From fc8a101f3e13f75481a0bfb3733ca00fbec270a6 Mon Sep 17 00:00:00 2001 From: psoares33 Date: Thu, 25 Jun 2009 19:57:48 +0000 Subject: [PATCH] Porting update. git-svn-id: svn://svn.code.sf.net/p/itextsharp/code/trunk@39 820d3149-562b-4f88-9aa4-a8e61a3485cf --- src/core/iTextSharp/text/pdf/PdfPKCS7.cs | 2635 +++++++++++++--------- 1 file changed, 1519 insertions(+), 1116 deletions(-) diff --git a/src/core/iTextSharp/text/pdf/PdfPKCS7.cs b/src/core/iTextSharp/text/pdf/PdfPKCS7.cs index c336182..af3c9d6 100644 --- a/src/core/iTextSharp/text/pdf/PdfPKCS7.cs +++ b/src/core/iTextSharp/text/pdf/PdfPKCS7.cs @@ -1,1170 +1,1573 @@ -using System; -using System.Collections; -using System.Text; -using System.IO; -using Org.BouncyCastle.X509; -using Org.BouncyCastle.Asn1; -using Org.BouncyCastle.Security; -using Org.BouncyCastle.Crypto; -using Org.BouncyCastle.Crypto.Generators; -using Org.BouncyCastle.Crypto.Parameters; -using Org.BouncyCastle.Math; -using Org.BouncyCastle.Crypto.Digests; -using Org.BouncyCastle.Utilities; +using System; +using System.Collections; +using System.Text; +using System.Globalization; +using System.IO; +using Org.BouncyCastle.X509; +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Asn1.Cms; +using Org.BouncyCastle.Asn1.Ocsp; +using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Asn1.Tsp; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Generators; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Ocsp; +using Org.BouncyCastle.Tsp; +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Utilities; + +/* + * Copyright 2004 by Paulo Soares. + * + * The contents of this file are subject to the Mozilla Public License Version 1.1 + * (the "License"); you may not use this file except in compliance with the License. + * You may obtain a copy of the License at http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS IS" basis, + * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License + * for the specific language governing rights and limitations under the License. + * + * The Original Code is 'iText, a free JAVA-PDF library'. + * + * The Initial Developer of the Original Code is Bruno Lowagie. Portions created by + * the Initial Developer are Copyright (C) 1999, 2000, 2001, 2002 by Bruno Lowagie. + * All Rights Reserved. + * Co-Developer of the code is Paulo Soares. Portions created by the Co-Developer + * are Copyright (C) 2000, 2001, 2002 by Paulo Soares. All Rights Reserved. + * + * Contributor(s): all the names of the contributors are added in the source code + * where applicable. + * + * Alternatively, the contents of this file may be used under the terms of the + * LGPL license (the "GNU LIBRARY GENERAL PUBLIC LICENSE"), in which case the + * provisions of LGPL are applicable instead of those above. If you wish to + * allow use of your version of this file only under the terms of the LGPL + * License and not to allow others to use your version of this file under + * the MPL, indicate your decision by deleting the provisions above and + * replace them with the notice and other provisions required by the LGPL. + * If you do not delete the provisions above, a recipient may use your version + * of this file under either the MPL or the GNU LIBRARY GENERAL PUBLIC LICENSE. + * + * This library is free software; you can redistribute it and/or modify it + * under the terms of the MPL as stated above or under the terms of the GNU + * Library General Public License as published by the Free Software Foundation; + * either version 2 of the License, or any later version. + * + * This library is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS + * FOR A PARTICULAR PURPOSE. See the GNU Library general Public License for more + * details. + * + * If you didn't download this code from the following link, you should check if + * you aren't using an obsolete version: + * http://www.lowagie.com/iText/ + */ +namespace iTextSharp.text.pdf { + /** + * This class does all the processing related to signing and verifying a PKCS#7 + * signature. + *

+ * It's based in code found at org.bouncycastle. + */ + public class PdfPKCS7 { + + private byte[] sigAttr; + private byte[] digestAttr; + private int version, signerversion; + private Hashtable digestalgos; + private ArrayList certs, crls, signCerts; + private X509Certificate signCert; + private byte[] digest; + private IDigest messageDigest; + private String digestAlgorithm, digestEncryptionAlgorithm; + private ISigner sig; + private ICipherParameters privKey; + private byte[] RSAdata; + private bool verified; + private bool verifyResult; + private byte[] externalDigest; + private byte[] externalRSAdata; + + private const String ID_PKCS7_DATA = "1.2.840.113549.1.7.1"; + private const String ID_PKCS7_SIGNED_DATA = "1.2.840.113549.1.7.2"; + private const String ID_RSA = "1.2.840.113549.1.1.1"; + private const String ID_DSA = "1.2.840.10040.4.1"; + private const String ID_CONTENT_TYPE = "1.2.840.113549.1.9.3"; + private const String ID_MESSAGE_DIGEST = "1.2.840.113549.1.9.4"; + private const String ID_SIGNING_TIME = "1.2.840.113549.1.9.5"; + private const String ID_ADBE_REVOCATION = "1.2.840.113583.1.1.8"; + /** + * Holds value of property reason. + */ + private String reason; + + /** + * Holds value of property location. + */ + private String location; + + /** + * Holds value of property signDate. + */ + private DateTime signDate; + + /** + * Holds value of property signName. + */ + private String signName; + + private TimeStampToken timeStampToken; + + private static readonly Hashtable digestNames = new Hashtable(); + private static readonly Hashtable algorithmNames = new Hashtable(); + private static readonly Hashtable allowedDigests = new Hashtable(); -/* - * Copyright 2004 by Paulo Soares. - * - * The contents of this file are subject to the Mozilla Public License Version 1.1 - * (the "License"); you may not use this file except in compliance with the License. - * You may obtain a copy of the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS IS" basis, - * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License - * for the specific language governing rights and limitations under the License. - * - * The Original Code is 'iText, a free JAVA-PDF library'. - * - * The Initial Developer of the Original Code is Bruno Lowagie. Portions created by - * the Initial Developer are Copyright (C) 1999, 2000, 2001, 2002 by Bruno Lowagie. - * All Rights Reserved. - * Co-Developer of the code is Paulo Soares. Portions created by the Co-Developer - * are Copyright (C) 2000, 2001, 2002 by Paulo Soares. All Rights Reserved. - * - * Contributor(s): all the names of the contributors are added in the source code - * where applicable. - * - * Alternatively, the contents of this file may be used under the terms of the - * LGPL license (the "GNU LIBRARY GENERAL PUBLIC LICENSE"), in which case the - * provisions of LGPL are applicable instead of those above. If you wish to - * allow use of your version of this file only under the terms of the LGPL - * License and not to allow others to use your version of this file under - * the MPL, indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by the LGPL. - * If you do not delete the provisions above, a recipient may use your version - * of this file under either the MPL or the GNU LIBRARY GENERAL PUBLIC LICENSE. - * - * This library is free software; you can redistribute it and/or modify it - * under the terms of the MPL as stated above or under the terms of the GNU - * Library General Public License as published by the Free Software Foundation; - * either version 2 of the License, or any later version. - * - * This library is distributed in the hope that it will be useful, but WITHOUT - * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS - * FOR A PARTICULAR PURPOSE. See the GNU Library general Public License for more - * details. - * - * If you didn't download this code from the following link, you should check if - * you aren't using an obsolete version: - * http://www.lowagie.com/iText/ - */ -namespace iTextSharp.text.pdf { - /** - * This class does all the processing related to signing and verifying a PKCS#7 - * signature. - *

- * It's based in code found at org.bouncycastle. - */ - public class PdfPKCS7 { - - private byte[] sigAttr; - private byte[] digestAttr; - private int version, signerversion; - private Hashtable digestalgos; - private ArrayList certs, crls; - private X509Certificate signCert; - private byte[] digest; - private IDigest messageDigest; - private String digestAlgorithm, digestEncryptionAlgorithm; - private ISigner sig; - private ICipherParameters privKey; - private byte[] RSAdata; - private bool verified; - private bool verifyResult; - private byte[] externalDigest; - private byte[] externalRSAdata; - - private const String ID_PKCS7_DATA = "1.2.840.113549.1.7.1"; - private const String ID_PKCS7_SIGNED_DATA = "1.2.840.113549.1.7.2"; - private const String ID_MD5 = "1.2.840.113549.2.5"; - private const String ID_MD2 = "1.2.840.113549.2.2"; - private const String ID_SHA1 = "1.3.14.3.2.26"; - private const String ID_RSA = "1.2.840.113549.1.1.1"; - private const String ID_DSA = "1.2.840.10040.4.1"; - private const String ID_CONTENT_TYPE = "1.2.840.113549.1.9.3"; - private const String ID_MESSAGE_DIGEST = "1.2.840.113549.1.9.4"; - private const String ID_SIGNING_TIME = "1.2.840.113549.1.9.5"; - private const String ID_MD2RSA = "1.2.840.113549.1.1.2"; - private const String ID_MD5RSA = "1.2.840.113549.1.1.4"; - private const String ID_SHA1RSA = "1.2.840.113549.1.1.5"; - /** - * Holds value of property reason. - */ - private String reason; - - /** - * Holds value of property location. - */ - private String location; - - /** - * Holds value of property signDate. - */ - private DateTime signDate; - - /** - * Holds value of property signName. - */ - private String signName; - - /** - * Verifies a signature using the sub-filter adbe.x509.rsa_sha1. - * @param contentsKey the /Contents key - * @param certsKey the /Cert key - * @param provider the provider or null for the default provider - * @throws SecurityException on error - * @throws CRLException on error - * @throws InvalidKeyException on error - * @throws CertificateException on error - * @throws NoSuchProviderException on error - * @throws NoSuchAlgorithmException on error - * @throws IOException on error - */ - public PdfPKCS7(byte[] contentsKey, byte[] certsKey) { - - X509CertificateParser