public void SingDocumentWithPasswordDecrypring() { //ExStart //ExFor:DigitalSignatureUtil.Sign(String, String, CertificateHolder, String, DateTime) //ExFor:DigitalSignatureUtil.Sign(Stream, Stream, CertificateHolder, String, DateTime) //ExSummary:Shows how to sign encrypted documents // Create certificate holder from a file. CertificateHolder ch = CertificateHolder.Create(MyDir + "certificate.pfx", "123456"); //ByDocument Document doc = new Document(MyDir + "Document.Encrypted.docx", new LoadOptions("docPassword")); string outputDocFileName = MyDir + @"\Artifacts\Document.Encrypted.docx"; // Digitally sign encrypted with "docPassword" document in the specified path. DigitalSignatureUtil.Sign(doc.OriginalFileName, outputDocFileName, ch, "Comment", DateTime.Now, "docPassword"); // Open encrypted document from a file. Document signedDoc = new Document(outputDocFileName, new LoadOptions("docPassword")); // Check that encrypted document was successfully signed. DigitalSignatureCollection signatures = signedDoc.DigitalSignatures; if (signatures.IsValid && (signatures.Count > 0)) { Assert.Pass(); //The document was signed successfully } }
public static void Run() { // ExStart:AssignAndValidateDigitalSignatures // The path to the documents directory. string dataDir = RunExamples.GetDataDir(System.Reflection.MethodBase.GetCurrentMethod().DeclaringType); // dsc is signature collection contains one or more signature needed to sign DigitalSignatureCollection dsc = new DigitalSignatureCollection(); // Cert must contain private key, it can be contructed from cert file or windows certificate collection. aa is password of cert X509Certificate2 cert = new X509Certificate2(dataDir + "mykey2.pfx", "aa"); DigitalSignature ds = new DigitalSignature(cert, "test for sign", DateTime.Now); dsc.Add(ds); Workbook wb = new Workbook(); // wb.SetDigitalSignature signs all signatures in dsc wb.SetDigitalSignature(dsc); wb.Save(dataDir + @"newfile_out.xlsx"); // open the file wb = new Workbook(dataDir + @"newfile_out.xlsx"); System.Console.WriteLine(wb.IsDigitallySigned); // Get digitalSignature collection from workbook dsc = wb.GetDigitalSignature(); foreach (DigitalSignature dst in dsc) { System.Console.WriteLine(dst.Comments); //test for sign -OK System.Console.WriteLine(dst.SignTime); //11/25/2010 1:22:01 PM -OK System.Console.WriteLine(dst.IsValid); //True -OK } // ExEnd:AssignAndValidateDigitalSignatures }
public void LoadAndRemove() { //ExStart //ExFor:DigitalSignatureUtil //ExFor:DigitalSignatureUtil.LoadSignatures(String) //ExFor:DigitalSignatureUtil.LoadSignatures(Stream) //ExFor:DigitalSignatureUtil.RemoveAllSignatures(Stream, Stream) //ExFor:DigitalSignatureUtil.RemoveAllSignatures(String, String) //ExSummary:Shows how to load and remove digital signatures from a digitally signed document. // Load digital signatures via filename string to verify that the document is signed DigitalSignatureCollection digitalSignatures = DigitalSignatureUtil.LoadSignatures(MyDir + "Digitally signed.docx"); Assert.AreEqual(1, digitalSignatures.Count); // Re-save the document to an output filename with all digital signatures removed DigitalSignatureUtil.RemoveAllSignatures(MyDir + "Digitally signed.docx", ArtifactsDir + "DigitalSignatureUtil.LoadAndRemove.FromString.docx"); // Remove all signatures from the document using stream parameters using (Stream streamIn = new FileStream(MyDir + "Digitally signed.docx", FileMode.Open)) { using (Stream streamOut = new FileStream(ArtifactsDir + "DigitalSignatureUtil.LoadAndRemove.FromStream.docx", FileMode.Create)) { DigitalSignatureUtil.RemoveAllSignatures(streamIn, streamOut); } } // We can also load a document's digital signatures via stream, which we will do to verify that all signatures have been removed using (Stream stream = new FileStream(ArtifactsDir + "DigitalSignatureUtil.LoadAndRemove.FromStream.docx", FileMode.Open)) { digitalSignatures = DigitalSignatureUtil.LoadSignatures(stream); Assert.AreEqual(0, digitalSignatures.Count); } //ExEnd }
