/// <summary>
/// Create CertificatePolicies extension from an X509Extension
/// </summary>
/// <param name="Extension">X509 extension</param>
public certificatePolicies(X509Extension Extension) : base(Extension)
{
base.oid = X509Extensions.CertificatePolicies;
base.name = "CertificatePolicies";
base.displayName = "Certificate Policies";
Crypto.X509.CertificatePolicies certPol = Crypto.X509.CertificatePolicies.GetInstance(Extension);
PolicyInformation[] piList = certPol.GetPolicyInformation();
foreach (PolicyInformation pi in piList)
{
CertPolicy cp = new CertPolicy()
{
Oid = pi.PolicyIdentifier.ToString()
};
Asn1Sequence quals = pi.PolicyQualifiers;
if (quals != null)
{
foreach (DerSequence qual in quals)
{
PolicyQualifierInfo qi = PolicyQualifierInfo.GetInstance(qual);
if (qi.GetPolicyQualifierId().Equals(PolicyQualifierID.IdQtCps))
{
cp.Cps = qi.GetQualifier();
}
if (qi.GetPolicyQualifierId().Equals(PolicyQualifierID.IdQtUnotice))
{
cp.Unotice = qi.GetQualifier();
}
}
}
policies.Add(cp);
}
}
private static PolicyInformation[] GetPolicyInformation(AdESPolicy policy)
{
if (policy == null)
{
throw new ArgumentException("La politica de firma no puede ser nula en este punto");
}
/**
* PolicyQualifierInfo ::= SEQUENCE {
* policyQualifierId PolicyQualifierId,
* qualifier ANY DEFINED BY policyQualifierId }
*/
PolicyQualifierID pqid = PolicyQualifierID.IdQtCps;
DerIA5String uri = null;
if (policy.GetPolicyQualifier() != null && !policy.GetPolicyQualifier().Equals(""))
{
uri = new DerIA5String(policy.GetPolicyQualifier().ToString());
}
Asn1EncodableVector v = new Asn1EncodableVector();
PolicyQualifierInfo pqi = null;
if (uri != null)
{
v.Add(pqid);
v.Add(uri);
/**
*
* ESTO TIENE ALTAS PROBABILIDADES DE FALLAR
*
*/
pqi = PolicyQualifierInfo.GetInstance(new DerSequence(v));
}
/**
* PolicyInformation ::= SEQUENCE {
* policyIdentifier CertPolicyId,
* policyQualifiers SEQUENCE SIZE (1..MAX) OF
* PolicyQualifierInfo OPTIONAL }
*/
if (policy.GetPolicyQualifier() == null || pqi == null)
{
return(new PolicyInformation[] {
new PolicyInformation(new DerObjectIdentifier(policy.GetPolicyIdentifier().ToLower().Replace("urn:oid:", "")))
});
}
return(new PolicyInformation[] {
new PolicyInformation(new DerObjectIdentifier(policy.GetPolicyIdentifier().ToLower().Replace("urn:oid:", "")), new DerSequence(pqi))
});
}
public void Read_WithQualifier_ReturnsPolicyQualifierInfo()
{
var cpsUri = new DerIA5String("http://test.test");
var bcPolicyQualifierInfo = new BcPolicyQualifierInfo(
new DerObjectIdentifier(Oids.IdQtCps), cpsUri);
var bytes = bcPolicyQualifierInfo.GetDerEncoded();
var policyQualifierInfo = PolicyQualifierInfo.Read(bytes);
Assert.Equal(Oids.IdQtCps, policyQualifierInfo.PolicyQualifierId.Value);
Assert.Equal(cpsUri.GetDerEncoded(), policyQualifierInfo.Qualifier);
}
public void Read_WithOnlyPolicyQualifierId_ReturnsPolicyQualifierInfo()
{
var policyQualifierId = "1.2.3";
var bcPolicyQualifierInfo = new BcPolicyQualifierInfo(
new DerObjectIdentifier(policyQualifierId), DerNull.Instance);
var bytes = bcPolicyQualifierInfo.GetDerEncoded();
var policyQualifierInfo = PolicyQualifierInfo.Read(bytes);
Assert.Equal(policyQualifierId, policyQualifierInfo.PolicyQualifierId.Value);
Assert.Equal(DerNull.Instance.GetDerEncoded(), policyQualifierInfo.Qualifier);
