Exemplo n.º 1
0
 public PKIHelper(CertType type, byte[] rawCert, string password = "")
 {
     this.RawCert  = rawCert;
     this.Password = password;
     this.CertType = type;
     _pkiResul     = new PKIResult();
 }
Exemplo n.º 2
0
        public PKIResult Verify()
        {
            PKIResult result = new PKIResult();

            result.Success = true;
            try
            {
                if (CertType == CertType.PublicKey)
                {
                    if (this.RawCert != null)
                    {
                        var json = this.VerifyCertificate();
                        Dictionary <string, object> jsonObj = Newtonsoft.Json.JsonConvert.DeserializeObject <Dictionary <string, object> >(json);
                        if ((DateTime)jsonObj["EXPIRY"] <= DateTime.Now.Date)
                        {
                            result.ErrorType    = PKIErrorType.Certificate;
                            result.ErrorMessage = " : ใบรับรองหมดอายุ. ";
                            result.Success      = false;
                        }
                        else if ((Boolean)jsonObj["REVOKED"])
                        {
                            result.ErrorType    = PKIErrorType.Certificate;
                            result.ErrorMessage = " : ใบรับรองถูกยกเลิก. ";
                            result.Success      = false;
                        }
                        else if ((Boolean)jsonObj["UNTRUSTED"])
                        {
                            result.ErrorType    = PKIErrorType.Certificate;
                            result.ErrorMessage = " : ใบรับรองความปลอดภัยไม่น่าเชื่อถือ. ";
                            result.Success      = false;
                        }
                        else
                        {
                            foreach (var file in FileData)
                            {
                                if (file.Value.GetType() == typeof(FileUpload))
                                {
                                    var dataFile = (FileUpload)file.Value;
                                    if (dataFile.BLOB_FILE != null && !dataFile.SIGNATURE_SIGN.IsNullOrEmpty())
                                    {
                                        dataFile.Success = this.VerifyFile(dataFile.BLOB_FILE, dataFile.SIGNATURE_SIGN.Trim());
                                        if (!dataFile.Success)
                                        {
                                            dataFile.ErrorMSG   = "ใบรับรองหรือข้อมูลไม่ถูกต้อง";
                                            result.ErrorType    = PKIErrorType.DataFile;
                                            result.Success      = false;
                                            result.ErrorMessage = "ใบรับรองหรือข้อมูลไม่ถูกต้อง";
                                        }
                                    }
                                    else
                                    {
                                        dataFile.ErrorMSG   = "ไม่มีไฟล์";
                                        result.ErrorType    = PKIErrorType.DataFile;
                                        result.Success      = false;
                                        result.ErrorMessage = "ไม่มีไฟล์";
                                    }
                                    result.FileData.Add(file.Key, dataFile);
                                }
                                else if (file.Value.GetType() == typeof(List <FileUpload>))
                                {
                                    var dataFile = (List <FileUpload>)file.Value;
                                    foreach (var item in dataFile)
                                    {
                                        if (item.BLOB_FILE != null && !item.SIGNATURE_SIGN.IsNullOrEmpty())
                                        {
                                            item.Success = this.VerifyFile(item.BLOB_FILE, item.SIGNATURE_SIGN.Trim());
                                            if (!item.Success)
                                            {
                                                item.ErrorMSG       = item.FILE_NAME + " : ใบรับรอง หรือ ข้อมูล ไม่ถูกต้อง.";
                                                result.ErrorType    = PKIErrorType.DataFile;
                                                result.Success      = false;
                                                result.ErrorMessage = "ใบรับรอง หรือ ข้อมูล ไม่ถูกต้อง.";
                                            }
                                        }
                                        else
                                        {
                                            item.ErrorMSG       = item.FILE_NAME + " : ไม่มีไฟล์";
                                            result.ErrorType    = PKIErrorType.DataFile;
                                            result.Success      = false;
                                            result.ErrorMessage = "ไม่มีไฟล์";
                                        }
                                    }
                                    result.FileData.Add(file.Key, dataFile);
                                }
                            }
                        }
                    }
                    else
                    {
                        result.ErrorMessage = "ไม่มีใบรับรอง";
                        result.Success      = false;
                    }
                }
                else if (CertType == CertType.TokenKey)
                {
                    foreach (var file in FileData)
                    {
                        if (file.Value.GetType() == typeof(FileUpload))
                        {
                            var dataFile = (FileUpload)file.Value;
                            if (dataFile.File != null)
                            {
                                dataFile.FILE_NAME      = dataFile.File.FileName;
                                dataFile.FILE_SIZE      = ((decimal)dataFile.File.ContentLength) / ret;
                                dataFile.BLOB_FILE      = dataFile.File.ToArrayByte();
                                dataFile.BLOB_FILE_HASH = GetFileHash(dataFile.BLOB_FILE);
                                //fileData.Signature = dataFile.Signature;
                                //fileData.CertNumber = jsonObj["CERT_NUMBER"].AsString();
                                dataFile.Success = true;
                                var ext    = Path.GetExtension(dataFile.FILE_NAME);
                                var config = FileConfigDT.Where(m => m.FILE_TYPE.Replace(".", "") == ext.Replace(".", "")).FirstOrDefault();
                                if (config == null)
                                {
                                    dataFile.Success  = false;
                                    dataFile.ErrorMSG = "ไฟล์ไม่ถูกประเภท";
                                    result.ErrorType  = PKIErrorType.DataFile;
                                    result.Success    = false;
                                }
                                else if (dataFile.FILE_SIZE > config.FILE_SIZE)
                                {
                                    dataFile.Success  = false;
                                    dataFile.ErrorMSG = "ขนาดไฟล์เกิน " + config.FILE_SIZE + "MB";
                                    result.ErrorType  = PKIErrorType.DataFile;
                                    result.Success    = false;
                                }
                            }

