public RespID(
X509Name name)
{
try
{
this.id = new ResponderID(name);
}
catch (Exception e)
{
throw new ArgumentException("can't decode name.", e);
}
}
public OcspIdentifier(
ResponderID ocspResponderID,
DateTime producedAt)
{
if (ocspResponderID == null)
{
throw new ArgumentNullException();
}
this.ocspResponderID = ocspResponderID;
this.producedAt = new DerGeneralizedTime(producedAt);
}
/// <summary>
/// Returns the XML representation of the this object
/// </summary>
/// <returns>XML element containing the state of this object</returns>
public XmlElement GetXml()
{
XmlDocument creationXmlDocument;
XmlElement retVal;
XmlElement bufferXmlElement;
creationXmlDocument = new XmlDocument();
retVal = creationXmlDocument.CreateElement(XadesSignedXml.XmlXadesPrefix, "OCSPIdentifier", XadesSignedXml.XadesNamespaceUri);
retVal.SetAttribute("xmlns:ds", SignedXml.XmlDsigNamespaceUrl);
if (!string.IsNullOrEmpty(uriAttribute))
{
retVal.SetAttribute("URI", this.uriAttribute);
}
if (!String.IsNullOrEmpty(this.responderID))
{
bufferXmlElement = creationXmlDocument.CreateElement(XadesSignedXml.XmlXadesPrefix, "ResponderID", XadesSignedXml.XadesNamespaceUri);
bufferXmlElement.SetAttribute("xmlns:ds", SignedXml.XmlDsigNamespaceUrl);
XmlElement bufferXmlElement2 = null;
if (!ByKey && ResponderID.Contains(","))
{
bufferXmlElement2 = creationXmlDocument.CreateElement(XadesSignedXml.XmlXadesPrefix, "ByName", XadesSignedXml.XadesNamespaceUri);
}
else
{
bufferXmlElement2 = creationXmlDocument.CreateElement(XadesSignedXml.XmlXadesPrefix, "ByKey", XadesSignedXml.XadesNamespaceUri);
}
bufferXmlElement2.SetAttribute("xmlns:ds", SignedXml.XmlDsigNamespaceUrl);
bufferXmlElement2.InnerText = this.ResponderID;
bufferXmlElement.AppendChild(bufferXmlElement2);
retVal.AppendChild(bufferXmlElement);
}
if (this.producedAt != DateTime.MinValue)
{
bufferXmlElement = creationXmlDocument.CreateElement(XadesSignedXml.XmlXadesPrefix, "ProducedAt", XadesSignedXml.XadesNamespaceUri);
DateTime truncatedDateTime = this.producedAt.AddTicks(-(this.producedAt.Ticks % TimeSpan.TicksPerSecond));
bufferXmlElement.InnerText = XmlConvert.ToString(truncatedDateTime, XmlDateTimeSerializationMode.Local);
bufferXmlElement.SetAttribute("xmlns:ds", SignedXml.XmlDsigNamespaceUrl);
retVal.AppendChild(bufferXmlElement);
}
return(retVal);
}
public RespID(AsymmetricKeyParameter publicKey)
{
try
{
SubjectPublicKeyInfo subjectPublicKeyInfo = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(publicKey);
byte[] str = DigestUtilities.CalculateDigest("SHA1", subjectPublicKeyInfo.PublicKeyData.GetBytes());
id = new ResponderID(new DerOctetString(str));
}
catch (global::System.Exception ex)
{
throw new OcspException(string.Concat((object)"problem creating ID: ", (object)ex), ex);
}
}
private OcspIdentifier(Asn1Sequence seq)
{
if (seq == null)
{
throw new ArgumentNullException("seq");
}
if (seq.Count != 2)
{
throw new ArgumentException("Bad sequence size: " + seq.Count, "seq");
}
this.ocspResponderID = ResponderID.GetInstance(seq[0].ToAsn1Object());
this.producedAt = (DerGeneralizedTime)seq[1].ToAsn1Object();
}
public RespID(AsymmetricKeyParameter publicKey)
{
try
{
SubjectPublicKeyInfo subjectPublicKeyInfo = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(publicKey);
byte[] str = DigestUtilities.CalculateDigest("SHA1", subjectPublicKeyInfo.PublicKeyData.GetBytes());
this.id = new ResponderID(new DerOctetString(str));
}
catch (Exception ex)
{
throw new OcspException("problem creating ID: " + ex, ex);
}
}
private OcspIdentifier(Asn1Sequence seq)
{
//IL_000e: Unknown result type (might be due to invalid IL or missing references)
//IL_0037: Unknown result type (might be due to invalid IL or missing references)
if (seq == null)
{
throw new ArgumentNullException("seq");
}
if (seq.Count != 2)
{
throw new ArgumentException(string.Concat((object)"Bad sequence size: ", (object)seq.Count), "seq");
}
ocspResponderID = ResponderID.GetInstance(seq[0].ToAsn1Object());
producedAt = (DerGeneralizedTime)seq[1].ToAsn1Object();
}
/// <summary>
/// Create using an public Asymmetric Key.
