StringBuilder();
sb.AppendFormat("CertificateInfo.IssuerName: '{0}'", thisSinger.CertificateInfo.IssuerName);
sb.AppendFormat("CertificateInfo.SerialNumber: '{0}'", thisSinger.CertificateInfo.SerialNumber);
sb.AppendFormat("CertificateInfo.SignatureAlgorithm: '{0}'", thisSinger.CertificateInfo.SignatureAlgorithm);
sb.AppendFormat("CertificateInfo.SubjectName: '{0}'", thisSinger.CertificateInfo.SubjectName);
sb.AppendFormat("CertificateInfo.ValidFromDate: '{0}'", thisSinger.CertificateInfo.ValidFromDate);
sb.AppendFormat("CertificateInfo.ValidToDate: '{0}'", thisSinger.CertificateInfo.ValidToDate);
sb.AppendFormat("CertificateInfo.ThumbPrint: '{0}'", thisSinger.CertificateInfo.ThumbPrint);
//DocsPaUtils.LogsManagement.Debugger.Write(string.Format("SignedDocument.Verify - {0}", sb.ToString()));
//gestione controfirma
if (signer.UnsignedAttributes != null)
{
if (signer.UnsignedAttributes[CmsAttributes.CounterSignature] != null)
{
List <DocsPaVO.documento.SignerInfo> cSigsList = new List <DocsPaVO.documento.SignerInfo>();
List <string> csignErrs = new List <string> ();
SignerInformationStore counterSignatures = signer.GetCounterSignatures();
foreach (SignerInformation conunterSig in counterSignatures.GetSigners())
{
DocsPaVO.documento.SignerInfo cSigs = ExtractSignerInfo(csignErrs, store, conunterSig);
cSigsList.Add(cSigs);
}
if (csignErrs.Count > 0)
{
ErrorMessageLst.AddRange(csignErrs);
}
if (cSigsList.Count > 0)
{
thisSinger.counterSignatures = cSigsList.ToArray();
}
}
}
return(thisSinger);
}
private static VerifySignatureResult ConvertToVerifySignatureResultUsingInternalStructures(EsitoVerificaStatus status, FirmaDigitale.DettaglioFirmaDigitaleType d)
{
VerifySignatureResult vsr = new VerifySignatureResult();
List <DocsPaVO.documento.SignerInfo> siLst = new List <DocsPaVO.documento.SignerInfo>();
string verbosesgb = ConfigurationManager.AppSettings["VERBOSEDEBUG"];
bool verboseDebug = false;
Boolean.TryParse(verbosesgb, out verboseDebug);
if (verboseDebug)
{
logger.Debug(d.datiGeneraliVerifica);
}
if (d.fileMarcatoSpecified)
{
if (d.dataVerificaFirmaSpecified)
{
logger.InfoFormat("data verifica firma {0}", d.dataVerificaFirma);
}
if (d.fileMarcato)
{
logger.Debug("Marcato");
TSInfo ts = new TSInfo();
if (d.marcaDetached != null)
{
logger.Debug("marcaDetached !=null");
//Gestire la marca
//logger.DebugFormat("TSANameIssuer [{0}]", d.marcaDetached.TSANameIssuer);
//logger.DebugFormat("TSANameSubject [{0}]", d.marcaDetached.TSANameSubject);
//logger.DebugFormat("TSimprint [{0}]", d.marcaDetached.TSimprint);
//logger.DebugFormat("TSserialNumber [{0}]", d.marcaDetached.TSserialNumber);
if (!String.IsNullOrEmpty(d.marcaDetached.TSANameIssuer))
{
ts.TSANameIssuer = d.marcaDetached.TSANameIssuer;
}
if (!String.IsNullOrEmpty(d.marcaDetached.TSANameSubject))
{
ts.TSANameSubject = d.marcaDetached.TSANameSubject;
}
if (!String.IsNullOrEmpty(d.marcaDetached.TSimprint))
{
ts.TSimprint = d.marcaDetached.TSimprint;
}
if (!String.IsNullOrEmpty(d.marcaDetached.TSserialNumber))
{
ts.TSserialNumber = d.marcaDetached.TSserialNumber;
}
if (d.marcaDetached.TSdateTimeSpecified)
{
ts.TSdateTime = d.marcaDetached.TSdateTime;
}
if (d.marcaDetached.dataFineValiditaCertSpecified)
