Beispiel #1
0
        protected override ASN1 ToBeSigned(string oid)
        {
            // TBSCertificate
            ASN1 tbsCert = new ASN1(0x30);

            if (version > 1)
            {
                // TBSCertificate / [0] Version DEFAULT v1,
                byte[] ver = { (byte)(version - 1) };
                ASN1   v   = tbsCert.Add(new ASN1(0xA0));
                v.Add(new ASN1(0x02, ver));
            }

            // TBSCertificate / CertificateSerialNumber,
            tbsCert.Add(new ASN1(0x02, sn));

            // TBSCertificate / AlgorithmIdentifier,
            tbsCert.Add(PKCS7.AlgorithmIdentifier(oid));

            // TBSCertificate / Name
            tbsCert.Add(X501.FromString(issuer));

            // TBSCertificate / Validity
            ASN1 validity = tbsCert.Add(new ASN1(0x30));

            // TBSCertificate / Validity / Time
            validity.Add(ASN1Convert.FromDateTime(notBefore));
            // TBSCertificate / Validity / Time
            validity.Add(ASN1Convert.FromDateTime(notAfter));

            // TBSCertificate / Name
            tbsCert.Add(X501.FromString(subject));

            // TBSCertificate / SubjectPublicKeyInfo
            tbsCert.Add(SubjectPublicKeyInfo());

            if (version > 1)
            {
                // TBSCertificate / [1]  IMPLICIT UniqueIdentifier OPTIONAL
                if (issuerUniqueID != null)
                {
                    tbsCert.Add(new ASN1(0xA1, UniqueIdentifier(issuerUniqueID)));
                }

                // TBSCertificate / [2]  IMPLICIT UniqueIdentifier OPTIONAL
                if (subjectUniqueID != null)
                {
                    tbsCert.Add(new ASN1(0xA1, UniqueIdentifier(subjectUniqueID)));
                }

                // TBSCertificate / [3]  Extensions OPTIONAL
                if ((version > 2) && (extensions.Count > 0))
                {
                    tbsCert.Add(new ASN1(0xA3, extensions.GetBytes()));
                }
            }

            return(tbsCert);
        }
Beispiel #2
0
        private byte[] Build(ASN1 tbs, string hashoid, byte[] signature)
        {
            ASN1 builder = new ASN1(0x30);

            builder.Add(tbs);
            builder.Add(PKCS7.AlgorithmIdentifier(hashoid));
            // first byte of BITSTRING is the number of unused bits in the first byte
            byte[] bitstring = new byte [signature.Length + 1];
            Buffer.BlockCopy(signature, 0, bitstring, 1, signature.Length);
            builder.Add(new ASN1(0x03, bitstring));
            return(builder.GetBytes());
        }
Beispiel #3
0
        /* SubjectPublicKeyInfo  ::=  SEQUENCE  {
         *      algorithm            AlgorithmIdentifier,
         *      subjectPublicKey     BIT STRING  }
         */
        private ASN1 SubjectPublicKeyInfo()
        {
            ASN1 keyInfo = new ASN1(0x30);

            if (aa is RSA)
            {
                keyInfo.Add(PKCS7.AlgorithmIdentifier("1.2.840.113549.1.1.1"));
                RSAParameters p = (aa as RSA).ExportParameters(false);

                /* RSAPublicKey ::= SEQUENCE {
                 *       modulus            INTEGER,    -- n
                 *       publicExponent     INTEGER  }  -- e
                 */
                ASN1 key = new ASN1(0x30);
                key.Add(ASN1Convert.FromUnsignedBigInteger(p.Modulus));
                key.Add(ASN1Convert.FromUnsignedBigInteger(p.Exponent));
                keyInfo.Add(new ASN1(UniqueIdentifier(key.GetBytes())));
            }
            else if (aa is DSA)
            {
                DSAParameters p = (aa as DSA).ExportParameters(false);

                /* Dss-Parms  ::=  SEQUENCE  {
                 *       p             INTEGER,
                 *       q             INTEGER,
                 *       g             INTEGER  }
                 */
                ASN1 param = new ASN1(0x30);
                param.Add(ASN1Convert.FromUnsignedBigInteger(p.P));
                param.Add(ASN1Convert.FromUnsignedBigInteger(p.Q));
                param.Add(ASN1Convert.FromUnsignedBigInteger(p.G));
                keyInfo.Add(PKCS7.AlgorithmIdentifier("1.2.840.10040.4.1", param));
                ASN1 key = keyInfo.Add(new ASN1(0x03));
                // DSAPublicKey ::= INTEGER  -- public key, y
                key.Add(ASN1Convert.FromUnsignedBigInteger(p.Y));
            }
            else
            {
                throw new NotSupportedException("Unknown Asymmetric Algorithm " + aa.ToString());
            }
            return(keyInfo);
        }