예제 #1
0
        /**
         * Replace the certificate and CRL information associated with this
         * CMSSignedData object with the new one passed in.
         * <p>
         * The output stream is returned unclosed.
         * </p>
         * @param original the signed data stream to be used as a base.
         * @param certsAndCrls the new certificates and CRLs to be used.
         * @param out the stream to Write the new signed data object to.
         * @return out.
         * @exception CmsException if there is an error processing the CertStore
         */

        public static Stream ReplaceCertificatesAndCrls(Stream original, IX509Store x509Certs, IX509Store x509Crls, IX509Store x509AttrCerts, Stream outStr)
        {
            // NB: SecureRandom would be ignored since using existing signatures only
            var gen    = new CmsSignedDataStreamGenerator();
            var parser = new CmsSignedDataParser(original);

            gen.AddDigests(parser.DigestOids);

            CmsTypedStream signedContent = parser.GetSignedContent();
            bool           encapsulate   = (signedContent != null);

            using (Stream contentOut = gen.Open(outStr, parser.SignedContentType.Id, encapsulate))
            {
                if (encapsulate)
                {
                    Streams.PipeAll(signedContent.ContentStream, contentOut);
                }

//			gen.AddAttributeCertificates(parser.GetAttributeCertificates("Collection"));
//			gen.AddCertificates(parser.GetCertificates("Collection"));
//			gen.AddCrls(parser.GetCrls("Collection"));
                if (x509AttrCerts != null)
                {
                    gen.AddAttributeCertificates(x509AttrCerts);
                }
                if (x509Certs != null)
                {
                    gen.AddCertificates(x509Certs);
                }
                if (x509Crls != null)
                {
                    gen.AddCrls(x509Crls);
                }

                gen.AddSigners(parser.GetSignerInfos());
            }

            return(outStr);
        }
            public CmsSignedDataOutputStream(CmsSignedDataStreamGenerator outer, Stream outStream, string contentOID, BerSequenceGenerator sGen,
                BerSequenceGenerator sigGen, BerSequenceGenerator eiGen)
            {
                _outer = outer;

                _out = outStream;
                _contentOID = new DerObjectIdentifier(contentOID);
                _sGen = sGen;
                _sigGen = sigGen;
                _eiGen = eiGen;
            }
            internal SignerInfoGeneratorImpl(CmsSignedDataStreamGenerator outer, AsymmetricKeyParameter key, SignerIdentifier signerIdentifier, string digestOID,
                string encOID, CmsAttributeTableGenerator sAttr, CmsAttributeTableGenerator unsAttr)
            {
                _outer = outer;

                _signerIdentifier = signerIdentifier;
                _digestOID = digestOID;
                _encOID = encOID;
                _sAttr = sAttr;
                _unsAttr = unsAttr;
                _encName = Helper.GetEncryptionAlgName(_encOID);

                string digestName = Helper.GetDigestAlgName(_digestOID);
                string signatureName = digestName + "with" + _encName;

                if (_sAttr != null)
                {
                    _sig = Helper.GetSignatureInstance(signatureName);
                }
                else
                {
                    // Note: Need to use raw signatures here since we have already calculated the digest
                    if (_encName.Equals("RSA"))
                    {
                        _sig = Helper.GetSignatureInstance("RSA");
                    }
                    else if (_encName.Equals("DSA"))
                    {
                        _sig = Helper.GetSignatureInstance("NONEwithDSA");
                    }
                        // TODO Add support for raw PSS
//					else if (_encName.equals("RSAandMGF1"))
//					{
//						_sig = CMSSignedHelper.INSTANCE.getSignatureInstance("NONEWITHRSAPSS", _sigProvider);
//						try
//						{
//							// Init the params this way to avoid having a 'raw' version of each PSS algorithm
//							Signature sig2 = CMSSignedHelper.INSTANCE.getSignatureInstance(signatureName, _sigProvider);
//							PSSParameterSpec spec = (PSSParameterSpec)sig2.getParameters().getParameterSpec(PSSParameterSpec.class);
//							_sig.setParameter(spec);
//						}
//						catch (Exception e)
//						{
//							throw new SignatureException("algorithm: " + _encName + " could not be configured.");
//						}
//					}
                    else
                    {
                        throw new SignatureException("algorithm: " + _encName + " not supported in base signatures.");
                    }
                }

                _sig.Init(true, new ParametersWithRandom(key, outer.rand));
            }
        /**
         * Replace the certificate and CRL information associated with this
         * CMSSignedData object with the new one passed in.
         * <p>
         * The output stream is returned unclosed.
         * </p>
         * @param original the signed data stream to be used as a base.
         * @param certsAndCrls the new certificates and CRLs to be used.
         * @param out the stream to Write the new signed data object to.
         * @return out.
         * @exception CmsException if there is an error processing the CertStore
         */

        public static Stream ReplaceCertificatesAndCrls(Stream original, IX509Store x509Certs, IX509Store x509Crls, IX509Store x509AttrCerts, Stream outStr)
        {
            // NB: SecureRandom would be ignored since using existing signatures only
            var gen = new CmsSignedDataStreamGenerator();
            var parser = new CmsSignedDataParser(original);

            gen.AddDigests(parser.DigestOids);

            CmsTypedStream signedContent = parser.GetSignedContent();
            bool encapsulate = (signedContent != null);

            using (Stream contentOut = gen.Open(outStr, parser.SignedContentType.Id, encapsulate))
            {
                if (encapsulate)
                {
                    Streams.PipeAll(signedContent.ContentStream, contentOut);
                }

//			gen.AddAttributeCertificates(parser.GetAttributeCertificates("Collection"));
//			gen.AddCertificates(parser.GetCertificates("Collection"));
//			gen.AddCrls(parser.GetCrls("Collection"));
                if (x509AttrCerts != null)
                {
                    gen.AddAttributeCertificates(x509AttrCerts);
                }
                if (x509Certs != null)
                {
                    gen.AddCertificates(x509Certs);
                }
                if (x509Crls != null)
                {
                    gen.AddCrls(x509Crls);
                }

                gen.AddSigners(parser.GetSignerInfos());
            }

            return outStr;
        }