/// <summary>
/// Given the output data from the Open Sign applet, signed text is extracted if the login data is valid.
/// </summary>
/// <param name="loginData">the output data from the Open Sign applet (base64 encoded).</param>
/// <param name="agreement">the string to match against the signed text in the login data.</param>
/// <param name="logonto">expected value of the signature parameter <code>logonto</code> for OCESI applet responses or
/// of the signature parameter <code>RequestIssuer</code> for OCESII applet responses. Can be set to <code>null</code>
/// if validation should not be performed (this is not recommended)</param>.
/// <returns>true if the signed text matches the agreement parameter</returns>
/// <throws>AppletException in case the applet returned an error code.</throws>
public static SignatureValidationStatus ValidateSignatureAgainstAgreement(string loginData, string agreement, string stylesheet, string challenge, string logonto)
{
var errorCodeChecker = new ErrorCodeChecker(loginData);
if (errorCodeChecker.HasError())
{
throw new AppletException(errorCodeChecker.ExtractError());
}
var opensignSignature = CreateOpensignSignature(Base64Decode(loginData));
ValidateSignatureParameters(opensignSignature, challenge, logonto);
var encodedSignature = EncodeSignature(opensignSignature);
var encodedAgreement = Base64Encode(agreement);
var certificate = opensignSignature.SigningCertificate;
CertificateStatus status = certificate.ValidityStatus();
if (ServiceProviderSetup.CurrentChecker.IsRevoked(certificate))
{
status = CertificateStatus.Revoked;
}
var signatureMatches = SignatureMatches(encodedSignature, encodedAgreement, stylesheet, opensignSignature);
return new SignatureValidationStatus(opensignSignature, status, signatureMatches);
}
public static SignatureValidationStatus validateSignatureAgainstAgreementPDF(String loginData, String agreement, String challenge, String logonto)
{
var errorCodeChecker = new ErrorCodeChecker(loginData);
if (errorCodeChecker.HasError())
{
throw new AppletException(errorCodeChecker.ExtractError());
}
var opensignSignature = CreateOpensignSignature(Base64Decode(loginData));
ValidateChallenge(opensignSignature, challenge);
if (logonto != null)
{
ValidateLogonto(opensignSignature, logonto);
}
String encodedSignature = Base64Encode(Encoding.ASCII.GetString(opensignSignature.SignedDocument.SignedContent));
var encodedAgreement = Base64Encode(agreement);
var certificate = opensignSignature.SigningCertificate;
CertificateStatus status = certificate.ValidityStatus();
if (ServiceProviderSetup.CurrentChecker.IsRevoked(certificate))
{
status = CertificateStatus.Revoked;
}
var signatureMatches = SignatureMatches(encodedSignature, encodedAgreement, null, opensignSignature);
//@TODO HER MANGLER CHECK AF ATTACHMENTS !
return new SignatureValidationStatus(opensignSignature, status, signatureMatches);
}
private static OpenlogonSignature CreateOpenlogonSignature(string loginData)
{
var errorCodeChecker = new ErrorCodeChecker(loginData);
if (errorCodeChecker.HasError())
{
throw new AppletException(errorCodeChecker.ExtractError());
}
var abstractSignature =
OpensignSignatureFactory.Instance.GenerateOpensignSignature(loginData);
if (!(abstractSignature is OpenlogonSignature))
{
throw new ArgumentException("argument of type " + abstractSignature.GetType() +
" is not valid output from the logon applet");
}
var signature = (OpenlogonSignature)abstractSignature;
return signature;
}