Beispiel #1
0
            public byte[] GetBytes()
            {
                ASN1 privateKeyAlgorithm = new ASN1(0x30);

                privateKeyAlgorithm.Add(ASN1Convert.FromOid(_algorithm));
                privateKeyAlgorithm.Add(new ASN1(0x05));                   // ASN.1 NULL

                ASN1 pki = new ASN1(0x30);

                pki.Add(new ASN1(0x02, new byte [1] {
                    (byte)_version
                }));
                pki.Add(privateKeyAlgorithm);
                pki.Add(new ASN1(0x04, _key));

                if (_list.Count > 0)
                {
                    ASN1 attributes = new ASN1(0xA0);
                    foreach (ASN1 attribute in _list)
                    {
                        attributes.Add(attribute);
                    }
                    pki.Add(attributes);
                }

                return(pki.GetBytes());
            }
Beispiel #2
0
            // Note: PKCS#8 doesn't define how to generate the key required for encryption
            // so you're on your own. Just don't try to copy the big guys too much ;)
            // Netscape:	http://www.cs.auckland.ac.nz/~pgut001/pubs/netscape.txt
            // Microsoft:	http://www.cs.auckland.ac.nz/~pgut001/pubs/breakms.txt
            public byte[] GetBytes()
            {
                if (_algorithm == null)
                {
                    throw new CryptographicException("No algorithm OID specified");
                }

                ASN1 encryptionAlgorithm = new ASN1(0x30);

                encryptionAlgorithm.Add(ASN1Convert.FromOid(_algorithm));

                // parameters ANY DEFINED BY algorithm OPTIONAL
                if ((_iterations > 0) || (_salt != null))
                {
                    ASN1 salt       = new ASN1(0x04, _salt);
                    ASN1 iterations = ASN1Convert.FromInt32(_iterations);

                    ASN1 parameters = new ASN1(0x30);
                    parameters.Add(salt);
                    parameters.Add(iterations);
                    encryptionAlgorithm.Add(parameters);
                }

                // encapsulates EncryptedData into an OCTET STRING
                ASN1 encryptedData = new ASN1(0x04, _data);

                ASN1 encryptedPrivateKeyInfo = new ASN1(0x30);

                encryptedPrivateKeyInfo.Add(encryptionAlgorithm);
                encryptedPrivateKeyInfo.Add(encryptedData);

                return(encryptedPrivateKeyInfo.GetBytes());
            }
Beispiel #3
0
            internal ASN1 GetASN1(byte encoding)
            {
                byte encode = encoding;

                if (encode == 0xFF)
                {
                    encode = SelectBestEncoding();
                }

                ASN1 asn1 = new ASN1(0x30);

                asn1.Add(ASN1Convert.FromOid(oid));
                switch (encode)
                {
                case 0x13:
                    // PRINTABLESTRING
                    asn1.Add(new ASN1(0x13, Encoding.ASCII.GetBytes(attrValue)));
                    break;

                case 0x16:
                    // IA5STRING
                    asn1.Add(new ASN1(0x16, Encoding.ASCII.GetBytes(attrValue)));
                    break;

                case 0x1E:
                    // BMPSTRING
                    asn1.Add(new ASN1(0x1E, Encoding.BigEndianUnicode.GetBytes(attrValue)));
                    break;
                }
                return(asn1);
            }
Beispiel #4
0
        public X509Extension(ASN1 asn1)
        {
            if ((asn1.Tag != 0x30) || (asn1.Count < 2))
            {
                throw new ArgumentException(("Invalid X.509 extension."));
            }
            if (asn1[0].Tag != 0x06)
            {
                throw new ArgumentException(("Invalid X.509 extension."));
            }

