Beispiel #1
0
        /**
         * Replace the certificate and CRL information associated with this
         * CMSSignedData object with the new one passed in.
         * <p>
         * The output stream is returned unclosed.
         * </p>
         * @param original the signed data stream to be used as a base.
         * @param certsAndCrls the new certificates and CRLs to be used.
         * @param out the stream to Write the new signed data object to.
         * @return out.
         * @exception CmsException if there is an error processing the CertStore
         */
        public static Stream ReplaceCertificatesAndCrls(
            Stream original,
            IX509Store x509Certs,
            IX509Store x509Crls,
            IX509Store x509AttrCerts,
            Stream outStr)
        {
            // NB: SecureRandom would be ignored since using existing signatures only
            CmsSignedDataStreamGenerator gen    = new CmsSignedDataStreamGenerator();
            CmsSignedDataParser          parser = new CmsSignedDataParser(original);

            gen.AddDigests(parser.DigestOids);

            CmsTypedStream signedContent = parser.GetSignedContent();
            bool           encapsulate   = (signedContent != null);
            Stream         contentOut    = gen.Open(outStr, parser.SignedContentType.Id, encapsulate);

            if (encapsulate)
            {
                Streams.PipeAll(signedContent.ContentStream, contentOut);
            }

//			gen.AddAttributeCertificates(parser.GetAttributeCertificates("Collection"));
//			gen.AddCertificates(parser.GetCertificates("Collection"));
//			gen.AddCrls(parser.GetCrls("Collection"));
            if (x509AttrCerts != null)
            {
                gen.AddAttributeCertificates(x509AttrCerts);
            }
            if (x509Certs != null)
            {
                gen.AddCertificates(x509Certs);
            }
            if (x509Crls != null)
            {
                gen.AddCrls(x509Crls);
            }

            gen.AddSigners(parser.GetSignerInfos());

            BestHTTP.SecureProtocol.Org.BouncyCastle.Utilities.Platform.Dispose(contentOut);

            return(outStr);
        }