public static void Run() { // ExStart:1 //Source directory string sourceDir = RunExamples.Get_SourceDirectory(); //Output directory string outputDir = RunExamples.Get_OutputDirectory(); Workbook workbook = new Workbook(sourceDir + "sourceFile.xlsx"); string password = "******"; string pfx = "pfxFile"; DigitalSignature signature = new DigitalSignature(File.ReadAllBytes(pfx), password, "testXAdES", DateTime.Now); signature.XAdESType = XAdESType.XAdES; DigitalSignatureCollection dsCollection = new DigitalSignatureCollection(); dsCollection.Add(signature); workbook.SetDigitalSignature(dsCollection); workbook.Save(outputDir + "XAdESSignatureSupport_out.xlsx"); // ExEnd:1 Console.WriteLine("XAdESSignatureSupport executed successfully."); }
/* * Processes the given signature collection. */ void ProcessSignatures(Node entityNode, DigitalSignatureCollection signatures) { // Making sure there are any signatures. if (signatures == null) { return; } // Looping through each signature. foreach (var idxSignature in signatures) { // We cannot verify signatures unless we have the public PGP key in GnuPG database, hence the try thingie ... try { // Making sure we return email of PGP key used to sign, and true as value of node if signature is valid. var signatureNode = entityNode.FindOrInsert("signature").Add(idxSignature.SignerCertificate.Email, idxSignature.Verify()).LastChild; // Adding fingerprint of PGP key used to sign entity. signatureNode.Add("fingerprint", idxSignature.SignerCertificate.Fingerprint); } catch { // Inserting unknown fingerprint and signature email. var signatureNode = entityNode.FindOrInsert("signature").Add("unknown", false).LastChild; signatureNode.Add("fingerprint", "unknown"); } } }
public void SingDocumentWithPasswordDecrypring() { //ExStart //ExFor:CertificateHolder //ExFor:SignOptions.DecryptionPassword //ExSummary:Shows how to sign encrypted document file. string outputFileName = ArtifactsDir + "Document.Encrypted.docx"; Document doc = new Document(MyDir + "Document.Encrypted.docx", new LoadOptions("docPassword")); // Create certificate holder from a file. CertificateHolder certificateHolder = CertificateHolder.Create(MyDir + "morzal.pfx", "aw"); SignOptions signOptions = new SignOptions { Comments = "Comment", SignTime = DateTime.Now, DecryptionPassword = "******" }; // Digitally sign encrypted with "docPassword" document in the specified path. DigitalSignatureUtil.Sign(doc.OriginalFileName, outputFileName, certificateHolder, signOptions); //ExEnd // Open encrypted document from a file. Document signedDoc = new Document(outputFileName, new LoadOptions("docPassword")); // Check that encrypted document was successfully signed. DigitalSignatureCollection signatures = signedDoc.DigitalSignatures; if (signatures.IsValid && (signatures.Count > 0)) { Assert.Pass(); //The document was signed successfully } }
public void SingStreamDocumentWithPasswordDecrypring() { // Create certificate holder from a file. CertificateHolder ch = CertificateHolder.Create(MyDir + "certificate.pfx", "123456"); //By Stream Stream docInStream = new FileStream(MyDir + "Document.Encrypted.docx", FileMode.Open); Stream docOutStream = new FileStream(MyDir + @"\Artifacts\Document.Encrypted.docx", FileMode.OpenOrCreate); // Digitally sign encrypted with "docPassword" document in the specified path. DigitalSignatureUtil.Sign(docInStream, docOutStream, ch, "Comment", DateTime.Now, "docPassword"); // Open encrypted document from a file. Document signedDoc = new Document(docOutStream, new LoadOptions("docPassword")); // Check that encrypted document was successfully signed. DigitalSignatureCollection signatures = signedDoc.DigitalSignatures; if (signatures.IsValid && (signatures.Count > 0)) { docInStream.Dispose(); docOutStream.Dispose(); Assert.Pass(); //The document was signed successfully } }
public void GetEnumerator() { //ExStart //ExFor:DigitalSignatureCollection.GetEnumerator //ExSummary:Shows how to load and enumerate all digital signatures of a document. DigitalSignatureCollection digitalSignatures = DigitalSignatureUtil.LoadSignatures(MyDir + "Digitally signed.docx"); using (IEnumerator <DigitalSignature> enumerator = digitalSignatures.GetEnumerator()) { while (enumerator.MoveNext()) { // Do something useful DigitalSignature ds = enumerator.Current; if (ds != null) { Console.WriteLine(ds.ToString()); } } } //ExEnd Assert.AreEqual(1, digitalSignatures.Count); DigitalSignature signature = digitalSignatures[0]; Assert.True(signature.IsValid); Assert.AreEqual(DigitalSignatureType.XmlDsig, signature.SignatureType); Assert.AreEqual("12/23/2010 02:14:40 AM", signature.SignTime.ToString("MM/dd/yyyy hh:mm:ss tt")); Assert.AreEqual("Test Sign", signature.Comments); Assert.AreEqual(signature.IssuerName, signature.CertificateHolder.Certificate.IssuerName.Name); Assert.AreEqual(signature.SubjectName, signature.CertificateHolder.Certificate.SubjectName.Name); Assert.AreEqual("CN=VeriSign Class 3 Code Signing 2009-2 CA, " + "OU=Terms of use at https://www.verisign.com/rpa (c)09, " + "OU=VeriSign Trust Network, " + "O=\"VeriSign, Inc.\", " + "C=US", signature.IssuerName); Assert.AreEqual("CN=Aspose Pty Ltd, " + "OU=Digital ID Class 3 - Microsoft Software Validation v2, " + "O=Aspose Pty Ltd, " + "L=Lane Cove, " + "S=New South Wales, " + "C=AU", signature.SubjectName); }
