/** * Checks if the timestamp refers to this document. * @throws java.security.NoSuchAlgorithmException on error * @return true if it checks false otherwise * @since 2.1.6 */ public bool VerifyTimestampImprint() { if (timeStampToken == null) { return(false); } TimeStampTokenInfo info = timeStampToken.TimeStampInfo; MessageImprint imprint = info.TstInfo.MessageImprint; String algOID = info.MessageImprintAlgOid; byte[] md = DigestAlgorithms.Digest(algOID, digest); byte[] imphashed = imprint.GetHashedMessage(); bool res = Arrays.AreEqual(md, imphashed); return(res); }
/** * Signs the document using the detached mode, CMS or CAdES equivalent. * @param sap the PdfSignatureAppearance * @param externalSignature the interface providing the actual signing * @param chain the certificate chain * @param crlList the CRL list * @param ocspClient the OCSP client * @param tsaClient the Timestamp client * @param provider the provider or null * @param estimatedSize the reserved size for the signature. It will be estimated if 0 * @param cades true to sign CAdES equivalent PAdES-BES, false to sign CMS * @throws DocumentException * @throws IOException * @throws GeneralSecurityException * @throws NoSuchAlgorithmException * @throws Exception */ public static void SignDetached(PdfSignatureAppearance sap, IExternalSignature externalSignature, ICollection <X509Certificate> chain, ICollection <ICrlClient> crlList, IOcspClient ocspClient, ITSAClient tsaClient, int estimatedSize, CryptoStandard sigtype) { List <X509Certificate> certa = new List <X509Certificate>(chain); ICollection <byte[]> crlBytes = null; int i = 0; while (crlBytes == null && i < certa.Count) { crlBytes = ProcessCrl(certa[i++], crlList); } if (estimatedSize == 0) { estimatedSize = 8192; if (crlBytes != null) { foreach (byte[] element in crlBytes) { estimatedSize += element.Length + 10; } } if (ocspClient != null) { estimatedSize += 4192; } if (tsaClient != null) { estimatedSize += 4192; } } sap.Certificate = certa[0]; PdfSignature dic = new PdfSignature(PdfName.ADOBE_PPKLITE, sigtype == CryptoStandard.CADES ? PdfName.ETSI_CADES_DETACHED : PdfName.ADBE_PKCS7_DETACHED); dic.Reason = sap.Reason; dic.Location = sap.Location; dic.Contact = sap.Contact; dic.Date = new PdfDate(sap.SignDate); // time-stamp will over-rule this sap.CryptoDictionary = dic; Dictionary <PdfName, int> exc = new Dictionary <PdfName, int>(); exc[PdfName.CONTENTS] = estimatedSize * 2 + 2; sap.PreClose(exc); String hashAlgorithm = externalSignature.GetHashAlgorithm(); PdfPKCS7 sgn = new PdfPKCS7(null, chain, hashAlgorithm, false); IDigest messageDigest = DigestUtilities.GetDigest(hashAlgorithm); Stream data = sap.GetRangeStream(); byte[] hash = DigestAlgorithms.Digest(data, hashAlgorithm); DateTime cal = DateTime.Now; byte[] ocsp = null; if (chain.Count >= 2 && ocspClient != null) { ocsp = ocspClient.GetEncoded(certa[0], certa[1], null); } byte[] sh = sgn.getAuthenticatedAttributeBytes(hash, cal, ocsp, crlBytes, sigtype); byte[] extSignature = externalSignature.Sign(sh); sgn.SetExternalDigest(extSignature, null, externalSignature.GetEncryptionAlgorithm()); byte[] encodedSig = sgn.GetEncodedPKCS7(hash, cal, tsaClient, ocsp, crlBytes, sigtype); if (estimatedSize + 2 < encodedSig.Length) { throw new IOException("Not enough space"); } byte[] paddedSig = new byte[estimatedSize]; System.Array.Copy(encodedSig, 0, paddedSig, 0, encodedSig.Length); PdfDictionary dic2 = new PdfDictionary(); dic2.Put(PdfName.CONTENTS, new PdfString(paddedSig).SetHexWriting(true)); sap.Close(dic2); }
private static byte[] HashBytesSha1(byte[] b) { return(DigestAlgorithms.Digest("SHA1", b)); }
