/**
* Creates an ExternalSignature instance
* @param pk a PrivateKey object
* @param hashAlgorithm the hash algorithm (e.g. "SHA-1", "SHA-256",...)
* @param provider the security provider (e.g. "BC")
*/
public PrivateKeySignature(ICipherParameters pk, String hashAlgorithm) {
this.pk = pk;
this.hashAlgorithm = DigestAlgorithms.GetDigest(DigestAlgorithms.GetAllowedDigests(hashAlgorithm));
if (pk is RsaKeyParameters)
encryptionAlgorithm = "RSA";
else if (pk is DsaKeyParameters)
encryptionAlgorithm = "DSA";
else
throw new ArgumentException(MessageLocalization.GetComposedMessage("unknown.key.algorithm.1", pk.ToString()));
}
public static String GetAlgorithm(this ICipherParameters cp)
{
String algorithm;
if (cp is RsaKeyParameters)
{
algorithm = "RSA";
}
else if (cp is DsaKeyParameters)
{
algorithm = "DSA";
}
else if (cp is ECKeyParameters)
{
algorithm = "ECDSA";
}
else
{
throw new PdfException("unknown.key.algorithm {0}").SetMessageParams(cp.ToString());
}
return(algorithm);
}
internal static String GetPrivateKeyAlgorithm(ICipherParameters cp)
{
String algorithm;
if (cp is RsaKeyParameters)
{
algorithm = "RSA";
}
else if (cp is DsaKeyParameters)
{
algorithm = "DSA";
}
else if (cp is ECKeyParameters)
{
algorithm = ((ECKeyParameters)cp).AlgorithmName;
if (algorithm == "EC")
{
algorithm = "ECDSA";
}
}
else
{
throw new PdfException(PdfException.UnknownKeyAlgorithm1).SetMessageParams(cp.ToString());
}
return(algorithm);
}
/**
* Generates a signature.
* @param privKey the private key
* @param certChain the certificate chain
* @param crlList the certificate revocation list
* @param hashAlgorithm the hash algorithm
* @param provider the provider or <code>null</code> for the default provider
* @param hasRSAdata <CODE>true</CODE> if the sub-filter is adbe.pkcs7.sha1
* @throws SecurityException on error
* @throws InvalidKeyException on error
* @throws NoSuchProviderException on error
* @throws NoSuchAlgorithmException on error
*/
public PdfPKCS7(ICipherParameters privKey, X509Certificate[] certChain, object[] crlList,
String hashAlgorithm, bool hasRSAdata) {
this.privKey = privKey;
digestAlgorithm = (String)allowedDigests[hashAlgorithm.ToUpper(CultureInfo.InvariantCulture)];
if (digestAlgorithm == null)
throw new ArgumentException("Unknown Hash Algorithm "+hashAlgorithm);
version = signerversion = 1;
certs = new ArrayList();
crls = new ArrayList();
digestalgos = new Hashtable();
digestalgos[digestAlgorithm] = null;
//
// Copy in the certificates and crls used to sign the private key.
//
signCert = certChain[0];
for (int i = 0;i < certChain.Length;i++) {
certs.Add(certChain[i]);
}
// if (crlList != null) {
// for (int i = 0;i < crlList.length;i++) {
// crls.Add(crlList[i]);
// }
// }
if (privKey != null) {
//
// Now we have private key, find out what the digestEncryptionAlgorithm is.
//
if (privKey is RsaKeyParameters)
digestEncryptionAlgorithm = ID_RSA;
else if (privKey is DsaKeyParameters)
digestEncryptionAlgorithm = ID_DSA;
else
throw new ArgumentException("Unknown Key Algorithm "+privKey.ToString());
}
if (hasRSAdata) {
RSAdata = new byte[0];
messageDigest = GetHashClass();
}
if (privKey != null) {
sig = SignerUtilities.GetSigner(GetDigestAlgorithm());
sig.Init(true, privKey);
}
}
// Constructors for creating new signatures
/**
* Assembles all the elements needed to create a signature, except for the data.
