本文整理汇总了C#中Org.BouncyCastle.Cms.CmsSignedDataParser.GetSignerInfos方法的典型用法代码示例。如果您正苦于以下问题:C# CmsSignedDataParser.GetSignerInfos方法的具体用法?C# CmsSignedDataParser.GetSignerInfos怎么用?C# CmsSignedDataParser.GetSignerInfos使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类Org.BouncyCastle.Cms.CmsSignedDataParser的用法示例。
在下文中一共展示了CmsSignedDataParser.GetSignerInfos方法的11个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的C#代码示例。
示例1: GetDigitalSignatures
DigitalSignatureCollection GetDigitalSignatures(CmsSignedDataParser parser)
{
var certificates = parser.GetCertificates ("Collection");
var signatures = new List<IDigitalSignature> ();
var crls = parser.GetCrls ("Collection");
var store = parser.GetSignerInfos ();
foreach (X509Certificate certificate in certificates.GetMatches (null))
Import (certificate);
foreach (X509Crl crl in crls.GetMatches (null))
Import (crl);
foreach (SignerInformation signerInfo in store.GetSigners ()) {
var certificate = GetCertificate (certificates, signerInfo.SignerID);
var signature = new SecureMimeDigitalSignature (signerInfo);
DateTime? signedDate = null;
if (signerInfo.SignedAttributes != null) {
Asn1EncodableVector vector = signerInfo.SignedAttributes.GetAll (CmsAttributes.SigningTime);
foreach (Org.BouncyCastle.Asn1.Cms.Attribute attr in vector) {
var signingTime = (DerUtcTime) ((DerSet) attr.AttrValues)[0];
signature.CreationDate = signingTime.ToAdjustedDateTime ();
signedDate = signature.CreationDate;
break;
}
}
if (certificate != null)
signature.SignerCertificate = new SecureMimeDigitalCertificate (certificate);
var anchors = GetTrustedAnchors ();
try {
signature.Chain = BuildCertPath (anchors, certificates, crls, certificate, signedDate);
} catch (Exception ex) {
signature.ChainException = ex;
}
signatures.Add (signature);
}
return new DigitalSignatureCollection (signatures);
}示例2: ReplaceCertificatesAndCrls
/**
* Replace the certificate and CRL information associated with this
* CMSSignedData object with the new one passed in.
* <p>
* The output stream is returned unclosed.
* </p>
* @param original the signed data stream to be used as a base.
* @param certsAndCrls the new certificates and CRLs to be used.
* @param out the stream to Write the new signed data object to.
* @return out.
* @exception CmsException if there is an error processing the CertStore
*/
public static Stream ReplaceCertificatesAndCrls(
Stream original,
IX509Store x509Certs,
IX509Store x509Crls,
IX509Store x509AttrCerts,
Stream outStr)
{
// NB: SecureRandom would be ignored since using existing signatures only
CmsSignedDataStreamGenerator gen = new CmsSignedDataStreamGenerator();
CmsSignedDataParser parser = new CmsSignedDataParser(original);
gen.AddDigests(parser.DigestOids);
CmsTypedStream signedContent = parser.GetSignedContent();
bool encapsulate = (signedContent != null);
Stream contentOut = gen.Open(outStr, parser.SignedContentType.Id, encapsulate);
if (encapsulate)
{
Streams.PipeAll(signedContent.ContentStream, contentOut);
}
// gen.AddAttributeCertificates(parser.GetAttributeCertificates("Collection"));
// gen.AddCertificates(parser.GetCertificates("Collection"));
// gen.AddCrls(parser.GetCrls("Collection"));
if (x509AttrCerts != null)
gen.AddAttributeCertificates(x509AttrCerts);
if (x509Certs != null)
gen.AddCertificates(x509Certs);
if (x509Crls != null)
gen.AddCrls(x509Crls);
gen.AddSigners(parser.GetSignerInfos());
contentOut.Close();
return outStr;
}示例3: VerifySignatures
private void VerifySignatures(
CmsSignedDataParser sp,
byte[] contentDigest)