cf = new X509CertificateParser(); - certs = new ArrayList(); - foreach (X509Certificate cc in cf.ReadCertificates(certsKey)) { - certs.Add(cc); - } - signCert = (X509Certificate)certs[0]; - crls = new ArrayList(); - Asn1InputStream inp = new Asn1InputStream(new MemoryStream(contentsKey)); - digest = ((DerOctetString)inp.ReadObject()).GetOctets(); - sig = SignerUtilities.GetSigner("SHA1withRSA"); - sig.Init(false, signCert.GetPublicKey()); + static PdfPKCS7() { + digestNames["1.2.840.113549.2.5"] = "MD5"; + digestNames["1.2.840.113549.2.2"] = "MD2"; + digestNames["1.3.14.3.2.26"] = "SHA1"; + digestNames["2.16.840.1.101.3.4.2.4"] = "SHA224"; + digestNames["2.16.840.1.101.3.4.2.1"] = "SHA256"; + digestNames["2.16.840.1.101.3.4.2.2"] = "SHA384"; + digestNames["2.16.840.1.101.3.4.2.3"] = "SHA512"; + digestNames["1.3.36.3.2.2"] = "RIPEMD128"; + digestNames["1.3.36.3.2.1"] = "RIPEMD160"; + digestNames["1.3.36.3.2.3"] = "RIPEMD256"; + digestNames["1.2.840.113549.1.1.4"] = "MD5"; + digestNames["1.2.840.113549.1.1.2"] = "MD2"; + digestNames["1.2.840.113549.1.1.5"] = "SHA1"; + digestNames["1.2.840.113549.1.1.14"] = "SHA224"; + digestNames["1.2.840.113549.1.1.11"] = "SHA256"; + digestNames["1.2.840.113549.1.1.12"] = "SHA384"; + digestNames["1.2.840.113549.1.1.13"] = "SHA512"; + digestNames["1.2.840.113549.2.5"] = "MD5"; + digestNames["1.2.840.113549.2.2"] = "MD2"; + digestNames["1.2.840.10040.4.3"] = "SHA1"; + digestNames["2.16.840.1.101.3.4.3.1"] = "SHA224"; + digestNames["2.16.840.1.101.3.4.3.2"] = "SHA256"; + digestNames["2.16.840.1.101.3.4.3.3"] = "SHA384"; + digestNames["2.16.840.1.101.3.4.3.4"] = "SHA512"; + digestNames["1.3.36.3.3.1.3"] = "RIPEMD128"; + digestNames["1.3.36.3.3.1.2"] = "RIPEMD160"; + digestNames["1.3.36.3.3.1.4"] = "RIPEMD256"; + + algorithmNames["1.2.840.113549.1.1.1"] = "RSA"; + algorithmNames["1.2.840.10040.4.1"] = "DSA"; + algorithmNames["1.2.840.113549.1.1.2"] = "RSA"; + algorithmNames["1.2.840.113549.1.1.4"] = "RSA"; + algorithmNames["1.2.840.113549.1.1.5"] = "RSA"; + algorithmNames["1.2.840.113549.1.1.14"] = "RSA"; + algorithmNames["1.2.840.113549.1.1.11"] = "RSA"; + algorithmNames["1.2.840.113549.1.1.12"] = "RSA"; + algorithmNames["1.2.840.113549.1.1.13"] = "RSA"; + algorithmNames["1.2.840.10040.4.3"] = "DSA"; + algorithmNames["2.16.840.1.101.3.4.3.1"] = "DSA"; + algorithmNames["2.16.840.1.101.3.4.3.2"] = "DSA"; + digestNames["1.3.36.3.3.1.3"] = "RSA"; + digestNames["1.3.36.3.3.1.2"] = "RSA"; + digestNames["1.3.36.3.3.1.4"] = "RSA"; + + allowedDigests["MD5"] = "1.2.840.113549.2.5"; + allowedDigests["MD2"] = "1.2.840.113549.2.2"; + allowedDigests["SHA1"] = "1.3.14.3.2.26"; + allowedDigests["SHA224"] = "2.16.840.1.101.3.4.2.4"; + allowedDigests["SHA256"] = "2.16.840.1.101.3.4.2.1"; + allowedDigests["SHA384"] = "2.16.840.1.101.3.4.2.2"; + allowedDigests["SHA512"] = "2.16.840.1.101.3.4.2.3"; + allowedDigests["MD-5"] = "1.2.840.113549.2.5"; + allowedDigests["MD-2"] = "1.2.840.113549.2.2"; + allowedDigests["SHA-1"] = "1.3.14.3.2.26"; + allowedDigests["SHA-224"] = "2.16.840.1.101.3.4.2.4"; + allowedDigests["SHA-256"] = "2.16.840.1.101.3.4.2.1"; + allowedDigests["SHA-384"] = "2.16.840.1.101.3.4.2.2"; + allowedDigests["SHA-512"] = "2.16.840.1.101.3.4.2.3"; + allowedDigests["RIPEMD128"] = "1.3.36.3.2.2"; + allowedDigests["RIPEMD-128"] = "1.3.36.3.2.2"; + allowedDigests["RIPEMD160"] = "1.3.36.3.2.1"; + allowedDigests["RIPEMD-160"] = "1.3.36.3.2.1"; + allowedDigests["RIPEMD256"] = "1.3.36.3.2.3"; + allowedDigests["RIPEMD-256"] = "1.3.36.3.2.3"; } /** - * Verifies a signature using the sub-filter adbe.pkcs7.detached or - * adbe.pkcs7.sha1. - * @param contentsKey the /Contents key - * @param provider the provider or null for the default provider - * @throws SecurityException on error - * @throws CRLException on error - * @throws InvalidKeyException on error - * @throws CertificateException on error - * @throws NoSuchProviderException on error - * @throws NoSuchAlgorithmException on error - */ - public PdfPKCS7(byte[] contentsKey) { - Asn1InputStream din = new Asn1InputStream(new MemoryStream(contentsKey)); - - // - // Basic checks to make sure it's a PKCS#7 SignedData Object - // - Asn1Object pkcs; - - try { - pkcs = din.ReadObject(); + * Gets the digest name for a certain id + * @param oid an id (for instance "1.2.840.113549.2.5") + * @return a digest name (for instance "MD5") + * @since 2.1.6 + */ + public static String GetDigest(String oid) { + String ret = (String)digestNames[oid]; + if (ret == null) + return oid; + else + return ret; + } + + /** + * Gets the algorithm name for a certain id. + * @param oid an id (for instance "1.2.840.113549.1.1.1") + * @return an algorithm name (for instance "RSA") + * @since 2.1.6 + */ + public static String GetAlgorithm(String oid) { + String ret = (String)algorithmNames[oid]; + if (ret == null) + return oid; + else + return ret; + } + + /** + * Gets the timestamp token if there is one. + * @return the timestamp token or null + * @since 2.1.6 + */ + public TimeStampToken TimeStampToken { + get { + return timeStampToken; } - catch { - throw new ArgumentException("can't decode PKCS7SignedData object"); + } + + /** + * Gets the timestamp date + * @return a date + * @since 2.1.6 + */ + public DateTime TimeStampDate { + get { + if (timeStampToken == null) + return DateTime.MaxValue; + return timeStampToken.TimeStampInfo.GenTime; } - if (!(pkcs is Asn1Sequence)) { - throw new ArgumentException("Not a valid PKCS#7 object - not a sequence"); + } + + /** + * Verifies a signature using the sub-filter adbe.x509.rsa_sha1. + * @param contentsKey the /Contents key + * @param certsKey the /Cert key + * @param provider the provider or null for the default provider + */ + public PdfPKCS7(byte[] contentsKey, byte[] certsKey) { + + X509CertificateParser cf = new X509CertificateParser(); + certs = new ArrayList(); + foreach (X509Certificate cc in cf.ReadCertificates(certsKey)) { + certs.Add(cc); + } + signCerts = certs; + signCert = (X509Certificate)certs[0]; + crls = new ArrayList(); + Asn1InputStream inp = new Asn1InputStream(new MemoryStream(contentsKey)); + digest = ((DerOctetString)inp.ReadObject()).GetOctets(); + sig = SignerUtilities.GetSigner("SHA1withRSA"); + sig.Init(false, signCert.GetPublicKey()); + } + + private BasicOcspResp basicResp; + + /** + * Gets the OCSP basic response if there is one. + * @return the OCSP basic response or null + * @since 2.1.6 + */ + public BasicOcspResp Ocsp { + get { + return basicResp; } - Asn1Sequence signedData = (Asn1Sequence)pkcs; - DerObjectIdentifier objId = (DerObjectIdentifier)signedData[0]; - if (!objId.Id.Equals(ID_PKCS7_SIGNED_DATA)) - throw new ArgumentException("Not a valid PKCS#7 object - not signed data"); - Asn1Sequence content = (Asn1Sequence)((DerTaggedObject)signedData[1]).GetObject(); - // the positions that we care are: - // 0 - version - // 1 - digestAlgorithms - // 2 - possible ID_PKCS7_DATA - // (the certificates and crls are taken out by other means) - // last - signerInfos - - // the version - version = ((DerInteger)content[0]).Value.IntValue; - - // the digestAlgorithms - digestalgos = new Hashtable(); - IEnumerator e = ((Asn1Set)content[1]).GetEnumerator(); - while (e.MoveNext()) - { - Asn1Sequence s = (Asn1Sequence)e.Current; - DerObjectIdentifier o = (DerObjectIdentifier)s[0]; - digestalgos[o.Id] = null; - } - - // the certificates and crls - X509CertificateParser cf = new X509CertificateParser(); - certs = new ArrayList(); - foreach (X509Certificate cc in cf.ReadCertificates(contentsKey)) { - certs.Add(cc); - } - crls = new ArrayList(); - - // the possible ID_PKCS7_DATA - Asn1Sequence rsaData = (Asn1Sequence)content[2]; - if (rsaData.Count > 1) { - DerOctetString rsaDataContent = (DerOctetString)((DerTaggedObject)rsaData[1]).GetObject(); - RSAdata = rsaDataContent.GetOctets(); - } - - // the signerInfos - int next = 3; - while (content[next] is DerTaggedObject) - ++next; - Asn1Set signerInfos = (Asn1Set)content[next]; - if (signerInfos.Count != 1) - throw new ArgumentException("This PKCS#7 object has multiple SignerInfos - only one is supported at this time"); - Asn1Sequence signerInfo = (Asn1Sequence)signerInfos[0]; - // the positions that we care are - // 0 - version - // 1 - the signing certificate serial number - // 2 - the digest algorithm - // 3 or 4 - digestEncryptionAlgorithm - // 4 or 5 - encryptedDigest - signerversion = ((DerInteger)signerInfo[0]).Value.IntValue; - // Get the signing certificate - Asn1Sequence issuerAndSerialNumber = (Asn1Sequence)signerInfo[1]; - BigInteger serialNumber = ((DerInteger)issuerAndSerialNumber[1]).Value; - foreach (X509Certificate cert in certs) { - if (serialNumber.Equals(cert.SerialNumber)) { - signCert = cert; - break; - } - } - if (signCert == null) { - throw new ArgumentException("Can't find signing certificate with serial " + serialNumber.ToString(16)); - } - digestAlgorithm = ((DerObjectIdentifier)((Asn1Sequence)signerInfo[2])[0]).Id; - next = 3; - if (signerInfo[next] is Asn1TaggedObject) { - Asn1TaggedObject tagsig = (Asn1TaggedObject)signerInfo[next]; - Asn1Sequence sseq = (Asn1Sequence)tagsig.GetObject(); - MemoryStream bOut = new MemoryStream(); - Asn1OutputStream dout = new Asn1OutputStream(bOut); - try { - Asn1EncodableVector attribute = new Asn1EncodableVector(); - for (int k = 0; k < sseq.Count; ++k) { - attribute.Add(sseq[k]); - } - dout.WriteObject(new DerSet(attribute)); - dout.Close(); + } + + private void FindOcsp(Asn1Sequence seq) { + basicResp = null; + bool ret = false; + while (true) { + if ((seq[0] is DerObjectIdentifier) + && ((DerObjectIdentifier)seq[0]).Id.Equals(OcspObjectIdentifiers.PkixOcspBasic.Id)) { + break; } - catch (IOException){} - sigAttr = bOut.ToArray(); - - for (int k = 0; k < sseq.Count; ++k) { - Asn1Sequence seq2 = (Asn1Sequence)sseq[k]; - if (((DerObjectIdentifier)seq2[0]).Id.Equals(ID_MESSAGE_DIGEST)) { - Asn1Set sset = (Asn1Set)seq2[1]; - digestAttr = ((DerOctetString)sset[0]).GetOctets(); + ret = true; + for (int k = 0; k < seq.Count; ++k) { + if (seq[k] is Asn1Sequence) { + seq = (Asn1Sequence)seq[0]; + ret = false; break; } + if (seq[k] is Asn1TaggedObject) { + Asn1TaggedObject tag = (Asn1TaggedObject)seq[k]; + if (tag.GetObject() is Asn1Sequence) { + seq = (Asn1Sequence)tag.GetObject(); + ret = false; + break; + } + else + return; + } } - if (digestAttr == null) - throw new ArgumentException("Authenticated attribute is missing the digest."); - ++next; + if (ret) + return; } - digestEncryptionAlgorithm = ((DerObjectIdentifier)((Asn1Sequence)signerInfo[next++])[0]).Id; - digest = ((DerOctetString)signerInfo[next]).GetOctets(); - if (RSAdata != null || digestAttr != null) { - messageDigest = GetHashClass(); - } - sig = SignerUtilities.GetSigner(GetDigestAlgorithm()); - sig.Init(false, signCert.GetPublicKey()); + DerOctetString os = (DerOctetString)seq[1]; + Asn1InputStream inp = new Asn1InputStream(os.GetOctets()); + BasicOcspResponse resp = BasicOcspResponse.GetInstance(inp.ReadObject()); + basicResp = new BasicOcspResp(resp); } - + + /** + * Verifies a signature using the sub-filter adbe.pkcs7.detached or + * adbe.pkcs7.sha1. + * @param contentsKey the /Contents key + * @param provider the provider or null for the default provider + * @throws SecurityException on error + * @throws CRLException on error + * @throws InvalidKeyException on error + * @throws CertificateException on error + * @throws NoSuchProviderException on error + * @throws NoSuchAlgorithmException on error + */ + public PdfPKCS7(byte[] contentsKey) { + Asn1InputStream din = new Asn1InputStream(new MemoryStream(contentsKey)); + + // + // Basic checks to make sure it's a PKCS#7 SignedData Object + // + Asn1Object pkcs; + + try { + pkcs = din.ReadObject(); + } + catch { + throw new ArgumentException("can't decode PKCS7SignedData object"); + } + if (!