mirrored from https://www.bouncycastle.org/repositories/bc-csharp
-
Notifications
You must be signed in to change notification settings - Fork 602
Expand file tree
/
Copy pathCMSAuthEnvelopedData.cs
More file actions
107 lines (86 loc) · 4.08 KB
/
Copy pathCMSAuthEnvelopedData.cs
File metadata and controls
107 lines (86 loc) · 4.08 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
using System.IO;
using Org.BouncyCastle.Asn1;
using Org.BouncyCastle.Asn1.Cms;
using Org.BouncyCastle.Asn1.X509;
using Org.BouncyCastle.Crypto.Parameters;
namespace Org.BouncyCastle.Cms
{
/// <summary>Containing class for a CMS AuthEnvelopedData object.</summary>
internal class CmsAuthEnvelopedData
{
private readonly ContentInfo m_contentInfo;
private readonly AuthEnvelopedData m_authEnvelopedData;
private readonly OriginatorInformation m_originatorInformation;
private readonly RecipientInformationStore m_recipientInfoStore;
public CmsAuthEnvelopedData(byte[] authEnvData)
: this(CmsUtilities.ReadContentInfo(authEnvData))
{
}
public CmsAuthEnvelopedData(Stream authEnvData)
: this(CmsUtilities.ReadContentInfo(authEnvData))
{
}
public CmsAuthEnvelopedData(ContentInfo contentInfo)
{
m_contentInfo = contentInfo;
m_authEnvelopedData = CmsUtilities.SafeGetContent(contentInfo, AuthEnvelopedData.GetInstance);
var originatorInfo = m_authEnvelopedData.OriginatorInfo;
m_originatorInformation = originatorInfo == null ? null : new OriginatorInformation(originatorInfo);
//
// read the recipients
//
Asn1Set recipientInfos = m_authEnvelopedData.RecipientInfos;
//
// read the auth-encrypted content info
//
//EncryptedContentInfo authEncInfo = m_authEnvelopedData.AuthEncryptedContentInfo;
//this.authEncAlg = authEncInfo.ContentEncryptionAlgorithm;
CmsSecureReadable secureReadable = new AuthEnvelopedSecureReadable(this);
//
// build the RecipientInformationStore
//
m_recipientInfoStore = CmsEnvelopedHelper.BuildRecipientInformationStore(
recipientInfos, secureReadable);
// FIXME These need to be passed to the AEAD cipher as AAD (Additional Authenticated Data)
//authAttrs = authEnvData.AuthAttrs;
//mac = authEnvData.Mac.GetOctets();
//unauthAttrs = authEnvData.UnauthAttrs;
}
public AuthEnvelopedData AuthEnvelopedData => m_authEnvelopedData;
public OriginatorInformation OriginatorInformation => m_originatorInformation;
public AlgorithmIdentifier ContentEncryptionAlgorithm =>
AuthEnvelopedData.AuthEncryptedContentInfo.ContentEncryptionAlgorithm;
public Asn1.Cms.AttributeTable GetAuthAttrs() => AuthEnvelopedData.AuthAttrs?.ToAttributeTable();
public Asn1.Cms.AttributeTable GetUnauthAttrs() => AuthEnvelopedData.UnauthAttrs?.ToAttributeTable();
private class AuthEnvelopedSecureReadable
: CmsSecureReadable
{
private readonly CmsAuthEnvelopedData m_parent;
internal AuthEnvelopedSecureReadable(CmsAuthEnvelopedData parent)
{
m_parent = parent;
}
public AlgorithmIdentifier Algorithm => m_parent.ContentEncryptionAlgorithm;
public object CryptoObject => null;
public CmsReadable GetReadable(KeyParameter key)
{
// TODO Create AEAD cipher instance to decrypt and calculate tag ( MAC)
throw new CmsException("AuthEnveloped data decryption not yet implemented");
// RFC 5084 ASN.1 Module
// -- Parameters for AlgorithmIdentifier
//
// CCMParameters ::= SEQUENCE {
// aes-nonce OCTET STRING (SIZE(7..13)),
// aes-ICVlen AES-CCM-ICVlen DEFAULT 12 }
//
// AES-CCM-ICVlen ::= INTEGER (4 | 6 | 8 | 10 | 12 | 14 | 16)
//
// GCMParameters ::= SEQUENCE {
// aes-nonce OCTET STRING, -- recommended size is 12 octets
// aes-ICVlen AES-GCM-ICVlen DEFAULT 12 }
//
// AES-GCM-ICVlen ::= INTEGER (12 | 13 | 14 | 15 | 16)
}
}
}
}