}
internal static ISet GetQualifierSet(Asn1Sequence qualifiers)
{
ISet set = new HashSet();
if (qualifiers == null)
{
return(set);
}
foreach (Asn1Encodable asn1Encodable in qualifiers)
{
try
{
set.Add(PolicyQualifierInfo.GetInstance(asn1Encodable.ToAsn1Object()));
}
catch (IOException cause)
{
throw new PkixCertPathValidatorException("Policy qualifier info cannot be decoded.", cause);
}
}
return(set);
}
static DerSequence CreatePolicyInformationsSequence(string cps, string org, string oid, string desc)
{
Asn1EncodableVector av = new Asn1EncodableVector();
av.Add(new DerInteger(1));
DerSequence noticeNumbers = new DerSequence(av);
Asn1EncodableVector qualifiers = new Asn1EncodableVector();
if (cps != null)
{
PolicyQualifierInfo cpsnotice = new PolicyQualifierInfo(cps);
qualifiers.Add(cpsnotice);
}
if (org != null && desc != null)
{
UserNotice un = new UserNotice(
new NoticeReference(DisplayText.ContentTypeIA5String, org, noticeNumbers), // OPTIONAL Orgname
new DisplayText(DisplayText.ContentTypeVisibleString, desc
)
);
PolicyQualifierInfo pqiUNOTICE = new PolicyQualifierInfo(PolicyQualifierID.IdQtUnotice, un);
qualifiers.Add(pqiUNOTICE);
}
DerObjectIdentifier policy = null;
policy = new DerObjectIdentifier(oid);
PolicyInformation policyInformation =
new PolicyInformation(policy, new DerSequence(qualifiers));
return(new DerSequence(policyInformation));
}
//
// policy checking
//
internal static ISet GetQualifierSet(Asn1Sequence qualifiers)
{
ISet pq = new HashSet();
if (qualifiers == null)
{
return(pq);
}
foreach (Asn1Encodable ae in qualifiers)
{
try
{
// pq.Add(PolicyQualifierInfo.GetInstance(Asn1Object.FromByteArray(ae.GetEncoded())));
pq.Add(PolicyQualifierInfo.GetInstance(ae.ToAsn1Object()));
}
catch (IOException ex)
{
throw new PkixCertPathValidatorException("Policy qualifier info cannot be decoded.", ex);
}
}
return(pq);
}
internal static ISet GetQualifierSet(Asn1Sequence qualifiers)
{
//IL_0034: Expected O, but got Unknown
ISet set = new HashSet();
if (qualifiers == null)
{
return(set);
}
global::System.Collections.IEnumerator enumerator = qualifiers.GetEnumerator();
try
{
while (enumerator.MoveNext())
{
Asn1Encodable asn1Encodable = (Asn1Encodable)enumerator.get_Current();
try
{
set.Add(PolicyQualifierInfo.GetInstance(asn1Encodable.ToAsn1Object()));
}
catch (IOException val)
{
IOException cause = val;
throw new PkixCertPathValidatorException("Policy qualifier info cannot be decoded.", (global::System.Exception)(object) cause);
}
}
return(set);
}
finally
{
global::System.IDisposable disposable = enumerator as global::System.IDisposable;
if (disposable != null)
{
disposable.Dispose();
}
}
}
static bool Gen(string summoner, string region, string password, string file)
{
try
{
//Later in your Code
//Requested Certificate Name
X509Name name = new X509Name("CN=" + summoner + " - " + region + ", OU=Ghostblade Replays, O=Arsslensoft");
//Key generation 2048bits
RsaKeyPairGenerator rkpg = new RsaKeyPairGenerator();
rkpg.Init(new KeyGenerationParameters(new SecureRandom(), 2048));
AsymmetricCipherKeyPair ackp = rkpg.GenerateKeyPair();
X509Certificate2 caCert = new X509Certificate2(GBReplay.Properties.Resources.GBSGN, "KGPAQW7894Q129D7Q1456W9A47897a9s7r5d6");
//PKCS #10 Certificate Signing Request
