diff --git a/crypto/src/cmp/CertificateConfirmationContent.cs b/crypto/src/cmp/CertificateConfirmationContent.cs
index 882bd2091..13d1dab8e 100644
--- a/crypto/src/cmp/CertificateConfirmationContent.cs
+++ b/crypto/src/cmp/CertificateConfirmationContent.cs
@@ -1,6 +1,4 @@
-using System;
-using System.Collections.Generic;
-using System.Text;
+
using Org.BouncyCastle.Cms;
using Org.BouncyCastle.Asn1.Cmp;
diff --git a/crypto/src/cmp/CertificateConfirmationContentBuilder.cs b/crypto/src/cmp/CertificateConfirmationContentBuilder.cs
index 126484917..56f5d5ccb 100644
--- a/crypto/src/cmp/CertificateConfirmationContentBuilder.cs
+++ b/crypto/src/cmp/CertificateConfirmationContentBuilder.cs
@@ -1,7 +1,4 @@
-using System;
-using System.Collections;
-using System.Collections.Generic;
-using System.Text;
+using System.Collections;
using Org.BouncyCastle.Asn1;
using Org.BouncyCastle.Asn1.Cmp;
using Org.BouncyCastle.Asn1.X509;
diff --git a/crypto/src/cmp/CertificateStatus.cs b/crypto/src/cmp/CertificateStatus.cs
index e8c3546dd..92a94ea05 100644
--- a/crypto/src/cmp/CertificateStatus.cs
+++ b/crypto/src/cmp/CertificateStatus.cs
@@ -1,7 +1,4 @@
-using System;
-using System.Collections.Generic;
-using System.Text;
-using Org.BouncyCastle.Asn1.Cmp;
+using Org.BouncyCastle.Asn1.Cmp;
using Org.BouncyCastle.Asn1.X509;
using Org.BouncyCastle.Cms;
using Org.BouncyCastle.Crypto.IO;
diff --git a/crypto/src/cmp/CmpException.cs b/crypto/src/cmp/CmpException.cs
index 7ecdf5af8..2f50f7780 100644
--- a/crypto/src/cmp/CmpException.cs
+++ b/crypto/src/cmp/CmpException.cs
@@ -1,7 +1,6 @@
using System;
-using System.Collections.Generic;
using System.Runtime.Serialization;
-using System.Text;
+
namespace Org.BouncyCastle.Cmp
{
diff --git a/crypto/src/cmp/GeneralPkiMessage.cs b/crypto/src/cmp/GeneralPkiMessage.cs
index d91b8ef7e..ad55a8005 100644
--- a/crypto/src/cmp/GeneralPkiMessage.cs
+++ b/crypto/src/cmp/GeneralPkiMessage.cs
@@ -1,8 +1,4 @@
-using System;
-using System.Collections.Generic;
-using System.Text;
-
-namespace Org.BouncyCastle.Asn1.Cmp
+namespace Org.BouncyCastle.Asn1.Cmp
{
public class GeneralPKIMessage
{
@@ -13,17 +9,28 @@ namespace Org.BouncyCastle.Asn1.Cmp
return PkiMessage.GetInstance(Asn1Object.FromByteArray(encoding));
}
+
+ /// <summary>
+ /// Wrap a PKIMessage ASN.1 structure.
+ /// </summary>
+ /// <param name="pkiMessage">PKI message.</param>
public GeneralPKIMessage(PkiMessage pkiMessage)
{
this.pkiMessage = pkiMessage;
}
+ /// <summary>
+ /// Create a PKIMessage from the passed in bytes.
+ /// </summary>
+ /// <param name="encoding">BER/DER encoding of the PKIMessage</param>
public GeneralPKIMessage(byte[] encoding) : this(parseBytes(encoding))
{
}
- public PkiHeader Header {
- get {
+ public PkiHeader Header
+ {
+ get
+ {
return pkiMessage.Header;
}
}
@@ -36,6 +43,10 @@ namespace Org.BouncyCastle.Asn1.Cmp
}
}
+ /// <summary>
+ /// Return true if this message has protection bits on it. A return value of true
+ /// indicates the message can be used to construct a ProtectedPKIMessage.
+ /// </summary>
public bool HasProtection
{
get { return pkiMessage.Protection != null; }
diff --git a/crypto/src/cmp/ProtectedPkiMessage.cs b/crypto/src/cmp/ProtectedPkiMessage.cs
index 159f08722..d3cf4a524 100644
--- a/crypto/src/cmp/ProtectedPkiMessage.cs
+++ b/crypto/src/cmp/ProtectedPkiMessage.cs
@@ -1,30 +1,30 @@
using Org.BouncyCastle.Asn1.X509;
using Org.BouncyCastle.X509;
using System;
-using System.Collections.Generic;
-using System.Text;
using Org.BouncyCastle.Asn1;
using Org.BouncyCastle.Asn1.Cmp;
-using Org.BouncyCastle.Asn1.Crmf;
-using Org.BouncyCastle.Asn1.Pkcs;
using Org.BouncyCastle.Crypto;
-using Org.BouncyCastle.Crypto.Operators;
-using Org.BouncyCastle.Crypto.Paddings;
using Org.BouncyCastle.Utilities;
-using Org.BouncyCastle.Utilities.Encoders;
+
using Org.BouncyCastle.Crmf;
namespace Org.BouncyCastle.Cmp
{
-
+ /// <summary>
+ /// Wrapper for a PKIMessage with protection attached to it.
+ /// </summary>
public class ProtectedPkiMessage
{
private PkiMessage pkiMessage;
-
+ /// <summary>
+ /// Wrap a general message.
