public bool Match(X509Certificate cert)
{
if (this.SerialNumber != null)
{
IssuerAndSerialNumber iAndS = new IssuerAndSerialNumber(cert.ToAsn1Structure());
return(iAndS.Name.Equals(this.issuer) &&
iAndS.SerialNumber.Value.Equals(this.serialNumber));
}
else if (subjectKeyId != null)
{
byte[] ext = cert.GetExtensionValue(X509Extensions.SubjectKeyIdentifier);
if (ext == null)
{
return(Arrays.AreEqual(subjectKeyId, MSOutlookKeyIdCalculator.CalculateKeyId(cert.SubjectPublicKeyInfo)));
}
byte[] subKeyID = Asn1OctetString.GetInstance(ext).GetOctets();
return(Arrays.AreEqual(subjectKeyId, subKeyID));
}
return(false);
}
public SignerInfo(Asn1Sequence seq)
{
IEnumerator enumerator = seq.GetEnumerator();
enumerator.MoveNext();
version = (DerInteger)enumerator.Current;
enumerator.MoveNext();
issuerAndSerialNumber = IssuerAndSerialNumber.GetInstance(enumerator.Current);
enumerator.MoveNext();
digAlgorithm = AlgorithmIdentifier.GetInstance(enumerator.Current);
enumerator.MoveNext();
object current = enumerator.Current;
if (current is Asn1TaggedObject)
{
authenticatedAttributes = Asn1Set.GetInstance((Asn1TaggedObject)current, explicitly: false);
enumerator.MoveNext();
digEncryptionAlgorithm = AlgorithmIdentifier.GetInstance(enumerator.Current);
}
else
{
authenticatedAttributes = null;
digEncryptionAlgorithm = AlgorithmIdentifier.GetInstance(current);
}
enumerator.MoveNext();
encryptedDigest = Asn1OctetString.GetInstance(enumerator.Current);
if (enumerator.MoveNext())
{
unauthenticatedAttributes = Asn1Set.GetInstance((Asn1TaggedObject)enumerator.Current, explicitly: false);
}
else
{
unauthenticatedAttributes = null;
}
}
public KeyTransRecipientInformation(
KeyTransRecipientInfo info,
AlgorithmIdentifier encAlg,
AlgorithmIdentifier macAlg,
AlgorithmIdentifier authEncAlg,
Stream data)
: base(encAlg, macAlg, authEncAlg, info.KeyEncryptionAlgorithm, data)
{
this.info = info;
this.rid = new RecipientID();
RecipientIdentifier r = info.RecipientIdentifier;
try
{
if (r.IsTagged)
{
Asn1OctetString octs = Asn1OctetString.GetInstance(r.ID);
rid.SubjectKeyIdentifier = octs.GetOctets();
}
else
{
IssuerAndSerialNumber iAnds = IssuerAndSerialNumber.GetInstance(r.ID);
rid.Issuer = iAnds.Name;
rid.SerialNumber = iAnds.SerialNumber.Value;
}
}
catch (IOException)
{
throw new ArgumentException("invalid rid in KeyTransRecipientInformation");
}
}
public RecipientInfo Generate(KeyParameter contentEncryptionKey, SecureRandom random)
{
byte[] keyBytes = contentEncryptionKey.GetKey();
AlgorithmIdentifier keyEncryptionAlgorithm = info.AlgorithmID;
IWrapper keyWrapper = Helper.CreateWrapper(keyEncryptionAlgorithm.ObjectID.Id);
keyWrapper.Init(true, new ParametersWithRandom(recipientPublicKey, random));
byte[] encryptedKeyBytes = keyWrapper.Wrap(keyBytes, 0, keyBytes.Length);
RecipientIdentifier recipId;
if (recipientTbsCert != null)
{
IssuerAndSerialNumber issuerAndSerial = new IssuerAndSerialNumber(
recipientTbsCert.Issuer, recipientTbsCert.SerialNumber.Value);
recipId = new RecipientIdentifier(issuerAndSerial);
}
else
{
recipId = new RecipientIdentifier(subjectKeyIdentifier);
}
return(new RecipientInfo(new KeyTransRecipientInfo(recipId, keyEncryptionAlgorithm,
