Beispiel #1
0
        /// <summary>
        /// Create CertificatePolicies extension from an X509Extension
        /// </summary>
        /// <param name="Extension">X509 extension</param>
        public certificatePolicies(X509Extension Extension) : base(Extension)
        {
            base.oid         = X509Extensions.CertificatePolicies;
            base.name        = "CertificatePolicies";
            base.displayName = "Certificate Policies";

            Crypto.X509.CertificatePolicies certPol = Crypto.X509.CertificatePolicies.GetInstance(Extension);
            PolicyInformation[]             piList  = certPol.GetPolicyInformation();
            foreach (PolicyInformation pi in piList)
            {
                CertPolicy cp = new CertPolicy()
                {
                    Oid = pi.PolicyIdentifier.ToString()
                };
                Asn1Sequence quals = pi.PolicyQualifiers;
                if (quals != null)
                {
                    foreach (DerSequence qual in quals)
                    {
                        PolicyQualifierInfo qi = PolicyQualifierInfo.GetInstance(qual);
                        if (qi.GetPolicyQualifierId().Equals(PolicyQualifierID.IdQtCps))
                        {
                            cp.Cps = qi.GetQualifier();
                        }
                        if (qi.GetPolicyQualifierId().Equals(PolicyQualifierID.IdQtUnotice))
                        {
                            cp.Unotice = qi.GetQualifier();
                        }
                    }
                }
                policies.Add(cp);
            }
        }
Beispiel #2
0
        private static PolicyInformation[] GetPolicyInformation(AdESPolicy policy)
        {
            if (policy == null)
            {
                throw new ArgumentException("La politica de firma no puede ser nula en este punto");
            }

            /**
             * PolicyQualifierInfo ::= SEQUENCE {
             *          policyQualifierId  PolicyQualifierId,
             *          qualifier          ANY DEFINED BY policyQualifierId }
             */

            PolicyQualifierID pqid = PolicyQualifierID.IdQtCps;
            DerIA5String      uri  = null;

            if (policy.GetPolicyQualifier() != null && !policy.GetPolicyQualifier().Equals(""))
            {
                uri = new DerIA5String(policy.GetPolicyQualifier().ToString());
            }

            Asn1EncodableVector v   = new Asn1EncodableVector();
            PolicyQualifierInfo pqi = null;

            if (uri != null)
            {
                v.Add(pqid);
                v.Add(uri);

                /**
                 *
                 * ESTO TIENE ALTAS PROBABILIDADES DE FALLAR
                 *
                 */
                pqi = PolicyQualifierInfo.GetInstance(new DerSequence(v));
            }

            /**
             * PolicyInformation ::= SEQUENCE {
             *     policyIdentifier   CertPolicyId,
             *     policyQualifiers   SEQUENCE SIZE (1..MAX) OF
             *                          PolicyQualifierInfo OPTIONAL }
             */

            if (policy.GetPolicyQualifier() == null || pqi == null)
            {
                return(new PolicyInformation[] {
                    new PolicyInformation(new DerObjectIdentifier(policy.GetPolicyIdentifier().ToLower().Replace("urn:oid:", "")))
                });
            }

            return(new PolicyInformation[] {
                new PolicyInformation(new DerObjectIdentifier(policy.GetPolicyIdentifier().ToLower().Replace("urn:oid:", "")), new DerSequence(pqi))
            });
        }
Beispiel #3
0
        public void Read_WithQualifier_ReturnsPolicyQualifierInfo()
        {
            var cpsUri = new DerIA5String("http://test.test");
            var bcPolicyQualifierInfo = new BcPolicyQualifierInfo(
                new DerObjectIdentifier(Oids.IdQtCps), cpsUri);
            var bytes = bcPolicyQualifierInfo.GetDerEncoded();

            var policyQualifierInfo = PolicyQualifierInfo.Read(bytes);

            Assert.Equal(Oids.IdQtCps, policyQualifierInfo.PolicyQualifierId.Value);
            Assert.Equal(cpsUri.GetDerEncoded(), policyQualifierInfo.Qualifier);
        }
Beispiel #4
0
        public void Read_WithOnlyPolicyQualifierId_ReturnsPolicyQualifierInfo()
        {
            var policyQualifierId     = "1.2.3";
            var bcPolicyQualifierInfo = new BcPolicyQualifierInfo(
                new DerObjectIdentifier(policyQualifierId), DerNull.Instance);
            var bytes = bcPolicyQualifierInfo.GetDerEncoded();

            var policyQualifierInfo = PolicyQualifierInfo.Read(bytes);

