/// <summary>
/// Encodes and signs the content using the signer object used in
/// </summary>
/// <returns>
/// An instance of <see cref="PkcsSignerInfo"/> class.
/// </returns>
/// <remarks>
/// Before signing, the method adds two authenticated attributes: content type and message digest. Authenticated attributes are then
/// signed with signer's private key.
/// </remarks>
public PkcsSignerInfo Encode()
{
if (_authAttributes.All(x => x.Oid.Value != MESSAGE_DIGEST))
{
throw new InvalidOperationException();
}
// version
var builder = new Asn1Builder().AddInteger(Version);
// signerIdentifier
builder.AddDerData(signerCert.Encode());
// digestAlgorithm
builder.AddDerData(hashAlgId.RawData);
// authenticatedAttributes
if (_authAttributes.Any())
{
builder.AddExplicit(0, _authAttributes.Encode(), false);
}
// digestEncryptionAlgorithm
builder.AddDerData(pubKeyAlgId.RawData);
// encryptedDigest
builder.AddOctetString(hashValue);
// unauthenticatedAttributes
if (_unauthAttributes.Any())
{
builder.AddExplicit(1, UnauthenticatedAttributes.Encode(), false);
}
// wrap
return(new PkcsSignerInfo(builder.GetEncoded()));
}
Byte[] encodeSignedData()
{
var builder = new Asn1Builder()
.AddInteger(Version)
.AddDerData(DigestAlgorithms.Encode())
.AddDerData(encodeContentInfo());
// certificates
if (Certificates.Count > 0)
{
builder.AddExplicit(0, Certificates.Encode(), false);
}
// CRLs
if (RevocationLists.Count > 0)
{
var crlBytes = new List <Byte>();
foreach (X509CRL2 crl in RevocationLists)
{
crlBytes.AddRange(crl.RawData);
}
builder.AddExplicit(1, crlBytes.ToArray(), false);
}
builder.AddDerData(SignerInfos.Encode());
return(builder.GetEncoded());
}
/// <summary>
/// Encodes current object to a ASN.1-encoded byte array.
/// </summary>
/// <returns>ASN.1-encoded byte array.</returns>
/// <remarks>
/// Explicit notice text is always encoded as a <strong>BMPString</strong>.
/// <para>Notice reference is encoded in the following sequence: attempts to encode a string as a
/// <strong>VisibleString</strong> and then as a <strong>BMPString</strong> if <strong>VisibleString</strong> fails.</para>
/// </remarks>
public Byte[] Encode()
{
switch (Type)
{
case X509PolicyQualifierType.CpsUrl:
if (String.IsNullOrEmpty(PolicyUrl.AbsoluteUri))
{
throw new UninitializedObjectException();
}
return(new Asn1Builder()
.AddObjectIdentifier(new Oid("1.3.6.1.5.5.7.2.1"))
.AddIA5String(PolicyUrl.AbsoluteUri)
.GetEncoded());
case X509PolicyQualifierType.UserNotice:
var refBuilder = new Asn1Builder();
if (!String.IsNullOrEmpty(NoticeReference))
{
refBuilder.AddDerData(EncodeString(NoticeReference).ToArray())
.AddSequence(x => x.AddInteger(NoticeNumber))
.Encode();
}
if (!String.IsNullOrEmpty(NoticeText))
{
refBuilder.AddUTF8String(NoticeText);
}
return(new Asn1Builder()
.AddObjectIdentifier(new Oid("1.3.6.1.5.5.7.2.2"))
.AddSequence(refBuilder.GetEncoded())
.GetEncoded());
default: throw new UninitializedObjectException();
}
}
Byte[] encodeCTL()
{
var builder = new Asn1Builder()
.AddDerData(new X509EnhancedKeyUsageExtension(SubjectUsages, false).RawData);
var rawData = new List <Byte>(new X509EnhancedKeyUsageExtension(SubjectUsages, false).RawData);
if (!String.IsNullOrEmpty(ListIdentifier))
{
builder.AddOctetString(Encoding.Unicode.GetBytes(ListIdentifier + "\0"));
}
if (SequenceNumber != null)
{
builder.AddInteger(SequenceNumber.Value);
}
builder.AddDerData(Asn1Utils.EncodeDateTime(ThisUpdate.ToUniversalTime()));
if (NextUpdate != null)
{
builder.AddDerData(Asn1Utils.EncodeDateTime(NextUpdate.Value.ToUniversalTime()));
}
return(builder.AddDerData(new AlgorithmIdentifier(HashAlgorithm, new Byte[0]).RawData)
.AddDerData(Entries.Encode())
.GetRawData());
}