{
IX509Store certStore = sp.GetCertificates("Collection");
SignerInformationStore signers = sp.GetSignerInfos();
foreach (SignerInformation signer in signers.GetSigners())
{
ICollection certCollection = certStore.GetMatches(signer.SignerID);
IEnumerator certEnum = certCollection.GetEnumerator();
certEnum.MoveNext();
X509Certificate cert = (X509Certificate) certEnum.Current;
Assert.IsTrue(signer.Verify(cert));
if (contentDigest != null)
{
Assert.IsTrue(Arrays.AreEqual(contentDigest, signer.GetContentDigest()));
}
}
}示例4: VerifySignatures
private void VerifySignatures(
CmsSignedDataParser sp)
{
IX509Store x509Certs = sp.GetCertificates("Collection");
SignerInformationStore signers = sp.GetSignerInfos();
foreach (SignerInformation signer in signers.GetSigners())
{
ICollection certCollection = x509Certs.GetMatches(signer.SignerID);
IEnumerator certEnum = certCollection.GetEnumerator();
certEnum.MoveNext();
X509Certificate cert = (X509Certificate)certEnum.Current;
Assert.IsTrue(signer.Verify(cert));
}
}示例5: TestSha1WithRsaEncapsulatedSubjectKeyID
public void TestSha1WithRsaEncapsulatedSubjectKeyID()
{
MemoryStream bOut = new MemoryStream();
IX509Store x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert);
CmsSignedDataStreamGenerator gen = new CmsSignedDataStreamGenerator();
gen.AddSigner(OrigKP.Private,
CmsTestUtil.CreateSubjectKeyId(OrigCert.GetPublicKey()).GetKeyIdentifier(),
CmsSignedDataStreamGenerator.DigestSha1);
gen.AddCertificates(x509Certs);
byte[] testBytes = Encoding.ASCII.GetBytes(TestMessage);
Stream sigOut = gen.Open(bOut, true);
sigOut.Write(testBytes, 0, testBytes.Length);
sigOut.Close();
CmsSignedDataParser sp = new CmsSignedDataParser(bOut.ToArray());
sp.GetSignedContent().Drain();
VerifySignatures(sp);
byte[] contentDigest = (byte[])gen.GetGeneratedDigests()[CmsSignedGenerator.DigestSha1];
ArrayList signers = new ArrayList(sp.GetSignerInfos().GetSigners());
AttributeTable table = ((SignerInformation) signers[0]).SignedAttributes;
Asn1.Cms.Attribute hash = table[CmsAttributes.MessageDigest];
Assert.IsTrue(Arrays.AreEqual(contentDigest, ((Asn1OctetString)hash.AttrValues[0]).GetOctets()));
//
// try using existing signer
//
gen = new CmsSignedDataStreamGenerator();
gen.AddSigners(sp.GetSignerInfos());
// gen.AddCertificatesAndCRLs(sp.GetCertificatesAndCrls("Collection", "BC"));
gen.AddCertificates(sp.GetCertificates("Collection"));
bOut.SetLength(0);
sigOut = gen.Open(bOut, true);
sigOut.Write(testBytes, 0, testBytes.Length);
sigOut.Close();
CmsSignedData sd = new CmsSignedData(new CmsProcessableByteArray(testBytes), bOut.ToArray());
Assert.AreEqual(1, sd.GetSignerInfos().GetSigners().Count);
VerifyEncodedData(bOut);
}示例6: TestAttributeGenerators
public void TestAttributeGenerators()
{
MemoryStream bOut = new MemoryStream();
IX509Store x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert);
CmsAttributeTableGenerator signedGen = new SignedGenAttributeTableGenerator();
CmsAttributeTableGenerator unsignedGen = new UnsignedGenAttributeTableGenerator();
CmsSignedDataStreamGenerator gen = new CmsSignedDataStreamGenerator();
gen.AddSigner(OrigKP.Private, OrigCert,
CmsSignedDataStreamGenerator.DigestSha1, signedGen, unsignedGen);
gen.AddCertificates(x509Certs);
byte[] testBytes = Encoding.ASCII.GetBytes(TestMessage);
Stream sigOut = gen.Open(bOut, true);
sigOut.Write(testBytes, 0, testBytes.Length);
sigOut.Close();
CmsSignedDataParser sp = new CmsSignedDataParser(bOut.ToArray());
sp.GetSignedContent().Drain();
VerifySignatures(sp);
//