new DerOctetString(encryptedKeyBytes))));
}
internal KeyTransRecipientInformation(
KeyTransRecipientInfo info,
CmsSecureReadable secureReadable)
: base(info.KeyEncryptionAlgorithm, secureReadable)
{
this.info = info;
this.rid = new RecipientID();
RecipientIdentifier r = info.RecipientIdentifier;
try
{
if (r.IsTagged)
{
Asn1OctetString octs = Asn1OctetString.GetInstance(r.ID);
rid.SubjectKeyIdentifier = octs.GetOctets();
}
else
{
IssuerAndSerialNumber iAnds = IssuerAndSerialNumber.GetInstance(r.ID);
rid.Issuer = iAnds.Name;
rid.SerialNumber = iAnds.SerialNumber.Value;
}
}
catch (IOException)
{
throw new ArgumentException("invalid rid in KeyTransRecipientInformation");
}
}
// internal Asn1.Cms.AttributeTable SignedAttributes
// {
// get { return _sAttr; }
// }
//
// internal Asn1.Cms.AttributeTable UnsignedAttributes
// {
// get { return _unsAttr; }
// }
internal SignerInfo ToSignerInfo(
DerObjectIdentifier contentType)
{
AlgorithmIdentifier digAlgId = new AlgorithmIdentifier(
new DerObjectIdentifier(this.DigestAlgOid), DerNull.Instance);
AlgorithmIdentifier encAlgId = CmsSignedGenerator.GetEncAlgorithmIdentifier(this.EncryptionAlgOid);
byte[] hash = DigestUtilities.DoFinal(_digest);
outer._digests.Add(_digestOID, hash.Clone());
IDictionary parameters = outer.GetBaseParameters(contentType, digAlgId, hash);
Asn1.Cms.AttributeTable signed = (_sAttr != null)
// ? _sAttr.GetAttributes(Collections.unmodifiableMap(parameters))
? _sAttr.GetAttributes(parameters)
: null;
Asn1Set signedAttr = outer.GetAttributeSet(signed);
//
// sig must be composed from the DER encoding.
//
byte[] bOutBytes;
if (signedAttr != null)
{
bOutBytes = signedAttr.GetDerEncoded();
}
else
{
throw new Exception("signatures without signed attributes not implemented.");
}
_signature.BlockUpdate(bOutBytes, 0, bOutBytes.Length);
Asn1OctetString encDigest = new DerOctetString(_signature.GenerateSignature());
parameters = outer.GetBaseParameters(contentType, digAlgId, hash);
parameters[CmsAttributeTableParameter.Signature] = encDigest.GetOctets().Clone();
Asn1.Cms.AttributeTable unsigned = (_unsAttr != null)
// ? _unsAttr.getAttributes(Collections.unmodifiableMap(parameters))
? _unsAttr.GetAttributes(parameters)
: null;
Asn1Set unsignedAttr = outer.GetAttributeSet(unsigned);
X509Certificate cert = this.Certificate;
TbsCertificateStructure tbs = TbsCertificateStructure.GetInstance(
Asn1Object.FromByteArray(cert.GetTbsCertificate()));
IssuerAndSerialNumber encSid = new IssuerAndSerialNumber(
tbs.Issuer, tbs.SerialNumber.Value);
return(new SignerInfo(new SignerIdentifier(encSid), digAlgId,
signedAttr, encAlgId, encDigest, unsignedAttr));
}
public SignerInfo(DerInteger version, IssuerAndSerialNumber issuerAndSerialNumber, AlgorithmIdentifier digAlgorithm, Asn1Set authenticatedAttributes, AlgorithmIdentifier digEncryptionAlgorithm, Asn1OctetString encryptedDigest, Asn1Set unauthenticatedAttributes)
{
this.version = version;
this.issuerAndSerialNumber = issuerAndSerialNumber;
this.digAlgorithm = digAlgorithm;
this.authenticatedAttributes = authenticatedAttributes;
this.digEncryptionAlgorithm = digEncryptionAlgorithm;
this.encryptedDigest = encryptedDigest;
this.unauthenticatedAttributes = unauthenticatedAttributes;
