diff options
Diffstat (limited to 'crypto/src/cms/KeyTransRecipientInfoGenerator.cs')
| -rw-r--r-- | crypto/src/cms/KeyTransRecipientInfoGenerator.cs | 174 |
1 files changed, 103 insertions, 71 deletions
diff --git a/crypto/src/cms/KeyTransRecipientInfoGenerator.cs b/crypto/src/cms/KeyTransRecipientInfoGenerator.cs index a1d8fbfa8..b18d18153 100644 --- a/crypto/src/cms/KeyTransRecipientInfoGenerator.cs +++ b/crypto/src/cms/KeyTransRecipientInfoGenerator.cs @@ -11,77 +11,109 @@ using Org.BouncyCastle.X509; namespace Org.BouncyCastle.Cms { - internal class KeyTransRecipientInfoGenerator : RecipientInfoGenerator - { - private static readonly CmsEnvelopedHelper Helper = CmsEnvelopedHelper.Instance; - - private TbsCertificateStructure recipientTbsCert; - private AsymmetricKeyParameter recipientPublicKey; - private Asn1OctetString subjectKeyIdentifier; - - // Derived fields - private SubjectPublicKeyInfo info; - - internal KeyTransRecipientInfoGenerator() - { - } - - internal X509Certificate RecipientCert - { - set - { - this.recipientTbsCert = CmsUtilities.GetTbsCertificateStructure(value); - this.recipientPublicKey = value.GetPublicKey(); - this.info = recipientTbsCert.SubjectPublicKeyInfo; - } - } - - internal AsymmetricKeyParameter RecipientPublicKey - { - set - { - this.recipientPublicKey = value; - - try - { - info = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo( - recipientPublicKey); - } - catch (IOException) - { - throw new ArgumentException("can't extract key algorithm from this key"); - } - } - } - - internal Asn1OctetString SubjectKeyIdentifier - { - set { this.subjectKeyIdentifier = value; } - } - - public RecipientInfo Generate(KeyParameter contentEncryptionKey, SecureRandom random) - { - byte[] keyBytes = contentEncryptionKey.GetKey(); - AlgorithmIdentifier keyEncryptionAlgorithm = info.AlgorithmID; + public class KeyTransRecipientInfoGenerator : RecipientInfoGenerator + { + private static readonly CmsEnvelopedHelper Helper = CmsEnvelopedHelper.Instance; + + private TbsCertificateStructure recipientTbsCert; + private AsymmetricKeyParameter recipientPublicKey; + private Asn1OctetString subjectKeyIdentifier; + + // Derived fields + private SubjectPublicKeyInfo info; + private IssuerAndSerialNumber issuerAndSerialNumber; + private SecureRandom random; + + internal KeyTransRecipientInfoGenerator() + { + } + + protected KeyTransRecipientInfoGenerator(IssuerAndSerialNumber issuerAndSerialNumber) + { + this.issuerAndSerialNumber = issuerAndSerialNumber; + } + + protected KeyTransRecipientInfoGenerator(byte[] subjectKeyIdentifier) + { + this.subjectKeyIdentifier = new DerOctetString(subjectKeyIdentifier); + } + + internal X509Certificate RecipientCert + { + set + { + this.recipientTbsCert = CmsUtilities.GetTbsCertificateStructure(value); + this.recipientPublicKey = value.GetPublicKey(); + this.info = recipientTbsCert.SubjectPublicKeyInfo; + } + } + + internal AsymmetricKeyParameter RecipientPublicKey + { + set + { + this.recipientPublicKey = value; + + try + { + info = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo( + recipientPublicKey); + } + catch (IOException) + { + throw new ArgumentException("can't extract key algorithm from this key"); + } + } + } + + internal Asn1OctetString SubjectKeyIdentifier + { + set { this.subjectKeyIdentifier = value; } + } + + public RecipientInfo Generate(KeyParameter contentEncryptionKey, SecureRandom random) + { + byte[] keyBytes = contentEncryptionKey.GetKey(); + AlgorithmIdentifier keyEncryptionAlgorithm = this.AlgorithmDetails; + + this.random = random; + + IWrapper keyWrapper = Helper.CreateWrapper(keyEncryptionAlgorithm.Algorithm.Id); + keyWrapper.Init(true, new ParametersWithRandom(recipientPublicKey, random)); + byte[] encryptedKeyBytes = keyWrapper.Wrap(keyBytes, 0, keyBytes.Length); + + RecipientIdentifier recipId; + if (recipientTbsCert != null) + { + IssuerAndSerialNumber issuerAndSerial = new IssuerAndSerialNumber( + recipientTbsCert.Issuer, recipientTbsCert.SerialNumber.Value); + recipId = new RecipientIdentifier(issuerAndSerial); + } + else + { + recipId = new RecipientIdentifier(subjectKeyIdentifier); + } + + return new RecipientInfo(new KeyTransRecipientInfo(recipId, keyEncryptionAlgorithm, + new DerOctetString(encryptedKeyBytes))); + } + + protected virtual AlgorithmIdentifier AlgorithmDetails + { + get + { + return info.AlgorithmID; + } + } + + protected virtual byte[] GenerateWrappedKey(KeyParameter contentEncryptionKey) + { + byte[] keyBytes = contentEncryptionKey.GetKey(); + AlgorithmIdentifier keyEncryptionAlgorithm = info.AlgorithmID; IWrapper keyWrapper = Helper.CreateWrapper(keyEncryptionAlgorithm.Algorithm.Id); - keyWrapper.Init(true, new ParametersWithRandom(recipientPublicKey, random)); - byte[] encryptedKeyBytes = keyWrapper.Wrap(keyBytes, 0, keyBytes.Length); - - RecipientIdentifier recipId; - if (recipientTbsCert != null) - { - IssuerAndSerialNumber issuerAndSerial = new IssuerAndSerialNumber( - recipientTbsCert.Issuer, recipientTbsCert.SerialNumber.Value); - recipId = new RecipientIdentifier(issuerAndSerial); - } - else - { - recipId = new RecipientIdentifier(subjectKeyIdentifier); - } - - return new RecipientInfo(new KeyTransRecipientInfo(recipId, keyEncryptionAlgorithm, - new DerOctetString(encryptedKeyBytes))); - } - } + keyWrapper.Init(true, new ParametersWithRandom(recipientPublicKey, random)); + return keyWrapper.Wrap(keyBytes, 0, keyBytes.Length); + } + } } |