public SignerInfo(Asn1Sequence seq)
{
IEnumerator enumerator = seq.GetEnumerator();
enumerator.MoveNext();
this.version = (DerInteger)enumerator.Current;
enumerator.MoveNext();
this.sid = SignerIdentifier.GetInstance(enumerator.Current);
enumerator.MoveNext();
this.digAlgorithm = AlgorithmIdentifier.GetInstance(enumerator.Current);
enumerator.MoveNext();
object current = enumerator.Current;
if (current is Asn1TaggedObject)
{
this.authenticatedAttributes = Asn1Set.GetInstance((Asn1TaggedObject)current, false);
enumerator.MoveNext();
this.digEncryptionAlgorithm = AlgorithmIdentifier.GetInstance(enumerator.Current);
}
else
{
this.authenticatedAttributes = null;
this.digEncryptionAlgorithm = AlgorithmIdentifier.GetInstance(current);
}
enumerator.MoveNext();
this.encryptedDigest = Asn1OctetString.GetInstance(enumerator.Current);
if (enumerator.MoveNext())
{
this.unauthenticatedAttributes = Asn1Set.GetInstance((Asn1TaggedObject)enumerator.Current, false);
return;
}
this.unauthenticatedAttributes = null;
}
internal SignerInfoGeneratorImpl(
CmsSignedDataStreamGenerator outer,
AsymmetricKeyParameter key,
SignerIdentifier signerIdentifier,
string digestOID,
string encOID,
CmsAttributeTableGenerator sAttr,
CmsAttributeTableGenerator unsAttr)
{
this.outer = outer;
_signerIdentifier = signerIdentifier;
_digestOID = digestOID;
_encOID = encOID;
_sAttr = sAttr;
_unsAttr = unsAttr;
_encName = Helper.GetEncryptionAlgName(_encOID);
string digestName = Helper.GetDigestAlgName(_digestOID);
string signatureName = digestName + "with" + _encName;
if (_sAttr != null)
{
_sig = Helper.GetSignatureInstance(signatureName);
}
else
{
// Note: Need to use raw signatures here since we have already calculated the digest
if (_encName.Equals("RSA"))
{
_sig = Helper.GetSignatureInstance("RSA");
}
else if (_encName.Equals("DSA"))
{
_sig = Helper.GetSignatureInstance("NONEwithDSA");
}
// TODO Add support for raw PSS
// else if (_encName.equals("RSAandMGF1"))
// {
// _sig = CMSSignedHelper.INSTANCE.getSignatureInstance("NONEWITHRSAPSS", _sigProvider);
// try
// {
// // Init the params this way to avoid having a 'raw' version of each PSS algorithm
// Signature sig2 = CMSSignedHelper.INSTANCE.getSignatureInstance(signatureName, _sigProvider);
// PSSParameterSpec spec = (PSSParameterSpec)sig2.getParameters().getParameterSpec(PSSParameterSpec.class);
// _sig.setParameter(spec);
// }
// catch (Exception e)
// {
// throw new SignatureException("algorithm: " + _encName + " could not be configured.");
// }
// }
else
{
throw new SignatureException("algorithm: " + _encName + " not supported in base signatures.");
}
}
_sig.Init(true, new ParametersWithRandom(key, outer.rand));
}
public SignerInfo(Asn1Sequence seq)
{
global::System.Collections.IEnumerator enumerator = seq.GetEnumerator();
enumerator.MoveNext();
version = (DerInteger)enumerator.get_Current();
enumerator.MoveNext();
sid = SignerIdentifier.GetInstance(enumerator.get_Current());
enumerator.MoveNext();
digAlgorithm = AlgorithmIdentifier.GetInstance(enumerator.get_Current());
enumerator.MoveNext();
object current = enumerator.get_Current();
if (current is Asn1TaggedObject)
{
authenticatedAttributes = Asn1Set.GetInstance((Asn1TaggedObject)current, explicitly: false);