// check attributes
//
SignerInformationStore signers = sp.GetSignerInfos();
foreach (SignerInformation signer in signers.GetSigners())
{
CheckAttribute(signer.GetContentDigest(), signer.SignedAttributes[dummyOid1]);
CheckAttribute(signer.GetSignature(), signer.UnsignedAttributes[dummyOid2]);
}
}示例7: TestSha1WithRsa
public void TestSha1WithRsa()
{
MemoryStream bOut = new MemoryStream();
IX509Store x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert);
IX509Store x509Crls = CmsTestUtil.MakeCrlStore(SignCrl, OrigCrl);
CmsSignedDataStreamGenerator gen = new CmsSignedDataStreamGenerator();
gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataStreamGenerator.DigestSha1);
gen.AddCertificates(x509Certs);
gen.AddCrls(x509Crls);
Stream sigOut = gen.Open(bOut);
byte[] testBytes = Encoding.ASCII.GetBytes(TestMessage);
sigOut.Write(testBytes, 0, testBytes.Length);
sigOut.Close();
CheckSigParseable(bOut.ToArray());
CmsSignedDataParser sp = new CmsSignedDataParser(
new CmsTypedStream(new MemoryStream(testBytes, false)), bOut.ToArray());
sp.GetSignedContent().Drain();
// compute expected content digest
byte[] hash = DigestUtilities.CalculateDigest("SHA1", testBytes);
VerifySignatures(sp, hash);
//
// try using existing signer
//
gen = new CmsSignedDataStreamGenerator();
gen.AddSigners(sp.GetSignerInfos());
gen.AddCertificates(sp.GetCertificates("Collection"));
gen.AddCrls(sp.GetCrls("Collection"));
bOut.SetLength(0);
sigOut = gen.Open(bOut, true);
sigOut.Write(testBytes, 0, testBytes.Length);
sigOut.Close();
VerifyEncodedData(bOut);
//
// look for the CRLs
//
ArrayList col = new ArrayList(x509Crls.GetMatches(null));
Assert.AreEqual(2, col.Count);
Assert.IsTrue(col.Contains(SignCrl));
Assert.IsTrue(col.Contains(OrigCrl));
}示例8: CheckSigParseable
private void CheckSigParseable(byte[] sig)
{
CmsSignedDataParser sp = new CmsSignedDataParser(sig);
sp.Version.ToString();
CmsTypedStream sc = sp.GetSignedContent();
if (sc != null)
{
sc.Drain();
}
sp.GetAttributeCertificates("Collection");
sp.GetCertificates("Collection");
sp.GetCrls("Collection");
sp.GetSignerInfos();
sp.Close();
}示例9: TestSha1WithRsa
public void TestSha1WithRsa()
{
IList certList = new ArrayList();
IList crlList = new ArrayList();
MemoryStream bOut = new MemoryStream();
certList.Add(OrigCert);
certList.Add(SignCert);
crlList.Add(SignCrl);
crlList.Add(OrigCrl);
IX509Store x509Certs = X509StoreFactory.Create(
"Certificate/Collection",
new X509CollectionStoreParameters(certList));
IX509Store x509Crls = X509StoreFactory.Create(
"CRL/Collection",
new X509CollectionStoreParameters(crlList));
CmsSignedDataStreamGenerator gen = new CmsSignedDataStreamGenerator();
gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedDataStreamGenerator.DigestSha1);
gen.AddCertificates(x509Certs);
gen.AddCrls(x509Crls);
Stream sigOut = gen.Open(bOut);
byte[] testBytes = Encoding.ASCII.GetBytes(TestMessage);
sigOut.Write(testBytes, 0, testBytes.Length);
sigOut.Close();
CheckSigParseable(bOut.ToArray());
CmsSignedDataParser sp = new CmsSignedDataParser(
new CmsTypedStream(new MemoryStream(testBytes, false)), bOut.ToArray());
sp.GetSignedContent().Drain();
//
// compute expected content digest
//
IDigest md = DigestUtilities.GetDigest("SHA1");
md.BlockUpdate(testBytes, 0, testBytes.Length);
byte[] hash = DigestUtilities.DoFinal(md);
VerifySignatures(sp, hash);
//
// try using existing signer
//
gen = new CmsSignedDataStreamGenerator();
gen.AddSigners(sp.GetSignerInfos());
gen.AddCertificates(sp.GetCertificates("Collection"));