(pkcs is Asn1Sequence)) { + throw new ArgumentException("Not a valid PKCS#7 object - not a sequence"); + } + Asn1Sequence signedData = (Asn1Sequence)pkcs; + DerObjectIdentifier objId = (DerObjectIdentifier)signedData[0]; + if (!objId.Id.Equals(ID_PKCS7_SIGNED_DATA)) + throw new ArgumentException("Not a valid PKCS#7 object - not signed data"); + Asn1Sequence content = (Asn1Sequence)((DerTaggedObject)signedData[1]).GetObject(); + // the positions that we care are: + // 0 - version + // 1 - digestAlgorithms + // 2 - possible ID_PKCS7_DATA + // (the certificates and crls are taken out by other means) + // last - signerInfos + + // the version + version = ((DerInteger)content[0]).Value.IntValue; + + // the digestAlgorithms + digestalgos = new Hashtable(); + IEnumerator e = ((Asn1Set)content[1]).GetEnumerator(); + while (e.MoveNext()) + { + Asn1Sequence s = (Asn1Sequence)e.Current; + DerObjectIdentifier o = (DerObjectIdentifier)s[0]; + digestalgos[o.Id] = null; + } + + // the certificates and crls + X509CertificateParser cf = new X509CertificateParser(); + certs = new ArrayList(); + foreach (X509Certificate cc in cf.ReadCertificates(contentsKey)) { + certs.Add(cc); + } + crls = new ArrayList(); + + // the possible ID_PKCS7_DATA + Asn1Sequence rsaData = (Asn1Sequence)content[2]; + if (rsaData.Count > 1) { + DerOctetString rsaDataContent = (DerOctetString)((DerTaggedObject)rsaData[1]).GetObject(); + RSAdata = rsaDataContent.GetOctets(); + } + + // the signerInfos + int next = 3; + while (content[next] is DerTaggedObject) + ++next; + Asn1Set signerInfos = (Asn1Set)content[next]; + if (signerInfos.Count != 1) + throw new ArgumentException("This PKCS#7 object has multiple SignerInfos - only one is supported at this time"); + Asn1Sequence signerInfo = (Asn1Sequence)signerInfos[0]; + // the positions that we care are + // 0 - version + // 1 - the signing certificate serial number + // 2 - the digest algorithm + // 3 or 4 - digestEncryptionAlgorithm + // 4 or 5 - encryptedDigest + signerversion = ((DerInteger)signerInfo[0]).Value.IntValue; + // Get the signing certificate + Asn1Sequence issuerAndSerialNumber = (Asn1Sequence)signerInfo[1]; + BigInteger serialNumber = ((DerInteger)issuerAndSerialNumber[1]).Value; + foreach (X509Certificate cert in certs) { + if (serialNumber.Equals(cert.SerialNumber)) { + signCert = cert; + break; + } + } + if (signCert == null) { + throw new ArgumentException("Can't find signing certificate with serial " + serialNumber.ToString(16)); + } + CalcSignCertificateChain(); + digestAlgorithm = ((DerObjectIdentifier)((Asn1Sequence)signerInfo[2])[0]).Id; + next = 3; + if (signerInfo[next] is Asn1TaggedObject) { + Asn1TaggedObject tagsig = (Asn1TaggedObject)signerInfo[next]; + Asn1Sequence sseq = (Asn1Sequence)tagsig.GetObject(); + MemoryStream bOut = new MemoryStream(); + Asn1OutputStream dout = new Asn1OutputStream(bOut); + try { + Asn1EncodableVector attribute = new Asn1EncodableVector(); + for (int k = 0; k < sseq.Count; ++k) { + attribute.Add(sseq[k]); + } + dout.WriteObject(new DerSet(attribute)); + dout.Close(); + } + catch (IOException){} + sigAttr = bOut.ToArray(); + + for (int k = 0; k < sseq.Count; ++k) { + Asn1Sequence seq2 = (Asn1Sequence)sseq[k]; + if (((DerObjectIdentifier)seq2[0]).Id.Equals(ID_MESSAGE_DIGEST)) { + Asn1Set sset = (Asn1Set)seq2[1]; + digestAttr = ((DerOctetString)sset[0]).GetOctets(); + } + else if (((DerObjectIdentifier)seq2[0]).Id.Equals(ID_ADBE_REVOCATION)) { + Asn1Set setout = (Asn1Set)seq2[1]; + Asn1Sequence seqout = (Asn1Sequence)setout[0]; + for (int j = 0; j < seqout.Count; ++j) { + Asn1TaggedObject tg = (Asn1TaggedObject)seqout[j]; + if (tg.TagNo != 1) + continue; + Asn1Sequence seqin = (Asn1Sequence)tg.GetObject(); + FindOcsp(seqin); + } + } + } + if (digestAttr == null) + throw new ArgumentException("Authenticated attribute is missing the digest."); + ++next; + } + digestEncryptionAlgorithm = ((DerObjectIdentifier)((Asn1Sequence)signerInfo[next++])[0]).Id; + digest = ((DerOctetString)signerInfo[next++]).GetOctets(); + if (next < signerInfo.Count && (signerInfo[next] is DerTaggedObject)) { + DerTaggedObject taggedObject = (DerTaggedObject) signerInfo[next]; + Asn1Object obje = taggedObject.GetObject(); + if (obje is DerSequence) { + DerSequence sequence = (DerSequence) obje; + DerObjectIdentifier oid = (DerObjectIdentifier)sequence[0]; + if (PkcsObjectIdentifiers.IdAASignatureTimeStampToken.Id.Equals(oid.Id)) { + Asn1Set attributeValues = Asn1Set.GetInstance(sequence[1]); + Asn1Sequence tokenSequence = Asn1Sequence.GetInstance(attributeValues[0]); + Org.BouncyCastle.Asn1.Cms.ContentInfo contentInfo = Org.BouncyCastle.Asn1.Cms.ContentInfo.GetInstance(tokenSequence); + this.timeStampToken = new TimeStampToken(contentInfo); + } + } + } + if (RSAdata != null || digestAttr != null) { + messageDigest = GetHashClass(); + } + sig = SignerUtilities.GetSigner(GetDigestAlgorithm()); + sig.Init(false, signCert.GetPublicKey()); + } + + /** + * Generates a signature. + * @param privKey the private key + * @param certChain the certificate chain + * @param crlList the certificate revocation list + * @param hashAlgorithm the hash algorithm + * @param provider the provider or null for the default provider + * @param hasRSAdata true if the sub-filter is adbe.pkcs7.sha1 + * @throws SecurityException on error + * @throws InvalidKeyException on error + * @throws NoSuchProviderException on error + * @throws NoSuchAlgorithmException on error + */ + public PdfPKCS7(ICipherParameters privKey, X509Certificate[] certChain, object[] crlList, + String hashAlgorithm, bool hasRSAdata) { + this.privKey = privKey; + + digestAlgorithm = (String)allowedDigests[hashAlgorithm.ToUpper(CultureInfo.InvariantCulture)]; + if (digestAlgorithm == null) + throw new ArgumentException("Unknown Hash Algorithm "+hashAlgorithm); + + version = signerversion = 1; + certs = new ArrayList(); + crls = new ArrayList(); + digestalgos = new Hashtable(); + digestalgos[digestAlgorithm] = null; + + // + // Copy in the certificates and crls used to sign the private key. + // + signCert = certChain[0]; + for (int i = 0;i < certChain.Length;i++) { + certs.Add(certChain[i]); + } + +// if (crlList != null) { +// for (int i = 0;i < crlList.length;i++) { +// crls.Add(crlList[i]); +// } +// } + + if (privKey != null) { + // + // Now we have private key, find out what the digestEncryptionAlgorithm is. + // + if (privKey is RsaKeyParameters) + digestEncryptionAlgorithm = ID_RSA; + else if (privKey is DsaKeyParameters) + digestEncryptionAlgorithm = ID_DSA; + else + throw new ArgumentException("Unknown Key Algorithm "+privKey.ToString()); + + } + if (hasRSAdata) { + RSAdata = new byte[0]; + messageDigest = GetHashClass(); + } + + if (privKey != null) { + sig = SignerUtilities.GetSigner(GetDigestAlgorithm()); + sig.Init(true, privKey); + } + } + + /** + * Update the digest with the specified bytes. This method is used both for signing and verifying + * @param buf the data buffer + * @param off the offset in the data buffer + * @param len the data length + * @throws SignatureException on error + */ + public void Update(byte[] buf, int off, int len) { + if (RSAdata != null || digestAttr != null) + messageDigest.BlockUpdate(buf, off, len); + else + sig.BlockUpdate(buf, off, len); + } + + /** + * Verify the digest. + * @throws SignatureException on error + * @return true if the signature checks out, false otherwise + */ + public bool Verify() { + if (verified) + return verifyResult; + if (sigAttr != null) { + byte[] msd = new byte[messageDigest.GetDigestSize()]; + sig.BlockUpdate(sigAttr, 0, sigAttr.Length); + if (RSAdata != null) { + messageDigest.DoFinal(msd, 0); + messageDigest.BlockUpdate(msd, 0, msd.Length); + } + messageDigest.DoFinal(msd, 0); + verifyResult = (Arrays.AreEqual(msd, digestAttr) && sig.VerifySignature(digest)); + } + else { + if (RSAdata != null){ + byte[] msd = new byte[messageDigest.GetDigestSize()]; + messageDigest.DoFinal(msd, 0); + sig.BlockUpdate(msd, 0, msd.Length); + } + verifyResult = sig.VerifySignature(digest); + } + verified = true; + return verifyResult; + } + /** - * Generates a signature. - * @param privKey the private key - * @param certChain the certificate chain - * @param crlList the certificate revocation list - * @param hashAlgorithm the hash algorithm - * @param provider the provider or null for the default provider - * @param hasRSAdata true if the sub-filter is adbe.pkcs7.sha1 - * @throws SecurityException on error - * @throws InvalidKeyException on error - * @throws NoSuchProviderException on error - * @throws NoSuchAlgorithmException on error - */ - public PdfPKCS7(ICipherParameters privKey, X509Certificate[] certChain, object[] crlList, - String hashAlgorithm, bool hasRSAdata) { - this.privKey = privKey; - - if (hashAlgorithm.Equals("MD5")) { - digestAlgorithm = ID_MD5; - } - else if (hashAlgorithm.Equals("MD2")) { - digestAlgorithm = ID_MD2; - } - else if (hashAlgorithm.Equals("SHA")) { - digestAlgorithm = ID_SHA1; - } - else if (hashAlgorithm.Equals("SHA1")) { - digestAlgorithm = ID_SHA1; - } - else { - throw new ArgumentException("Unknown Hash Algorithm "+hashAlgorithm); - } - - version = signerversion = 1; - certs = new ArrayList(); - crls = new ArrayList(); - digestalgos = new Hashtable(); - digestalgos[digestAlgorithm] = null; - - // - // Copy in the certificates and crls used to sign the private key. - // - signCert = certChain[0]; - for (int i = 0;i < certChain.Length;i++) { - certs.Add(certChain[i]); - } - -// if (crlList != null) { -// for (int i = 0;i < crlList.length;i++) { -// crls.Add(crlList[i]); -// } -// } - - if (privKey != null) { - // - // Now we have private key, find out what the digestEncryptionAlgorithm is. - // - if (privKey is RsaKeyParameters) - digestEncryptionAlgorithm = ID_RSA; - else if (privKey is DsaKeyParameters) - digestEncryptionAlgorithm = ID_DSA; - else - throw new ArgumentException("Unknown Key Algorithm "+privKey.ToString()); - - } - if (hasRSAdata) { - RSAdata = new byte[0]; - messageDigest = GetHashClass(); - } - - if (privKey != null) { - sig = SignerUtilities.GetSigner(GetDigestAlgorithm()); - sig.Init(true, privKey); - } - } - - /** - * Update the digest with the specified bytes. This method is used both for signing and verifying - * @param buf the data buffer - * @param off the offset in the data buffer - * @param len the data length - * @throws SignatureException on error + * Checks if the timestamp refers to this document. + * @throws java.security.NoSuchAlgorithmException on error + * @return true if it checks false otherwise + * @since 2.1.6 */ - public void Update(byte[] buf, int off, int len) { - if (RSAdata != null || digestAttr != null) - messageDigest.BlockUpdate(buf, off, len); - else - sig.BlockUpdate(buf, off, len); + public bool VerifyTimestampImprint() { + if (timeStampToken == null) + return false; + MessageImprint imprint = timeStampToken.TimeStampInfo.TstInfo.MessageImprint; + byte[] md = new System.Security.Cryptography.SHA1CryptoServiceProvider().ComputeHash(digest); + byte[] imphashed = imprint.GetHashedMessage(); + bool res = Arrays.AreEqual(md, imphashed); + return res; } /** - * Verify the digest. - * @throws SignatureException on error - * @return true if the signature checks out, false otherwise - */ - public bool Verify() { - if (verified) - return verifyResult; - if (sigAttr != null) { - byte[] msd = new byte[messageDigest.GetDigestSize()]; - sig.BlockUpdate(sigAttr, 0, sigAttr.Length); - if (RSAdata != null) { - messageDigest.DoFinal(msd, 0); - messageDigest.BlockUpdate(msd, 0, msd.Length); - } - messageDigest.DoFinal(msd, 0); - verifyResult = (Arrays.AreEqual(msd, digestAttr) && sig.VerifySignature(digest)); - } - else { - if (RSAdata != null){ - byte[] msd = new byte[messageDigest.GetDigestSize()]; - messageDigest.DoFinal(msd, 0); - sig.BlockUpdate(msd, 0, msd.Length); - } - verifyResult = sig.VerifySignature(digest); - } - verified = true; - return verifyResult; - } - + * Get all the X.509 certificates associated with this PKCS#7 object in no particular order. + * Other certificates, from OCSP for example, will also be included. + * @return the X.509 certificates associated with this PKCS#7 object + */ + public X509Certificate[] Certificates { + get { + X509Certificate[] c = new X509Certificate[certs.Count]; + certs.CopyTo(c); + return c; + } + } + /** - * Get the X.509 certificates associated with this PKCS#7 object + * Get the X.509 sign certificate chain associated with this PKCS#7 object. + * Only the certificates used for the main signature will be returned, with + * the signing certificate first. * @return the X.509 certificates associated with this PKCS#7 object + * @since 2.1.6 */ - public X509Certificate[] Certificates { + public X509Certificate[] SignCertificateChain { get { - X509Certificate[] c = new X509Certificate[certs.Count]; - certs.CopyTo(c); - return c; + X509Certificate[] ret = new X509Certificate[signCerts.Count]; + signCerts.CopyTo(ret); + return ret; } } - /** - * Get the X.509 certificate revocation lists associated with this PKCS#7 object - * @return the X.509 certificate revocation lists associated with this PKCS#7 object - */ - public ArrayList CRLs { - get { - return crls; + private void CalcSignCertificateChain() { + ArrayList cc = new ArrayList(); + cc.Add(signCert); + ArrayList oc = new ArrayList(certs); + for (int k = 0; k < oc.Count; ++k) { + if (signCert.SerialNumber.Equals(((X509Certificate)oc[k]).SerialNumber)) { + oc.RemoveAt(k); + --k; + continue; + } } + bool found = true; + while (found) { + X509Certificate v = (X509Certificate)cc[cc.Count - 1]; + found = false; + for (int k = 0; k < oc.Count; ++k) { + try { + v.Verify(((X509Certificate)oc[k]).GetPublicKey()); + found = true; + cc.Add(oc[k]); + oc.RemoveAt(k); + break; + } + catch { + } + } + } + signCerts = cc; } - + + /** + * Get the X.509 certificate revocation lists associated with this PKCS#7 object + * @return the X.509 certificate revocation lists associated with this PKCS#7 object + */ + public ArrayList CRLs { + get { + return crls; + } + } + + /** + * Get the X.509 certificate actually used to sign the digest. + * @return the X.509 certificate actually used to sign the digest + */ + public X509Certificate SigningCertificate { + get { + return signCert; + } + } + + /** + * Get the version of the PKCS#7 object. Always 1 + * @return the version of the PKCS#7 object. Always 1 + */ + public int Version { + get { + return version; + } + } + + /** + * Get the version of the PKCS#7 "SignerInfo" object. Always 1 + * @return the version of the PKCS#7 "SignerInfo" object. Always 1 + */ + public int SigningInfoVersion { + get { + return signerversion; + } + } + + /** + * Get the algorithm used to calculate the message digest + * @return the algorithm used to calculate the message digest + */ + public String GetDigestAlgorithm() { + String dea = GetAlgorithm(digestEncryptionAlgorithm); + if (dea == null) + dea = digestEncryptionAlgorithm; + + return GetHashAlgorithm() + "with" + dea; + } + + /** + * Returns the algorithm. + * @return the digest algorithm + */ + public String GetHashAlgorithm() { + return GetDigest(digestAlgorithm); + } + + internal IDigest GetHashClass() { + return DigestUtilities.GetDigest(GetHashAlgorithm()); + } + + /** + * Loads the default root certificates at <java.home>/lib/security/cacerts + * with the default provider. + * @return a KeyStore + */ +// public static KeyStore LoadCacertsKeyStore() { +// return LoadCacertsKeyStore(null); +// } + + /** + * Loads the default root certificates at <java.home>/lib/security/cacerts. + * @param provider the provider or null for the default provider + * @return a KeyStore + */ +// public static KeyStore LoadCacertsKeyStore(String provider) { +// File file = new File(System.GetProperty("java.home"), "lib"); +// file = new File(file, "security"); +// file = new File(file, "cacerts"); +// FileInputStream fin = null; +// try { +// fin = new FileInputStream(file); +// KeyStore k; +// if (provider == null) +// k = KeyStore.GetInstance("JKS"); +// else +// k = KeyStore.GetInstance("JKS", provider); +// k.Load(fin, null); +// return k; +// } +// catch (Exception e) { +// throw new ExceptionConverter(e); +// } +// finally { +// try{fin.Close();}catch(Exception ex){} +// } +// } + + /** + * Verifies a single certificate. + * @param cert the certificate to verify + * @param crls the certificate revocation list or null + * @param calendar the date or null for the current date + * @return a String with the error description or null + * if no error + */ + public static String VerifyCertificate(X509Certificate cert, object[] crls, DateTime calendar) { + try { + if (!cert.IsValid(calendar)) + return "The certificate has expired or is not yet valid"; + } + catch (Exception e) { + return e.ToString(); + } + return null; + } + + /** + * Verifies a certificate chain against a KeyStore. + * @param certs the certificate chain + * @param keystore the KeyStore + * @param crls the certificate revocation list or null + * @param calendar the date or null for the current date + * @return null if the certificate chain could be validade or a + * Object[]{cert,error} where cert is the + * failed certificate and error is the error message + */ + public static Object[] VerifyCertificates(X509Certificate[] certs, ArrayList keystore, object[] crls, DateTime calendar) { + for (int k = 0; k < certs.Length; ++k) { + X509Certificate cert = certs[k]; + String err = VerifyCertificate(cert, crls, calendar); + if (err != null) + return new Object[]{cert, err}; + foreach (X509Certificate certStoreX509 in keystore) { + try { + if (VerifyCertificate(certStoreX509, crls, calendar) != null) + continue; + try { + cert.Verify(certStoreX509.GetPublicKey()); + return null; + } + catch { + continue; + } + } + catch { + } + } + int j; + for (j = 0; j < certs.Length; ++j) { + if (j == k) + continue; + X509Certificate certNext = certs[j]; + try { + cert.Verify(certNext.GetPublicKey()); + break; + } + catch { + } + } + if (j == certs.Length) + return new Object[]{cert, "Cannot be verified against the KeyStore or the certificate chain"}; + } + return new Object[]{null, "Invalid state. Possible circular certificate chain"}; + } + /** - * Get the X.509 certificate actually used to sign the digest. - * @return the X.509 certificate actually used to sign the digest - */ - public X509Certificate SigningCertificate { - get { - return signCert; - } - } - - /** - * Get the version of the PKCS#7 object. Always 1 - * @return the version of the PKCS#7 object. Always 1 - */ - public int Version { - get { - return version; - } - } - - /** - * Get the version of the PKCS#7 "SignerInfo" object. Always 1 - * @return the version of the PKCS#7 "SignerInfo" object. Always 1 - */ - public int SigningInfoVersion { - get { - return signerversion; - } - } - - /** - * Get the algorithm used to calculate the message digest - * @return the algorithm used to calculate the message digest - */ - public String GetDigestAlgorithm() { - String dea = digestEncryptionAlgorithm; - - if (digestEncryptionAlgorithm.Equals(ID_RSA) || digestEncryptionAlgorithm.Equals(ID_MD5RSA) - || digestEncryptionAlgorithm.Equals(ID_MD2RSA) || digestEncryptionAlgorithm.Equals(ID_SHA1RSA)) { - dea = "RSA"; - } - else if (digestEncryptionAlgorithm.Equals(ID_DSA)) { - dea = "DSA"; - } - - return