* @param privKey the private key
* @param certChain the certificate chain
* @param crlList the certificate revocation list
* @param hashAlgorithm the hash algorithm
* @param provider the provider or <code>null</code> for the default provider
* @param hasRSAdata <CODE>true</CODE> if the sub-filter is adbe.pkcs7.sha1
* @throws InvalidKeyException on error
* @throws NoSuchProviderException on error
* @throws NoSuchAlgorithmException on error
*/
public PdfPKCS7(ICipherParameters privKey, ICollection<X509Certificate> certChain,
String hashAlgorithm, bool hasRSAdata)
{
digestAlgorithmOid = DigestAlgorithms.GetAllowedDigests(hashAlgorithm);
if (digestAlgorithmOid == null)
throw new ArgumentException(MessageLocalization.GetComposedMessage("unknown.hash.algorithm.1", hashAlgorithm));
version = signerversion = 1;
certs = new List<X509Certificate>(certChain);
crls = new List<X509Crl>();
digestalgos = new Dictionary<string,object>();
digestalgos[digestAlgorithmOid] = null;
//
// Copy in the certificates and crls used to sign the private key.
//
signCert = certs[0];
if (privKey != null) {
//
// Now we have private key, find out what the digestEncryptionAlgorithm is.
//
if (privKey is RsaKeyParameters)
digestEncryptionAlgorithmOid = SecurityIDs.ID_RSA;
else if (privKey is DsaKeyParameters)
digestEncryptionAlgorithmOid = SecurityIDs.ID_DSA;
else
throw new ArgumentException(MessageLocalization.GetComposedMessage("unknown.key.algorithm.1", privKey.ToString()));
}
if (hasRSAdata) {
RSAdata = new byte[0];
messageDigest = GetHashClass();
}
if (privKey != null) {
sig = SignerUtilities.GetSigner(GetDigestAlgorithm());
sig.Init(true, privKey);
}
}
/**
* Creates an ExternalSignature instance
* @param pk a PrivateKey object
* @param hashAlgorithm the hash algorithm (e.g. "SHA-1", "SHA-256",...)
* @param provider the security provider (e.g. "BC")
*/
public PrivateKeySignature(ICipherParameters pk, String hashAlgorithm)
{
this.pk = pk;
this.hashAlgorithm = DigestAlgorithms.GetDigest(DigestAlgorithms.GetAllowedDigests(hashAlgorithm));
if (pk is RsaKeyParameters)
{
encryptionAlgorithm = "RSA";
}
else if (pk is DsaKeyParameters)
{
encryptionAlgorithm = "DSA";
}
else if (pk is ECKeyParameters)
{
encryptionAlgorithm = "ECDSA";
}
else
{
throw new ArgumentException(MessageLocalization.GetComposedMessage("unknown.key.algorithm.1", pk.ToString()));
}
}
/**
* Generates a signature.
* @param privKey the private key
* @param certChain the certificate chain
* @param crlList the certificate revocation list
* @param hashAlgorithm the hash algorithm
* @param provider the provider or <code>null</code> for the default provider
* @param hasRSAdata <CODE>true</CODE> if the sub-filter is adbe.pkcs7.sha1
* @throws SecurityException on error
* @throws InvalidKeyException on error
* @throws NoSuchProviderException on error
* @throws NoSuchAlgorithmException on error
*/
public PdfPKCS7(ICipherParameters privKey, X509Certificate[] certChain, object[] crlList,
String hashAlgorithm, bool hasRSAdata) {
this.privKey = privKey;
digestAlgorithm = GetAllowedDigests(hashAlgorithm);
if (digestAlgorithm == null)
throw new ArgumentException(MessageLocalization.GetComposedMessage("unknown.hash.algorithm.1", hashAlgorithm));
version = signerversion = 1;
certs = new List<X509Certificate>();
crls = new List<X509Crl>();
digestalgos = new Dictionary<string,object>();
digestalgos[digestAlgorithm] = null;
//
// Copy in the certificates and crls used to sign the private key.
//
signCert = certChain[0];
for (int i = 0;i < certChain.Length;i++) {
certs.Add(certChain[i]);
}
// if (crlList != null) {
// for (int i = 0;i < crlList.length;i++) {
// crls.Add(crlList[i]);
// }
// }
if (privKey != null) {
//
// Now we have private key, find out what the digestEncryptionAlgorithm is.
//
if (privKey is RsaKeyParameters)
digestEncryptionAlgorithm = ID_RSA;
else if (privKey is DsaKeyParameters)
digestEncryptionAlgorithm = ID_DSA;
else
throw new ArgumentException(MessageLocalization.GetComposedMessage("unknown.key.algorithm.1", privKey.ToString()));
}
if (hasRSAdata) {
RSAdata = new byte[0];
messageDigest = GetHashClass();
}
if (privKey != null) {
sig = SignerUtilities.GetSigner(GetDigestAlgorithm());
sig.Init(true, privKey);
}
}
// Constructors for creating new signatures
/**
* Assembles all the elements needed to create a signature, except for the data.
