private static Asn1Set GetAsn1Set( Asn1SetParser asn1SetParser) { return(asn1SetParser == null ? null : Asn1Set.GetInstance(asn1SetParser.ToAsn1Object())); }
public CmsEnvelopedDataParser( Stream envelopedData) : base(envelopedData) { this._attrNotRead = true; this.envelopedData = new EnvelopedDataParser( (Asn1SequenceParser)this.contentInfo.GetContent(Asn1Tags.Sequence)); // // load the RecepientInfoStore // Asn1SetParser s = this.envelopedData.GetRecipientInfos(); IList baseInfos = new ArrayList(); Asn1Set set = Asn1Set.GetInstance(s.ToAsn1Object()); foreach (object o in set) { baseInfos.Add(RecipientInfo.GetInstance(o)); } // // read the encrypted content info // EncryptedContentInfoParser encInfo = this.envelopedData.GetEncryptedContentInfo(); this._encAlg = encInfo.ContentEncryptionAlgorithm; // // prime the recepients // IList infos = new ArrayList(); Stream dataStream = ((Asn1OctetStringParser)encInfo.GetEncryptedContent(Asn1Tags.OctetString)).GetOctetStream(); foreach (Asn1.Cms.RecipientInfo info in baseInfos) { Asn1Encodable recipInfo = info.Info; if (recipInfo is Asn1.Cms.KeyTransRecipientInfo) { infos.Add(new KeyTransRecipientInformation( (KeyTransRecipientInfo)recipInfo, _encAlg, dataStream)); } else if (recipInfo is Asn1.Cms.KekRecipientInfo) { infos.Add(new KekRecipientInformation( (KekRecipientInfo)recipInfo, _encAlg, dataStream)); } else if (recipInfo is KeyAgreeRecipientInfo) { infos.Add(new KeyAgreeRecipientInformation( (KeyAgreeRecipientInfo)recipInfo, _encAlg, dataStream)); } else if (recipInfo is PasswordRecipientInfo) { infos.Add(new PasswordRecipientInformation( (PasswordRecipientInfo)recipInfo, _encAlg, dataStream)); } } this.recipientInfoStore = new RecipientInformationStore(infos); }
private static Asn1Set GetAsn1Set(Asn1SetParser asn1SetParser) { if (asn1SetParser != null) { return(Asn1Set.GetInstance(asn1SetParser.ToAsn1Object())); } return(null); }
private static Asn1Set GetAsn1Set( Asn1SetParser asn1SetParser) { return asn1SetParser == null ? null : Asn1Set.GetInstance(asn1SetParser.ToAsn1Object()); }
private ITestResult EnvelopedTest() { try { // Key trans ContentInfo info = ContentInfo.GetInstance( Asn1Object.FromByteArray(envDataKeyTrns)); EnvelopedData envData = EnvelopedData.GetInstance(info.Content); Asn1Set s = envData.RecipientInfos; if (s.Count != 1) { return(new SimpleTestResult(false, Name + ": CMS KeyTrans enveloped, wrong number of recipients")); } RecipientInfo recip = RecipientInfo.GetInstance(s[0]); if (recip.Info is KeyTransRecipientInfo) { KeyTransRecipientInfo inf = KeyTransRecipientInfo.GetInstance(recip.Info); inf = new KeyTransRecipientInfo(inf.RecipientIdentifier, inf.KeyEncryptionAlgorithm, inf.EncryptedKey); s = new DerSet(new RecipientInfo(inf)); } else { return(new SimpleTestResult(false, Name + ": CMS KeyTrans enveloped, wrong recipient type")); } envData = new EnvelopedData(envData.OriginatorInfo, s, envData.EncryptedContentInfo, envData.UnprotectedAttrs); info = new ContentInfo(CmsObjectIdentifiers.EnvelopedData, envData); if (!Arrays.AreEqual(info.GetEncoded(), envDataKeyTrns)) { return(new SimpleTestResult(false, Name + ": CMS KeyTrans enveloped failed to re-encode")); } // KEK info = ContentInfo.GetInstance( Asn1Object.FromByteArray(envDataKEK)); envData = EnvelopedData.GetInstance(info.Content); s = envData.RecipientInfos; if (s.Count != 1) { return(new SimpleTestResult(false, Name + ": CMS KEK enveloped, wrong number of recipients")); } recip = RecipientInfo.GetInstance(s[0]); if (recip.Info is KekRecipientInfo) { KekRecipientInfo inf = KekRecipientInfo.GetInstance(recip.Info); inf = new KekRecipientInfo(inf.KekID, inf.KeyEncryptionAlgorithm, inf.EncryptedKey); s = new DerSet(new RecipientInfo(inf)); } else { return(new SimpleTestResult(false, Name + ": CMS