/* * Processes the given signature collection. */ void ProcessSignatures(Node entityNode, DigitalSignatureCollection signatures) { // Making sure there are any signatures. if (signatures == null) { return; // Nothing to do here ... } // Looping through each signature. foreach (var idxSignature in signatures) { // Making sure we return email of PGP key used to sign, and true as value of node if signature is valid. var signatureNode = entityNode.FindOrInsert("signature").Add(idxSignature.SignerCertificate.Email, idxSignature.Verify()).LastChild; // Adding fingerprint of PGP key used to sign entity. signatureNode.Add("fingerprint", idxSignature.SignerCertificate.Fingerprint.ToLower()); } }
public void LoadSignaturesEx() { //ExStart //ExFor:DigitalSignatureUtil.LoadSignatures(Stream) //ExFor:DigitalSignatureUtil.LoadSignatures(String) //ExSummary:Shows how to load signatures from a document by stream and by string. Stream docStream = new FileStream(MyDir + "Document.DigitalSignature.docx", FileMode.Open); // By stream: DigitalSignatureCollection digitalSignatures = DigitalSignatureUtil.LoadSignatures(docStream); docStream.Close(); // By string: digitalSignatures = DigitalSignatureUtil.LoadSignatures(MyDir + "Document.DigitalSignature.docx"); //ExEnd }
public void GetEnumeratorEx() { //ExStart //ExFor:DigitalSignatureCollection.GetEnumerator //ExSummary:Shows how to load and enumerate all digital signatures of a document. DigitalSignatureCollection digitalSignatures = DigitalSignatureUtil.LoadSignatures(MyDir + "Document.Signed.doc"); var enumerator = digitalSignatures.GetEnumerator(); while (enumerator.MoveNext()) { // Do something useful DigitalSignature ds = (DigitalSignature)enumerator.Current; Console.WriteLine(ds.ToString()); } //ExEnd }
public void LoadSignatures() { //ExStart //ExFor:DigitalSignatureUtil.LoadSignatures(Stream) //ExFor:DigitalSignatureUtil.LoadSignatures(String) //ExSummary:Shows how to load all existing signatures from a document. // By string: DigitalSignatureCollection digitalSignatures = DigitalSignatureUtil.LoadSignatures(MyDir + "Document.DigitalSignature.docx"); // By stream: Stream stream = new FileStream(MyDir + "Document.DigitalSignature.docx", FileMode.Open); digitalSignatures = DigitalSignatureUtil.LoadSignatures(stream); //ExEnd stream.Close(); }
public void LoadSignatures() { //ExStart //ExFor:DigitalSignatureUtil.LoadSignatures(Stream) //ExFor:DigitalSignatureUtil.LoadSignatures(String) //ExSummary:Shows how to load all existing signatures from a document. // Load all signatures from the document using string parameters DigitalSignatureCollection digitalSignatures = DigitalSignatureUtil.LoadSignatures(MyDir + "Document.DigitalSignature.docx"); Assert.NotNull(digitalSignatures); // Load all signatures from the document using stream parameters Stream stream = new FileStream(MyDir + "Document.DigitalSignature.docx", FileMode.Open); digitalSignatures = DigitalSignatureUtil.LoadSignatures(stream); //ExEnd stream.Close(); }
public void SignDocument() { //ExStart //ExFor:CertificateHolder //ExFor:CertificateHolder.Create(String, String) //ExFor:DigitalSignatureUtil.Sign(Stream, Stream, CertificateHolder, SignOptions) //ExFor:SignOptions.Comments //ExFor:SignOptions.SignTime //ExSummary:Shows how to digitally sign documents. // Create an X.509 certificate from a PKCS#12 store, which should contain a private key. CertificateHolder certificateHolder = CertificateHolder.Create(MyDir + "morzal.pfx", "aw"); // Create a comment and date which will be applied with our new digital signature. SignOptions signOptions = new SignOptions { Comments = "My comment", SignTime = DateTime.Now }; // Take an unsigned document from