public CmsSignedDataParser(CmsTypedStream signedContent, Stream sigData)
: base(sigData)
{
try
{
_signedContent = signedContent;
_signedData = SignedDataParser.GetInstance(contentInfo.GetContent(16));
_digests = Platform.CreateHashtable();
_digestOids = new HashSet();
Asn1SetParser digestAlgorithms = _signedData.GetDigestAlgorithms();
IAsn1Convertible asn1Convertible;
while ((asn1Convertible = digestAlgorithms.ReadObject()) != null)
{
AlgorithmIdentifier instance = AlgorithmIdentifier.GetInstance(asn1Convertible.ToAsn1Object());
try
{
string id = instance.Algorithm.Id;
string digestAlgName = Helper.GetDigestAlgName(id);
if (!_digests.Contains(digestAlgName))
{
_digests[digestAlgName] = Helper.GetDigestInstance(digestAlgName);
_digestOids.Add(id);
}
}
catch (SecurityUtilityException)
{
}
}
ContentInfoParser encapContentInfo = _signedData.GetEncapContentInfo();
Asn1OctetStringParser asn1OctetStringParser = (Asn1OctetStringParser)encapContentInfo.GetContent(4);
if (asn1OctetStringParser != null)
{
CmsTypedStream cmsTypedStream = new CmsTypedStream(encapContentInfo.ContentType.Id, asn1OctetStringParser.GetOctetStream());
if (_signedContent == null)
{
_signedContent = cmsTypedStream;
}
else
{
cmsTypedStream.Drain();
}
}
_signedContentType = ((_signedContent == null) ? encapContentInfo.ContentType : new DerObjectIdentifier(_signedContent.ContentType));
}
catch (IOException ex2)
{
throw new CmsException("io exception: " + ex2.Message, ex2);
}
}
private void ConfigureDigest(string digestOid)
{
RegisterDigestOid(digestOid);
string digestAlgName = Helper.GetDigestAlgName(digestOid);
IDigest digest = (IDigest)_messageDigests[digestAlgName];
if (digest == null)
{
if (_messageDigestsLocked)
{
throw new InvalidOperationException("Cannot configure new digests after the data stream is opened");
}
digest = Helper.GetDigestInstance(digestAlgName);
_messageDigests[digestAlgName] = digest;
}
}
private bool DoVerify(AsymmetricKeyParameter key)
{
string digestAlgName = Helper.GetDigestAlgName(DigestAlgOid);
IDigest digestInstance = Helper.GetDigestInstance(digestAlgName);
DerObjectIdentifier algorithm = encryptionAlgorithm.Algorithm;
Asn1Encodable parameters = encryptionAlgorithm.Parameters;
ISigner signer;
if (algorithm.Equals(PkcsObjectIdentifiers.IdRsassaPss))
{
if (parameters == null)
{
throw new CmsException("RSASSA-PSS signature must specify algorithm parameters");
}
try
{
RsassaPssParameters instance = RsassaPssParameters.GetInstance(parameters.ToAsn1Object());
if (!instance.HashAlgorithm.Algorithm.Equals(digestAlgorithm.Algorithm))
{
throw new CmsException("RSASSA-PSS signature parameters specified incorrect hash algorithm");
}
if (!instance.MaskGenAlgorithm.Algorithm.Equals(PkcsObjectIdentifiers.IdMgf1))
{
throw new CmsException("RSASSA-PSS signature parameters specified unknown MGF");
}
IDigest digest = DigestUtilities.GetDigest(instance.HashAlgorithm.Algorithm);
int intValue = instance.SaltLength.Value.IntValue;
byte b = (byte)instance.TrailerField.Value.IntValue;
if (b != 1)
{
throw new CmsException("RSASSA-PSS signature parameters must have trailerField of 1");
}
signer = new PssSigner(new RsaBlindedEngine(), digest, intValue);
}
catch (Exception e)
{
throw new CmsException("failed to set RSASSA-PSS signature parameters", e);
}
}
else
{
string algorithm2 = digestAlgName + "with" + Helper.GetEncryptionAlgName(EncryptionAlgOid);
signer = Helper.GetSignatureInstance(algorithm2);
}
try
{
if (digestCalculator != null)