gen.AddCrls(sp.GetCrls("Collection"));
bOut.SetLength(0);
sigOut = gen.Open(bOut, true);
sigOut.Write(testBytes, 0, testBytes.Length);
sigOut.Close();
VerifyEncodedData(bOut);
//
// look for the CRLs
//
ArrayList col = new ArrayList(x509Crls.GetMatches(null));
Assert.AreEqual(2, col.Count);
Assert.IsTrue(col.Contains(SignCrl));
Assert.IsTrue(col.Contains(OrigCrl));
}示例10: Complete
protected void Complete(Level level, Stream embedded, Stream signed, X509Certificate2 providedSigner, out TimemarkKey timemarkKey)
{
trace.TraceEvent(TraceEventType.Information, 0, "Completing the message with of {0} bytes to level {1}", signed.Length, level);
//Prepare generator, parser and time-mark Key
CmsSignedDataStreamGenerator gen = new CmsSignedDataStreamGenerator();
CmsSignedDataParser parser = new CmsSignedDataParser(signed);
timemarkKey = new TimemarkKey();
//preset the digests so we can add the signers afterwards
gen.AddDigests(parser.DigestOids);
//Copy the content
CmsTypedStream signedContent = parser.GetSignedContent();
Stream contentOut = gen.Open(embedded, parser.SignedContentType.Id, true);
signedContent.ContentStream.CopyTo(contentOut);
//Extract the signer info
SignerInformationStore signerInfoStore = parser.GetSignerInfos();
IEnumerator signerInfos = signerInfoStore.GetSigners().GetEnumerator();
if (!signerInfos.MoveNext())
{
trace.TraceEvent(TraceEventType.Error, 0, "The message to complete does not contain a signature");
throw new InvalidMessageException("The message does not contain a signature");
}
SignerInformation signerInfo = (SignerInformation)signerInfos.Current;
if (signerInfos.MoveNext())
{
trace.TraceEvent(TraceEventType.Error, 0, "The message to complete does not contain more then one signature");
throw new InvalidMessageException("The message does contain multiple signatures, which isn't supported");
}
//Extract the signing key
timemarkKey.SignatureValue = signerInfo.GetSignature();
//Extract the unsigned attributes & signing time
bool hasSigningTime;
IDictionary unsignedAttributes = signerInfo.UnsignedAttributes != null ? signerInfo.UnsignedAttributes.ToDictionary() : new Hashtable();
BC::Asn1.Cms.Attribute singingTimeAttr = signerInfo.SignedAttributes != null ? signerInfo.SignedAttributes[CmsAttributes.SigningTime] : null;
if (singingTimeAttr == null)
{
trace.TraceEvent(TraceEventType.Warning, 0, "The message to complete does not contain a signing time");
hasSigningTime = false;
timemarkKey.SigningTime = DateTime.UtcNow;
}
else
{
hasSigningTime = false;
timemarkKey.SigningTime = new BC::Asn1.Cms.Time(((DerSet)singingTimeAttr.AttrValues)[0].ToAsn1Object()).Date;
}
//Extract the signer, if available
IX509Store embeddedCerts = parser.GetCertificates("Collection");
if (embeddedCerts != null && embeddedCerts.GetMatches(null).Count > 0)
{
//Embedded certs found, we use that
IEnumerator signerCerts = embeddedCerts.GetMatches(signerInfo.SignerID).GetEnumerator();
if (!signerCerts.MoveNext()) {
trace.TraceEvent(TraceEventType.Error, 0, "The message does contains certificates, but the signing certificate is missing");
throw new InvalidMessageException("The message does not contain the signer certificate");
}
timemarkKey.Signer = new X509Certificate2(((BC::X509.X509Certificate)signerCerts.Current).GetEncoded());
trace.TraceEvent(TraceEventType.Verbose, 0, "The message contains certificates, of which {0} is the signer", timemarkKey.Signer.Subject);
//Add the certs to the new message
gen.AddCertificates(embeddedCerts);
}
else
{
//No embedded certs, lets construct it.
