/// <summary>The default constructor for SignatureLevelAnalysis.</summary>
/// <remarks>The default constructor for SignatureLevelAnalysis.</remarks>
/// <param name="name"></param>
/// <param name="signature"></param>
public SignatureLevelAnalysis(AdvancedSignature signature, SignatureLevelBES levelBES
, SignatureLevelEPES levelEPES, SignatureLevelT levelT, SignatureLevelC levelC,
SignatureLevelX levelX, SignatureLevelXL levelXL, SignatureLevelA levelA, SignatureLevelLTV
levelLTV)
{
//import eu.europa.ec.markt.dss.validation.pades.PAdESSignature;
//import eu.europa.ec.markt.dss.validation.xades.XAdESSignature;
bool levelReached = true;
this.signature = signature;
this.levelBES = levelBES;
bool levelBESReached = LevelIsReached(levelBES, levelReached);
levelReached = levelBESReached;
this.levelEPES = levelEPES;
LevelIsReached(levelEPES, levelReached);
this.levelT = levelT;
bool levelReachedT = LevelIsReached(levelT, levelReached);
this.levelC = levelC;
levelReached = LevelIsReached(levelC, levelReachedT);
this.levelX = levelX;
levelReached = LevelIsReached(levelX, levelReached);
this.levelXL = levelXL;
levelReached = LevelIsReached(levelXL, levelReached);
this.levelA = levelA;
levelReached = LevelIsReached(levelA, levelReached);
this.levelLTV = levelLTV;
levelReached = LevelIsReached(levelLTV, levelBESReached);
}
protected internal virtual SignatureLevelBES VerifyLevelBES(AdvancedSignature signature
, DateTime referenceTime, ValidationContext ctx)
{
try
{
Result signingCertRefVerification = new Result();
if (signature.GetSigningCertificate() != null)
{
signingCertRefVerification.SetStatus(Result.ResultStatus.VALID, null);
}
else
{
signingCertRefVerification.SetStatus(Result.ResultStatus.INVALID, "no.signing.certificate"
);
}
SignatureVerification[] counterSigsVerif = VerifyCounterSignatures(signature, ctx
);
Result levelReached = new Result(signingCertRefVerification.IsValid());
return(new SignatureLevelBES(levelReached, signature, signingCertRefVerification,
counterSigsVerif, null));
}
catch (Exception)
{
return(new SignatureLevelBES(new Result(Result.ResultStatus.INVALID, "exception.while.verifying"
), null, new Result(Result.ResultStatus.INVALID, "exception.while.verifying"), null
, null));
}
}
/// <summary>The default constructor for SignatureLevelAnalysis.</summary>
/// <remarks>The default constructor for SignatureLevelAnalysis.</remarks>
/// <param name="name"></param>
/// <param name="signature"></param>
public SignatureLevelAnalysis(AdvancedSignature signature, SignatureLevelBES levelBES
, SignatureLevelEPES levelEPES, SignatureLevelT levelT, SignatureLevelC levelC,
SignatureLevelX levelX, SignatureLevelXL levelXL, SignatureLevelA levelA, SignatureLevelLTV
levelLTV)
{
//import eu.europa.ec.markt.dss.validation.pades.PAdESSignature;
//import eu.europa.ec.markt.dss.validation.xades.XAdESSignature;
bool levelReached = true;
this.signature = signature;
this.levelBES = levelBES;
bool levelBESReached = LevelIsReached(levelBES, levelReached);
levelReached = levelBESReached;
this.levelEPES = levelEPES;
LevelIsReached(levelEPES, levelReached);
this.levelT = levelT;
bool levelReachedT = LevelIsReached(levelT, levelReached);
this.levelC = levelC;
levelReached = LevelIsReached(levelC, levelReachedT);
this.levelX = levelX;
levelReached = LevelIsReached(levelX, levelReached);
this.levelXL = levelXL;
levelReached = LevelIsReached(levelXL, levelReached);
this.levelA = levelA;
levelReached = LevelIsReached(levelA, levelReached);
