virtual public PdfPKCS7 VerifySignature(AcroFields fields, String name)
{
Console.WriteLine("Signature covers whole document: " + fields.SignatureCoversWholeDocument(name));
Console.WriteLine("Document revision: " + fields.GetRevision(name) + " of " + fields.TotalRevisions);
PdfPKCS7 pkcs7 = fields.VerifySignature(name);
Console.WriteLine("Integrity check OK? " + pkcs7.Verify());
return(pkcs7);
}
private bool ValidarFirma(AcroFields campos, string nombre)
{
// Solo se verificará la última revision del documento.
if (campos.GetRevision(nombre) != campos.TotalRevisions)
{
return(false);
}
// Solo se verificará si la firma es de todo el documento.
if (!campos.SignatureCoversWholeDocument(nombre))
{
return(false);
}
var firma = campos.VerifySignature(nombre);
if (!firma.Verify())
{
return(false);
}
foreach (var certificadoDocumento in firma.Certificates)
{
foreach (var certificadoDeConfianza in certificado.Chain)
{
try
{
certificadoDocumento.Verify(certificadoDeConfianza.GetPublicKey());
// Si llega hasta aquí, es porque la última firma fue realizada
// con el certificado del sistema.
return(true);
}
catch (InvalidKeyException)
{
continue;
}
catch (Exception ex)
{
Trace.TraceError("Error: {0}", ex);
continue;
}
}
}
return(false);
}
public PdfPKCS7 VerifySignature(AcroFields fields, String name)
{
Console.WriteLine("Signature covers whole document: " + fields.SignatureCoversWholeDocument(name));
Console.WriteLine("Document revision: " + fields.GetRevision(name) + " of " + fields.TotalRevisions);
PdfPKCS7 pkcs7 = fields.VerifySignature(name);
Console.WriteLine("Integrity check OK? " + pkcs7.Verify());
Console.WriteLine("Digest algorithm: " + pkcs7.GetHashAlgorithm());
Console.WriteLine("Encryption algorithm: " + pkcs7.GetEncryptionAlgorithm());
Console.WriteLine("Filter subtype: " + pkcs7.GetFilterSubtype());
X509Certificate cert = pkcs7.SigningCertificate;
Console.WriteLine("Name of the signer: " + CertificateInfo.GetSubjectFields(cert).GetField("CN"));
return(pkcs7);
}
private bool ValidarAssinatura(AcroFields campos, string nome)
{
// Só verifica a última revisão do documento.
if (campos.GetRevision(nome) != campos.TotalRevisions)
{
return(false);
}
// Só verifica se a assinatura é do documento todo.
if (!campos.SignatureCoversWholeDocument(nome))
{
return(false);
}
var assinatura = campos.VerifySignature(nome);
if (!assinatura.Verify())
{
return(false);
}
foreach (var certificadoDocumento in assinatura.Certificates)
{
foreach (var certificadoDeConfianca in certificado.Chain)
{
try
{
certificadoDocumento.Verify(certificadoDeConfianca.GetPublicKey());
// Só entra aqui se a ultima assinatura foi assinada com certificado
return(true);
}
catch (InvalidKeyException)
{
continue;
}
catch (Exception ex)
{
Trace.TraceError("Error: {0}", ex);
continue;
}
}
}
return(false);
}
public void loadSignInfo(string pdf_filename)
{
PdfReader reader = new PdfReader(pdf_filename);
AcroFields fields = reader.AcroFields;
int sigIndex = 1;
SignatureImageExtractor extractor = new SignatureImageExtractor(reader);
foreach (string sigFieldName in fields.GetSignatureNames())
{
PdfImageObject image = extractor.extractImage(sigFieldName);
MemoryStream ms = new MemoryStream(image.GetImageAsBytes());
SigObj sig = new SigObj();
ReadEncodedBitmapResult result = sig.ReadEncodedBitmap(ms.ToArray());
if (result == ReadEncodedBitmapResult.ReadEncodedBitmapOK)
{
//MessageBox.Show(sig.Who + " " + sig.Why + " " + sig.When);
treeView1.BeginUpdate();
treeView1.Nodes.Add("Signature " + sigIndex);
treeView1.Nodes[sigIndex - 1].Nodes.Add("Name: " + sig.Who);
treeView1.Nodes[sigIndex - 1].Nodes.Add("Reason: " + sig.Why);
treeView1.Nodes[sigIndex - 1].Nodes.Add("Timestamp: " + sig.When);
treeView1.Nodes[sigIndex - 1].Nodes.Add("Digitizer: " + sig.get_AdditionalData(CaptData.CaptDigitizer));
treeView1.Nodes[sigIndex - 1].Nodes.Add("Digitizer Driver: " + sig.get_AdditionalData(CaptData.CaptDigitizerDriver));
treeView1.Nodes[sigIndex - 1].Nodes.Add("Machine OS: " + sig.get_AdditionalData(CaptData.CaptMachineOS));
treeView1.Nodes[sigIndex - 1].Nodes.Add("Network Card: " + sig.get_AdditionalData(CaptData.CaptNetworkCard));
treeView1.Nodes[sigIndex - 1].Nodes.Add("Signature Covers whole document: " + fields.SignatureCoversWholeDocument(sigFieldName).ToString());
treeView1.Nodes[sigIndex - 1].Nodes.Add("Document Revision: " + fields.GetRevision(sigFieldName).ToString() + " of " + fields.TotalRevisions.ToString());
PdfPKCS7 pkcs7 = fields.VerifySignature(sigFieldName);
treeView1.Nodes[sigIndex - 1].Nodes.Add("Integrity Check OK? " + pkcs7.Verify().ToString());
treeView1.EndUpdate();
sigIndex = sigIndex + 1;
}
ms.Close();
}
treeView1.ExpandAll();
}
public static int Main(string[] args)
{
// Разбираем аргументы
if (args.Length < 1)
{
Console.WriteLine("Pdf.Verify <document>");
return(1);
}
string document = args[0];
// Открываем документ
PdfReader reader = new PdfReader(document);
// Получаем подписи из документа
AcroFields af = reader.AcroFields;
List <string> names = af.GetSignatureNames();
foreach (string name in names)
{
string message = "Signature name: " + name;
message += "\nSignature covers whole document: " + af.SignatureCoversWholeDocument(name);
message += "\nDocument revision: " + af.GetRevision(name) + " of " + af.TotalRevisions;
Console.WriteLine(message);
// Проверяем подпись
// szOID_CP_GOST_R3411_12_256 "1.2.643.7.1.1.2.2" Функция хэширования ГОСТ Р 34.11-2012, длина выхода 256 бит
PdfPKCS7 pk = af.VerifySignature(name);
DateTime cal = pk.SignDate;
Org.BouncyCastle.X509.X509Certificate[] pkc = pk.Certificates;
message = "Certificate " + pk.SigningCertificate;
message += "\nDocument modified: " + !pk.Verify();
message += "\nDate: " + cal.ToShortDateString();
// Проверим сертификат через CAPI
X509Certificate2 cert = new X509Certificate2(pk.SigningCertificate.GetEncoded());
var isCAPIValid = cert.Verify();
message += "\nCAPI Validation: " + isCAPIValid.ToString();
Console.WriteLine(message);
}
return(0);
}