summary refs log tree commit diff
path: root/crypto/src/cmp/CertificateConfirmationContentBuilder.cs
diff options
context:
space:
mode:
Diffstat (limited to 'crypto/src/cmp/CertificateConfirmationContentBuilder.cs')
-rw-r--r--crypto/src/cmp/CertificateConfirmationContentBuilder.cs69
1 files changed, 40 insertions, 29 deletions
diff --git a/crypto/src/cmp/CertificateConfirmationContentBuilder.cs b/crypto/src/cmp/CertificateConfirmationContentBuilder.cs
index 09ae71bbf..873b58b2e 100644
--- a/crypto/src/cmp/CertificateConfirmationContentBuilder.cs
+++ b/crypto/src/cmp/CertificateConfirmationContentBuilder.cs
@@ -1,39 +1,58 @@
-using System.Collections.Generic;
+using System;
+using System.Collections.Generic;
 
 using Org.BouncyCastle.Asn1;
 using Org.BouncyCastle.Asn1.Cmp;
 using Org.BouncyCastle.Asn1.X509;
-using Org.BouncyCastle.Cms;
 using Org.BouncyCastle.Math;
-using Org.BouncyCastle.Security;
+using Org.BouncyCastle.Operators.Utilities;
 using Org.BouncyCastle.X509;
 
 namespace Org.BouncyCastle.Cmp
 {
     public sealed class CertificateConfirmationContentBuilder
     {
-        private static readonly DefaultSignatureAlgorithmIdentifierFinder SigAlgFinder =
-            new DefaultSignatureAlgorithmIdentifierFinder();
-
-        private readonly DefaultDigestAlgorithmIdentifierFinder m_digestAlgFinder;
-        private readonly IList<X509Certificate> m_acceptedCerts = new List<X509Certificate>();
-        private readonly IList<BigInteger> m_acceptedReqIDs = new List<BigInteger>();
+        private readonly IDigestAlgorithmFinder m_digestAlgorithmFinder;
+        private readonly List<CmpCertificate> m_acceptedCerts = new List<CmpCertificate>();
+        private readonly List<AlgorithmIdentifier> m_acceptedSignatureAlgorithms = new List<AlgorithmIdentifier>();
+        private readonly List<DerInteger> m_acceptedReqIDs = new List<DerInteger>();
 
         public CertificateConfirmationContentBuilder()
-            : this(new DefaultDigestAlgorithmIdentifierFinder())
+            : this(DefaultDigestAlgorithmFinder.Instance)
+        {
+        }
+
+        [Obsolete("Use constructor taking 'IDigestAlgorithmFinder' instead")]
+        public CertificateConfirmationContentBuilder(Cms.DefaultDigestAlgorithmIdentifierFinder digestAlgFinder)
+            : this((IDigestAlgorithmFinder)digestAlgFinder)
         {
         }
 
-        public CertificateConfirmationContentBuilder(DefaultDigestAlgorithmIdentifierFinder digestAlgFinder)
+        public CertificateConfirmationContentBuilder(IDigestAlgorithmFinder digestAlgorithmFinder)
         {
-            this.m_digestAlgFinder = digestAlgFinder;
+            m_digestAlgorithmFinder = digestAlgorithmFinder;
         }
 
+        // TODO[api] Rename parameters to 'cert', 'certReqID'
         public CertificateConfirmationContentBuilder AddAcceptedCertificate(X509Certificate certHolder,
             BigInteger certReqId)
         {
-            m_acceptedCerts.Add(certHolder);
-            m_acceptedReqIDs.Add(certReqId);
+            return AddAcceptedCertificate(certHolder, new DerInteger(certReqId));
+        }
+
+        public CertificateConfirmationContentBuilder AddAcceptedCertificate(X509Certificate cert, DerInteger certReqID)
+        {
+            return AddAcceptedCertificate(
+                new CmpCertificate(cert.CertificateStructure), cert.SignatureAlgorithm, certReqID);
+        }
+
+        public CertificateConfirmationContentBuilder AddAcceptedCertificate(CmpCertificate cmpCertificate,
+            AlgorithmIdentifier signatureAlgorithm, DerInteger certReqID)
+        {
+            m_acceptedCerts.Add(cmpCertificate);
+            m_acceptedSignatureAlgorithms.Add(signatureAlgorithm);
+            m_acceptedReqIDs.Add(certReqID);
+
             return this;
         }
 
@@ -42,24 +61,16 @@ namespace Org.BouncyCastle.Cmp
             Asn1EncodableVector v = new Asn1EncodableVector(m_acceptedCerts.Count);
             for (int i = 0; i != m_acceptedCerts.Count; i++)
             {
-                X509Certificate cert = m_acceptedCerts[i];
-                BigInteger reqID = m_acceptedReqIDs[i];
-
-                AlgorithmIdentifier algorithmIdentifier = SigAlgFinder.Find(cert.SigAlgName);
-                if (null == algorithmIdentifier)
-                    throw new CmpException("cannot find algorithm identifier for signature name");
+                var certHash = CmpUtilities.CalculateCertHash(m_acceptedCerts[i], m_acceptedSignatureAlgorithms[i],
+                    m_digestAlgorithmFinder);
+                var reqID = m_acceptedReqIDs[i];
 
-                AlgorithmIdentifier digAlg = m_digestAlgFinder.Find(algorithmIdentifier);
-                if (null == digAlg)
-                    throw new CmpException("cannot find algorithm for digest from signature");
-
-                byte[] digest = DigestUtilities.CalculateDigest(digAlg.Algorithm, cert.GetEncoded());
-
-                v.Add(new CertStatus(digest, reqID));
+                v.Add(new CertStatus(certHash, reqID));
             }
 
-            return new CertificateConfirmationContent(CertConfirmContent.GetInstance(new DerSequence(v)),
-                m_digestAlgFinder);
+            var content = CertConfirmContent.GetInstance(new DerSequence(v));
+
+            return new CertificateConfirmationContent(content, m_digestAlgorithmFinder);
         }
     }
 }
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-09-19 22:39:05 +0000