Pkcs10CertificationRequest csr = new Pkcs10CertificationRequest("SHA256WITHRSA", name, ackp.Public, null, ackp.Private);
AsymmetricKeyParameter publicKey = csr.GetPublicKey();
// Build a Version1 (No Extensions) Certificate
DateTime startDate = DateTime.Now.Subtract(new TimeSpan(1, 0, 0));
DateTime expiryDate = startDate.AddYears(5);
BigInteger serialNumber = new BigInteger(32, new Random());
X509V3CertificateGenerator certGen = new X509V3CertificateGenerator();
X509Name dnName = new X509Name(caCert.Subject);
certGen.SetSerialNumber(serialNumber);
certGen.SetIssuerDN(dnName);
certGen.SetNotBefore(startDate);
certGen.SetNotAfter(expiryDate);
certGen.SetSubjectDN(name);
certGen.SetSignatureAlgorithm("SHA256WITHRSA");
certGen.SetPublicKey(publicKey);
UserNotice unotice = new UserNotice(null, "This certificate must be only used with Ghostblade replays files. This certificate is a property of Arsslensoft any usage of its content without prior request is prohibited.");
PolicyQualifierInfo pqiunotice = new PolicyQualifierInfo(PolicyQualifierID.IdQtUnotice, unotice);
PolicyInformation p = new PolicyInformation(new DerObjectIdentifier("1.3.6.1.4.1.44215.1.3"), new DerSequence(new PolicyQualifierInfo[1] {
pqiunotice
}));
certGen.AddExtension(X509Extensions.BasicConstraints, true, new BasicConstraints(false));
certGen.AddExtension(X509Extensions.AuthorityKeyIdentifier, false, new AuthorityKeyIdentifierStructure(DotNetUtilities.FromX509Certificate(caCert).GetPublicKey()));
certGen.AddExtension(X509Extensions.SubjectKeyIdentifier, false, new SubjectKeyIdentifierStructure(publicKey));
certGen.AddExtension(X509Extensions.KeyUsage, false, new KeyUsage(KeyUsage.DigitalSignature));
certGen.AddExtension(X509Extensions.ExtendedKeyUsage, false, new ExtendedKeyUsage(new KeyPurposeID[] { KeyPurposeID.IdKPCodeSigning }));
certGen.AddExtension(X509Extensions.CertificatePolicies, false, new DerSequence(p));
Pkcs12Store pfx = new Pkcs12Store(new MemoryStream(GBReplay.Properties.Resources.GBSGN), "KGPAQW7894Q129D7Q1456W9A47897a9s7r5d6".ToCharArray());
string alias = null;
foreach (string al in pfx.Aliases)
{
if (pfx.IsKeyEntry(al) && pfx.GetKey(al).Key.IsPrivate)
{
alias = al;
break;
}
}
//get our Private Key to Sign with
// AsymmetricCipherKeyPair caPair = DotNetUtilities.GetKeyPair(caCert.PrivateKey);
AsymmetricKeyParameter caPair = pfx.GetKey(alias).Key;
Al.Security.X509.X509Certificate cert = certGen.Generate(caPair);
Pkcs12Store pk = new Pkcs12StoreBuilder().Build();
// Add a Certificate entry
X509CertificateEntry certEntry = new X509CertificateEntry(cert);
pk.SetCertificateEntry(cert.SubjectDN.ToString(), certEntry); // use DN as the Alias.
AsymmetricKeyEntry keyEntry = new AsymmetricKeyEntry(ackp.Private);
pk.SetKeyEntry(cert.SubjectDN.ToString(), keyEntry, new X509CertificateEntry[] { certEntry }); // Note that we only have 1 cert in the 'chain'
using (var filestream = new FileStream(file, FileMode.Create, FileAccess.ReadWrite))
pk.Save(filestream, password.ToCharArray(), new SecureRandom());
X509Certificate2 cer = new X509Certificate2(File.ReadAllBytes(file), password);
cer.Verify();
}
catch
{
return(false);
}
return(true);
}
public void Read_WithInvalidAsn1_Throws()
{
Assert.Throws <CryptographicException>(
() => PolicyQualifierInfo.Read(new byte[] { 0x30, 0x07 }));
}
