public static CieStudentData Decode(byte[] encodedAttribute)
{
try {
// decodifica o atributo como string
var content = Asn1Util.DecodePrintableString(encodedAttribute);
var cieData = new CieStudentData();
// nas primeiras 40(quarenta) posições, o nome da instituição de ensino;
cieData.InstituicaoEnsino = content.Substring(0, 40).Trim();
// nas 15 (quinze) posições subsequentes, o grau de escolaridade;
cieData.GrauEscolaridade = content.Substring(40, 15).Trim();
// nas 30 (trinta) posições subsequentes, o nome do curso
cieData.Curso = content.Substring(55, 30).Trim();
// nas 20 (vinte) posições subsequentes, o município da instituição
cieData.InstituicaoEnsinoCidade = content.Substring(85, content.Length - 85 - 2).Trim();
// nas 2 (duas) posições subsequentes, a UF domunicípio.
cieData.InstituicaoEnsinoUF = content.Substring(content.Length - 2, 2).Trim();
return(cieData);
} catch (Exception ex) {
throw new FormatException("Error while decoding CIE student data fields. Invalid format.", ex);
}
}
private byte[] issue(string name)
{
/**
* HolderName
*
* http://www.une.org.br/site/wp-content/uploads/2017/01/Padra%CC%83o-Nacional-2017.pdf
*
* Pag 9
*
* O nome do titular do certificado de atributo, pessoa física, constante no campo Holder,
* deverá adotar o Distinguished Name (DN) do padrão ITU X.500/ISO 9594, da seguinte forma:
*
* C = BR
* O = ICP-Brasil
* OU = nome fantasia ou sigla da Entidade Emissora de Atributo (EEA)
* CN = nome do titular do atributo
*
* Na composição dos nomes, aplicam-se as restrições de nome conforme definido no
* item Restrição de nomes.
*/
var normalizedName = name.Trim().RemoveDiacritics().RemovePunctuation();
var holderName = string.Format("C=BR, O=ICP-Brasil, OU={0}, CN={1}", IssuerName, normalizedName);
// Expiration (we're using midnight from March 31st to April 1st of next year)
var expiration = Util.GetMidnightOf(DateTime.Today.Year + 1, 3, 31, TimeZoneInfo.FindSystemTimeZoneById("E. South America Standard Time") /* Brasília */);
var certGen = new AttributeCertificateGenerator();
certGen.SetIssuer(SelectedCertificate.CertificateWithKey);
certGen.SetHolderName(NameGenerator.GenerateFromDNString(holderName, NameGeneratorTypePolicies.PrintableStringsOnly));
certGen.SetValidity(DateTimeOffset.Now, expiration);
certGen.GenerateUniqueSerialNumber();
certGen.SetSignatureAlgorithm(SignatureAlgorithm.SHA256WithRSA);
certGen.SetExtensionNoRevocationAvailable();
// Authority Information Access extension (optional)
//certGen.SetCAIssuersUri(new Uri("http://ca.yourcompany.com/issuer.cer"));
// Attribute #1
var cieStudentIdentity = new CieStudentIdentity()
{