GetHashAlgorithm() + "with" + dea; - } - - /** - * Returns the algorithm. - * @return the digest algorithm - */ - public String GetHashAlgorithm() { - String da = digestAlgorithm; - - if (digestAlgorithm.Equals(ID_MD5) || digestAlgorithm.Equals(ID_MD5RSA)) { - da = "MD5"; - } - else if (digestAlgorithm.Equals(ID_MD2) || digestAlgorithm.Equals(ID_MD2RSA)) { - da = "MD2"; - } - else if (digestAlgorithm.Equals(ID_SHA1) || digestAlgorithm.Equals(ID_SHA1RSA)) { - da = "SHA1"; - } - return da; - } - - public IDigest GetHashClass() { - if (digestAlgorithm.Equals(ID_MD5) || digestAlgorithm.Equals(ID_MD5RSA)) { - return new MD5Digest(); - } - else if (digestAlgorithm.Equals(ID_MD2) || digestAlgorithm.Equals(ID_MD2RSA)) { - return new MD2Digest(); - } - else if (digestAlgorithm.Equals(ID_SHA1) || digestAlgorithm.Equals(ID_SHA1RSA)) { - return new Sha1Digest(); - } - return null; - } - - /** - * Loads the default root certificates at <java.home>/lib/security/cacerts - * with the default provider. - * @return a KeyStore - */ -// public static KeyStore LoadCacertsKeyStore() { -// return LoadCacertsKeyStore(null); -// } - - /** - * Loads the default root certificates at <java.home>/lib/security/cacerts. - * @param provider the provider or null for the default provider - * @return a KeyStore - */ -// public static KeyStore LoadCacertsKeyStore(String provider) { -// File file = new File(System.GetProperty("java.home"), "lib"); -// file = new File(file, "security"); -// file = new File(file, "cacerts"); -// FileInputStream fin = null; -// try { -// fin = new FileInputStream(file); -// KeyStore k; -// if (provider == null) -// k = KeyStore.GetInstance("JKS"); -// else -// k = KeyStore.GetInstance("JKS", provider); -// k.Load(fin, null); -// return k; -// } -// catch (Exception e) { -// throw new ExceptionConverter(e); -// } -// finally { -// try{fin.Close();}catch(Exception ex){} -// } -// } - - /** - * Verifies a single certificate. - * @param cert the certificate to verify - * @param crls the certificate revocation list or null - * @param calendar the date or null for the current date - * @return a String with the error description or null - * if no error - */ - public static String VerifyCertificate(X509Certificate cert, object[] crls, DateTime calendar) { - try { - if (!cert.IsValid(calendar)) - return "The certificate has expired or is not yet valid"; - } - catch (Exception e) { - return e.ToString(); - } - return null; - } - - /** - * Verifies a certificate chain against a KeyStore. - * @param certs the certificate chain + * Verifies an OCSP response against a KeyStore. + * @param ocsp the OCSP response * @param keystore the KeyStore - * @param crls the certificate revocation list or null - * @param calendar the date or null for the current date - * @return null if the certificate chain could be validade or a - * Object[]{cert,error} where cert is the - * failed certificate and error is the error message + * @param provider the provider or null to use the BouncyCastle provider + * @return true is a certificate was found + * @since 2.1.6 */ - public static Object[] VerifyCertificates(X509Certificate[] certs, ArrayList keystore, object[] crls, DateTime calendar) { - for (int k = 0; k < certs.Length; ++k) { - X509Certificate cert = certs[k]; - String err = VerifyCertificate(cert, crls, calendar); - if (err != null) - return new Object[]{cert, err}; + public static bool VerifyOcspCertificates(BasicOcspResp ocsp, ArrayList keystore) { + try { foreach (X509Certificate certStoreX509 in keystore) { try { - if (VerifyCertificate(certStoreX509, crls, calendar) != null) - continue; - try { - cert.Verify(certStoreX509.GetPublicKey()); - return null; - } - catch { - continue; - } + if (ocsp.Verify(certStoreX509.GetPublicKey())) + return true; } catch { } } - int j; - for (j = 0; j < certs.Length; ++j) { - if (j == k) - continue; - X509Certificate certNext = certs[j]; + } + catch { + } + return false; + } + + /** + * Verifies a timestamp against a KeyStore. + * @param ts the timestamp + * @param keystore the KeyStore + * @param provider the provider or null to use the BouncyCastle provider + * @return true is a certificate was found + * @since 2.1.6 + */ + public static bool VerifyTimestampCertificates(TimeStampToken ts, ArrayList keystore) { + try { + foreach (X509Certificate certStoreX509 in keystore) { try { - cert.Verify(certNext.GetPublicKey()); - break; + ts.Validate(certStoreX509); + return true; } catch { } } - if (j == certs.Length) - return new Object[]{cert, "Cannot be verified against the KeyStore or the certificate chain"}; } - return new Object[]{null, "Invalid state. Possible circular certificate chain"}; + catch { + } + return false; } - + /** - * Get the "issuer" from the TBSCertificate bytes that are passed in - * @param enc a TBSCertificate in a byte array - * @return a DERObject + * Retrieves the OCSP URL from the given certificate. + * @param certificate the certificate + * @return the URL or null + * @throws CertificateParsingException on error + * @since 2.1.6 */ - private static Asn1Object GetIssuer(byte[] enc) { - Asn1InputStream inp = new Asn1InputStream(new MemoryStream(enc)); - Asn1Sequence seq = (Asn1Sequence)inp.ReadObject(); - return (Asn1Object)seq[seq[0] is DerTaggedObject ? 3 : 2]; - } - - /** - * Get the "subject" from the TBSCertificate bytes that are passed in - * @param enc A TBSCertificate in a byte array - * @return a DERObject - */ - private static Asn1Object GetSubject(byte[] enc) { - Asn1InputStream inp = new Asn1InputStream(new MemoryStream(enc)); - Asn1Sequence seq = (Asn1Sequence)inp.ReadObject(); - return (Asn1Object)seq[seq[0] is DerTaggedObject ? 5 : 4]; - } - - /** - * Get the issuer fields from an X509 Certificate - * @param cert an X509Certificate - * @return an X509Name - */ - public static X509Name GetIssuerFields(X509Certificate cert) { - return new X509Name((Asn1Sequence)GetIssuer(cert.GetTbsCertificate())); - } - - /** - * Get the subject fields from an X509 Certificate - * @param cert an X509Certificate - * @return an X509Name - */ - public static X509Name GetSubjectFields(X509Certificate cert) { - return new X509Name((Asn1Sequence)GetSubject(cert.GetTbsCertificate())); - } - - /** - * Gets the bytes for the PKCS#1 object. - * @return a byte array - */ - public byte[] GetEncodedPKCS1() { - if (externalDigest != null) - digest = externalDigest; - else - digest = sig.GenerateSignature(); - MemoryStream bOut = new MemoryStream(); - - Asn1OutputStream dout = new Asn1OutputStream(bOut); - dout.WriteObject(new DerOctetString(digest)); - dout.Close(); - - return bOut.ToArray(); - } - - /** - * Sets the digest/signature to an external calculated value. - * @param digest the digest. This is the actual signature - * @param RSAdata the extra data that goes into the data tag in PKCS#7 - * @param digestEncryptionAlgorithm the encryption algorithm. It may must be null if the digest - * is also null. If the digest is not null - * then it may be "RSA" or "DSA" - */ - public void SetExternalDigest(byte[] digest, byte[] RSAdata, String digestEncryptionAlgorithm) { - externalDigest = digest; - externalRSAdata = RSAdata; - if (digestEncryptionAlgorithm != null) { - if (digestEncryptionAlgorithm.Equals("RSA")) { - this.digestEncryptionAlgorithm = ID_RSA; - } - else if (digestEncryptionAlgorithm.Equals("DSA")) { - this.digestEncryptionAlgorithm = ID_DSA; - } - else - throw new ArgumentException("Unknown Key Algorithm "+digestEncryptionAlgorithm); - } - } - - /** - * Gets the bytes for the PKCS7SignedData object. - * @return the bytes for the PKCS7SignedData object - */ - public byte[] GetEncodedPKCS7() { - return GetEncodedPKCS7(null, DateTime.Now); - } - - /** - * Gets the bytes for the PKCS7SignedData object. Optionally the authenticatedAttributes - * in the signerInfo can also be set. If either of the parameters is null, none will be used. - * @param secondDigest the digest in the authenticatedAttributes - * @param signingTime the signing time in the authenticatedAttributes - * @return the bytes for the PKCS7SignedData object - */ - public byte[] GetEncodedPKCS7(byte[] secondDigest, DateTime signingTime) { - if (externalDigest != null) { - digest = externalDigest; - if (RSAdata != null) - RSAdata = externalRSAdata; - } - else if (externalRSAdata != null && RSAdata != null) { - RSAdata = externalRSAdata; - sig.BlockUpdate(RSAdata, 0, RSAdata.Length); - digest = sig.GenerateSignature(); - } - else { - if (RSAdata != null) { - RSAdata = new byte[messageDigest.GetDigestSize()]; - messageDigest.DoFinal(RSAdata, 0); - sig.BlockUpdate(RSAdata, 0, RSAdata.Length); - } - digest = sig.GenerateSignature(); - } - - // Create the set of Hash algorithms - Asn1EncodableVector digestAlgorithms = new Asn1EncodableVector(); - foreach (string dal in digestalgos.Keys) { - Asn1EncodableVector algos = new Asn1EncodableVector(); - algos.Add(new DerObjectIdentifier(dal)); - algos.Add(DerNull.Instance); - digestAlgorithms.Add(new DerSequence(algos)); - } - - // Create the contentInfo. - Asn1EncodableVector v = new Asn1EncodableVector(); - v.Add(new DerObjectIdentifier(ID_PKCS7_DATA)); - if (RSAdata != null) - v.Add(new DerTaggedObject(0, new DerOctetString(RSAdata))); - DerSequence contentinfo = new DerSequence(v); - - // Get all the certificates - // - v = new Asn1EncodableVector(); - foreach (X509Certificate xcert in certs) { - Asn1InputStream tempstream = new Asn1InputStream(new MemoryStream(xcert.GetEncoded())); - v.Add(tempstream.ReadObject()); - } - - DerSet dercertificates = new DerSet(v); - - // Create signerinfo structure. - // - Asn1EncodableVector signerinfo = new Asn1EncodableVector(); - - // Add the signerInfo version - // - signerinfo.Add(new DerInteger(signerversion)); - - v = new Asn1EncodableVector(); - v.Add(GetIssuer(signCert.GetTbsCertificate())); - v.Add(new DerInteger(signCert.SerialNumber)); - signerinfo.Add(new DerSequence(v)); - - // Add the digestAlgorithm - v = new Asn1EncodableVector(); - v.Add(new DerObjectIdentifier(digestAlgorithm)); - v.Add(DerNull.Instance); - signerinfo.Add(new DerSequence(v)); - - // add the authenticated attribute if present - if (secondDigest != null /*&& signingTime != null*/) { - Asn1EncodableVector attribute = new Asn1EncodableVector(); - v = new Asn1EncodableVector(); - v.Add(new DerObjectIdentifier(ID_CONTENT_TYPE)); - v.Add(new DerSet(new DerObjectIdentifier(ID_PKCS7_DATA))); - attribute.Add(new