}
public static CmsSignedData Generate(IX509Store certificateStore, X509Certificate signingCertificate, AsymmetricKeyEntry privateKey, string digestOID, CmsProcessable content)
{
string encOID = CmsSignedGenerator.EncryptionRsa;
IssuerAndSerialNumber issuerAndSerialNumber = new IssuerAndSerialNumber(signingCertificate.IssuerDN, signingCertificate.SerialNumber);
SignerIdentifier signerIdentifier = new SignerIdentifier(issuerAndSerialNumber);
AlgorithmIdentifier digestAlgorithmID = new AlgorithmIdentifier(new DerObjectIdentifier(digestOID));
AlgorithmIdentifier encryptionAlgorithmID = new AlgorithmIdentifier(new DerObjectIdentifier(encOID));
SignerInfo signerInfo = new SignerInfo(signerIdentifier, digestAlgorithmID, (Asn1Set)null, encryptionAlgorithmID, null, null);
return(Generate(certificateStore, signerInfo, content));
}
public static IssuerAndSerialNumber GetInstance(object obj)
{
if (obj == null)
{
return(null);
}
IssuerAndSerialNumber issuerAndSerialNumber = obj as IssuerAndSerialNumber;
if (issuerAndSerialNumber != null)
{
return(issuerAndSerialNumber);
}
return(new IssuerAndSerialNumber(Asn1Sequence.GetInstance(obj)));
}
private KeyTransRecipientInfo ComputeRecipientInfo(X509Certificate x509certificate, byte[] abyte0)
{
Asn1InputStream asn1inputstream = new Asn1InputStream(new MemoryStream(x509certificate.GetTbsCertificate()
));
TbsCertificateStructure tbscertificatestructure = TbsCertificateStructure.GetInstance(asn1inputstream.ReadObject
());
System.Diagnostics.Debug.Assert(tbscertificatestructure != null);
AlgorithmIdentifier algorithmidentifier = tbscertificatestructure.SubjectPublicKeyInfo.AlgorithmID;
IssuerAndSerialNumber issuerandserialnumber = new IssuerAndSerialNumber(tbscertificatestructure.Issuer, tbscertificatestructure
.SerialNumber.Value);
byte[] cipheredBytes = EncryptionUtils.CipherBytes(x509certificate, abyte0, algorithmidentifier);
DerOctetString deroctetstring = new DerOctetString(cipheredBytes);
RecipientIdentifier recipId = new RecipientIdentifier(issuerandserialnumber);
return(new KeyTransRecipientInfo(recipId, algorithmidentifier, deroctetstring));
}
public RecipientInfo Generate(KeyParameter contentEncryptionKey, SecureRandom random)
{
byte[] key = contentEncryptionKey.GetKey();
AlgorithmIdentifier algorithmID = this.info.AlgorithmID;
IWrapper wrapper = KeyTransRecipientInfoGenerator.Helper.CreateWrapper(algorithmID.ObjectID.Id);
wrapper.Init(true, new ParametersWithRandom(this.recipientPublicKey, random));
byte[] str = wrapper.Wrap(key, 0, key.Length);
RecipientIdentifier rid;
if (this.recipientTbsCert != null)
{
IssuerAndSerialNumber id = new IssuerAndSerialNumber(this.recipientTbsCert.Issuer, this.recipientTbsCert.SerialNumber.Value);
rid = new RecipientIdentifier(id);
}
else
{
rid = new RecipientIdentifier(this.subjectKeyIdentifier);
}
return(new RecipientInfo(new KeyTransRecipientInfo(rid, algorithmID, new DerOctetString(str))));
}
public RecipientInfo Generate(KeyParameter contentEncryptionKey, SecureRandom random)
{
AlgorithmIdentifier keyEncryptionAlgorithm = this.AlgorithmDetails;
this.random = random;
byte[] encryptedKeyBytes = GenerateWrappedKey(contentEncryptionKey);