enumerator.MoveNext();
digEncryptionAlgorithm = AlgorithmIdentifier.GetInstance(enumerator.get_Current());
}
else
{
authenticatedAttributes = null;
digEncryptionAlgorithm = AlgorithmIdentifier.GetInstance(current);
}
enumerator.MoveNext();
encryptedDigest = Asn1OctetString.GetInstance(enumerator.get_Current());
if (enumerator.MoveNext())
{
unauthenticatedAttributes = Asn1Set.GetInstance((Asn1TaggedObject)enumerator.get_Current(), explicitly: false);
}
else
{
unauthenticatedAttributes = null;
}
}
internal SignerInfoGenerator(SignerIdentifier sigId, ISignatureCalculator contentSigner, CmsAttributeTableGenerator signedGen, CmsAttributeTableGenerator unsignedGen)
{
this.sigId = sigId;
this.contentSigner = contentSigner;
this.signedGen = signedGen;
this.unsignedGen = unsignedGen;
this.isDirectSignature = false;
}
public SignerInfo(SignerIdentifier sid, AlgorithmIdentifier digAlgorithm, Asn1Set authenticatedAttributes, AlgorithmIdentifier digEncryptionAlgorithm, Asn1OctetString encryptedDigest, Asn1Set unauthenticatedAttributes)
{
this.version = new DerInteger(sid.IsTagged ? 3 : 1);
this.sid = sid;
this.digAlgorithm = digAlgorithm;
this.authenticatedAttributes = authenticatedAttributes;
this.digEncryptionAlgorithm = digEncryptionAlgorithm;
this.encryptedDigest = encryptedDigest;
this.unauthenticatedAttributes = unauthenticatedAttributes;
}
public SignerInfo(SignerIdentifier sid, AlgorithmIdentifier digAlgorithm, Attributes authenticatedAttributes, AlgorithmIdentifier digEncryptionAlgorithm, Asn1OctetString encryptedDigest, Attributes unauthenticatedAttributes)
{
version = new DerInteger((!sid.IsTagged) ? 1 : 3);
this.sid = sid;
this.digAlgorithm = digAlgorithm;
this.authenticatedAttributes = Asn1Set.GetInstance(authenticatedAttributes);
this.digEncryptionAlgorithm = digEncryptionAlgorithm;
this.encryptedDigest = encryptedDigest;
this.unauthenticatedAttributes = Asn1Set.GetInstance(unauthenticatedAttributes);
}
internal SignerInfoGenerator(SignerIdentifier sigId, ISignatureCalculator contentSigner, bool isDirectSignature)
{
this.sigId = sigId;
this.contentSigner = contentSigner;
this.isDirectSignature = isDirectSignature;
if (this.isDirectSignature)
{
this.signedGen = null;
this.unsignedGen = null;
}
else
{
this.signedGen = new DefaultSignedAttributeTableGenerator();
this.unsignedGen = null;
}
}
public SignerInfo(
SignerIdentifier sid,
AlgorithmIdentifier digAlgorithm,
Attributes authenticatedAttributes,
AlgorithmIdentifier digEncryptionAlgorithm,
Asn1OctetString encryptedDigest,
Attributes unauthenticatedAttributes)
{
this.version = new DerInteger(sid.IsTagged ? 3 : 1);
this.sid = sid;
this.digAlgorithm = digAlgorithm;
this.authenticatedAttributes = Asn1Set.GetInstance(authenticatedAttributes);
this.digEncryptionAlgorithm = digEncryptionAlgorithm;
this.encryptedDigest = encryptedDigest;
this.unauthenticatedAttributes = Asn1Set.GetInstance(unauthenticatedAttributes);
}
internal SignerInf(
CmsSignedGenerator outer,
ISignatureFactory sigCalc,
SignerIdentifier signerIdentifier,
CmsAttributeTableGenerator sAttr,
CmsAttributeTableGenerator unsAttr,
Asn1.Cms.AttributeTable baseSignedTable)
{
this.outer = outer;
this.sigCalc = sigCalc;
this.signerIdentifier = signerIdentifier;
