internal SignerInf(
     CmsSignedGenerator outer,
     AsymmetricKeyParameter key,
     X509Certificate cert,
     string digestOID,
     string encOID)
     : this(outer, key, cert, digestOID, encOID, null, null, null)
 {
 }
 internal SignerInf(
     CmsSignedGenerator outer,
     AsymmetricKeyParameter key,
     byte[]                                      keyIdentifier,
     string digestOID,
     string encOID)
     : this(outer, key, keyIdentifier, digestOID, encOID, null, null, null)
 {
 }
Example #3
0
//			internal Asn1.Cms.AttributeTable SignedAttributes
//            {
//				get { return _sAttr; }
//            }
//
//			internal Asn1.Cms.AttributeTable UnsignedAttributes
//            {
//				get { return _unsAttr; }
//            }

            internal SignerInfo ToSignerInfo(
                DerObjectIdentifier contentType)
            {
                AlgorithmIdentifier digAlgId = new AlgorithmIdentifier(
                    new DerObjectIdentifier(this.DigestAlgOid), DerNull.Instance);
                AlgorithmIdentifier encAlgId = CmsSignedGenerator.GetEncAlgorithmIdentifier(this.EncryptionAlgOid);

                byte[] hash = DigestUtilities.DoFinal(_digest);

                outer._digests.Add(_digestOID, hash.Clone());

                IDictionary parameters = outer.GetBaseParameters(contentType, digAlgId, hash);

                Asn1.Cms.AttributeTable signed = (_sAttr != null)
//					?	_sAttr.GetAttributes(Collections.unmodifiableMap(parameters))
                                        ?       _sAttr.GetAttributes(parameters)
                                        :       null;

                Asn1Set signedAttr = outer.GetAttributeSet(signed);

                //
                // sig must be composed from the DER encoding.
                //
                byte[] bOutBytes;
                if (signedAttr != null)
                {
                    bOutBytes = signedAttr.GetDerEncoded();
                }
                else
                {
                    throw new Exception("signatures without signed attributes not implemented.");
                }

                _signature.BlockUpdate(bOutBytes, 0, bOutBytes.Length);

                Asn1OctetString encDigest = new DerOctetString(_signature.GenerateSignature());

                parameters = outer.GetBaseParameters(contentType, digAlgId, hash);
                parameters[CmsAttributeTableParameter.Signature] = encDigest.GetOctets().Clone();

                Asn1.Cms.AttributeTable unsigned = (_unsAttr != null)
//					?	_unsAttr.getAttributes(Collections.unmodifiableMap(parameters))
                                        ?       _unsAttr.GetAttributes(parameters)
                                        :       null;

                Asn1Set unsignedAttr = outer.GetAttributeSet(unsigned);

                X509Certificate         cert = this.Certificate;
                TbsCertificateStructure tbs  = TbsCertificateStructure.GetInstance(
                    Asn1Object.FromByteArray(cert.GetTbsCertificate()));
                IssuerAndSerialNumber encSid = new IssuerAndSerialNumber(
                    tbs.Issuer, tbs.SerialNumber.Value);

                return(new SignerInfo(new SignerIdentifier(encSid), digAlgId,
                                      signedAttr, encAlgId, encDigest, unsignedAttr));
            }
 internal SignerInf(CmsSignedGenerator outer, AsymmetricKeyParameter key, SignerIdentifier signerIdentifier, string digestOID, string encOID, CmsAttributeTableGenerator sAttr, CmsAttributeTableGenerator unsAttr, Org.BouncyCastle.Asn1.Cms.AttributeTable baseSignedTable)
 {
     this.outer            = outer;
     this.key              = key;
     this.signerIdentifier = signerIdentifier;
     this.digestOID        = digestOID;
     this.encOID           = encOID;
     this.sAttr            = sAttr;
     this.unsAttr          = unsAttr;
     this.baseSignedTable  = baseSignedTable;
 }
Example #5
0
 internal SignerInf(CmsSignedGenerator outer, ISignatureFactory sigCalc, SignerIdentifier signerIdentifier, CmsAttributeTableGenerator sAttr, CmsAttributeTableGenerator unsAttr, Org.BouncyCastle.Asn1.Cms.AttributeTable baseSignedTable)
 {
     this.outer            = outer;
     this.sigCalc          = sigCalc;
     this.signerIdentifier = signerIdentifier;
     digestOID             = new DefaultDigestAlgorithmIdentifierFinder().find((AlgorithmIdentifier)sigCalc.AlgorithmDetails).Algorithm.Id;
     encOID               = ((AlgorithmIdentifier)sigCalc.AlgorithmDetails).Algorithm.Id;
     this.sAttr           = sAttr;
     this.unsAttr         = unsAttr;
     this.baseSignedTable = baseSignedTable;
 }
            public SignerInfo Generate(DerObjectIdentifier contentType, AlgorithmIdentifier digestAlgorithm, byte[] calculatedDigest)
            {
                SignerInfo result;