{
resultDigest = digestCalculator.GetDigest();
}
else
{
if (content != null)
{
content.Write(new DigOutputStream(digestInstance));
}
else if (signedAttributeSet == null)
{
throw new CmsException("data not encapsulated in signature - use detached constructor.");
}
resultDigest = DigestUtilities.DoFinal(digestInstance);
}
}
catch (IOException e2)
{
throw new CmsException("can't process mime object to create signature.", e2);
}
Asn1Object singleValuedSignedAttribute = GetSingleValuedSignedAttribute(CmsAttributes.ContentType, "content-type");
if (singleValuedSignedAttribute == null)
{
if (!isCounterSignature && signedAttributeSet != null)
{
throw new CmsException("The content-type attribute type MUST be present whenever signed attributes are present in signed-data");
}
}
else
{
if (isCounterSignature)
{
throw new CmsException("[For counter signatures,] the signedAttributes field MUST NOT contain a content-type attribute");
}
if (!(singleValuedSignedAttribute is DerObjectIdentifier))
{
throw new CmsException("content-type attribute value not of ASN.1 type 'OBJECT IDENTIFIER'");
}
DerObjectIdentifier derObjectIdentifier = (DerObjectIdentifier)singleValuedSignedAttribute;
if (!derObjectIdentifier.Equals(contentType))
{
throw new CmsException("content-type attribute value does not match eContentType");
}
}
Asn1Object singleValuedSignedAttribute2 = GetSingleValuedSignedAttribute(CmsAttributes.MessageDigest, "message-digest");
if (singleValuedSignedAttribute2 == null)
{
if (signedAttributeSet != null)
{
throw new CmsException("the message-digest signed attribute type MUST be present when there are any signed attributes present");
}
}
else
{
if (!(singleValuedSignedAttribute2 is Asn1OctetString))
{
throw new CmsException("message-digest attribute value not of ASN.1 type 'OCTET STRING'");
}
Asn1OctetString asn1OctetString = (Asn1OctetString)singleValuedSignedAttribute2;
if (!Arrays.AreEqual(resultDigest, asn1OctetString.GetOctets()))
{
throw new CmsException("message-digest attribute value does not match calculated value");
}
}
Org.BouncyCastle.Asn1.Cms.AttributeTable signedAttributes = SignedAttributes;
if (signedAttributes != null && signedAttributes.GetAll(CmsAttributes.CounterSignature).Count > 0)
{
throw new CmsException("A countersignature attribute MUST NOT be a signed attribute");
}
Org.BouncyCastle.Asn1.Cms.AttributeTable unsignedAttributes = UnsignedAttributes;
if (unsignedAttributes != null)
{
foreach (Org.BouncyCastle.Asn1.Cms.Attribute item in unsignedAttributes.GetAll(CmsAttributes.CounterSignature))
{
if (item.AttrValues.Count < 1)
{
throw new CmsException("A countersignature attribute MUST contain at least one AttributeValue");
}
}
}
try
{
signer.Init(forSigning: false, key);
if (signedAttributeSet == null)
{
if (digestCalculator != null)
{
return(VerifyDigest(resultDigest, key, GetSignature()));
}
if (content != null)
{
content.Write(new SigOutputStream(signer));
}
}
else
{
byte[] encodedSignedAttributes = GetEncodedSignedAttributes();
signer.BlockUpdate(encodedSignedAttributes, 0, encodedSignedAttributes.Length);
}
return(signer.VerifySignature(GetSignature()));
}
catch (InvalidKeyException e3)
{
throw new CmsException("key not appropriate to signature in message.", e3);
}
catch (IOException e4)
{
throw new CmsException("can't process mime object to create signature.", e4);
}
catch (SignatureException ex)
{
throw new CmsException("invalid signature format in message: " + ex.Message, ex);
}
}
