/// <summary> /// ContentInfo constructor - with encapsulated content /// </summary> /// <param name="sigData">A ContentInfo containing a signedData object.</param> public CmsSignedData( ContentInfo sigData) { this.contentInfo = sigData; this.signedData = SignedData.GetInstance(contentInfo.Content); // // this can happen if the signed message is sent simply to send a // certificate chain. // Asn1Encodable content = signedData.EncapContentInfo.Content; if (content != null) { if (content is Asn1OctetString) { this.signedContent = new CmsProcessableByteArray(signedData.EncapContentInfo.ContentType, ((Asn1OctetString)content).GetOctets()); } else { this.signedContent = new Pkcs7ProcessableObject(signedData.EncapContentInfo.ContentType, content); } } else { this.signedContent = null; } }
private CmsSignedData( CmsSignedData c) { this.signedData = c.signedData; this.contentInfo = c.contentInfo; this.signedContent = c.signedContent; this.signerInfoStore = c.signerInfoStore; }
/// <summary> /// ContentInfo constructor - with detached signature. /// </summary> /// <param name="signedContent">The content that was signed.</param> /// <param name="sigData">A ContentInfo containing a signedData object.</param> public CmsSignedData( ICmsTypedData signedContent, ContentInfo sigData) { this.signedContent = signedContent; this.contentInfo = sigData; this.signedData = SignedData.GetInstance(contentInfo.Content); }
private CmsEnvelopedData doGenerate( ICmsTypedData content, ICipherBuilderWithKey<AlgorithmIdentifier> contentEncryptor) { Asn1EncodableVector recipientInfos = new Asn1EncodableVector(); AlgorithmIdentifier encAlgId; Asn1OctetString encContent; MemoryOutputStream bOut = new MemoryOutputStream(); try { ICipher cOut = contentEncryptor.BuildCipher(bOut); content.Write(cOut.Stream); cOut.Stream.Close(); } catch (IOException e) { throw new CmsException(e.Message, e); } byte[] encryptedContent = bOut.ToArray(); encAlgId = contentEncryptor.AlgorithmDetails; encContent = new BerOctetString(encryptedContent); ISymmetricKey encKey = contentEncryptor.Key; for (IEnumerator<IRecipientInfoGenerator> it = recipientInfoGenerators.GetEnumerator(); it.MoveNext();) { IRecipientInfoGenerator recipient = (IRecipientInfoGenerator)it.Current; recipientInfos.Add(recipient.Generate(encKey)); } EncryptedContentInfo eci = new EncryptedContentInfo( content.ContentType, encAlgId, encContent); Asn1Set unprotectedAttrSet = null; if (unprotectedAttributeGenerator != null) { Asn1.Cms.AttributeTable attrTable = unprotectedAttributeGenerator.GetAttributes(new Dictionary<string, object>()); unprotectedAttrSet = new BerSet(attrTable.ToAsn1EncodableVector()); } ContentInfo contentInfo = new ContentInfo( CmsObjectIdentifiers.EnvelopedData, new EnvelopedData(originatorInfo, new DerSet(recipientInfos), eci, unprotectedAttrSet)); return new CmsEnvelopedData(contentInfo); }
private CmsEncryptedData doGenerate( ICmsTypedData content, ICipherBuilder <AlgorithmIdentifier> contentEncryptor) { AlgorithmIdentifier encAlgId; Asn1OctetString encContent; MemoryOutputStream bOut = new MemoryOutputStream(); try { ICipher cipher = contentEncryptor.BuildCipher(bOut); content.Write(cipher.Stream); cipher.Stream.Close(); } catch (IOException) { throw new CmsException(""); } byte[] encryptedContent = bOut.ToArray(); encAlgId = contentEncryptor.AlgorithmDetails; encContent = new BerOctetString(encryptedContent); EncryptedContentInfo eci = new EncryptedContentInfo( content.ContentType, encAlgId, encContent); Asn1Set unprotectedAttrSet = null; if (unprotectedAttributeGenerator != null) { Asn1.Cms.AttributeTable attrTable = unprotectedAttributeGenerator.GetAttributes(new Dictionary <string, object>()); unprotectedAttrSet = new BerSet(attrTable.ToAsn1EncodableVector()); } ContentInfo contentInfo = new ContentInfo( CmsObjectIdentifiers.EncryptedData, new EncryptedData(eci, unprotectedAttrSet)); return(new CmsEncryptedData(contentInfo)); }
internal SignerInformation( Asn1.Cms.SignerInfo info, DerObjectIdentifier contentType, ICmsTypedData content, byte[] digest) { this.info = info; this.contentType = contentType; this.isCounterSignature = contentType == null; try { SignerIdentifier s = info.SignerID; if (s.IsTagged) { Asn1OctetString octs = Asn1OctetString.GetInstance(s.ID); this.sid = new SignerID(octs.GetEncoded()); } else { Asn1.Cms.IssuerAndSerialNumber iAnds = Asn1.Cms.IssuerAndSerialNumber.GetInstance(s.ID); this.sid = new SignerID(iAnds.Name, iAnds.SerialNumber.Value); } } catch (IOException) { throw new ArgumentException("invalid sid in SignerInfo"); } this.digestAlgorithm = info.DigestAlgorithm; this.signedAttributeSet = info.AuthenticatedAttributes; this.unsignedAttributeSet = info.UnauthenticatedAttributes; this.encryptionAlgorithm = info.DigestEncryptionAlgorithm; this.signature = info.EncryptedDigest.GetOctets(); this.content = content; this.resultDigest = digest; }