if (providedSigner == null)
{
trace.TraceEvent(TraceEventType.Error, 0, "The provided message does not contain any embedded certificates");
throw new InvalidMessageException("The message does not contain any embedded certificates");
}
timemarkKey.Signer = providedSigner;
trace.TraceEvent(TraceEventType.Verbose, 0, "The message does not contains certificates, adding the chain of {0}", timemarkKey.Signer.Subject);
//Construct the chain of certificates
Chain chain = timemarkKey.Signer.BuildBasicChain(timemarkKey.SigningTime, extraStore);
if (chain.ChainStatus.Count(x => x.Status != X509ChainStatusFlags.NoError) > 0)
{
trace.TraceEvent(TraceEventType.Error, 0, "The certification chain of {0} failed with errors", chain.ChainElements[0].Certificate.Subject);
throw new InvalidMessageException(string.Format("The certificate chain of the signer {0} fails basic validation", timemarkKey.Signer.Subject));
}
List<BC::X509.X509Certificate> senderChainCollection = new List<BC::X509.X509Certificate>();
foreach (ChainElement ce in chain.ChainElements)
{
trace.TraceEvent(TraceEventType.Verbose, 0, "Adding the certificate {0} to the message", ce.Certificate.Subject);
senderChainCollection.Add(DotNetUtilities.FromX509Certificate(ce.Certificate));
}
embeddedCerts = X509StoreFactory.Create("CERTIFICATE/COLLECTION", new X509CollectionStoreParameters(senderChainCollection));
//Add the certificates to the new message
gen.AddCertificates(embeddedCerts);
}
//Getting any existing time stamps
//.........这里部分代码省略.........
示例11: VerifyStreaming
private SignatureSecurityInformation VerifyStreaming(Stream verifiedContent, Stream signed, SignatureSecurityInformation outer)
{
trace.TraceEvent(TraceEventType.Information, 0, "Verifying the {0} signature streamed", outer == null ? "inner" : "outer");
try
{
CmsSignedDataParser signedData;
try
{
signedData = new CmsSignedDataParser(signed);
trace.TraceEvent(TraceEventType.Verbose, 0, "Read the cms header");
}
catch (Exception e)
{
trace.TraceEvent(TraceEventType.Error, 0, "The message isn't a CMS Signed Data message: {0}", e.Message);
throw new InvalidMessageException("The message isn't a triple wrapped message", e);
}
signedData.GetSignedContent().ContentStream.CopyTo(verifiedContent);
trace.TraceEvent(TraceEventType.Verbose, 0, "Copied the signed data & calculated the message digest");
IX509Store certs = signedData.GetCertificates("COLLECTION");
SignerInformationStore signerInfos = signedData.GetSignerInfos();
return Verify(signerInfos, certs, outer);
}
catch (CmsException cmse)
{
if (cmse.Message.Contains("RSAandMGF1 not supported"))
{
throw new NotSupportedException("RSA-PSS not supported with streaming in case of raw signatures");
}
throw new InvalidMessageException("The message isn't a triple wrapped message", cmse);
}
}