// internal Asn1.Cms.AttributeTable SignedAttributes // { // get { return _sAttr; } // } // // internal Asn1.Cms.AttributeTable UnsignedAttributes // { // get { return _unsAttr; } // } internal SignerInfo ToSignerInfo( DerObjectIdentifier contentType) { AlgorithmIdentifier digAlgId = new AlgorithmIdentifier( new DerObjectIdentifier(this.DigestAlgOid), DerNull.Instance); AlgorithmIdentifier encAlgId = CmsSignedGenerator.GetEncAlgorithmIdentifier(this.EncryptionAlgOid); byte[] hash = DigestUtilities.DoFinal(_digest); outer._digests.Add(_digestOID, hash.Clone()); IDictionary parameters = outer.GetBaseParameters(contentType, digAlgId, hash); Asn1.Cms.AttributeTable signed = (_sAttr != null) // ? _sAttr.GetAttributes(Collections.unmodifiableMap(parameters)) ? _sAttr.GetAttributes(parameters) : null; Asn1Set signedAttr = outer.GetAttributeSet(signed); // // sig must be composed from the DER encoding. // byte[] bOutBytes; if (signedAttr != null) { bOutBytes = signedAttr.GetDerEncoded(); } else { throw new Exception("signatures without signed attributes not implemented."); } _signature.BlockUpdate(bOutBytes, 0, bOutBytes.Length); Asn1OctetString encDigest = new DerOctetString(_signature.GenerateSignature()); parameters = outer.GetBaseParameters(contentType, digAlgId, hash); parameters[CmsAttributeTableParameter.Signature] = encDigest.GetOctets().Clone(); Asn1.Cms.AttributeTable unsigned = (_unsAttr != null) // ? _unsAttr.getAttributes(Collections.unmodifiableMap(parameters)) ? _unsAttr.GetAttributes(parameters) : null; Asn1Set unsignedAttr = outer.GetAttributeSet(unsigned); X509Certificate cert = this.Certificate; TbsCertificateStructure tbs = TbsCertificateStructure.GetInstance( Asn1Object.FromByteArray(cert.GetTbsCertificate())); IssuerAndSerialNumber encSid = new IssuerAndSerialNumber( tbs.Issuer, tbs.SerialNumber.Value); return(new SignerInfo(new SignerIdentifier(encSid), digAlgId, signedAttr, encAlgId, encDigest, unsignedAttr)); }
public SignerInfo Generate(DerObjectIdentifier contentType, AlgorithmIdentifier digestAlgorithm, byte[] calculatedDigest) { //IL_016e: Expected O, but got Unknown try { string digestAlgName = Helper.GetDigestAlgName(_digestOID); string algorithm = digestAlgName + "with" + _encName; byte[] array = calculatedDigest; Asn1Set asn1Set = null; if (_sAttr != null) { IDictionary baseParameters = outer.GetBaseParameters(contentType, digestAlgorithm, calculatedDigest); Org.BouncyCastle.Asn1.Cms.AttributeTable attributeTable = _sAttr.GetAttributes(baseParameters); if (contentType == null && attributeTable != null && attributeTable[CmsAttributes.ContentType] != null) { IDictionary val = attributeTable.ToDictionary(); val.Remove((object)CmsAttributes.ContentType); attributeTable = new Org.BouncyCastle.Asn1.Cms.AttributeTable(val); } asn1Set = outer.GetAttributeSet(attributeTable); array = asn1Set.GetEncoded("DER"); } else if (_encName.Equals("RSA")) { DigestInfo digestInfo = new DigestInfo(digestAlgorithm, calculatedDigest); array = digestInfo.GetEncoded("DER"); } _sig.BlockUpdate(array, 0, array.Length); byte[] array2 = _sig.GenerateSignature(); Asn1Set unauthenticatedAttributes = null; if (_unsAttr != null) { IDictionary baseParameters2 = outer.GetBaseParameters(contentType, digestAlgorithm, calculatedDigest); baseParameters2.set_Item((object)CmsAttributeTableParameter.Signature, ((global::System.Array)array2).Clone()); Org.BouncyCastle.Asn1.Cms.AttributeTable attributes = _unsAttr.GetAttributes(baseParameters2); unauthenticatedAttributes = outer.GetAttributeSet(attributes); } Asn1Encodable defaultX509Parameters = SignerUtilities.GetDefaultX509Parameters(algorithm); AlgorithmIdentifier encAlgorithmIdentifier = Helper.GetEncAlgorithmIdentifier(new DerObjectIdentifier(_encOID), defaultX509Parameters); return(new SignerInfo(_signerIdentifier, digestAlgorithm, asn1Set, encAlgorithmIdentifier, new DerOctetString(array2), unauthenticatedAttributes)); } catch (IOException val2) { IOException e = val2; throw new CmsStreamException("encoding error.", (global::System.Exception)(object) e); } catch (SignatureException e2) { throw new CmsStreamException("error creating signature.", e2); } }