RecipientIdentifier recipId;
if (recipientTbsCert != null)
{
IssuerAndSerialNumber issuerAndSerial = new IssuerAndSerialNumber(
recipientTbsCert.Issuer, recipientTbsCert.SerialNumber.Value);
recipId = new RecipientIdentifier(issuerAndSerial);
}
else
{
recipId = new RecipientIdentifier(subjectKeyIdentifier);
}
return(new RecipientInfo(new KeyTransRecipientInfo(recipId, keyEncryptionAlgorithm,
new DerOctetString(encryptedKeyBytes))));
}
internal KeyTransRecipientInformation(
KeyTransRecipientInfo info,
AlgorithmIdentifier messageAlgorithm,
ICmsSecureReadable secureReadable,
IAuthAttributesProvider additionalData) : base(info.KeyEncryptionAlgorithm, messageAlgorithm, secureReadable, additionalData)
{
this.info = info;
RecipientIdentifier r = info.RecipientIdentifier;
if (r.IsTagged)
{
Asn1OctetString octs = Asn1OctetString.GetInstance(r.ID);
rid = new KeyTransRecipientID(octs.GetOctets()) as IRecipientID <RecipientInformation>;
}
else
{
IssuerAndSerialNumber iAnds = IssuerAndSerialNumber.GetInstance(r.ID);
rid = new KeyTransRecipientID(iAnds.Name, iAnds.SerialNumber.Value) as IRecipientID <RecipientInformation>;
}
}
public RecipientInfo Generate(KeyParameter contentEncryptionKey, SecureRandom random)
{
//IL_002f: Expected O, but got Unknown
//IL_00c8: Expected O, but got Unknown
//IL_0169: Unknown result type (might be due to invalid IL or missing references)
byte[] key = contentEncryptionKey.GetKey();
AsymmetricKeyParameter @public = senderKeyPair.Public;
ICipherParameters cipherParameters = senderKeyPair.Private;
OriginatorIdentifierOrKey originator;
try
{
originator = new OriginatorIdentifierOrKey(CreateOriginatorPublicKey(@public));
}
catch (IOException val)
{
IOException val2 = val;
throw new InvalidKeyException(string.Concat((object)"cannot extract originator public key: ", (object)val2));
}
Asn1OctetString ukm = null;
if (keyAgreementOID.Id.Equals(CmsEnvelopedGenerator.ECMqvSha1Kdf))
{
try
{
IAsymmetricCipherKeyPairGenerator keyPairGenerator = GeneratorUtilities.GetKeyPairGenerator(keyAgreementOID);
keyPairGenerator.Init(((ECPublicKeyParameters)@public).CreateKeyGenerationParameters(random));
AsymmetricCipherKeyPair asymmetricCipherKeyPair = keyPairGenerator.GenerateKeyPair();
ukm = new DerOctetString(new MQVuserKeyingMaterial(CreateOriginatorPublicKey(asymmetricCipherKeyPair.Public), null));
cipherParameters = new MqvPrivateParameters((ECPrivateKeyParameters)cipherParameters, (ECPrivateKeyParameters)asymmetricCipherKeyPair.Private, (ECPublicKeyParameters)asymmetricCipherKeyPair.Public);
}
catch (IOException val3)
{
IOException val4 = val3;
throw new InvalidKeyException(string.Concat((object)"cannot extract MQV ephemeral public key: ", (object)val4));
}
catch (SecurityUtilityException ex)
{
throw new InvalidKeyException(string.Concat((object)"cannot determine MQV ephemeral key pair parameters from public key: ", (object)ex));
}
}
DerSequence parameters = new DerSequence(keyEncryptionOID, DerNull.Instance);
AlgorithmIdentifier keyEncryptionAlgorithm = new AlgorithmIdentifier(keyAgreementOID, parameters);
Asn1EncodableVector asn1EncodableVector = new Asn1EncodableVector();