DerSequence(v)); - v = new Asn1EncodableVector(); - v.Add(new DerObjectIdentifier(ID_SIGNING_TIME)); - v.Add(new DerSet(new DerUtcTime(signingTime))); - attribute.Add(new DerSequence(v)); - v = new Asn1EncodableVector(); - v.Add(new DerObjectIdentifier(ID_MESSAGE_DIGEST)); - v.Add(new DerSet(new DerOctetString(secondDigest))); - attribute.Add(new DerSequence(v)); - signerinfo.Add(new DerTaggedObject(false, 0, new DerSet(attribute))); - } - // Add the digestEncryptionAlgorithm - v = new Asn1EncodableVector(); - v.Add(new DerObjectIdentifier(digestEncryptionAlgorithm)); - v.Add(DerNull.Instance); - signerinfo.Add(new DerSequence(v)); - - // Add the digest - signerinfo.Add(new DerOctetString(digest)); - - - // Finally build the body out of all the components above - Asn1EncodableVector body = new Asn1EncodableVector(); - body.Add(new DerInteger(version)); - body.Add(new DerSet(digestAlgorithms)); - body.Add(contentinfo); - body.Add(new DerTaggedObject(false, 0, dercertificates)); - -// if (crls.Count > 0) { -// v = new Asn1EncodableVector(); -// for (Iterator i = crls.Iterator();i.HasNext();) { -// Asn1InputStream t = new Asn1InputStream(new ByteArrayInputStream((((X509CRL)i.Next()).GetEncoded()))); -// v.Add(t.ReadObject()); -// } -// DERSet dercrls = new DERSet(v); -// body.Add(new DERTaggedObject(false, 1, dercrls)); -// } - - // Only allow one signerInfo - body.Add(new DerSet(new DerSequence(signerinfo))); - - // Now we have the body, wrap it in it's PKCS7Signed shell - // and return it - // - Asn1EncodableVector whole = new Asn1EncodableVector(); - whole.Add(new DerObjectIdentifier(ID_PKCS7_SIGNED_DATA)); - whole.Add(new DerTaggedObject(0, new DerSequence(body))); - - MemoryStream bOut = new MemoryStream(); - - Asn1OutputStream dout = new Asn1OutputStream(bOut); - dout.WriteObject(new DerSequence(whole)); - dout.Close(); - - return bOut.ToArray(); - } - - - /** - * When using authenticatedAttributes the authentication process is different. - * The document digest is generated and put inside the attribute. The signing is done over the DER encoded - * authenticatedAttributes. This method provides that encoding and the parameters must be - * exactly the same as in {@link #getEncodedPKCS7(byte[],Calendar)}. - *

- * A simple example: - *

- * 

-        * Calendar cal = Calendar.GetInstance();
-        * PdfPKCS7 pk7 = new PdfPKCS7(key, chain, null, "SHA1", null, false);
-        * MessageDigest messageDigest = MessageDigest.GetInstance("SHA1");
-        * byte buf[] = new byte[8192];
-        * int n;
-        * Stream inp = sap.GetRangeStream();
-        * while ((n = inp.Read(buf)) > 0) {
-        *    messageDigest.Update(buf, 0, n);
-        * }
-        * byte hash[] = messageDigest.Digest();
-        * byte sh[] = pk7.GetAuthenticatedAttributeBytes(hash, cal);
-        * pk7.Update(sh, 0, sh.length);
-        * byte sg[] = pk7.GetEncodedPKCS7(hash, cal);
-        *
- * @param secondDigest the content digest - * @param signingTime the signing time - * @return the byte array representation of the authenticatedAttributes ready to be signed - */ - public byte[] GetAuthenticatedAttributeBytes(byte[] secondDigest, DateTime signingTime) { - Asn1EncodableVector attribute = new Asn1EncodableVector(); - Asn1EncodableVector v = new Asn1EncodableVector(); - v.Add(new DerObjectIdentifier(ID_CONTENT_TYPE)); - v.Add(new DerSet(new DerObjectIdentifier(ID_PKCS7_DATA))); - attribute.Add(new DerSequence(v)); - v = new Asn1EncodableVector(); - v.Add(new DerObjectIdentifier(ID_SIGNING_TIME)); - v.Add(new DerSet(new DerUtcTime(signingTime))); - attribute.Add(new DerSequence(v)); - v = new Asn1EncodableVector(); - v.Add(new DerObjectIdentifier(ID_MESSAGE_DIGEST)); - v.Add(new DerSet(new DerOctetString(secondDigest))); - attribute.Add(new DerSequence(v)); - MemoryStream bOut = new MemoryStream(); - - Asn1OutputStream dout = new Asn1OutputStream(bOut); - dout.WriteObject(new DerSet(attribute)); - dout.Close(); - - return bOut.ToArray(); - } - - - public string Reason { - get { - return reason; - } - set { - reason = value; - } - } - - - public string Location { - get { - return location; - } - set { - location = value; - } - } - - - public DateTime SignDate { - get { - return signDate; - } - set { - signDate = value; - } - } - - - public string SignName { - get { - return signName; - } - set { - signName = value; - } - } - - /** - * a class that holds an X509 name - */ - public class X509Name { - /** - * country code - StringType(SIZE(2)) - */ - public static DerObjectIdentifier C = new DerObjectIdentifier("2.5.4.6"); - - /** - * organization - StringType(SIZE(1..64)) - */ - public static DerObjectIdentifier O = new DerObjectIdentifier("2.5.4.10"); - - /** - * organizational unit name - StringType(SIZE(1..64)) - */ - public static DerObjectIdentifier OU = new DerObjectIdentifier("2.5.4.11"); - - /** - * Title - */ - public static DerObjectIdentifier T = new DerObjectIdentifier("2.5.4.12"); - - /** - * common name - StringType(SIZE(1..64)) - */ - public static DerObjectIdentifier CN = new DerObjectIdentifier("2.5.4.3"); - - /** - * device serial number name - StringType(SIZE(1..64)) - */ - public static DerObjectIdentifier SN = new DerObjectIdentifier("2.5.4.5"); - - /** - * locality name - StringType(SIZE(1..64)) - */ - public static DerObjectIdentifier L = new DerObjectIdentifier("2.5.4.7"); - - /** - * state, or province name - StringType(SIZE(1..64)) - */ - public static DerObjectIdentifier ST = new DerObjectIdentifier("2.5.4.8"); - - /** Naming attribute of type X520name */ - public static DerObjectIdentifier SURNAME = new DerObjectIdentifier("2.5.4.4"); - /** Naming attribute of type X520name */ - public static DerObjectIdentifier GIVENNAME = new DerObjectIdentifier("2.5.4.42"); - /** Naming attribute of type X520name */ - public static DerObjectIdentifier INITIALS = new DerObjectIdentifier("2.5.4.43"); - /** Naming attribute of type X520name */ - public static DerObjectIdentifier GENERATION = new DerObjectIdentifier("2.5.4.44"); - /** Naming attribute of type X520name */ - public static DerObjectIdentifier UNIQUE_IDENTIFIER = new DerObjectIdentifier("2.5.4.45"); - - /** - * Email address (RSA PKCS#9 extension) - IA5String. - *

Note: if you're trying to be ultra orthodox, don't use this! It shouldn't be in here. - */ - public static DerObjectIdentifier EmailAddress = new DerObjectIdentifier("1.2.840.113549.1.9.1"); - - /** - * email address in Verisign certificates - */ - public static DerObjectIdentifier E = EmailAddress; - - /** object identifier */ - public static DerObjectIdentifier DC = new DerObjectIdentifier("0.9.2342.19200300.100.1.25"); - - /** LDAP User id. */ - public static DerObjectIdentifier UID = new DerObjectIdentifier("0.9.2342.19200300.100.1.1"); - - /** A Hashtable with default symbols */ - public static Hashtable DefaultSymbols = new Hashtable(); - - static X509Name(){ - DefaultSymbols[C] = "C"; - DefaultSymbols[O] = "O"; - DefaultSymbols[T] = "T"; - DefaultSymbols[OU] = "OU"; - DefaultSymbols[CN] = "CN"; - DefaultSymbols[L] = "L"; - DefaultSymbols[ST] = "ST"; - DefaultSymbols[SN] = "SN"; - DefaultSymbols[EmailAddress] = "E"; - DefaultSymbols[DC] = "DC"; - DefaultSymbols[UID] = "UID"; - DefaultSymbols[SURNAME] = "SURNAME"; - DefaultSymbols[GIVENNAME] = "GIVENNAME"; - DefaultSymbols[INITIALS] = "INITIALS"; - DefaultSymbols[GENERATION] = "GENERATION"; - } - /** A Hashtable with values */ - public Hashtable values = new Hashtable(); - - /** - * Constructs an X509 name - * @param seq an Asn1 Sequence - */ - public X509Name(Asn1Sequence seq) { - IEnumerator e = seq.GetEnumerator(); - - while (e.MoveNext()) { - Asn1Set sett = (Asn1Set)e.Current; - - for (int i = 0; i < sett.Count; i++) { - Asn1Sequence s = (Asn1Sequence)sett[i]; - String id = (String)DefaultSymbols[s[0]]; - if (id == null) - continue; - ArrayList vs = (ArrayList)values[id]; - if (vs == null) { - vs = new ArrayList(); - values[id] = vs; - } - vs.Add(((DerStringBase)s[1]).GetString()); - } - } - } - /** - * Constructs an X509 name - * @param dirName a directory name - */ - public X509Name(String dirName) { - X509NameTokenizer nTok = new X509NameTokenizer(dirName); - - while (nTok.HasMoreTokens()) { - String token = nTok.NextToken(); - int index = token.IndexOf('='); - - if (index == -1) { - throw new ArgumentException("badly formated directory string"); - } - - String id = token.Substring(0, index).ToUpper(System.Globalization.CultureInfo.InvariantCulture); - String value = token.Substring(index + 1); - ArrayList vs = (ArrayList)values[id]; - if (vs == null) { - vs = new ArrayList(); - values[id] = vs; - } - vs.Add(value); - } - - } - - public String GetField(String name) { - ArrayList vs = (ArrayList)values[name]; - return vs == null ? null : (String)vs[0]; - } - - /** - * gets a field array from the values Hashmap - * @param name - * @return an ArrayList - */ - public ArrayList GetFieldArray(String name) { - ArrayList vs = (ArrayList)values[name]; - return vs == null ? null : vs; - } - - /** - * getter for values - * @return a Hashtable with the fields of the X509 name - */ - public Hashtable GetFields() { - return values; - } - - /** - * @see java.lang.Object#toString() - */ - public override String ToString() { - return values.ToString(); - } - } - - /** - * class for breaking up an X500 Name into it's component tokens, ala - * java.util.StringTokenizer. We need this class as some of the - * lightweight Java environment don't support classes like - * StringTokenizer. - */ - public class X509NameTokenizer { - private String oid; - private int index; - private StringBuilder buf = new StringBuilder(); - - public X509NameTokenizer( - String oid) { - this.oid = oid; - this.index = -1; - } - - public bool HasMoreTokens() { - return (index != oid.Length); - } - - public String NextToken() { - if (index == oid.Length) { + public static String GetOCSPURL(X509Certificate certificate) { + try { + Asn1Object obj = GetExtensionValue(certificate, X509Extensions.AuthorityInfoAccess.Id); + if (obj == null) { return null; } - int end = index + 1; - bool quoted = false; - bool escaped = false; - - buf.Length = 0; - - while (end != oid.Length) { - char c = oid[end]; - - if (c == '"') { - if (!escaped) { - quoted = !quoted; - } - else { - buf.Append(c); - } - escaped = false; - } - else { - if (escaped || quoted) { - buf.Append(c); - escaped = false; - } - else if (c == '\\') { - escaped = true; - } - else if (c == ',') { - break; - } - else { - buf.Append(c); + Asn1Sequence AccessDescriptions = (Asn1Sequence) obj; + for (int i = 0; i < AccessDescriptions.Count; i++) { + Asn1Sequence AccessDescription = (Asn1Sequence) AccessDescriptions[i]; + if ( AccessDescription.Count != 2 ) { + continue; + } else { + if ((AccessDescription[0] is DerObjectIdentifier) && ((DerObjectIdentifier)AccessDescription[0]).Id.Equals("1.3.6.1.5.5.7.48.1")) { + String AccessLocation = GetStringFromGeneralName((Asn1Object)AccessDescription[1]); + if ( AccessLocation == null ) { + return "" ; + } else { + return AccessLocation ; + } } } - end++; } - - index = end; - return buf.ToString().Trim(); + } catch { } + return null; + } + + /** + * Checks if OCSP revocation refers to the document signing certificate. + * @return true if it checks false otherwise + * @since 2.1.6 + */ + public bool IsRevocationValid() { + if (basicResp == null) + return false; + if (signCerts.Count < 2) + return false; + try { + X509Certificate[] cs = SignCertificateChain; + SingleResp sr = basicResp.Responses[0]; + CertificateID cid = sr.GetCertID(); + X509Certificate sigcer = SigningCertificate; + X509Certificate isscer = cs[1]; + CertificateID tis = new CertificateID(CertificateID.HashSha1, isscer, sigcer.SerialNumber); + return tis.Equals(cid); + } + catch { + } + return false; + } + + private static Asn1Object GetExtensionValue(X509Certificate cert, String oid) { + byte[] bytes = cert.GetExtensionValue(new DerObjectIdentifier(oid)).GetDerEncoded(); + if (bytes == null) { + return null; + } + Asn1InputStream aIn = new Asn1InputStream(new MemoryStream(bytes)); + Asn1OctetString octs = (Asn1OctetString) aIn.ReadObject(); + aIn = new Asn1InputStream(new MemoryStream(octs.GetOctets())); + return aIn.ReadObject(); + } + + private static String GetStringFromGeneralName(Asn1Object names) { + DerTaggedObject taggedObject = (DerTaggedObject) names ; + return Encoding.GetEncoding(1252).GetString(Asn1OctetString.GetInstance(taggedObject, false).GetOctets()); } - } -} + /** + * Get the "issuer" from the TBSCertificate bytes that are passed in + * @param enc a TBSCertificate in a byte array + * @return a DERObject + */ + private static Asn1Object GetIssuer(byte[] enc) { + Asn1InputStream inp = new Asn1InputStream(new MemoryStream(enc)); + Asn1Sequence seq = (Asn1Sequence)inp.ReadObject(); + return (Asn1Object)seq[seq[0] is DerTaggedObject ? 3 : 2]; + } + + /** + * Get the "subject" from the TBSCertificate bytes that are passed in + * @param enc A TBSCertificate in a byte array + * @return a DERObject + */ + private static Asn1Object GetSubject(byte[] enc) { + Asn1InputStream inp = new Asn1InputStream(new MemoryStream(enc)); + Asn1Sequence seq = (Asn1Sequence)inp.ReadObject(); + return (Asn1Object)seq[seq[0] is DerTaggedObject ? 5 : 4]; + } + + /** + * Get the issuer fields from an X509 Certificate + * @param cert an X509Certificate + * @return an X509Name + */ + public static X509Name GetIssuerFields(X509Certificate cert) { + return new X509Name((Asn1Sequence)GetIssuer(cert.GetTbsCertificate())); + } + + /** + * Get the subject fields from an X509 Certificate + * @param cert an X509Certificate + * @return an X509Name + */ + public static X509Name GetSubjectFields(X509Certificate cert) { + return new X509Name((Asn1Sequence)GetSubject(cert.GetTbsCertificate())); + } + + /** + * Gets the bytes for the PKCS#1 object. + * @return a byte array + */ + public byte[] GetEncodedPKCS1() { + if (externalDigest != null) + digest = externalDigest; + else + digest = sig.GenerateSignature(); + MemoryStream bOut = new MemoryStream(); + + Asn1OutputStream dout = new Asn1OutputStream(bOut); + dout.WriteObject(new DerOctetString(digest)); + dout.Close(); + + return bOut.ToArray(); + } + + /** + * Sets the digest/signature to an external calculated value. + * @param digest the digest. This is the actual signature + * @param RSAdata the extra data that goes into the data tag in PKCS#7 + * @param digestEncryptionAlgorithm the encryption algorithm. It may must be null if the digest + * is also null. If the digest is not null + * then it may be "RSA" or "DSA" + */ + public void SetExternalDigest(byte[] digest, byte[] RSAdata, String digestEncryptionAlgorithm) { + externalDigest = digest; + externalRSAdata = RSAdata; + if (digestEncryptionAlgorithm != null) { + if (digestEncryptionAlgorithm.Equals("RSA")) { + this.digestEncryptionAlgorithm = ID_RSA; + } + else if (digestEncryptionAlgorithm.Equals("DSA")) { + this.digestEncryptionAlgorithm = ID_DSA; + } + else + throw new ArgumentException("Unknown Key Algorithm "+digestEncryptionAlgorithm); + } + } + + /** + * Gets the bytes for the PKCS7SignedData object. + * @return the bytes for the PKCS7SignedData object + */ + public byte[] GetEncodedPKCS7() { + return GetEncodedPKCS7(null, DateTime.Now, null, null); + } + + /** + * Gets the bytes for the PKCS7SignedData object. Optionally the authenticatedAttributes + * in the signerInfo can also be set. If either of the parameters is null, none will be used. + * @param secondDigest the digest in the authenticatedAttributes + * @param signingTime the signing time in the authenticatedAttributes + * @return the bytes for the PKCS7SignedData object + */ + public byte[] GetEncodedPKCS7(byte[] secondDigest, DateTime signingTime) { + return GetEncodedPKCS7(secondDigest, signingTime, null, null); + } + + /** + * Gets the bytes for the PKCS7SignedData object. Optionally the authenticatedAttributes + * in the signerInfo can also be set, OR a time-stamp-authority client + * may be provided. + * @param secondDigest the digest in the authenticatedAttributes + * @param signingTime the signing time in the authenticatedAttributes + * @param tsaClient TSAClient - null or an optional time stamp authority client + * @return byte[] the bytes for the PKCS7SignedData object + * @since 2.1.6 + */ + public byte[] GetEncodedPKCS7(byte[] secondDigest, DateTime signingTime, ITSAClient tsaClient, byte[] ocsp) { + if (externalDigest != null) { + digest = externalDigest; + if (RSAdata != null) + RSAdata = externalRSAdata; + } + else if (externalRSAdata != null && RSAdata != null) { + RSAdata = externalRSAdata; + sig.BlockUpdate(RSAdata, 0, RSAdata.Length); + digest = sig.GenerateSignature(); + } + else { + if (RSAdata != null) { + RSAdata = new byte[messageDigest.GetDigestSize()]; + messageDigest.DoFinal(RSAdata, 0); + sig.BlockUpdate(RSAdata, 0, RSAdata.Length); + } + digest = sig.GenerateSignature(); + } + + // Create the set of Hash algorithms + Asn1EncodableVector digestAlgorithms = new Asn1EncodableVector(); + foreach (string dal in digestalgos.Keys) { + Asn1EncodableVector algos = new Asn1EncodableVector(); + algos.Add(new DerObjectIdentifier(dal)); + algos.Add(DerNull.Instance); + digestAlgorithms.Add(new DerSequence(algos)); + } + + // Create the contentInfo. + Asn1EncodableVector v = new Asn1EncodableVector(); + v.Add(new DerObjectIdentifier(ID_PKCS7_DATA)); + if (RSAdata != null) + v.Add(new DerTaggedObject(0, new DerOctetString(RSAdata))); + DerSequence contentinfo = new DerSequence(v); + + // Get all the certificates + // + v = new Asn1EncodableVector(); + foreach (X509Certificate xcert in certs) { + Asn1InputStream tempstream = new Asn1InputStream(new MemoryStream(xcert.GetEncoded())); + v.Add(tempstream.ReadObject()); + } + + DerSet dercertificates = new DerSet(v); + + // Create signerinfo structure. + // + Asn1EncodableVector signerinfo = new Asn1EncodableVector(); + + // Add the signerInfo version + // + signerinfo.Add(new DerInteger(signerversion)); + + v = new Asn1EncodableVector(); + v.Add(GetIssuer(signCert.GetTbsCertificate())); + v.Add(new DerInteger(signCert.SerialNumber)); + signerinfo.Add(new DerSequence(v)); + + // Add the digestAlgorithm + v = new Asn1EncodableVector(); + v.Add(new DerObjectIdentifier(digestAlgorithm)); + v.Add(DerNull.Instance); + signerinfo.Add(new DerSequence(v)); + + // add the authenticated attribute if present + if (secondDigest != null /*&& signingTime != null*/) { + signerinfo.Add(new DerTaggedObject(false, 0, GetAuthenticatedAttributeSet(secondDigest, signingTime, ocsp))); + } + // Add the digestEncryptionAlgorithm + v = new Asn1EncodableVector(); + v.Add(new DerObjectIdentifier(digestEncryptionAlgorithm)); + v.Add(DerNull.Instance); + signerinfo.Add(new DerSequence(v)); + + // Add the digest + signerinfo.Add(new DerOctetString(digest)); + + // When requested, go get and add the timestamp. May throw an exception. + // Added by Martin Brunecky, 07/12/2007 folowing Aiken Sam, 2006-11-15 + // Sam found Adobe expects time-stamped SHA1-1 of the encrypted digest + if (tsaClient != null) { + byte[] tsImprint = new System.Security.Cryptography.SHA1CryptoServiceProvider().ComputeHash(digest); + byte[] tsToken = tsaClient.GetTimeStampToken(this, tsImprint); + if (tsToken != null) { + Asn1EncodableVector unauthAttributes = BuildUnauthenticatedAttributes(tsToken); + if (unauthAttributes != null) { + signerinfo.Add(new DerTaggedObject(false, 1, new DerSet(unauthAttributes))); + } + } + } + + // Finally build the body out of all the components above + Asn1EncodableVector body = new Asn1EncodableVector(); + body.Add(new DerInteger(version)); + body.Add(new DerSet(digestAlgorithms)); + body.Add(contentinfo); + body.Add(new DerTaggedObject(false, 0, dercertificates)); + +// if (crls.Count > 0) { +// v = new Asn1EncodableVector(); +// for (Iterator i = crls.Iterator();i.HasNext();) { +// Asn1InputStream t = new Asn1InputStream(new ByteArrayInputStream((((X509CRL)i.Next()).GetEncoded()))); +// v.Add(t.ReadObject()); +// } +// DERSet dercrls = new DERSet(v); +// body.Add(new DERTaggedObject(false, 1, dercrls)); +// } + + // Only allow one signerInfo + body.Add(new DerSet(new DerSequence(signerinfo))); + + // Now we have the body, wrap it in it's PKCS7Signed shell + // and return it + // + Asn1EncodableVector whole = new Asn1EncodableVector(); + whole.Add(new DerObjectIdentifier(ID_PKCS7_SIGNED_DATA)); + whole.Add(new DerTaggedObject(0, new DerSequence(body))); + + MemoryStream bOut = new MemoryStream(); + + Asn1OutputStream dout = new Asn1OutputStream(bOut); + dout.WriteObject(new DerSequence(whole)); + dout.Close(); + + return bOut.ToArray(); + } + + /** + * Added by Aiken Sam, 2006-11-15, modifed by Martin Brunecky 07/12/2007 + * to start with the timeStampToken (signedData 1.2.840.113549.1.7.2). + * Token is the TSA response without response status, which is usually + * handled by the (vendor supplied) TSA request/response interface). + * @param timeStampToken byte[] - time stamp token, DER encoded signedData + * @return ASN1EncodableVector + * @throws IOException + */ + private Asn1EncodableVector BuildUnauthenticatedAttributes(byte[] timeStampToken) { + if (timeStampToken == null) + return null; + + // @todo: move this together with the rest of the defintions + String ID_TIME_STAMP_TOKEN = "1.2.840.113549.1.9.16.2.14"; // RFC 3161 id-aa-timeStampToken + + Asn1InputStream tempstream = new Asn1InputStream(new MemoryStream(timeStampToken)); + Asn1EncodableVector unauthAttributes = new Asn1EncodableVector(); + + Asn1EncodableVector v = new Asn1EncodableVector(); + v.Add(new DerObjectIdentifier(ID_TIME_STAMP_TOKEN)); // id-aa-timeStampToken + Asn1Sequence seq = (Asn1Sequence) tempstream.ReadObject(); + v.Add(new DerSet(seq)); + + unauthAttributes.Add(new DerSequence(v)); + return unauthAttributes; + } + + /** + * When using authenticatedAttributes the authentication process is different. + * The document digest is generated and put inside the attribute. The signing is done over the DER encoded + * authenticatedAttributes. This method provides that encoding and the parameters must be + * exactly the same as in {@link #getEncodedPKCS7(byte[],Calendar)}. + *

