CMS ArchiveControl

author: MW <megan@cryptoworkshop.com> 2019-01-17 16:16:20 +1100
committer: MW <megan@cryptoworkshop.com> 2019-01-17 16:16:20 +1100
commit: 3d578b981aad94eaee07fa444dd11f9323026e94 (patch)
tree: d64141ae1163cafb69a4e3fc26ab90b538d98ef6 /crypto/src/crmf
parent: Missing from previous commit (diff)
download: BouncyCastle.NET-ed25519-3d578b981aad94eaee07fa444dd11f9323026e94.tar.xz
3 files changed, 71 insertions, 3 deletions
diff --git a/crypto/src/crmf/CertificateRequestMessage.cs b/crypto/src/crmf/CertificateRequestMessage.cs
index 087e8a933..5b5d37c9e 100644
--- a/crypto/src/crmf/CertificateRequestMessage.cs
+++ b/crypto/src/crmf/CertificateRequestMessage.cs
@@ -211,8 +211,8 @@ namespace Org.BouncyCastle.Crmf
               calculator.Stream.Write(b,0,b.Length);
             }
             else
-            {
-                byte[] b = certReqMsg.GetDerEncoded();
+            {              
+                byte[] b = certReqMsg.CertReq.GetDerEncoded();
                 calculator.Stream.Write(b,0,b.Length);
             }
 
diff --git a/crypto/src/crmf/CertificateRequestMessageBuilder.cs b/crypto/src/crmf/CertificateRequestMessageBuilder.cs
index 384f6a965..9c3cf954d 100644
--- a/crypto/src/crmf/CertificateRequestMessageBuilder.cs
+++ b/crypto/src/crmf/CertificateRequestMessageBuilder.cs
@@ -95,6 +95,12 @@ namespace Org.BouncyCastle.Crmf
             return this;
         }
 
+        public CertificateRequestMessageBuilder AddControl(IControl control)
+        {
+            _controls.Add(control);
+            return this;
+        }
+
         public CertificateRequestMessageBuilder SetProofOfPossessionSignKeySigner(ISignatureFactory popoSignatureFactory)
         {
             if (_popoPrivKey != null || _popRaVerified != null || _agreeMac != null)
@@ -102,7 +108,8 @@ namespace Org.BouncyCastle.Crmf
                 throw new InvalidOperationException("only one proof of possession is allowed.");
             }
 
-            this._popoType = ProofOfPossession.TYPE_KEY_ENCIPHERMENT;
+            this._popSigner = popoSignatureFactory;
+          
             return this;
         }
 
diff --git a/crypto/src/crmf/PKIArchiveControlBuilder.cs b/crypto/src/crmf/PKIArchiveControlBuilder.cs
new file mode 100644
index 000000000..f43ecd4ec
--- /dev/null
+++ b/crypto/src/crmf/PKIArchiveControlBuilder.cs
@@ -0,0 +1,61 @@
+using System;
+using System.IO;
+using Org.BouncyCastle.Asn1.Cms;
+using Org.BouncyCastle.Asn1.Crmf;
+using Org.BouncyCastle.Asn1.Pkcs;
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Cms;
+using Org.BouncyCastle.Crypto;
+
+namespace Org.BouncyCastle.Crmf
+{
+    public class PKIArchiveControlBuilder
+    {
+        private CmsEnvelopedDataGenerator envGen;
+        private CmsProcessableByteArray keyContent;
+
+        /// <summary>
+        ///Basic constructor - specify the contents of the PKIArchiveControl structure.
+        /// </summary>
+        /// <param name="privateKeyInfo">the private key to be archived.</param>
+        /// <param name="generalName">the general name to be associated with the private key.</param>
+        ///
+        public PKIArchiveControlBuilder(PrivateKeyInfo privateKeyInfo, GeneralName generalName)
+        {
+            EncKeyWithID encKeyWithID = new EncKeyWithID(privateKeyInfo, generalName);
+
+            try
+            {
+                this.keyContent = new CmsProcessableByteArray(CrmfObjectIdentifiers.id_ct_encKeyWithID, encKeyWithID.GetEncoded());
+            }
+            catch (IOException e)
+            {
+                throw new InvalidOperationException("unable to encode key and general name info");
+            }
+
+            this.envGen = new CmsEnvelopedDataGenerator();
+        }
+        
+
+
+
+        ///<summary>Add a recipient generator to this control.</summary>       
+        ///<param name="recipientGen"> recipient generator created for a specific recipient.</param>
+        ///<returns>this builder object.</returns>       
+        public PKIArchiveControlBuilder AddRecipientGenerator(RecipientInfoGenerator recipientGen)
+        {
+            envGen.AddRecipientInfoGenerator(recipientGen);
+            return this;
+        }
+       
+        /// <summary>Build the PKIArchiveControl using the passed in encryptor to encrypt its contents.</summary>
+        /// <param name="contentEncryptor">a suitable content encryptor.</param>
+        /// <returns>a PKIArchiveControl object.</returns>
+        public PkiArchiveControl Build(ICipherBuilderWithKey contentEncryptor)
+        {                                            
+            CmsEnvelopedData envContent = envGen.Generate(keyContent, contentEncryptor);
+            EnvelopedData envD = EnvelopedData.GetInstance(envContent.ContentInfo.Content);        
+            return new PkiArchiveControl(new PkiArchiveOptions(new EncryptedKey(envD)));
+    }
+}
+}
\ No newline at end of file
author	MW <megan@cryptoworkshop.com>	2019-01-17 16:16:20 +1100
committer	MW <megan@cryptoworkshop.com>	2019-01-17 16:16:20 +1100
commit	3d578b981aad94eaee07fa444dd11f9323026e94 (patch)
tree	d64141ae1163cafb69a4e3fc26ab90b538d98ef6 /crypto/src/crmf
parent	Missing from previous commit (diff)
download	BouncyCastle.NET-ed25519-3d578b981aad94eaee07fa444dd11f9323026e94.tar.xz