public CertificateConfirmationContent Build()
        {
            Asn1EncodableVector v = new Asn1EncodableVector();

            for (int i = 0; i != acceptedCerts.Count; i++)
            {
                X509Certificate cert  = (X509Certificate)acceptedCerts[i];
                BigInteger      reqId = (BigInteger)acceptedReqIds[i];



                AlgorithmIdentifier algorithmIdentifier = sigAlgFinder.Find(cert.SigAlgName);

                AlgorithmIdentifier digAlg = digestAlgFinder.find(algorithmIdentifier);
                if (digAlg == null)
                {
                    throw new CmpException("cannot find algorithm for digest from signature");
                }

                DigestSink sink = new DigestSink(DigestUtilities.GetDigest(digAlg.Algorithm));

                sink.Write(cert.GetEncoded());

                byte[] dig = new byte[sink.Digest.GetDigestSize()];
                sink.Digest.DoFinal(dig, 0);

                v.Add(new CertStatus(dig, reqId));
            }

            return(new CertificateConfirmationContent(CertConfirmContent.GetInstance(new DerSequence(v)),
                                                      digestAlgFinder));
        }
        public CertificateConfirmationContent Build()
        {
            Asn1EncodableVector v = new Asn1EncodableVector();

            for (int i = 0; i != acceptedCerts.Count; i++)
            {
                X509Certificate cert  = (X509Certificate)acceptedCerts[i];
                BigInteger      reqId = (BigInteger)acceptedReqIds[i];


                AlgorithmIdentifier algorithmIdentifier = sigAlgFinder.Find(cert.SigAlgName);

                AlgorithmIdentifier digAlg = digestAlgFinder.find(algorithmIdentifier);
                if (null == digAlg)
                {
                    throw new CmpException("cannot find algorithm for digest from signature");
                }

                byte[] digest = DigestUtilities.CalculateDigest(digAlg.Algorithm, cert.GetEncoded());

                v.Add(new CertStatus(digest, reqId));
            }

            return(new CertificateConfirmationContent(CertConfirmContent.GetInstance(new DerSequence(v)),
                                                      digestAlgFinder));
        }
        public void TestConfirmationMessage()
        {
            RsaKeyPairGenerator rsaKeyPairGenerator = new RsaKeyPairGenerator();

            rsaKeyPairGenerator.Init(new RsaKeyGenerationParameters(BigInteger.ValueOf(65537), new SecureRandom(), 2048, 100));
            AsymmetricCipherKeyPair rsaKeyPair = rsaKeyPairGenerator.GenerateKeyPair();

            TestCertBuilder builder = new TestCertBuilder()
            {
                NotBefore          = DateTime.UtcNow.AddDays(-1),
                NotAfter           = DateTime.UtcNow.AddDays(1),
                PublicKey          = rsaKeyPair.Public,
                SignatureAlgorithm = "Sha1WithRSAEncryption"
            };

            builder.AddAttribute(X509Name.C, "Foo");
            X509Certificate cert = builder.Build(rsaKeyPair.Private);

            GeneralName sender    = new GeneralName(new X509Name("CN=Sender"));
            GeneralName recipient = new GeneralName(new X509Name("CN=Recip"));

            CertificateConfirmationContent content = new CertificateConfirmationContentBuilder()
                                                     .AddAcceptedCertificate(cert, BigInteger.One)
                                                     .Build();

            ProtectedPkiMessageBuilder msgBuilder = new ProtectedPkiMessageBuilder(sender, recipient);

            msgBuilder.SetBody(new PkiBody(PkiBody.TYPE_CERT_CONFIRM, content.ToAsn1Structure()));
            msgBuilder.AddCmpCertificate(cert);

            ISignatureFactory   sigFact = new Asn1SignatureFactory("MD5WithRSA", rsaKeyPair.Private);
            ProtectedPkiMessage msg     = msgBuilder.Build(sigFact);

            IVerifierFactory verifierFactory = new Asn1VerifierFactory("MD5WithRSA", rsaKeyPair.Public);

            IsTrue("PKIMessage must verify (MD5withRSA)", msg.Verify(verifierFactory));

            IsEquals(sender, msg.Header.Sender);
            IsEquals(recipient, msg.Header.Recipient);

            content = new CertificateConfirmationContent(CertConfirmContent.GetInstance(msg.Body.Content), new DefaultDigestAlgorithmIdentifierFinder());
            CertificateStatus[] statusList = content.GetStatusMessages();
            IsEquals(1, statusList.Length);
            IsTrue(statusList[0].IsVerified(cert));
        }
    private static Asn1Encodable GetBodyForType(int type, Asn1Encodable o)
    {
        switch (type)
        {
        case 0:
            return(CertReqMessages.GetInstance(o));

        case 1:
            return(CertRepMessage.GetInstance(o));

        case 2:
            return(CertReqMessages.GetInstance(o));

        case 3:
            return(CertRepMessage.GetInstance(o));

        case 4:
            return(CertificationRequest.GetInstance(o));

        case 5:
            return(PopoDecKeyChallContent.GetInstance(o));

        case 6:
            return(PopoDecKeyRespContent.GetInstance(o));

        case 7:
            return(CertReqMessages.GetInstance(o));

        case 8:
            return(CertRepMessage.GetInstance(o));

        case 9:
            return(CertReqMessages.GetInstance(o));

        case 10:
            return(KeyRecRepContent.GetInstance(o));

        case 11:
            return(RevReqContent.GetInstance(o));

        case 12:
            return(RevRepContent.GetInstance(o));

        case 13:
            return(CertReqMessages.GetInstance(o));

        case 14:
            return(CertRepMessage.GetInstance(o));

        case 15:
            return(CAKeyUpdAnnContent.GetInstance(o));

        case 16:
            return(CmpCertificate.GetInstance(o));

        case 17:
            return(RevAnnContent.GetInstance(o));

        case 18:
            return(CrlAnnContent.GetInstance(o));

        case 19:
            return(PkiConfirmContent.GetInstance(o));

        case 20:
            return(PkiMessages.GetInstance(o));

        case 21:
            return(GenMsgContent.GetInstance(o));

        case 22:
            return(GenRepContent.GetInstance(o));

        case 23:
            return(ErrorMsgContent.GetInstance(o));

        case 24:
            return(CertConfirmContent.GetInstance(o));

        case 25:
            return(PollReqContent.GetInstance(o));

        case 26:
            return(PollRepContent.GetInstance(o));

        default:
            throw new ArgumentException("unknown tag number: " + type, "type");
        }
    }