/// <summary>
/// Initializes a new instance of the <see cref="MimeKit.Cryptography.CmsSigner"/> class.
/// </summary>
/// <remarks>
/// <para>The initial value of the <see cref="MimeKit.Cryptography.DigestAlgorithm"/> will
/// be set to <see cref="MimeKit.Cryptography.DigestAlgorithm.Sha1"/> and both the
/// <see cref="SignedAttributes"/> and <see cref="UnsignedAttributes"/> properties will be
/// initialized to empty tables.</para>
/// </remarks>
/// <param name="certificate">The signer's certificate.</param>
/// <param name="key">The signer's private key.</param>
/// <exception cref="System.ArgumentNullException">
/// <para><paramref name="certificate"/> is <c>null</c>.</para>
/// <para>-or-</para>
/// <para><paramref name="key"/> is <c>null</c>.</para>
/// </exception>
/// <exception cref="System.ArgumentException">
/// <para><paramref name="certificate"/> cannot be used for signing.</para>
/// <para>-or-</para>
/// <para><paramref name="key"/> is not a private key.</para>
/// </exception>
public CmsSigner(X509Certificate certificate, AsymmetricKeyParameter key) : this()
{
if (certificate == null)
{
throw new ArgumentNullException("certificate");
}
var flags = certificate.GetKeyUsageFlags();
if (flags != X509KeyUsageFlags.None && (flags & X509KeyUsageFlags.DigitalSignature) == 0)
{
throw new ArgumentException("The certificate cannot be used for signing.", "certificate");
}
if (key == null)
{
throw new ArgumentNullException("key");
}
if (!key.IsPrivate)
{
throw new ArgumentException("The key must be a private key.", "key");
}
CertificateChain = new X509CertificateChain();
CertificateChain.Add(certificate);
Certificate = certificate;
PrivateKey = key;
}
/// <summary>
/// Initializes a new instance of the <see cref="MimeKit.Cryptography.CmsSigner"/> class.
/// </summary>
/// <remarks>
/// <para>The initial value of the <see cref="DigestAlgorithm"/> will be set to
/// <see cref="MimeKit.Cryptography.DigestAlgorithm.Sha1"/> and both the
/// <see cref="SignedAttributes"/> and <see cref="UnsignedAttributes"/> properties
/// will be initialized to empty tables.</para>
/// </remarks>
/// <param name="chain">The chain of certificates starting with the signer's certificate back to the root.</param>
/// <param name="key">The signer's private key.</param>
/// <exception cref="System.ArgumentNullException">
/// <para><paramref name="chain"/> is <c>null</c>.</para>
/// <para>-or-</para>
/// <para><paramref name="key"/> is <c>null</c>.</para>
/// </exception>
/// <exception cref="System.ArgumentException">
/// <para><paramref name="chain"/> did not contain any certificates.</para>
/// <para>-or-</para>
/// <para>The certificate cannot be used for signing.</para>
/// <para>-or-</para>
/// <para><paramref name="key"/> is not a private key.</para>
/// </exception>
public CmsSigner(IEnumerable<X509CertificateEntry> chain, AsymmetricKeyParameter key)
: this()
{
if (chain == null)
throw new ArgumentNullException ("chain");
if (key == null)
throw new ArgumentNullException ("key");
CertificateChain = new X509CertificateChain ();
foreach (var entry in chain) {
CertificateChain.Add (entry.Certificate);
if (Certificate == null)
Certificate = entry.Certificate;
}
if (CertificateChain.Count == 0)
throw new ArgumentException ("The certificate chain was empty.", "chain");
CheckCertificateCanBeUsedForSigning (Certificate);
if (!key.IsPrivate)
throw new ArgumentException ("The key must be a private key.", "key");
PrivateKey = key;
}
/// <summary>
/// Initializes a new instance of the <see cref="MimeKit.Cryptography.CmsSigner"/> class.
/// </summary>
/// <remarks>
/// <para>The initial value of the <see cref="MimeKit.Cryptography.DigestAlgorithm"/> will
/// be set to <see cref="MimeKit.Cryptography.DigestAlgorithm.Sha1"/> and both the
/// <see cref="SignedAttributes"/> and <see cref="UnsignedAttributes"/> properties will be
/// initialized to empty tables.</para>
/// </remarks>
/// <param name="certificate">The signer's certificate.</param>
/// <exception cref="System.ArgumentNullException">
/// <paramref name="certificate"/> is <c>null</c>.
/// </exception>
/// <exception cref="System.ArgumentException">
/// <paramref name="certificate"/> cannot be used for signing.
/// </exception>
public CmsSigner(System.Security.Cryptography.X509Certificates.X509Certificate2 certificate)
: this()
{
if (certificate == null)
throw new ArgumentNullException ("certificate");
if (!certificate.HasPrivateKey)
throw new ArgumentException ("The certificate does not contain a private key.", "certificate");
var cert = DotNetUtilities.FromX509Certificate (certificate);
var key = DotNetUtilities.GetKeyPair (certificate.PrivateKey);
CheckCertificateCanBeUsedForSigning (cert);
CertificateChain = new X509CertificateChain ();
CertificateChain.Add (cert);
Certificate = cert;
PrivateKey = key.Private;
}
/// <summary>
/// Initializes a new instance of the <see cref="MimeKit.Cryptography.CmsSigner"/> class.