            extnOid      = ASN1Convert.ToOid(asn1[0]);
            extnCritical = ((asn1[1].Tag == 0x01) && (asn1[1].Value[0] == 0xFF));
            // last element is an octet string which may need to be decoded
            extnValue = asn1 [asn1.Count - 1];
            if ((extnValue.Tag == 0x04) && (extnValue.Length > 0) && (extnValue.Count == 0))
            {
                try {
                    ASN1 encapsulated = new ASN1(extnValue.Value);
                    extnValue.Value = null;
                    extnValue.Add(encapsulated);
                }
                catch {
                    // data isn't ASN.1
                }
            }
            Decode();
        }
Beispiel #5
0
            public EnvelopedData(ASN1 asn1) : this()
            {
                if ((asn1[0].Tag != 0x30) || (asn1[0].Count < 3))
                {
                    throw new ArgumentException("Invalid EnvelopedData");
                }

                if (asn1[0][0].Tag != 0x02)
                {
                    throw new ArgumentException("Invalid version");
                }
                _version = asn1[0][0].Value[0];

                // recipientInfos

                ASN1 recipientInfos = asn1 [0][1];

                if (recipientInfos.Tag != 0x31)
                {
                    throw new ArgumentException("missing RecipientInfos");
                }
                for (int i = 0; i < recipientInfos.Count; i++)
                {
                    ASN1 recipientInfo = recipientInfos [i];
                    _recipientInfos.Add(new RecipientInfo(recipientInfo));
                }

                ASN1 encryptedContentInfo = asn1[0][2];

                if (encryptedContentInfo.Tag != 0x30)
                {
                    throw new ArgumentException("missing EncryptedContentInfo");
                }

                ASN1 contentType = encryptedContentInfo [0];

                if (contentType.Tag != 0x06)
                {
                    throw new ArgumentException("missing EncryptedContentInfo.ContentType");
                }
                _content = new ContentInfo(ASN1Convert.ToOid(contentType));

                ASN1 contentEncryptionAlgorithm = encryptedContentInfo [1];

                if (contentEncryptionAlgorithm.Tag != 0x30)
                {
                    throw new ArgumentException("missing EncryptedContentInfo.ContentEncryptionAlgorithmIdentifier");
                }
                _encryptionAlgorithm         = new ContentInfo(ASN1Convert.ToOid(contentEncryptionAlgorithm [0]));
                _encryptionAlgorithm.Content = contentEncryptionAlgorithm [1];

                ASN1 encryptedContent = encryptedContentInfo [2];

                if (encryptedContent.Tag != 0x80)
                {
                    throw new ArgumentException("missing EncryptedContentInfo.EncryptedContent");
                }
                _encrypted = encryptedContent.Value;
            }
Beispiel #6
0
        protected override ASN1 ToBeSigned(string oid)
        {
            // TBSCertificate
            ASN1 tbsCert = new ASN1(0x30);

            if (version > 1)
            {
                // TBSCertificate / [0] Version DEFAULT v1,
                byte[] ver = { (byte)(version - 1) };
                ASN1   v   = tbsCert.Add(new ASN1(0xA0));
                v.Add(new ASN1(0x02, ver));
            }

            // TBSCertificate / CertificateSerialNumber,
            tbsCert.Add(new ASN1(0x02, sn));

            // TBSCertificate / AlgorithmIdentifier,
            tbsCert.Add(PKCS7.AlgorithmIdentifier(oid));

            // TBSCertificate / Name
            tbsCert.Add(X501.FromString(issuer));

            // TBSCertificate / Validity
            ASN1 validity = tbsCert.Add(new ASN1(0x30));

            // TBSCertificate / Validity / Time
            validity.Add(ASN1Convert.FromDateTime(notBefore));
            // TBSCertificate / Validity / Time
            validity.Add(ASN1Convert.FromDateTime(notAfter));

            // TBSCertificate / Name
            tbsCert.Add(X501.FromString(subject));