this.levelLTV = levelLTV;
levelReached = LevelIsReached(levelLTV, levelBESReached);
}
private void CheckTimeStampCertPath(TimestampToken t, TimestampVerificationResult
result, ValidationContext ctx, AdvancedSignature signature)
{
try
{
result.GetCertPathUpToTrustedList().SetStatus(Result.ResultStatus.INVALID, "cannot.reached.tsl"
);
ctx.ValidateTimestamp(t, signature.GetCertificateSource(), signature.GetCRLSource
(), signature.GetOCSPSource());
foreach (CertificateAndContext c in ctx.GetNeededCertificates())
{
if (c.GetCertificate().SubjectDN.Equals(t.GetSignerSubjectName()))
{
if (ctx.GetParentFromTrustedList(c) != null)
{
result.GetCertPathUpToTrustedList().SetStatus(Result.ResultStatus.VALID, null);
break;
}
}
}
}
catch (IOException)
{
result.GetCertPathUpToTrustedList().SetStatus(Result.ResultStatus.UNDETERMINED, "exception.while.verifying"
);
}
}
/// <summary>The default constructor for SignatureLevelBES.</summary>
/// <remarks>The default constructor for SignatureLevelBES.</remarks>
/// <param name="name"></param>
/// <param name="signature"></param>
/// <param name="levelReached"></param>
public SignatureLevelX(AdvancedSignature signature, Result levelReached, TimestampVerificationResult
[] signatureAndRefsTimestampsVerification, TimestampVerificationResult[] referencesTimestampsVerification
) : base(levelReached)
{
this.signatureAndRefsTimestampsVerification = signatureAndRefsTimestampsVerification;
this.referencesTimestampsVerification = referencesTimestampsVerification;
}
protected internal virtual SignatureLevelA VerifyLevelA(AdvancedSignature signature
, DateTime referenceTime, ValidationContext ctx)
{
try
{
Result levelReached = new Result();
IList <TimestampVerificationResult> verifs = null;
try
{
IList <TimestampToken> timestamps = signature.GetArchiveTimestamps();
verifs = VerifyTimestamps(signature, referenceTime, ctx, timestamps, signature.GetArchiveTimestampData
(0, ExternalContent));
}
catch (IOException e)
{
LOG.Error("Error verifyind level A " + e.Message);
levelReached.SetStatus(Result.ResultStatus.UNDETERMINED, "exception.while.verifying"
);
}
return(new SignatureLevelA(ResultForTimestamps(verifs, levelReached), verifs));
}
catch (Exception)
{
return(new SignatureLevelA(new Result(Result.ResultStatus.INVALID, "exception.while.verifying"
), null));
}
}
public SignatureLevelX(AdvancedSignature signature, Result levelReached, IList <TimestampVerificationResult
> signatureAndRefsTimestampsVerification, IList <TimestampVerificationResult> referencesTimestampsVerification
) : base(levelReached)
{
this.signatureAndRefsTimestampsVerification = signatureAndRefsTimestampsVerification.ToArray();
this.referencesTimestampsVerification = referencesTimestampsVerification.ToArray();
}
/// <summary>The default constructor for SignatureLevelBES.</summary>
/// <remarks>The default constructor for SignatureLevelBES.</remarks>
/// <param name="name"></param>
/// <param name="signature"></param>
/// <param name="levelReached"></param>
public SignatureLevelX(AdvancedSignature signature, Result levelReached, TimestampVerificationResult
[] signatureAndRefsTimestampsVerification, TimestampVerificationResult[] referencesTimestampsVerification
) : base(levelReached)
{
this.signatureAndRefsTimestampsVerification = signatureAndRefsTimestampsVerification;
this.referencesTimestampsVerification = referencesTimestampsVerification;
}
/// <summary>The default constructor for SignatureLevelBES.</summary>
