1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
|
using System;
using System.IO;
using Org.BouncyCastle.Asn1;
using Org.BouncyCastle.Asn1.Cms;
using Org.BouncyCastle.Asn1.X509;
using Org.BouncyCastle.Crypto;
using Org.BouncyCastle.Crypto.IO;
using Org.BouncyCastle.Crypto.Parameters;
using Org.BouncyCastle.Security;
using Org.BouncyCastle.Utilities;
using Org.BouncyCastle.Utilities.IO;
namespace Org.BouncyCastle.Cms
{
/**
* General class for generating a CMS authenticated-data message.
*
* A simple example of usage.
*
* <pre>
* CMSAuthenticatedDataGenerator fact = new CMSAuthenticatedDataGenerator();
*
* fact.addKeyTransRecipient(cert);
*
* CMSAuthenticatedData data = fact.generate(content, algorithm, "BC");
* </pre>
*/
public class CmsAuthenticatedDataGenerator
: CmsAuthenticatedGenerator
{
public CmsAuthenticatedDataGenerator()
{
}
/// <summary>Constructor allowing specific source of randomness</summary>
/// <param name="random">Instance of <c>SecureRandom</c> to use.</param>
public CmsAuthenticatedDataGenerator(SecureRandom random)
: base(random)
{
}
/**
* generate an enveloped object that contains an CMS Enveloped Data
* object using the given provider and the passed in key generator.
*/
private CmsAuthenticatedData Generate(
CmsProcessable content,
string macOid,
CipherKeyGenerator keyGen)
{
AlgorithmIdentifier macAlgId;
KeyParameter encKey;
Asn1OctetString encContent;
Asn1OctetString macResult;
try
{
// FIXME Will this work for macs?
byte[] encKeyBytes = keyGen.GenerateKey();
encKey = ParameterUtilities.CreateKeyParameter(macOid, encKeyBytes);
Asn1Encodable asn1Params = GenerateAsn1Parameters(macOid, encKeyBytes);
macAlgId = GetAlgorithmIdentifier(macOid, encKey, asn1Params, out var cipherParameters);
IMac mac = MacUtilities.GetMac(macOid);
// TODO Confirm no ParametersWithRandom needed
// FIXME Only passing key at the moment
// mac.Init(cipherParameters);
mac.Init(encKey);
var bOut = new MemoryStream();
using (var mOut = new TeeOutputStream(bOut, new MacSink(mac)))
{
content.Write(mOut);
}
encContent = new BerOctetString(bOut.ToArray());
byte[] macOctets = MacUtilities.DoFinal(mac);
macResult = new DerOctetString(macOctets);
}
catch (SecurityUtilityException e)
{
throw new CmsException("couldn't create cipher.", e);
}
catch (InvalidKeyException e)
{
throw new CmsException("key invalid in message.", e);
}
catch (IOException e)
{
throw new CmsException("exception decoding algorithm parameters.", e);
}
var recipientInfos = new Asn1EncodableVector(recipientInfoGenerators.Count);
foreach (RecipientInfoGenerator rig in recipientInfoGenerators)
{
try
{
recipientInfos.Add(rig.Generate(encKey, m_random));
}
catch (InvalidKeyException e)
{
throw new CmsException("key inappropriate for algorithm.", e);
}
catch (GeneralSecurityException e)
{
throw new CmsException("error making encrypted content.", e);
}
}
var eci = new ContentInfo(CmsObjectIdentifiers.Data, encContent);
var contentInfo = new ContentInfo(
CmsObjectIdentifiers.AuthenticatedData,
new AuthenticatedData(null, DerSet.FromVector(recipientInfos), macAlgId, null, eci, null, macResult, null));
return new CmsAuthenticatedData(contentInfo);
}
/**
* generate an authenticated object that contains an CMS Authenticated Data object
*/
public CmsAuthenticatedData Generate(
CmsProcessable content,
string encryptionOid)
{
try
{
// FIXME Will this work for macs?
CipherKeyGenerator keyGen = GeneratorUtilities.GetKeyGenerator(encryptionOid);
keyGen.Init(new KeyGenerationParameters(m_random, keyGen.DefaultStrength));
return Generate(content, encryptionOid, keyGen);
}
catch (SecurityUtilityException e)
{
throw new CmsException("can't find key generation algorithm.", e);
}
}
}
}
|