the local file system via a file stream, // then create a signed copy of it determined by the filename of the output file stream. using (Stream streamIn = new FileStream(MyDir + "Document.docx", FileMode.Open)) { using (Stream streamOut = new FileStream(ArtifactsDir + "DigitalSignatureUtil.SignDocument.docx", FileMode.OpenOrCreate)) { DigitalSignatureUtil.Sign(streamIn, streamOut, certificateHolder, signOptions); } } //ExEnd using (Stream stream = new FileStream(ArtifactsDir + "DigitalSignatureUtil.SignDocument.docx", FileMode.Open)) { DigitalSignatureCollection digitalSignatures = DigitalSignatureUtil.LoadSignatures(stream); Assert.AreEqual(1, digitalSignatures.Count); DigitalSignature signature = digitalSignatures[0]; Assert.True(signature.IsValid); Assert.AreEqual(DigitalSignatureType.XmlDsig, signature.SignatureType); Assert.AreEqual(signOptions.SignTime.ToString(), signature.SignTime.ToString()); Assert.AreEqual("My comment", signature.Comments); } }
public void GetEnumerator() { //ExStart //ExFor:DigitalSignatureCollection.GetEnumerator //ExSummary:Shows how to load and enumerate all digital signatures of a document. DigitalSignatureCollection digitalSignatures = DigitalSignatureUtil.LoadSignatures(MyDir + "Document.DigitalSignature.docx"); using (IEnumerator<DigitalSignature> enumerator = digitalSignatures.GetEnumerator()) { while (enumerator.MoveNext()) { // Do something useful DigitalSignature ds = enumerator.Current; if (ds != null) Console.WriteLine(ds.ToString()); } } //ExEnd }
public void Load() { //ExStart //ExFor:DigitalSignatureUtil //ExFor:DigitalSignatureUtil.LoadSignatures(String) //ExFor:DigitalSignatureUtil.LoadSignatures(Stream) //ExSummary:Shows how to load signatures from a digitally signed document. // There are two ways of loading a signed document's collection of digital signatures using the DigitalSignatureUtil class. // 1 - Load from a document from a local file system filename: DigitalSignatureCollection digitalSignatures = DigitalSignatureUtil.LoadSignatures(MyDir + "Digitally signed.docx"); // If this collection is nonempty, then we can verify that the document is digitally signed. Assert.AreEqual(1, digitalSignatures.Count); // 2 - Load from a document from a FileStream: using (Stream stream = new FileStream(MyDir + "Digitally signed.docx", FileMode.Open)) { digitalSignatures = DigitalSignatureUtil.LoadSignatures(stream); Assert.AreEqual(1, digitalSignatures.Count); } //ExEnd }
public void DecryptionPassword() { //ExStart //ExFor:CertificateHolder //ExFor:SignOptions.DecryptionPassword //ExFor:LoadOptions.Password //ExSummary:Shows how to sign encrypted document file. // Create an X.509 certificate from a PKCS#12 store, which should contain a private key. CertificateHolder certificateHolder = CertificateHolder.Create(MyDir + "morzal.pfx", "aw"); // Create a comment, date, and decryption password which will be applied with our new digital signature. SignOptions signOptions = new SignOptions { Comments = "Comment", SignTime = DateTime.Now, DecryptionPassword = "******" }; // Set a local system filename for the unsigned input document, and an output filename for its new digitally signed copy. string inputFileName = MyDir + "Encrypted.docx"; string outputFileName = ArtifactsDir + "DigitalSignatureUtil.DecryptionPassword.docx"; DigitalSignatureUtil.Sign(inputFileName, outputFileName, certificateHolder, signOptions); //ExEnd // Open encrypted document from a file. LoadOptions loadOptions = new LoadOptions("docPassword"); Assert.AreEqual(signOptions.DecryptionPassword, loadOptions.Password); // Check that encrypted document was successfully signed. Document signedDoc = new Document(outputFileName, loadOptions); DigitalSignatureCollection signatures = signedDoc.DigitalSignatures; Assert.AreEqual(1, signatures.Count); Assert.True(signatures.IsValid); }