            // TBSCertificate / SubjectPublicKeyInfo
            tbsCert.Add(SubjectPublicKeyInfo());

            if (version > 1)
            {
                // TBSCertificate / [1]  IMPLICIT UniqueIdentifier OPTIONAL
                if (issuerUniqueID != null)
                {
                    tbsCert.Add(new ASN1(0xA1, UniqueIdentifier(issuerUniqueID)));
                }

                // TBSCertificate / [2]  IMPLICIT UniqueIdentifier OPTIONAL
                if (subjectUniqueID != null)
                {
                    tbsCert.Add(new ASN1(0xA1, UniqueIdentifier(subjectUniqueID)));
                }

                // TBSCertificate / [3]  Extensions OPTIONAL
                if ((version > 2) && (extensions.Count > 0))
                {
                    tbsCert.Add(new ASN1(0xA3, extensions.GetBytes()));
                }
            }

            return(tbsCert);
        }
Beispiel #7
0
        static public ASN1 AlgorithmIdentifier(string oid)
        {
            ASN1 ai = new ASN1(0x30);

            ai.Add(ASN1Convert.FromOid(oid));
            ai.Add(new ASN1(0x05));                     // NULL
            return(ai);
        }
Beispiel #8
0
        static public ASN1 AlgorithmIdentifier(string oid, ASN1 parameters)
        {
            ASN1 ai = new ASN1(0x30);

            ai.Add(ASN1Convert.FromOid(oid));
            ai.Add(parameters);
            return(ai);
        }
Beispiel #9
0
 static private bool IsOid(string oid)
 {
     try {
         ASN1 asn = ASN1Convert.FromOid(oid);
         return(asn.Tag == 0x06);
     }
     catch {
         return(false);
     }
 }
Beispiel #10
0
        static public ASN1 Attribute(string oid, ASN1 value)
        {
            ASN1 attr = new ASN1(0x30);

            attr.Add(ASN1Convert.FromOid(oid));
            ASN1 aset = attr.Add(new ASN1(0x31));

            aset.Add(value);
            return(attr);
        }
Beispiel #11
0
            // methods

            private void Decode(byte[] data)
            {
                ASN1 encryptedPrivateKeyInfo = new ASN1(data);

                if (encryptedPrivateKeyInfo.Tag != 0x30)
                {
                    throw new CryptographicException("invalid EncryptedPrivateKeyInfo");
                }

                ASN1 encryptionAlgorithm = encryptedPrivateKeyInfo [0];

                if (encryptionAlgorithm.Tag != 0x30)
                {
                    throw new CryptographicException("invalid encryptionAlgorithm");
                }
                ASN1 algorithm = encryptionAlgorithm [0];

                if (algorithm.Tag != 0x06)
                {
                    throw new CryptographicException("invalid algorithm");
                }
                _algorithm = ASN1Convert.ToOid(algorithm);
                // parameters ANY DEFINED BY algorithm OPTIONAL
                if (encryptionAlgorithm.Count > 1)
                {
                    ASN1 parameters = encryptionAlgorithm [1];
                    if (parameters.Tag != 0x30)
                    {
                        throw new CryptographicException("invalid parameters");
                    }

                    ASN1 salt = parameters [0];
                    if (salt.Tag != 0x04)
                    {
                        throw new CryptographicException("invalid salt");
                    }
                    _salt = salt.Value;

                    ASN1 iterationCount = parameters [1];
                    if (iterationCount.Tag != 0x02)
                    {
                        throw new CryptographicException("invalid iterationCount");
                    }
                    _iterations = ASN1Convert.ToInt32(iterationCount);
                }

                ASN1 encryptedData = encryptedPrivateKeyInfo [1];

                if (encryptedData.Tag != 0x04)
                {
                    throw new CryptographicException("invalid EncryptedData");
                }
                _data = encryptedData.Value;
            }
Beispiel #12
0
            internal ASN1 GetASN1()
            {
                // ContentInfo ::= SEQUENCE {
                ASN1 contentInfo = new ASN1(0x30);