/// <remarks>The default constructor for SignatureLevelBES.</remarks>
/// <param name="name"></param>
/// <param name="signature"></param>
/// <param name="levelReached"></param>
public SignatureLevelEPES(AdvancedSignature signature, Result levelReached) : base
(levelReached)
{
if (signature != null)
{
signaturePolicy = signature.GetPolicyId();
}
}
/// <summary>The default constructor for SignatureLevelBES.</summary>
/// <remarks>The default constructor for SignatureLevelBES.</remarks>
/// <param name="name"></param>
/// <param name="signature"></param>
/// <param name="levelReached"></param>
public SignatureLevelEPES(AdvancedSignature signature, Result levelReached) : base
(levelReached)
{
if (signature != null)
{
signaturePolicy = signature.GetPolicyId();
}
}
protected internal virtual SignatureLevelT VerifyLevelT(AdvancedSignature signature
, DateTime referenceTime, ValidationContext ctx)
{
IList <TimestampToken> sigTimestamps = signature.GetSignatureTimestamps();
IList <TimestampVerificationResult> results = VerifyTimestamps(signature, referenceTime
, ctx, sigTimestamps, signature.GetSignatureTimestampData());
return(new SignatureLevelT(ResultForTimestamps(results, new Result()), results));
}
public SignatureLevelX(AdvancedSignature signature, Result levelReached, IList<TimestampVerificationResult
> signatureAndRefsTimestampsVerification, IList<TimestampVerificationResult> referencesTimestampsVerification
) : base(levelReached)
{
TimestampVerificationResult[] array1 = new TimestampVerificationResult[signatureAndRefsTimestampsVerification
.Count];
this.signatureAndRefsTimestampsVerification = Sharpen.Collections.ToArray(signatureAndRefsTimestampsVerification
, array1);
TimestampVerificationResult[] array2 = new TimestampVerificationResult[referencesTimestampsVerification
.Count];
this.referencesTimestampsVerification = Sharpen.Collections.ToArray(referencesTimestampsVerification
, array2);
}
public SignatureLevelX(AdvancedSignature signature, Result levelReached, IList <TimestampVerificationResult
> signatureAndRefsTimestampsVerification, IList <TimestampVerificationResult> referencesTimestampsVerification
) : base(levelReached)
{
TimestampVerificationResult[] array1 = new TimestampVerificationResult[signatureAndRefsTimestampsVerification
.Count];
this.signatureAndRefsTimestampsVerification = Sharpen.Collections.ToArray(signatureAndRefsTimestampsVerification
, array1);
TimestampVerificationResult[] array2 = new TimestampVerificationResult[referencesTimestampsVerification
.Count];
this.referencesTimestampsVerification = Sharpen.Collections.ToArray(referencesTimestampsVerification
, array2);
}
protected internal virtual SignatureLevelEPES VerifyLevelEPES(AdvancedSignature signature
, DateTime referenceTime, ValidationContext ctx)
{
try
{
PolicyValue policyValue = signature.GetPolicyId();
Result levelReached = new Result(policyValue != null);
return(new SignatureLevelEPES(signature, levelReached));
}
catch (Exception)
{
return(new SignatureLevelEPES(signature, new Result(Result.ResultStatus.INVALID,
"exception.while.verifying")));
}
}
/// <summary>The default constructor for SignatureLevelBES.</summary>
/// <remarks>The default constructor for SignatureLevelBES.</remarks>
/// <param name="name"></param>
/// <param name="signature"></param>
/// <param name="levelReached"></param>
public SignatureLevelBES(Result levelReached, AdvancedSignature signature, Result
signingCertificateVerification, SignatureVerification[] counterSignatureVerification
