private static DocsPaVO.documento.SignerInfo ExtractSignerInfo(EsitoVerificaStatus status, FirmaDigitale.DatiFirmaType firmatario, FirmaDigitale.MarcaType marcaFirma) { DocsPaVO.documento.SignerInfo si = new DocsPaVO.documento.SignerInfo(); if (firmatario != null) { // firmatari si.CertificateInfo = new DocsPaVO.documento.CertificateInfo { ValidFromDate = firmatario.dataInizioValiditaCert, ValidToDate = firmatario.dataFineValiditaCert, RevocationStatusDescription = status.ToString(), RevocationStatus = (int)status, IssuerName = "CN=" + firmatario.cnCertAuthority, SerialNumber = firmatario.serialNumber, SubjectName = firmatario.commonName, SignatureAlgorithm = "N.D.", ThumbPrint = "N.D" }; if (firmatario.dataRevocaCertificato != DateTime.MinValue) { si.CertificateInfo.RevocationStatus = 4; //Revocato si.CertificateInfo.RevocationDate = firmatario.dataRevocaCertificato; } si.SubjectInfo = new DocsPaVO.documento.SubjectInfo { CodiceFiscale = firmatario.codiceFiscale, CommonName = firmatario.commonName, CertId = firmatario.distinguishName, Organizzazione = firmatario.organizzazione, SerialNumber = firmatario.serialNumber, Nome = firmatario.nome, Cognome = firmatario.cognome, Country = firmatario.nazione }; si.SignatureAlgorithm = convertOidToString(firmatario.digestAlgorithm); } if (marcaFirma != null) { List <TSInfo> tsList = new List <TSInfo>(); TSInfo tsi = new TSInfo { dataInizioValiditaCert = marcaFirma.dataInizioValiditaCert, dataFineValiditaCert = marcaFirma.dataFineValiditaCert, TSdateTime = marcaFirma.TSdateTime, TSimprint = marcaFirma.TSimprint, TSANameIssuer = marcaFirma.TSANameIssuer, TSANameSubject = marcaFirma.TSANameSubject, TSserialNumber = marcaFirma.TSserialNumber, TSType = TsType.PKCS }; tsList.Add(tsi); si.SignatureTimeStampInfo = tsList.ToArray(); } return(si); }
public override void ReadFromBinary(IBinaryReader reader) { while (reader.CurrentArg < reader.Arguments.Length) { var info = new TSInfo { Type = reader.ReadIndex(), Indicator = reader.ReadBool() }; Infos.Add(info); } }
private static TSInfo ConvertFromActalisTS(signerTimeStamp sTs) { if (sTs == null) { return(null); } TSInfo tsi = new TSInfo { TSdateTime = sTs.tsGenTime, TSimprint = sTs.tsDigestMessageImprint, TSANameIssuer = sTs.tsTsaName, TSserialNumber = sTs.tsSerialNumber, TSType = TsType.PKCS }; return(tsi); }
private DocsPaVO.documento.SignerInfo ExtractSignerInfo(List <string> ErrorMessageLst, IX509Store store, SignerInformation signer) { DocsPaVO.documento.SignerInfo thisSinger = new DocsPaVO.documento.SignerInfo(); Org.BouncyCastle.X509.X509Certificate cert1 = GetCertificate(signer, store); try { if (!signer.Verify(cert1)) { ErrorMessageLst.Add("Not valid signature"); } } catch (Exception e) { ErrorMessageLst.Add(e.Message); } thisSinger.isCountersigner = signer.IsCounterSignature; if (signer.SignedAttributes != null) { if (signer.SignedAttributes[Org.BouncyCastle.Asn1.Pkcs.PkcsObjectIdentifiers.IdAASigningCertificateV2] == null) { ErrorMessageLst.Add("Id-AA-SigningCertificateV2 not found"); } if (signer.SignedAttributes[CmsAttributes.MessageDigest] == null) { ErrorMessageLst.Add("Pkcs9AtMessageDigest