                // contentType ContentType, -> ContentType ::= OBJECT IDENTIFIER
                contentInfo.Add(ASN1Convert.FromOid(contentType));
                // content [0] EXPLICIT ANY DEFINED BY contentType OPTIONAL
                if ((content != null) && (content.Count > 0))
                {
                    contentInfo.Add(content);
                }
                return(contentInfo);
            }
Beispiel #13
0
            // methods

            private void Decode(byte[] data)
            {
                ASN1 privateKeyInfo = new ASN1(data);

                if (privateKeyInfo.Tag != 0x30)
                {
                    throw new CryptographicException("invalid PrivateKeyInfo");
                }

                ASN1 version = privateKeyInfo [0];

                if (version.Tag != 0x02)
                {
                    throw new CryptographicException("invalid version");
                }
                _version = version.Value [0];

                ASN1 privateKeyAlgorithm = privateKeyInfo [1];

                if (privateKeyAlgorithm.Tag != 0x30)
                {
                    throw new CryptographicException("invalid algorithm");
                }

                ASN1 algorithm = privateKeyAlgorithm [0];

                if (algorithm.Tag != 0x06)
                {
                    throw new CryptographicException("missing algorithm OID");
                }
                _algorithm = ASN1Convert.ToOid(algorithm);

                ASN1 privateKey = privateKeyInfo [2];

                _key = privateKey.Value;

                // attributes [0] IMPLICIT Attributes OPTIONAL
                if (privateKeyInfo.Count > 3)
                {
                    ASN1 attributes = privateKeyInfo [3];
                    for (int i = 0; i < attributes.Count; i++)
                    {
                        _list.Add(attributes [i]);
                    }
                }
            }
Beispiel #14
0
            public EncryptedData(ASN1 asn1) : this()
            {
                if ((asn1.Tag != 0x30) || (asn1.Count < 2))
                {
                    throw new ArgumentException("Invalid EncryptedData");
                }

                if (asn1 [0].Tag != 0x02)
                {
                    throw new ArgumentException("Invalid version");
                }
                _version = asn1 [0].Value [0];

                ASN1 encryptedContentInfo = asn1 [1];

                if (encryptedContentInfo.Tag != 0x30)
                {
                    throw new ArgumentException("missing EncryptedContentInfo");
                }

                ASN1 contentType = encryptedContentInfo [0];

                if (contentType.Tag != 0x06)
                {
                    throw new ArgumentException("missing EncryptedContentInfo.ContentType");
                }
                _content = new ContentInfo(ASN1Convert.ToOid(contentType));

                ASN1 contentEncryptionAlgorithm = encryptedContentInfo [1];

                if (contentEncryptionAlgorithm.Tag != 0x30)
                {
                    throw new ArgumentException("missing EncryptedContentInfo.ContentEncryptionAlgorithmIdentifier");
                }
                _encryptionAlgorithm         = new ContentInfo(ASN1Convert.ToOid(contentEncryptionAlgorithm [0]));
                _encryptionAlgorithm.Content = contentEncryptionAlgorithm [1];

                ASN1 encryptedContent = encryptedContentInfo [2];

                if (encryptedContent.Tag != 0x80)
                {
                    throw new ArgumentException("missing EncryptedContentInfo.EncryptedContent");
                }
                _encrypted = encryptedContent.Value;
            }
Beispiel #15
0
        /* SubjectPublicKeyInfo  ::=  SEQUENCE  {
         *      algorithm            AlgorithmIdentifier,
         *      subjectPublicKey     BIT STRING  }
         */
        private ASN1 SubjectPublicKeyInfo()
        {
            ASN1 keyInfo = new ASN1(0x30);

            if (aa is RSA)
            {
                keyInfo.Add(PKCS7.AlgorithmIdentifier("1.2.840.113549.1.1.1"));
                RSAParameters p = (aa as RSA).ExportParameters(false);