/** * This method provides that encoding and the parameters must be * exactly the same as in {@link #getEncodedPKCS7(byte[],Calendar)}. * * @param secondDigest the content digest * @param signingTime the signing time * @return the byte array representation of the authenticatedAttributes ready to be signed */ private DerSet GetAuthenticatedAttributeSet(byte[] secondDigest, DateTime signingTime, byte[] ocsp, ICollection <byte[]> crlBytes, CryptoStandard sigtype) { Asn1EncodableVector attribute = new Asn1EncodableVector(); Asn1EncodableVector v = new Asn1EncodableVector(); v.Add(new DerObjectIdentifier(SecurityIDs.ID_CONTENT_TYPE)); v.Add(new DerSet(new DerObjectIdentifier(SecurityIDs.ID_PKCS7_DATA))); attribute.Add(new DerSequence(v)); v = new Asn1EncodableVector(); v.Add(new DerObjectIdentifier(SecurityIDs.ID_SIGNING_TIME)); v.Add(new DerSet(new DerUtcTime(signingTime))); attribute.Add(new DerSequence(v)); v = new Asn1EncodableVector(); v.Add(new DerObjectIdentifier(SecurityIDs.ID_MESSAGE_DIGEST)); v.Add(new DerSet(new DerOctetString(secondDigest))); attribute.Add(new DerSequence(v)); bool haveCrl = false; if (crlBytes != null) { foreach (byte[] bCrl in crlBytes) { if (bCrl != null) { haveCrl = true; break; } } } if (ocsp != null || haveCrl) { v = new Asn1EncodableVector(); v.Add(new DerObjectIdentifier(SecurityIDs.ID_ADBE_REVOCATION)); Asn1EncodableVector revocationV = new Asn1EncodableVector(); if (haveCrl) { Asn1EncodableVector v2 = new Asn1EncodableVector(); foreach (byte[] bCrl in crlBytes) { if (bCrl == null) { continue; } Asn1InputStream t = new Asn1InputStream(bCrl); v2.Add(t.ReadObject()); } revocationV.Add(new DerTaggedObject(true, 0, new DerSequence(v2))); } if (ocsp != null) { DerOctetString doctet = new DerOctetString(ocsp); Asn1EncodableVector vo1 = new Asn1EncodableVector(); Asn1EncodableVector v2 = new Asn1EncodableVector(); v2.Add(OcspObjectIdentifiers.PkixOcspBasic); v2.Add(doctet); DerEnumerated den = new DerEnumerated(0); Asn1EncodableVector v3 = new Asn1EncodableVector(); v3.Add(den); v3.Add(new DerTaggedObject(true, 0, new DerSequence(v2))); vo1.Add(new DerSequence(v3)); revocationV.Add(new DerTaggedObject(true, 1, new DerSequence(vo1))); } v.Add(new DerSet(new DerSequence(revocationV))); attribute.Add(new DerSequence(v)); } if (sigtype == CryptoStandard.CADES) { v = new Asn1EncodableVector(); v.Add(new DerObjectIdentifier(SecurityIDs.ID_AA_SIGNING_CERTIFICATE_V2)); Asn1EncodableVector aaV2 = new Asn1EncodableVector(); AlgorithmIdentifier algoId = new AlgorithmIdentifier(new DerObjectIdentifier(digestAlgorithmOid), null); aaV2.Add(algoId); byte[] dig = DigestAlgorithms.Digest(GetHashAlgorithm(), signCert.GetEncoded()); aaV2.Add(new DerOctetString(dig)); v.Add(new DerSet(new DerSequence(new DerSequence(new DerSequence(aaV2))))); attribute.Add(new DerSequence(v)); } return(new DerSet(attribute)); }
/** * Gets the bytes for the PKCS7SignedData object. Optionally the authenticatedAttributes * in the signerInfo can also be set, OR a time-stamp-authority client * may be provided. * @param secondDigest the digest in the authenticatedAttributes * @param signingTime the signing time in the authenticatedAttributes * @param tsaClient TSAClient - null or an optional time stamp authority client * @return byte[] the bytes for the PKCS7SignedData object * @since 2.1.6 */ public byte[] GetEncodedPKCS7(byte[] secondDigest, DateTime signingTime, ITSAClient tsaClient, byte[] ocsp, ICollection <byte[]> crlBytes, CryptoStandard sigtype) { if (externalDigest != null) { digest = externalDigest; if (RSAdata != null) { RSAdata = externalRSAdata; } } else if (externalRSAdata != null && RSAdata != null) { RSAdata = externalRSAdata; sig.BlockUpdate(RSAdata, 0, RSAdata.Length); digest = sig.GenerateSignature(); } else { if (RSAdata != null) { RSAdata = new byte[messageDigest.GetDigestSize()]; messageDigest.DoFinal(RSAdata, 0); sig.BlockUpdate(RSAdata, 0, RSAdata.Length); } digest = sig.GenerateSignature(); } // Create the set of Hash algorithms Asn1EncodableVector digestAlgorithms = new Asn1EncodableVector(); foreach (string dal in digestalgos.Keys) { Asn1EncodableVector algos = new Asn1EncodableVector(); algos.Add(new DerObjectIdentifier(dal)); algos.Add(DerNull.Instance); digestAlgorithms.Add(new DerSequence(algos)); } // Create the contentInfo. Asn1EncodableVector v = new Asn1EncodableVector(); v.Add(new DerObjectIdentifier(SecurityIDs.ID_PKCS7_DATA)); if (RSAdata != null) { v.Add(new DerTaggedObject(0, new DerOctetString(RSAdata))); } DerSequence contentinfo = new DerSequence(v); // Get all the certificates // v = new Asn1EncodableVector(); foreach (X509Certificate xcert in certs) { Asn1InputStream tempstream = new Asn1InputStream(new MemoryStream(xcert.GetEncoded())); v.Add(tempstream.ReadObject()); } DerSet dercertificates = new DerSet(v); // Create signerinfo structure. // Asn1EncodableVector signerinfo = new Asn1EncodableVector(); // Add the signerInfo version // signerinfo.Add(new DerInteger(signerversion)); v = new Asn1EncodableVector(); v.Add(CertificateInfo.GetIssuer(signCert.GetTbsCertificate())); v.Add(new DerInteger(signCert.SerialNumber)); signerinfo.Add(new DerSequence(v)); // Add the digestAlgorithm v = new Asn1EncodableVector(); v.Add(new DerObjectIdentifier(digestAlgorithmOid)); v.Add(DerNull.Instance); signerinfo.Add(new DerSequence(v)); // add the authenticated attribute if present if (secondDigest != null /*&& signingTime != null*/) { signerinfo.Add(new DerTaggedObject(false, 0, GetAuthenticatedAttributeSet(secondDigest, signingTime, ocsp, crlBytes, sigtype))); } // Add the digestEncryptionAlgorithm v = new Asn1EncodableVector(); v.Add(new DerObjectIdentifier(digestEncryptionAlgorithmOid)); v.Add(DerNull.Instance); signerinfo.Add(new DerSequence(v)); // Add the digest signerinfo.Add(new DerOctetString(digest)); // When requested, go get and add the timestamp. May throw an exception. // Added by Martin Brunecky, 07/12/2007 folowing Aiken Sam, 2006-11-15 // Sam found Adobe expects time-stamped SHA1-1 of the encrypted digest if (tsaClient != null) { byte[] tsImprint = DigestAlgorithms.Digest(tsaClient.GetMessageDigest(), digest); byte[] tsToken = tsaClient.GetTimeStampToken(tsImprint); if (tsToken != null) { Asn1EncodableVector unauthAttributes = BuildUnauthenticatedAttributes(tsToken); if (unauthAttributes != null) { signerinfo.Add(new DerTaggedObject(false, 1, new DerSet(unauthAttributes))); } } } // Finally build the body out of all the components above Asn1EncodableVector body = new Asn1EncodableVector(); body.Add(new DerInteger(version)); body.Add(new DerSet(digestAlgorithms)); body.Add(contentinfo); body.Add(new DerTaggedObject(false, 0, dercertificates)); // Only allow one signerInfo body.Add(new DerSet(new DerSequence(signerinfo))); // Now we have the body, wrap it in it's PKCS7Signed shell // and return it // Asn1EncodableVector whole = new Asn1EncodableVector(); whole.Add(new DerObjectIdentifier(SecurityIDs.ID_PKCS7_SIGNED_DATA)); whole.Add(new DerTaggedObject(0, new DerSequence(body))); MemoryStream bOut = new MemoryStream(); Asn1OutputStream dout = new Asn1OutputStream(bOut); dout.WriteObject(new DerSequence(whole)); dout.Close(); return(bOut.ToArray()); }