public static string SignCmsGost2012(string data, string tlsNumber, int pin, byte[] rawCertificate, byte[] key)
{
var requestBytes = Encoding.UTF8.GetBytes(data);
var typedData = new CmsProcessableByteArray(requestBytes);
var gen = new CmsSignedDataGenerator();
var signerInfoGeneratorBuilder = new SignerInfoGeneratorBuilder();
var attrs = GetSigningParameters(tlsNumber, pin);
var parameters = new DefaultSignedAttributeTableGenerator(attrs);
signerInfoGeneratorBuilder.WithSignedAttributeGenerator(parameters);
var factory = new Asn1SignatureFactory(SingingAlgorithm, GetKey(key));
var bcCertificate = GetBankCertificate(rawCertificate);
gen.AddSignerInfoGenerator(signerInfoGeneratorBuilder.Build(factory, bcCertificate));
gen.AddCertificates(MakeCertStore(bcCertificate));
var signed = gen.Generate(typedData, false);
var signedBytes = signed.GetEncoded();
return(Convert.ToBase64String(signedBytes));
}
public void TestSha1AndMD5WithRsaEncapsulatedRepeatedWithSignerInfoGen()
{
CmsProcessable msg = new CmsProcessableByteArray(Encoding.ASCII.GetBytes("Hello World!"));
IX509Store x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert);
CmsSignedDataGenerator gen = new CmsSignedDataGenerator();
gen.AddSignerInfoGenerator(new SignerInfoGeneratorBuilder().Build(
new Asn1SignatureFactory("SHA1withRSA", OrigKP.Private), OrigCert));
gen.AddSignerInfoGenerator(new SignerInfoGeneratorBuilder().Build(
new Asn1SignatureFactory("MD5withRSA", OrigKP.Private), OrigCert));
gen.AddCertificates(x509Certs);
CmsSignedData s = gen.Generate(msg, true);
s = new CmsSignedData(ContentInfo.GetInstance(Asn1Object.FromByteArray(s.GetEncoded())));
x509Certs = s.GetCertificates("Collection");
SignerInformationStore signers = s.GetSignerInfos();
Assert.AreEqual(2, signers.Count);
SignerID sid = null;
ICollection c = signers.GetSigners();
foreach (SignerInformation signer in c)
{
ICollection certCollection = x509Certs.GetMatches(signer.SignerID);
IEnumerator certEnum = certCollection.GetEnumerator();
certEnum.MoveNext();
X509Certificate cert = (X509Certificate)certEnum.Current;
sid = signer.SignerID;
Assert.IsTrue(signer.Verify(cert));
//
// check content digest
//
byte[] contentDigest = (byte[])gen.GetGeneratedDigests()[signer.DigestAlgOid];
AttributeTable table = signer.SignedAttributes;
Asn1.Cms.Attribute hash = table[CmsAttributes.MessageDigest];
Assert.IsTrue(Arrays.AreEqual(contentDigest, ((Asn1OctetString)hash.AttrValues[0]).GetOctets()));
}
c = signers.GetSigners(sid);
Assert.AreEqual(2, c.Count);
//
// try using existing signer
//
gen = new CmsSignedDataGenerator();
gen.AddSigners(s.GetSignerInfos());
gen.AddCertificates(s.GetCertificates("Collection"));
gen.AddCrls(s.GetCrls("Collection"));
s = gen.Generate(msg, true);
s = new CmsSignedData(ContentInfo.GetInstance(Asn1Object.FromByteArray(s.GetEncoded())));
x509Certs = s.GetCertificates("Collection");
signers = s.GetSignerInfos();
c = signers.GetSigners();
Assert.AreEqual(2, c.Count);
foreach (SignerInformation signer in c)
{
ICollection certCollection = x509Certs.GetMatches(signer.SignerID);
IEnumerator certEnum = certCollection.GetEnumerator();
certEnum.MoveNext();
X509Certificate cert = (X509Certificate)certEnum.Current;
Assert.AreEqual(true, signer.Verify(cert));
}
CheckSignerStoreReplacement(s, signers);
}