global::System.Collections.IEnumerator enumerator = ((global::System.Collections.IEnumerable)recipientCerts).GetEnumerator();
try
{
while (enumerator.MoveNext())
{
X509Certificate x509Certificate = (X509Certificate)enumerator.get_Current();
TbsCertificateStructure instance;
try
{
instance = TbsCertificateStructure.GetInstance(Asn1Object.FromByteArray(x509Certificate.GetTbsCertificate()));
}
catch (global::System.Exception)
{
throw new ArgumentException("can't extract TBS structure from certificate");
}
IssuerAndSerialNumber issuerSerial = new IssuerAndSerialNumber(instance.Issuer, instance.SerialNumber.Value);
KeyAgreeRecipientIdentifier id = new KeyAgreeRecipientIdentifier(issuerSerial);
ICipherParameters cipherParameters2 = x509Certificate.GetPublicKey();
if (keyAgreementOID.Id.Equals(CmsEnvelopedGenerator.ECMqvSha1Kdf))
{
cipherParameters2 = new MqvPublicParameters((ECPublicKeyParameters)cipherParameters2, (ECPublicKeyParameters)cipherParameters2);
}
IBasicAgreement basicAgreementWithKdf = AgreementUtilities.GetBasicAgreementWithKdf(keyAgreementOID, keyEncryptionOID.Id);
basicAgreementWithKdf.Init(new ParametersWithRandom(cipherParameters, random));
BigInteger s = basicAgreementWithKdf.CalculateAgreement(cipherParameters2);
int qLength = GeneratorUtilities.GetDefaultKeySize(keyEncryptionOID) / 8;
byte[] keyBytes = X9IntegerConverter.IntegerToBytes(s, qLength);
KeyParameter parameters2 = ParameterUtilities.CreateKeyParameter(keyEncryptionOID, keyBytes);
IWrapper wrapper = Helper.CreateWrapper(keyEncryptionOID.Id);
wrapper.Init(forWrapping: true, new ParametersWithRandom(parameters2, random));
byte[] str = wrapper.Wrap(key, 0, key.Length);
Asn1OctetString encryptedKey = new DerOctetString(str);
asn1EncodableVector.Add(new RecipientEncryptedKey(id, encryptedKey));
}
}
finally
{
global::System.IDisposable disposable = enumerator as global::System.IDisposable;
if (disposable != null)
{
disposable.Dispose();
}
}
return(new RecipientInfo(new KeyAgreeRecipientInfo(originator, ukm, keyEncryptionAlgorithm, new DerSequence(asn1EncodableVector))));
}
public RecipientIdentifier(
IssuerAndSerialNumber id)
{
this.id = id;
}
public OriginatorIdentifierOrKey(
IssuerAndSerialNumber id)
{
this.id = id;
}
public RecipientInfo Generate(KeyParameter contentEncryptionKey, SecureRandom random)
{
byte[] key = contentEncryptionKey.GetKey();
AsymmetricKeyParameter @public = senderKeyPair.Public;
ICipherParameters cipherParameters = senderKeyPair.Private;
OriginatorIdentifierOrKey originator;
try
{
originator = new OriginatorIdentifierOrKey(CreateOriginatorPublicKey(@public));
}
catch (IOException arg)
{
throw new InvalidKeyException("cannot extract originator public key: " + arg);
}
Asn1OctetString ukm = null;
if (keyAgreementOID.Id.Equals(CmsEnvelopedGenerator.ECMqvSha1Kdf))
{
try
{
IAsymmetricCipherKeyPairGenerator keyPairGenerator = GeneratorUtilities.GetKeyPairGenerator(keyAgreementOID);
keyPairGenerator.Init(((ECPublicKeyParameters)@public).CreateKeyGenerationParameters(random));
AsymmetricCipherKeyPair asymmetricCipherKeyPair = keyPairGenerator.GenerateKeyPair();
ukm = new DerOctetString(new MQVuserKeyingMaterial(CreateOriginatorPublicKey(asymmetricCipherKeyPair.Public), null));