/// </summary>
/// <remarks>
/// <para>The initial value of the <see cref="MimeKit.Cryptography.DigestAlgorithm"/> will
/// be set to <see cref="MimeKit.Cryptography.DigestAlgorithm.Sha1"/> and both the
/// <see cref="SignedAttributes"/> and <see cref="UnsignedAttributes"/> properties will be
/// initialized to empty tables.</para>
/// </remarks>
/// <param name="certificate">The signer's certificate.</param>
/// <param name="key">The signer's private key.</param>
/// <exception cref="System.ArgumentNullException">
/// <para><paramref name="certificate"/> is <c>null</c>.</para>
/// <para>-or-</para>
/// <para><paramref name="key"/> is <c>null</c>.</para>
/// </exception>
/// <exception cref="System.ArgumentException">
/// <para><paramref name="certificate"/> cannot be used for signing.</para>
/// <para>-or-</para>
/// <para><paramref name="key"/> is not a private key.</para>
/// </exception>
public CmsSigner(X509Certificate certificate, AsymmetricKeyParameter key)
: this()
{
if (certificate == null)
throw new ArgumentNullException ("certificate");
CheckCertificateCanBeUsedForSigning (certificate);
if (key == null)
throw new ArgumentNullException ("key");
if (!key.IsPrivate)
throw new ArgumentException ("The key must be a private key.", "key");
CertificateChain = new X509CertificateChain ();
CertificateChain.Add (certificate);
Certificate = certificate;
PrivateKey = key;
}
/// <summary>
/// Initializes a new instance of the <see cref="MimeKit.Cryptography.CmsSigner"/> class.
/// </summary>
/// <remarks>
/// <para>The initial value of the <see cref="DigestAlgorithm"/> will be set to
/// <see cref="MimeKit.Cryptography.DigestAlgorithm.Sha1"/> and both the
/// <see cref="SignedAttributes"/> and <see cref="UnsignedAttributes"/> properties
/// will be initialized to empty tables.</para>
/// </remarks>
/// <param name="chain">The chain of certificates starting with the signer's certificate back to the root.</param>
/// <param name="key">The signer's private key.</param>
/// <exception cref="System.ArgumentNullException">
/// <para><paramref name="chain"/> is <c>null</c>.</para>
/// <para>-or-</para>
/// <para><paramref name="key"/> is <c>null</c>.</para>
/// </exception>
/// <exception cref="System.ArgumentException">
/// <para><paramref name="chain"/> did not contain any certificates.</para>
/// <para>-or-</para>
/// <para>The certificate cannot be used for signing.</para>
/// <para>-or-</para>
/// <para><paramref name="key"/> is not a private key.</para>
/// </exception>
public CmsSigner(IEnumerable <X509CertificateEntry> chain, AsymmetricKeyParameter key) : this()
{
if (chain == null)
{
throw new ArgumentNullException("chain");
}
if (key == null)
{
throw new ArgumentNullException("key");
}
CertificateChain = new X509CertificateChain();
foreach (var entry in chain)
{
CertificateChain.Add(entry.Certificate);
if (Certificate == null)
{
Certificate = entry.Certificate;
}
}
if (CertificateChain.Count == 0)
{
throw new ArgumentException("The certificate chain was empty.", "chain");
}
var flags = Certificate.GetKeyUsageFlags();
if (flags != X509KeyUsageFlags.None && (flags & X509KeyUsageFlags.DigitalSignature) == 0)
{
throw new ArgumentException("The certificate cannot be used for signing.");
}
if (!key.IsPrivate)
{
throw new ArgumentException("The key must be a private key.", "key");
}
PrivateKey = key;
}
/// <summary>
/// Initializes a new instance of the <see cref="MimeKit.Cryptography.CmsSigner"/> class.
/// </summary>
/// <remarks>
/// <para>The initial value of the <see cref="MimeKit.Cryptography.DigestAlgorithm"/> will
/// be set to <see cref="MimeKit.Cryptography.DigestAlgorithm.Sha1"/> and both the
/// <see cref="SignedAttributes"/> and <see cref="UnsignedAttributes"/> properties will be
/// initialized to empty tables.</para>
/// </remarks>
/// <param name="certificate">The signer's certificate.</param>
/// <exception cref="System.ArgumentNullException">
/// <paramref name="certificate"/> is <c>null</c>.
/// </exception>
/// <exception cref="System.ArgumentException">
/// <paramref name="certificate"/> cannot be used for signing.
/// </exception>
public CmsSigner(X509Certificate2 certificate) : this()
{
if (certificate == null)
{
throw new ArgumentNullException(nameof(certificate));
}
if (!certificate.HasPrivateKey)
{
throw new ArgumentException("The certificate does not contain a private key.", nameof(certificate));
}
var cert = DotNetUtilities.FromX509Certificate(certificate);
var key = DotNetUtilities.GetKeyPair(certificate.PrivateKey);
CheckCertificateCanBeUsedForSigning(cert);
CertificateChain = new X509CertificateChain();
CertificateChain.Add(cert);
Certificate = cert;
PrivateKey = key.Private;
}