                try
                {
                    string  digestAlgName = CmsSignedDataStreamGenerator.Helper.GetDigestAlgName(this._digestOID);
                    string  algorithm     = digestAlgName + "with" + this._encName;
                    byte[]  array         = calculatedDigest;
                    Asn1Set asn1Set       = null;
                    if (this._sAttr != null)
                    {
                        IDictionary baseParameters = this.outer.GetBaseParameters(contentType, digestAlgorithm, calculatedDigest);
                        Org.BouncyCastle.Asn1.Cms.AttributeTable attributeTable = this._sAttr.GetAttributes(baseParameters);
                        if (contentType == null && attributeTable != null && attributeTable[CmsAttributes.ContentType] != null)
                        {
                            IDictionary dictionary = attributeTable.ToDictionary();
                            dictionary.Remove(CmsAttributes.ContentType);
                            attributeTable = new Org.BouncyCastle.Asn1.Cms.AttributeTable(dictionary);
                        }
                        asn1Set = this.outer.GetAttributeSet(attributeTable);
                        array   = asn1Set.GetEncoded("DER");
                    }
                    else if (this._encName.Equals("RSA"))
                    {
                        DigestInfo digestInfo = new DigestInfo(digestAlgorithm, calculatedDigest);
                        array = digestInfo.GetEncoded("DER");
                    }
                    this._sig.BlockUpdate(array, 0, array.Length);
                    byte[]  array2 = this._sig.GenerateSignature();
                    Asn1Set unauthenticatedAttributes = null;
                    if (this._unsAttr != null)
                    {
                        IDictionary baseParameters2 = this.outer.GetBaseParameters(contentType, digestAlgorithm, calculatedDigest);
                        baseParameters2[CmsAttributeTableParameter.Signature] = array2.Clone();
                        Org.BouncyCastle.Asn1.Cms.AttributeTable attributes = this._unsAttr.GetAttributes(baseParameters2);
                        unauthenticatedAttributes = this.outer.GetAttributeSet(attributes);
                    }
                    Asn1Encodable       defaultX509Parameters  = SignerUtilities.GetDefaultX509Parameters(algorithm);
                    AlgorithmIdentifier encAlgorithmIdentifier = CmsSignedGenerator.GetEncAlgorithmIdentifier(new DerObjectIdentifier(this._encOID), defaultX509Parameters);
                    result = new SignerInfo(this._signerIdentifier, digestAlgorithm, asn1Set, encAlgorithmIdentifier, new DerOctetString(array2), unauthenticatedAttributes);
                }
                catch (IOException e)
                {
                    throw new CmsStreamException("encoding error.", e);
                }
                catch (SignatureException e2)
                {
                    throw new CmsStreamException("error creating signature.", e2);
                }
                return(result);
            }
 internal SignerInf(
     CmsSignedGenerator outer,
     AsymmetricKeyParameter key,
     X509Certificate cert,
     string digestOID,
     string encOID)
 {
     this.outer     = outer;
     this.key       = key;
     this.cert      = cert;
     this.digestOID = digestOID;
     this.encOID    = encOID;
 }
            internal SignerInfo ToSignerInfo(DerObjectIdentifier contentType, CmsProcessable content, SecureRandom random)
            {
                AlgorithmIdentifier digestAlgorithmID = this.DigestAlgorithmID;
                string  digestAlgName     = CmsSignedDataGenerator.Helper.GetDigestAlgName(this.digestOID);
                IDigest digestInstance    = CmsSignedDataGenerator.Helper.GetDigestInstance(digestAlgName);
                string  algorithm         = digestAlgName + "with" + CmsSignedDataGenerator.Helper.GetEncryptionAlgName(this.encOID);
                ISigner signatureInstance = CmsSignedDataGenerator.Helper.GetSignatureInstance(algorithm);

                if (content != null)
                {
                    content.Write(new DigOutputStream(digestInstance));
                }
                byte[] array = DigestUtilities.DoFinal(digestInstance);
                this.outer._digests.Add(this.digestOID, array.Clone());
                signatureInstance.Init(true, new ParametersWithRandom(this.key, random));
                Stream  stream  = new BufferedStream(new SigOutputStream(signatureInstance));
                Asn1Set asn1Set = null;

                if (this.sAttr != null)
                {
                    IDictionary baseParameters = this.outer.GetBaseParameters(contentType, digestAlgorithmID, array);
                    Org.BouncyCastle.Asn1.Cms.AttributeTable attributeTable = this.sAttr.GetAttributes(baseParameters);
                    if (contentType == null && attributeTable != null && attributeTable[CmsAttributes.ContentType] != null)
                    {
                        IDictionary dictionary = attributeTable.ToDictionary();
                        dictionary.Remove(CmsAttributes.ContentType);
                        attributeTable = new Org.BouncyCastle.Asn1.Cms.AttributeTable(dictionary);
                    }
                    asn1Set = this.outer.GetAttributeSet(attributeTable);
                    new DerOutputStream(stream).WriteObject(asn1Set);
                }
                else if (content != null)
                {
                    content.Write(stream);
                }
                stream.Close();
                byte[]  array2 = signatureInstance.GenerateSignature();
                Asn1Set unauthenticatedAttributes = null;