                            //if (fileData.Success)
                            //{
                            //    fileData.Success = this.VerifyFile(fileData.DataBytes, fileData.Signature.Trim());
                            //    if (!fileData.Success)
                            //    {
                            //        fileData.ErrorMSG = " : ใบรับรอง หรือ ข้อมูล ไม่ถูกต้อง.";
                            //        result.ErrorType = PKIErrorType.DataFile;
                            //        result.Success = false;
                            //        result.ErrorMessage = " : ใบรับรอง หรือ ข้อมูล ไม่ถูกต้อง.";
                            //    }
                            //}
                        }
                        else if (file.Value.GetType() == typeof(List <FileUpload>))
                        {
                            var dataFile = (List <FileUpload>)file.Value;
                            foreach (var item in dataFile.Where(m => m.File != null))
                            {
                                item.FILE_NAME      = item.File.FileName;
                                item.FILE_SIZE      = ((decimal)item.File.ContentLength) / ret;
                                item.BLOB_FILE      = item.File.ToArrayByte();
                                item.BLOB_FILE_HASH = GetFileHash(item.BLOB_FILE);
                                //fileData.Signature = item.Signature;
                                //fileData.CertNumber = jsonObj["CERT_NUMBER"].AsString();
                                item.Success = true;
                                var ext    = Path.GetExtension(item.FILE_NAME);
                                var config = FileConfigDT.Where(m => m.FILE_TYPE == ext.Replace(".", "")).FirstOrDefault();
                                if (config == null)
                                {
                                    item.Success  = false;
                                    item.ErrorMSG = "ไฟล์ไม่ถูกประเภท";
                                }
                                else if (item.FILE_SIZE > config.FILE_SIZE)
                                {
                                    item.Success  = false;
                                    item.ErrorMSG = "ขนาดไฟล์เกิน " + config.FILE_SIZE + "MB";
                                }

                                //if (item.Success)
                                //{
                                //    item.Success = this.VerifyFile(item.DATA_BYTES, item.Signature.Trim());
                                //    if (!item.Success)
                                //    {
                                //        item.ErrorMSG = " : ใบรับรอง หรือ ข้อมูล ไม่ถูกต้อง.";
                                //        result.ErrorType = PKIErrorType.DataFile;
                                //        result.Success = false;
                                //        result.ErrorMessage = " : ใบรับรอง หรือ ข้อมูล ไม่ถูกต้อง.";
                                //    }
                                //}
                            }
                            result.FileData.Add(file.Key, dataFile);
                        }
                    }
                }
            }
            catch (Exception ex)
            {
                result.ErrorMessage = ex.Message;
                result.Success      = false;
            }

            return(result);
        }
Exemplo n.º 3
0
        public PKIResult Verify(byte[] dataBytes, byte[] signatureBytes)
        {
            var result = new PKIResult();

            try
            {
                var signature = Encoding.UTF8.GetString(signatureBytes);


                // Load the certificate we'll use to verify the signature from a file
                X509Certificate2 uidCert = new X509Certificate2(RawCert);
                // Note:
                // If we want to use the client cert in an ASP.NET app, we may use something like this instead:
                // X509Certificate2 cert = new X509Certificate2(Request.ClientCertificate.Certificate);

                // Get its associated CSP and public key
                RSACryptoServiceProvider csp = (RSACryptoServiceProvider)uidCert.PublicKey.Key;
                if (csp != null)
                {
                    byte[] bsignature = signature.StringToByteArray();
                    // csp.VerifyHash(hash, CryptoConfig.MapNameToOID("SHA256"), bsignature);

                    if (uidCert.SignatureAlgorithm.FriendlyName.ToLower() == "sha1rsa")
                    {
                        var    sha  = new SHA1Managed();
                        byte[] hash = sha.ComputeHash(dataBytes);
                        // Sign the hash
                        result.Success = csp.VerifyHash(hash, CryptoConfig.MapNameToOID("SHA1"), bsignature);
                    }
                    //Fix SHA512RSA with SHA1
                    else if ((uidCert.PublicKey.Key).SignatureAlgorithm.ToString().Split('#')[1] == "rsa-sha1")
                    {
                        var    sha  = new SHA1Managed();
                        byte[] hash = sha.ComputeHash(dataBytes);
                        // Sign the hash
                        string alg = CryptoConfig.MapNameToOID("SHA1");
                        result.Success = csp.VerifyHash(hash, CryptoConfig.MapNameToOID("SHA1"), bsignature);
                    }
                    else if (uidCert.SignatureAlgorithm.FriendlyName.ToLower() == "sha256rsa")
                    {  //SignatureAlgorithm SHA256RSA
                        var    sha  = new SHA256Managed();
                        byte[] hash = sha.ComputeHash(dataBytes);
                        // Sign the hash
                        result.Success = csp.VerifyHash(hash, CryptoConfig.MapNameToOID("SHA256"), bsignature);
                    }
                    else if (uidCert.SignatureAlgorithm.FriendlyName.ToLower() == "sha512rsa")
                    {  //SignatureAlgorithm SHA512RSA
                        var    sha  = new SHA512Managed();
                        byte[] hash = sha.ComputeHash(dataBytes);
                        result.Success = csp.VerifyHash(hash, CryptoConfig.MapNameToOID("SHA512"), bsignature);
                    }
                }
            }
            catch (Exception ex)
            {
                result.ErrorMessage = ex.Message;
                result.Success      = false;
            }

            return(result);
        }