, IList<TimestampVerificationResult> timestampsVerification) : base(levelReached
)
{
this.signingCertRefVerification = signingCertificateVerification;
this.counterSignaturesVerification = counterSignatureVerification;
this.timestampsVerification = timestampsVerification;
if (signature != null)
{
certificates = signature.GetCertificates();
signingCertificate = signature.GetSigningCertificate();
signingTime = signature.GetSigningTime().Value;
location = signature.GetLocation();
claimedSignerRole = signature.GetClaimedSignerRoles();
contentType = signature.GetContentType();
}
}
/// <summary>The default constructor for SignatureLevelBES.</summary>
/// <remarks>The default constructor for SignatureLevelBES.</remarks>
/// <param name="name"></param>
/// <param name="signature"></param>
/// <param name="levelReached"></param>
public SignatureLevelBES(Result levelReached, AdvancedSignature signature, Result
signingCertificateVerification, SignatureVerification[] counterSignatureVerification
, IList <TimestampVerificationResult> timestampsVerification) : base(levelReached
)
{
this.signingCertRefVerification = signingCertificateVerification;
this.counterSignaturesVerification = counterSignatureVerification;
this.timestampsVerification = timestampsVerification;
if (signature != null)
{
certificates = signature.GetCertificates();
signingCertificate = signature.GetSigningCertificate();
signingTime = signature.GetSigningTime().Value;
location = signature.GetLocation();
claimedSignerRole = signature.GetClaimedSignerRoles();
contentType = signature.GetContentType();
}
}
/// <summary>Main method for validating a signature</summary>
/// <param name="signature"></param>
/// <param name="referenceTime"></param>
/// <returns>the report part pertaining to the signature</returns>
protected internal virtual SignatureInformation ValidateSignature(AdvancedSignature
signature, DateTime referenceTime)
{
if (signature.GetSigningCertificate() == null)
{
LOG.Error("There is no signing certificate");
return(null);
}
QCStatementInformation qcStatementInformation = VerifyQStatement(signature.GetSigningCertificate
());
SignatureVerification signatureVerification = new SignatureVerification(new Result
(signature.CheckIntegrity(this.ExternalContent)), signature.GetSignatureAlgorithm
());
try
{
ValidationContext ctx = CertificateVerifier.ValidateCertificate(signature.GetSigningCertificate
(), referenceTime, signature.GetCertificateSource(), signature.GetCRLSource(), signature
.GetOCSPSource());
TrustedListInformation info = new TrustedListInformation(ctx.GetRelevantServiceInfo
());
CertPathRevocationAnalysis path = new CertPathRevocationAnalysis(ctx, info);
SignatureLevelXL signatureLevelXL = VerifyLevelXL(signature, referenceTime, ctx);
SignatureLevelC signatureLevelC = VerifyLevelC(signature, referenceTime, ctx, signatureLevelXL
!= null ? signatureLevelXL.GetLevelReached().IsValid() : false);
SignatureLevelAnalysis signatureLevelAnalysis = new SignatureLevelAnalysis(signature
, VerifyLevelBES(signature, referenceTime, ctx), VerifyLevelEPES(signature, referenceTime
, ctx), VerifyLevelT(signature, referenceTime, ctx), signatureLevelC, VerifyLevelX
(signature, referenceTime, ctx), signatureLevelXL, VerifyLevelA(signature, referenceTime
, ctx), VerifyLevelLTV(signature, referenceTime, ctx));
QualificationsVerification qualificationsVerification = VerifyQualificationsElement
(signature, referenceTime, ctx);