                if (this.unsAttr != null)
                {
                    IDictionary baseParameters2 = this.outer.GetBaseParameters(contentType, digestAlgorithmID, array);
                    baseParameters2[CmsAttributeTableParameter.Signature] = array2.Clone();
                    Org.BouncyCastle.Asn1.Cms.AttributeTable attributes = this.unsAttr.GetAttributes(baseParameters2);
                    unauthenticatedAttributes = this.outer.GetAttributeSet(attributes);
                }
                Asn1Encodable       defaultX509Parameters  = SignerUtilities.GetDefaultX509Parameters(algorithm);
                AlgorithmIdentifier encAlgorithmIdentifier = CmsSignedGenerator.GetEncAlgorithmIdentifier(new DerObjectIdentifier(this.encOID), defaultX509Parameters);

                return(new SignerInfo(this.signerIdentifier, digestAlgorithmID, asn1Set, encAlgorithmIdentifier, new DerOctetString(array2), unauthenticatedAttributes));
            }
Example #9
0
            internal SignerInf(CmsSignedGenerator outer, AsymmetricKeyParameter key, SignerIdentifier signerIdentifier, string digestOID, string encOID, CmsAttributeTableGenerator sAttr, CmsAttributeTableGenerator unsAttr, Org.BouncyCastle.Asn1.Cms.AttributeTable baseSignedTable)
            {
                string digestAlgName = Helper.GetDigestAlgName(digestOID);
                string algorithm     = digestAlgName + "with" + Helper.GetEncryptionAlgName(encOID);

                this.outer            = outer;
                sigCalc               = new Asn1SignatureFactory(algorithm, key);
                this.signerIdentifier = signerIdentifier;
                this.digestOID        = digestOID;
                this.encOID           = encOID;
                this.sAttr            = sAttr;
                this.unsAttr          = unsAttr;
                this.baseSignedTable  = baseSignedTable;
            }
 internal SignerInf(
     CmsSignedGenerator outer,
     ISignatureFactory sigCalc,
     SignerIdentifier signerIdentifier,
     CmsAttributeTableGenerator sAttr,
     CmsAttributeTableGenerator unsAttr,
     Asn1.Cms.AttributeTable baseSignedTable)
 {
     this.outer = outer;
     this.sigCalc = sigCalc;
     this.signerIdentifier = signerIdentifier;
     this.digestOID = new DefaultDigestAlgorithmIdentifierFinder().find((AlgorithmIdentifier)sigCalc.AlgorithmDetails).Algorithm.Id;
     this.encOID = ((AlgorithmIdentifier)sigCalc.AlgorithmDetails).Algorithm.Id;
     this.sAttr = sAttr;
     this.unsAttr = unsAttr;
     this.baseSignedTable = baseSignedTable;
 }
 internal SignerInf(
     CmsSignedGenerator outer,
     AsymmetricKeyParameter key,
     X509Certificate cert,
     string digestOID,
     string encOID,
     CmsAttributeTableGenerator sAttr,
     CmsAttributeTableGenerator unsAttr,
     Asn1.Cms.AttributeTable baseSignedTable)
 {
     this.outer           = outer;
     this.key             = key;
     this.cert            = cert;
     this.digestOID       = digestOID;
     this.encOID          = encOID;
     this.sAttr           = sAttr;
     this.unsAttr         = unsAttr;
     this.baseSignedTable = baseSignedTable;
 }
			internal SignerInf(
                CmsSignedGenerator			outer,
	            AsymmetricKeyParameter		key,
	            SignerIdentifier			signerIdentifier,
	            string						digestOID,
	            string						encOID,
	            CmsAttributeTableGenerator	sAttr,
	            CmsAttributeTableGenerator	unsAttr,
	            Asn1.Cms.AttributeTable		baseSignedTable)
	        {
                this.outer = outer;
                this.key = key;
                this.signerIdentifier = signerIdentifier;
                this.digestOID = digestOID;
                this.encOID = encOID;
	            this.sAttr = sAttr;
	            this.unsAttr = unsAttr;
	            this.baseSignedTable = baseSignedTable;
            }
			internal SignerInf(
                CmsSignedGenerator			outer,
	            AsymmetricKeyParameter		key,
	            SignerIdentifier			signerIdentifier,
	            string						digestOID,
	            string						encOID,
	            CmsAttributeTableGenerator	sAttr,
	            CmsAttributeTableGenerator	unsAttr,
	            Asn1.Cms.AttributeTable		baseSignedTable)
	        {
                string digestName = Helper.GetDigestAlgName(digestOID);

                string signatureName = digestName + "with" + Helper.GetEncryptionAlgName(encOID);