cipherParameters = new MqvPrivateParameters((ECPrivateKeyParameters)cipherParameters, (ECPrivateKeyParameters)asymmetricCipherKeyPair.Private, (ECPublicKeyParameters)asymmetricCipherKeyPair.Public);
}
catch (IOException arg2)
{
throw new InvalidKeyException("cannot extract MQV ephemeral public key: " + arg2);
}
catch (SecurityUtilityException arg3)
{
throw new InvalidKeyException("cannot determine MQV ephemeral key pair parameters from public key: " + arg3);
}
}
DerSequence parameters = new DerSequence(keyEncryptionOID, DerNull.Instance);
AlgorithmIdentifier keyEncryptionAlgorithm = new AlgorithmIdentifier(keyAgreementOID, parameters);
Asn1EncodableVector asn1EncodableVector = new Asn1EncodableVector();
foreach (X509Certificate recipientCert in recipientCerts)
{
TbsCertificateStructure instance;
try
{
instance = TbsCertificateStructure.GetInstance(Asn1Object.FromByteArray(recipientCert.GetTbsCertificate()));
}
catch (Exception)
{
throw new ArgumentException("can't extract TBS structure from certificate");
}
IssuerAndSerialNumber issuerSerial = new IssuerAndSerialNumber(instance.Issuer, instance.SerialNumber.Value);
KeyAgreeRecipientIdentifier id = new KeyAgreeRecipientIdentifier(issuerSerial);
ICipherParameters cipherParameters2 = recipientCert.GetPublicKey();
if (keyAgreementOID.Id.Equals(CmsEnvelopedGenerator.ECMqvSha1Kdf))
{
cipherParameters2 = new MqvPublicParameters((ECPublicKeyParameters)cipherParameters2, (ECPublicKeyParameters)cipherParameters2);
}
IBasicAgreement basicAgreementWithKdf = AgreementUtilities.GetBasicAgreementWithKdf(keyAgreementOID, keyEncryptionOID.Id);
basicAgreementWithKdf.Init(new ParametersWithRandom(cipherParameters, random));
BigInteger s = basicAgreementWithKdf.CalculateAgreement(cipherParameters2);
int qLength = GeneratorUtilities.GetDefaultKeySize(keyEncryptionOID) / 8;
byte[] keyBytes = X9IntegerConverter.IntegerToBytes(s, qLength);
KeyParameter parameters2 = ParameterUtilities.CreateKeyParameter(keyEncryptionOID, keyBytes);
IWrapper wrapper = Helper.CreateWrapper(keyEncryptionOID.Id);
wrapper.Init(forWrapping: true, new ParametersWithRandom(parameters2, random));
byte[] str = wrapper.Wrap(key, 0, key.Length);
Asn1OctetString encryptedKey = new DerOctetString(str);
asn1EncodableVector.Add(new RecipientEncryptedKey(id, encryptedKey));
}
return(new RecipientInfo(new KeyAgreeRecipientInfo(originator, ukm, keyEncryptionAlgorithm, new DerSequence(asn1EncodableVector))));
}
public KeyAgreeRecipientIdentifier(
IssuerAndSerialNumber issuerSerial)
{
this.issuerSerial = issuerSerial;
}
public SignerIdentifier(IssuerAndSerialNumber id)
{
this.id = id;
}
public SignerIdentifier(
IssuerAndSerialNumber id)
{
this.id = id;
}
public SmimeEncryptionKeyPreferenceAttribute(
IssuerAndSerialNumber issAndSer)
: base(SmimeAttributes.EncrypKeyPref,
new DerSet(new DerTaggedObject(false, 0, issAndSer)))
{
}
public RecipientInfo Generate(KeyParameter contentEncryptionKey, SecureRandom random)
{
byte[] keyBytes = contentEncryptionKey.GetKey();
AsymmetricKeyParameter senderPublicKey = senderKeyPair.Public;
ICipherParameters senderPrivateParams = senderKeyPair.Private;
OriginatorIdentifierOrKey originator;
try
{
originator = new OriginatorIdentifierOrKey(
