Пример #1
0
        /// <summary>
        /// Given the output data from the Open Sign applet, signed text is extracted if the login data is valid.
        /// </summary>
        /// <param name="loginData">the output data from the Open Sign applet (base64 encoded).</param>
        /// <param name="agreement">the string to match against the signed text in the login data.</param>
        /// <param name="logonto">expected value of the signature parameter <code>logonto</code> for OCESI applet responses or 
        /// of the signature parameter <code>RequestIssuer</code> for OCESII applet responses. Can be set to <code>null</code>
        /// if validation should not be performed (this is not recommended)</param>.
        /// <returns>true if the signed text matches the agreement parameter</returns>
        /// <throws>AppletException in case the applet returned an error code.</throws>
        public static SignatureValidationStatus ValidateSignatureAgainstAgreement(string loginData, string agreement, string stylesheet, string challenge, string logonto)
        {
            var errorCodeChecker = new ErrorCodeChecker(loginData);
            if (errorCodeChecker.HasError())
            {
                throw new AppletException(errorCodeChecker.ExtractError());
            }
            var opensignSignature = CreateOpensignSignature(Base64Decode(loginData));
            ValidateSignatureParameters(opensignSignature, challenge, logonto);
            var encodedSignature = EncodeSignature(opensignSignature);
            var encodedAgreement = Base64Encode(agreement);

            var certificate = opensignSignature.SigningCertificate;
            CertificateStatus status = certificate.ValidityStatus();
            if (ServiceProviderSetup.CurrentChecker.IsRevoked(certificate))
            {
                status = CertificateStatus.Revoked;
            }

            var signatureMatches = SignatureMatches(encodedSignature, encodedAgreement, stylesheet, opensignSignature);
            return new SignatureValidationStatus(opensignSignature, status, signatureMatches);
        }
Пример #2
0
        public static SignatureValidationStatus validateSignatureAgainstAgreementPDF(String loginData, String agreement, String challenge, String logonto)
        {
            var errorCodeChecker = new ErrorCodeChecker(loginData);
            if (errorCodeChecker.HasError())
            {
                throw new AppletException(errorCodeChecker.ExtractError());
            }
            var opensignSignature = CreateOpensignSignature(Base64Decode(loginData));
            ValidateChallenge(opensignSignature, challenge);

            if (logonto != null)
            {
                ValidateLogonto(opensignSignature, logonto);
            }

            String encodedSignature = Base64Encode(Encoding.ASCII.GetString(opensignSignature.SignedDocument.SignedContent));
            var encodedAgreement = Base64Encode(agreement);

            var certificate = opensignSignature.SigningCertificate;
            CertificateStatus status = certificate.ValidityStatus();
            if (ServiceProviderSetup.CurrentChecker.IsRevoked(certificate))
            {
                status = CertificateStatus.Revoked;
            }

            var signatureMatches = SignatureMatches(encodedSignature, encodedAgreement, null, opensignSignature);

            //@TODO HER MANGLER CHECK AF ATTACHMENTS !

            return new SignatureValidationStatus(opensignSignature, status, signatureMatches);
        }
Пример #3
0
 private static OpenlogonSignature CreateOpenlogonSignature(string loginData)
 {
     var errorCodeChecker = new ErrorCodeChecker(loginData);
     if (errorCodeChecker.HasError())
     {
         throw new AppletException(errorCodeChecker.ExtractError());
     }
     var abstractSignature =
         OpensignSignatureFactory.Instance.GenerateOpensignSignature(loginData);
     if (!(abstractSignature is OpenlogonSignature))
     {
         throw new ArgumentException("argument of type " + abstractSignature.GetType() +
                                     " is not valid output from the logon applet");
     }
     var signature = (OpenlogonSignature)abstractSignature;
     return signature;
 }