Inheritance: CmsAttributeTableGenerator
Exemplo n.º 1
1
        /// <exception cref="System.IO.IOException"></exception>
        //private CmsSignedDataGenerator CreateCMSSignedDataGenerator(ContentSigner contentSigner
        //    , DigestCalculatorProvider digestCalculatorProvider, SignatureParameters parameters
        //    , CAdESProfileBES cadesProfile, bool includeUnsignedAttributes, CmsSignedData originalSignedData
        //    )
        private CmsSignedDataGenerator CreateCMSSignedDataGenerator(ISigner signer
            , SignatureParameters parameters, CAdESProfileBES cadesProfile
            , bool includeUnsignedAttributes, CmsSignedData originalSignedData
            )
        {
            try
            {
                CmsSignedDataGenerator generator = new CmsSignedDataGenerator();
                X509Certificate signerCertificate = parameters.SigningCertificate;

                //X509CertificateHolder certHolder = new X509CertificateHolder(signerCertificate.GetEncoded());
                ArrayList certList = new ArrayList();
                certList.Add(signerCertificate);
                IX509Store certHolder = X509StoreFactory.Create("CERTIFICATE/COLLECTION",
                    new X509CollectionStoreParameters(certList));

                //jbonilla - El provider siempre es BC C#
                //SignerInfoGeneratorBuilder sigInfoGeneratorBuilder = new SignerInfoGeneratorBuilder
                //    (digestCalculatorProvider);

                CmsAttributeTableGenerator signedAttrGen = new DefaultSignedAttributeTableGenerator
                    (new AttributeTable(cadesProfile.GetSignedAttributes(parameters)));

                CmsAttributeTableGenerator unsignedAttrGen = new SimpleAttributeTableGenerator
                    ((includeUnsignedAttributes) ? new AttributeTable(cadesProfile.GetUnsignedAttributes
                    (parameters)) : null);

                //jbonilla - No existe ContentSigner en BC C#
                //SignerInfoGenerator sigInfoGen = sigInfoGeneratorBuilder.Build(contentSigner, certHolder);                

                //generator.AddSignerInfoGenerator(sigInfoGen);
                generator.SignerProvider = signer;
                generator.AddSigner(new NullPrivateKey(), signerCertificate, parameters.SignatureAlgorithm.GetOid()
                    , parameters.DigestAlgorithm.GetOid(), signedAttrGen, unsignedAttrGen);

                if (originalSignedData != null)
                {
                    generator.AddSigners(originalSignedData.GetSignerInfos());
                }
                //ICollection<X509Certificate> certs = new AList<X509Certificate>();
                IList certs = new ArrayList();
                //certs.AddItem(parameters.SigningCertificate);
                certs.Add(parameters.SigningCertificate);
                if (parameters.CertificateChain != null)
                {
                    foreach (X509Certificate c in parameters.CertificateChain)
                    {
                        if (!c.SubjectDN.Equals(parameters.SigningCertificate.SubjectDN))
                        {
                            //certs.AddItem(c);
                            certs.Add(c);
                        }
                    }
                }
                //JcaCertStore certStore = new JcaCertStore(certs);
                IX509Store certStore = X509StoreFactory.Create("Certificate/Collection",
                    new X509CollectionStoreParameters(certs));
                generator.AddCertificates(certStore);
                if (originalSignedData != null)
                {
                    generator.AddCertificates(originalSignedData.GetCertificates("Collection"));
                }
                return generator;
            }
            catch (CmsException e)
            {
                throw new IOException("CmsException", e);
            }
            catch (CertificateEncodingException e)
            {
                throw new IOException("CertificateEncodingException", e);
            }
            /*catch (OperatorCreationException e)
			{
				throw new IOException(e);
			}*/
        }
Exemplo n.º 2
0
        public static string SignCmsGost2012(string data, string tlsNumber, int pin, byte[] rawCertificate, byte[] key)
        {
            var requestBytes = Encoding.UTF8.GetBytes(data);
            var typedData    = new CmsProcessableByteArray(requestBytes);
            var gen          = new CmsSignedDataGenerator();
            var signerInfoGeneratorBuilder = new SignerInfoGeneratorBuilder();

            var attrs      = GetSigningParameters(tlsNumber, pin);
            var parameters = new DefaultSignedAttributeTableGenerator(attrs);

            signerInfoGeneratorBuilder.WithSignedAttributeGenerator(parameters);

            var factory = new Asn1SignatureFactory(SingingAlgorithm, GetKey(key));

            var bcCertificate = GetBankCertificate(rawCertificate);

            gen.AddSignerInfoGenerator(signerInfoGeneratorBuilder.Build(factory, bcCertificate));
            gen.AddCertificates(MakeCertStore(bcCertificate));

            var signed      = gen.Generate(typedData, false);
            var signedBytes = signed.GetEncoded();

            return(Convert.ToBase64String(signedBytes));
        }
        private static byte[] SignData(byte[] data, Pkcs12Store signCertificate, DateTime? requestTimestamp = null)
        {
            var signCertAlias = signCertificate.Aliases.Cast<string>().First(signCertificate.IsKeyEntry);
            var signCertEntry = signCertificate.GetCertificate(signCertAlias);
            var signCert = signCertEntry.Certificate;
            var signPkEntry = signCertificate.GetKey(signCertAlias);
            var signPk = signPkEntry.Key;
            string digestName;

            if (signCert.SigAlgOid == PkcsObjectIdentifiers.Sha1WithRsaEncryption.Id)
            {
                digestName = "SHA1";
            }
            else if (signCert.SigAlgOid == PkcsObjectIdentifiers.Sha256WithRsaEncryption.Id)
            {
                digestName = "SHA256";
            }
            else
            {
                throw new ExtraException($"Unsupported digest algorithm {signCert.SigAlgName}");
            }

            var digestOid = DigestUtilities.GetObjectIdentifier(digestName).Id;
            var digest = DigestUtilities.CalculateDigest(digestName, data);

            var signedAttrs = new Dictionary<object, object>()
            {
                { CmsAttributeTableParameter.Digest, digest }
            };

            if (requestTimestamp.HasValue)
            {
                var signTimestamp = new Org.BouncyCastle.Asn1.Cms.Attribute(CmsAttributes.SigningTime, new DerSet(new Time(requestTimestamp.Value.ToUniversalTime())));
                signedAttrs.Add(signTimestamp.AttrType, signTimestamp);
            }

            var signedAttrGen = new DefaultSignedAttributeTableGenerator();
            var signedAttrTable = signedAttrGen.GetAttributes(signedAttrs);

            var generator = new CmsSignedDataGenerator();
            generator.AddSigner(signPk, signCert, digestOid, new DefaultSignedAttributeTableGenerator(signedAttrTable), null);

            var signedData = generator.Generate(new CmsProcessableByteArray(data), true);
            return signedData.GetEncoded();
        }