                /* RSAPublicKey ::= SEQUENCE {
                 *       modulus            INTEGER,    -- n
                 *       publicExponent     INTEGER  }  -- e
                 */
                ASN1 key = new ASN1(0x30);
                key.Add(ASN1Convert.FromUnsignedBigInteger(p.Modulus));
                key.Add(ASN1Convert.FromUnsignedBigInteger(p.Exponent));
                keyInfo.Add(new ASN1(UniqueIdentifier(key.GetBytes())));
            }
            else if (aa is DSA)
            {
                DSAParameters p = (aa as DSA).ExportParameters(false);

                /* Dss-Parms  ::=  SEQUENCE  {
                 *       p             INTEGER,
                 *       q             INTEGER,
                 *       g             INTEGER  }
                 */
                ASN1 param = new ASN1(0x30);
                param.Add(ASN1Convert.FromUnsignedBigInteger(p.P));
                param.Add(ASN1Convert.FromUnsignedBigInteger(p.Q));
                param.Add(ASN1Convert.FromUnsignedBigInteger(p.G));
                keyInfo.Add(PKCS7.AlgorithmIdentifier("1.2.840.10040.4.1", param));
                ASN1 key = keyInfo.Add(new ASN1(0x03));
                // DSAPublicKey ::= INTEGER  -- public key, y
                key.Add(ASN1Convert.FromUnsignedBigInteger(p.Y));
            }
            else
            {
                throw new NotSupportedException("Unknown Asymmetric Algorithm " + aa.ToString());
            }
            return(keyInfo);
        }
Beispiel #16
0
            /*
             * RSAPrivateKey ::= SEQUENCE {
             *	version           Version,
             *	modulus           INTEGER,  -- n
             *	publicExponent    INTEGER,  -- e
             *	privateExponent   INTEGER,  -- d
             *	prime1            INTEGER,  -- p
             *	prime2            INTEGER,  -- q
             *	exponent1         INTEGER,  -- d mod (p-1)
             *	exponent2         INTEGER,  -- d mod (q-1)
             *	coefficient       INTEGER,  -- (inverse of q) mod p
             *	otherPrimeInfos   OtherPrimeInfos OPTIONAL
             * }
             */
            static public byte[] Encode(RSA rsa)
            {
                RSAParameters param = rsa.ExportParameters(true);

                ASN1 rsaPrivateKey = new ASN1(0x30);

                rsaPrivateKey.Add(new ASN1(0x02, new byte [1] {
                    0x00
                }));
                rsaPrivateKey.Add(ASN1Convert.FromUnsignedBigInteger(param.Modulus));
                rsaPrivateKey.Add(ASN1Convert.FromUnsignedBigInteger(param.Exponent));
                rsaPrivateKey.Add(ASN1Convert.FromUnsignedBigInteger(param.D));
                rsaPrivateKey.Add(ASN1Convert.FromUnsignedBigInteger(param.P));
                rsaPrivateKey.Add(ASN1Convert.FromUnsignedBigInteger(param.Q));
                rsaPrivateKey.Add(ASN1Convert.FromUnsignedBigInteger(param.DP));
                rsaPrivateKey.Add(ASN1Convert.FromUnsignedBigInteger(param.DQ));
                rsaPrivateKey.Add(ASN1Convert.FromUnsignedBigInteger(param.InverseQ));

                return(rsaPrivateKey.GetBytes());
            }
Beispiel #17
0
 public ContentInfo(ASN1 asn1)
 {
     // SEQUENCE with 1 or 2 elements
     if ((asn1.Tag != 0x30) || ((asn1.Count < 1) && (asn1.Count > 2)))
     {
         throw new ArgumentException("Invalid ASN1");
     }
     if (asn1[0].Tag != 0x06)
     {
         throw new ArgumentException("Invalid contentType");
     }
     contentType = ASN1Convert.ToOid(asn1[0]);
     if (asn1.Count > 1)
     {
         if (asn1[1].Tag != 0xA0)
         {
             throw new ArgumentException("Invalid content");
         }
         content = asn1[1];
     }
 }
Beispiel #18
0
            public RecipientInfo(ASN1 data)
            {
                if (data.Tag != 0x30)
                {
                    throw new ArgumentException("Invalid RecipientInfo");
                }