public static void Run() { //Source directory string sourceDir = RunExamples.Get_SourceDirectory(); //Output directory string outputDir = RunExamples.Get_OutputDirectory(); // dsc is signature collection contains one or more signature needed to sign DigitalSignatureCollection dsc = new DigitalSignatureCollection(); // Cert must contain private key, it can be contructed from cert file or windows certificate collection. aa is password of cert X509Certificate2 cert = new X509Certificate2(sourceDir + "sampleAssignAndValidateDigitalSignatures.pfx", "aa"); DigitalSignature ds = new DigitalSignature(cert, "test for sign", DateTime.Now); dsc.Add(ds); Workbook wb = new Workbook(); // wb.SetDigitalSignature signs all signatures in dsc wb.SetDigitalSignature(dsc); wb.Save(outputDir + @"outputAssignAndValidateDigitalSignatures.xlsx"); // open the file wb = new Workbook(outputDir + @"outputAssignAndValidateDigitalSignatures.xlsx"); System.Console.WriteLine(wb.IsDigitallySigned); // Get digitalSignature collection from workbook dsc = wb.GetDigitalSignature(); foreach (DigitalSignature dst in dsc) { System.Console.WriteLine(dst.Comments); //test for sign -OK System.Console.WriteLine(dst.SignTime); //11/25/2010 1:22:01 PM -OK System.Console.WriteLine(dst.IsValid); //True -OK } Console.WriteLine("AssignAndValidateDigitalSignatures executed successfully."); }
public void SignDocument() { //ExStart //ExFor:CertificateHolder //ExFor:CertificateHolder.Create(String, String) //ExFor:DigitalSignatureUtil.Sign(Stream, Stream, CertificateHolder, SignOptions) //ExFor:SignOptions.Comments //ExFor:SignOptions.SignTime //ExSummary:Shows how to sign documents using certificate holder and sign options. CertificateHolder certificateHolder = CertificateHolder.Create(MyDir + "morzal.pfx", "aw"); SignOptions signOptions = new SignOptions { Comments = "My comment", SignTime = DateTime.Now }; using (Stream streamIn = new FileStream(MyDir + "Digitally signed.docx", FileMode.Open)) { using (Stream streamOut = new FileStream(ArtifactsDir + "DigitalSignatureUtil.SignDocument.docx", FileMode.OpenOrCreate)) { DigitalSignatureUtil.Sign(streamIn, streamOut, certificateHolder, signOptions); } } //ExEnd using (Stream stream = new FileStream(ArtifactsDir + "DigitalSignatureUtil.SignDocument.docx", FileMode.Open)) { DigitalSignatureCollection digitalSignatures = DigitalSignatureUtil.LoadSignatures(stream); Assert.AreEqual(1, digitalSignatures.Count); DigitalSignature signature = digitalSignatures[0]; Assert.True(signature.IsValid); Assert.AreEqual(DigitalSignatureType.XmlDsig, signature.SignatureType); Assert.AreEqual(signOptions.SignTime.ToString(), signature.SignTime.ToString()); Assert.AreEqual("My comment", signature.Comments); } }
public bool VerifySignature(MultipartSigned multipartSigned, out DigitalSignatureCollection signatures) { var signed = multipartSigned; signatures = null; var valid = true; if (signed != null) { using (var ctx = this.secureContextFactory()) { signatures = signed.Verify(ctx); foreach (var signature in signatures) { valid = signature.Verify(); if (!valid) { break; } } } } return(valid); }
public void DecryptionPassword() { //ExStart //ExFor:CertificateHolder //ExFor:SignOptions.DecryptionPassword //ExFor:LoadOptions.Password //ExSummary:Shows how to sign encrypted document file. // Create certificate holder from a file CertificateHolder certificateHolder = CertificateHolder.Create(MyDir + "morzal.pfx", "aw"); SignOptions signOptions = new SignOptions { Comments = "Comment", SignTime = DateTime.Now, DecryptionPassword = "******" }; // Digitally sign encrypted with "docPassword" document in the specified path string inputFileName = MyDir + "Encrypted.docx"; string outputFileName = ArtifactsDir + "DigitalSignatureUtil.DecryptionPassword.docx"; DigitalSignatureUtil.Sign(inputFileName, outputFileName, certificateHolder, signOptions); //ExEnd // Open encrypted document from a file LoadOptions loadOptions = new LoadOptions("docPassword"); Assert.AreEqual(signOptions.DecryptionPassword, loadOptions.Password); // Check that encrypted document was successfully signed Document signedDoc = new Document(outputFileName, loadOptions); DigitalSignatureCollection signatures = signedDoc.DigitalSignatures; Assert.AreEqual(1, signatures.Count); Assert.True(signatures.IsValid); }
