/// <summary>Build the PKIArchiveControl using the passed in encryptor to encrypt its contents.</summary>
/// <param name="contentEncryptor">a suitable content encryptor.</param>
/// <returns>a PKIArchiveControl object.</returns>
public PkiArchiveControl Build(ICipherBuilderWithKey contentEncryptor)
{
CmsEnvelopedData envContent = envGen.Generate(keyContent, contentEncryptor);
EnvelopedData envD = EnvelopedData.GetInstance(envContent.ContentInfo.Content);
return(new PkiArchiveControl(new PkiArchiveOptions(new EncryptedKey(envD))));
}
private CmsEnvelopedData doGenerate(
ICmsTypedData content,
ICipherBuilderWithKey<AlgorithmIdentifier> contentEncryptor)
{
Asn1EncodableVector recipientInfos = new Asn1EncodableVector();
AlgorithmIdentifier encAlgId;
Asn1OctetString encContent;
MemoryOutputStream bOut = new MemoryOutputStream();
try
{
ICipher cOut = contentEncryptor.BuildCipher(bOut);
content.Write(cOut.Stream);
cOut.Stream.Close();
}
catch (IOException e)
{
throw new CmsException(e.Message, e);
}
byte[] encryptedContent = bOut.ToArray();
encAlgId = contentEncryptor.AlgorithmDetails;
encContent = new BerOctetString(encryptedContent);
ISymmetricKey encKey = contentEncryptor.Key;
for (IEnumerator<IRecipientInfoGenerator> it = recipientInfoGenerators.GetEnumerator(); it.MoveNext();)
{
IRecipientInfoGenerator recipient = (IRecipientInfoGenerator)it.Current;
recipientInfos.Add(recipient.Generate(encKey));
}
EncryptedContentInfo eci = new EncryptedContentInfo(
content.ContentType,
encAlgId,
encContent);
Asn1Set unprotectedAttrSet = null;
if (unprotectedAttributeGenerator != null)
{
Asn1.Cms.AttributeTable attrTable = unprotectedAttributeGenerator.GetAttributes(new Dictionary<string, object>());
unprotectedAttrSet = new BerSet(attrTable.ToAsn1EncodableVector());
}
ContentInfo contentInfo = new ContentInfo(
CmsObjectIdentifiers.EnvelopedData,
new EnvelopedData(originatorInfo, new DerSet(recipientInfos), eci, unprotectedAttrSet));
return new CmsEnvelopedData(contentInfo);
}
public CmsEnvelopedData Generate(CmsProcessable content, ICipherBuilderWithKey cipherBuilder)
{
//AlgorithmIdentifier encAlgId = null;
KeyParameter encKey;
Asn1OctetString encContent;
try
{
encKey = (KeyParameter)cipherBuilder.Key;
MemoryStream collector = new MemoryStream();
Stream bOut = cipherBuilder.BuildCipher(collector).Stream;
content.Write(bOut);
Platform.Dispose(bOut);
encContent = new BerOctetString(collector.ToArray());
}
catch (SecurityUtilityException e)
{
throw new CmsException("couldn't create cipher.", e);
}
catch (InvalidKeyException e)
{
throw new CmsException("key invalid in message.", e);
}
catch (IOException e)
{
throw new CmsException("exception decoding algorithm parameters.", e);
}
Asn1EncodableVector recipientInfos = new Asn1EncodableVector();
foreach (RecipientInfoGenerator rig in recipientInfoGenerators)
{
try
{
recipientInfos.Add(rig.Generate(encKey, rand));
}
catch (InvalidKeyException e)
{
throw new CmsException("key inappropriate for algorithm.", e);
}
catch (GeneralSecurityException e)
{
throw new CmsException("error making encrypted content.", e);
}
}
EncryptedContentInfo eci = new EncryptedContentInfo(
CmsObjectIdentifiers.Data,
(AlgorithmIdentifier)cipherBuilder.AlgorithmDetails,
encContent);
Asn1Set unprotectedAttrSet = null;
if (unprotectedAttributeGenerator != null)
{
Asn1.Cms.AttributeTable attrTable = unprotectedAttributeGenerator.GetAttributes(Platform.CreateHashtable());
unprotectedAttrSet = new BerSet(attrTable.ToAsn1EncodableVector());
}
ContentInfo contentInfo = new ContentInfo(
CmsObjectIdentifiers.EnvelopedData,
new EnvelopedData(null, new DerSet(recipientInfos), eci, unprotectedAttrSet));
return(new CmsEnvelopedData(contentInfo));
}
///
/// Create a builder that makes EncryptedValue structures with fixed length blocks padded using the passed in padder.
///
/// <param name="wrapper">a wrapper for key used to encrypt the actual data contained in the EncryptedValue.</param>
/// <param name="encryptor">encryptor an output encryptor to encrypt the actual data contained in the EncryptedValue.</param>
/// <param name="padder">padder a padder to ensure that the EncryptedValue created will always be a constant length.</param>
///
public EncryptedValueBuilder(IKeyWrapper wrapper, ICipherBuilderWithKey encryptor, IEncryptedValuePadder padder)
{
this.wrapper = wrapper;
this.encryptor = encryptor;
this.padder = padder;
}
///
/// Create a builder that makes EncryptedValue structures.
///
/// <param name="wrapper">wrapper a wrapper for key used to encrypt the actual data contained in the EncryptedValue.</param>
/// <param name="encryptor">encryptor an output encryptor to encrypt the actual data contained in the EncryptedValue. </param>
///
public EncryptedValueBuilder(IKeyWrapper wrapper, ICipherBuilderWithKey encryptor)
: this(wrapper, encryptor, null)
{
}
/// <summary>
/// Generate an enveloped object that contains an CMS Enveloped Data object using the given provider.
/// </summary>
/// <param name="content">The content to be encrypted</param>
/// <param name="contentEncryptorBuilder">The symmetric key based encryptor to encrypt the content with.</param>
/// <returns>A new CMS EnvelopedData object.</returns>
public CmsEnvelopedData generate(
ICmsTypedData content,
ICipherBuilderWithKey<AlgorithmIdentifier> contentEncryptorBuilder)
{
return doGenerate(content, contentEncryptorBuilder);
}