                ASN1 version = data [0];

                if (version.Tag != 0x02)
                {
                    throw new ArgumentException("missing Version");
                }
                _version = version.Value [0];

                // issuerAndSerialNumber IssuerAndSerialNumber
                ASN1 subjectIdentifierType = data [1];

                if ((subjectIdentifierType.Tag == 0x80) && (_version == 3))
                {
                    _ski = subjectIdentifierType.Value;
                }
                else
                {
                    _issuer = X501.ToString(subjectIdentifierType [0]);
                    _serial = subjectIdentifierType [1].Value;
                }

                ASN1 keyEncryptionAlgorithm = data [2];

                _oid = ASN1Convert.ToOid(keyEncryptionAlgorithm [0]);

                ASN1 encryptedKey = data [3];

                _key = encryptedKey.Value;
            }
Beispiel #19
0
            // TODO: INCOMPLETE
            public SignerInfo(ASN1 asn1) : this()
            {
                if ((asn1[0].Tag != 0x30) || (asn1[0].Count < 5))
                {
                    throw new ArgumentException("Invalid SignedData");
                }

                // version Version
                if (asn1[0][0].Tag != 0x02)
                {
                    throw new ArgumentException("Invalid version");
                }
                version = asn1[0][0].Value[0];

                // issuerAndSerialNumber IssuerAndSerialNumber
                ASN1 subjectIdentifierType = asn1 [0][1];

                if ((subjectIdentifierType.Tag == 0x80) && (version == 3))
                {
                    ski = subjectIdentifierType.Value;
                }
                else
                {
                    issuer = X501.ToString(subjectIdentifierType [0]);
                    serial = subjectIdentifierType [1].Value;
                }

                // digestAlgorithm DigestAlgorithmIdentifier
                ASN1 digestAlgorithm = asn1 [0][2];

                hashAlgorithm = ASN1Convert.ToOid(digestAlgorithm [0]);

                // authenticatedAttributes [0] IMPLICIT Attributes OPTIONAL
                int  n = 3;
                ASN1 authAttributes = asn1 [0][n];

                if (authAttributes.Tag == 0xA0)
                {
                    n++;
                    for (int i = 0; i < authAttributes.Count; i++)
                    {
                        authenticatedAttributes.Add(authAttributes [i]);
                    }
                }

                // digestEncryptionAlgorithm DigestEncryptionAlgorithmIdentifier
                n++;
                // ASN1 digestEncryptionAlgorithm = asn1 [0][n++];
                // string digestEncryptionAlgorithmOid = ASN1Convert.ToOid (digestEncryptionAlgorithm [0]);

                // encryptedDigest EncryptedDigest
                ASN1 encryptedDigest = asn1 [0][n++];

                if (encryptedDigest.Tag == 0x04)
                {
                    signature = encryptedDigest.Value;
                }

                // unauthenticatedAttributes [1] IMPLICIT Attributes OPTIONAL
                ASN1 unauthAttributes = asn1 [0][n];

                if ((unauthAttributes != null) && (unauthAttributes.Tag == 0xA1))
                {
                    for (int i = 0; i < unauthAttributes.Count; i++)
                    {
                        unauthenticatedAttributes.Add(unauthAttributes [i]);
                    }
                }
            }
Beispiel #20
0
            static public byte[] Encode(DSA dsa)
            {
                DSAParameters param = dsa.ExportParameters(true);

                return(ASN1Convert.FromUnsignedBigInteger(param.X).GetBytes());
            }
Beispiel #21
0
        // that's were the real job is!
        private void Parse(byte[] data)
        {
            try {
                decoder = new ASN1(data);
                // Certificate
                if (decoder.Tag != 0x30)
                {
                    throw new CryptographicException(encoding_error);
                }
                // Certificate / TBSCertificate
                if (decoder [0].Tag != 0x30)
                {
                    throw new CryptographicException(encoding_error);
                }

