Updated C# doc.

Removed EJBCA EnrollmentTest as it s not viable to produce an example on .Net Framework 2.0
novotnyllc · Jan 15, 2019 · 6614f7f · 6614f7f
1 parent f25f7be
commit 6614f7f
Show file tree

Hide file tree

Showing 17 changed files with 289 additions and 200 deletions.
diff --git a/crypto/src/asn1/crmf/CertRequest.cs b/crypto/src/asn1/crmf/CertRequest.cs
@@ -1,4 +1,5 @@
 using System;
+using Org.BouncyCastle.Crmf;
 
 namespace Org.BouncyCastle.Asn1.Crmf
 {

diff --git a/crypto/src/cmp/CertificateConfirmationContent.cs b/crypto/src/cmp/CertificateConfirmationContent.cs
@@ -1,6 +1,4 @@
-using System;
-using System.Collections.Generic;
-using System.Text;
+
 using Org.BouncyCastle.Cms;
 using Org.BouncyCastle.Asn1.Cmp;
 

diff --git a/crypto/src/cmp/CertificateConfirmationContentBuilder.cs b/crypto/src/cmp/CertificateConfirmationContentBuilder.cs
@@ -1,7 +1,4 @@
-using System;
-using System.Collections;
-using System.Collections.Generic;
-using System.Text;
+using System.Collections;
 using Org.BouncyCastle.Asn1;
 using Org.BouncyCastle.Asn1.Cmp;
 using Org.BouncyCastle.Asn1.X509;

diff --git a/crypto/src/cmp/CertificateStatus.cs b/crypto/src/cmp/CertificateStatus.cs
@@ -1,7 +1,4 @@
-using System;
-using System.Collections.Generic;
-using System.Text;
-using Org.BouncyCastle.Asn1.Cmp;
+using Org.BouncyCastle.Asn1.Cmp;
 using Org.BouncyCastle.Asn1.X509;
 using Org.BouncyCastle.Cms;
 using Org.BouncyCastle.Crypto.IO;

diff --git a/crypto/src/cmp/CmpException.cs b/crypto/src/cmp/CmpException.cs
@@ -1,7 +1,6 @@
 using System;
-using System.Collections.Generic;
 using System.Runtime.Serialization;
-using System.Text;
+
 
 namespace Org.BouncyCastle.Cmp
 {

diff --git a/crypto/src/cmp/GeneralPkiMessage.cs b/crypto/src/cmp/GeneralPkiMessage.cs
@@ -1,8 +1,4 @@
-using System;
-using System.Collections.Generic;
-using System.Text;
-
-namespace Org.BouncyCastle.Asn1.Cmp
+namespace Org.BouncyCastle.Asn1.Cmp
 {
     public class GeneralPKIMessage
     {
@@ -13,17 +9,28 @@ private static PkiMessage parseBytes(byte[] encoding)
             return PkiMessage.GetInstance(Asn1Object.FromByteArray(encoding));
         }
 
+
+        /// <summary>
+        /// Wrap a PKIMessage ASN.1 structure.
+        /// </summary>
+        /// <param name="pkiMessage">PKI message.</param>
         public GeneralPKIMessage(PkiMessage pkiMessage)
         {
             this.pkiMessage = pkiMessage;
         }
 
+        /// <summary>
+        /// Create a PKIMessage from the passed in bytes.
+        /// </summary>
+        /// <param name="encoding">BER/DER encoding of the PKIMessage</param>
         public GeneralPKIMessage(byte[] encoding) : this(parseBytes(encoding))
         {
         }
 
-        public PkiHeader Header {
-            get {
+        public PkiHeader Header
+        {
+            get
+            {
                 return pkiMessage.Header;
             }
         }
@@ -36,6 +43,10 @@ public PkiBody Body
             }
         }
 