KEK enveloped, wrong recipient type")); } envData = new EnvelopedData(envData.OriginatorInfo, s, envData.EncryptedContentInfo, envData.UnprotectedAttrs); info = new ContentInfo(CmsObjectIdentifiers.EnvelopedData, envData); if (!Arrays.AreEqual(info.GetEncoded(), envDataKEK)) { return(new SimpleTestResult(false, Name + ": CMS KEK enveloped failed to re-encode")); } // Nested NDEF problem Asn1StreamParser asn1In = new Asn1StreamParser(new MemoryStream(envDataNestedNDEF, false)); ContentInfoParser ci = new ContentInfoParser((Asn1SequenceParser)asn1In.ReadObject()); EnvelopedDataParser ed = new EnvelopedDataParser((Asn1SequenceParser)ci .GetContent(Asn1Tags.Sequence)); Touch(ed.Version); ed.GetOriginatorInfo(); ed.GetRecipientInfos().ToAsn1Object(); EncryptedContentInfoParser eci = ed.GetEncryptedContentInfo(); Touch(eci.ContentType); Touch(eci.ContentEncryptionAlgorithm); Stream dataIn = ((Asn1OctetStringParser)eci.GetEncryptedContent(Asn1Tags.OctetString)) .GetOctetStream(); Streams.Drain(dataIn); dataIn.Close(); // Test data doesn't have unprotected attrs, bug was being thrown by this call Asn1SetParser upa = ed.GetUnprotectedAttrs(); if (upa != null) { upa.ToAsn1Object(); } return(new SimpleTestResult(true, Name + ": Okay")); } catch (Exception e) { return(new SimpleTestResult(false, Name + ": CMS enveloped failed - " + e.ToString(), e)); } }
/** * Replace the certificate and CRL information associated with this * CMSSignedData object with the new one passed in. * <p> * The output stream is returned unclosed. * </p> * @param original the signed data stream to be used as a base. * @param certsAndCrls the new certificates and CRLs to be used. * @param out the stream to Write the new signed data object to. * @return out. * @exception CmsException if there is an error processing the CertStore */ public static Stream ReplaceCertificatesAndCrls( Stream original, IX509Store x509Certs, IX509Store x509Crls, IX509Store x509AttrCerts, Stream outStr) { if (x509AttrCerts != null) { throw new NotImplementedException("Currently can't replace attribute certificates"); } Asn1StreamParser inStr = new Asn1StreamParser(original, CmsUtilities.MaximumMemory); ContentInfoParser contentInfo = new ContentInfoParser((Asn1SequenceParser)inStr.ReadObject()); SignedDataParser signedData = SignedDataParser.GetInstance(contentInfo.GetContent(Asn1Tags.Sequence)); BerSequenceGenerator sGen = new BerSequenceGenerator(outStr); sGen.AddObject(CmsObjectIdentifiers.SignedData); BerSequenceGenerator sigGen = new BerSequenceGenerator(sGen.GetRawOutputStream(), 0, true); // version number sigGen.AddObject(signedData.Version); // digests WriteToGenerator(sigGen, signedData.GetDigestAlgorithms().ToAsn1Object()); // encap content info ContentInfoParser encapContentInfo = signedData.GetEncapContentInfo(); BerSequenceGenerator eiGen = new BerSequenceGenerator(sigGen.GetRawOutputStream()); eiGen.AddObject(encapContentInfo.ContentType); Asn1OctetStringParser octs = (Asn1OctetStringParser)encapContentInfo.GetContent(Asn1Tags.OctetString); if (octs != null) { BerOctetStringGenerator octGen = new BerOctetStringGenerator(eiGen.GetRawOutputStream(), 0, true); byte[] inBuffer = new byte[4096]; byte[] outBuffer = new byte[4096]; Stream inOctets = octs.GetOctetStream(); Stream outOctets = octGen.GetOctetOutputStream(outBuffer); int len; while ((len = inOctets.Read(inBuffer, 0, inBuffer.Length)) > 0) { outOctets.Write(inBuffer, 0, len); } outOctets.Close(); } eiGen.Close(); // // skip existing certs and CRLs // Asn1SetParser set = signedData.GetCertificates(); if (set != null) { set.ToAsn1Object(); } set = signedData.GetCrls(); if (set != null) { set.ToAsn1Object(); } // // replace the certs and crls in the SignedData object // Asn1Set certs; try { certs = CmsUtilities.CreateDerSetFromList( CmsUtilities.GetCertificatesFromStore(x509Certs)); } catch (X509StoreException e) { throw new CmsException("error getting certs from certStore", e); } if (certs.Count > 0) { WriteToGenerator(sigGen, new DerTaggedObject(false, 0, certs)); } Asn1Set crls; try { crls = CmsUtilities.CreateDerSetFromList( CmsUtilities.GetCrlsFromStore(x509Crls)); } catch (X509StoreException e) { throw new CmsException("error getting crls from certStore", e); } if (crls.Count > 0) { WriteToGenerator(sigGen, new DerTaggedObject(false, 1, crls)); } WriteToGenerator(sigGen, signedData.GetSignerInfos().ToAsn1Object()); sigGen.Close(); sGen.Close(); return(outStr); }
/** * Replace the signerinformation store associated with the passed * in message contained in the stream original with the new one passed in. * You would probably only want to do this if you wanted to change the unsigned * attributes associated with a signer, or perhaps delete one. * <p> * The output stream is returned unclosed. * </p> * @param original the signed data stream to be used as a base. * @param signerInformationStore the new signer information store to use. * @param out the stream to Write the new signed data object to. * @return out. */ public static Stream ReplaceSigners( Stream original, SignerInformationStore signerInformationStore, Stream outStr) { Asn1StreamParser inStr = new Asn1StreamParser(original, CmsUtilities.MaximumMemory); ContentInfoParser contentInfo = new ContentInfoParser((Asn1SequenceParser)inStr.ReadObject()); SignedDataParser signedData = SignedDataParser.GetInstance(contentInfo.GetContent(Asn1Tags.Sequence)); BerSequenceGenerator sGen = new BerSequenceGenerator(outStr); sGen.AddObject(CmsObjectIdentifiers.SignedData); BerSequenceGenerator sigGen = new BerSequenceGenerator(sGen.GetRawOutputStream(), 0, true); // version number sigGen.AddObject(signedData.Version); // digests signedData.GetDigestAlgorithms().ToAsn1Object(); // skip old ones Asn1EncodableVector digestAlgs = new Asn1EncodableVector(); foreach (SignerInformation signer in signerInformationStore.GetSigners()) { digestAlgs.Add(FixAlgID(signer.DigestAlgorithmID)); } WriteToGenerator(sigGen, new DerSet(digestAlgs)); // encap content info ContentInfoParser encapContentInfo = signedData.GetEncapContentInfo(); BerSequenceGenerator eiGen = new BerSequenceGenerator(sigGen.GetRawOutputStream()); eiGen.AddObject(encapContentInfo.ContentType); Asn1OctetStringParser octs = (Asn1OctetStringParser)encapContentInfo.GetContent(Asn1Tags.OctetString); if (octs != null) { BerOctetStringGenerator octGen = new BerOctetStringGenerator( eiGen.GetRawOutputStream(), 0, true); byte[] inBuffer = new byte[4096]; byte[] outBuffer = new byte[4096]; Stream inOctets = octs.GetOctetStream(); Stream outOctets = octGen.GetOctetOutputStream(outBuffer); int len; while ((len = inOctets.Read(inBuffer, 0, inBuffer.Length)) > 0) { outOctets.Write(inBuffer, 0, len); } outOctets.Close(); } eiGen.Close(); { Asn1SetParser set = signedData.GetCertificates(); if (set != null) { Asn1Object setObj = set.ToAsn1Object(); Asn1TaggedObject taggedObj = (set is BerSetParser) ? new BerTaggedObject(false, 0, setObj) : new DerTaggedObject(false, 0, setObj); WriteToGenerator(sigGen, taggedObj); } } { Asn1SetParser set = signedData.GetCrls(); if (set != null) { Asn1Object setObj = set.ToAsn1Object(); Asn1TaggedObject taggedObj = (set is BerSetParser) ? new BerTaggedObject(false, 1, setObj) : new DerTaggedObject(false, 1, setObj); WriteToGenerator(sigGen, taggedObj); } } Asn1EncodableVector signerInfos = new Asn1EncodableVector(); foreach (SignerInformation signer in signerInformationStore.GetSigners()) { signerInfos.Add(signer.ToSignerInfo()); } WriteToGenerator(sigGen, new DerSet(signerInfos)); sigGen.Close(); sGen.Close(); return(outStr); }