* @param privKey the private key
* @param certChain the certificate chain
* @param crlList the certificate revocation list
* @param hashAlgorithm the hash algorithm
* @param provider the provider or <code>null</code> for the default provider
* @param hasRSAdata <CODE>true</CODE> if the sub-filter is adbe.pkcs7.sha1
* @throws InvalidKeyException on error
* @throws NoSuchProviderException on error
* @throws NoSuchAlgorithmException on error
*/
public PdfPKCS7(ICipherParameters privKey, ICollection <X509Certificate> certChain,
String hashAlgorithm, bool hasRSAdata)
{
digestAlgorithmOid = DigestAlgorithms.GetAllowedDigests(hashAlgorithm);
if (digestAlgorithmOid == null)
{
throw new ArgumentException(MessageLocalization.GetComposedMessage("unknown.hash.algorithm.1", hashAlgorithm));
}
version = signerversion = 1;
certs = new List <X509Certificate>(certChain);
crls = new List <X509Crl>();
digestalgos = new Dictionary <string, object>();
digestalgos[digestAlgorithmOid] = null;
//
// Copy in the certificates and crls used to sign the private key.
//
signCert = certs[0];
if (privKey != null)
{
//
// Now we have private key, find out what the digestEncryptionAlgorithm is.
//
if (privKey is RsaKeyParameters)
{
digestEncryptionAlgorithmOid = SecurityIDs.ID_RSA;
}
else if (privKey is DsaKeyParameters)
{
digestEncryptionAlgorithmOid = SecurityIDs.ID_DSA;
}
else
{
throw new ArgumentException(MessageLocalization.GetComposedMessage("unknown.key.algorithm.1", privKey.ToString()));
}
}
if (hasRSAdata)
{
RSAdata = new byte[0];
messageDigest = GetHashClass();
}
if (privKey != null)
{
sig = SignerUtilities.GetSigner(GetDigestAlgorithm());
sig.Init(true, privKey);
}
}
/**
* Generates a signature.
* @param privKey the private key
* @param certChain the certificate chain
* @param crlList the certificate revocation list
* @param hashAlgorithm the hash algorithm
* @param provider the provider or <code>null</code> for the default provider
* @param hasRSAdata <CODE>true</CODE> if the sub-filter is adbe.pkcs7.sha1
* @throws SecurityException on error
* @throws InvalidKeyException on error
* @throws NoSuchProviderException on error
* @throws NoSuchAlgorithmException on error
*/
public PKCS7(ICipherParameters privKey, X509Certificate[] certChain, object[] crlList,
String hashAlgorithm, bool hasRSAdata)
{
this.privKey = privKey;
digestAlgorithm = (String)allowedDigests[hashAlgorithm.ToUpper(CultureInfo.InvariantCulture)];
if (digestAlgorithm == null)
{
throw new ArgumentException("Unknown Hash Algorithm " + hashAlgorithm);
}
version = signerversion = 1;
certs = new ArrayList();
crls = new ArrayList();
digestalgos = new Hashtable();
digestalgos[digestAlgorithm] = null;
//
// Copy in the certificates and crls used to sign the private key.
//
signCert = certChain[0];
for (int i = 0; i < certChain.Length; i++)
{
certs.Add(certChain[i]);
}
// if (crlList != null) {
// for (int i = 0;i < crlList.length;i++) {
// crls.Add(crlList[i]);
// }
// }
if (privKey != null)
{
//
// Now we have private key, find out what the digestEncryptionAlgorithm is.
//
if (privKey is RsaKeyParameters)
{
digestEncryptionAlgorithm = ID_RSA;
}
else if (privKey is DsaKeyParameters)
{
digestEncryptionAlgorithm = ID_DSA;
}
else
{
throw new ArgumentException("Unknown Key Algorithm " + privKey.ToString());
}
}
if (hasRSAdata)
{
RSAdata = new byte[0];
messageDigest = GetHashClass();
}
if (privKey != null)
{
sig = SignerUtilities.GetSigner(GetDigestAlgorithm());
sig.Init(true, privKey);
}
}