                ASN1 tbsCertificate = decoder [0];

                int tbs = 0;
                // Certificate / TBSCertificate / Version
                ASN1 v = decoder [0][tbs];
                version = 1;                                    // DEFAULT v1
                if ((v.Tag == 0xA0) && (v.Count > 0))
                {
                    // version (optional) is present only in v2+ certs
                    version += v [0].Value [0];                         // zero based
                    tbs++;
                }

                // Certificate / TBSCertificate / CertificateSerialNumber
                ASN1 sn = decoder [0][tbs++];
                if (sn.Tag != 0x02)
                {
                    throw new CryptographicException(encoding_error);
                }
                serialnumber = sn.Value;
                Array.Reverse(serialnumber, 0, serialnumber.Length);

                // Certificate / TBSCertificate / AlgorithmIdentifier
                tbs++;
                // ASN1 signatureAlgo = tbsCertificate.Element (tbs++, 0x30);

                issuer       = tbsCertificate.Element(tbs++, 0x30);
                m_issuername = X501.ToString(issuer);

                ASN1 validity  = tbsCertificate.Element(tbs++, 0x30);
                ASN1 notBefore = validity [0];
                m_from = ASN1Convert.ToDateTime(notBefore);
                ASN1 notAfter = validity [1];
                m_until = ASN1Convert.ToDateTime(notAfter);

                subject   = tbsCertificate.Element(tbs++, 0x30);
                m_subject = X501.ToString(subject);

                ASN1 subjectPublicKeyInfo = tbsCertificate.Element(tbs++, 0x30);

                ASN1 algorithm = subjectPublicKeyInfo.Element(0, 0x30);
                ASN1 algo      = algorithm.Element(0, 0x06);
                m_keyalgo = ASN1Convert.ToOid(algo);
                // parameters ANY DEFINED BY algorithm OPTIONAL
                // so we dont ask for a specific (Element) type and return DER
                ASN1 parameters = algorithm [1];
                m_keyalgoparams = ((algorithm.Count > 1) ? parameters.GetBytes() : null);

                ASN1 subjectPublicKey = subjectPublicKeyInfo.Element(1, 0x03);
                // we must drop th first byte (which is the number of unused bits
                // in the BITSTRING)
                int n = subjectPublicKey.Length - 1;
                m_publickey = new byte [n];
                Buffer.BlockCopy(subjectPublicKey.Value, 1, m_publickey, 0, n);

                // signature processing
                byte[] bitstring = decoder [2].Value;
                // first byte contains unused bits in first byte
                signature = new byte [bitstring.Length - 1];
                Buffer.BlockCopy(bitstring, 1, signature, 0, signature.Length);

                algorithm       = decoder [1];
                algo            = algorithm.Element(0, 0x06);
                m_signaturealgo = ASN1Convert.ToOid(algo);
                parameters      = algorithm [1];
                if (parameters != null)
                {
                    m_signaturealgoparams = parameters.GetBytes();
                }
                else
                {
                    m_signaturealgoparams = null;
                }

                // Certificate / TBSCertificate / issuerUniqueID
                ASN1 issuerUID = tbsCertificate.Element(tbs, 0x81);
                if (issuerUID != null)
                {
                    tbs++;
                    issuerUniqueID = issuerUID.Value;
                }

                // Certificate / TBSCertificate / subjectUniqueID
                ASN1 subjectUID = tbsCertificate.Element(tbs, 0x82);
                if (subjectUID != null)
                {
                    tbs++;
                    subjectUniqueID = subjectUID.Value;
                }