this.digestOID = new DefaultDigestAlgorithmIdentifierFinder().find((AlgorithmIdentifier)sigCalc.AlgorithmDetails).Algorithm.Id;
this.encOID = ((AlgorithmIdentifier)sigCalc.AlgorithmDetails).Algorithm.Id;
this.sAttr = sAttr;
this.unsAttr = unsAttr;
this.baseSignedTable = baseSignedTable;
}
internal SignerInf(
CmsSignedGenerator outer,
AsymmetricKeyParameter key,
SignerIdentifier signerIdentifier,
string digestOID,
string encOID,
CmsAttributeTableGenerator sAttr,
CmsAttributeTableGenerator unsAttr,
Asn1.Cms.AttributeTable baseSignedTable)
{
this.outer = outer;
this.key = key;
this.signerIdentifier = signerIdentifier;
this.digestOID = digestOID;
this.encOID = encOID;
this.sAttr = sAttr;
this.unsAttr = unsAttr;
this.baseSignedTable = baseSignedTable;
}
public SignerInfo(
Asn1Sequence seq)
{
IEnumerator e = seq.GetEnumerator();
e.MoveNext();
version = (DerInteger)e.Current;
e.MoveNext();
sid = SignerIdentifier.GetInstance(e.Current);
e.MoveNext();
digAlgorithm = AlgorithmIdentifier.GetInstance(e.Current);
e.MoveNext();
object obj = e.Current;
if (obj is Asn1TaggedObject)
{
authenticatedAttributes = Asn1Set.GetInstance((Asn1TaggedObject)obj, false);
e.MoveNext();
digEncryptionAlgorithm = AlgorithmIdentifier.GetInstance(e.Current);
}
else
{
authenticatedAttributes = null;
digEncryptionAlgorithm = AlgorithmIdentifier.GetInstance(obj);
}
e.MoveNext();
encryptedDigest = DerOctetString.GetInstance(e.Current);
if (e.MoveNext())
{
unauthenticatedAttributes = Asn1Set.GetInstance((Asn1TaggedObject)e.Current, false);
}
else
{
unauthenticatedAttributes = null;
}
}
public SignerInfo(
Asn1Sequence seq)
{
IEnumerator e = seq.GetEnumerator();
e.MoveNext();
version = (DerInteger) e.Current;
e.MoveNext();
sid = SignerIdentifier.GetInstance(e.Current);
e.MoveNext();
digAlgorithm = AlgorithmIdentifier.GetInstance(e.Current);
e.MoveNext();
object obj = e.Current;
if (obj is Asn1TaggedObject)
{
authenticatedAttributes = Asn1Set.GetInstance((Asn1TaggedObject) obj, false);
e.MoveNext();
digEncryptionAlgorithm = AlgorithmIdentifier.GetInstance(e.Current);
}
else
{
authenticatedAttributes = null;
digEncryptionAlgorithm = AlgorithmIdentifier.GetInstance(obj);
}
e.MoveNext();
encryptedDigest = DerOctetString.GetInstance(e.Current);
if (e.MoveNext())
{
unauthenticatedAttributes = Asn1Set.GetInstance((Asn1TaggedObject) e.Current, false);
}
else
{
unauthenticatedAttributes = null;
}
}
internal SignerInf(
CmsSignedGenerator outer,
AsymmetricKeyParameter key,
SignerIdentifier signerIdentifier,
string digestOID,
string encOID,
CmsAttributeTableGenerator sAttr,
CmsAttributeTableGenerator unsAttr,
Asn1.Cms.AttributeTable baseSignedTable)
{
string digestName = Helper.GetDigestAlgName(digestOID);
string signatureName = digestName + "with" + Helper.GetEncryptionAlgName(encOID);
this.outer = outer;
this.sigCalc = new Asn1SignatureFactory(signatureName, key);
this.signerIdentifier = signerIdentifier;
this.digestOID = digestOID;
this.encOID = encOID;
this.sAttr = sAttr;
this.unsAttr = unsAttr;
this.baseSignedTable = baseSignedTable;
}
public SignerInfo(
SignerIdentifier sid,
AlgorithmIdentifier digAlgorithm,
Asn1Set authenticatedAttributes,
AlgorithmIdentifier digEncryptionAlgorithm,
Asn1OctetString encryptedDigest,