/// <summary> /// Decrypt an encrypted stream. /// </summary> /// <returns>The decrypted <see cref="MimeKit.MimeEntity"/>.</returns> /// <param name="encryptedData">The encrypted data.</param> /// <param name="signatures">A list of digital signatures if the data was both signed and encrypted.</param> /// <exception cref="System.ArgumentNullException"> /// <paramref name="encryptedData"/> is <c>null</c>. /// </exception> /// <exception cref="PrivateKeyNotFoundException"> /// The private key could not be found to decrypt the stream. /// </exception> /// <exception cref="System.OperationCanceledException"> /// The user chose to cancel the password prompt. /// </exception> /// <exception cref="System.UnauthorizedAccessException"> /// 3 bad attempts were made to unlock the secret key. /// </exception> public MimeEntity Decrypt(Stream encryptedData, out DigitalSignatureCollection signatures) { if (encryptedData == null) throw new ArgumentNullException ("encryptedData"); // FIXME: document the exceptions that can be thrown by BouncyCastle using (var armored = new ArmoredInputStream (encryptedData)) { var factory = new PgpObjectFactory (armored); var obj = factory.NextPgpObject (); var list = obj as PgpEncryptedDataList; if (list == null) { // probably a PgpMarker... obj = factory.NextPgpObject (); list = obj as PgpEncryptedDataList; if (list == null) throw new Exception ("Unexpected pgp object"); } PgpPublicKeyEncryptedData encrypted = null; foreach (PgpEncryptedData data in list.GetEncryptedDataObjects ()) { if ((encrypted = data as PgpPublicKeyEncryptedData) != null) break; } if (encrypted == null) throw new Exception ("no encrypted data objects found?"); factory = new PgpObjectFactory (encrypted.GetDataStream (GetPrivateKey (encrypted.KeyId))); PgpOnePassSignatureList onepassList = null; PgpSignatureList signatureList = null; PgpCompressedData compressed = null; using (var memory = new MemoryStream ()) { obj = factory.NextPgpObject (); while (obj != null) { if (obj is PgpCompressedData) { if (compressed != null) throw new Exception ("recursive compression detected."); compressed = (PgpCompressedData) obj; factory = new PgpObjectFactory (compressed.GetDataStream ()); } else if (obj is PgpOnePassSignatureList) { onepassList = (PgpOnePassSignatureList) obj; } else if (obj is PgpSignatureList) { signatureList = (PgpSignatureList) obj; } else if (obj is PgpLiteralData) { var literal = (PgpLiteralData) obj; using (var stream = literal.GetDataStream ()) { stream.CopyTo (memory, 4096); } } obj = factory.NextPgpObject (); } memory.Position = 0; // FIXME: validate the OnePass signatures... and do what with them? // if (onepassList != null) { // for (int i = 0; i < onepassList.Count; i++) { // var onepass = onepassList[i]; // } // } if (signatureList != null) { signatures = GetDigitalSignatures (signatureList, memory); memory.Position = 0; } else { signatures = null; } return MimeEntity.Load (memory); } } }
/// <summary> /// Decrypts the specified encryptedData and extracts the digital signers if the content was also signed. /// </summary> /// <remarks> /// Decrypts the specified encryptedData and extracts the digital signers if the content was also signed. /// </remarks> /// <returns>The decrypted stream.</returns> /// <param name="encryptedData">The encrypted data.</param> /// <param name="signatures">A list of digital signatures if the data was both signed and encrypted.</param> /// <exception cref="System.ArgumentNullException"> /// <paramref name="encryptedData"/> is <c>null</c>. /// </exception> /// <exception cref="PrivateKeyNotFoundException"> /// The private key could not be found to decrypt the stream. /// </exception> /// <exception cref="System.OperationCanceledException"> /// The user chose to cancel the password prompt. /// </exception> /// <exception cref="System.UnauthorizedAccessException"> /// 3 bad attempts were made to unlock the secret key. /// </exception> /// <exception cref="Org.BouncyCastle.Bcpg.OpenPgp.PgpException"> /// An OpenPGP error occurred. /// </exception> public Stream GetDecryptedStream (Stream encryptedData, out DigitalSignatureCollection signatures) { if (encryptedData == null) throw new ArgumentNullException ("encryptedData"); using (var armored = new ArmoredInputStream (encryptedData)) { var factory = new PgpObjectFactory (armored); var obj = factory.NextPgpObject (); var list = obj as PgpEncryptedDataList; if (list == null) { // probably a PgpMarker... obj = factory.NextPgpObject (); list = obj as PgpEncryptedDataList; if (list == null) throw new PgpException ("Unexpected OpenPGP packet."); } PgpPublicKeyEncryptedData encrypted = null; PrivateKeyNotFoundException pkex = null; bool hasEncryptedPackets = false; PgpSecretKey secret = null; foreach (PgpEncryptedData data in list.GetEncryptedDataObjects ()) { if ((encrypted = data as PgpPublicKeyEncryptedData) == null) continue; hasEncryptedPackets = true; try { secret = GetSecretKey (encrypted.KeyId); break; } catch (PrivateKeyNotFoundException ex) { pkex = ex; } } if (!hasEncryptedPackets) throw new PgpException ("No encrypted packets found."); if (secret == null) throw pkex; factory = new PgpObjectFactory (encrypted.GetDataStream (GetPrivateKey (secret))); List<IDigitalSignature> onepassList = null; PgpSignatureList signatureList = null; PgpCompressedData compressed = null; var memory = new MemoryBlockStream (); obj = factory.NextPgpObject (); while (obj != null) { if (obj is PgpCompressedData) { if (compressed != null) throw new PgpException ("Recursive compression packets are not supported."); compressed = (PgpCompressedData) obj; factory = new PgpObjectFactory (compressed.GetDataStream ()); } else if (obj is PgpOnePassSignatureList) { if (memory.Length == 0) { var onepasses = (PgpOnePassSignatureList) obj; onepassList = new List<IDigitalSignature> (); for (int i = 0; i < onepasses.Count; i++) { var onepass = onepasses[i]; var pubkey = PublicKeyRingBundle.GetPublicKey (onepass.KeyId); if (pubkey == null) { // too messy, pretend we never found a one-pass signature list onepassList = null; break; } onepass.InitVerify (pubkey); var signature = new OpenPgpDigitalSignature (pubkey, onepass) { PublicKeyAlgorithm = GetPublicKeyAlgorithm (onepass.KeyAlgorithm), DigestAlgorithm = GetDigestAlgorithm (onepass.HashAlgorithm), }; onepassList.Add (signature); } } } else if (obj is PgpSignatureList) { signatureList = (PgpSignatureList) obj; } else if (obj is PgpLiteralData) { var literal = (PgpLiteralData) obj; using (var stream = literal.GetDataStream ()) { var buffer = new byte[4096]; int nread; while ((nread = stream.Read (buffer, 0, buffer.Length)) > 0) { if (onepassList != null) { // update our one-pass signatures... for (int index = 0; index < nread; index++) { byte c = buffer[index]; for (int i = 0; i < onepassList.Count; i++) { var pgp = (OpenPgpDigitalSignature) onepassList[i]; pgp.OnePassSignature.Update (c); } } } memory.Write (buffer, 0, nread); } } } obj = factory.NextPgpObject (); } memory.Position = 0; if (signatureList != null) { if (onepassList != null && signatureList.Count == onepassList.Count) { for (int i = 0; i < onepassList.Count; i++) { var pgp = (OpenPgpDigitalSignature) onepassList[i]; pgp.CreationDate = signatureList[i].CreationTime; pgp.Signature = signatureList[i]; } signatures = new DigitalSignatureCollection (onepassList); } else { signatures = GetDigitalSignatures (signatureList, memory); memory.Position = 0; } } else { signatures = null; } return memory; } }
/// <summary> /// Decrypts the specified encryptedData and extracts the digital signers if the content was also signed. /// </summary> /// <remarks> /// Decrypts the specified encryptedData and extracts the digital signers if the content was also signed. /// </remarks> /// <returns>The decrypted <see cref="MimeKit.MimeEntity"/>.</returns> /// <param name="encryptedData">The encrypted data.</param> /// <param name="signatures">A list of digital signatures if the data was both signed and encrypted.</param> /// <exception cref="System.ArgumentNullException"> /// <paramref name="encryptedData"/> is <c>null</c>. /// </exception> /// <exception cref="PrivateKeyNotFoundException"> /// The private key could not be found to decrypt the stream. /// </exception> /// <exception cref="System.OperationCanceledException"> /// The user chose to cancel the password prompt. /// </exception> /// <exception cref="System.UnauthorizedAccessException"> /// 3 bad attempts were made to unlock the secret key. /// </exception> /// <exception cref="Org.BouncyCastle.Bcpg.OpenPgp.PgpException"> /// An OpenPGP error occurred. /// </exception> public MimeEntity Decrypt (Stream encryptedData, out DigitalSignatureCollection signatures) { if (encryptedData == null) throw new ArgumentNullException ("encryptedData"); var decrypted = GetDecryptedStream (encryptedData, out signatures); return MimeEntity.Load (decrypted, true); }