SignatureInformation signatureInformation = new SignatureInformation(signatureVerification
, path, signatureLevelAnalysis, qualificationsVerification, qcStatementInformation
);
return(signatureInformation);
}
catch (IOException e)
{
throw new RuntimeException("Cannot read signature file", e);
}
}
protected internal virtual QualificationsVerification VerifyQualificationsElement
(AdvancedSignature signature, DateTime referenceTime, ValidationContext ctx)
{
Result qCWithSSCD = new Result();
Result qCNoSSCD = new Result();
Result qCSSCDStatusAsInCert = new Result();
Result qCForLegalPerson = new Result();
IList <string> qualifiers = ctx.GetQualificationStatement();
if (qualifiers != null)
{
qCWithSSCD = new Result(qualifiers.Contains(SVC_INFO + "QCWithSSCD"));
qCNoSSCD = new Result(qualifiers.Contains(SVC_INFO + "QCNoSSCD"));
qCSSCDStatusAsInCert = new Result(qualifiers.Contains(SVC_INFO + "QCSSCDStatusAsInCert"
));
qCForLegalPerson = new Result(qualifiers.Contains(SVC_INFO + "QCForLegalPerson"));
}
return(new QualificationsVerification(qCWithSSCD, qCNoSSCD, qCSSCDStatusAsInCert,
qCForLegalPerson));
}
protected internal virtual SignatureVerification[] VerifyCounterSignatures(AdvancedSignature
signature, ValidationContext ctx)
{
IList <AdvancedSignature> counterSignatures = signature.GetCounterSignatures();
if (counterSignatures == null)
{
return(null);
}
IList <SignatureVerification> counterSigVerifs = new List <SignatureVerification>(
);
foreach (AdvancedSignature counterSig in counterSignatures)
{
Result counterSigResult = new Result(counterSig.CheckIntegrity(ExternalContent));
string counterSigAlg = counterSig.GetSignatureAlgorithm();
counterSigVerifs.Add(new SignatureVerification(counterSigResult, counterSigAlg
));
}
return(counterSigVerifs.ToArray());
}
/// <summary>Check the list of Timestamptoken.</summary>
/// <remarks>Check the list of Timestamptoken. For each one a TimestampVerificationResult is produced
/// </remarks>
/// <param name="signature"></param>
/// <param name="referenceTime"></param>
/// <param name="ctx"></param>
/// <param name="tstokens"></param>
/// <param name="data"></param>
/// <returns></returns>
protected internal virtual IList <TimestampVerificationResult> VerifyTimestamps(AdvancedSignature
signature, DateTime referenceTime, ValidationContext ctx, IList <TimestampToken>
tstokens, byte[] data)
{
IList <TimestampVerificationResult> tstokenVerifs = new AList <TimestampVerificationResult
>();
if (tstokens != null)
{
foreach (TimestampToken t in tstokens)
{
TimestampVerificationResult verif = new TimestampVerificationResult(t);
try
{
if (t.MatchData(data))
{
verif.SetSameDigest(new Result(Result.ResultStatus.VALID, null));
}
else
{
verif.SetSameDigest(new Result(Result.ResultStatus.INVALID, "timestamp.dont.sign.data"
));
}
}
catch (NoSuchAlgorithmException)
{
verif.SetSameDigest(new Result(Result.ResultStatus.UNDETERMINED, "no.such.algoritm"
));
}
CheckTimeStampCertPath(t, verif, ctx, signature);
tstokenVerifs.AddItem(verif);
}
}
return(tstokenVerifs);
}
protected internal virtual SignatureLevelLTV VerifyLevelLTV(AdvancedSignature signature
, DateTime referenceTime, ValidationContext ctx)
{
return(null);
}
public SignatureLevelX(AdvancedSignature signature, Result levelReached) : base(levelReached
)
{
}
protected internal virtual SignatureLevelXL VerifyLevelXL(AdvancedSignature signature
, DateTime referenceTime, ValidationContext ctx)
{
try
{
Result levelReached = new Result();
