public static byte[] PostSign(String digestAlgorithmName, byte[] content, X509Certificate2[] signerCertificateChain, byte[] signature, byte[] signedAttributes) { if (signerCertificateChain == null || signerCertificateChain.Length == 0) { throw new ArgumentException("La cadena de certificados debe contener al menos una entrada"); } TbsCertificateStructure tbsCertificateStructure; //TODO Revisar esta parte del código /** * * Revisar esta parte del código * */ tbsCertificateStructure = TbsCertificateStructure.GetInstance( Asn1Object.FromByteArray( new Org.BouncyCastle.X509.X509Certificate( X509CertificateStructure.GetInstance(Asn1Object.FromByteArray(signerCertificateChain[0].GetRawCertData()))).GetTbsCertificate() ) ); SignerIdentifier signerIdentifier = new SignerIdentifier( new IssuerAndSerialNumber(X509Name.GetInstance(tbsCertificateStructure.Issuer), tbsCertificateStructure.SerialNumber) ); // Algoritmo de huella digital AlgorithmIdentifier digestAlgorithmOID; digestAlgorithmOID = SigUtils.MakeAlgId(AOAlgorithmID.GetOID(digestAlgorithmName)); // EncryptionAlgorithm AlgorithmIdentifier keyAlgorithmIdentifier; keyAlgorithmIdentifier = SigUtils.MakeAlgId(AOAlgorithmID.GetOID("RSA")); // Firma PKCS#1 codificada Asn1OctetString encodedPKCS1Signature = new DerOctetString(signature); // Atributos firmados Asn1Set asn1SignedAttributes; asn1SignedAttributes = (Asn1Set) Asn1Object.FromByteArray(signedAttributes); // SignerInfo Asn1EncodableVector signerInfo = new Asn1EncodableVector(); signerInfo.Add(new SignerInfo(signerIdentifier, digestAlgorithmOID, asn1SignedAttributes, keyAlgorithmIdentifier, encodedPKCS1Signature, null)); // ContentInfo ContentInfo contentInfo; if (content != null) { MemoryStream baos = new MemoryStream(); CmsProcessable msg = new CmsProcessableByteArray(content); msg.Write(baos); contentInfo = new ContentInfo(new DerObjectIdentifier(Org.BouncyCastle.Asn1.Pkcs.PkcsObjectIdentifiers.Data.Id), new BerOctetString(baos.ToArray())); } else { contentInfo = new ContentInfo(new DerObjectIdentifier(Org.BouncyCastle.Asn1.Pkcs.PkcsObjectIdentifiers.Data.Id), null); } // Certificados List<Asn1Encodable> ce = new List<Asn1Encodable>(); foreach (X509Certificate2 cert in signerCertificateChain) { /** * * Revisar el uso que hacemos de X509CertificateStructure * ya que puede ser un posible punto de errores * */ ce.Add(X509CertificateStructure.GetInstance(Asn1Object.FromByteArray(cert.GetRawCertData()))); } Asn1Set certificates = SigUtils.CreateBerSetFromList(ce); // Algoritmos de huella digital Asn1EncodableVector digestAlgorithms = new Asn1EncodableVector(); digestAlgorithms.Add(digestAlgorithmOID); return new ContentInfo( Org.BouncyCastle.Asn1.Pkcs.PkcsObjectIdentifiers.SignedData, new SignedData( new DerSet(digestAlgorithms), contentInfo, certificates, null, new DerSet(signerInfo) ) ).GetEncoded("DER"); }