/// <summary> /// Decrypts the <see cref="MultipartEncrypted"/> part. /// </summary> /// <remarks> /// Decrypts the <see cref="MultipartEncrypted"/> and extracts any digital signatures in cases /// where the content was also signed. /// </remarks> /// <returns>The decrypted entity.</returns> /// <param name="signatures">A list of digital signatures if the data was both signed and encrypted.</param> /// <exception cref="System.FormatException"> /// <para>The <c>protocol</c> parameter was not specified.</para> /// <para>-or-</para> /// <para>The multipart is malformed in some way.</para> /// </exception> /// <exception cref="System.NotSupportedException"> /// A suitable <see cref="MimeKit.Cryptography.CryptographyContext"/> for /// decrypting could not be found. /// </exception> /// <exception cref="PrivateKeyNotFoundException"> /// The private key could not be found to decrypt the encrypted data. /// </exception> /// <exception cref="System.OperationCanceledException"> /// The user chose to cancel the password prompt. /// </exception> /// <exception cref="System.UnauthorizedAccessException"> /// 3 bad attempts were made to unlock the secret key. /// </exception> public MimeEntity Decrypt (out DigitalSignatureCollection signatures) { var protocol = ContentType.Parameters["protocol"]; if (string.IsNullOrEmpty (protocol)) throw new FormatException (); protocol = protocol.Trim ().ToLowerInvariant (); if (Count < 2) throw new FormatException (); var version = this[0] as MimePart; if (version == null) throw new FormatException (); var ctype = version.ContentType; var value = string.Format ("{0}/{1}", ctype.MediaType, ctype.MediaSubtype); if (value.ToLowerInvariant () != protocol) throw new FormatException (); var encrypted = this[1] as MimePart; if (encrypted == null || encrypted.ContentObject == null) throw new FormatException (); if (!encrypted.ContentType.Matches ("application", "octet-stream")) throw new FormatException (); using (var ctx = CryptographyContext.Create (protocol)) { using (var memory = new MemoryStream ()) { var pgp = ctx as OpenPgpContext; encrypted.ContentObject.DecodeTo (memory); memory.Position = 0; if (pgp != null) return pgp.Decrypt (memory, out signatures); signatures = null; return ctx.Decrypt (memory); } } }
/// <summary> /// Decrypts the <see cref="MultipartEncrypted"/> part. /// </summary> /// <remarks> /// Decrypts the <see cref="MultipartEncrypted"/> and extracts any digital signatures in cases /// where the content was also signed. /// </remarks> /// <returns>The decrypted entity.</returns> /// <param name="ctx">The OpenPGP cryptography context to use for decrypting.</param> /// <param name="signatures">A list of digital signatures if the data was both signed and encrypted.</param> /// <exception cref="System.ArgumentNullException"> /// <paramref name="ctx"/> is <c>null</c>. /// </exception> /// <exception cref="System.FormatException"> /// <para>The <c>protocol</c> parameter was not specified.</para> /// <para>-or-</para> /// <para>The multipart is malformed in some way.</para> /// </exception> /// <exception cref="System.NotSupportedException"> /// The provided <see cref="OpenPgpContext"/> does not support the protocol parameter. /// </exception> /// <exception cref="PrivateKeyNotFoundException"> /// The private key could not be found to decrypt the encrypted data. /// </exception> /// <exception cref="System.OperationCanceledException"> /// The user chose to cancel the password prompt. /// </exception> /// <exception cref="System.UnauthorizedAccessException"> /// 3 bad attempts were made to unlock the secret key. /// </exception> public MimeEntity Decrypt (OpenPgpContext ctx, out DigitalSignatureCollection signatures) { if (ctx == null) throw new ArgumentNullException ("ctx"); var protocol = ContentType.Parameters["protocol"]; if (string.IsNullOrEmpty (protocol)) throw new FormatException (); protocol = protocol.Trim ().ToLowerInvariant (); if (!ctx.Supports (protocol)) throw new NotSupportedException (); if (Count < 2) throw new FormatException (); var version = this[0] as MimePart; if (version == null) throw new FormatException (); var ctype = version.ContentType; var value = string.Format ("{0}/{1}", ctype.MediaType, ctype.MediaSubtype); if (value.ToLowerInvariant () != protocol) throw new FormatException (); var encrypted = this[1] as MimePart; if (encrypted == null || encrypted.ContentObject == null) throw new FormatException (); if (!encrypted.ContentType.Matches ("application", "octet-stream")) throw new FormatException (); using (var memory = new MemoryStream ()) { encrypted.ContentObject.DecodeTo (memory); memory.Position = 0; return ctx.Decrypt (memory, out signatures); } }