public ValidationResult Validate(SignatureDocument sigDocument, SignerInfoNode signerNode)
{
ValidationResult result = new ValidationResult();
try
{
if (!signerNode.SignerInformation.Verify(signerNode.Certificate))
{
result.IsValid = false;
result.Message = "Signature verification failed";
return(result);
}
if (signerNode.TimeStamp != null)
{
DigestMethod tokenDigestMethod = DigestMethod.GetByOid(signerNode.TimeStamp.TimeStampInfo.HashAlgorithm.ObjectID.Id);
byte[] signatureValueHash = tokenDigestMethod.CalculateDigest(signerNode.SignerInformation.GetSignature());
if (!signerNode.TimeStamp.TimeStampInfo.GetMessageImprintDigest().SequenceEqual(signatureValueHash))
{
result.IsValid = false;
result.Message = "The stamp of the time stamp does not correspond to the one calculated";
return(result);
}
}
result.IsValid = true;
result.Message = "Signature verification suceeded";
}
catch (Exception ex)
{
result.IsValid = false;
result.Message = ex.Message;
}
return(result);
}
public ValidationResult Validate(SignatureDocument sigDocument, SignerInfoNode signerNode)
{
ValidationResult result = new ValidationResult();
try
{
if (!signerNode.SignerInformation.Verify(signerNode.Certificate))
{
result.IsValid = false;
result.Message = "La verificación de la firma no ha sido satisfactoria";
return(result);
}
if (signerNode.TimeStamp != null)
{
DigestMethod tokenDigestMethod = DigestMethod.GetByOid(signerNode.TimeStamp.TimeStampInfo.HashAlgorithm.ObjectID.Id);
byte[] signatureValueHash = tokenDigestMethod.CalculateDigest(signerNode.SignerInformation.GetSignature());
if (!signerNode.TimeStamp.TimeStampInfo.GetMessageImprintDigest().SequenceEqual(signatureValueHash))
{
result.IsValid = false;
result.Message = "La huella del sello de tiempo no se corresponde con la calculada";
return(result);
}
}
result.IsValid = true;
result.Message = "Verificación de la firma satisfactoria";
}
catch (Exception ex)
{
result.IsValid = false;
result.Message = ex.Message;
}
return(result);
}
private void ReadInformation()
{
if (_signerInformation.SignedAttributes[PkcsObjectIdentifiers.Pkcs9AtSigningTime] != null)
{
_signingDate = DerUtcTime.GetInstance(_signerInformation.SignedAttributes[PkcsObjectIdentifiers.Pkcs9AtSigningTime].AttrValues[0]).ToDateTime().ToLocalTime();
}
if (_signerInformation.SignedAttributes[PkcsObjectIdentifiers.IdAAEtsSignerAttr] != null)
{
var signerAttr = SignerAttribute.GetInstance(_signerInformation.SignedAttributes[PkcsObjectIdentifiers.IdAAEtsSignerAttr].AttrValues[0]);
List <string> claimedRoles = new List <string>();
foreach (BcCms.Attribute claimedAttr in signerAttr.ClaimedAttributes)
{
foreach (var value in claimedAttr.AttrValues)
{
claimedRoles.Add(DerUtf8String.GetInstance(value).GetString());
}
}
_signerRoles = claimedRoles;
}
if (_signerInformation.UnsignedAttributes != null &&
_signerInformation.UnsignedAttributes[PkcsObjectIdentifiers.IdAASignatureTimeStampToken] != null)
{
_timeStamp = new TimeStampToken(new CmsSignedData(_signerInformation.UnsignedAttributes[PkcsObjectIdentifiers.IdAASignatureTimeStampToken].AttrValues[0].GetEncoded()));
}
// Se leen las contrafirmas
var signers = _signerInformation.GetCounterSignatures().GetSigners();
_counterSignatures = new List <SignerInfoNode>();
foreach (var signer in signers)
{
SignerInfoNode node = new SignerInfoNode((SignerInformation)signer, _sigDocument);
_counterSignatures.Add(node);
}
// Se intenta identificar el certificado empleado para la firma, esto quizás se pueda mejorar
byte[] certHash = null;
IssuerSerial issuerSerial = null;
if (_signerInformation.DigestAlgOid == DigestMethod.SHA1.Oid)
{
BcCms.Attribute attr = _signerInformation.SignedAttributes[PkcsObjectIdentifiers.IdAASigningCertificate];
SigningCertificate sc = SigningCertificate.GetInstance(attr.AttrValues[0]);
EssCertID ecid = sc.GetCerts()[0];
issuerSerial = ecid.IssuerSerial;
certHash = ecid.GetCertHash();
}
else
{
BcCms.Attribute attr = _signerInformation.SignedAttributes[PkcsObjectIdentifiers.IdAASigningCertificateV2];
SigningCertificateV2 sc2 = SigningCertificateV2.GetInstance(attr.AttrValues[0]);
EssCertIDv2 ecid = sc2.GetCerts()[0];
issuerSerial = ecid.IssuerSerial;
certHash = ecid.GetCertHash();
}
DigestMethod digestMethod = DigestMethod.GetByOid(_signerInformation.DigestAlgOid);
foreach (X509CertificateStructure cs in _sigDocument.Certificates)
{
if (issuerSerial == null || cs.TbsCertificate.SerialNumber.Equals(issuerSerial.Serial))
{
byte[] currentCertHash = digestMethod.CalculateDigest(cs.GetEncoded());
if (certHash.SequenceEqual(currentCertHash))
{
_certificate = new X509Certificate(cs);
break;
}
}
}
}
