/// <summary>
/// Initialize a new instance of the <see cref="CmsSigner"/> class.
/// </summary>
/// <remarks>
/// <para>The initial value of the <see cref="DigestAlgorithm"/> will
/// be set to <see cref="DigestAlgorithm.Sha256"/> and both the
/// <see cref="SignedAttributes"/> and <see cref="UnsignedAttributes"/> properties will be
/// initialized to empty tables.</para>
/// </remarks>
/// <param name="certificate">The signer's certificate.</param>
/// <param name="signerIdentifierType">The scheme used for identifying the signer certificate.</param>
/// <exception cref="System.ArgumentNullException">
/// <paramref name="certificate"/> is <c>null</c>.
/// </exception>
/// <exception cref="System.ArgumentException">
/// <paramref name="certificate"/> cannot be used for signing.
/// </exception>
public CmsSigner(X509Certificate2 certificate, SubjectIdentifierType signerIdentifierType = SubjectIdentifierType.IssuerAndSerialNumber) : this()
{
if (certificate == null)
{
throw new ArgumentNullException(nameof(certificate));
}
if (!certificate.HasPrivateKey)
{
throw new ArgumentException("The certificate does not contain a private key.", nameof(certificate));
}
var cert = certificate.AsBouncyCastleCertificate();
var key = certificate.PrivateKey.AsAsymmetricKeyParameter();
CheckCertificateCanBeUsedForSigning(cert);
if (signerIdentifierType != SubjectIdentifierType.SubjectKeyIdentifier)
{
SignerIdentifierType = SubjectIdentifierType.IssuerAndSerialNumber;
}
else
{
SignerIdentifierType = SubjectIdentifierType.SubjectKeyIdentifier;
}
CertificateChain = new X509CertificateChain();
CertificateChain.Add(cert);
Certificate = cert;
PrivateKey = key;
}
/// <summary>
/// Initialize a new instance of the <see cref="CmsRecipient"/> class.
/// </summary>
/// <remarks>
/// <para>Creates a new <see cref="CmsRecipient"/> based on the provided certificate.</para>
/// <para>If the X.509 certificate contains an S/MIME capability extension, the initial value of the
/// <see cref="EncryptionAlgorithms"/> property will be set to whatever encryption algorithms are
/// defined by the S/MIME capability extension, otherwise int will be initialized to a list
/// containing only the Triple-Des encryption algorithm which should be safe to assume for all
/// modern S/MIME v3.x client implementations.</para>
/// </remarks>
/// <param name="certificate">The recipient's certificate.</param>
/// <param name="recipientIdentifierType">The recipient identifier type.</param>
/// <exception cref="System.ArgumentNullException">
/// <paramref name="certificate"/> is <c>null</c>.
/// </exception>
public CmsRecipient (X509Certificate2 certificate, SubjectIdentifierType recipientIdentifierType = SubjectIdentifierType.IssuerAndSerialNumber)
{
if (certificate == null)
throw new ArgumentNullException (nameof (certificate));
if (recipientIdentifierType != SubjectIdentifierType.SubjectKeyIdentifier)
RecipientIdentifierType = SubjectIdentifierType.IssuerAndSerialNumber;
else
RecipientIdentifierType = SubjectIdentifierType.SubjectKeyIdentifier;
EncryptionAlgorithms = certificate.GetEncryptionAlgorithms ();
Certificate = certificate.AsBouncyCastleCertificate ();
}
/// <summary>
/// Initializes a new instance of the <see cref="MimeKit.Cryptography.CmsSigner"/> class.
/// </summary>
/// <remarks>
/// <para>The initial value of the <see cref="MimeKit.Cryptography.DigestAlgorithm"/> will
/// be set to <see cref="MimeKit.Cryptography.DigestAlgorithm.Sha1"/> and both the
/// <see cref="SignedAttributes"/> and <see cref="UnsignedAttributes"/> properties will be
/// initialized to empty tables.</para>
/// </remarks>
/// <param name="certificate">The signer's certificate.</param>
/// <exception cref="System.ArgumentNullException">
/// <paramref name="certificate"/> is <c>null</c>.
/// </exception>
/// <exception cref="System.ArgumentException">
/// <paramref name="certificate"/> cannot be used for signing.
/// </exception>
public CmsSigner(X509Certificate2 certificate) : this()
{
if (certificate == null)
{
throw new ArgumentNullException(nameof(certificate));
}
if (!certificate.HasPrivateKey)
{
throw new ArgumentException("The certificate does not contain a private key.", nameof(certificate));
}
var cert = certificate.AsBouncyCastleCertificate();
var key = certificate.PrivateKey.AsAsymmetricKeyParameter();
CheckCertificateCanBeUsedForSigning(cert);
CertificateChain = new X509CertificateChain();
CertificateChain.Add(cert);
Certificate = cert;
PrivateKey = key;
}