                // Certificate / TBSCertificate / Extensions
                ASN1 extns = tbsCertificate.Element(tbs, 0xA3);
                if ((extns != null) && (extns.Count == 1))
                {
                    extensions = new X509ExtensionCollection(extns [0]);
                }
                else
                {
                    extensions = new X509ExtensionCollection(null);
                }

                // keep a copy of the original data
                m_encodedcert = (byte[])data.Clone();
            }
            catch (Exception ex) {
                throw new CryptographicException(encoding_error, ex);
            }
        }
Beispiel #22
0
        static private void AppendEntry(StringBuilder sb, ASN1 entry, bool quotes)
        {
            // multiple entries are valid
            for (int k = 0; k < entry.Count; k++)
            {
                ASN1 pair = entry [k];
                ASN1 s    = pair [1];
                if (s == null)
                {
                    continue;
                }

                ASN1 poid = pair [0];
                if (poid == null)
                {
                    continue;
                }

                if (poid.CompareValue(countryName))
                {
                    sb.Append("C=");
                }
                else if (poid.CompareValue(organizationName))
                {
                    sb.Append("O=");
                }
                else if (poid.CompareValue(organizationalUnitName))
                {
                    sb.Append("OU=");
                }
                else if (poid.CompareValue(commonName))
                {
                    sb.Append("CN=");
                }
                else if (poid.CompareValue(localityName))
                {
                    sb.Append("L=");
                }
                else if (poid.CompareValue(stateOrProvinceName))
                {
                    sb.Append("S=");                            // NOTE: RFC2253 uses ST=
                }
                else if (poid.CompareValue(streetAddress))
                {
                    sb.Append("STREET=");
                }
                else if (poid.CompareValue(domainComponent))
                {
                    sb.Append("DC=");
                }
                else if (poid.CompareValue(userid))
                {
                    sb.Append("UID=");
                }
                else if (poid.CompareValue(email))
                {
                    sb.Append("E=");                            // NOTE: Not part of RFC2253
                }
                else if (poid.CompareValue(dnQualifier))
                {
                    sb.Append("dnQualifier=");
                }
                else if (poid.CompareValue(title))
                {
                    sb.Append("T=");
                }
                else if (poid.CompareValue(surname))
                {
                    sb.Append("SN=");
                }
                else if (poid.CompareValue(givenName))
                {
                    sb.Append("G=");
                }
                else if (poid.CompareValue(initial))
                {
                    sb.Append("I=");
                }
                else
                {
                    // unknown OID
                    sb.Append("OID.");                          // NOTE: Not present as RFC2253
                    sb.Append(ASN1Convert.ToOid(poid));
                    sb.Append("=");
                }

                string sValue = null;
                // 16bits or 8bits string ? TODO not complete (+special chars!)
                if (s.Tag == 0x1E)
                {
                    // BMPSTRING
                    StringBuilder sb2 = new StringBuilder();
                    for (int j = 1; j < s.Value.Length; j += 2)
                    {
                        sb2.Append((char)s.Value[j]);
                    }
                    sValue = sb2.ToString();
                }
                else
                {
                    if (s.Tag == 0x14)
                    {
                        sValue = Encoding.UTF7.GetString(s.Value);
                    }
                    else
                    {
                        sValue = Encoding.UTF8.GetString(s.Value);
                    }
                    // in some cases we must quote (") the value
                    // Note: this doesn't seems to conform to RFC2253
                    char[] specials = { ',', '+', '"', '\\', '<', '>', ';' };
                    if (quotes)
                    {
                        if ((sValue.IndexOfAny(specials, 0, sValue.Length) > 0) ||
                            sValue.StartsWith(" ") || (sValue.EndsWith(" ")))
                        {
                            sValue = "\"" + sValue + "\"";
                        }
                    }
                }

                sb.Append(sValue);

                // separator (not on last iteration)
                if (k < entry.Count - 1)
                {
                    sb.Append(", ");
                }
            }
        }