not found"); } if (!signer.IsCounterSignature) //Pare che i controfirmatari non ncessitino di questo parametro { if (signer.SignedAttributes[Org.BouncyCastle.Asn1.Pkcs.PkcsObjectIdentifiers.Pkcs9AtContentType] == null) { ErrorMessageLst.Add("Pkcs9AtContentType not found"); } } thisSinger.SignatureAlgorithm = Org.BouncyCastle.Security.DigestUtilities.GetAlgorithmName(signer.DigestAlgorithmID.ObjectID); if (signer.SignedAttributes[CmsAttributes.SigningTime] != null) { Org.BouncyCastle.Asn1.Cms.Attribute sigTime = signer.SignedAttributes[CmsAttributes.SigningTime]; if (sigTime.AttrValues.Count > 0) { try { thisSinger.SigningTime = GetSigningTime(sigTime.AttrValues[0]); } catch (Exception e) { ErrorMessageLst.Add("Error retriving SigningTime"); } } } } else { ErrorMessageLst.Add("Missing SignedAttributes"); } if (gestioneTSFirma) { List <TSInfo> tsArr = new List <TSInfo>(); if (signer.UnsignedAttributes != null && signer.UnsignedAttributes[Org.BouncyCastle.Asn1.Pkcs.PkcsObjectIdentifiers.IdAASignatureTimeStampToken] != null) { ICollection ret = Org.BouncyCastle.Tsp.TspUtil.GetSignatureTimestamps(signer); foreach (Org.BouncyCastle.Tsp.TimeStampToken token in ret) { VerifyTimeStamp verifyTimeStamp = new VerifyTimeStamp(); ICollection certsColl = token.GetCertificates("COLLECTION").GetMatches(null); TSInfo timeStamp = verifyTimeStamp.getTSCertInfo(certsColl); timeStamp.TSdateTime = token.TimeStampInfo.GenTime.ToLocalTime(); timeStamp.TSserialNumber = token.TimeStampInfo.SerialNumber.ToString(); timeStamp.TSimprint = Convert.ToBase64String(token.TimeStampInfo.TstInfo.MessageImprint.GetEncoded()); timeStamp.TSdateTime = token.TimeStampInfo.GenTime; timeStamp.TSType = TsType.PKCS; tsArr.Add(timeStamp); } } if (tsArr.Count > 0) { thisSinger.SignatureTimeStampInfo = tsArr.ToArray(); } } X509Certificate2 cert = new X509Certificate2(cert1.GetEncoded()); thisSinger.CertificateInfo.RevocationStatus = CheckCertificate(cert); thisSinger.CertificateInfo.X509Certificate = cert1.GetEncoded(); thisSinger.CertificateInfo.RevocationStatusDescription = DecodeStatus(thisSinger.CertificateInfo.RevocationStatus); ParseCNIPASubjectInfo(ref thisSinger.SubjectInfo, cert.SubjectName.Name); thisSinger.CertificateInfo.IssuerName = cert.IssuerName.Name; thisSinger.CertificateInfo.SerialNumber = cert.SerialNumber; thisSinger.CertificateInfo.SignatureAlgorithm = cert.SignatureAlgorithm.FriendlyName; thisSinger.CertificateInfo.SubjectName = cert.SubjectName.Name; thisSinger.CertificateInfo.ValidFromDate = cert.NotBefore; thisSinger.CertificateInfo.ValidToDate = cert.NotAfter; thisSinger.CertificateInfo.ThumbPrint = cert.Thumbprint; StringBuilder sb = new StringBuilder(); sb.AppendFormat("CertificateInfo.IssuerName: '{0}'", thisSinger.CertificateInfo.IssuerName); sb.AppendFormat("CertificateInfo.SerialNumber: '{0}'", thisSinger.CertificateInfo.SerialNumber); sb.AppendFormat("CertificateInfo.SignatureAlgorithm: '{0}'", thisSinger.CertificateInfo.SignatureAlgorithm); sb.AppendFormat("CertificateInfo.SubjectName: '{0}'", thisSinger.CertificateInfo.SubjectName); sb.AppendFormat("CertificateInfo.ValidFromDate: '{0}'", thisSinger.CertificateInfo.ValidFromDate); sb.AppendFormat("CertificateInfo.ValidToDate: '{0}'", thisSinger.CertificateInfo.ValidToDate); sb.AppendFormat("CertificateInfo.ThumbPrint: '{0}'", thisSinger.CertificateInfo.ThumbPrint); //DocsPaUtils.LogsManagement.Debugger.Write(string.Format("SignedDocument.Verify - {0}", sb.ToString())); //gestione controfirma if (signer.UnsignedAttributes != null) { if (signer.UnsignedAttributes[CmsAttributes.CounterSignature] != null) { List <DocsPaVO.documento.SignerInfo> cSigsList = new List <DocsPaVO.documento.SignerInfo>(); List <string> csignErrs = new List <string> (); SignerInformationStore counterSignatures = signer.GetCounterSignatures(); foreach (SignerInformation conunterSig in counterSignatures.GetSigners()) { DocsPaVO.documento.SignerInfo cSigs = ExtractSignerInfo(csignErrs, store, conunterSig); cSigsList.Add(cSigs); } if (csignErrs.Count > 0) { ErrorMessageLst.AddRange(csignErrs); } if (cSigsList.Count > 0) { thisSinger.counterSignatures = cSigsList.ToArray(); } } } return(thisSinger); }
private static VerifySignatureResult ConvertToVerifySignatureResultUsingInternalStructures(EsitoVerificaStatus status, FirmaDigitale.DettaglioFirmaDigitaleType d) { VerifySignatureResult vsr = new VerifySignatureResult(); List <DocsPaVO.documento.SignerInfo> siLst = new List <DocsPaVO.documento.SignerInfo>(); string verbosesgb = ConfigurationManager.AppSettings["VERBOSEDEBUG"]; bool verboseDebug = false; Boolean.TryParse(verbosesgb, out verboseDebug); if (verboseDebug) { logger.Debug(d.datiGeneraliVerifica); } if (d.fileMarcatoSpecified) { if (d.dataVerificaFirmaSpecified) { logger.InfoFormat("data verifica firma {0}", d.dataVerificaFirma); } if (d.fileMarcato) { logger.Debug("Marcato"); TSInfo ts = new TSInfo(); if (d.marcaDetached != null) { logger.Debug("marcaDetached !=null"); //Gestire la marca //logger.DebugFormat("TSANameIssuer [{0}]", d.marcaDetached.TSANameIssuer); //logger.DebugFormat("TSANameSubject [{0}]", d.marcaDetached.TSANameSubject); //logger.DebugFormat("TSimprint [{0}]", d.marcaDetached.TSimprint); //logger.DebugFormat("TSserialNumber [{0}]", d.marcaDetached.TSserialNumber); if (!String.IsNullOrEmpty(d.marcaDetached.TSANameIssuer)) { ts.TSANameIssuer = d.marcaDetached.TSANameIssuer; } if (!String.IsNullOrEmpty(d.marcaDetached.TSANameSubject)) { ts.TSANameSubject = d.marcaDetached.TSANameSubject; } if (!String.IsNullOrEmpty(d.marcaDetached.TSimprint)) { ts.TSimprint = d.marcaDetached.TSimprint; } if (!String.IsNullOrEmpty(d.marcaDetached.TSserialNumber)) { ts.TSserialNumber = d.marcaDetached.TSserialNumber; } if (d.marcaDetached.TSdateTimeSpecified) { ts.TSdateTime = d.marcaDetached.TSdateTime; } if (d.marcaDetached.dataFineValiditaCertSpecified) { ts.dataFineValiditaCert = d.marcaDetached.dataFineValiditaCert; } if (d.marcaDetached.dataInizioValiditaCertSpecified) { ts.dataInizioValiditaCert = d.marcaDetached.dataInizioValiditaCert; } } else { //default nel caso la try sotto desse errore ts.TSANameIssuer = "Marca