{
ts.dataFineValiditaCert = d.marcaDetached.dataFineValiditaCert;
}
if (d.marcaDetached.dataInizioValiditaCertSpecified)
{
ts.dataInizioValiditaCert = d.marcaDetached.dataInizioValiditaCert;
}
}
else
{
//default nel caso la try sotto desse errore
ts.TSANameIssuer = "Marca non Detached, dati non disponibili";
//se questo dato ce l'ho lo valido
if (d.dataVerificaFirmaSpecified)
{
ts.TSdateTime = d.dataVerificaFirma;
}
}
}
else
{
}
}
if (d.datiFirmatari != null)
{
foreach (FirmaDigitale.FirmatarioType ft in d.datiFirmatari)
{
//firmatari
DocsPaVO.documento.SignerInfo si = ExtractSignerInfo(status, ft.firmatario, ft.marcaFirma);
//controfirmatari
if (ft.controfirmatario != null)
{
List <DocsPaVO.documento.SignerInfo> csiLst = new List <DocsPaVO.documento.SignerInfo>();
foreach (FirmaDigitale.FirmatarioTypeControfirmatario cft in ft.controfirmatario)
{
DocsPaVO.documento.SignerInfo csi = ExtractSignerInfo(status, cft.firma, cft.marca);
csi.isCountersigner = true;
csiLst.Add(csi);
}
if (csiLst.Count > 0)
{
si.counterSignatures = csiLst.ToArray();
}
}
siLst.Add(si);
}
}
List <DocsPaVO.documento.PKCS7Document> p7docsLst = new List <DocsPaVO.documento.PKCS7Document>();
DocsPaVO.documento.PKCS7Document p7doc = new DocsPaVO.documento.PKCS7Document
{
SignersInfo = siLst.ToArray(),
DocumentFileName = null,
Level = 0
};
p7docsLst.Add(p7doc);
vsr.PKCS7Documents = p7docsLst.ToArray();
vsr.CRLOnlineCheck = true;
return(vsr);
}
private static VerifySignatureResult ConvertToVerifySignatureResultUsingDatiGeneraliVerifica(EsitoVerificaStatus status, FirmaDigitale.DettaglioFirmaDigitaleType d)
{
DeSign.deSign design = null;
string verbosesgb = ConfigurationManager.AppSettings["VERBOSEDEBUG"];
bool verboseDebug = false;
Boolean.TryParse(verbosesgb, out verboseDebug);
try
{
if (!String.IsNullOrEmpty(d.datiGeneraliVerifica))
{
if (verboseDebug)
{
logger.InfoFormat("Risposta da infocert {0}", d.datiGeneraliVerifica);
}
design = DeSign.deSign.Deserialize(d.datiGeneraliVerifica);
}
}
catch (Exception e)
{
logger.ErrorFormat("Errore deserializzando i dati da infocert {0} {1}", e.Message, e.StackTrace);
return(null);
}
VerifySignatureResult vsr = new VerifySignatureResult();
List <DocsPaVO.documento.SignerInfo> siLst = new List <SignerInfo>();
List <DocsPaVO.documento.PKCS7Document> p7docsLst = new List <PKCS7Document>();
string digestAlgo = string.Empty;
bool badSignature = false;
foreach (object item in design.signedData)
{
//trattasi di signedData
DeSign.signedData sd = item as DeSign.signedData;
foreach (DeSign.signer signer in sd.signer)
{
DocsPaVO.documento.SignerInfo si = convertToSignerInfo(signer);
if (si.CertificateInfo.RevocationStatus != 0)
{
vsr.StatusCode = si.CertificateInfo.RevocationStatus;
vsr.StatusDescription = si.CertificateInfo.RevocationStatusDescription;
}
digestAlgo = convertOidToString(signer.digestAlgorithm);
if (signer.status == "KO")
{
if (!badSignature)
{
badSignature = true;
}
}
siLst.Add(si);
}
}
List <TSInfo> tsList = new List <TSInfo>();
foreach (object item in design.timeStamp)
{
//trattasi di signedData
DeSign.timeStamp ts = item as DeSign.timeStamp;
TSInfo tsi = new TSInfo
{
dataInizioValiditaCert = convertSimpleDateTime(ts.certNotBefore),