public SignerInfo Generate(DerObjectIdentifier contentType, AlgorithmIdentifier digestAlgorithm, byte[] calculatedDigest) { try { string digestName = Helper.GetDigestAlgName(_digestOID); string signatureName = digestName + "with" + _encName; // AlgorithmIdentifier digAlgId = DigestAlgorithmID; // // byte[] hash = (byte[])outer._messageHashes[Helper.GetDigestAlgName(this._digestOID)]; // outer._digests[_digestOID] = hash.Clone(); byte[] bytesToSign = calculatedDigest; /* RFC 3852 5.4 * The result of the message digest calculation process depends on * whether the signedAttrs field is present. When the field is absent, * the result is just the message digest of the content as described * * above. When the field is present, however, the result is the message * digest of the complete DER encoding of the SignedAttrs value * contained in the signedAttrs field. */ Asn1Set signedAttr = null; if (_sAttr != null) { IDictionary parameters = outer.GetBaseParameters(contentType, digestAlgorithm, calculatedDigest); // Asn1.Cms.AttributeTable signed = _sAttr.GetAttributes(Collections.unmodifiableMap(parameters)); Asn1.Cms.AttributeTable signed = _sAttr.GetAttributes(parameters); if (contentType == null) //counter signature { if (signed != null && signed[CmsAttributes.ContentType] != null) { IDictionary tmpSigned = signed.ToDictionary(); tmpSigned.Remove(CmsAttributes.ContentType); signed = new Asn1.Cms.AttributeTable(tmpSigned); } } signedAttr = outer.GetAttributeSet(signed); // sig must be composed from the DER encoding. bytesToSign = signedAttr.GetEncoded(Asn1Encodable.Der); } else { // Note: Need to use raw signatures here since we have already calculated the digest if (_encName.Equals("RSA")) { DigestInfo dInfo = new DigestInfo(digestAlgorithm, calculatedDigest); bytesToSign = dInfo.GetEncoded(Asn1Encodable.Der); } } _sig.BlockUpdate(bytesToSign, 0, bytesToSign.Length); byte[] sigBytes = _sig.GenerateSignature(); Asn1Set unsignedAttr = null; if (_unsAttr != null) { IDictionary parameters = outer.GetBaseParameters( contentType, digestAlgorithm, calculatedDigest); parameters[CmsAttributeTableParameter.Signature] = sigBytes.Clone(); // Asn1.Cms.AttributeTable unsigned = _unsAttr.getAttributes(Collections.unmodifiableMap(parameters)); Asn1.Cms.AttributeTable unsigned = _unsAttr.GetAttributes(parameters); unsignedAttr = outer.GetAttributeSet(unsigned); } // TODO[RSAPSS] Need the ability to specify non-default parameters Asn1Encodable sigX509Parameters = SignerUtilities.GetDefaultX509Parameters(signatureName); AlgorithmIdentifier digestEncryptionAlgorithm = Helper.GetEncAlgorithmIdentifier( new DerObjectIdentifier(_encOID), sigX509Parameters); return(new SignerInfo(_signerIdentifier, digestAlgorithm, signedAttr, digestEncryptionAlgorithm, new DerOctetString(sigBytes), unsignedAttr)); } catch (IOException e) { throw new CmsStreamException("encoding error.", e); } catch (SignatureException e) { throw new CmsStreamException("error creating signature.", e); } }
internal SignerInfo ToSignerInfo( DerObjectIdentifier contentType) { AlgorithmIdentifier digAlgId = new AlgorithmIdentifier( new DerObjectIdentifier(this._digestOID), DerNull.Instance); AlgorithmIdentifier encAlgId = CmsSignedGenerator.GetEncAlgorithmIdentifier(this.EncryptionAlgOid); byte[] hash = (byte[])outer._messageHashes[Helper.GetDigestAlgName(this._digestOID)]; outer._digests[_digestOID] = hash.Clone(); IDictionary parameters = outer.GetBaseParameters(contentType, digAlgId, hash); Asn1.Cms.AttributeTable signed = (_sAttr != null) // ? _sAttr.GetAttributes(Collections.unmodifiableMap(parameters)) ? _sAttr.GetAttributes(parameters) : null; Asn1Set signedAttr = outer.GetAttributeSet(signed); // // sig must be composed from the DER encoding. // byte[] tmp; if (signedAttr != null) { tmp = signedAttr.GetEncoded(Asn1Encodable.Der); } else { throw new Exception("signatures without signed attributes not implemented."); } _signature.BlockUpdate(tmp, 0, tmp.Length); Asn1OctetString encDigest = new DerOctetString(_signature.GenerateSignature()); parameters = outer.GetBaseParameters(contentType, digAlgId, hash); parameters[CmsAttributeTableParameter.Signature] = encDigest.GetOctets().Clone(); Asn1.Cms.AttributeTable unsigned = (_unsAttr != null) // ? _unsAttr.getAttributes(Collections.unmodifiableMap(parameters)) ? _unsAttr.GetAttributes(parameters) : null; Asn1Set unsignedAttr = outer.GetAttributeSet(unsigned); X509Certificate cert = this.Certificate; SignerIdentifier signerIdentifier; if (cert != null) { TbsCertificateStructure tbs = TbsCertificateStructure.GetInstance( Asn1Object.FromByteArray(cert.GetTbsCertificate())); IssuerAndSerialNumber encSid = new IssuerAndSerialNumber( tbs.Issuer, tbs.SerialNumber.Value); signerIdentifier = new SignerIdentifier(encSid); } else { signerIdentifier = new SignerIdentifier(new DerOctetString(_subjectKeyID)); } return(new SignerInfo(signerIdentifier, digAlgId, signedAttr, encAlgId, encDigest, unsignedAttr)); }
internal SignerInfo ToSignerInfo( DerObjectIdentifier contentType) { string digestName = Helper.GetDigestAlgName(_digestOID); string encName = Helper.GetEncryptionAlgName(_encOID); string signatureName = digestName + "with" + encName; AlgorithmIdentifier digAlgId = DigestAlgorithmID; byte[] hash = (byte[])outer._messageHashes[Helper.GetDigestAlgName(this._digestOID)]; outer._digests[_digestOID] = hash.Clone(); byte[] bytesToSign = hash; ISigner sig; /* RFC 3852 5.4 * The result of the message digest calculation process depends on * whether the signedAttrs field is present. When the field is absent, * the result is just the message digest of the content as described * * above. When the field is present, however, the result is the message * digest of the complete DER encoding of the SignedAttrs value * contained in the signedAttrs field. */ Asn1Set signedAttr = null; if (_sAttr != null) { IDictionary parameters = outer.GetBaseParameters(contentType, digAlgId, hash); // Asn1.Cms.AttributeTable signed = _sAttr.GetAttributes(Collections.unmodifiableMap(parameters)); Asn1.Cms.AttributeTable signed = _sAttr.GetAttributes(parameters); // TODO Handle countersignatures (see CMSSignedDataGenerator) signedAttr = outer.GetAttributeSet(signed); // sig must be composed from the DER encoding. bytesToSign = signedAttr.GetEncoded(Asn1Encodable.Der); sig = Helper.GetSignatureInstance(signatureName); } else { // Note: Need to use raw signatures here since we have already calculated the digest if (encName.Equals("RSA")) { DigestInfo dInfo = new DigestInfo(digAlgId, hash); bytesToSign = dInfo.GetEncoded(Asn1Encodable.Der); sig = Helper.GetSignatureInstance("RSA"); } else if (encName.Equals("DSA")) { sig = Helper.GetSignatureInstance("NONEwithDSA"); } // TODO Add support for raw PSS // else if (encName.equals("RSAandMGF1")) // { // sig = CMSSignedHelper.INSTANCE.getSignatureInstance("NONEWITHRSAPSS", _sigProvider); // try // { // // Init the params this way to avoid having a 'raw' version of each PSS algorithm // Signature sig2 = CMSSignedHelper.INSTANCE.getSignatureInstance(signatureName, _sigProvider); // PSSParameterSpec spec = (PSSParameterSpec)sig2.getParameters().getParameterSpec(PSSParameterSpec.class); // sig.setParameter(spec); // } // catch (Exception e) // { // throw new SignatureException("algorithm: " + encName + " could not be configured."); // } // } else { throw new SignatureException("algorithm: " + encName + " not supported in base signatures."); } } sig.Init(true, new ParametersWithRandom(_key, outer.rand)); sig.BlockUpdate(bytesToSign, 0, bytesToSign.Length); byte[] sigBytes = sig.GenerateSignature(); Asn1Set unsignedAttr = null; if (_unsAttr != null) { IDictionary parameters = outer.GetBaseParameters(contentType, digAlgId, hash); parameters[CmsAttributeTableParameter.Signature] = sigBytes.Clone(); // Asn1.Cms.AttributeTable unsigned = _unsAttr.getAttributes(Collections.unmodifiableMap(parameters)); Asn1.Cms.AttributeTable unsigned = _unsAttr.GetAttributes(parameters); unsignedAttr = outer.GetAttributeSet(unsigned); } // TODO[RSAPSS] Need the ability to specify non-default parameters Asn1Encodable sigX509Parameters = SignerUtilities.GetDefaultX509Parameters(signatureName); AlgorithmIdentifier encAlgId = CmsSignedGenerator.GetEncAlgorithmIdentifier( new DerObjectIdentifier(_encOID), sigX509Parameters); return(new SignerInfo(_signerIdentifier, digAlgId, signedAttr, encAlgId, new DerOctetString(sigBytes), unsignedAttr)); }