/** * generate a signed object that for a CMS Signed Data * object - if encapsulate is true a copy * of the message will be included in the signature. The content type * is set according to the OID represented by the string signedContentType. */ public CmsSignedData Generate( // FIXME Avoid accessing more than once to support CmsProcessableInputStream ICmsTypedData content, bool encapsulate) { // TODO // if (signerInfs.isEmpty()) // { // /* RFC 3852 5.2 // * "In the degenerate case where there are no signers, the // * EncapsulatedContentInfo value being "signed" is irrelevant. In this // * case, the content type within the EncapsulatedContentInfo value being // * "signed" MUST be id-data (as defined in section 4), and the content // * field of the EncapsulatedContentInfo value MUST be omitted." // */ // if (encapsulate) // { // throw new IllegalArgumentException("no signers, encapsulate must be false"); // } // if (!DATA.equals(eContentType)) // { // throw new IllegalArgumentException("no signers, eContentType must be id-data"); // } // } // // if (!DATA.equals(eContentType)) // { // /* RFC 3852 5.3 // * [The 'signedAttrs']... // * field is optional, but it MUST be present if the content type of // * the EncapsulatedContentInfo value being signed is not id-data. // */ // // TODO signedAttrs must be present for all signers // } Asn1EncodableVector digestAlgs = new Asn1EncodableVector(); Asn1EncodableVector signerInfos = new Asn1EncodableVector(); _digests.Clear(); // clear the current preserved digest state // // add the precalculated SignerInfo objects. // for (IEnumerator it = _signers.GetEnumerator(); it.MoveNext();) { SignerInformation signer = (SignerInformation)it.Current; digestAlgs.Add(CmsUtilities.fixAlgID(signer.DigestAlgorithmID)); // TODO Verify the content type and calculated digest match the precalculated SignerInfo signerInfos.Add(signer.ToAsn1Structure()); } // // add the SignerInfo objects // DerObjectIdentifier contentTypeOID = content.ContentType; Asn1OctetString octs = null; if (content.GetContent() != null) { MemoryOutputStream bOut = null; if (encapsulate) { bOut = new MemoryOutputStream(); } Stream cOut = CmsUtilities.attachSignersToOutputStream(_signerGens, bOut); // Just in case it's unencapsulated and there are no signers! cOut = CmsUtilities.getSafeOutputStream(cOut); try { content.Write(cOut); cOut.Close(); } catch (IOException e) { throw new CmsException("data processing exception: " + e.Message, e); } if (encapsulate) { octs = new BerOctetString(bOut.ToArray()); } } for (IEnumerator it = _signerGens.GetEnumerator(); it.MoveNext();) { SignerInfoGenerator sGen = (SignerInfoGenerator)it.Current; SignerInfo inf = sGen.Generate(contentTypeOID); digestAlgs.Add(inf.DigestAlgorithm); signerInfos.Add(inf); byte[] calcDigest = sGen.getCalculatedDigest(); if (calcDigest != null) { _digests.Add(inf.DigestAlgorithm.Algorithm.Id, calcDigest); } } Asn1Set certificates = null; if (_certs.Count != 0) { certificates = CmsUtilities.CreateBerSetFromList(_certs); } Asn1Set certrevlist = null; if (_crls.Count != 0) { certrevlist = CmsUtilities.CreateBerSetFromList(_crls); } ContentInfo encInfo = new ContentInfo(contentTypeOID, octs); SignedData sd = new SignedData( new DerSet(digestAlgs), encInfo, certificates, certrevlist, new DerSet(signerInfos)); ContentInfo contentInfo = new ContentInfo( CmsObjectIdentifiers.SignedData, sd); return(new CmsSignedData(content, contentInfo)); }
/** * generate a signed object that for a CMS Signed Data object */ public CmsSignedData Generate( ICmsTypedData content) { return(Generate(content, false)); }
/// <summary> /// Generate an enveloped object that contains an CMS Enveloped Data object using the given provider. /// </summary> /// <param name="content">The content to be encrypted</param> /// <param name="contentEncryptorBuilder">The symmetric key based encryptor to encrypt the content with.</param> /// <returns>A new CMS EnvelopedData object.</returns> public CmsEnvelopedData generate( ICmsTypedData content, ICipherBuilderWithKey<AlgorithmIdentifier> contentEncryptorBuilder) { return doGenerate(content, contentEncryptorBuilder); }
/** * generate an encrypted object that contains an Cms Encrypted Data structure. * * @param content the content to be encrypted * @param contentEncryptor the symmetric key based encryptor to encrypt the content with. */ public CmsEncryptedData generate( ICmsTypedData content, ICipherBuilder <AlgorithmIdentifier> contentEncryptor) { return(doGenerate(content, contentEncryptor)); }
/// <summary> /// Stream constructor - with detached signature. /// </summary> /// <param name="signedContent">The content that was signed.</param> /// <param name="sigData">A stream representing a ContentInfo containing a signedData object.</param> public CmsSignedData( ICmsTypedData signedContent, Stream sigData) : this(signedContent, CmsUtilities.ReadContentInfo(sigData)) { }
/// <summary> /// Base constructor - with detached signature. /// </summary> /// <param name="signedContent">The content that was signed.</param> /// <param name="sigBlock">A byte array containing a ContentInfo containing a signedData object.</param> public CmsSignedData( ICmsTypedData signedContent, byte[] sigBlock) : this(signedContent, CmsUtilities.ReadContentInfo(new MemoryStream(sigBlock, false))) { }