CreateOriginatorPublicKey(senderPublicKey));
}
catch (IOException e)
{
throw new InvalidKeyException("cannot extract originator public key: " + e);
}
Asn1OctetString ukm = null;
if (keyAgreementOID.Id.Equals(CmsEnvelopedGenerator.ECMqvSha1Kdf))
{
try
{
IAsymmetricCipherKeyPairGenerator ephemKPG =
GeneratorUtilities.GetKeyPairGenerator(keyAgreementOID);
ephemKPG.Init(
((ECPublicKeyParameters)senderPublicKey).CreateKeyGenerationParameters(random));
AsymmetricCipherKeyPair ephemKP = ephemKPG.GenerateKeyPair();
ukm = new DerOctetString(
new MQVuserKeyingMaterial(
CreateOriginatorPublicKey(ephemKP.Public), null));
senderPrivateParams = new MqvPrivateParameters(
(ECPrivateKeyParameters)senderPrivateParams,
(ECPrivateKeyParameters)ephemKP.Private,
(ECPublicKeyParameters)ephemKP.Public);
}
catch (IOException e)
{
throw new InvalidKeyException("cannot extract MQV ephemeral public key: " + e);
}
catch (SecurityUtilityException e)
{
throw new InvalidKeyException("cannot determine MQV ephemeral key pair parameters from public key: " + e);
}
}
DerSequence paramSeq = new DerSequence(
keyEncryptionOID,
DerNull.Instance);
AlgorithmIdentifier keyEncAlg = new AlgorithmIdentifier(keyAgreementOID, paramSeq);
Asn1EncodableVector recipientEncryptedKeys = new Asn1EncodableVector();
foreach (X509Certificate recipientCert in recipientCerts)
{
TbsCertificateStructure tbsCert;
try
{
tbsCert = TbsCertificateStructure.GetInstance(
Asn1Object.FromByteArray(recipientCert.GetTbsCertificate()));
}
catch (Exception)
{
throw new ArgumentException("can't extract TBS structure from certificate");
}
// TODO Should there be a SubjectKeyIdentifier-based alternative?
IssuerAndSerialNumber issuerSerial = new IssuerAndSerialNumber(
tbsCert.Issuer, tbsCert.SerialNumber.Value);
KeyAgreeRecipientIdentifier karid = new KeyAgreeRecipientIdentifier(issuerSerial);
ICipherParameters recipientPublicParams = recipientCert.GetPublicKey();
if (keyAgreementOID.Id.Equals(CmsEnvelopedGenerator.ECMqvSha1Kdf))
{
recipientPublicParams = new MqvPublicParameters(
(ECPublicKeyParameters)recipientPublicParams,
(ECPublicKeyParameters)recipientPublicParams);
}
// Use key agreement to choose a wrap key for this recipient
IBasicAgreement keyAgreement = AgreementUtilities.GetBasicAgreementWithKdf(
keyAgreementOID, keyEncryptionOID.Id);
keyAgreement.Init(new ParametersWithRandom(senderPrivateParams, random));
BigInteger agreedValue = keyAgreement.CalculateAgreement(recipientPublicParams);
int keyEncryptionKeySize = GeneratorUtilities.GetDefaultKeySize(keyEncryptionOID) / 8;
byte[] keyEncryptionKeyBytes = X9IntegerConverter.IntegerToBytes(agreedValue, keyEncryptionKeySize);
KeyParameter keyEncryptionKey = ParameterUtilities.CreateKeyParameter(
keyEncryptionOID, keyEncryptionKeyBytes);
// Wrap the content encryption key with the agreement key
IWrapper keyWrapper = Helper.CreateWrapper(keyEncryptionOID.Id);
keyWrapper.Init(true, new ParametersWithRandom(keyEncryptionKey, random));
byte[] encryptedKeyBytes = keyWrapper.Wrap(keyBytes, 0, keyBytes.Length);
Asn1OctetString encryptedKey = new DerOctetString(encryptedKeyBytes);
recipientEncryptedKeys.Add(new RecipientEncryptedKey(karid, encryptedKey));