Result everyNeededCertAreInSignature = new Result();
everyNeededCertAreInSignature.SetStatus(Result.ResultStatus.VALID, null);
Result everyNeededRevocationData = new Result();
everyNeededRevocationData.SetStatus(Result.ResultStatus.VALID, null);
IList <X509Certificate> refs = signature.GetCertificates();
if (refs.IsEmpty())
{
LOG.Info("There is no certificate refs in the signature");
everyNeededCertAreInSignature.SetStatus(Result.ResultStatus.INVALID, "no.certificate.value"
);
}
else
{
if (!EveryCertificateValueAreThere(ctx, refs, signature.GetSigningCertificate()))
{
everyNeededCertAreInSignature.SetStatus(Result.ResultStatus.INVALID, "not.all.needed.certificate.value"
);
}
}
LOG.Info("Every certificate found " + everyNeededCertAreInSignature);
int valueCount = 0;
IList <BasicOcspResp> ocspValues = signature.GetOCSPs();
if (ocspValues != null)
{
valueCount += ocspValues.Count;
if (!EveryOCSPValueOrRefAreThere(ctx, ocspValues))
{
everyNeededRevocationData.SetStatus(Result.ResultStatus.INVALID, "not.all.needed.ocsp.value"
);
}
}
IList <X509Crl> crlValues = signature.GetCRLs();
if (crlValues != null)
{
valueCount += crlValues.Count;
if (!EveryCRLValueOrRefAreThere(ctx, crlValues))
{
everyNeededRevocationData.SetStatus(Result.ResultStatus.INVALID, "not.all.needed.crl.value"
);
}
}
if (valueCount == 0)
{
everyNeededRevocationData.SetStatus(Result.ResultStatus.INVALID, "no.revocation.data.value"
);
}
levelReached.SetStatus((everyNeededCertAreInSignature.GetStatus() == Result.ResultStatus
.VALID && everyNeededRevocationData.GetStatus() == Result.ResultStatus.VALID) ?
Result.ResultStatus.VALID : Result.ResultStatus.INVALID, null);
return(new SignatureLevelXL(levelReached, everyNeededCertAreInSignature, everyNeededRevocationData
));
}
catch (Exception)
{
return(new SignatureLevelXL(new Result(Result.ResultStatus.INVALID, "exception.while.verifying"
), new Result(Result.ResultStatus.INVALID, "exception.while.verifying"), new Result
(Result.ResultStatus.INVALID, "exception.while.verifying")));
}
}
protected internal virtual SignatureLevelX VerifyLevelX(AdvancedSignature signature
, DateTime referenceTime, ValidationContext ctx)
{
try
{
Result levelReached = new Result();
levelReached.SetStatus(Result.ResultStatus.VALID, null);
TimestampVerificationResult[] x1Results = null;
TimestampVerificationResult[] x2Results = null;
IList <TimestampToken> timestampX1 = signature.GetTimestampsX1();
if (timestampX1 != null && !timestampX1.IsEmpty())
{
byte[] data = signature.GetTimestampX1Data();
x1Results = new TimestampVerificationResult[timestampX1.Count];
for (int i = 0; i < timestampX1.Count; i++)
{
try
{
TimestampToken t = timestampX1[i];
x1Results[i] = new TimestampVerificationResult(t);
if (!t.MatchData(data))
{
levelReached.SetStatus(Result.ResultStatus.INVALID, "timestamp.dont.sign.data");
x1Results[i].SetSameDigest(new Result(Result.ResultStatus.INVALID, "timestamp.dont.sign.data"
));
}
else
{
x1Results[i].SetSameDigest(new Result(Result.ResultStatus.VALID, null));
}
CheckTimeStampCertPath(t, x1Results[i], ctx, signature);
}
catch (NoSuchAlgorithmException)
{
levelReached.SetStatus(Result.ResultStatus.UNDETERMINED, "no.such.algoritm");
}
}
}
IList <TimestampToken> timestampX2 = signature.GetTimestampsX2();
if (timestampX2 != null && !timestampX2.IsEmpty())
{
byte[] data = signature.GetTimestampX2Data();
x2Results = new TimestampVerificationResult[timestampX2.Count];
int i = 0;
foreach (TimestampToken t in timestampX2)
{
try
