public void TestSubsequentMessage()
{
RsaKeyPairGenerator rsaKeyPairGenerator = new RsaKeyPairGenerator();
rsaKeyPairGenerator.Init(new RsaKeyGenerationParameters(BigInteger.ValueOf(65537), new SecureRandom(), 2048, 100));
AsymmetricCipherKeyPair rsaKeyPair = rsaKeyPairGenerator.GenerateKeyPair();
TestCertBuilder builder = new TestCertBuilder();
builder.NotBefore = DateTime.UtcNow.AddDays(-1);
builder.NotAfter = DateTime.UtcNow.AddDays(1);
builder.PublicKey = rsaKeyPair.Public;
builder.SignatureAlgorithm = "Sha1WithRSAEncryption";
X509Certificate cert = builder.Build(rsaKeyPair.Private);
GeneralName user = new GeneralName(new X509Name("CN=Test"));
CertificateRequestMessageBuilder crmBuiler = new CertificateRequestMessageBuilder(BigInteger.One)
.SetPublicKey(SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(rsaKeyPair.Public))
.SetProofOfPossessionSubsequentMessage(SubsequentMessage.encrCert);
ISignatureFactory sigFact = new Asn1SignatureFactory("SHA256WithRSA", rsaKeyPair.Private);
ProtectedPkiMessage certRequestMsg = new ProtectedPkiMessageBuilder(user, user)
.SetTransactionId(new byte[] { 1, 2, 3, 4, 5 })
.SetBody(new PkiBody(PkiBody.TYPE_KEY_RECOVERY_REQ, new CertReqMessages(new CertReqMsg[] { crmBuiler.Build().ToAsn1Structure() })))
.AddCmpCertificate(cert)
.Build(sigFact);
ProtectedPkiMessage msg = new ProtectedPkiMessage(new GeneralPkiMessage(certRequestMsg.ToAsn1Message().GetDerEncoded()));
CertReqMessages reqMsgs = CertReqMessages.GetInstance(msg.Body.Content);
CertReqMsg reqMsg = reqMsgs.ToCertReqMsgArray()[0];
IsEquals(ProofOfPossession.TYPE_KEY_ENCIPHERMENT, reqMsg.Popo.Type);
}
public virtual CertReqMsg[] ToCertReqMsgArray()
{
CertReqMsg[] array = new CertReqMsg[content.Count];
for (int i = 0; i != array.Length; i++)
{
array[i] = CertReqMsg.GetInstance(content[i]);
}
return(array);
}
public CertificateRequestMessage(CertReqMsg certReqMsg)
{
this.certReqMsg = certReqMsg;
this.controls = certReqMsg.CertReq.Controls;
}
/// <summary>
/// Create a CertificateRequestMessage from the passed in bytes.
/// </summary>
/// <param name="encoded">BER/DER encoding of the CertReqMsg structure.</param>
public CertificateRequestMessage(byte[] encoded)
: this(CertReqMsg.GetInstance(encoded))
{
}
private static CertReqMsg ParseBytes(byte[] encoding)
{
return(CertReqMsg.GetInstance(encoding));
}
public CertificateRequestMessage Build()
{
Asn1EncodableVector v = new Asn1EncodableVector();
v.Add(new DerInteger(this._certReqId));
if (!this._extGenerator.IsEmpty)
{
this._templateBuilder.SetExtensions(_extGenerator.Generate());
}
v.Add(_templateBuilder.Build());
if (_controls.Count > 0)
{
Asn1EncodableVector controlV = new Asn1EncodableVector();
foreach (Object item in _controls)
{
IControl control = (IControl)item;
controlV.Add(new AttributeTypeAndValue(control.Type, control.Value));
}
v.Add(new DerSequence(controlV));
}
CertRequest request = CertRequest.GetInstance(new DerSequence(v));
v = new Asn1EncodableVector();
v.Add(request);
if (_popSigner != null)
{
CertTemplate template = request.CertTemplate;
if (template.Subject == null || template.PublicKey == null)
{
SubjectPublicKeyInfo pubKeyInfo = request.CertTemplate.PublicKey;
ProofOfPossessionSigningKeyBuilder builder = new ProofOfPossessionSigningKeyBuilder(pubKeyInfo);
if (_sender != null)
{
builder.setSender(_sender);
}
else
{
// PkMa pkmacGenerator = new PKMACValueGenerator(_pkmacBuilder);
builder.setPublicKeyMac(_pkMacBuilder, _password);
}
v.Add(new ProofOfPossession(builder.build(_popSigner)));
}
else
{
ProofOfPossessionSigningKeyBuilder builder = new ProofOfPossessionSigningKeyBuilder(request);
v.Add(new ProofOfPossession(builder.build(_popSigner)));
}
}
else if (_popoPrivKey != null)
{
v.Add(new ProofOfPossession(_popoType, _popoPrivKey));
}
else if (_agreeMac != null)
{
v.Add(new ProofOfPossession(ProofOfPossession.TYPE_KEY_AGREEMENT,
PopoPrivKey.GetInstance(new DerTaggedObject(false, PopoPrivKey.agreeMAC, _agreeMac), true)));
}
else if (_popRaVerified != null)
{
v.Add(new ProofOfPossession());
}
return(new CertificateRequestMessage(CertReqMsg.GetInstance(new DerSequence(v))));
}