Cpf = "374.353.901-27",
DataNascimento = new DateTime(2001, 9, 11),
Matricula = "555.555",
RG = "12.345.678",
RGEmissor = "SSP",
RGEmissorUF = "SP",
};
certGen.AddRawAttribute(CieStudentIdentity.Oid, cieStudentIdentity.Encode());
// Attribute #2
var cieStudentData = new CieStudentData()
{
Curso = "Engenharia da Computação",
GrauEscolaridade = "Superior",
InstituicaoEnsino = "Universidade de São Paulo",
InstituicaoEnsinoCidade = "São Paulo",
InstituicaoEnsinoUF = "SP",
};
certGen.AddRawAttribute(CieStudentData.Oid, cieStudentData.Encode());
// Photo attribute (optional)
var holderPhotoAttribute = new LacunaHolderPhotoAttribute()
{
MimeType = "image/jpeg",
Content = Convert.FromBase64String("/9j/4AAQSkZJRgABAQAAAQABAAD/2wBDABALDA4MChAODQ4SERATGCgaGBYWGDEjJR0oOjM9PDkzODdASFxOQERXRTc4UG1RV19iZ2hnPk1xeXBkeFxlZ2P/2wBDARESEhgVGC8aGi9jQjhCY2NjY2NjY2NjY2NjY2NjY2NjY2NjY2NjY2NjY2NjY2NjY2NjY2NjY2NjY2NjY2NjY2P/wAARCABkAEsDASIAAhEBAxEB/8QAGwAAAQUBAQAAAAAAAAAAAAAABQACAwQGAQf/xAA2EAABAwIEAwYEBAcBAAAAAAABAAIDBBEFEiExBkFhExQiUYGRI0JxoTJSweEHJDNDcrHR8f/EABgBAAMBAQAAAAAAAAAAAAAAAAABAgME/8QAHBEBAQADAQEBAQAAAAAAAAAAAQACESEDEkFR/9oADAMBAAIRAxEAPwDQOCjcFM4KJycplkNrsboaElr5c8g+SPU+vIIXjeOdrenonkM2dI35ug6LOub5DXqluYWlHF9NfWllt53Cu0nEeHVJDTKYXeUot99liHxlh5g9VHY7H3RuNXqYsQCNQUrLD4FjsuHPEM130p3bzZ1H/FuY3sljbJG4OY8AtcNiESmEJtlKQm2TisOQrHqk0uGSFv45Phtt5n9ros5Z/iYZhRsJ0MhPqAk8mQvBsPYWF72XO2oRg0jWgfDaB9EygiMTGhwFyNgiLgcuy4123WcIJV0MZOZzAfRDaqlYDmEbR6LQ1AL47AWIQqrBLSEClXIDUwBti3S61HBtU6WglpXm5gf4f8XfvdZ+VufflyRjg8Hv9Vb8Jjbf63/9XTg3LmatSQm2UhC5ZaWc9yB4wTUPYGwuPd52ku6W108rH7I45DK4mEStYP65Fydbcln6KFp5gtQqaqWBw7GNpNtXvNmtVIY7WuqeycICBvYOFkXFJHUNa57Q7LqL7ApjsLgdOZrAO3NhuVgJq3TbQ4hUSUtM2QgEubYrPVM9SWiU1DWsc7KCG7nyRnHLd3jbfwg2t0VCJmZjWg3b15IxdTyNw+GWV0hDyHW+YC3uESwiufhb55REHseRmJOzQTew9fsoJ4GwvJG5XaON1VXCjucsuVp6Dn9rlWPeUfP9t6Qm2UhHRNsui5pFVauBszBcXLSpaefvFNHNYDtGh1hyXSkhkamPy7h0RLWljhYjkozI6zyxr3MboQy13H1UtYwtlzD5xp9UP72+KLKIpC0aXA0PW65E06uvF2bq2MSl8eUQPvpmG+X1VGkjIe5t7McNAfNS1tTMGP8Agu8ZubkaIe2aVztWlrBuSVWuQtPO8k2vstTgWFOpf5ioYwSkeCxvYHf12HugOF0grsWjhIBYw55foN/votwtfPH9sfTL8LianFcWtjU6F0jqRvai0jSWvHUGylKrVOJUVFFnqJ443HVzAbuvz03WcruLnuJbQwBo/PLqfYf9KCLSVrA+ntexBuEPjcchFrkcihvCktRiuLzd6nfJandbMdGklo0GwRSWJwcWnwStNndCsPU7u38nmobWxZtdT6oRUjL4QfQIjVyT53NNtBqRsF2gwKepcJqgmOM667n6D9VOOKteWQHbuEGWipKuuj07FgJJ2cbg5fb/AGthS1MVZTR1EDs0bxcH9PqsnxPVxUWHR4dAA3tbEgcmg3+5/VCMH4gmweRzQztYHm7oyba+YPIroDRq5l+nd6OU1D8Mx2gxRoEEuWU/2n6O9PP0V+6cryhJdsuonaz+H8V6qsl5NYxvuSf0R7HG0/bB8cobVBviZYkPb1tsfLn0KDcHCVmD1DqbKJpZ8uY6hgDRrbnz0VLH4+4zkQSPEjXh2fNclxAJN/VV8/Rqn602iwqjo5IW1QkbUl2xH4Wnysef1VqrlayNzjoALkrI4NiVUcRY6Nmd8xAnY0WDh+boUW4pq+64W9gPil8I9f2ugxMTUZKvbFYnVura+Wocb5j4eg5Kmbk6p51XLWU1XG3FiDYhFI+I8XijDG1ryBtma1x9yLoWOfku2RFYXDukkiLecERtGA5gNXTvJ9gEDxqrdVV1VTSxx2jllyyAEO8JIA3tawHJJJVTXuComdlUTEXeXht+io8bzPdikcJPw44wWjqd/wDSSSGCzaa4bJJKarqVkkkRf//Z"),