{
x2Results[i] = new TimestampVerificationResult(t);
if (!t.MatchData(data))
{
levelReached.SetStatus(Result.ResultStatus.INVALID, "timestamp.dont.sign.data");
x2Results[i].SetSameDigest(new Result(Result.ResultStatus.INVALID, "timestamp.dont.sign.data"
));
}
else
{
x2Results[i].SetSameDigest(new Result(Result.ResultStatus.VALID, null));
}
CheckTimeStampCertPath(t, x2Results[i], ctx, signature);
}
catch (NoSuchAlgorithmException)
{
levelReached.SetStatus(Result.ResultStatus.UNDETERMINED, "no.such.algoritm");
}
}
}
if ((timestampX1 == null || timestampX1.IsEmpty()) && (timestampX2 == null || timestampX2
.IsEmpty()))
{
levelReached.SetStatus(Result.ResultStatus.INVALID, "no.timestamp");
}
return(new SignatureLevelX(signature, levelReached, x1Results, x2Results));
}
catch (Exception)
{
return(new SignatureLevelX(signature, new Result(Result.ResultStatus.INVALID, "exception.while.verifying"
)));
}
}
protected internal virtual SignatureLevelC VerifyLevelC(AdvancedSignature signature
, DateTime referenceTime, ValidationContext ctx, bool rehashValues)
{
try
{
IList <CertificateRef> refs = signature.GetCertificateRefs();
Result everyNeededCertAreInSignature = new Result();
if (refs == null || refs.IsEmpty())
{
everyNeededCertAreInSignature.SetStatus(Result.ResultStatus.INVALID, "no.certificate.ref"
);
}
else
{
if (EveryCertificateRefAreThere(ctx, refs, signature.GetSigningCertificate()))
{
everyNeededCertAreInSignature.SetStatus(Result.ResultStatus.VALID, null);
}
else
{
everyNeededCertAreInSignature.SetStatus(Result.ResultStatus.INVALID, "not.all.needed.certificate.ref"
);
}
}
LOG.Info("Every CertificateRef found " + everyNeededCertAreInSignature);
IList <OCSPRef> ocspRefs = signature.GetOCSPRefs();
IList <CRLRef> crlRefs = signature.GetCRLRefs();
int refCount = 0;
Result everyNeededRevocationData = new Result(Result.ResultStatus.VALID, null);
refCount += ocspRefs.Count;
refCount += crlRefs.Count;
Result thereIsRevocationData = null;
Result levelCReached = null;
if (rehashValues)
{
if (!EveryOCSPValueOrRefAreThere(ctx, ocspRefs))
{
everyNeededRevocationData.SetStatus(Result.ResultStatus.INVALID, "not.all.needed.ocsp.ref"
);
}
if (!EveryCRLValueOrRefAreThere(ctx, crlRefs))
{
everyNeededRevocationData.SetStatus(Result.ResultStatus.INVALID, "not.all.needed.crl.ref"
);
}
levelCReached = new Result(everyNeededCertAreInSignature.GetStatus() == Result.ResultStatus
.VALID && everyNeededRevocationData.GetStatus() == Result.ResultStatus.VALID);
return(new SignatureLevelC(levelCReached, everyNeededCertAreInSignature, everyNeededRevocationData
));
}
else
{
thereIsRevocationData = new Result();
if (refCount == 0)
{
thereIsRevocationData.SetStatus(Result.ResultStatus.INVALID, "no.revocation.data.reference"
);
}
else
{
thereIsRevocationData.SetStatus(Result.ResultStatus.VALID, "at.least.one.reference"
);
}
levelCReached = new Result(everyNeededCertAreInSignature.GetStatus() == Result.ResultStatus
.VALID && thereIsRevocationData.GetStatus() == Result.ResultStatus.VALID);
return(new SignatureLevelC(levelCReached, everyNeededCertAreInSignature, thereIsRevocationData
));
}
}
catch (Exception)
{
return(new SignatureLevelC(new Result(Result.ResultStatus.INVALID, "exception.while.verifying"
), new Result(Result.ResultStatus.INVALID, "exception.while.verifying"), new Result
(Result.ResultStatus.INVALID, "exception.while.verifying")));
}
}
public SignatureLevelX(AdvancedSignature signature, Result levelReached) : base(levelReached
)
{
}
