internal SignerInfo ToSignerInfo(DerObjectIdentifier contentType, CmsProcessable content, SecureRandom random)
{
AlgorithmIdentifier digestAlgorithmID = DigestAlgorithmID;
string digestAlgName = Helper.GetDigestAlgName(digestOID);
string algorithm = digestAlgName + "with" + Helper.GetEncryptionAlgName(encOID);
byte[] array;
if (outer._digests.Contains(digestOID))
{
array = (byte[])outer._digests[digestOID];
}
else
{
IDigest digestInstance = Helper.GetDigestInstance(digestAlgName);
content?.Write(new DigOutputStream(digestInstance));
array = DigestUtilities.DoFinal(digestInstance);
outer._digests.Add(digestOID, array.Clone());
}
IStreamCalculator streamCalculator = sigCalc.CreateCalculator();
Stream stream = new BufferedStream(streamCalculator.Stream);
Asn1Set asn1Set = null;
if (sAttr != null)
{
IDictionary baseParameters = outer.GetBaseParameters(contentType, digestAlgorithmID, array);
Org.BouncyCastle.Asn1.Cms.AttributeTable attributeTable = sAttr.GetAttributes(baseParameters);
if (contentType == null && attributeTable != null && attributeTable[CmsAttributes.ContentType] != null)
{
IDictionary dictionary = attributeTable.ToDictionary();
dictionary.Remove(CmsAttributes.ContentType);
attributeTable = new Org.BouncyCastle.Asn1.Cms.AttributeTable(dictionary);
}
asn1Set = outer.GetAttributeSet(attributeTable);
new DerOutputStream(stream).WriteObject(asn1Set);
}
else
{
content?.Write(stream);
}
Platform.Dispose(stream);
byte[] array2 = ((IBlockResult)streamCalculator.GetResult()).Collect();
Asn1Set unauthenticatedAttributes = null;
if (unsAttr != null)
{
IDictionary baseParameters2 = outer.GetBaseParameters(contentType, digestAlgorithmID, array);
baseParameters2[CmsAttributeTableParameter.Signature] = array2.Clone();
Org.BouncyCastle.Asn1.Cms.AttributeTable attributes = unsAttr.GetAttributes(baseParameters2);
unauthenticatedAttributes = outer.GetAttributeSet(attributes);
}
Asn1Encodable defaultX509Parameters = SignerUtilities.GetDefaultX509Parameters(algorithm);
AlgorithmIdentifier encAlgorithmIdentifier = Helper.GetEncAlgorithmIdentifier(new DerObjectIdentifier(encOID), defaultX509Parameters);
return(new SignerInfo(signerIdentifier, digestAlgorithmID, asn1Set, encAlgorithmIdentifier, new DerOctetString(array2), unauthenticatedAttributes));
}
internal SignerInfo ToSignerInfo(
DerObjectIdentifier contentType,
CmsProcessable content,
SecureRandom random,
bool isCounterSignature)
{
AlgorithmIdentifier digAlgId = DigestAlgorithmID;
string digestName = Helper.GetDigestAlgName(digestOID);
IDigest dig = Helper.GetDigestInstance(digestName);
string signatureName = digestName + "with" + Helper.GetEncryptionAlgName(encOID);
//ISigner sig moved there where used
// TODO Optimise the case where more than one signer with same digest
if (content != null)
{
content.Write(new DigOutputStream(dig));
}
byte[] hash = DigestUtilities.DoFinal(dig);
outer._digests.Add(digestOID, hash.Clone());
Asn1Set signedAttr = null;
byte[] tmp;
if (sAttr != null)
{
IDictionary parameters = outer.GetBaseParameters(contentType, digAlgId, hash);
// Asn1.Cms.AttributeTable signed = sAttr.GetAttributes(Collections.unmodifiableMap(parameters));
Asn1.Cms.AttributeTable signed = sAttr.GetAttributes(parameters);
if (isCounterSignature)
{
Hashtable tmpSigned = signed.ToHashtable();
tmpSigned.Remove(CmsAttributes.ContentType);
signed = new Asn1.Cms.AttributeTable(tmpSigned);
}
// TODO Validate proposed signed attributes
signedAttr = outer.GetAttributeSet(signed);
// sig must be composed from the DER encoding.
tmp = signedAttr.GetEncoded(Asn1Encodable.Der);
}
else
{
// TODO Use raw signature of the hash value instead
MemoryStream bOut = new MemoryStream();
if (content != null)
{
content.Write(bOut);
}
tmp = bOut.ToArray();
}
byte[] sigBytes = null;
if (krProv != null)
{
/*
* sig.GenerateSignature() supports the following hashes:
* MD2
* MD4
* MD5
* SHA1
* SHA224
* SHA256
* SHA384
* SHA512
* RIPEMD128
* RIPEMD160
* RIPEMD256
*
* krProv.SignData(tmp, digestName) supports the following digestName:
* MD5
* SHA1
* SHA256
* SHA384
* SHA512
*/
//sigBytes = krProv.SignData(tmp, digestName);
IDigest digProv = Helper.GetDigestInstance(digestName);
digProv.BlockUpdate(tmp, 0, tmp.Length);
byte[] hashProv = new byte[digProv.GetDigestSize()];
digProv.DoFinal(hashProv, 0);
sigBytes = krProv.SignHash(hashProv, digestOID);
}
else
{
ISigner sig = Helper.GetSignatureInstance(signatureName);//was moved
sig.Init(true, new ParametersWithRandom(key, random));
sig.BlockUpdate(tmp, 0, tmp.Length);
sigBytes = sig.GenerateSignature();
}
Asn1Set unsignedAttr = null;
if (unsAttr != null)
{
IDictionary baseParameters = outer.GetBaseParameters(contentType, digAlgId, hash);
baseParameters[CmsAttributeTableParameter.Signature] = sigBytes.Clone();
// Asn1.Cms.AttributeTable unsigned = unsAttr.GetAttributes(Collections.unmodifiableMap(baseParameters));
Asn1.Cms.AttributeTable unsigned = unsAttr.GetAttributes(baseParameters);
// TODO Validate proposed unsigned attributes
unsignedAttr = outer.GetAttributeSet(unsigned);
}
// TODO [RSAPSS] Need the ability to specify non-default parameters
Asn1Encodable sigX509Parameters = SignerUtilities.GetDefaultX509Parameters(signatureName);
AlgorithmIdentifier encAlgId = CmsSignedGenerator.GetEncAlgorithmIdentifier(
new DerObjectIdentifier(encOID), sigX509Parameters);
return(new SignerInfo(signerIdentifier, digAlgId,
signedAttr, encAlgId, new DerOctetString(sigBytes), unsignedAttr));
}