}
return(new RecipientInfo(new KeyAgreeRecipientInfo(originator, ukm, keyEncAlg,
new DerSequence(recipientEncryptedKeys))));
}
public KeyTransRecipientInfoGenerator(IssuerAndSerialNumber issuerAndSerial, IKeyWrapper keyWrapper)
{
this.issuerAndSerialNumber = issuerAndSerial;
this.keyWrapper = keyWrapper;
}
public KeyAgreeRecipientIdentifier(IssuerAndSerialNumber issuerSerial)
{
this.issuerSerial = issuerSerial;
}
protected KeyTransRecipientInfoGenerator(IssuerAndSerialNumber issuerAndSerialNumber)
{
this.issuerAndSerialNumber = issuerAndSerialNumber;
}
public RecipientIdentifier(IssuerAndSerialNumber id)
{
this.id = id;
}
public CmsKeyTransRecipientInfoGenerator(IssuerAndSerialNumber issuerAndSerial, IKeyWrapper keyWrapper)
: base(issuerAndSerial, keyWrapper)
{
}
public SmimeEncryptionKeyPreferenceAttribute(
IssuerAndSerialNumber issAndSer)
: base(SmimeAttributes.EncrypKeyPref,
new DerSet(new DerTaggedObject(false, 0, issAndSer)))
{
}
internal SignerInfo ToSignerInfo(
DerObjectIdentifier contentType)
{
AlgorithmIdentifier digAlgId = new AlgorithmIdentifier(
new DerObjectIdentifier(this._digestOID), DerNull.Instance);
AlgorithmIdentifier encAlgId = CmsSignedGenerator.GetEncAlgorithmIdentifier(this.EncryptionAlgOid);
byte[] hash = (byte[])outer._messageHashes[Helper.GetDigestAlgName(this._digestOID)];
outer._digests[_digestOID] = hash.Clone();
IDictionary parameters = outer.GetBaseParameters(contentType, digAlgId, hash);
Asn1.Cms.AttributeTable signed = (_sAttr != null)
// ? _sAttr.GetAttributes(Collections.unmodifiableMap(parameters))
? _sAttr.GetAttributes(parameters)
: null;
Asn1Set signedAttr = outer.GetAttributeSet(signed);
//
// sig must be composed from the DER encoding.
//
byte[] tmp;
if (signedAttr != null)
{
tmp = signedAttr.GetEncoded(Asn1Encodable.Der);
}
else
{
throw new Exception("signatures without signed attributes not implemented.");
}
_signature.BlockUpdate(tmp, 0, tmp.Length);
Asn1OctetString encDigest = new DerOctetString(_signature.GenerateSignature());
parameters = outer.GetBaseParameters(contentType, digAlgId, hash);
parameters[CmsAttributeTableParameter.Signature] = encDigest.GetOctets().Clone();
Asn1.Cms.AttributeTable unsigned = (_unsAttr != null)
// ? _unsAttr.getAttributes(Collections.unmodifiableMap(parameters))
? _unsAttr.GetAttributes(parameters)
: null;
Asn1Set unsignedAttr = outer.GetAttributeSet(unsigned);
X509Certificate cert = this.Certificate;
SignerIdentifier signerIdentifier;
if (cert != null)
{
TbsCertificateStructure tbs = TbsCertificateStructure.GetInstance(
Asn1Object.FromByteArray(cert.GetTbsCertificate()));
IssuerAndSerialNumber encSid = new IssuerAndSerialNumber(
tbs.Issuer, tbs.SerialNumber.Value);
signerIdentifier = new SignerIdentifier(encSid);
}
else
{
signerIdentifier = new SignerIdentifier(new DerOctetString(_subjectKeyID));
}
return(new SignerInfo(signerIdentifier, digAlgId,
signedAttr, encAlgId, encDigest, unsignedAttr));
}
public OriginatorIdentifierOrKey(IssuerAndSerialNumber id)
{
this.id = id;
}
public SMIMEEncryptionKeyPreferenceAttribute(
IssuerAndSerialNumber issAndSer)
: base(SMIMEAttributes.encrypKeyPref,
new DERSet(new DERTaggedObject(false, 0, issAndSer)))
{
}