+ /// </summary>
+ /// <exception cref="ArgumentException">If the general message does not have protection.</exception>
+ /// <param name="pkiMessage">The General message</param>
public ProtectedPkiMessage(GeneralPKIMessage pkiMessage)
{
-
+
if (!pkiMessage.HasProtection)
{
throw new ArgumentException("pki message not protected");
@@ -32,7 +32,12 @@ namespace Org.BouncyCastle.Cmp
this.pkiMessage = pkiMessage.ToAsn1Structure();
}
-
+
+ /// <summary>
+ /// Wrap a PKI message.
+ /// </summary>
+ /// <exception cref="ArgumentException">If the PKI message does not have protection.</exception>
+ /// <param name="pkiMessage">The PKI message</param>
public ProtectedPkiMessage(PkiMessage pkiMessage)
{
if (pkiMessage.Header.ProtectionAlg == null)
@@ -43,13 +48,33 @@ namespace Org.BouncyCastle.Cmp
this.pkiMessage = pkiMessage;
}
+ /// <summary>
+ /// Message header
+ /// </summary>
public PkiHeader Header { get { return pkiMessage.Header; } }
+
+ /// <summary>
+ /// Message Body
+ /// </summary>
public PkiBody Body { get { return pkiMessage.Body; } }
+ /// <summary>
+ /// Return the underlying ASN.1 structure contained in this object.
+ /// </summary>
+ /// <returns>PKI Message structure</returns>
public PkiMessage ToAsn1Message() { return pkiMessage; }
+ /// <summary>
+ /// Determine whether the message is protected by a password based MAC. Use verify(PKMACBuilder, char[])
+ /// to verify the message if this method returns true.
+ /// </summary>
+ /// <returns>true if protection MAC PBE based, false otherwise.</returns>
public bool HasPasswordBasedMacProtected { get { return Header.ProtectionAlg.Algorithm.Equals(CmpObjectIdentifiers.passwordBasedMac); } }
+ /// <summary>
+ /// Return the extra certificates associated with this message.
+ /// </summary>
+ /// <returns>an array of extra certificates, zero length if none present.</returns>
public X509Certificate[] GetCertificates()
{
CmpCertificate[] certs = pkiMessage.GetExtraCerts();
@@ -60,7 +85,7 @@ namespace Org.BouncyCastle.Cmp
}
X509Certificate[] res = new X509Certificate[certs.Length];
- for (int t=0; t<certs.Length;t++)
+ for (int t = 0; t < certs.Length; t++)
{
res[t] = new X509Certificate(X509CertificateStructure.GetInstance(certs[t].GetEncoded()));
}
@@ -68,6 +93,11 @@ namespace Org.BouncyCastle.Cmp
return res;
}
+ /// <summary>
+ /// Verify a message with a public key based signature attached.
+ /// </summary>
+ /// <param name="verifierFactory">a factory of signature verifiers.</param>
+ /// <returns>true if the provider is able to create a verifier that validates the signature, false otherwise.</returns>
public bool Verify(IVerifierFactory verifierFactory)
{
IStreamCalculator streamCalculator = verifierFactory.CreateCalculator();
@@ -79,18 +109,25 @@ namespace Org.BouncyCastle.Cmp
private Object Process(IStreamCalculator streamCalculator)
{
- Asn1EncodableVector avec = new Asn1EncodableVector();
- avec.Add(pkiMessage.Header);
- avec.Add(pkiMessage.Body);
- byte[] enc = new DerSequence(avec).GetDerEncoded();
-
- streamCalculator.Stream.Write(enc,0,enc.Length);
- streamCalculator.Stream.Flush();
- streamCalculator.Stream.Close();
-
- return streamCalculator.GetResult();
+ Asn1EncodableVector avec = new Asn1EncodableVector();
+ avec.Add(pkiMessage.Header);
+ avec.Add(pkiMessage.Body);
+ byte[] enc = new DerSequence(avec).GetDerEncoded();
+
+ streamCalculator.Stream.Write(enc, 0, enc.Length);
+ streamCalculator.Stream.Flush();
+ streamCalculator.Stream.Close();
+
+ return streamCalculator.GetResult();
}
+ /// <summary>
+ /// Verify a message with password based MAC protection.
+ /// </summary>
+ /// <param name="pkMacBuilder">MAC builder that can be used to construct the appropriate MacCalculator</param>
+ /// <param name="password">the MAC password</param>
+ /// <returns>true if the passed in password and MAC builder verify the message, false otherwise.</returns>
+ /// <exception cref="InvalidOperationException">if algorithm not MAC based, or an exception is thrown verifying the MAC.</exception>
public bool Verify(PKMacBuilder pkMacBuilder, char[] password)
{
if (!CmpObjectIdentifiers.passwordBasedMac.Equals(pkiMessage.Header.ProtectionAlg.Algorithm))
diff --git a/crypto/src/cmp/ProtectedPkiMessageBuilder.cs b/crypto/src/cmp/ProtectedPkiMessageBuilder.cs
index e660f844a..3ee223ba8 100644
--- a/crypto/src/cmp/ProtectedPkiMessageBuilder.cs
+++ b/crypto/src/cmp/ProtectedPkiMessageBuilder.cs
@@ -1,13 +1,11 @@
using System;
using System.Collections;
-using Org.BouncyCastle.Asn1.Crmf;
using Org.BouncyCastle.Asn1;
using Org.BouncyCastle.Asn1.Cmp;
using Org.BouncyCastle.Asn1.X509;
using Org.BouncyCastle.Crypto;
using Org.BouncyCastle.Crypto.Operators;
using Org.BouncyCastle.X509;
-using Org.BouncyCastle.Crmf;
namespace Org.BouncyCastle.Cmp
{
|
