/**
* base constructor - content with detached signature.
*
* @param signedContent the content that was signed.
* @param sigData the signature object.
*/
public CmsSignedData(
CmsProcessable signedContent,
Stream sigData)
: this(signedContent, CmsUtilities.ReadContentInfo(sigData))
{
}
public CmsSignedData(
CmsProcessable signedContent,
byte[] sigBlock)
: this(signedContent, CmsUtilities.ReadContentInfo(new MemoryStream(sigBlock, false)))
{
}
/**
* Content with detached signature, digests precomputed
*
* @param hashes a map of precomputed digests for content indexed by name of hash.
* @param sigBlock the signature object.
*/
public CmsSignedData(
IDictionary hashes,
byte[] sigBlock)
: this(hashes, CmsUtilities.ReadContentInfo(sigBlock))
{
}
public CmsSignedData(
byte[] sigBlock)
: this(CmsUtilities.ReadContentInfo(new MemoryStream(sigBlock, false)))
{
}
/**
* Replace the certificate and CRL information associated with this
* CmsSignedData object with the new one passed in.
*
* @param signedData the signed data object to be used as a base.
* @param x509Certs the new certificates to be used.
* @param x509Crls the new CRLs to be used.
* @return a new signed data object.
* @exception CmsException if there is an error processing the stores
*/
public static CmsSignedData ReplaceCertificatesAndCrls(
CmsSignedData signedData,
IX509Store x509Certs,
IX509Store x509Crls,
IX509Store x509AttrCerts)
{
if (x509AttrCerts != null)
{
throw Platform.CreateNotImplementedException("Currently can't replace attribute certificates");
}
//
// copy
//
CmsSignedData cms = new CmsSignedData(signedData);
//
// replace the certs and crls in the SignedData object
//
Asn1Set certs = null;
try
{
Asn1Set asn1Set = CmsUtilities.CreateBerSetFromList(
CmsUtilities.GetCertificatesFromStore(x509Certs));
if (asn1Set.Count != 0)
{
certs = asn1Set;
}
}
catch (X509StoreException e)
{
throw new CmsException("error getting certificates from store", e);
}
Asn1Set crls = null;
try
{
Asn1Set asn1Set = CmsUtilities.CreateBerSetFromList(
CmsUtilities.GetCrlsFromStore(x509Crls));
if (asn1Set.Count != 0)
{
crls = asn1Set;
}
}
catch (X509StoreException e)
{
throw new CmsException("error getting CRLs from store", e);
}
//
// replace the CMS structure.
//
SignedData old = signedData.signedData;
cms.signedData = new SignedData(
old.DigestAlgorithms,
old.EncapContentInfo,
certs,
crls,
old.SignerInfos);
//
// replace the contentInfo with the new one
//
cms.contentInfo = new ContentInfo(cms.contentInfo.ContentType, cms.signedData);
return(cms);
}
/**
* base constructor - with encapsulated content
*/
public CmsSignedData(
Stream sigData)
: this(CmsUtilities.ReadContentInfo(sigData))
{
}
protected Stream Open(
Stream outStr,
AlgorithmIdentifier macAlgId,
ICipherParameters cipherParameters,
Asn1EncodableVector recipientInfos)
{
try
{
//
// ContentInfo
//
BerSequenceGenerator cGen = new BerSequenceGenerator(outStr);
cGen.AddObject(CmsObjectIdentifiers.AuthenticatedData);
//
// Authenticated Data
//
BerSequenceGenerator authGen = new BerSequenceGenerator(
cGen.GetRawOutputStream(), 0, true);
authGen.AddObject(new DerInteger(AuthenticatedData.CalculateVersion(null)));
Stream authRaw = authGen.GetRawOutputStream();
Asn1Generator recipGen = _berEncodeRecipientSet
? (Asn1Generator) new BerSetGenerator(authRaw)
: new DerSetGenerator(authRaw);
foreach (Asn1Encodable ae in recipientInfos)
{
recipGen.AddObject(ae);
}
recipGen.Close();
authGen.AddObject(macAlgId);
BerSequenceGenerator eiGen = new BerSequenceGenerator(authRaw);
eiGen.AddObject(CmsObjectIdentifiers.Data);
Stream octetOutputStream = CmsUtilities.CreateBerOctetOutputStream(
eiGen.GetRawOutputStream(), 0, false, _bufferSize);
IMac mac = MacUtilities.GetMac(macAlgId.ObjectID);
// TODO Confirm no ParametersWithRandom needed
mac.Init(cipherParameters);
Stream mOut = new TeeOutputStream(octetOutputStream, new MacOutputStream(mac));
return(new CmsAuthenticatedDataOutputStream(mOut, mac, cGen, authGen, eiGen));
}
catch (SecurityUtilityException e)
{
throw new CmsException("couldn't create cipher.", e);
}
catch (InvalidKeyException e)
{
throw new CmsException("key invalid in message.", e);
}
catch (IOException e)
{
throw new CmsException("exception decoding algorithm parameters.", e);
}
}
public CmsAuthEnvelopedData(
Stream authEnvData)
: this(CmsUtilities.ReadContentInfo(authEnvData))
{
}
