protected override ASN1 ToBeSigned(string oid)
{
// TBSCertificate
ASN1 tbsCert = new ASN1(0x30);
if (version > 1)
{
// TBSCertificate / [0] Version DEFAULT v1,
byte[] ver = { (byte)(version - 1) };
ASN1 v = tbsCert.Add(new ASN1(0xA0));
v.Add(new ASN1(0x02, ver));
}
// TBSCertificate / CertificateSerialNumber,
tbsCert.Add(new ASN1(0x02, sn));
// TBSCertificate / AlgorithmIdentifier,
tbsCert.Add(PKCS7.AlgorithmIdentifier(oid));
// TBSCertificate / Name
tbsCert.Add(X501.FromString(issuer));
// TBSCertificate / Validity
ASN1 validity = tbsCert.Add(new ASN1(0x30));
// TBSCertificate / Validity / Time
validity.Add(ASN1Convert.FromDateTime(notBefore));
// TBSCertificate / Validity / Time
validity.Add(ASN1Convert.FromDateTime(notAfter));
// TBSCertificate / Name
tbsCert.Add(X501.FromString(subject));
// TBSCertificate / SubjectPublicKeyInfo
tbsCert.Add(SubjectPublicKeyInfo());
if (version > 1)
{
// TBSCertificate / [1] IMPLICIT UniqueIdentifier OPTIONAL
if (issuerUniqueID != null)
{
tbsCert.Add(new ASN1(0xA1, UniqueIdentifier(issuerUniqueID)));
}
// TBSCertificate / [2] IMPLICIT UniqueIdentifier OPTIONAL
if (subjectUniqueID != null)
{
tbsCert.Add(new ASN1(0xA1, UniqueIdentifier(subjectUniqueID)));
}
// TBSCertificate / [3] Extensions OPTIONAL
if ((version > 2) && (extensions.Count > 0))
{
tbsCert.Add(new ASN1(0xA3, extensions.GetBytes()));
}
}
return(tbsCert);
}
private byte[] Build(ASN1 tbs, string hashoid, byte[] signature)
{
ASN1 builder = new ASN1(0x30);
builder.Add(tbs);
builder.Add(PKCS7.AlgorithmIdentifier(hashoid));
// first byte of BITSTRING is the number of unused bits in the first byte
byte[] bitstring = new byte [signature.Length + 1];
Buffer.BlockCopy(signature, 0, bitstring, 1, signature.Length);
builder.Add(new ASN1(0x03, bitstring));
return(builder.GetBytes());
}
/* SubjectPublicKeyInfo ::= SEQUENCE {
* algorithm AlgorithmIdentifier,
* subjectPublicKey BIT STRING }
*/
private ASN1 SubjectPublicKeyInfo()
{
ASN1 keyInfo = new ASN1(0x30);
if (aa is RSA)
{
keyInfo.Add(PKCS7.AlgorithmIdentifier("1.2.840.113549.1.1.1"));
RSAParameters p = (aa as RSA).ExportParameters(false);
/* RSAPublicKey ::= SEQUENCE {
* modulus INTEGER, -- n
* publicExponent INTEGER } -- e
*/
ASN1 key = new ASN1(0x30);
key.Add(ASN1Convert.FromUnsignedBigInteger(p.Modulus));
key.Add(ASN1Convert.FromUnsignedBigInteger(p.Exponent));
keyInfo.Add(new ASN1(UniqueIdentifier(key.GetBytes())));
}
else if (aa is DSA)
{
DSAParameters p = (aa as DSA).ExportParameters(false);
/* Dss-Parms ::= SEQUENCE {
* p INTEGER,
* q INTEGER,
* g INTEGER }
*/
ASN1 param = new ASN1(0x30);
param.Add(ASN1Convert.FromUnsignedBigInteger(p.P));
param.Add(ASN1Convert.FromUnsignedBigInteger(p.Q));
param.Add(ASN1Convert.FromUnsignedBigInteger(p.G));
keyInfo.Add(PKCS7.AlgorithmIdentifier("1.2.840.10040.4.1", param));
ASN1 key = keyInfo.Add(new ASN1(0x03));
// DSAPublicKey ::= INTEGER -- public key, y
key.Add(ASN1Convert.FromUnsignedBigInteger(p.Y));
}
else
{
throw new NotSupportedException("Unknown Asymmetric Algorithm " + aa.ToString());
}
return(keyInfo);
}