+        /// <summary>
+        /// Return true if this message has protection bits on it. A return value of true
+        /// indicates the message can be used to construct a ProtectedPKIMessage.
+        /// </summary>
         public bool HasProtection
         {
             get { return pkiMessage.Protection != null; }

diff --git a/crypto/src/cmp/ProtectedPkiMessage.cs b/crypto/src/cmp/ProtectedPkiMessage.cs
@@ -1,38 +1,43 @@
 using Org.BouncyCastle.Asn1.X509;
 using Org.BouncyCastle.X509;
 using System;
-using System.Collections.Generic;
-using System.Text;
 using Org.BouncyCastle.Asn1;
 using Org.BouncyCastle.Asn1.Cmp;
-using Org.BouncyCastle.Asn1.Crmf;
-using Org.BouncyCastle.Asn1.Pkcs;
 using Org.BouncyCastle.Crypto;
-using Org.BouncyCastle.Crypto.Operators;
-using Org.BouncyCastle.Crypto.Paddings;
 using Org.BouncyCastle.Utilities;
-using Org.BouncyCastle.Utilities.Encoders;
+
 using Org.BouncyCastle.Crmf;
 
 namespace Org.BouncyCastle.Cmp
 {
-
+    /// <summary>
+    /// Wrapper for a PKIMessage with protection attached to it.
+    /// </summary>
     public class ProtectedPkiMessage
     {
         private PkiMessage pkiMessage;
-
 
+        /// <summary>
+        /// Wrap a general message.
+        /// </summary>
+        /// <exception cref="ArgumentException">If the general message does not have protection.</exception>
+        /// <param name="pkiMessage">The General message</param>
         public ProtectedPkiMessage(GeneralPKIMessage pkiMessage)
         {
-            
+
             if (!pkiMessage.HasProtection)
             {
                 throw new ArgumentException("pki message not protected");
             }
 
             this.pkiMessage = pkiMessage.ToAsn1Structure();
         }
-
+
+        /// <summary>
+        /// Wrap a PKI message.
+        /// </summary>
+        /// <exception cref="ArgumentException">If the PKI message does not have protection.</exception>
+        /// <param name="pkiMessage">The PKI message</param>
         public ProtectedPkiMessage(PkiMessage pkiMessage)
         {
             if (pkiMessage.Header.ProtectionAlg == null)
@@ -43,13 +48,33 @@ public ProtectedPkiMessage(PkiMessage pkiMessage)
             this.pkiMessage = pkiMessage;
         }
 
+        /// <summary>
+        /// Message header
+        /// </summary>
         public PkiHeader Header { get { return pkiMessage.Header; } }
+
+        /// <summary>
+        /// Message Body
+        /// </summary>
         public PkiBody Body { get { return pkiMessage.Body; } }
 
+        /// <summary>
+        /// Return the underlying ASN.1 structure contained in this object.
+        /// </summary>
+        /// <returns>PKI Message structure</returns>
         public PkiMessage ToAsn1Message() { return pkiMessage; }
 
+        /// <summary>
+        /// Determine whether the message is protected by a password based MAC. Use verify(PKMACBuilder, char[])
+        /// to verify the message if this method returns true.
+        /// </summary>
+        /// <returns>true if protection MAC PBE based, false otherwise.</returns>
         public bool HasPasswordBasedMacProtected { get { return Header.ProtectionAlg.Algorithm.Equals(CmpObjectIdentifiers.passwordBasedMac); } }
 
+        /// <summary>
+        /// Return the extra certificates associated with this message.
+        /// </summary>
+        /// <returns>an array of extra certificates, zero length if none present.</returns>
         public X509Certificate[] GetCertificates()
         {
             CmpCertificate[] certs = pkiMessage.GetExtraCerts();
@@ -60,14 +85,19 @@ public X509Certificate[] GetCertificates()
             }
 
             X509Certificate[] res = new X509Certificate[certs.Length];
-           for (int t=0; t<certs.Length;t++)
+            for (int t = 0; t < certs.Length; t++)
             {
                 res[t] = new X509Certificate(X509CertificateStructure.GetInstance(certs[t].GetEncoded()));
             }
 
             return res;
         }
 
+        /// <summary>
+        /// Verify a message with a public key based signature attached.
+        /// </summary>
+        /// <param name="verifierFactory">a factory of signature verifiers.</param>
+        /// <returns>true if the provider is able to create a verifier that validates the signature, false otherwise.</returns>      
         public bool Verify(IVerifierFactory verifierFactory)
         {
             IStreamCalculator streamCalculator = verifierFactory.CreateCalculator();
@@ -79,18 +109,25 @@ public bool Verify(IVerifierFactory verifierFactory)
 
