public TimestampVerificationResult(TimestampToken token) { if (token != null && token.GetTimeStamp() != null) { var signers = token.GetTimeStamp().ToCmsSignedData().GetSignerInfos().GetSigners().GetEnumerator(); signers.MoveNext(); signatureAlgorithm = ((SignerInformation)signers.Current).EncryptionAlgOid; serialNumber = token.GetTimeStamp().TimeStampInfo.SerialNumber.ToString(); creationTime = token.GetTimeStamp().TimeStampInfo.GenTime; issuerName = token.GetSignerSubjectName().ToString(); } }
/// <summary> /// Validate the timestamp /// </summary> public virtual void ValidateTimestamp(TimestampToken timestamp, ICertificateSource optionalSource, ICrlSource optionalCRLSource, IOcspSource optionalOCPSSource, IList <CertificateAndContext> usedCerts) { if (timestamp is null) { throw new ArgumentNullException(nameof(timestamp)); } AddNotYetVerifiedToken(timestamp); Validate( timestamp.GetTimeStamp().TimeStampInfo.GenTime, new CompositeCertificateSource(timestamp.GetWrappedCertificateSource(), optionalSource), optionalCRLSource, optionalOCPSSource, usedCerts); }
private void CheckTimeStampCertPath(TimestampToken t, TimestampVerificationResult result, IValidationContext ctx, IAdvancedSignature signature) { try { result.CertPathUpToTrustedList.SetStatus(ResultStatus.INVALID, "$UI_Signatures_ValidationText_CannotReachTSL"); ctx.ValidateTimestamp(t, signature.CertificateSource, signature.CRLSource, signature.OCSPSource, result.UsedCerts); var tsSignerSubjectName = t.GetSignerSubjectName(); foreach (CertificateAndContext c in ctx.NeededCertificates) { if (c.Certificate.SubjectDN.Equals(tsSignerSubjectName)) { if (ctx.GetParentFromTrustedList(c) != null) { result.CertPathUpToTrustedList.SetStatus(ResultStatus.VALID, null); break; } } } } catch (IOException) { result.CertPathUpToTrustedList.SetStatus(ResultStatus.UNDETERMINED, "$UI_Signatures_ValidationText_ExceptionWhileVerifying"); } }
protected internal virtual SignatureLevelX VerifyLevelX(IAdvancedSignature signature, DateTime referenceTime, IValidationContext ctx) { if (signature is null) { throw new ArgumentNullException(nameof(signature)); } try { SignatureValidationResult levelReached = new SignatureValidationResult(); levelReached.SetStatus(ResultStatus.VALID, null); TimestampVerificationResult[] x1Results = null; TimestampVerificationResult[] x2Results = null; IList <TimestampToken> timestampX1 = signature.TimestampsX1; if (timestampX1 != null && timestampX1.Any()) { byte[] data = signature.TimestampX1Data; x1Results = new TimestampVerificationResult[timestampX1.Count]; for (int i = 0; i < timestampX1.Count; i++) { TimestampToken t = timestampX1[i]; x1Results[i] = new TimestampVerificationResult(t); if (!t.MatchData(data)) { levelReached.SetStatus(ResultStatus.INVALID, "$UI_Signatures_ValidationText_TimestampDontSignData"); x1Results[i].SetSameDigest(new SignatureValidationResult(ResultStatus.INVALID, "$UI_Signatures_ValidationText_TimestampDontSignData")); } else { x1Results[i].SetSameDigest(new SignatureValidationResult(ResultStatus.VALID, null)); } CheckTimeStampCertPath(t, x1Results[i], ctx, signature); } } IList <TimestampToken> timestampX2 = signature.TimestampsX2; if (timestampX2 != null && timestampX2.Any()) { byte[] data = signature.TimestampX2Data; x2Results = new TimestampVerificationResult[timestampX2.Count]; int i = 0; foreach (TimestampToken t in timestampX2) { x2Results[i] = new TimestampVerificationResult(t); if (!t.MatchData(data)) { levelReached.SetStatus(ResultStatus.INVALID, "$UI_Signatures_ValidationText_TimestampDontSignData"); x2Results[i].SetSameDigest(new SignatureValidationResult(ResultStatus.INVALID, "$UI_Signatures_ValidationText_TimestampDontSignData")); } else { x2Results[i].SetSameDigest(new SignatureValidationResult(ResultStatus.VALID, null)); } CheckTimeStampCertPath(t, x2Results[i], ctx, signature); } } if ((timestampX1 == null || !timestampX1.Any()) && (timestampX2 == null || !timestampX2.Any())) { levelReached.SetStatus(ResultStatus.INVALID, "$UI_Signatures_ValidationText_NoTimestamp"); } return(new SignatureLevelX(signature, levelReached, x1Results, x2Results)); } catch (Exception) { return(new SignatureLevelX(signature, new SignatureValidationResult(ResultStatus.INVALID, "$UI_Signatures_ValidationText_ExceptionWhileVerifying"))); } }