Пример #1
0
 /**
  * Reads in a PKCS7 object. This returns a ContentInfo object suitable for use with the CMS
  * API.
  *
  * @return the X509Certificate
  * @throws IOException if an I/O error occured
  */
 // TODO Consider returning Asn1.Pkcs.ContentInfo
 private ContentInfo ReadPkcs7(PemObject pemObject)
 {
     try
     {
         return(ContentInfo.GetInstance(
                    Asn1Object.FromByteArray(pemObject.Content)));
     }
     catch (Exception e)
     {
         throw new PemException("problem parsing PKCS7 object: " + e.ToString());
     }
 }
Пример #2
0
        /**
         * Fetches the signature time-stamp attributes from a SignerInformation object.
         * Checks that the MessageImprint for each time-stamp matches the signature field.
         * (see RFC 3161 Appendix A).
         *
         * @param signerInfo a SignerInformation to search for time-stamps
         * @return a collection of TimeStampToken objects
         * @throws TSPValidationException
         */
        public static ICollection GetSignatureTimestamps(
            SignerInformation signerInfo)
        {
            IList timestamps = Platform.CreateArrayList();

            AttributeTable unsignedAttrs = signerInfo.UnsignedAttributes;

            if (unsignedAttrs != null)
            {
                foreach (Attribute tsAttr in unsignedAttrs.GetAll(
                             PkcsObjectIdentifiers.IdAASignatureTimeStampToken))
                {
                    foreach (Asn1Encodable asn1 in tsAttr.AttrValues)
                    {
                        try
                        {
                            ContentInfo contentInfo = ContentInfo.GetInstance(
                                asn1.ToAsn1Object());
                            TimeStampToken     timeStampToken = new TimeStampToken(contentInfo);
                            TimeStampTokenInfo tstInfo        = timeStampToken.TimeStampInfo;

                            byte[] expectedDigest = DigestUtilities.CalculateDigest(
                                GetDigestAlgName(tstInfo.MessageImprintAlgOid),
                                signerInfo.GetSignature());

                            if (!Arrays.ConstantTimeAreEqual(expectedDigest, tstInfo.GetMessageImprintDigest()))
                            {
                                throw new TspValidationException("Incorrect digest in message imprint");
                            }

                            timestamps.Add(timeStampToken);
                        }
                        catch (SecurityUtilityException)
                        {
                            throw new TspValidationException("Unknown hash algorithm specified in timestamp");
                        }
                        catch (Exception)
                        {
                            throw new TspValidationException("Timestamp could not be parsed");
                        }
                    }
                }
            }

            return(timestamps);
        }