                this.outer = outer;
                this.sigCalc = new Asn1SignatureFactory(signatureName, key);
                this.signerIdentifier = signerIdentifier;
                this.digestOID = digestOID;
                this.encOID = encOID;
	            this.sAttr = sAttr;
	            this.unsAttr = unsAttr;
	            this.baseSignedTable = baseSignedTable;
            }
 internal SignerInf(
     CmsSignedGenerator		outer,
     AsymmetricKeyParameter	key,
     X509Certificate			cert,
     string					digestOID,
     string					encOID)
 {
     this.outer = outer;
     this.key = key;
     this.cert = cert;
     this.digestOID = digestOID;
     this.encOID = encOID;
 }
 public void AddSigner(AsymmetricKeyParameter privateKey, X509Certificate cert, string encryptionOid, string digestOid, CmsAttributeTableGenerator signedAttrGenerator, CmsAttributeTableGenerator unsignedAttrGenerator)
 {
     this.DoAddSigner(privateKey, CmsSignedGenerator.GetSignerIdentifier(cert), encryptionOid, digestOid, signedAttrGenerator, unsignedAttrGenerator);
 }
 public void AddSigner(AsymmetricKeyParameter privateKey, byte[] subjectKeyID, string encryptionOid, string digestOid, CmsAttributeTableGenerator signedAttrGenerator, CmsAttributeTableGenerator unsignedAttrGenerator)
 {
     this.DoAddSigner(privateKey, CmsSignedGenerator.GetSignerIdentifier(subjectKeyID), encryptionOid, digestOid, signedAttrGenerator, unsignedAttrGenerator);
 }
            internal SignerInfo ToSignerInfo(
                DerObjectIdentifier contentType,
                CmsProcessable content,
                SecureRandom random,
                bool isCounterSignature)
            {
                AlgorithmIdentifier digAlgId = DigestAlgorithmID;
                string  digestName           = Helper.GetDigestAlgName(digestOID);
                IDigest dig = Helper.GetDigestInstance(digestName);

                string  signatureName = digestName + "with" + Helper.GetEncryptionAlgName(encOID);
                ISigner sig           = Helper.GetSignatureInstance(signatureName);

                // TODO Optimise the case where more than one signer with same digest
                if (content != null)
                {
                    content.Write(new DigOutputStream(dig));
                }

                byte[] hash = DigestUtilities.DoFinal(dig);
                outer._digests.Add(digestOID, hash.Clone());

                Asn1Set signedAttr = null;

                byte[] tmp;
                if (sAttr != null)
                {
                    IDictionary parameters = outer.GetBaseParameters(contentType, digAlgId, hash);

//					Asn1.Cms.AttributeTable signed = sAttr.GetAttributes(Collections.unmodifiableMap(parameters));
                    Asn1.Cms.AttributeTable signed = sAttr.GetAttributes(parameters);

                    if (isCounterSignature)
                    {
                        Hashtable tmpSigned = signed.ToHashtable();
                        tmpSigned.Remove(CmsAttributes.ContentType);
                        signed = new Asn1.Cms.AttributeTable(tmpSigned);
                    }

                    // TODO Validate proposed signed attributes

                    signedAttr = outer.GetAttributeSet(signed);

                    // sig must be composed from the DER encoding.
                    tmp = signedAttr.GetEncoded(Asn1Encodable.Der);
                }
                else
                {
                    // TODO Use raw signature of the hash value instead
                    MemoryStream bOut = new MemoryStream();
                    if (content != null)
                    {
                        content.Write(bOut);
                    }
                    tmp = bOut.ToArray();
                }

                sig.Init(true, new ParametersWithRandom(key, random));
                sig.BlockUpdate(tmp, 0, tmp.Length);
                byte[] sigBytes = sig.GenerateSignature();

                Asn1Set unsignedAttr = null;

                if (unsAttr != null)
                {
                    IDictionary baseParameters = outer.GetBaseParameters(contentType, digAlgId, hash);
                    baseParameters[CmsAttributeTableParameter.Signature] = sigBytes.Clone();

//					Asn1.Cms.AttributeTable unsigned = unsAttr.GetAttributes(Collections.unmodifiableMap(baseParameters));
                    Asn1.Cms.AttributeTable unsigned = unsAttr.GetAttributes(baseParameters);

                    // TODO Validate proposed unsigned attributes

                    unsignedAttr = outer.GetAttributeSet(unsigned);
                }

                // TODO[RSAPSS] Need the ability to specify non-default parameters
                Asn1Encodable       sigX509Parameters = SignerUtilities.GetDefaultX509Parameters(signatureName);
                AlgorithmIdentifier encAlgId          = CmsSignedGenerator.GetEncAlgorithmIdentifier(
                    new DerObjectIdentifier(encOID), sigX509Parameters);

                return(new SignerInfo(signerIdentifier, digAlgId,
                                      signedAttr, encAlgId, new DerOctetString(sigBytes), unsignedAttr));
            }
            public SignerInfo Generate(DerObjectIdentifier contentType, AlgorithmIdentifier digestAlgorithm,
                                       byte[] calculatedDigest)
            {
                try
                {
                    string digestName    = Helper.GetDigestAlgName(_digestOID);
                    string signatureName = digestName + "with" + _encName;

//					AlgorithmIdentifier digAlgId = DigestAlgorithmID;
//
//					byte[] hash = (byte[])outer._messageHashes[Helper.GetDigestAlgName(this._digestOID)];
//					outer._digests[_digestOID] = hash.Clone();

                    byte[] bytesToSign = calculatedDigest;

