public byte[] Encode() { if (!_hasData) { throw new InvalidOperationException(SR.Cryptography_Cms_MessageNotSigned); } return(PkcsHelpers.EncodeContentInfo(_signedData, Oids.Pkcs7Signed)); }
public byte[] Encode() { if (!_hasData) { throw new InvalidOperationException(SR.Cryptography_Cms_MessageNotSigned); } using (AsnWriter writer = new AsnWriter(AsnEncodingRules.DER)) { _signedData.Encode(writer); return(PkcsHelpers.EncodeContentInfo(writer.Encode(), Oids.Pkcs7Signed)); } }
public byte[] Encode() { if (!_hasData) { throw new InvalidOperationException(SR.Cryptography_Cms_MessageNotSigned); } try { using (AsnWriter writer = new AsnWriter(AsnEncodingRules.DER)) { _signedData.Encode(writer); return(PkcsHelpers.EncodeContentInfo(writer.Encode(), Oids.Pkcs7Signed)); } } catch (CryptographicException) when(!Detached) { // If we can't write the contents back out then the most likely culprit is an // indefinite length encoding in the content field. To preserve as much input data // as possible while still maintaining our expectations of sorting any SET OF values, // do the following: // * Write the DER normalized version of the SignedData in detached mode. // * BER-decode that structure // * Copy the content field over // * BER-write the modified structure. SignedDataAsn copy = _signedData; copy.EncapContentInfo.Content = null; Debug.Assert(_signedData.EncapContentInfo.Content != null); using (AsnWriter detachedWriter = new AsnWriter(AsnEncodingRules.DER)) { copy.Encode(detachedWriter); copy = SignedDataAsn.Decode(detachedWriter.Encode(), AsnEncodingRules.BER); } copy.EncapContentInfo.Content = _signedData.EncapContentInfo.Content; using (AsnWriter attachedWriter = new AsnWriter(AsnEncodingRules.BER)) { copy.Encode(attachedWriter); return(PkcsHelpers.EncodeContentInfo(attachedWriter.Encode(), Oids.Pkcs7Signed)); } } }
private byte[] Encrypt( CmsRecipientCollection recipients, ContentInfo contentInfo, AlgorithmIdentifier contentEncryptionAlgorithm, X509Certificate2Collection originatorCerts, CryptographicAttributeObjectCollection unprotectedAttributes, byte[] encryptedContent, byte[] cek, byte[] parameterBytes) { EnvelopedDataAsn envelopedData = new EnvelopedDataAsn { EncryptedContentInfo = { ContentType = contentInfo.ContentType.Value, ContentEncryptionAlgorithm = { Algorithm = contentEncryptionAlgorithm.Oid, Parameters = parameterBytes, }, EncryptedContent = encryptedContent, }, }; if (unprotectedAttributes != null && unprotectedAttributes.Count > 0) { List <AttributeAsn> attrList = CmsSigner.BuildAttributes(unprotectedAttributes); envelopedData.UnprotectedAttributes = PkcsHelpers.NormalizeSet(attrList.ToArray()); } if (originatorCerts != null && originatorCerts.Count > 0) { CertificateChoiceAsn[] certs = new CertificateChoiceAsn[originatorCerts.Count]; for (int i = 0; i < originatorCerts.Count; i++) { certs[i].Certificate = originatorCerts[i].RawData; } envelopedData.OriginatorInfo = new OriginatorInfoAsn { CertificateSet = certs, }; } envelopedData.RecipientInfos = new RecipientInfoAsn[recipients.Count]; bool allRecipientsVersion0 = true; for (var i = 0; i < recipients.Count; i++) { CmsRecipient recipient = recipients[i]; bool v0Recipient; switch (recipient.Certificate.GetKeyAlgorithm()) { case Oids.Rsa: envelopedData.RecipientInfos[i].Ktri = MakeKtri(cek, recipient, out v0Recipient); break; default: throw new CryptographicException( SR.Cryptography_Cms_UnknownAlgorithm, recipient.Certificate.GetKeyAlgorithm()); } allRecipientsVersion0 = allRecipientsVersion0 && v0Recipient; } // https://tools.ietf.org/html/rfc5652#section-6.1 // // v4 (RFC 3852): // * OriginatorInfo contains certificates with type other (not supported) // * OriginatorInfo contains crls with type other (not supported) // v3 (RFC 3369): // * OriginatorInfo contains v2 attribute certificates (not supported) // * Any PWRI (password) recipients are present (not supported) // * Any ORI (other) recipients are present (not supported) // v2 (RFC 2630): // * OriginatorInfo is present // * Any RecipientInfo has a non-zero version number // * UnprotectedAttrs is present // v1 (not defined for EnvelopedData) // v0 (RFC 2315): // * Anything not already matched if (envelopedData.OriginatorInfo != null || !allRecipientsVersion0 || envelopedData.UnprotectedAttributes != null) { envelopedData.Version = 2; } return(PkcsHelpers.EncodeContentInfo(envelopedData, Oids.Pkcs7Enveloped)); }