non Detached, dati non disponibili"; //se questo dato ce l'ho lo valido if (d.dataVerificaFirmaSpecified) { ts.TSdateTime = d.dataVerificaFirma; } } } else { } } if (d.datiFirmatari != null) { foreach (FirmaDigitale.FirmatarioType ft in d.datiFirmatari) { //firmatari DocsPaVO.documento.SignerInfo si = ExtractSignerInfo(status, ft.firmatario, ft.marcaFirma); //controfirmatari if (ft.controfirmatario != null) { List <DocsPaVO.documento.SignerInfo> csiLst = new List <DocsPaVO.documento.SignerInfo>(); foreach (FirmaDigitale.FirmatarioTypeControfirmatario cft in ft.controfirmatario) { DocsPaVO.documento.SignerInfo csi = ExtractSignerInfo(status, cft.firma, cft.marca); csi.isCountersigner = true; csiLst.Add(csi); } if (csiLst.Count > 0) { si.counterSignatures = csiLst.ToArray(); } } siLst.Add(si); } } List <DocsPaVO.documento.PKCS7Document> p7docsLst = new List <DocsPaVO.documento.PKCS7Document>(); DocsPaVO.documento.PKCS7Document p7doc = new DocsPaVO.documento.PKCS7Document { SignersInfo = siLst.ToArray(), DocumentFileName = null, Level = 0 }; p7docsLst.Add(p7doc); vsr.PKCS7Documents = p7docsLst.ToArray(); vsr.CRLOnlineCheck = true; return(vsr); }
private static VerifySignatureResult ConvertToVerifySignatureResultUsingDatiGeneraliVerifica(EsitoVerificaStatus status, FirmaDigitale.DettaglioFirmaDigitaleType d) { DeSign.deSign design = null; string verbosesgb = ConfigurationManager.AppSettings["VERBOSEDEBUG"]; bool verboseDebug = false; Boolean.TryParse(verbosesgb, out verboseDebug); try { if (!String.IsNullOrEmpty(d.datiGeneraliVerifica)) { if (verboseDebug) { logger.InfoFormat("Risposta da infocert {0}", d.datiGeneraliVerifica); } design = DeSign.deSign.Deserialize(d.datiGeneraliVerifica); } } catch (Exception e) { logger.ErrorFormat("Errore deserializzando i dati da infocert {0} {1}", e.Message, e.StackTrace); return(null); } VerifySignatureResult vsr = new VerifySignatureResult(); List <DocsPaVO.documento.SignerInfo> siLst = new List <SignerInfo>(); List <DocsPaVO.documento.PKCS7Document> p7docsLst = new List <PKCS7Document>(); string digestAlgo = string.Empty; bool badSignature = false; foreach (object item in design.signedData) { //trattasi di signedData DeSign.signedData sd = item as DeSign.signedData; foreach (DeSign.signer signer in sd.signer) { DocsPaVO.documento.SignerInfo si = convertToSignerInfo(signer); if (si.CertificateInfo.RevocationStatus != 0) { vsr.StatusCode = si.CertificateInfo.RevocationStatus; vsr.StatusDescription = si.CertificateInfo.RevocationStatusDescription; } digestAlgo = convertOidToString(signer.digestAlgorithm); if (signer.status == "KO") { if (!badSignature) { badSignature = true; } } siLst.Add(si); } } List <TSInfo> tsList = new List <TSInfo>(); foreach (object item in design.timeStamp) { //trattasi di signedData DeSign.timeStamp ts = item as DeSign.timeStamp; TSInfo tsi = new TSInfo { dataInizioValiditaCert = convertSimpleDateTime(ts.certNotBefore), dataFineValiditaCert = convertSimpleDateTime(ts.certNotAfter), TSdateTime = convertSimpleDateTime(ts.timeStampDate), TSimprint = ts.timeStampImprint, TSANameIssuer = ts.issuer.CN, TSANameSubject = ts.subject.CN, TSserialNumber = ts.timeStampSerial, TSType = TsType.PKCS }; tsList.Add(tsi); } if (tsList.Count > 0) { vsr.DocumentTimeStampInfo = tsList.ToArray(); } p7docsLst.Add(new PKCS7Document { SignersInfo = siLst.ToArray(), DocumentFileName = null, Level = 0 }); vsr.PKCS7Documents = p7docsLst.ToArray(); vsr.CRLOnlineCheck = true; if ((badSignature) && (vsr.StatusCode == 0)) { vsr.StatusCode = -1; } return(vsr); }
