wartheking
/
DataStudy


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165
							#if !BESTHTTP_DISABLE_ALTERNATE_SSL && (!UNITY_WEBGL || UNITY_EDITOR)
#pragma warning disable
using System;
using System.Collections;
using System.IO;
using System.Text;

using BestHTTP.SecureProtocol.Org.BouncyCastle.Asn1;
using BestHTTP.SecureProtocol.Org.BouncyCastle.Asn1.Crmf;
using BestHTTP.SecureProtocol.Org.BouncyCastle.Asn1.Nist;
using BestHTTP.SecureProtocol.Org.BouncyCastle.Asn1.Pkcs;
using BestHTTP.SecureProtocol.Org.BouncyCastle.Asn1.X509;
using BestHTTP.SecureProtocol.Org.BouncyCastle.Crypto;
using BestHTTP.SecureProtocol.Org.BouncyCastle.Crypto.Engines;
using BestHTTP.SecureProtocol.Org.BouncyCastle.Crypto.Parameters;
using BestHTTP.SecureProtocol.Org.BouncyCastle.Pkcs;
using BestHTTP.SecureProtocol.Org.BouncyCastle.Utilities;
using BestHTTP.SecureProtocol.Org.BouncyCastle.Utilities.IO;
using BestHTTP.SecureProtocol.Org.BouncyCastle.X509;

namespace BestHTTP.SecureProtocol.Org.BouncyCastle.Crmf
{
    public class EncryptedValueBuilder
    {
        private readonly IKeyWrapper wrapper;
        private readonly ICipherBuilderWithKey encryptor;
        private readonly IEncryptedValuePadder padder;

        ///
        /// Create a builder that makes EncryptedValue structures.
        ///
        /// <param name="wrapper">wrapper a wrapper for key used to encrypt the actual data contained in the EncryptedValue.</param>
        /// <param name="encryptor">encryptor  an output encryptor to encrypt the actual data contained in the EncryptedValue. </param>
        ///
        public EncryptedValueBuilder(IKeyWrapper wrapper, ICipherBuilderWithKey encryptor)
            : this(wrapper, encryptor, null)
        {
        }

        ///
        /// Create a builder that makes EncryptedValue structures with fixed length blocks padded using the passed in padder.
        ///
        /// <param name="wrapper">a wrapper for key used to encrypt the actual data contained in the EncryptedValue.</param>
        /// <param name="encryptor">encryptor  an output encryptor to encrypt the actual data contained in the EncryptedValue.</param>
        /// <param name="padder">padder a padder to ensure that the EncryptedValue created will always be a constant length.</param>
        ///
        public EncryptedValueBuilder(IKeyWrapper wrapper, ICipherBuilderWithKey encryptor, IEncryptedValuePadder padder)
        {
            this.wrapper = wrapper;
            this.encryptor = encryptor;
            this.padder = padder;
        }

        ///
        /// Build an EncryptedValue structure containing the passed in pass phrase.
        ///
        /// <param name="revocationPassphrase">a revocation pass phrase.</param>
        ///<returns>an EncryptedValue containing the encrypted pass phrase.</returns>       
        ///
        public EncryptedValue Build(char[] revocationPassphrase)
        {
            return EncryptData(PadData(Strings.ToUtf8ByteArray(revocationPassphrase)));
        }

        ///<summary>
        /// Build an EncryptedValue structure containing the certificate contained in
        /// the passed in holder.
        ///</summary>
        /// <param name="holder">a holder containing a certificate.</param>
        ///  <returns>an EncryptedValue containing the encrypted certificate.</returns>
        /// <exception cref="CrmfException">on a failure to encrypt the data, or wrap the symmetric key for this value.</exception>
        ///
        public EncryptedValue Build(X509Certificate holder)
        {
            try
            {
                return EncryptData(PadData(holder.GetEncoded()));
            }
            catch (IOException e)
            {
                throw new CrmfException("cannot encode certificate: " + e.Message, e);
            }
        }

        ///<summary>
        /// Build an EncryptedValue structure containing the private key contained in
        /// the passed info structure.
        ///</summary>
        /// <param name="privateKeyInfo">a PKCS#8 private key info structure.</param>
        /// <returns>an EncryptedValue containing an EncryptedPrivateKeyInfo structure.</returns>
        /// <exception cref="CrmfException">on a failure to encrypt the data, or wrap the symmetric key for this value.</exception>
        ///
        public EncryptedValue Build(PrivateKeyInfo privateKeyInfo)
        {
            Pkcs8EncryptedPrivateKeyInfoBuilder encInfoBldr = new Pkcs8EncryptedPrivateKeyInfoBuilder(privateKeyInfo);

            AlgorithmIdentifier intendedAlg = privateKeyInfo.PrivateKeyAlgorithm;
            AlgorithmIdentifier symmAlg = (AlgorithmIdentifier)encryptor.AlgorithmDetails;
            DerBitString encSymmKey;

            try
            {
                Pkcs8EncryptedPrivateKeyInfo encInfo = encInfoBldr.Build(encryptor);

                encSymmKey = new DerBitString(wrapper.Wrap(((KeyParameter)encryptor.Key).GetKey()).Collect());

                AlgorithmIdentifier keyAlg = (AlgorithmIdentifier)wrapper.AlgorithmDetails;
                Asn1OctetString valueHint = null;

                return new EncryptedValue(intendedAlg, symmAlg, encSymmKey, keyAlg, valueHint, new DerBitString(encInfo.GetEncryptedData()));
            }
            catch (Exception e)
            {
                throw new CrmfException("cannot wrap key: " + e.Message, e);
            }
        }

        private EncryptedValue EncryptData(byte[] data)
        {
            MemoryOutputStream bOut = new MemoryOutputStream();
            Stream eOut = encryptor.BuildCipher(bOut).Stream;

            try
            {
                eOut.Write(data, 0, data.Length);
                BestHTTP.SecureProtocol.Org.BouncyCastle.Utilities.Platform.Dispose(eOut);
            }
            catch (IOException e)
            {
                throw new CrmfException("cannot process data: " + e.Message, e);
            }

            AlgorithmIdentifier intendedAlg = null;
            AlgorithmIdentifier symmAlg = (AlgorithmIdentifier)encryptor.AlgorithmDetails;

            DerBitString encSymmKey;
            try
            {
                encSymmKey = new DerBitString(wrapper.Wrap(((KeyParameter)encryptor.Key).GetKey()).Collect());
            }
            catch (Exception e)
            {
                throw new CrmfException("cannot wrap key: " + e.Message, e);
            }

            AlgorithmIdentifier keyAlg = (AlgorithmIdentifier)wrapper.AlgorithmDetails;
            Asn1OctetString valueHint = null;
            DerBitString encValue = new DerBitString(bOut.ToArray());

            return new EncryptedValue(intendedAlg, symmAlg, encSymmKey, keyAlg, valueHint, encValue);
        }

        private byte[] PadData(byte[] data)
        {
            if (padder != null)
            {
                return padder.GetPaddedData(data);
            }

            return data;
        }
    }
}
#pragma warning restore
#endif