dataFineValiditaCert = convertSimpleDateTime(ts.certNotAfter),
TSdateTime = convertSimpleDateTime(ts.timeStampDate),
TSimprint = ts.timeStampImprint,
TSANameIssuer = ts.issuer.CN,
TSANameSubject = ts.subject.CN,
TSserialNumber = ts.timeStampSerial,
TSType = TsType.PKCS
};
tsList.Add(tsi);
}
if (tsList.Count > 0)
{
vsr.DocumentTimeStampInfo = tsList.ToArray();
}
p7docsLst.Add(new PKCS7Document
{
SignersInfo = siLst.ToArray(),
DocumentFileName = null,
Level = 0
});
vsr.PKCS7Documents = p7docsLst.ToArray();
vsr.CRLOnlineCheck = true;
if ((badSignature) && (vsr.StatusCode == 0))
{
vsr.StatusCode = -1;
}
return(vsr);
}
private static DocsPaVO.documento.SignerInfo convertToSignerInfo(DeSign.signer signer)
{
//DeSign.signer signer = signerObj as DeSign.signer;
DocsPaVO.documento.SignerInfo si = new SignerInfo();
int ErrCode;
Int32.TryParse(signer.errorCode, out ErrCode);
byte[] cert = null;
string thumbPrint = string.Empty;
//generazione thumbprint
if (!String.IsNullOrEmpty(signer.certificate))
{
cert = Convert.FromBase64String(signer.certificate.Replace("-----BEGIN CERTIFICATE-----", string.Empty).Replace("-----END CERTIFICATE-----", string.Empty));
thumbPrint = BitConverter.ToString(System.Security.Cryptography.SHA1.Create().ComputeHash(cert)).Replace("-", "");
}
string RevocationStatusDescription = signer.errorMessage;
if (String.IsNullOrEmpty(RevocationStatusDescription))
{
RevocationStatusDescription = "Valido";
}
si.CertificateInfo = new CertificateInfo
{
SerialNumber = signer.serial,
ValidFromDate = convertSimpleDateTime(signer.certNotBefore),
ValidToDate = convertSimpleDateTime(signer.certNotAfter),
IssuerName = "CN=" + signer.issuer.CN,
SubjectName = signer.subject.CN,
RevocationStatus = ErrCode,
RevocationStatusDescription = RevocationStatusDescription,
RevocationDate = convertSimpleDateTime(signer.crlRevocationDate),
SignatureAlgorithm = "N.D.",
ThumbPrint = thumbPrint,
X509Certificate = cert
};
if (si.CertificateInfo.RevocationDate != DateTime.MinValue)
{
si.CertificateInfo.RevocationStatus = 4; //Revocato
}
string codFisc = signer.subject.SER;
if (!string.IsNullOrEmpty(codFisc) && codFisc.Contains(":"))
{
codFisc = codFisc.Split(':')[1];
}
si.SubjectInfo = new SubjectInfo
{
Organizzazione = signer.subject.O,
CommonName = signer.subject.CN,
CodiceFiscale = codFisc,
Nome = signer.subject.GIVEN,
Cognome = signer.subject.SUR,
Country = signer.subject.C,
SerialNumber = signer.serial,
CertId = signer.subject.DNQUALIF
};
si.SignatureAlgorithm = convertOidToString(signer.digestAlgorithm);
/*
* logger.Debug("INSERISCO LE INFORMAZIONI SULLO STATO DELLA FIRMA TEST");
* si.errorCode = signer.errorCode;
* si.errorMessage = signer.errorMessage;
* si.status = signer.status;
*/
if ((signer.signatureTimeStamp != null) && (signer.signatureTimeStamp.timeStampSerial != null) && (signer.signatureTimeStamp.timeStampDate != null))
{
List <TSInfo> tsList = new List <TSInfo>();
TSInfo tsi = new TSInfo
{
dataInizioValiditaCert = convertSimpleDateTime(signer.signatureTimeStamp.certNotBefore),
dataFineValiditaCert = convertSimpleDateTime(signer.signatureTimeStamp.certNotAfter),
TSdateTime = convertSimpleDateTime(signer.signatureTimeStamp.timeStampDate),