+ * A simple example: + *

+ * 

+        * Calendar cal = Calendar.GetInstance();
+        * PdfPKCS7 pk7 = new PdfPKCS7(key, chain, null, "SHA1", null, false);
+        * MessageDigest messageDigest = MessageDigest.GetInstance("SHA1");
+        * byte buf[] = new byte[8192];
+        * int n;
+        * Stream inp = sap.GetRangeStream();
+        * while ((n = inp.Read(buf)) > 0) {
+        *    messageDigest.Update(buf, 0, n);
+        * }
+        * byte hash[] = messageDigest.Digest();
+        * byte sh[] = pk7.GetAuthenticatedAttributeBytes(hash, cal);
+        * pk7.Update(sh, 0, sh.length);
+        * byte sg[] = pk7.GetEncodedPKCS7(hash, cal);
+        *
+ * @param secondDigest the content digest + * @param signingTime the signing time + * @return the byte array representation of the authenticatedAttributes ready to be signed + */ + public byte[] GetAuthenticatedAttributeBytes(byte[] secondDigest, DateTime signingTime, byte[] ocsp) { + MemoryStream bOut = new MemoryStream(); + + Asn1OutputStream dout = new Asn1OutputStream(bOut); + dout.WriteObject(GetAuthenticatedAttributeSet(secondDigest, signingTime, ocsp)); + dout.Close(); + + return bOut.ToArray(); + } + + private DerSet GetAuthenticatedAttributeSet(byte[] secondDigest, DateTime signingTime, byte[] ocsp) { + Asn1EncodableVector attribute = new Asn1EncodableVector(); + Asn1EncodableVector v = new Asn1EncodableVector(); + v.Add(new DerObjectIdentifier(ID_CONTENT_TYPE)); + v.Add(new DerSet(new DerObjectIdentifier(ID_PKCS7_DATA))); + attribute.Add(new DerSequence(v)); + v = new Asn1EncodableVector(); + v.Add(new DerObjectIdentifier(ID_SIGNING_TIME)); + v.Add(new DerSet(new DerUtcTime(signingTime))); + attribute.Add(new DerSequence(v)); + v = new Asn1EncodableVector(); + v.Add(new DerObjectIdentifier(ID_MESSAGE_DIGEST)); + v.Add(new DerSet(new DerOctetString(secondDigest))); + attribute.Add(new DerSequence(v)); + if (ocsp != null) { + v = new Asn1EncodableVector(); + v.Add(new DerObjectIdentifier(ID_ADBE_REVOCATION)); + DerOctetString doctet = new DerOctetString(ocsp); + Asn1EncodableVector vo1 = new Asn1EncodableVector(); + Asn1EncodableVector v2 = new Asn1EncodableVector(); + v2.Add(OcspObjectIdentifiers.PkixOcspBasic); + v2.Add(doctet); + DerEnumerated den = new DerEnumerated(0); + Asn1EncodableVector v3 = new Asn1EncodableVector(); + v3.Add(den); + v3.Add(new DerTaggedObject(true, 0, new DerSequence(v2))); + vo1.Add(new DerSequence(v3)); + v.Add(new DerSet(new DerSequence(new DerTaggedObject(true, 1, new DerSequence(vo1))))); + attribute.Add(new DerSequence(v)); + } + return new DerSet(attribute); + } + + + public string Reason { + get { + return reason; + } + set { + reason = value; + } + } + + + public string Location { + get { + return location; + } + set { + location = value; + } + } + + + public DateTime SignDate { + get { + return signDate; + } + set { + signDate = value; + } + } + + + public string SignName { + get { + return signName; + } + set { + signName = value; + } + } + + /** + * a class that holds an X509 name + */ + public class X509Name { + /** + * country code - StringType(SIZE(2)) + */ + public static DerObjectIdentifier C = new DerObjectIdentifier("2.5.4.6"); + + /** + * organization - StringType(SIZE(1..64)) + */ + public static DerObjectIdentifier O = new DerObjectIdentifier("2.5.4.10"); + + /** + * organizational unit name - StringType(SIZE(1..64)) + */ + public static DerObjectIdentifier OU = new DerObjectIdentifier("2.5.4.11"); + + /** + * Title + */ + public static DerObjectIdentifier T = new DerObjectIdentifier("2.5.4.12"); + + /** + * common name - StringType(SIZE(1..64)) + */ + public static DerObjectIdentifier CN = new DerObjectIdentifier("2.5.4.3"); + + /** + * device serial number name - StringType(SIZE(1..64)) + */ + public static DerObjectIdentifier SN = new DerObjectIdentifier("2.5.4.5"); + + /** + * locality name - StringType(SIZE(1..64)) + */ + public static DerObjectIdentifier L = new DerObjectIdentifier("2.5.4.7"); + + /** + * state, or province name - StringType(SIZE(1..64)) + */ + public static DerObjectIdentifier ST = new DerObjectIdentifier("2.5.4.8"); + + /** Naming attribute of type X520name */ + public static DerObjectIdentifier SURNAME = new DerObjectIdentifier("2.5.4.4"); + /** Naming attribute of type X520name */ + public static DerObjectIdentifier GIVENNAME = new DerObjectIdentifier("2.5.4.42"); + /** Naming attribute of type X520name */ + public static DerObjectIdentifier INITIALS = new DerObjectIdentifier("2.5.4.43"); + /** Naming attribute of type X520name */ + public static DerObjectIdentifier GENERATION = new DerObjectIdentifier("2.5.4.44"); + /** Naming attribute of type X520name */ + public static DerObjectIdentifier UNIQUE_IDENTIFIER = new DerObjectIdentifier("2.5.4.45"); + + /** + * Email address (RSA PKCS#9 extension) - IA5String. + *

Note: if you're trying to be ultra orthodox, don't use this! It shouldn't be in here. + */ + public static DerObjectIdentifier EmailAddress = new DerObjectIdentifier("1.2.840.113549.1.9.1"); + + /** + * email address in Verisign certificates + */ + public static DerObjectIdentifier E = EmailAddress; + + /** object identifier */ + public static DerObjectIdentifier DC = new DerObjectIdentifier("0.9.2342.19200300.100.1.25"); + + /** LDAP User id. */ + public static DerObjectIdentifier UID = new DerObjectIdentifier("0.9.2342.19200300.100.1.1"); + + /** A Hashtable with default symbols */ + public static Hashtable DefaultSymbols = new Hashtable(); + + static X509Name(){ + DefaultSymbols[C] = "C"; + DefaultSymbols[O] = "O"; + DefaultSymbols[T] = "T"; + DefaultSymbols[OU] = "OU"; + DefaultSymbols[CN] = "CN"; + DefaultSymbols[L] = "L"; + DefaultSymbols[ST] = "ST"; + DefaultSymbols[SN] = "SN"; + DefaultSymbols[EmailAddress] = "E"; + DefaultSymbols[DC] = "DC"; + DefaultSymbols[UID] = "UID"; + DefaultSymbols[SURNAME] = "SURNAME"; + DefaultSymbols[GIVENNAME] = "GIVENNAME"; + DefaultSymbols[INITIALS] = "INITIALS"; + DefaultSymbols[GENERATION] = "GENERATION"; + } + /** A Hashtable with values */ + public Hashtable values = new Hashtable(); + + /** + * Constructs an X509 name + * @param seq an Asn1 Sequence + */ + public X509Name(Asn1Sequence seq) { + IEnumerator e = seq.GetEnumerator(); + + while (e.MoveNext()) { + Asn1Set sett = (Asn1Set)e.Current; + + for (int i = 0; i < sett.Count; i++) { + Asn1Sequence s = (Asn1Sequence)sett[i]; + String id = (String)DefaultSymbols[s[0]]; + if (id == null) + continue; + ArrayList vs = (ArrayList)values[id]; + if (vs == null) { + vs = new ArrayList(); + values[id] = vs; + } + vs.Add(((DerStringBase)s[1]).GetString()); + } + } + } + /** + * Constructs an X509 name + * @param dirName a directory name + */ + public X509Name(String dirName) { + X509NameTokenizer nTok = new X509NameTokenizer(dirName); + + while (nTok.HasMoreTokens()) { + String token = nTok.NextToken(); + int index = token.IndexOf('='); + + if (index == -1) { + throw new ArgumentException("badly formated directory string"); + } + + String id = token.Substring(0, index).ToUpper(System.Globalization.CultureInfo.InvariantCulture); + String value = token.Substring(index + 1); + ArrayList vs = (ArrayList)values[id]; + if (vs == null) { + vs = new ArrayList(); + values[id] = vs; + } + vs.Add(value); + } + + } + + public String GetField(String name) { + ArrayList vs = (ArrayList)values[name]; + return vs == null ? null : (String)vs[0]; + } + + /** + * gets a field array from the values Hashmap + * @param name + * @return an ArrayList + */ + public ArrayList GetFieldArray(String name) { + ArrayList vs = (ArrayList)values[name]; + return vs == null ? null : vs; + } + + /** + * getter for values + * @return a Hashtable with the fields of the X509 name + */ + public Hashtable GetFields() { + return values; + } + + /** + * @see java.lang.Object#toString() + */ + public override String ToString() { + return values.ToString(); + } + } + + /** + * class for breaking up an X500 Name into it's component tokens, ala + * java.util.StringTokenizer. We need this class as some of the + * lightweight Java environment don't support classes like + * StringTokenizer. + */ + public class X509NameTokenizer { + private String oid; + private int index; + private StringBuilder buf = new StringBuilder(); + + public X509NameTokenizer( + String oid) { + this.oid = oid; + this.index = -1; + } + + public bool HasMoreTokens() { + return (index != oid.Length); + } + + public String NextToken() { + if (index == oid.Length) { + return null; + } + + int end = index + 1; + bool quoted = false; + bool escaped = false; + + buf.Length = 0; + + while (end != oid.Length) { + char c = oid[end]; + + if (c == '"') { + if (!escaped) { + quoted = !quoted; + } + else { + buf.Append(c); + } + escaped = false; + } + else { + if (escaped || quoted) { + buf.Append(c); + escaped = false; + } + else if (c == '\\') { + escaped = true; + } + else if (c == ',') { + break; + } + else { + buf.Append(c); + } + } + end++; + } + + index = end; + return buf.ToString().Trim(); + } + } + } +} +