                    /* RFC 3852 5.4
                     * The result of the message digest calculation process depends on
                     * whether the signedAttrs field is present.  When the field is absent,
                     * the result is just the message digest of the content as described
                     *
                     * above.  When the field is present, however, the result is the message
                     * digest of the complete DER encoding of the SignedAttrs value
                     * contained in the signedAttrs field.
                     */
                    Asn1Set signedAttr = null;
                    if (_sAttr != null)
                    {
                        IDictionary parameters = outer.GetBaseParameters(
                            contentType, digestAlgorithm, calculatedDigest);
//						Asn1.Cms.AttributeTable signed = _sAttr.GetAttributes(Collections.unmodifiableMap(parameters));
                        Asn1.Cms.AttributeTable signed = _sAttr.GetAttributes(parameters);

                        // TODO Handle countersignatures (see CMSSignedDataGenerator)

                        signedAttr = outer.GetAttributeSet(signed);

                        // sig must be composed from the DER encoding.
                        bytesToSign = signedAttr.GetEncoded(Asn1Encodable.Der);
                    }
                    else
                    {
                        // Note: Need to use raw signatures here since we have already calculated the digest
                        if (_encName.Equals("RSA"))
                        {
                            DigestInfo dInfo = new DigestInfo(digestAlgorithm, calculatedDigest);
                            bytesToSign = dInfo.GetEncoded(Asn1Encodable.Der);
                        }
                    }

                    _sig.BlockUpdate(bytesToSign, 0, bytesToSign.Length);
                    byte[] sigBytes = _sig.GenerateSignature();

                    Asn1Set unsignedAttr = null;
                    if (_unsAttr != null)
                    {
                        IDictionary parameters = outer.GetBaseParameters(
                            contentType, digestAlgorithm, calculatedDigest);
                        parameters[CmsAttributeTableParameter.Signature] = sigBytes.Clone();

//						Asn1.Cms.AttributeTable unsigned = _unsAttr.getAttributes(Collections.unmodifiableMap(parameters));
                        Asn1.Cms.AttributeTable unsigned = _unsAttr.GetAttributes(parameters);

                        unsignedAttr = outer.GetAttributeSet(unsigned);
                    }

                    // TODO[RSAPSS] Need the ability to specify non-default parameters
                    Asn1Encodable       sigX509Parameters         = SignerUtilities.GetDefaultX509Parameters(signatureName);
                    AlgorithmIdentifier digestEncryptionAlgorithm = CmsSignedGenerator.GetEncAlgorithmIdentifier(
                        new DerObjectIdentifier(_encOID), sigX509Parameters);

                    return(new SignerInfo(_signerIdentifier, digestAlgorithm,
                                          signedAttr, digestEncryptionAlgorithm, new DerOctetString(sigBytes), unsignedAttr));
                }
                catch (IOException e)
                {
                    throw new CmsStreamException("encoding error.", e);
                }
                catch (SignatureException e)
                {
                    throw new CmsStreamException("error creating signature.", e);
                }
            }
            internal SignerInfo ToSignerInfo(
                DerObjectIdentifier contentType)
            {
                string digestName    = Helper.GetDigestAlgName(_digestOID);
                string encName       = Helper.GetEncryptionAlgName(_encOID);
                string signatureName = digestName + "with" + encName;

                AlgorithmIdentifier digAlgId = DigestAlgorithmID;

                byte[] hash = (byte[])outer._messageHashes[Helper.GetDigestAlgName(this._digestOID)];
                outer._digests[_digestOID] = hash.Clone();

                byte[]  bytesToSign = hash;
                ISigner sig;

                /* RFC 3852 5.4
                 * The result of the message digest calculation process depends on
                 * whether the signedAttrs field is present.  When the field is absent,
                 * the result is just the message digest of the content as described
                 *
                 * above.  When the field is present, however, the result is the message
                 * digest of the complete DER encoding of the SignedAttrs value
                 * contained in the signedAttrs field.
                 */
                Asn1Set signedAttr = null;

                if (_sAttr != null)
                {
                    IDictionary parameters = outer.GetBaseParameters(contentType, digAlgId, hash);
//					Asn1.Cms.AttributeTable signed = _sAttr.GetAttributes(Collections.unmodifiableMap(parameters));
                    Asn1.Cms.AttributeTable signed = _sAttr.GetAttributes(parameters);

                    // TODO Handle countersignatures (see CMSSignedDataGenerator)

                    signedAttr = outer.GetAttributeSet(signed);

                    // sig must be composed from the DER encoding.
                    bytesToSign = signedAttr.GetEncoded(Asn1Encodable.Der);
                    sig         = Helper.GetSignatureInstance(signatureName);
                }
                else
                {
                    // Note: Need to use raw signatures here since we have already calculated the digest
                    if (encName.Equals("RSA"))
                    {
                        DigestInfo dInfo = new DigestInfo(digAlgId, hash);
                        bytesToSign = dInfo.GetEncoded(Asn1Encodable.Der);
                        sig         = Helper.GetSignatureInstance("RSA");
                    }
                    else if (encName.Equals("DSA"))
                    {
                        sig = Helper.GetSignatureInstance("NONEwithDSA");
                    }
                    // TODO Add support for raw PSS
//					else if (encName.equals("RSAandMGF1"))
//					{
//						sig = CMSSignedHelper.INSTANCE.getSignatureInstance("NONEWITHRSAPSS", _sigProvider);
//						try
//						{
//							// Init the params this way to avoid having a 'raw' version of each PSS algorithm
//							Signature sig2 = CMSSignedHelper.INSTANCE.getSignatureInstance(signatureName, _sigProvider);
//							PSSParameterSpec spec = (PSSParameterSpec)sig2.getParameters().getParameterSpec(PSSParameterSpec.class);
//							sig.setParameter(spec);
//						}
//						catch (Exception e)
//						{
//							throw new SignatureException("algorithm: " + encName + " could not be configured.");
//						}
//					}
                    else
                    {
                        throw new SignatureException("algorithm: " + encName + " not supported in base signatures.");
                    }
                }