TSimprint = signer.signatureTimeStamp.timeStampImprint,
TSANameIssuer = signer.signatureTimeStamp.issuer.CN,
TSANameSubject = signer.signatureTimeStamp.subject.CN,
TSserialNumber = signer.signatureTimeStamp.timeStampSerial,
TSType = TsType.PKCS
};
tsList.Add(tsi);
si.SignatureTimeStampInfo = tsList.ToArray();
}
//controfirmatari
List <SignerInfo> csiLst = new List <SignerInfo>();
foreach (DeSign.countersigner countersigner in signer.countersigner)
{
DocsPaVO.documento.SignerInfo csi = new SignerInfo();
csi.isCountersigner = true;
if (!String.IsNullOrEmpty(countersigner.certificate))
{
cert = Convert.FromBase64String(countersigner.certificate.Replace("-----BEGIN CERTIFICATE-----", string.Empty).Replace("-----END CERTIFICATE-----", string.Empty));
thumbPrint = BitConverter.ToString(System.Security.Cryptography.SHA1.Create().ComputeHash(cert)).Replace("-", "");
}
string csiRevocationStatusDescription = countersigner.errorMessage;
if (String.IsNullOrEmpty(RevocationStatusDescription))
{
RevocationStatusDescription = "Valido";
}
csi.CertificateInfo = new CertificateInfo
{
SerialNumber = countersigner.serial,
ValidFromDate = convertSimpleDateTime(countersigner.certNotBefore),
ValidToDate = convertSimpleDateTime(countersigner.certNotAfter),
IssuerName = "CN=" + countersigner.issuer.CN,
SubjectName = countersigner.subject.CN,
RevocationStatus = ErrCode,
RevocationStatusDescription = RevocationStatusDescription,
RevocationDate = convertSimpleDateTime(countersigner.crlRevocationDate),
SignatureAlgorithm = "N.D.",
ThumbPrint = thumbPrint,
X509Certificate = cert
};
if (csi.CertificateInfo.RevocationDate != DateTime.MinValue)
{
csi.CertificateInfo.RevocationStatus = 4; //Revocato
}
codFisc = countersigner.subject.SER;
if (codFisc.Contains(":"))
{
codFisc = codFisc.Split(':')[1];
}
csi.SubjectInfo = new SubjectInfo
{
Organizzazione = countersigner.subject.O,
CommonName = countersigner.subject.CN,
CodiceFiscale = codFisc,
Nome = countersigner.subject.GIVEN,
Cognome = countersigner.subject.SUR,
Country = countersigner.subject.C,
SerialNumber = countersigner.serial,
CertId = countersigner.subject.DNQUALIF
};
csi.SignatureAlgorithm = convertOidToString(countersigner.digestAlgorithm);
if ((countersigner.signatureTimeStamp != null) && (countersigner.signatureTimeStamp.timeStampSerial != null) && (countersigner.signatureTimeStamp.timeStampDate != null))
{
List <TSInfo> ctsList = new List <TSInfo>();
TSInfo tsi = new TSInfo
{
dataInizioValiditaCert = convertSimpleDateTime(countersigner.signatureTimeStamp.certNotBefore),
dataFineValiditaCert = convertSimpleDateTime(countersigner.signatureTimeStamp.certNotAfter),
TSdateTime = convertSimpleDateTime(countersigner.signatureTimeStamp.timeStampDate),
TSimprint = countersigner.signatureTimeStamp.timeStampImprint,
TSANameIssuer = countersigner.signatureTimeStamp.issuer.CN,
TSANameSubject = countersigner.signatureTimeStamp.subject.CN,
TSserialNumber = countersigner.signatureTimeStamp.timeStampSerial,
TSType = TsType.PKCS
};
ctsList.Add(tsi);
csi.SignatureTimeStampInfo = ctsList.ToArray();
}
csiLst.Add(csi);
}
if (csiLst.Count > 0)
{
si.counterSignatures = csiLst.ToArray();
}
return(si);
}
