Exemplo n.º 1
0
 /// <param name="ocspResp"></param>
 /// <returns></returns>
 public virtual bool Match(BasicOcspResp ocspResp)
 {
     try
     {
         IDigest digest = DigestUtilities.GetDigest(algorithm);
         byte[]  oscpBytes;
         if (matchOnlyBasicOCSPResponse)
         {
             oscpBytes = ocspResp.GetEncoded();
         }
         else
         {
             oscpBytes = OCSPUtils.FromBasicToResp(ocspResp).GetEncoded();
         }
         digest.BlockUpdate(oscpBytes, 0, oscpBytes.Length);
         byte[] computedValue = DigestUtilities.DoFinal(digest);
         LOG.Info("Compare " + Hex.ToHexString(digestValue) + " to computed value " +
                  Hex.ToHexString(computedValue) + " of BasicOcspResp produced at " + ocspResp
                  .ProducedAt);
         return(Arrays.Equals(digestValue, computedValue));
     }
     catch (NoSuchAlgorithmException ex)
     {
         throw new RuntimeException("Maybe BouncyCastle provider is not installed ?", ex);
     }
     catch (IOException ex)
     {
         throw new RuntimeException(ex);
     }
 }
Exemplo n.º 2
0
        public virtual bool Match(BasicOcspResp ocspResp)
        {
            IDigest digest = DigestUtilities.GetDigest(algorithm);

            byte[] oscpBytes;
            if (matchOnlyBasicOCSPResponse)
            {
                oscpBytes = ocspResp.GetEncoded();
            }
            else
            {
                oscpBytes = OCSPUtils.FromBasicToResp(ocspResp).GetEncoded();
            }
            digest.BlockUpdate(oscpBytes, 0, oscpBytes.Length);
            byte[] computedValue = DigestUtilities.DoFinal(digest);
            logger.Info("Compare " + Hex.ToHexString(digestValue) + " to computed value " +
                        Hex.ToHexString(computedValue) + " of BasicOcspResp produced at " + ocspResp
                        .ProducedAt);
            return(digestValue.SequenceEqual(computedValue));
        }
Exemplo n.º 3
0
        protected internal override void ExtendSignatureTag(XadesSignedXml xadesSignedXml)
        {
            base.ExtendSignatureTag(xadesSignedXml);

            X509Certificate signingCertificate = DotNetUtilities.FromX509Certificate(
                xadesSignedXml.GetSigningCertificate());

            DateTime signingTime = xadesSignedXml.XadesObject.QualifyingProperties
                                   .SignedProperties.SignedSignatureProperties.SigningTime;

            ValidationContext ctx = certificateVerifier.ValidateCertificate(signingCertificate
                                                                            , signingTime, new XAdESCertificateSource(xadesSignedXml.GetXml(), false), null, null);

            UnsignedProperties unsignedProperties = null;
            //int certificateValuesCounter;
            CertificateValues           certificateValues;
            EncapsulatedX509Certificate encapsulatedX509Certificate;
            RevocationValues            revocationValues;
            CRLValue  newCRLValue;
            OCSPValue newOCSPValue;

            unsignedProperties = xadesSignedXml.UnsignedProperties;

            //TODO jbonilla Validate certificate refs.
            {
                unsignedProperties.UnsignedSignatureProperties.CertificateValues = new CertificateValues();
                certificateValues = unsignedProperties.UnsignedSignatureProperties.CertificateValues;
                //certificateValues.Id = this.certificateValuesIdTextBox.Text;
                //certificateValuesCounter = 0;

                foreach (CertificateAndContext certificate in ctx.GetNeededCertificates())
                {
                    encapsulatedX509Certificate = new EncapsulatedX509Certificate();
                    //encapsulatedX509Certificate.Id = this.certificateValuesIdTextBox.Text + certificateValuesCounter.ToString();
                    encapsulatedX509Certificate.PkiData = certificate.GetCertificate().GetEncoded();
                    //certificateValuesCounter++;
                    certificateValues.EncapsulatedX509CertificateCollection.Add(encapsulatedX509Certificate);
                }
            }

            unsignedProperties = xadesSignedXml.UnsignedProperties;
            unsignedProperties.UnsignedSignatureProperties.RevocationValues = new RevocationValues();
            revocationValues = unsignedProperties.UnsignedSignatureProperties.RevocationValues;
            //revocationValues.Id = this.revocationValuesIdTextBox.Text;

            if (ctx.GetNeededOCSPResp().Count > 0)
            {
                foreach (BasicOcspResp ocsp in ctx.GetNeededOCSPResp())
                {
                    newOCSPValue         = new OCSPValue();
                    newOCSPValue.PkiData = OCSPUtils.FromBasicToResp(ocsp).GetEncoded();
                    revocationValues.OCSPValues.OCSPValueCollection.Add(newOCSPValue);
                }
            }

            if (ctx.GetNeededCRL().Count > 0)
            {
                foreach (X509Crl crl in ctx.GetNeededCRL())
                {
                    newCRLValue         = new CRLValue();
                    newCRLValue.PkiData = crl.GetEncoded();
                    revocationValues.CRLValues.CRLValueCollection.Add(newCRLValue);
                }
            }

            xadesSignedXml.UnsignedProperties = unsignedProperties;
        }