                sig.Init(true, new ParametersWithRandom(_key, outer.rand));
                sig.BlockUpdate(bytesToSign, 0, bytesToSign.Length);
                byte[] sigBytes = sig.GenerateSignature();

                Asn1Set unsignedAttr = null;

                if (_unsAttr != null)
                {
                    IDictionary parameters = outer.GetBaseParameters(contentType, digAlgId, hash);
                    parameters[CmsAttributeTableParameter.Signature] = sigBytes.Clone();

//					Asn1.Cms.AttributeTable unsigned = _unsAttr.getAttributes(Collections.unmodifiableMap(parameters));
                    Asn1.Cms.AttributeTable unsigned = _unsAttr.GetAttributes(parameters);

                    unsignedAttr = outer.GetAttributeSet(unsigned);
                }

                // TODO[RSAPSS] Need the ability to specify non-default parameters
                Asn1Encodable       sigX509Parameters = SignerUtilities.GetDefaultX509Parameters(signatureName);
                AlgorithmIdentifier encAlgId          = CmsSignedGenerator.GetEncAlgorithmIdentifier(
                    new DerObjectIdentifier(_encOID), sigX509Parameters);

                return(new SignerInfo(_signerIdentifier, digAlgId,
                                      signedAttr, encAlgId, new DerOctetString(sigBytes), unsignedAttr));
            }
Example #20
0
			internal SignerInf(
                CmsSignedGenerator		outer,
                AsymmetricKeyParameter	key,
                X509Certificate			cert,
                string					digestOID,
                string					encOID)
				: this(outer, key, cert, digestOID, encOID, null, null, null)
            {
	        }
Example #21
0
	        internal SignerInf(
                CmsSignedGenerator		outer,
	            AsymmetricKeyParameter	key,
	            byte[]					keyIdentifier,
	            string					digestOID,
	            string					encOID)
				: this(outer, key, keyIdentifier, digestOID, encOID, null, null, null)
	        {
	        }
            internal Asn1.Cms.SignerInfo ToSignerInfo(
                DerObjectIdentifier contentType,
                CmsProcessable content,
                SecureRandom random,
                bool isCounterSignature)
            {
                AlgorithmIdentifier digAlgId = new AlgorithmIdentifier(
                    new DerObjectIdentifier(this.DigestAlgOid), DerNull.Instance);
                AlgorithmIdentifier encAlgId = CmsSignedGenerator.GetEncAlgorithmIdentifier(this.EncryptionAlgOid);
                string  digestName           = Helper.GetDigestAlgName(digestOID);
                string  signatureName        = digestName + "with" + Helper.GetEncryptionAlgName(encOID);
                ISigner sig = Helper.GetSignatureInstance(signatureName);
                IDigest dig = Helper.GetDigestInstance(digestName);

                byte[] hash = null;

                if (content != null)
                {
                    content.Write(new DigOutputStream(dig));

                    hash = DigestUtilities.DoFinal(dig);

                    outer._digests.Add(digestOID, hash.Clone());
                }

                IDictionary parameters = outer.GetBaseParameters(contentType, digAlgId, hash);

                Asn1.Cms.AttributeTable signed = (sAttr != null)
//					?	sAttr.GetAttributes(Collections.unmodifiableMap(parameters))
                                        ?       sAttr.GetAttributes(parameters)
                                        :       null;

                if (isCounterSignature)
                {
                    Hashtable ats = signed.ToHashtable();

                    ats.Remove(CmsAttributes.ContentType);

                    signed = new Asn1.Cms.AttributeTable(ats);
                }

                Asn1Set signedAttr = outer.GetAttributeSet(signed);


                //
                // sig must be composed from the DER encoding.
                //
                byte[] tmp;
                if (signedAttr != null)
                {
                    tmp = signedAttr.GetEncoded(Asn1Encodable.Der);
                }
                else
                {
                    MemoryStream bOut = new MemoryStream();
                    content.Write(bOut);
                    tmp = bOut.ToArray();
                }

                sig.Init(true, new ParametersWithRandom(key, random));
                sig.BlockUpdate(tmp, 0, tmp.Length);

                Asn1OctetString encDigest = new DerOctetString(sig.GenerateSignature());

                IDictionary baseParameters = outer.GetBaseParameters(contentType, digAlgId, hash);

                baseParameters[CmsAttributeTableParameter.Signature] = encDigest.GetOctets().Clone();