         private Object Process(IStreamCalculator streamCalculator)
         {
-           Asn1EncodableVector avec = new Asn1EncodableVector();
-           avec.Add(pkiMessage.Header);
-           avec.Add(pkiMessage.Body);
-           byte[] enc =   new DerSequence(avec).GetDerEncoded();
-
-           streamCalculator.Stream.Write(enc,0,enc.Length);
-           streamCalculator.Stream.Flush();
-           streamCalculator.Stream.Close();
-          
-           return streamCalculator.GetResult();          
+            Asn1EncodableVector avec = new Asn1EncodableVector();
+            avec.Add(pkiMessage.Header);
+            avec.Add(pkiMessage.Body);
+            byte[] enc = new DerSequence(avec).GetDerEncoded();
+
+            streamCalculator.Stream.Write(enc, 0, enc.Length);
+            streamCalculator.Stream.Flush();
+            streamCalculator.Stream.Close();
+
+            return streamCalculator.GetResult();
         }
 
+        /// <summary>
+        /// Verify a message with password based MAC protection.
+        /// </summary>
+        /// <param name="pkMacBuilder">MAC builder that can be used to construct the appropriate MacCalculator</param>
+        /// <param name="password">the MAC password</param>
+        /// <returns>true if the passed in password and MAC builder verify the message, false otherwise.</returns>
+        /// <exception cref="InvalidOperationException">if algorithm not MAC based, or an exception is thrown verifying the MAC.</exception>
         public bool Verify(PKMacBuilder pkMacBuilder, char[] password)
         {
             if (!CmpObjectIdentifiers.passwordBasedMac.Equals(pkiMessage.Header.ProtectionAlg.Algorithm))

diff --git a/crypto/src/cmp/ProtectedPkiMessageBuilder.cs b/crypto/src/cmp/ProtectedPkiMessageBuilder.cs
@@ -1,13 +1,11 @@
 using System;
 using System.Collections;
-using Org.BouncyCastle.Asn1.Crmf;
 using Org.BouncyCastle.Asn1;
 using Org.BouncyCastle.Asn1.Cmp;
 using Org.BouncyCastle.Asn1.X509;
 using Org.BouncyCastle.Crypto;
 using Org.BouncyCastle.Crypto.Operators;
 using Org.BouncyCastle.X509;
-using Org.BouncyCastle.Crmf;
 
 namespace Org.BouncyCastle.Cmp
 {

diff --git a/crypto/src/crmf/AuthenticatorControl.cs b/crypto/src/crmf/AuthenticatorControl.cs
@@ -1,34 +1,48 @@
 using System;
-using System.Collections.Generic;
-using System.Text;
-
 using Org.BouncyCastle.Asn1;
 using Org.BouncyCastle.Asn1.Crmf;
 
 namespace Org.BouncyCastle.Crmf
 {
+    /// <summary>
+    /// Carrier for an authenticator control.
+    /// </summary>
     public class AuthenticatorControl:IControl
     {
 
         private static readonly DerObjectIdentifier type = CrmfObjectIdentifiers.id_regCtrl_authenticator;
 
         private readonly DerUtf8String token;
 
+        /// <summary>
+        /// Basic constructor - build from a UTF-8 string representing the token.
+        /// </summary>
+        /// <param name="token">UTF-8 string representing the token.</param>
         public AuthenticatorControl(DerUtf8String token)
         {
             this.token = token;
         }
 
+        /// <summary>
+        /// Basic constructor - build from a string representing the token.
+        /// </summary>
+        /// <param name="token">string representing the token.</param>
         public AuthenticatorControl(String token)
         {
             this.token = new DerUtf8String(token);
         }
 
+        /// <summary>
+        /// Return the type of this control.
+        /// </summary>
         public DerObjectIdentifier Type
         {
             get { return type; }
         }
 
+        /// <summary>
+        /// Return the token associated with this control (a UTF8String).
+        /// </summary>
         public Asn1Encodable Value {
             get { return token; }
         }