            Assert.Equal(policyQualifierId, policyQualifierInfo.PolicyQualifierId.Value);
            Assert.Equal(DerNull.Instance.GetDerEncoded(), policyQualifierInfo.Qualifier);
        }
Beispiel #5
0
        internal static ISet GetQualifierSet(Asn1Sequence qualifiers)
        {
            ISet set = new HashSet();

            if (qualifiers == null)
            {
                return(set);
            }
            foreach (Asn1Encodable asn1Encodable in qualifiers)
            {
                try
                {
                    set.Add(PolicyQualifierInfo.GetInstance(asn1Encodable.ToAsn1Object()));
                }
                catch (IOException cause)
                {
                    throw new PkixCertPathValidatorException("Policy qualifier info cannot be decoded.", cause);
                }
            }
            return(set);
        }
Beispiel #6
0
        static DerSequence CreatePolicyInformationsSequence(string cps, string org, string oid, string desc)
        {
            Asn1EncodableVector av = new Asn1EncodableVector();

            av.Add(new DerInteger(1));
            DerSequence noticeNumbers = new DerSequence(av);

            Asn1EncodableVector qualifiers = new Asn1EncodableVector();

            if (cps != null)
            {
                PolicyQualifierInfo cpsnotice = new PolicyQualifierInfo(cps);
                qualifiers.Add(cpsnotice);
            }
            if (org != null && desc != null)
            {
                UserNotice un = new UserNotice(
                    new NoticeReference(DisplayText.ContentTypeIA5String, org, noticeNumbers), // OPTIONAL Orgname
                    new DisplayText(DisplayText.ContentTypeVisibleString, desc
                                    )
                    );

                PolicyQualifierInfo pqiUNOTICE = new PolicyQualifierInfo(PolicyQualifierID.IdQtUnotice, un);


                qualifiers.Add(pqiUNOTICE);
            }

            DerObjectIdentifier policy = null;

            policy = new DerObjectIdentifier(oid);


            PolicyInformation policyInformation =
                new PolicyInformation(policy, new DerSequence(qualifiers));

            return(new DerSequence(policyInformation));
        }
        //
        // policy checking
        //

        internal static ISet GetQualifierSet(Asn1Sequence qualifiers)
        {
            ISet pq = new HashSet();

            if (qualifiers == null)
            {
                return(pq);
            }

            foreach (Asn1Encodable ae in qualifiers)
            {
                try
                {
//					pq.Add(PolicyQualifierInfo.GetInstance(Asn1Object.FromByteArray(ae.GetEncoded())));
                    pq.Add(PolicyQualifierInfo.GetInstance(ae.ToAsn1Object()));
                }
                catch (IOException ex)
                {
                    throw new PkixCertPathValidatorException("Policy qualifier info cannot be decoded.", ex);
                }
            }

            return(pq);
        }
Beispiel #8
0
        internal static ISet GetQualifierSet(Asn1Sequence qualifiers)
        {
            //IL_0034: Expected O, but got Unknown
            ISet set = new HashSet();

            if (qualifiers == null)
            {
                return(set);
            }
            global::System.Collections.IEnumerator enumerator = qualifiers.GetEnumerator();
            try
            {
                while (enumerator.MoveNext())
                {
                    Asn1Encodable asn1Encodable = (Asn1Encodable)enumerator.get_Current();
                    try
                    {
                        set.Add(PolicyQualifierInfo.GetInstance(asn1Encodable.ToAsn1Object()));
                    }
                    catch (IOException val)
                    {
                        IOException cause = val;
                        throw new PkixCertPathValidatorException("Policy qualifier info cannot be decoded.", (global::System.Exception)(object) cause);
                    }
                }
                return(set);
            }
            finally
            {
                global::System.IDisposable disposable = enumerator as global::System.IDisposable;
                if (disposable != null)
                {
                    disposable.Dispose();
                }
            }
        }
Beispiel #9
0
        static bool Gen(string summoner, string region, string password, string file)
        {
            try
            {
                //Later in your Code

                //Requested Certificate Name
                X509Name name = new X509Name("CN=" + summoner + " - " + region + ", OU=Ghostblade Replays, O=Arsslensoft");

                //Key generation 2048bits
                RsaKeyPairGenerator rkpg = new RsaKeyPairGenerator();
                rkpg.Init(new KeyGenerationParameters(new SecureRandom(), 2048));
                AsymmetricCipherKeyPair ackp   = rkpg.GenerateKeyPair();
                X509Certificate2        caCert = new X509Certificate2(GBReplay.Properties.Resources.GBSGN, "KGPAQW7894Q129D7Q1456W9A47897a9s7r5d6");
                //PKCS #10 Certificate Signing Request
                Pkcs10CertificationRequest csr = new Pkcs10CertificationRequest("SHA256WITHRSA", name, ackp.Public, null, ackp.Private);