                Asn1.Cms.AttributeTable unsigned = (unsAttr != null)
//					?	unsAttr.GetAttributes(Collections.unmodifiableMap(baseParameters))
                                        ?       unsAttr.GetAttributes(baseParameters)
                                        :       null;

                Asn1Set unsignedAttr = outer.GetAttributeSet(unsigned);

                X509Certificate  cert = this.GetCertificate();
                SignerIdentifier identifier;

                if (cert != null)
                {
                    TbsCertificateStructure tbs = TbsCertificateStructure.GetInstance(
                        Asn1Object.FromByteArray(cert.GetTbsCertificate()));
                    Asn1.Cms.IssuerAndSerialNumber encSid = new Asn1.Cms.IssuerAndSerialNumber(
                        tbs.Issuer, tbs.SerialNumber.Value);
                    identifier = new SignerIdentifier(encSid);
                }
                else
                {
                    identifier = new SignerIdentifier(new DerOctetString(keyIdentifier));
                }

                return(new Asn1.Cms.SignerInfo(identifier, digAlgId,
                                               signedAttr, encAlgId, encDigest, unsignedAttr));
            }
 public void AddSigner(AsymmetricKeyParameter privateKey, byte[] subjectKeyID, string encryptionOID, string digestOID)
 {
     this.doAddSigner(privateKey, CmsSignedGenerator.GetSignerIdentifier(subjectKeyID), encryptionOID, digestOID, new DefaultSignedAttributeTableGenerator(), null, null);
 }
            internal SignerInfo ToSignerInfo(
                DerObjectIdentifier contentType)
            {
                AlgorithmIdentifier digAlgId = new AlgorithmIdentifier(
                    new DerObjectIdentifier(this._digestOID), DerNull.Instance);
                AlgorithmIdentifier encAlgId = CmsSignedGenerator.GetEncAlgorithmIdentifier(this.EncryptionAlgOid);

                byte[] hash = (byte[])outer._messageHashes[Helper.GetDigestAlgName(this._digestOID)];

                outer._digests[_digestOID] = hash.Clone();

                IDictionary parameters = outer.GetBaseParameters(contentType, digAlgId, hash);

                Asn1.Cms.AttributeTable signed = (_sAttr != null)
//					?	_sAttr.GetAttributes(Collections.unmodifiableMap(parameters))
                                        ?       _sAttr.GetAttributes(parameters)
                                        :       null;

                Asn1Set signedAttr = outer.GetAttributeSet(signed);

                //
                // sig must be composed from the DER encoding.
                //
                byte[] tmp;
                if (signedAttr != null)
                {
                    tmp = signedAttr.GetEncoded(Asn1Encodable.Der);
                }
                else
                {
                    throw new Exception("signatures without signed attributes not implemented.");
                }

                _signature.BlockUpdate(tmp, 0, tmp.Length);

                Asn1OctetString encDigest = new DerOctetString(_signature.GenerateSignature());

                parameters = outer.GetBaseParameters(contentType, digAlgId, hash);
                parameters[CmsAttributeTableParameter.Signature] = encDigest.GetOctets().Clone();

                Asn1.Cms.AttributeTable unsigned = (_unsAttr != null)
//					?	_unsAttr.getAttributes(Collections.unmodifiableMap(parameters))
                                        ?       _unsAttr.GetAttributes(parameters)
                                        :       null;

                Asn1Set unsignedAttr = outer.GetAttributeSet(unsigned);

                X509Certificate  cert = this.Certificate;
                SignerIdentifier signerIdentifier;

                if (cert != null)
                {
                    TbsCertificateStructure tbs = TbsCertificateStructure.GetInstance(
                        Asn1Object.FromByteArray(cert.GetTbsCertificate()));
                    IssuerAndSerialNumber encSid = new IssuerAndSerialNumber(
                        tbs.Issuer, tbs.SerialNumber.Value);

                    signerIdentifier = new SignerIdentifier(encSid);
                }
                else
                {
                    signerIdentifier = new SignerIdentifier(new DerOctetString(_subjectKeyID));
                }

                return(new SignerInfo(signerIdentifier, digAlgId,
                                      signedAttr, encAlgId, encDigest, unsignedAttr));
            }
 public void AddSigner(AsymmetricKeyParameter privateKey, X509Certificate cert, string encryptionOID, string digestOID)
 {
     this.doAddSigner(privateKey, CmsSignedGenerator.GetSignerIdentifier(cert), encryptionOID, digestOID, new DefaultSignedAttributeTableGenerator(), null, null);
 }
Example #26
0
 public void AddSigner(AsymmetricKeyParameter privateKey, byte[] subjectKeyID, string encryptionOID, string digestOID, Org.BouncyCastle.Asn1.Cms.AttributeTable signedAttr, Org.BouncyCastle.Asn1.Cms.AttributeTable unsignedAttr)
 {
     doAddSigner(privateKey, CmsSignedGenerator.GetSignerIdentifier(subjectKeyID), encryptionOID, digestOID, new DefaultSignedAttributeTableGenerator(signedAttr), new SimpleAttributeTableGenerator(unsignedAttr), signedAttr);
 }
Example #27
0
 public void AddSigner(AsymmetricKeyParameter privateKey, byte[] subjectKeyID, string encryptionOID, string digestOID, CmsAttributeTableGenerator signedAttrGen, CmsAttributeTableGenerator unsignedAttrGen)
 {
     doAddSigner(privateKey, CmsSignedGenerator.GetSignerIdentifier(subjectKeyID), encryptionOID, digestOID, signedAttrGen, unsignedAttrGen, null);
 }
Example #28
0
 public void AddSigner(AsymmetricKeyParameter privateKey, X509Certificate cert, string encryptionOID, string digestOID, CmsAttributeTableGenerator signedAttrGen, CmsAttributeTableGenerator unsignedAttrGen)
 {
     doAddSigner(privateKey, CmsSignedGenerator.GetSignerIdentifier(cert), encryptionOID, digestOID, signedAttrGen, unsignedAttrGen, null);
 }
Example #29
0
            internal SignerInfo ToSignerInfo(
                DerObjectIdentifier contentType,
                CmsProcessable content,
                SecureRandom random)
            {
                AlgorithmIdentifier digAlgId = DigestAlgorithmID;
                string  digestName           = Helper.GetDigestAlgName(digestOID);
                IDigest dig = Helper.GetDigestInstance(digestName);

