public void getCRLList() { this.crlList = new List <ICrlClient>(); ICrlClient crlOnline = new CrlClientOnline(this.chain); this.crlList.Add(crlOnline); }
public static async Task SignPdfFile(String accessToken, String credentialId, String pin, String otp, String inPath, String outPath) { try { PdfReader reader = new PdfReader(inPath); PdfSigner signer = new PdfSigner(reader, new FileStream(outPath, FileMode.Create), new StampingProperties()); PdfSignatureAppearance appearance = signer.GetSignatureAppearance() .SetReason("Test semnatura digitala") .SetLocation("Bucuresti, RO") .SetReuseAppearance(false); Rectangle rect = new Rectangle(300, 690, 200, 100); appearance.SetPageRect(rect).SetPageNumber(1); signer.SetFieldName("semnatura iText7"); IExternalSignature pks = new CSCPAdESSignature(accessToken, credentialId, pin, otp); X509Certificate[] chain = await CSC_API_Utils.GetCertChainAsync(accessToken, credentialId); ICrlClient signingCertCrl = new CrlClientOnline(chain); List <ICrlClient> crlList = new List <ICrlClient>(); crlList.Add(signingCertCrl); ITSAClient tsaClient = new TSAClientBouncyCastle("http://timestamp.globalsign.com/scripts/timestamp.dll"); signer.SignDetached(pks, chain, crlList, null, tsaClient, 0, PdfSigner.CryptoStandard.CADES); } catch (Exception e) { logger.Error(e.Message); } }
public static async Task SignPdfFileAsync(String accessToken, String credentialId, String pin, String otp, String inPath, String outPath) { try { PdfReader reader = new PdfReader(inPath); PdfSigner signer = new PdfSigner(reader, new FileStream(outPath, FileMode.Create), false); PdfSignatureAppearance appearance = signer.GetSignatureAppearance() .SetReason("Reason") .SetLocation("Romania") .SetReuseAppearance(false); Rectangle rect = new Rectangle(36, 648, 200, 100); appearance.SetPageRect(rect).SetPageNumber(1); signer.SetFieldName("sig"); IExternalSignature pks = new CSCPAdESSignature(accessToken, credentialId, pin, otp); X509Certificate [] chain = await CSC_API_Utils.GetCertChainAsync(accessToken, credentialId); ICrlClient signingCertCrl = new CrlClientOnline(chain); List <ICrlClient> crlList = new List <ICrlClient>(); crlList.Add(signingCertCrl); signer.SignDetached(pks, chain, crlList, null, null, 0, PdfSigner.CryptoStandard.CADES); } catch (Exception e) { } }
/// <summary> /// /// </summary> /// <param name="chain"></param> /// <returns></returns> public List <ICrlClient> GetCrlList(ICollection <Org.BouncyCastle.X509.X509Certificate> chain) { List <ICrlClient> crlList = new List <ICrlClient>(); ICrlClient crlOnline = new CrlClientOnline(chain); crlList.Add(crlOnline); return(crlList); }
public virtual void CrlClientOnlineURLConstructorTest() { String PROTOCOL = "file://"; Uri[] urls = new Uri[] { new Uri(PROTOCOL + destinationFolder + "duplicateFolder"), new Uri(PROTOCOL + destinationFolder + "duplicateFolder"), new Uri(PROTOCOL + destinationFolder + "uniqueFolder") }; CrlClientOnline crlClientOnline = new CrlClientOnline(urls); NUnit.Framework.Assert.IsTrue(crlClientOnline.GetUrlsSize() == 2); }
public static void Main(String[] args) { DirectoryInfo directory = new DirectoryInfo(DEST); directory.Create(); Properties properties = new Properties(); // Specify the correct path to the certificate properties.Load(new FileStream("c:/home/blowagie/key.properties", FileMode.Open, FileAccess.Read)); String path = properties.GetProperty("PRIVATE"); char[] pass = properties.GetProperty("PASSWORD").ToCharArray(); Pkcs12Store pk12 = new Pkcs12Store(new FileStream(path, FileMode.Open, FileAccess.Read), pass); string alias = null; foreach (var a in pk12.Aliases) { alias = ((string)a); if (pk12.IsKeyEntry(alias)) { break; } } ICipherParameters pk = pk12.GetKey(alias).Key; X509CertificateEntry[] ce = pk12.GetCertificateChain(alias); X509Certificate[] chain = new X509Certificate[ce.Length]; for (int k = 0; k < ce.Length; ++k) { chain[k] = ce[k].Certificate; } /* Create a CrlClientOnline instance with specified Certificate Revocation List's URL. * The exact URL for the CRL access point is specific for every CA provider. * This one is specific for CAcert certificates. */ ICrlClient crlClient = new CrlClientOnline("https://crl.cacert.org/revoke.crl"); IList <ICrlClient> crlList = new List <ICrlClient>(); crlList.Add(crlClient); new C3_04_SignWithCRLOnline().Sign(SRC, DEST + RESULT_FILES[0], chain, pk, DigestAlgorithms.SHA256, PdfSigner.CryptoStandard.CMS, "Test", "Ghent", crlList, null, null, 0); }
/// <summary> /// Perform LTV /// </summary> private void enableLTV() { LtvVerification v = this.stamper.LtvVerification; PdfPKCS7 pkcs7 = this.fields.VerifySignature(this.signatureName); CrlClientOnline crl = new CrlClientOnline(pkcs7.SignCertificateChain); if (pkcs7.IsTsp) { v.AddVerification(signatureName, null, crl, LtvVerification.CertificateOption.SIGNING_CERTIFICATE, LtvVerification.Level.CRL, LtvVerification.CertificateInclusion.NO); } else { v.AddVerification(signatureName, null, crl, LtvVerification.CertificateOption.WHOLE_CHAIN, LtvVerification.Level.CRL, LtvVerification.CertificateInclusion.NO); } }
public byte[] LTVEnable(byte[] pdf, ITSAClient tsaClient) { PdfReader document = new PdfReader(pdf); MemoryStream stream = new MemoryStream(); string signatureName = ""; PdfStamper pdfStamper = new PdfStamper(document, stream, '0', true); //PdfStamper pdfStamper = PdfStamper.CreateSignature(document, stream, '\0'); AcroFields fields = pdfStamper.AcroFields; List <string> _fieldNames = fields.GetSignatureNames(); foreach (string _fieldName in _fieldNames) { signatureName = _fieldName; } LtvVerification v = pdfStamper.LtvVerification; PdfPKCS7 pkcs7 = fields.VerifySignature(signatureName); CrlClientOnline crl = new CrlClientOnline(pkcs7.SignCertificateChain); if (pkcs7.IsTsp) { v.AddVerification(signatureName, null, crl, LtvVerification.CertificateOption.SIGNING_CERTIFICATE, LtvVerification.Level.CRL, LtvVerification.CertificateInclusion.NO); } else { v.AddVerification(signatureName, null, crl, LtvVerification.CertificateOption.WHOLE_CHAIN, LtvVerification.Level.CRL, LtvVerification.CertificateInclusion.NO); } pdfStamper.Close(); //PdfSignatureAppearance sap = pdfStamper.SignatureAppearance; //LtvTimestamp.Timestamp(sap, tsaClient, null); return(stream.ToArray()); }
public static void Main(String[] args) { LoggerFactory.GetInstance().SetLogger(new SysoLogger()); Properties properties = new Properties(); properties.Load(new FileStream("c:/home/blowagie/key.properties", FileMode.Open)); String path = properties["PRIVATE"]; char[] pass = properties["PASSWORD"].ToCharArray(); Pkcs12Store ks = new Pkcs12Store(); ks.Load(new FileStream(path, FileMode.Open), pass); String alias = ""; foreach (string al in ks.Aliases) { if (ks.IsKeyEntry(al) && ks.GetKey(al).Key.IsPrivate) { alias = al; break; } } AsymmetricKeyParameter pk = ks.GetKey(alias).Key; ICollection <X509Certificate> chain = new List <X509Certificate>(); foreach (X509CertificateEntry entry in ks.GetCertificateChain(alias)) { chain.Add(entry.Certificate); } ICrlClient crlClient = new CrlClientOnline("https://crl.cacert.org/revoke.crl"); IList <ICrlClient> crlList = new List <ICrlClient>(); crlList.Add(crlClient); C3_01_SignWithCAcert.Sign(DEST, chain, pk, DigestAlgorithms.SHA256, CryptoStandard.CMS, "Test", "Ghent", crlList, null, null, 0); }
private void addVerificationInfo(IOcspClient ocspClient, LtvVerification verification, CrlClientOnline crl, String name) { verification.AddVerification(name, ocspClient, crl, LtvVerification.CertificateOption.WHOLE_CHAIN, LtvVerification.Level.OCSP_CRL, LtvVerification.CertificateInclusion.YES); }