private void InternalValidateSignature(Federation.Federation federation, ICredentialVault vault, bool checkTrust = true) { if (AuthenticationLevel.Level < AuthenticationLevel.VocesTrustedSystem.Level) { throw new ModelException("AuthenticationLevel does not support signature"); } if (Xassertion == null) { throw new ModelException("Assertion not initialized"); } if (!SealUtilities.CheckAssertionSignature(Xassertion)) { throw new ModelException("IDCard is not signed!"); } if (ConfigurationManager.AppSettings.AllKeys.Contains("CheckTrust")) { checkTrust = ConfigurationManager.AppSettings["CheckTrust"].ToLower().Equals("true"); } if (checkTrust) { var checkCrl = true; if (ConfigurationManager.AppSettings.AllKeys.Contains("CheckCrl")) { checkCrl = ConfigurationManager.AppSettings["CheckCrl"].ToLower().Equals("true"); } //Check that Signature is in credentialVault and that no certificate in chain is revoked if (!SignatureUtil.Validate(Xassertion, federation, vault, checkTrust, checkCrl)) { throw new ModelException("Signature on IdCard could not be validated"); } } }
public void ValidateSignatureAndTrust(Federation.Federation federation) { InternalValidateSignature(federation, null); }