private ASNNode getPolicyUsage(ASNNode der)
{
return der.getChilds()[1].getChilds()[3];
}
private string getPolicyVydavatel(ASNNode der)
{
string ret = "";
string[,] convert = new string[,] {
{"2.5.4.43","I="},
{"2.5.4.42","G="},
{"2.5.4.12","T="},
{"2.5.4.11","OU="},
{"2.5.4.10","O="},
{"2.5.4.8","ST="},
{"2.5.4.7","L="},
{"2.5.4.6","C="},
{"2.5.4.4","SN="},
{"2.5.4.3","CN="}
};
for (int i = 0; i <= convert.GetUpperBound(0); i++) {
string code = convert[i, 0];
string add = convert[i, 1];
foreach (var asn in der.getChilds()[1].getChilds()[2].getChilds()[0].getChilds()[0].getChilds())
{
var id = asn.getChilds()[0].getChilds()[0].getValue();
var value = Encoding.UTF8.GetString(asn.getChilds()[0].getChilds()[1].getValue());
if (MyOid.getName(new Oid(code)).SequenceEqual(id))
{
if (ret != "") ret += ", ";
ret += add + value;
}
}
}
return ret;
}
private ASNNode getPolicyId(ASNNode der)
{
return der.getChilds()[1].getChilds()[0];
}
private ASNNode getPolicyUri(ASNNode der)
{
return der.getChilds()[1].getChilds()[2].getChilds()[1];
}
private byte[] createShortPolicy(byte[] der,bool trim)
{
try
{
File.WriteAllBytes("d:/policy.der", der);
var dercorelist = ASNNode.parse(der);
ASNNode dercore = (ASNNode) dercorelist[0];
ASNNode seq1;
ASNNode seq2;
ASNNode seq3;
ASNNode seq4;
ASNNode seq5;
ASNNode ret = new ASNNode(AsnTag.SEQUENCE);
ret.AppendChild(getPolicyId(dercore));
seq1 = new ASNNode(AsnTag.SEQUENCE);
seq2 = new ASNNode(AsnTag.SEQUENCE);
seq2.AppendChild(new ASNNode(new Oid("2.16.840.1.101.3.4.2.1")));
seq1.AppendChild(seq2);
seq1.AppendChild(getPolicyHash(dercore));
ret.AppendChild(seq1);
seq1 = new ASNNode(AsnTag.SEQUENCE);
seq2 = new ASNNode(AsnTag.SEQUENCE);
seq2.AppendChild(new ASNNode(new Oid("1.2.840.113549.1.9.16.5.2")));
seq3 = new ASNNode(AsnTag.SEQUENCE);
seq4 = new ASNNode(AsnTag.SEQUENCE);
string vydavatel = getPolicyVydavatel(dercore);
//vydavatel = "test";
//vydavatel = "C=SK, L=Bratislava, O=Narodny bezpecnostny urad, OU=Sekcia IBEP";
//vydavatel = "C=SK, L=Bratislava, O=Narodny bezpecnostny urad, OU=Sekcia IBEA";
seq4.AppendChild(new ASNNode(vydavatel, AsnTag.UTF8_STRING));
//seq3.AppendChild(new ASNNode(Encoding.UTF8.GetBytes(getPolicyVydavatel(dercore)), AsnTag.UTF8_STRING));
//seq3.AppendChild(new ASNNode(Encoding.UTF8.GetBytes(getPolicyVydavatel(dercore)), AsnTag.UTF8_STRING));
seq5 = new ASNNode(AsnTag.SEQUENCE);
seq5.AppendChild(new ASNNode(1));
seq4.AppendChild(seq5);
/**/
seq3.AppendChild(seq4);
seq3.AppendChild(getPolicyUsage(dercore));
seq2.AppendChild(seq3);
seq1.AppendChild(seq2);
seq2 = new ASNNode(AsnTag.SEQUENCE);
seq2.AppendChild(new ASNNode(new Oid("1.2.840.113549.1.9.16.5.1")));
seq2.AppendChild(new ASNNode(getPolicyUri(dercore).getValue(),AsnTag.IA5_STRING));
seq1.AppendChild(seq2);
/**/
ret.AppendChild(seq1);
if (!trim) return ret.get();
byte[] policy = ret.get();
byte[] policy2 = new byte[policy.Length - 4];
Buffer.BlockCopy(policy, 4, policy2, 0, policy2.Length);
return policy2;
}
catch (Exception exc) {
throw new Exception("Nepodarilo sa vytvoriť súbor policy. "+exc.Message);
}
}
private ASNNode getPolicyHash(ASNNode der)
{
return der.getChilds()[der.getChilds().Length - 1];
}
public static byte[] get(X509Chain chain)
{
ASNNode root = new ASNNode(AsnTag.SEQUENCE);
ASNNode node;
root.AppendChild(node = new ASNNode(AsnTag.CONTEXT_SPECIFIC1));
node.AppendChild(node = new ASNNode(AsnTag.SEQUENCE));
int i = 0;