                //jbonilla
                string  signatureName = digestName + "with" + Helper.GetEncryptionAlgName(encOID);
                ISigner sig           = outer._signerProvider != null
                    ? outer._signerProvider : Helper.GetSignatureInstance(signatureName);

                byte[] hash = null;
                byte[] preCalculatedHash = ((CustomCMSSignedDataGenerator)outer).PreCalculatedDigest;

                if (preCalculatedHash != null)
                {
                    hash = preCalculatedHash;
                }
                else if (content != null)
                {
                    content.Write(new DigOutputStream(dig));

                    hash = DigestUtilities.DoFinal(dig);
                }

                outer._digests.Add(digestOID, hash.Clone());

                sig.Init(true, new ParametersWithRandom(key, random));
#if NETCF_1_0 || NETCF_2_0 || SILVERLIGHT
                Stream sigStr = new SigOutputStream(sig);
#else
                Stream sigStr = new BufferedStream(new SigOutputStream(sig));
#endif

                Asn1Set signedAttr = null;
                if (sAttr != null)
                {
                    IDictionary parameters = outer.GetBaseParameters(contentType, digAlgId, hash);

                    //Asn1.Cms.AttributeTable signed = sAttr.GetAttributes(Collections.unmodifiableMap(parameters));
                    Org.BouncyCastle.Asn1.Cms.AttributeTable signed = sAttr.GetAttributes(parameters);

                    if (contentType == null) //counter signature
                    {
                        if (signed != null && signed[CmsAttributes.ContentType] != null)
                        {
                            IDictionary tmpSigned = signed.ToDictionary();
                            tmpSigned.Remove(CmsAttributes.ContentType);
                            signed = new Org.BouncyCastle.Asn1.Cms.AttributeTable(tmpSigned);
                        }
                    }

                    // TODO Validate proposed signed attributes

                    signedAttr = outer.GetAttributeSet(signed);

                    // sig must be composed from the DER encoding.
                    new DerOutputStream(sigStr).WriteObject(signedAttr);
                }
                else if (content != null)
                {
                    // TODO Use raw signature of the hash value instead
                    content.Write(sigStr);
                }

                sigStr.Close();
                byte[] sigBytes = sig.GenerateSignature();

                Asn1Set unsignedAttr = null;
                if (unsAttr != null)
                {
                    IDictionary baseParameters = outer.GetBaseParameters(contentType, digAlgId, hash);
                    baseParameters[CmsAttributeTableParameter.Signature] = sigBytes.Clone();

//					Asn1.Cms.AttributeTable unsigned = unsAttr.GetAttributes(Collections.unmodifiableMap(baseParameters));
                    Asn1.Cms.AttributeTable unsigned = unsAttr.GetAttributes(baseParameters);

                    // TODO Validate proposed unsigned attributes

                    unsignedAttr = outer.GetAttributeSet(unsigned);
                }

                // TODO[RSAPSS] Need the ability to specify non-default parameters
                Asn1Encodable       sigX509Parameters = SignerUtilities.GetDefaultX509Parameters(signatureName);
                AlgorithmIdentifier encAlgId          = CmsSignedGenerator.GetEncAlgorithmIdentifier(
                    new DerObjectIdentifier(encOID), sigX509Parameters);

                return(new SignerInfo(signerIdentifier, digAlgId,
                                      signedAttr, encAlgId, new DerOctetString(sigBytes), unsignedAttr));
            }
 public void AddSigner(AsymmetricKeyParameter privateKey, X509Certificate cert, string encryptionOID, string digestOID, Org.BouncyCastle.Asn1.Cms.AttributeTable signedAttr, Org.BouncyCastle.Asn1.Cms.AttributeTable unsignedAttr)
 {
     this.doAddSigner(privateKey, CmsSignedGenerator.GetSignerIdentifier(cert), encryptionOID, digestOID, new DefaultSignedAttributeTableGenerator(signedAttr), new SimpleAttributeTableGenerator(unsignedAttr), signedAttr);
 }