/// <summary> /// Initialize a new instance of the <see cref="CmsSigner"/> class. /// </summary> /// <remarks> /// <para>The initial value of the <see cref="DigestAlgorithm"/> will /// be set to <see cref="DigestAlgorithm.Sha256"/> and both the /// <see cref="SignedAttributes"/> and <see cref="UnsignedAttributes"/> properties will be /// initialized to empty tables.</para> /// </remarks> /// <param name="certificate">The signer's certificate.</param> /// <param name="signerIdentifierType">The scheme used for identifying the signer certificate.</param> /// <exception cref="System.ArgumentNullException"> /// <paramref name="certificate"/> is <c>null</c>. /// </exception> /// <exception cref="System.ArgumentException"> /// <paramref name="certificate"/> cannot be used for signing. /// </exception> public CmsSigner(X509Certificate2 certificate, SubjectIdentifierType signerIdentifierType = SubjectIdentifierType.IssuerAndSerialNumber) : this() { if (certificate == null) { throw new ArgumentNullException(nameof(certificate)); } if (!certificate.HasPrivateKey) { throw new ArgumentException("The certificate does not contain a private key.", nameof(certificate)); } var cert = certificate.AsBouncyCastleCertificate(); var key = certificate.PrivateKey.AsAsymmetricKeyParameter(); CheckCertificateCanBeUsedForSigning(cert); if (signerIdentifierType != SubjectIdentifierType.SubjectKeyIdentifier) { SignerIdentifierType = SubjectIdentifierType.IssuerAndSerialNumber; } else { SignerIdentifierType = SubjectIdentifierType.SubjectKeyIdentifier; } CertificateChain = new X509CertificateChain(); CertificateChain.Add(cert); Certificate = cert; PrivateKey = key; }
/// <summary> /// Initialize a new instance of the <see cref="CmsRecipient"/> class. /// </summary> /// <remarks> /// <para>Creates a new <see cref="CmsRecipient"/> based on the provided certificate.</para> /// <para>If the X.509 certificate contains an S/MIME capability extension, the initial value of the /// <see cref="EncryptionAlgorithms"/> property will be set to whatever encryption algorithms are /// defined by the S/MIME capability extension, otherwise int will be initialized to a list /// containing only the Triple-Des encryption algorithm which should be safe to assume for all /// modern S/MIME v3.x client implementations.</para> /// </remarks> /// <param name="certificate">The recipient's certificate.</param> /// <param name="recipientIdentifierType">The recipient identifier type.</param> /// <exception cref="System.ArgumentNullException"> /// <paramref name="certificate"/> is <c>null</c>. /// </exception> public CmsRecipient (X509Certificate2 certificate, SubjectIdentifierType recipientIdentifierType = SubjectIdentifierType.IssuerAndSerialNumber) { if (certificate == null) throw new ArgumentNullException (nameof (certificate)); if (recipientIdentifierType != SubjectIdentifierType.SubjectKeyIdentifier) RecipientIdentifierType = SubjectIdentifierType.IssuerAndSerialNumber; else RecipientIdentifierType = SubjectIdentifierType.SubjectKeyIdentifier; EncryptionAlgorithms = certificate.GetEncryptionAlgorithms (); Certificate = certificate.AsBouncyCastleCertificate (); }
/// <summary> /// Initializes a new instance of the <see cref="MimeKit.Cryptography.CmsSigner"/> class. /// </summary> /// <remarks> /// <para>The initial value of the <see cref="MimeKit.Cryptography.DigestAlgorithm"/> will /// be set to <see cref="MimeKit.Cryptography.DigestAlgorithm.Sha1"/> and both the /// <see cref="SignedAttributes"/> and <see cref="UnsignedAttributes"/> properties will be /// initialized to empty tables.</para> /// </remarks> /// <param name="certificate">The signer's certificate.</param> /// <exception cref="System.ArgumentNullException"> /// <paramref name="certificate"/> is <c>null</c>. /// </exception> /// <exception cref="System.ArgumentException"> /// <paramref name="certificate"/> cannot be used for signing. /// </exception> public CmsSigner(X509Certificate2 certificate) : this() { if (certificate == null) { throw new ArgumentNullException(nameof(certificate)); } if (!certificate.HasPrivateKey) { throw new ArgumentException("The certificate does not contain a private key.", nameof(certificate)); } var cert = certificate.AsBouncyCastleCertificate(); var key = certificate.PrivateKey.AsAsymmetricKeyParameter(); CheckCertificateCanBeUsedForSigning(cert); CertificateChain = new X509CertificateChain(); CertificateChain.Add(cert); Certificate = cert; PrivateKey = key; }