foreach (X509ChainElement chainEl in chain.ChainElements)
{
i++;
ArrayList adresyCRL = new ArrayList();
foreach (X509Extension ext in chainEl.Certificate.Extensions)
{
if (ext.Oid.Value == "2.5.29.31")
{
adresyCRL = Crls.generateCrlAddresses(ext.RawData);
}
}
foreach (string url in adresyCRL)
{
byte[] crl = Crls.getCrl(url);
if (crl.Length > 0)
node.AppendChild(new ASNNode(crl, AsnTag.RAW_DATA));
}
}
return root.get();
}
public static byte[] get(X509Chain chain)
{
ASNNode root = new ASNNode(AsnTag.SEQUENCE);
int i = 0;
foreach (X509ChainElement chainEl in chain.ChainElements)
{
i++;
if (i == 1) continue;
root.AppendChild(new ASNNode(chainEl.Certificate.RawData,AsnTag.RAW_DATA));
}
return root.get();
}
public ESSCertIDv2(X509Certificate2 cert)
{
// ASNTree root = new ASNTree(AsnTag.SEQUENCE);
ASNNode root = new ASNNode(AsnTag.SEQUENCE);
ASNNode node;
ASNNode node2;
ASNNode node3;
root.AppendChild(node = new ASNNode(AsnTag.SEQUENCE));
node.AppendChild(node = new ASNNode(AsnTag.SEQUENCE));
node2 = new ASNNode(cert.GetCertHash());
node2.Type = AsnTag.OCTET_STRING;
node.AppendChild(node2);
node3 = new ASNNode(cert.GetSerialNumber());
node3.Type = AsnTag.INTEGER;
node3.ReverseData();
node.AppendChild(node = new ASNNode(AsnTag.SEQUENCE));
node.AppendChild(node2 = new ASNNode(AsnTag.SEQUENCE));
node.AppendChild(node3);
node2.AppendChild(node = new ASNNode(AsnTag.CONTEXT_SPECIFIC));
node.AppendChild(new ASNNode(cert.IssuerName.RawData, AsnTag.RAW_DATA));
ret = root.get();
return;
}
public static byte[] get(X509Chain chain)
{
ASNNode root = new ASNNode(AsnTag.SEQUENCE);
ASNNode node;
ASNNode node2;
SHA256 shaM = new SHA256Managed();
int i = 0;
foreach (X509ChainElement chainEl in chain.ChainElements)
{
i++;
if (i == 1) continue;
root.AppendChild(node = new ASNNode(AsnTag.SEQUENCE));
node.AppendChild(node = new ASNNode(AsnTag.SEQUENCE));
node.AppendChild(node2 = new ASNNode(AsnTag.SEQUENCE));
node.AppendChild(new ASNNode(shaM.ComputeHash(chainEl.Certificate.RawData), AsnTag.OCTET_STRING));
node2.AppendChild(new ASNNode(new System.Security.Cryptography.Oid("2.16.840.1.101.3.4.2.1")));
node2.AppendChild(new ASNNode(AsnTag.NULL));
}
return root.get();
}
public static byte[] get(X509Chain chain)
{
ASNNode root = new ASNNode(AsnTag.SEQUENCE);
ASNNode node;
ASNNode node2;
int i = 0;
foreach (X509ChainElement chainEl in chain.ChainElements)
{
i++;
byte[] hash = null;
SHA256 shaM = new SHA256Managed();
UTF8Encoding enc = new UTF8Encoding();
ArrayList adresyCRL = new ArrayList() ;
foreach (X509Extension ext in chainEl.Certificate.Extensions) {
if (ext.Oid.Value == "2.5.29.31") {
adresyCRL = Crls.generateCrlAddresses(ext.RawData);
}
}
foreach (string url in adresyCRL) {
byte[] crl = Crls.getCrl(url);
if (crl.Length > 0)
{
hash = shaM.ComputeHash(crl);
}
}
if (hash == null) continue;
root.AppendChild(node = new ASNNode(AsnTag.SEQUENCE));
node.AppendChild(node = new ASNNode(AsnTag.CONTEXT_SPECIFIC1));
node.AppendChild(node = new ASNNode(AsnTag.SEQUENCE));
node.AppendChild(node = new ASNNode(AsnTag.SEQUENCE));
node.AppendChild(node = new ASNNode(AsnTag.SEQUENCE));
node.AppendChild(node2 = new ASNNode(AsnTag.SEQUENCE));
node2.AppendChild(node = new ASNNode(AsnTag.SEQUENCE));
node.AppendChild(new ASNNode(new System.Security.Cryptography.Oid("2.16.840.1.101.3.4.2.1")));
node.AppendChild(new ASNNode(AsnTag.NULL));
node2.AppendChild(node = new ASNNode(hash));
node.Type = AsnTag.OCTET_STRING;
}
return root.get();
}