Asn1Set unauthenticatedAttributes)
{
if (sid.IsTagged)
{
this.version = new DerInteger(3);
}
else
{
this.version = new DerInteger(1);
}
this.sid = sid;
this.digAlgorithm = digAlgorithm;
this.authenticatedAttributes = authenticatedAttributes;
this.digEncryptionAlgorithm = digEncryptionAlgorithm;
this.encryptedDigest = encryptedDigest;
this.unauthenticatedAttributes = unauthenticatedAttributes;
}
internal SignerInfoGeneratorImpl(
CmsSignedDataStreamGenerator outer,
AsymmetricKeyParameter key,
SignerIdentifier signerIdentifier,
string digestOID,
string encOID,
CmsAttributeTableGenerator sAttr,
CmsAttributeTableGenerator unsAttr)
{
this.outer = outer;
_signerIdentifier = signerIdentifier;
_digestOID = digestOID;
_encOID = encOID;
_sAttr = sAttr;
_unsAttr = unsAttr;
_encName = Helper.GetEncryptionAlgName(_encOID);
string digestName = Helper.GetDigestAlgName(_digestOID);
string signatureName = digestName + "with" + _encName;
if (_sAttr != null)
{
_sig = Helper.GetSignatureInstance(signatureName);
}
else
{
// Note: Need to use raw signatures here since we have already calculated the digest
if (_encName.Equals("RSA"))
{
_sig = Helper.GetSignatureInstance("RSA");
}
else if (_encName.Equals("DSA"))
{
_sig = Helper.GetSignatureInstance("NONEwithDSA");
}
else
{
throw new SignatureException("algorithm: " + _encName + " not supported in base signatures.");
}
}
_sig.Init(true, new ParametersWithRandom(key, outer.rand));
}
/**
* Build a generator with the passed in subjectKeyIdentifier as the signerIdentifier. If used you should
* try to follow the calculation described in RFC 5280 section 4.2.1.2.
*
* @param signerFactory operator factory for generating the final signature in the SignerInfo with.
* @param subjectKeyIdentifier key identifier to identify the public key for verifying the signature.
* @return a SignerInfoGenerator
*/
public SignerInfoGenerator Build(ISignatureFactory signerFactory, byte[] subjectKeyIdentifier)
{
SignerIdentifier sigId = new SignerIdentifier(new DerOctetString(subjectKeyIdentifier));
return CreateGenerator(signerFactory, sigId);
}
private void doAddSigner(
AsymmetricKeyParameter privateKey,
SignerIdentifier signerIdentifier,
string encryptionOID,
string digestOID,
CmsAttributeTableGenerator signedAttrGen,
CmsAttributeTableGenerator unsignedAttrGen,
Asn1.Cms.AttributeTable baseSignedTable)
{
signerInfs.Add(new SignerInf(this, privateKey, signerIdentifier, digestOID, encryptionOID,
signedAttrGen, unsignedAttrGen, baseSignedTable));
}
internal SignerInfo ToSignerInfo(
DerObjectIdentifier contentType)
{
AlgorithmIdentifier digAlgId = new AlgorithmIdentifier(
new DerObjectIdentifier(this._digestOID), DerNull.Instance);
AlgorithmIdentifier encAlgId = CmsSignedGenerator.GetEncAlgorithmIdentifier(this.EncryptionAlgOid);
byte[] hash = (byte[])outer._messageHashes[Helper.GetDigestAlgName(this._digestOID)];
outer._digests[_digestOID] = hash.Clone();
IDictionary parameters = outer.GetBaseParameters(contentType, digAlgId, hash);
Asn1.Cms.AttributeTable signed = (_sAttr != null)
// ? _sAttr.GetAttributes(Collections.unmodifiableMap(parameters))
? _sAttr.GetAttributes(parameters)
: null;
Asn1Set signedAttr = outer.GetAttributeSet(signed);
//
// sig must be composed from the DER encoding.
