public void getCRLList()
{
this.crlList = new List <ICrlClient>();
ICrlClient crlOnline = new CrlClientOnline(this.chain);
this.crlList.Add(crlOnline);
}
public static async Task SignPdfFile(String accessToken, String credentialId, String pin, String otp, String inPath, String outPath)
{
try
{
PdfReader reader = new PdfReader(inPath);
PdfSigner signer = new PdfSigner(reader, new FileStream(outPath, FileMode.Create), new StampingProperties());
PdfSignatureAppearance appearance = signer.GetSignatureAppearance()
.SetReason("Test semnatura digitala")
.SetLocation("Bucuresti, RO")
.SetReuseAppearance(false);
Rectangle rect = new Rectangle(300, 690, 200, 100);
appearance.SetPageRect(rect).SetPageNumber(1);
signer.SetFieldName("semnatura iText7");
IExternalSignature pks = new CSCPAdESSignature(accessToken, credentialId, pin, otp);
X509Certificate[] chain = await CSC_API_Utils.GetCertChainAsync(accessToken, credentialId);
ICrlClient signingCertCrl = new CrlClientOnline(chain);
List <ICrlClient> crlList = new List <ICrlClient>();
crlList.Add(signingCertCrl);
ITSAClient tsaClient = new TSAClientBouncyCastle("http://timestamp.globalsign.com/scripts/timestamp.dll");
signer.SignDetached(pks, chain, crlList, null, tsaClient, 0, PdfSigner.CryptoStandard.CADES);
}
catch (Exception e)
{
logger.Error(e.Message);
}
}
public static async Task SignPdfFileAsync(String accessToken, String credentialId, String pin, String otp, String inPath, String outPath)
{
try
{
PdfReader reader = new PdfReader(inPath);
PdfSigner signer = new PdfSigner(reader, new FileStream(outPath, FileMode.Create), false);
PdfSignatureAppearance appearance = signer.GetSignatureAppearance()
.SetReason("Reason")
.SetLocation("Romania")
.SetReuseAppearance(false);
Rectangle rect = new Rectangle(36, 648, 200, 100);
appearance.SetPageRect(rect).SetPageNumber(1);
signer.SetFieldName("sig");
IExternalSignature pks = new CSCPAdESSignature(accessToken, credentialId, pin, otp);
X509Certificate [] chain = await CSC_API_Utils.GetCertChainAsync(accessToken, credentialId);
ICrlClient signingCertCrl = new CrlClientOnline(chain);
List <ICrlClient> crlList = new List <ICrlClient>();
crlList.Add(signingCertCrl);
signer.SignDetached(pks, chain, crlList, null, null, 0, PdfSigner.CryptoStandard.CADES);
}
catch (Exception e)
{
}
}
/// <summary>
///
/// </summary>
/// <param name="chain"></param>
/// <returns></returns>
public List <ICrlClient> GetCrlList(ICollection <Org.BouncyCastle.X509.X509Certificate> chain)
{
List <ICrlClient> crlList = new List <ICrlClient>();
ICrlClient crlOnline = new CrlClientOnline(chain);
crlList.Add(crlOnline);
return(crlList);
}
public virtual void CrlClientOnlineURLConstructorTest()
{
String PROTOCOL = "file://";
Uri[] urls = new Uri[] { new Uri(PROTOCOL + destinationFolder + "duplicateFolder"), new Uri(PROTOCOL + destinationFolder
+ "duplicateFolder"), new Uri(PROTOCOL + destinationFolder + "uniqueFolder") };
CrlClientOnline crlClientOnline = new CrlClientOnline(urls);
NUnit.Framework.Assert.IsTrue(crlClientOnline.GetUrlsSize() == 2);
}
public static void Main(String[] args)
{
DirectoryInfo directory = new DirectoryInfo(DEST);
directory.Create();
Properties properties = new Properties();
// Specify the correct path to the certificate
properties.Load(new FileStream("c:/home/blowagie/key.properties", FileMode.Open, FileAccess.Read));
String path = properties.GetProperty("PRIVATE");
char[] pass = properties.GetProperty("PASSWORD").ToCharArray();
Pkcs12Store pk12 = new Pkcs12Store(new FileStream(path, FileMode.Open, FileAccess.Read), pass);
string alias = null;
foreach (var a in pk12.Aliases)
{
alias = ((string)a);
if (pk12.IsKeyEntry(alias))
{
break;
}
}
ICipherParameters pk = pk12.GetKey(alias).Key;
X509CertificateEntry[] ce = pk12.GetCertificateChain(alias);
X509Certificate[] chain = new X509Certificate[ce.Length];
for (int k = 0; k < ce.Length; ++k)
{
chain[k] = ce[k].Certificate;
}
/* Create a CrlClientOnline instance with specified Certificate Revocation List's URL.
