Pkcs7.cs

Contains the cryptographic PKCS #7 standard code. For digital signatures and asymmetric encryption

// ------------------------------------------------------------------------------------------
// <copyright file="Pkcs7.cs" company="SecMaker AB">
//   SecMaker AB
// </copyright>
// <summary>
//   Defines the Pkcs7 class.
// </summary>
// ------------------------------------------------------------------------------------------

namespace SecMaker.NiP.Client
{
	using System;
	using System.Linq;
	using System.Security.Cryptography.Pkcs;
	using System.Security.Cryptography.X509Certificates;

	public class Pkcs7
	{
		public byte[] Encrypt(byte[] data, X509Certificate2Collection x509Col)
		{
			try
			{
				var content =
					new ContentInfo(data);

				var envelopedCms =
					new EnvelopedCms(content);

				var colReciptients =
					new CmsRecipientCollection();

				foreach (var encryptionCert in x509Col)
				{
					var recipient =
						new CmsRecipient(SubjectIdentifierType.IssuerAndSerialNumber, encryptionCert);
					colReciptients.Add(recipient);
				}

				envelopedCms.Encrypt(colReciptients);

				var encoded = envelopedCms.Encode();

				return encoded;
			}
			catch (Exception err)
			{
				Console.WriteLine("Error: " + err.Message);

				return null;
			}
		}

		public byte[] Decrypt(byte[] data, X509Certificate2Collection x509Col)
		{
			try
			{
				var content =
					new ContentInfo(data);

				var envelopedCms =
					new EnvelopedCms(content);

				envelopedCms.Decode(data);

				if (x509Col != null)
				{
					if (x509Col.Count > 0)
					{
						envelopedCms.Decrypt(x509Col);
					}
					else
					{
						envelopedCms.Decrypt();
					}
				}
				else
				{
					envelopedCms.Decrypt();
				}

				var decryptedData =
					envelopedCms.ContentInfo.Content;

				return decryptedData;
			}
			catch (Exception err)
			{
				Console.WriteLine("Error: " + err.Message);

				return null;
			}
		}

		public byte[] SignData(byte[] dataToBeSigned, X509Certificate2 x509Cert, bool silent)
		{
			try
			{
				var content =
					new ContentInfo(dataToBeSigned);

				var signedMessage =
					new SignedCms(content);

				var signer =
					new CmsSigner(x509Cert)
					{
						IncludeOption = X509IncludeOption.EndCertOnly
					};

				signedMessage.ComputeSignature(signer, silent);

				var signedBytes =
					signedMessage.Encode();

				return signedBytes;
			}
			catch (Exception err)
			{
				Console.WriteLine("Error: " + err.Message);

				return null;
			}
		}

		public byte[] VerifyData(byte[] dataToBeVerified, X509Certificate2 x509Cert)
		{
			try
			{
				var signedCms =
					new SignedCms();

				signedCms.Decode(dataToBeVerified);
				signedCms.CheckSignature(true);

				if (x509Cert != null)
				{
					var x509CertCollection =
						new X509Certificate2Collection(signedCms.Certificates);

					var isCertVerified =
						x509CertCollection.Cast<X509Certificate2>().Contains(x509Cert);

					if (!isCertVerified)
					{
						return null;
					}
				}

				var content =
					signedCms.ContentInfo.Content;

				return content;
			}
			catch (Exception err)
			{
				Console.WriteLine("Error: " + err.Message);

				return null;
			}
		}
	}
}