//
byte[] tmp;
if (signedAttr != null)
{
tmp = signedAttr.GetEncoded(Asn1Encodable.Der);
}
else
{
throw new Exception("signatures without signed attributes not implemented.");
}
_signature.BlockUpdate(tmp, 0, tmp.Length);
Asn1OctetString encDigest = new DerOctetString(_signature.GenerateSignature());
parameters = outer.GetBaseParameters(contentType, digAlgId, hash);
parameters[CmsAttributeTableParameter.Signature] = encDigest.GetOctets().Clone();
Asn1.Cms.AttributeTable unsigned = (_unsAttr != null)
// ? _unsAttr.getAttributes(Collections.unmodifiableMap(parameters))
? _unsAttr.GetAttributes(parameters)
: null;
Asn1Set unsignedAttr = outer.GetAttributeSet(unsigned);
X509Certificate cert = this.Certificate;
SignerIdentifier signerIdentifier;
if (cert != null)
{
TbsCertificateStructure tbs = TbsCertificateStructure.GetInstance(
Asn1Object.FromByteArray(cert.GetTbsCertificate()));
IssuerAndSerialNumber encSid = new IssuerAndSerialNumber(
tbs.Issuer, tbs.SerialNumber.Value);
signerIdentifier = new SignerIdentifier(encSid);
}
else
{
signerIdentifier = new SignerIdentifier(new DerOctetString(_subjectKeyID));
}
return new SignerInfo(signerIdentifier, digAlgId,
signedAttr, encAlgId, encDigest, unsignedAttr);
}
internal SignerInfoGenerator(SignerIdentifier sigId, ISignatureFactory signerFactory): this(sigId, signerFactory, false)
{
}
/**
* Build a generator with the passed in certHolder issuer and serial number as the signerIdentifier.
*
* @param contentSigner operator for generating the final signature in the SignerInfo with.
* @param certHolder carrier for the X.509 certificate related to the contentSigner.
* @return a SignerInfoGenerator
* @throws OperatorCreationException if the generator cannot be built.
*/
public SignerInfoGenerator Build(ISignatureCalculator contentSigner, X509Certificate certificate)
{
SignerIdentifier sigId = new SignerIdentifier(new IssuerAndSerialNumber(certificate.IssuerDN, new DerInteger(certificate.SerialNumber)));
SignerInfoGenerator sigInfoGen = CreateGenerator(contentSigner, sigId);
sigInfoGen.setAssociatedCertificate(certificate);
return sigInfoGen;
}
private void DoAddSigner(
AsymmetricKeyParameter privateKey,
SignerIdentifier signerIdentifier,
string encryptionOid,
string digestOid,
CmsAttributeTableGenerator signedAttrGenerator,
CmsAttributeTableGenerator unsignedAttrGenerator)
{
ConfigureDigest(digestOid);
SignerInfoGeneratorImpl signerInf = new SignerInfoGeneratorImpl(this, privateKey,
signerIdentifier, digestOid, encryptionOid, signedAttrGenerator, unsignedAttrGenerator);
_signerInfs.Add(new DigestAndSignerInfoGeneratorHolder(signerInf, digestOid));
}
/**
* Build a generator with the passed in subjectKeyIdentifier as the signerIdentifier. If used you should
* try to follow the calculation described in RFC 5280 section 4.2.1.2.
*
* @param contentSigner operator for generating the final signature in the SignerInfo with.
* @param subjectKeyIdentifier key identifier to identify the public key for verifying the signature.
* @return a SignerInfoGenerator
* @throws OperatorCreationException if the generator cannot be built.
