2 // EnvelopedPkcs7.cs - System.Security.Cryptography.Pkcs.EnvelopedPkcs7
5 // Sebastien Pouliot (spouliot@motus.com)
7 // (C) 2003 Motus Technologies Inc. (http://www.motus.com)
13 using System.Collections;
14 using System.Security.Cryptography.X509Certificates;
15 using System.Security.Cryptography.Xml;
20 namespace System.Security.Cryptography.Pkcs {
23 // a. PKCS #7: Cryptographic Message Syntax, Version 1.5, Section 10
24 // http://www.faqs.org/rfcs/rfc2315.html
26 public class EnvelopedPkcs7 {
28 private ContentInfo _content;
29 private AlgorithmIdentifier _identifier;
30 private X509CertificateExCollection _certs;
31 private RecipientInfoCollection _recipients;
32 private Pkcs9AttributeCollection _uattribs;
33 private SubjectIdentifierType _idType;
38 public EnvelopedPkcs7 ()
40 _certs = new X509CertificateExCollection ();
41 _recipients = new RecipientInfoCollection ();
42 _uattribs = new Pkcs9AttributeCollection ();
45 public EnvelopedPkcs7 (ContentInfo content) : this ()
48 throw new ArgumentNullException ("content");
53 public EnvelopedPkcs7 (ContentInfo contentInfo, AlgorithmIdentifier encryptionAlgorithm)
56 if (encryptionAlgorithm == null)
57 throw new ArgumentNullException ("encryptionAlgorithm");
59 _identifier = encryptionAlgorithm;
62 public EnvelopedPkcs7 (SubjectIdentifierType recipientIdentifierType, ContentInfo contentInfo)
65 _idType = recipientIdentifierType;
66 _version = ((_idType == SubjectIdentifierType.SubjectKeyIdentifier) ? 2 : 0);
69 public EnvelopedPkcs7 (SubjectIdentifierType recipientIdentifierType, ContentInfo contentInfo, AlgorithmIdentifier encryptionAlgorithm)
70 : this (contentInfo, encryptionAlgorithm)
72 _idType = recipientIdentifierType;
73 _version = ((_idType == SubjectIdentifierType.SubjectKeyIdentifier) ? 2 : 0);
78 public X509CertificateExCollection Certificates {
79 get { return _certs; }
82 public AlgorithmIdentifier ContentEncryptionAlgorithm {
84 if (_identifier == null)
85 _identifier = new AlgorithmIdentifier ();
90 public ContentInfo ContentInfo {
92 if (_content == null) {
93 Oid oid = new Oid (PKCS7.data);
94 _content = new ContentInfo (oid, new byte [0]);
100 public RecipientInfoCollection RecipientInfos {
101 get { return _recipients; }
104 public Pkcs9AttributeCollection UnprotectedAttributes {
105 get { return _uattribs; }
109 get { return _version; }
114 private X509IssuerSerial GetIssuerSerial (string issuer, byte[] serial)
116 X509IssuerSerial xis = new X509IssuerSerial ();
117 xis.IssuerName = issuer;
118 StringBuilder sb = new StringBuilder ();
119 foreach (byte b in serial)
120 sb.Append (b.ToString ("X2"));
121 xis.SerialNumber = sb.ToString ();
126 public void Decode (byte[] encodedMessage)
128 if (encodedMessage == null)
129 throw new ArgumentNullException ("encodedMessage");
131 PKCS7.ContentInfo ci = new PKCS7.ContentInfo (encodedMessage);
132 if (ci.ContentType != PKCS7.envelopedData)
133 throw new Exception ("");
135 PKCS7.EnvelopedData ed = new PKCS7.EnvelopedData (ci.Content);
137 Oid oid = new Oid (ed.ContentInfo.ContentType);
138 _content = new ContentInfo (oid, new byte [0]); //ed.ContentInfo.Content.Value);
140 foreach (PKCS7.RecipientInfo ri in ed.RecipientInfos) {
141 Oid o = new Oid (ri.Oid);
142 AlgorithmIdentifier ai = new AlgorithmIdentifier (o);
143 SubjectIdentifier si = null;
144 if (ri.SubjectKeyIdentifier != null) {
145 si = new SubjectIdentifier (SubjectIdentifierType.SubjectKeyIdentifier, ri.SubjectKeyIdentifier);
147 else if ((ri.Issuer != null) && (ri.Serial != null)) {
148 X509IssuerSerial xis = GetIssuerSerial (ri.Issuer, ri.Serial);
149 si = new SubjectIdentifier (SubjectIdentifierType.IssuerAndSerialNumber, (object)xis);
152 KeyTransRecipientInfo _keyTrans = new KeyTransRecipientInfo (ri.Key, ai, si, ri.Version);
153 _recipients.Add (_keyTrans);
156 // TODO - Certificates
157 // TODO - UnprotectedAttributes
159 _version = ed.Version;
163 public void Decrypt ()
165 throw new InvalidOperationException ("not encrypted");
169 public void Decrypt (RecipientInfo recipientInfo)
171 if (recipientInfo == null)
172 throw new ArgumentNullException ("recipientInfo");
177 public void Decrypt (RecipientInfo recipientInfo, X509CertificateExCollection extraStore)
179 if (recipientInfo == null)
180 throw new ArgumentNullException ("recipientInfo");
181 if (extraStore == null)
182 throw new ArgumentNullException ("extraStore");
187 public void Decrypt (X509CertificateExCollection extraStore)
189 if (extraStore == null)
190 throw new ArgumentNullException ("extraStore");
195 public byte[] Encode ()
197 throw new InvalidOperationException ("not encrypted");
201 public void Encrypt ()
203 if ((_content.Content == null) || (_content.Content.Length == 0))
204 throw new CryptographicException ("no content to encrypt");
208 public void Encrypt (Pkcs7Recipient recipient)
210 if (recipient == null)
211 throw new ArgumentNullException ("recipient");
217 public void Encrypt (Pkcs7RecipientCollection recipients)
219 if (recipients == null)
220 throw new ArgumentNullException ("recipients");
221 // ? foreach on Encrypt Pkcs7Recipient ?