IDataUnsealer CreateFromTimemarkAuthority(Level level, ITimemarkProvider timemarkauthority, EHealthP12[] p12s, WebKey[] ownWebKeys) { X509Certificate2Collection encCerts; X509Certificate2Collection allCerts; Extract(p12s, out encCerts, out allCerts); return(CreateFromTimemarkAuthority(level, timemarkauthority, encCerts, allCerts, ownWebKeys)); }
internal TripleUnwrapper(Level? level, ITimemarkProvider timemarkauthority, X509Certificate2Collection encCerts) { if (level == Level.L_Level || level == Level.A_level ) throw new ArgumentException("level", "Only null or levels B, T, LT and LTA are allowed"); this.level = level; this.timemarkauthority = timemarkauthority; //Wrap it inside a IX509Store to (incorrectly) returns an windows x509Certificate2 encCertStore = encCerts == null || encCerts.Count == 0 ? null : new WinX509CollectionStore(encCerts); }
IDataVerifier CreateFromTimemarkAuthority(Level level, ITimemarkProvider timemarkAuthority) { if ((level & Level.T_Level) != Level.T_Level) { throw new ArgumentException("This method should for a level that requires time marking"); } return(new TripleUnwrapper( #if !NETFRAMEWORK _loggerFactory, #endif level, timemarkAuthority, null, null, null)); }
IDataUnsealer CreateFromTimemarkAuthority(Level level, ITimemarkProvider timemarkauthority, X509Certificate2Collection encCerts, X509Certificate2Collection authCertChains, params WebKey[] ownWebKeys) { if ((level & Level.T_Level) != Level.T_Level) { throw new ArgumentException("This method should for a level that requires time marking"); } if (timemarkauthority == null) { throw new ArgumentNullException("time-mark authority", "This method requires an time-mark authority specified"); } return(new TripleUnwrapper( #if !NETFRAMEWORK _loggerFactory, #endif level, timemarkauthority, encCerts, ToStore(authCertChains), ownWebKeys)); }
IDataUnsealer CreateFromTimemarkAuthority(Level level, ITimemarkProvider timemarkauthority, params EHealthP12[] p12s) { return(CreateFromTimemarkAuthority(level, timemarkauthority, p12s, null)); }
public SignatureSecurityInformation Verify(Stream sealedData, DateTime date, out TimemarkKey timemarkKey) { ITimemarkProvider provider = this.timemarkauthority; try { trace.TraceEvent(TraceEventType.Information, 0, "Presetting the time-mark to: {0}", date); this.timemarkauthority = new FixedTimemarkProvider(date); return Verify(sealedData, out timemarkKey); } finally { this.timemarkauthority = provider; } }
public static IDataUnsealer CreateFromTimemarkAuthority(Level level, ITimemarkProvider timemarkauthority, params EHealthP12[] p12s) { return CreateFromTimemarkAuthority(level, timemarkauthority, p12s.ToCollection()); }
/// <summary> /// Creates an instance of the <see cref="IDataUnsealer"/> interface to unseal messages that where obtained from a time-mark authority. /// </summary> /// <remarks> /// <para> /// Can be used to unseal messages of LT-Level and TLA-Level that where obtained from a time-mark authority. This time-mark authority can /// be centrals stores like ehBox but can also be internal stores that are considered secure and don't allow messages to be altered in any way. /// </para> /// <para> /// The provided decryption certificates aren't checked and should include expired certificates /// in order to unseal historical messages. It may even include revoked certificates, this that /// doesn't mean the message that is sealed with it is invalid, just that it isn't confidential any more. /// </para> /// <para> /// In case the message does contain a time-stamp, it will be used and the time-mark authority will be ignored. /// </para> /// </remarks> /// <param name="encCerts">Own (eHealth issued) certificates with private key that can be used to decrypt, they must have an <strong>exportable</strong> private key</param> /// <param name="level">The required level of the sender signatures, either T-Level, LT-Level or LTA-Level</param> /// <param name="timemarkauthority">The client of the time-mark authority</param> /// <returns>Instance of the IDataUnsealer for messages of the specified a time-mark authority</returns> public static IDataUnsealer CreateFromTimemarkAuthority(Level level, ITimemarkProvider timemarkauthority, X509Certificate2Collection encCerts) { if ((level & Level.T_Level) != Level.T_Level) throw new ArgumentException("This method should for a level that requires time marking"); if (timemarkauthority == null) throw new ArgumentNullException("time-mark authority", "This method requires an time-mark authority specified"); return new TripleUnwrapper(level, timemarkauthority, encCerts); }
/// <summary> /// Creates an instance of the <see cref="ITmaDataVerifier"/> interface to verify messages retrieved from a time-mark authority. /// </summary> /// <remarks> /// For usage with messages that come from a time-mark authority (e.g. ehBox). In case the message contains an embedded time-stamp, /// it takes precedence and the time mark authority isn't used. /// </remarks> /// <param name="level">The level to which a message must conform to: T, LT or LTA level</param> /// <param name="timemarkAuthority">The client of the time-mark authority used to retrieve the time-mark during verification</param> /// <returns>The completer of the required level that will verify the message with the provided time-mark authority</returns> public static IDataVerifier CreateFromTimemarkAuthority(Level level, ITimemarkProvider timemarkAuthority) { if ((level & Level.T_Level) != Level.T_Level) throw new ArgumentException("This method should for a level that requires time marking"); return new TripleUnwrapper(level, timemarkAuthority, new X509Certificate2Collection()); }