private void CheckTimeStampCertPath(TimestampToken t, TimestampVerificationResult
result, ValidationContext ctx, AdvancedSignature signature)
{
try
{
result.GetCertPathUpToTrustedList().SetStatus(Result.ResultStatus.INVALID, "cannot.reached.tsl"
);
ctx.ValidateTimestamp(t, signature.GetCertificateSource(), signature.GetCRLSource
(), signature.GetOCSPSource());
foreach (CertificateAndContext c in ctx.GetNeededCertificates())
{
if (c.GetCertificate().SubjectDN.Equals(t.GetSignerSubjectName()))
{
if (ctx.GetParentFromTrustedList(c) != null)
{
result.GetCertPathUpToTrustedList().SetStatus(Result.ResultStatus.VALID, null);
break;
}
}
}
}
catch (IOException)
{
result.GetCertPathUpToTrustedList().SetStatus(Result.ResultStatus.UNDETERMINED, "exception.while.verifying"
);
}
}
/// <summary>Main method for validating a signature</summary>
/// <param name="signature"></param>
/// <param name="referenceTime"></param>
/// <returns>the report part pertaining to the signature</returns>
protected internal virtual SignatureInformation ValidateSignature(AdvancedSignature
signature, DateTime referenceTime)
{
if (signature.GetSigningCertificate() == null)
{
LOG.Error("There is no signing certificate");
return(null);
}
QCStatementInformation qcStatementInformation = VerifyQStatement(signature.GetSigningCertificate
());
SignatureVerification signatureVerification = new SignatureVerification(new Result
(signature.CheckIntegrity(this.ExternalContent)), signature.GetSignatureAlgorithm
());
try
{
ValidationContext ctx = CertificateVerifier.ValidateCertificate(signature.GetSigningCertificate
(), referenceTime, signature.GetCertificateSource(), signature.GetCRLSource(), signature
.GetOCSPSource());
TrustedListInformation info = new TrustedListInformation(ctx.GetRelevantServiceInfo
());
CertPathRevocationAnalysis path = new CertPathRevocationAnalysis(ctx, info);
SignatureLevelXL signatureLevelXL = VerifyLevelXL(signature, referenceTime, ctx);
SignatureLevelC signatureLevelC = VerifyLevelC(signature, referenceTime, ctx, signatureLevelXL
!= null ? signatureLevelXL.GetLevelReached().IsValid() : false);
SignatureLevelAnalysis signatureLevelAnalysis = new SignatureLevelAnalysis(signature
, VerifyLevelBES(signature, referenceTime, ctx), VerifyLevelEPES(signature, referenceTime
, ctx), VerifyLevelT(signature, referenceTime, ctx), signatureLevelC, VerifyLevelX
(signature, referenceTime, ctx), signatureLevelXL, VerifyLevelA(signature, referenceTime
, ctx), VerifyLevelLTV(signature, referenceTime, ctx));
QualificationsVerification qualificationsVerification = VerifyQualificationsElement
(signature, referenceTime, ctx);
SignatureInformation signatureInformation = new SignatureInformation(signatureVerification
, path, signatureLevelAnalysis, qualificationsVerification, qcStatementInformation
);
return(signatureInformation);
}
catch (IOException e)
{
throw new RuntimeException("Cannot read signature file", e);
}
}
