public void VerifyKeyBased() { KSI.Ksi ksi = GetKsi(); // Read signature, assume to be not extended IKsiSignature signature = LoadUnextendedSignature(); IDataHasher dataHasher = new DataHasher(signature.GetAggregationHashChains()[0].InputHash.Algorithm); dataHasher.AddData(File.ReadAllBytes("Resources/infile.txt")); VerificationPolicy policy = new KeyBasedVerificationPolicy(new X509Store(StoreName.Root), GetCertificateSubjectRdnSelector()); VerificationContext context = new VerificationContext(signature) { DocumentHash = dataHasher.GetHash(), PublicationsFile = ksi.GetPublicationsFile(), }; VerificationResult verificationResult = policy.Verify(context); if (verificationResult.ResultCode == VerificationResultCode.Ok) { Console.WriteLine("VerifyKeyBased > signature valid"); } else { Console.WriteLine("VerifyKeyBased > signature verification failed with error > " + verificationResult.VerificationError); } }
public void SignWithStreamAndLevelTest(Ksi ksi) { IKsiSignature signature; using (MemoryStream stream = new MemoryStream()) { byte[] data = Encoding.UTF8.GetBytes("This is my document"); stream.Write(data, 0, data.Length); stream.Seek(0, SeekOrigin.Begin); signature = ksi.Sign(stream, 3); } Assert.LessOrEqual(3, signature.GetAggregationHashChains()[0].GetChainLinks()[0].LevelCorrection, "Level correction is invalid."); VerificationContext verificationContext = new VerificationContext(signature) { DocumentHash = new DataHash(HashAlgorithm.Sha2256, Base16.Decode("D439459856BEF5ED25772646F73A70A841FC078D3CBBC24AB7F47C464683768D")), PublicationsFile = ksi.GetPublicationsFile() }; KeyBasedVerificationPolicy policy = new KeyBasedVerificationPolicy(); VerificationResult verificationResult = policy.Verify(verificationContext); Assert.AreEqual(VerificationResultCode.Ok, verificationResult.ResultCode, "Signature should verify with key based policy"); }
private static void Verify(Ksi ksi, IKsiSignature signature, DataHash documentHash) { VerificationContext verificationContext = new VerificationContext(signature) { DocumentHash = documentHash, PublicationsFile = ksi.GetPublicationsFile() }; AggregationHashChain.Link firstChainLink = signature.GetAggregationHashChains()[0].GetChainLinks()[0]; if (firstChainLink.Metadata != null && firstChainLink.Metadata.Padding == null) { throw new Exception("Metadata padding is missing."); } KeyBasedVerificationPolicy policy = new KeyBasedVerificationPolicy(); VerificationResult verificationResult = policy.Verify(verificationContext); if (verificationResult.ResultCode != VerificationResultCode.Ok) { Console.WriteLine("Verification result code: " + verificationResult.ResultCode); Console.WriteLine("Verification rule name: " + verificationResult.RuleName); Console.WriteLine("Verification error: " + verificationResult.VerificationError); } Assert.AreEqual(VerificationResultCode.Ok, verificationResult.ResultCode, "Signature should verify with key based policy"); }
private VerificationResult SignHash(Ksi ksi) { DataHash hash = new DataHash(HashAlgorithm.Sha2256, Base16.Decode("9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08")); IKsiSignature signature = ksi.Sign(hash); VerificationContext verificationContext = new VerificationContext(signature) { DocumentHash = hash, PublicationsFile = ksi.GetPublicationsFile() }; KeyBasedVerificationPolicy policy = new KeyBasedVerificationPolicy(); return(policy.Verify(verificationContext)); }
public void HttpSignSm3HashTest(Ksi ksi) { DataHash hash = new DataHash(HashAlgorithm.Sm3, Base16.Decode("9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08")); IKsiSignature signature = ksi.Sign(hash); VerificationContext verificationContext = new VerificationContext(signature) { DocumentHash = hash, PublicationsFile = ksi.GetPublicationsFile() }; KeyBasedVerificationPolicy policy = new KeyBasedVerificationPolicy(); VerificationResult verificationResult = policy.Verify(verificationContext); Assert.AreEqual(VerificationResultCode.Ok, verificationResult.ResultCode, "Signature should verify with key based policy"); }
public void SignByteArrayTest(Ksi ksi) { byte[] data = Encoding.UTF8.GetBytes("This is my document"); IKsiSignature signature = ksi.Sign(data); VerificationContext verificationContext = new VerificationContext(signature) { DocumentHash = new DataHash(HashAlgorithm.Sha2256, Base16.Decode("D439459856BEF5ED25772646F73A70A841FC078D3CBBC24AB7F47C464683768D")), PublicationsFile = ksi.GetPublicationsFile() }; KeyBasedVerificationPolicy policy = new KeyBasedVerificationPolicy(); VerificationResult verificationResult = policy.Verify(verificationContext); Assert.AreEqual(VerificationResultCode.Ok, verificationResult.ResultCode, "Signature should verify with key based policy"); }
public void HttpSignHashWithLevelTest(Ksi ksi) { DataHash documentHash = new DataHash(HashAlgorithm.Sha2256, Base16.Decode("9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08")); IKsiSignature signature = ksi.Sign(documentHash, 3); Assert.LessOrEqual(3, signature.GetAggregationHashChains()[0].GetChainLinks()[0].LevelCorrection, "Level correction is invalid."); VerificationContext verificationContext = new VerificationContext(signature) { DocumentHash = documentHash, PublicationsFile = ksi.GetPublicationsFile() }; KeyBasedVerificationPolicy policy = new KeyBasedVerificationPolicy(); VerificationResult verificationResult = policy.Verify(verificationContext); Assert.AreEqual(VerificationResultCode.Ok, verificationResult.ResultCode, "Signature should verify with key based policy"); }
public void VerifySignedHashWithInvalidHashTest(Ksi ksi) { VerificationResult verificationResult; using (MemoryStream memoryStream = new MemoryStream(Encoding.UTF8.GetBytes("test"))) { IDataHasher dataHasher = CryptoTestFactory.CreateDataHasher(HashAlgorithm.Sha2256); dataHasher.AddData(memoryStream); IKsiSignature signature = ksi.Sign(dataHasher.GetHash()); VerificationContext verificationContext = new VerificationContext(signature) { DocumentHash = new DataHash(HashAlgorithm.Sha2256, Base16.Decode("1f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08")), PublicationsFile = ksi.GetPublicationsFile() }; KeyBasedVerificationPolicy policy = new KeyBasedVerificationPolicy(); verificationResult = policy.Verify(verificationContext); } Assert.AreEqual(VerificationResultCode.Fail, verificationResult.ResultCode, "Invalid hash should not verify with key based policy"); Assert.AreEqual(VerificationError.Gen01, verificationResult.VerificationError); }