public void ToStringTest()
{
CalendarAuthenticationRecord tag = TestUtil.GetCompositeTag <CalendarAuthenticationRecord>(Constants.CalendarAuthenticationRecord.TagType,
new ITlvTag[]
{
TestUtil.GetCompositeTag <PublicationData>(Constants.PublicationData.TagType,
new ITlvTag[]
{
new IntegerTag(Constants.PublicationData.PublicationTimeTagType, false, false, 1),
new ImprintTag(Constants.PublicationData.PublicationHashTagType, false, false,
new DataHash(HashAlgorithm.Sha2256,
new byte[] { 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32 })),
}),
TestUtil.GetCompositeTag <SignatureData>(Constants.SignatureData.TagType,
new ITlvTag[]
{
new StringTag(Constants.SignatureData.SignatureTypeTagType, false, false, "Test SignatureType"),
new RawTag(Constants.SignatureData.SignatureValueTagType, false, false, new byte[] { 0x2 }),
new RawTag(Constants.SignatureData.CertificateIdTagType, false, false, new byte[] { 0x3 }),
new StringTag(Constants.SignatureData.CertificateRepositoryUriTagType, false, false, "Test CertificateRepositoryUri")
})
});
CalendarAuthenticationRecord tag2 = new CalendarAuthenticationRecord(new RawTag(tag.Type, tag.NonCritical, tag.Forward, tag.EncodeValue()));
Assert.AreEqual(tag.ToString(), tag2.ToString());
}
/// <see cref="VerificationRule.Verify" />
public override VerificationResult Verify(IVerificationContext context)
{
CalendarAuthenticationRecord calendarAuthenticationRecord = GetCalendarAuthenticationRecord(GetSignature(context));
SignatureData signatureData = calendarAuthenticationRecord.SignatureData;
return(GetPublicationsFile(context).FindCertificateById(signatureData.GetCertificateId()) == null
? new VerificationResult(GetRuleName(), VerificationResultCode.Fail, VerificationError.Key01)
: new VerificationResult(GetRuleName(), VerificationResultCode.Ok));
}
/// <summary>
/// Get calendar authentication record from KSI signature
/// </summary>
/// <param name="signature">KSI signature</param>
/// <returns>calendar authentication record</returns>
public static CalendarAuthenticationRecord GetCalendarAuthenticationRecord(IKsiSignature signature)
{
CalendarAuthenticationRecord calendarAuthenticationRecord = signature.CalendarAuthenticationRecord;
if (calendarAuthenticationRecord == null)
{
throw new KsiVerificationException("Calendar authentication record in missing from KSI signature.");
}
return(calendarAuthenticationRecord);
}
/// <see cref="VerificationRule.Verify" />
public override VerificationResult Verify(IVerificationContext context)
{
IKsiSignature signature = GetSignature(context);
CalendarAuthenticationRecord calendarAuthenticationRecord = signature.CalendarAuthenticationRecord;
if (calendarAuthenticationRecord == null)
{
return(new VerificationResult(GetRuleName(), VerificationResultCode.Ok));
}
CalendarHashChain calendarHashChain = GetCalendarHashChain(signature);
return(calendarHashChain.PublicationTime != calendarAuthenticationRecord.PublicationData.PublicationTime
? new VerificationResult(GetRuleName(), VerificationResultCode.Fail, VerificationError.Int06)
: new VerificationResult(GetRuleName(), VerificationResultCode.Ok));
}
/// <see cref="VerificationRule.Verify" />
public override VerificationResult Verify(IVerificationContext context)
{
IKsiSignature signature = GetSignature(context);
CalendarAuthenticationRecord calendarAuthenticationRecord = GetCalendarAuthenticationRecord(signature);
SignatureData signatureData = calendarAuthenticationRecord.SignatureData;
byte[] certificateBytes = GetPublicationsFile(context).FindCertificateById(signatureData.GetCertificateId());
if (certificateBytes == null)
{
throw new KsiVerificationException("No certificate found in publications file with id: " + Base16.Encode(signatureData.GetCertificateId()) + ".");
}
byte[] signedBytes = calendarAuthenticationRecord.PublicationData.Encode();
try
{
ICryptoSignatureVerifier cryptoSignatureVerifier = CryptoSignatureVerifierFactory.GetCryptoSignatureVerifierByOid(signatureData.SignatureType);
CryptoSignatureVerificationData data = new CryptoSignatureVerificationData(certificateBytes, signature.AggregationTime);
cryptoSignatureVerifier.Verify(signedBytes, signatureData.GetSignatureValue(), data);
}
catch (PkiVerificationFailedCertNotValidException ex)
{
Logger.Debug(ex);
return(new VerificationResult(GetRuleName(), VerificationResultCode.Fail, VerificationError.Key03));
}
catch (PkiVerificationFailedException ex)
{
Logger.Debug("Could not verify signature.{0}Signature type: {1}{0}{2}{0}{3}",
Environment.NewLine,
signatureData.SignatureType,
ex,
ex.AdditionalInfo);
return(new VerificationResult(GetRuleName(), VerificationResultCode.Fail, VerificationError.Key02));
}
catch (PkiVerificationErrorException ex)
{
Logger.Debug("Signature verification error.{0}Signature type: {1}{0}{2}",
Environment.NewLine,
signatureData.SignatureType,
ex);
return(new VerificationResult(GetRuleName(), VerificationResultCode.Fail, VerificationError.Key02));
}
return(new VerificationResult(GetRuleName(), VerificationResultCode.Ok));
}
public void TestCalendarAuthenticationRecordOk()
{
CalendarAuthenticationRecord calendarAuthenticationRecord = GetCalendarAuthenticationRecordFromFile(Resources.CalendarAuthenticationRecord_Ok);
Assert.AreEqual(2, calendarAuthenticationRecord.Count, "Invalid amount of child TLV objects");
PublicationData publicationData = new PublicationData(1398902400,
new DataHash(Base16.Decode("01C45A4D73815CBECD5493197513A6C2C9058B0B16B99A64805368A7186D528E8B")), false, true);
Assert.IsTrue(calendarAuthenticationRecord.PublicationData.Equals(publicationData));
SignatureData signatureData =
new SignatureData(new RawTag(0xb, false, false,
Base16.Decode(
"0116312E322E3834302E3131333534392E312E312E3131008002010098D9A4D14722BB2C22425AC9112FBF6A2491B7051AD0CBFD8153E669BFCC6CDF20EEC80F7FCC7236985A4F83871DD6E245470BCA323A3902035B78764DDC4C6EB42416A3A7D7E5CEF6ED6AE8FADA668413758CF7DE1E9565EDF646170286D0F43CA30491DD3407B53DEEDDCBD2620057AB6580E3D3E938AE44EABAF3282357EEBB7B2325616755A1F20B3A78DE2F636DE10F7CCD75B6C5BB80EFEBA216F9BF1A302DCB93B9D3E3E9754620E6D8EC8672C5329CBBB00A9A4617242950D68B8A55CBA77E69DECDD49DD96F69FAA6BFBB0EF48A913F5F26AFA01FB08192D62123FC644BA2978CAF147229BD5702663494983A40ED77AA5016EAABC1FE8456DC17D40304C246B139")));
Assert.IsTrue(calendarAuthenticationRecord.SignatureData.Equals(signatureData));
}
