public bool Verify(byte[] nis) { var digestAlgo = string.Empty; switch (OIDDSMessageDigestHashAlgo) { case "2.16.840.1.101.3.4.2.1": digestAlgo = "SHA256"; break; case "2.16.840.1.101.3.4.2.3": digestAlgo = "SHA512"; break; default: throw new Exception("hash algoritm not valid"); } /*Get hashed data of * - ID servizi * - Seriale carta * - Certificato utente * - Chiave pubblica di internal authentication * - Chiave pubblica di internal authentication per i servizi * contained in SignedDataObject and calculate hash of hash*/ var digestRecalculation = SignedDataObject.DeepChild(1, 0).Data.ToMessageDigest(digestAlgo); //Compare recalculation of hash with data contained in signer message digest object to verify equality if (digestRecalculation.ToHexString() != SignerMessageDigest.Data.ToHexString()) { return(false); // Digest SOD not correspond to data } //Get Document Signer public key from SignedCert data var dsPubKey = DSCertificate.DeepChild(0, 6, 1, 0); //Get modulus and exponent from Document Signer public key var dsModPubKey = dsPubKey.Child(0, 0x02).Data; // modulus. 0x02 Verify that result is a INTEGER var dsExpPubKey = dsPubKey.Child(1, 0x02).Data; // exp. 0x02 Verify that result is a INTEGER //Verify SOD sign using DS public key and sign algoritm using (var rsa = new RSAService(dsModPubKey, dsExpPubKey)) { var isValidSod = false; switch (OIDDSMessageDigestSignAlgo) { case "1.2.840.113549.1.1.5": isValidSod = rsa.CheckSHA1withRSAEncryption(Signature.Data, SignatureAlgoritmIdentifier.MakeTag(0x31)); break; case "1.2.840.113549.1.1.10": isValidSod = rsa.CheckRSASSAPSS(Signature.Data, SignatureAlgoritmIdentifier.MakeTag(0x31), digestAlgo); break; default: throw new Exception("Sign aloritm not supported"); } if (!isValidSod) { throw new Exception("SOD sign wrong"); //SOD sign wrong } } //Get issuer information from Document Signer certificate and compare it with data in IssuerName ASN1 tag var issuer = DSCertificate.DeepChild(0).Child(3, 0x30); //0x30 Verify that result is a SEQUENCE //Compare issuer information obtained from DS certificate with information stored directly in IssuerName tag if (issuer.Data.ToHexString() != IssuerName.Data.ToHexString()) { return(false); //Issuer name check failed } //Get serial number information from Document Signer certificate and compare it with data in SignerCertSerialNumber ASN1 tag var serialNumber = DSCertificate.DeepChild(0).Child(1, 0x02); //02 Verify that result is a INTEGER if (serialNumber.Data.ToHexString() != SerialNumber.Data.ToHexString()) { return(false); // Serial Number of certificate wrong } //Get hash of NIS and verify it with NIS stored in file system var dgsHash = SignedData.Child(2, 0x30); //0x30 Verify that result is a SEQUENCE var isValidNis = false; foreach (var dg in dgsHash.children) { /* * 0xa1 : IdServizi * 0xa2 : Seriale carta * 0xa3 : Certificato utente * 0xa4 : Chiave pubblica di Internal Authentication * 0xa5 : Chiave pubblica di Internal Authentication per i Servizi * 0x1b : Parametri DH */ var oID = dg.Child(0, 02); //02 Verify that result is a INTEGER if (oID.Data.ToHexString() == "a1") { //Get hashed NIS from DG var hashedNis = dg.Child(1, 04).Data; //04 Verify that result is a OCTECT STRING //Calculate hash of file nis and compare it with the other in dg if (hashedNis.ToHexString() == nis.ToMessageDigest(digestAlgo).ToHexString()) { isValidNis = true; } } } //TODO: Check that certificate is issued by https://csca-ita.interno.gov.it/index_ITA.htm (CSCA certificate) return(isValidNis); }