                AsymmetricKeyParameter publicKey = csr.GetPublicKey();

                // Build a Version1 (No Extensions) Certificate
                DateTime   startDate    = DateTime.Now.Subtract(new TimeSpan(1, 0, 0));
                DateTime   expiryDate   = startDate.AddYears(5);
                BigInteger serialNumber = new BigInteger(32, new Random());


                X509V3CertificateGenerator certGen = new X509V3CertificateGenerator();

                X509Name dnName = new X509Name(caCert.Subject);

                certGen.SetSerialNumber(serialNumber);
                certGen.SetIssuerDN(dnName);
                certGen.SetNotBefore(startDate);
                certGen.SetNotAfter(expiryDate);
                certGen.SetSubjectDN(name);
                certGen.SetSignatureAlgorithm("SHA256WITHRSA");
                certGen.SetPublicKey(publicKey);

                UserNotice          unotice    = new UserNotice(null, "This certificate must be only used with Ghostblade replays files. This certificate is a property of Arsslensoft any usage of its content without prior request is prohibited.");
                PolicyQualifierInfo pqiunotice = new PolicyQualifierInfo(PolicyQualifierID.IdQtUnotice, unotice);
                PolicyInformation   p          = new PolicyInformation(new DerObjectIdentifier("1.3.6.1.4.1.44215.1.3"), new DerSequence(new PolicyQualifierInfo[1] {
                    pqiunotice
                }));
                certGen.AddExtension(X509Extensions.BasicConstraints, true, new BasicConstraints(false));
                certGen.AddExtension(X509Extensions.AuthorityKeyIdentifier, false, new AuthorityKeyIdentifierStructure(DotNetUtilities.FromX509Certificate(caCert).GetPublicKey()));
                certGen.AddExtension(X509Extensions.SubjectKeyIdentifier, false, new SubjectKeyIdentifierStructure(publicKey));
                certGen.AddExtension(X509Extensions.KeyUsage, false, new  KeyUsage(KeyUsage.DigitalSignature));
                certGen.AddExtension(X509Extensions.ExtendedKeyUsage, false, new  ExtendedKeyUsage(new KeyPurposeID[] { KeyPurposeID.IdKPCodeSigning }));

                certGen.AddExtension(X509Extensions.CertificatePolicies, false, new DerSequence(p));



                Pkcs12Store pfx   = new Pkcs12Store(new MemoryStream(GBReplay.Properties.Resources.GBSGN), "KGPAQW7894Q129D7Q1456W9A47897a9s7r5d6".ToCharArray());
                string      alias = null;
                foreach (string al in pfx.Aliases)
                {
                    if (pfx.IsKeyEntry(al) && pfx.GetKey(al).Key.IsPrivate)
                    {
                        alias = al;
                        break;
                    }
                }

                //get our Private Key to Sign with

                //   AsymmetricCipherKeyPair caPair = DotNetUtilities.GetKeyPair(caCert.PrivateKey);
                AsymmetricKeyParameter caPair = pfx.GetKey(alias).Key;

                Al.Security.X509.X509Certificate cert = certGen.Generate(caPair);

                Pkcs12Store pk = new Pkcs12StoreBuilder().Build();
                // Add a Certificate entry
                X509CertificateEntry certEntry = new X509CertificateEntry(cert);
                pk.SetCertificateEntry(cert.SubjectDN.ToString(), certEntry); // use DN as the Alias.

                AsymmetricKeyEntry keyEntry = new AsymmetricKeyEntry(ackp.Private);
                pk.SetKeyEntry(cert.SubjectDN.ToString(), keyEntry, new X509CertificateEntry[] { certEntry }); // Note that we only have 1 cert in the 'chain'

                using (var filestream = new FileStream(file, FileMode.Create, FileAccess.ReadWrite))
                    pk.Save(filestream, password.ToCharArray(), new SecureRandom());

                X509Certificate2 cer = new X509Certificate2(File.ReadAllBytes(file), password);
                cer.Verify();
            }
            catch
            {
                return(false);
            }
            return(true);
        }
Beispiel #10
0
 public void Read_WithInvalidAsn1_Throws()
 {
     Assert.Throws <CryptographicException>(
         () => PolicyQualifierInfo.Read(new byte[] { 0x30, 0x07 }));
 }