*/
public SignerInfoGenerator Build(ISignatureCalculator contentSigner, byte[] subjectKeyIdentifier)
{
SignerIdentifier sigId = new SignerIdentifier(new DerOctetString(subjectKeyIdentifier));
return CreateGenerator(contentSigner, sigId);
}
private SignerInfoGenerator CreateGenerator(ISignatureCalculator contentSigner, SignerIdentifier sigId)
{
if (directSignature)
{
return new SignerInfoGenerator(sigId, contentSigner, true);
}
if (signedGen != null || unsignedGen != null)
{
if (signedGen == null)
{
signedGen = new DefaultSignedAttributeTableGenerator();
}
return new SignerInfoGenerator(sigId, contentSigner, signedGen, unsignedGen);
}
return new SignerInfoGenerator(sigId, contentSigner);
}
internal SignerInfoGenerator(SignerIdentifier sigId, ISignatureCalculator contentSigner): this(sigId, contentSigner, false)
{
}
internal Asn1.Cms.SignerInfo ToSignerInfo(
DerObjectIdentifier contentType,
CmsProcessable content,
SecureRandom random,
bool isCounterSignature)
{
AlgorithmIdentifier digAlgId = new AlgorithmIdentifier(
new DerObjectIdentifier(this.DigestAlgOid), DerNull.Instance);
AlgorithmIdentifier encAlgId = CmsSignedGenerator.GetEncAlgorithmIdentifier(this.EncryptionAlgOid);
string digestName = Helper.GetDigestAlgName(digestOID);
string signatureName = digestName + "with" + Helper.GetEncryptionAlgName(encOID);
ISigner sig = Helper.GetSignatureInstance(signatureName);
IDigest dig = Helper.GetDigestInstance(digestName);
byte[] hash = null;
if (content != null)
{
content.Write(new DigOutputStream(dig));
hash = DigestUtilities.DoFinal(dig);
outer._digests.Add(digestOID, hash.Clone());
}
IDictionary parameters = outer.GetBaseParameters(contentType, digAlgId, hash);
Asn1.Cms.AttributeTable signed = (sAttr != null)
// ? sAttr.GetAttributes(Collections.unmodifiableMap(parameters))
? sAttr.GetAttributes(parameters)
: null;
if (isCounterSignature)
{
Hashtable ats = signed.ToHashtable();
ats.Remove(CmsAttributes.ContentType);
signed = new Asn1.Cms.AttributeTable(ats);
}
Asn1Set signedAttr = outer.GetAttributeSet(signed);
//
// sig must be composed from the DER encoding.
//
byte[] tmp;
if (signedAttr != null)
{
tmp = signedAttr.GetEncoded(Asn1Encodable.Der);
}
else
{
MemoryStream bOut = new MemoryStream();
content.Write(bOut);
tmp = bOut.ToArray();
}
sig.Init(true, new ParametersWithRandom(key, random));
sig.BlockUpdate(tmp, 0, tmp.Length);
Asn1OctetString encDigest = new DerOctetString(sig.GenerateSignature());
IDictionary baseParameters = outer.GetBaseParameters(contentType, digAlgId, hash);
baseParameters[CmsAttributeTableParameter.Signature] = encDigest.GetOctets().Clone();
Asn1.Cms.AttributeTable unsigned = (unsAttr != null)
// ? unsAttr.GetAttributes(Collections.unmodifiableMap(baseParameters))
? unsAttr.GetAttributes(baseParameters)
: null;
Asn1Set unsignedAttr = outer.GetAttributeSet(unsigned);
X509Certificate cert = this.GetCertificate();
SignerIdentifier identifier;
if (cert != null)
{
TbsCertificateStructure tbs = TbsCertificateStructure.GetInstance(
Asn1Object.FromByteArray(cert.GetTbsCertificate()));
Asn1.Cms.IssuerAndSerialNumber encSid = new Asn1.Cms.IssuerAndSerialNumber(