* The exact URL for the CRL access point is specific for every CA provider.
* This one is specific for CAcert certificates.
*/
ICrlClient crlClient = new CrlClientOnline("https://crl.cacert.org/revoke.crl");
IList <ICrlClient> crlList = new List <ICrlClient>();
crlList.Add(crlClient);
new C3_04_SignWithCRLOnline().Sign(SRC, DEST + RESULT_FILES[0], chain, pk,
DigestAlgorithms.SHA256, PdfSigner.CryptoStandard.CMS,
"Test", "Ghent", crlList, null, null, 0);
}
/// <summary>
/// Perform LTV
/// </summary>
private void enableLTV()
{
LtvVerification v = this.stamper.LtvVerification;
PdfPKCS7 pkcs7 = this.fields.VerifySignature(this.signatureName);
CrlClientOnline crl = new CrlClientOnline(pkcs7.SignCertificateChain);
if (pkcs7.IsTsp)
{
v.AddVerification(signatureName, null, crl,
LtvVerification.CertificateOption.SIGNING_CERTIFICATE,
LtvVerification.Level.CRL,
LtvVerification.CertificateInclusion.NO);
}
else
{
v.AddVerification(signatureName, null, crl,
LtvVerification.CertificateOption.WHOLE_CHAIN,
LtvVerification.Level.CRL,
LtvVerification.CertificateInclusion.NO);
}
}
public byte[] LTVEnable(byte[] pdf, ITSAClient tsaClient)
{
PdfReader document = new PdfReader(pdf);
MemoryStream stream = new MemoryStream();
string signatureName = "";
PdfStamper pdfStamper = new PdfStamper(document, stream, '0', true);
//PdfStamper pdfStamper = PdfStamper.CreateSignature(document, stream, '\0');
AcroFields fields = pdfStamper.AcroFields;
List <string> _fieldNames = fields.GetSignatureNames();
foreach (string _fieldName in _fieldNames)
{
signatureName = _fieldName;
}
LtvVerification v = pdfStamper.LtvVerification;
PdfPKCS7 pkcs7 = fields.VerifySignature(signatureName);
CrlClientOnline crl = new CrlClientOnline(pkcs7.SignCertificateChain);
if (pkcs7.IsTsp)
{
v.AddVerification(signatureName, null, crl,
LtvVerification.CertificateOption.SIGNING_CERTIFICATE,
LtvVerification.Level.CRL,
LtvVerification.CertificateInclusion.NO);
}
else
{
v.AddVerification(signatureName, null, crl,
LtvVerification.CertificateOption.WHOLE_CHAIN,
LtvVerification.Level.CRL,
LtvVerification.CertificateInclusion.NO);
}
pdfStamper.Close();
//PdfSignatureAppearance sap = pdfStamper.SignatureAppearance;
//LtvTimestamp.Timestamp(sap, tsaClient, null);
return(stream.ToArray());
}
public static void Main(String[] args)
{
LoggerFactory.GetInstance().SetLogger(new SysoLogger());
Properties properties = new Properties();
properties.Load(new FileStream("c:/home/blowagie/key.properties", FileMode.Open));
String path = properties["PRIVATE"];
char[] pass = properties["PASSWORD"].ToCharArray();
Pkcs12Store ks = new Pkcs12Store();
ks.Load(new FileStream(path, FileMode.Open), pass);
String alias = "";
foreach (string al in ks.Aliases)
{
if (ks.IsKeyEntry(al) && ks.GetKey(al).Key.IsPrivate)
{
alias = al;
break;
}
}
AsymmetricKeyParameter pk = ks.GetKey(alias).Key;
ICollection <X509Certificate> chain = new List <X509Certificate>();
foreach (X509CertificateEntry entry in ks.GetCertificateChain(alias))
{
chain.Add(entry.Certificate);
}
ICrlClient crlClient = new CrlClientOnline("https://crl.cacert.org/revoke.crl");
IList <ICrlClient> crlList = new List <ICrlClient>();
crlList.Add(crlClient);
C3_01_SignWithCAcert.Sign(DEST, chain, pk, DigestAlgorithms.SHA256, CryptoStandard.CMS, "Test", "Ghent",
crlList, null, null, 0);
}
private void addVerificationInfo(IOcspClient ocspClient, LtvVerification verification, CrlClientOnline crl, String name)
{
verification.AddVerification(name, ocspClient, crl, LtvVerification.CertificateOption.WHOLE_CHAIN, LtvVerification.Level.OCSP_CRL, LtvVerification.CertificateInclusion.YES);
}