private static DocsPaVO.documento.SignerInfo convertToSignerInfo(DeSign.signer signer) { //DeSign.signer signer = signerObj as DeSign.signer; DocsPaVO.documento.SignerInfo si = new SignerInfo(); int ErrCode; Int32.TryParse(signer.errorCode, out ErrCode); byte[] cert = null; string thumbPrint = string.Empty; //generazione thumbprint if (!String.IsNullOrEmpty(signer.certificate)) { cert = Convert.FromBase64String(signer.certificate.Replace("-----BEGIN CERTIFICATE-----", string.Empty).Replace("-----END CERTIFICATE-----", string.Empty)); thumbPrint = BitConverter.ToString(System.Security.Cryptography.SHA1.Create().ComputeHash(cert)).Replace("-", ""); } string RevocationStatusDescription = signer.errorMessage; if (String.IsNullOrEmpty(RevocationStatusDescription)) { RevocationStatusDescription = "Valido"; } si.CertificateInfo = new CertificateInfo { SerialNumber = signer.serial, ValidFromDate = convertSimpleDateTime(signer.certNotBefore), ValidToDate = convertSimpleDateTime(signer.certNotAfter), IssuerName = "CN=" + signer.issuer.CN, SubjectName = signer.subject.CN, RevocationStatus = ErrCode, RevocationStatusDescription = RevocationStatusDescription, RevocationDate = convertSimpleDateTime(signer.crlRevocationDate), SignatureAlgorithm = "N.D.", ThumbPrint = thumbPrint, X509Certificate = cert }; if (si.CertificateInfo.RevocationDate != DateTime.MinValue) { si.CertificateInfo.RevocationStatus = 4; //Revocato } string codFisc = signer.subject.SER; if (!string.IsNullOrEmpty(codFisc) && codFisc.Contains(":")) { codFisc = codFisc.Split(':')[1]; } si.SubjectInfo = new SubjectInfo { Organizzazione = signer.subject.O, CommonName = signer.subject.CN, CodiceFiscale = codFisc, Nome = signer.subject.GIVEN, Cognome = signer.subject.SUR, Country = signer.subject.C, SerialNumber = signer.serial, CertId = signer.subject.DNQUALIF }; si.SignatureAlgorithm = convertOidToString(signer.digestAlgorithm); /* * logger.Debug("INSERISCO LE INFORMAZIONI SULLO STATO DELLA FIRMA TEST"); * si.errorCode = signer.errorCode; * si.errorMessage = signer.errorMessage; * si.status = signer.status; */ if ((signer.signatureTimeStamp != null) && (signer.signatureTimeStamp.timeStampSerial != null) && (signer.signatureTimeStamp.timeStampDate != null)) { List <TSInfo> tsList = new List <TSInfo>(); TSInfo tsi = new TSInfo { dataInizioValiditaCert = convertSimpleDateTime(signer.signatureTimeStamp.certNotBefore), dataFineValiditaCert = convertSimpleDateTime(signer.signatureTimeStamp.certNotAfter), TSdateTime = convertSimpleDateTime(signer.signatureTimeStamp.timeStampDate), TSimprint = signer.signatureTimeStamp.timeStampImprint, TSANameIssuer = signer.signatureTimeStamp.issuer.CN, TSANameSubject = signer.signatureTimeStamp.subject.CN, TSserialNumber = signer.signatureTimeStamp.timeStampSerial, TSType = TsType.PKCS }; tsList.Add(tsi); si.SignatureTimeStampInfo = tsList.ToArray(); } //controfirmatari List <SignerInfo> csiLst = new List <SignerInfo>(); foreach (DeSign.countersigner countersigner in signer.countersigner) { DocsPaVO.documento.SignerInfo csi = new SignerInfo(); csi.isCountersigner = true; if (!String.IsNullOrEmpty(countersigner.certificate)) { cert = Convert.FromBase64String(countersigner.certificate.Replace("-----BEGIN CERTIFICATE-----", string.Empty).Replace("-----END CERTIFICATE-----", string.Empty)); thumbPrint = BitConverter.ToString(System.Security.Cryptography.SHA1.Create().ComputeHash(cert)).Replace("-", ""); } string csiRevocationStatusDescription = countersigner.errorMessage; if (String.IsNullOrEmpty(RevocationStatusDescription)) { RevocationStatusDescription = "Valido"; } csi.CertificateInfo = new CertificateInfo { SerialNumber = countersigner.serial, ValidFromDate = convertSimpleDateTime(countersigner.certNotBefore), ValidToDate = convertSimpleDateTime(countersigner.certNotAfter), IssuerName = "CN=" + countersigner.issuer.CN, SubjectName = countersigner.subject.CN, RevocationStatus = ErrCode, RevocationStatusDescription = RevocationStatusDescription, RevocationDate = convertSimpleDateTime(countersigner.crlRevocationDate), SignatureAlgorithm = "N.D.", ThumbPrint = thumbPrint, X509Certificate = cert }; if (csi.CertificateInfo.RevocationDate != DateTime.MinValue) { csi.CertificateInfo.RevocationStatus = 4; //Revocato } codFisc = countersigner.subject.SER; if (codFisc.Contains(":")) { codFisc = codFisc.Split(':')[1]; } csi.SubjectInfo = new SubjectInfo { Organizzazione = countersigner.subject.O, CommonName = countersigner.subject.CN, CodiceFiscale = codFisc, Nome = countersigner.subject.GIVEN, Cognome = countersigner.subject.SUR, Country = countersigner.subject.C, SerialNumber = countersigner.serial, CertId = countersigner.subject.DNQUALIF }; csi.SignatureAlgorithm = convertOidToString(countersigner.digestAlgorithm); if ((countersigner.signatureTimeStamp != null) && (countersigner.signatureTimeStamp.timeStampSerial != null) && (countersigner.signatureTimeStamp.timeStampDate != null)) { List <TSInfo> ctsList = new List <TSInfo>(); TSInfo tsi = new TSInfo { dataInizioValiditaCert = convertSimpleDateTime(countersigner.signatureTimeStamp.certNotBefore), dataFineValiditaCert = convertSimpleDateTime(countersigner.signatureTimeStamp.certNotAfter), TSdateTime = convertSimpleDateTime(countersigner.signatureTimeStamp.timeStampDate), TSimprint = countersigner.signatureTimeStamp.timeStampImprint, TSANameIssuer = countersigner.signatureTimeStamp.issuer.CN, TSANameSubject = countersigner.signatureTimeStamp.subject.CN, TSserialNumber = countersigner.signatureTimeStamp.timeStampSerial, TSType = TsType.PKCS }; ctsList.Add(tsi); csi.SignatureTimeStampInfo = ctsList.ToArray(); } csiLst.Add(csi); } if (csiLst.Count > 0) { si.counterSignatures = csiLst.ToArray(); } return(si); }