// Returns the signed digest
byte[] IBlockResult.Collect()
{
// The collected array contains the document digest and parameters
// to be signed but it needs to be further digested by the indended
// hashing algorithm
byte[] toDigest = m_stream.ToArray();
IDigest digester = DigestUtilities.GetDigest(m_digestAlgorithm.GetName());
digester.BlockUpdate(toDigest, 0, toDigest.Length);
byte[] digestValue = DigestUtilities.DoFinal(digester);
// Wrap digest value in DER encoding (should be RFC3770 compliant)
DigestInfo digestInfo = new DigestInfo(m_digestAlgorithm.GetAlgorithmIdentifier(), digestValue);
byte[] wrapped = digestInfo.GetDerEncoded();
return(signer(wrapped));
}
public virtual TimeStampResponse GetTimeStampResponse(DigestAlgorithm algorithm, byte[] digest)
{
this.digestAlgorithm = algorithm.GetName();
byte[] respBytes = null;
TimeStampRequestGenerator tsqGenerator = new TimeStampRequestGenerator();
tsqGenerator.SetCertReq(true);
// tsqGenerator.setReqPolicy("1.3.6.1.4.1.601.10.3.1");
BigInteger nonce = BigInteger.ValueOf(DateTime.Now.Ticks + Environment.TickCount);
TimeStampRequest request = tsqGenerator.Generate(DigestAlgorithms.GetAllowedDigests(digestAlgorithm), digest, nonce);
byte[] requestBytes = request.GetEncoded();
// Call the communications layer
respBytes = GetTSAResponse(requestBytes);
// Handle the TSA response
return new TimeStampResponse(respBytes);
}
public byte[] Sign(Stream stream, DigestAlgorithm digestAlgo, IDssPrivateKeyEntry keyEntry)
{
byte[] signedBytes;
if (keyEntry is KSX509Certificate2Entry)
{
var cert = ((KSX509Certificate2Entry)keyEntry).Cert2;
X509Certificate2Signature signer = new X509Certificate2Signature(cert, digestAlgo.GetName());
signedBytes = signer.Sign(Streams.ReadAll(stream));
stream.Close();
return signedBytes;
}
throw new ArgumentException("Only allowed KSX509Certificate2Entry", "keyEntry");
}