};
certGen.AddAttribute(LacunaHolderPhotoAttribute.Oid, holderPhotoAttribute);
// Issue
var cert = certGen.Generate();
// CIE Attributes decode example
//var cieStudentIdentityDecoded = CieStudentIdentity.Decode(cert.Attributes);
//var cieStudentDataDecoded = CieStudentData.Decode(cert.Attributes);
// Return encoded cert
return(cert.EncodedValue);
}
public void ValidateAttributeCert()
{
if (!checkLicenseLoaded())
{
return;
}
try {
var certFileDialog = new OpenFileDialog()
{
DefaultExt = ".ac",
Filter = "X.509 attribute certificate (.ac)|*.ac"
};
if (certFileDialog.ShowDialog() != true)
{
return;
}
// Read and decode the attribute certificate
var certContent = File.ReadAllBytes(certFileDialog.FileName);
var cert = AttributeCertificate.Decode(certContent);
// If the certificate is issued without a link to its issuer (AIA extension), the validation will fail because the issuer will not be found. In this
// case, have to provide the issuer certificate when decoding the attribute certificate.
if (cert.IssuerNotFound)
{
MessageBox.Show("Could not find the issuer of the certificate. This usually happens with certificates that do not have a valid Authority Information Access (AIA) extension.\n\nTo continue, you will need to provide the .cer file of the issuer.", "Issuer not found");
var issuerFileDialog = new OpenFileDialog()
{
DefaultExt = ".cer",
Filter = "X.509 certificate|*.cer;*.crt"
};
if (issuerFileDialog.ShowDialog() != true)
{
return;
}
// Read and decode the issuer certificate
var issuerContent = File.ReadAllBytes(issuerFileDialog.FileName);
var issuerCert = PKCertificate.Decode(issuerContent);
// Re-open the attribute certificate providing the issuer certificate
cert = AttributeCertificate.Decode(certContent, new MemoryCertificateStore(new[] { issuerCert }));
}
CieStudentIdentity cieStudentIdentity = null;
if (cert.Attributes.GetOids().Contains(CieStudentIdentity.Oid))
{
cieStudentIdentity = CieStudentIdentity.Decode(cert.Attributes);
}
CieStudentData cieStudentData = null;
if (cert.Attributes.GetOids().Contains(CieStudentData.Oid))
{
cieStudentData = CieStudentData.Decode(cert.Attributes);
}
// Validate the certificate
var vr = cert.Validate(App.GetTrustArbitrator());
// Show the validation results
new ValidationResultsDialog("Attribute certificate validation results", vr).ShowDialog();
} catch (Exception ex) {
MessageBox.Show(ex.ToString(), "An error has occurred");
}
}