tbs.Issuer, tbs.SerialNumber.Value);
identifier = new SignerIdentifier(encSid);
}
else
{
identifier = new SignerIdentifier(new DerOctetString(keyIdentifier));
}
return new Asn1.Cms.SignerInfo(identifier, digAlgId,
signedAttr, encAlgId, encDigest, unsignedAttr);
}
public static byte[] PostSign(String digestAlgorithmName,
byte[] content,
X509Certificate2[] signerCertificateChain,
byte[] signature,
byte[] signedAttributes)
{
if (signerCertificateChain == null || signerCertificateChain.Length == 0)
{
throw new ArgumentException("La cadena de certificados debe contener al menos una entrada");
}
TbsCertificateStructure tbsCertificateStructure;
//TODO Revisar esta parte del código
/**
*
* Revisar esta parte del código
*
*/
tbsCertificateStructure = TbsCertificateStructure.GetInstance(
Asn1Object.FromByteArray(
new Org.BouncyCastle.X509.X509Certificate(
X509CertificateStructure.GetInstance(Asn1Object.FromByteArray(signerCertificateChain[0].GetRawCertData()))).GetTbsCertificate()
)
);
SignerIdentifier signerIdentifier = new SignerIdentifier(
new IssuerAndSerialNumber(X509Name.GetInstance(tbsCertificateStructure.Issuer), tbsCertificateStructure.SerialNumber)
);
// Algoritmo de huella digital
AlgorithmIdentifier digestAlgorithmOID;
digestAlgorithmOID = SigUtils.MakeAlgId(AOAlgorithmID.GetOID(digestAlgorithmName));
// EncryptionAlgorithm
AlgorithmIdentifier keyAlgorithmIdentifier;
keyAlgorithmIdentifier = SigUtils.MakeAlgId(AOAlgorithmID.GetOID("RSA"));
// Firma PKCS#1 codificada
Asn1OctetString encodedPKCS1Signature = new DerOctetString(signature);
// Atributos firmados
Asn1Set asn1SignedAttributes;
asn1SignedAttributes = (Asn1Set) Asn1Object.FromByteArray(signedAttributes);
// SignerInfo
Asn1EncodableVector signerInfo = new Asn1EncodableVector();
signerInfo.Add(new SignerInfo(signerIdentifier, digestAlgorithmOID, asn1SignedAttributes, keyAlgorithmIdentifier, encodedPKCS1Signature, null));
// ContentInfo
ContentInfo contentInfo;
if (content != null)
{
MemoryStream baos = new MemoryStream();
CmsProcessable msg = new CmsProcessableByteArray(content);
msg.Write(baos);
contentInfo = new ContentInfo(new DerObjectIdentifier(Org.BouncyCastle.Asn1.Pkcs.PkcsObjectIdentifiers.Data.Id), new BerOctetString(baos.ToArray()));
}
else
{
contentInfo = new ContentInfo(new DerObjectIdentifier(Org.BouncyCastle.Asn1.Pkcs.PkcsObjectIdentifiers.Data.Id), null);
}
// Certificados
List<Asn1Encodable> ce = new List<Asn1Encodable>();
foreach (X509Certificate2 cert in signerCertificateChain)
{
/**
*
* Revisar el uso que hacemos de X509CertificateStructure
* ya que puede ser un posible punto de errores
*
*/
ce.Add(X509CertificateStructure.GetInstance(Asn1Object.FromByteArray(cert.GetRawCertData())));
}
Asn1Set certificates = SigUtils.CreateBerSetFromList(ce);
// Algoritmos de huella digital
Asn1EncodableVector digestAlgorithms = new Asn1EncodableVector();
digestAlgorithms.Add(digestAlgorithmOID);
return new ContentInfo(
Org.BouncyCastle.Asn1.Pkcs.PkcsObjectIdentifiers.SignedData,
new SignedData(
new DerSet(digestAlgorithms),
contentInfo,
certificates,
null,
new DerSet(signerInfo)
)
).GetEncoded("DER");
}