/// </summary>
/// <param name="key">A public Asymmetric key.</param>
public RespID(AsymmetricKeyParameter key)
{
SubjectPublicKeyInfo info = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(key);
byte[] b = info.getEncoded();
SHA1Digest sha1 = new SHA1Digest();
sha1.update(b, 0, b.Length);
b = new byte[sha1.getDigestSize()];
sha1.doFinal(b, 0);
ASN1OctetString keyHash = new DEROctetString(b);
this.id = new ResponderID(keyHash);
}
private string GetResponderName(ResponderID responderId, ref bool byKey)
{
DerTaggedObject derTaggedObject = (DerTaggedObject)responderId.ToAsn1Object();
if (derTaggedObject.TagNo != 1)
{
if (derTaggedObject.TagNo != 2)
{
return(null);
}
Asn1TaggedObject asn1TaggedObject = (Asn1TaggedObject)responderId.ToAsn1Object();
Asn1OctetString asn1OctetString = (Asn1OctetString)asn1TaggedObject.GetObject();
byKey = true;
return(Convert.ToBase64String(asn1OctetString.GetOctets()));
}
X509Name instance = X509Name.GetInstance(derTaggedObject.GetObject());
byKey = false;
return(instance.ToString());
}
private void IncorporateOCSPRefs(CompleteRevocationRefs completeRevocationRefs
, ValidationContext ctx)
{
if (!ctx.GetNeededOCSPResp().IsEmpty())
{
var ocsp = ctx.GetNeededOCSPResp()[0];
//TODO jbonill Digest parameter?
byte[] ocspDigest = DigestUtilities.CalculateDigest("SHA-1", ocsp.GetEncoded());
MSXades.OCSPRef incOCSPRef = new MSXades.OCSPRef();
//TODO jbonilla Digest parameter?
incOCSPRef.CertDigest.DigestMethod.Algorithm = SignedXml.XmlDsigSHA1Url;
incOCSPRef.CertDigest.DigestValue = ocspDigest;
//TODO jbonilla
//incOCSPRef.OCSPIdentifier.UriAttribute = "";
incOCSPRef.OCSPIdentifier.ProducedAt = ocsp.ProducedAt;
string responderIdText = "";
RespID respId = ocsp.ResponderId;
ResponderID ocspResponderId = respId.ToAsn1Object();
DerTaggedObject derTaggedObject = (DerTaggedObject)ocspResponderId.ToAsn1Object();
if (2 == derTaggedObject.TagNo)
{
responderIdText = Convert.ToBase64String(ocspResponderId.GetKeyHash());
}
else
{
responderIdText = ocspResponderId.Name.ToString();
}
incOCSPRef.OCSPIdentifier.ResponderID = responderIdText;
completeRevocationRefs.OCSPRefs.OCSPRefCollection.Add(incOCSPRef);
}
}
public RespID(
AsymmetricKeyParameter publicKey)
{
try
{
IDigest digest = DigestUtilities.GetDigest("SHA1");
SubjectPublicKeyInfo info = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(publicKey);
byte[] encoded = info.PublicKeyData.GetBytes();
digest.BlockUpdate(encoded, 0, encoded.Length);
byte[] hash = DigestUtilities.DoFinal(digest);
Asn1OctetString keyHash = new DerOctetString(hash);
this.id = new ResponderID(keyHash);
}
catch (Exception e)
{
throw new OcspException("problem creating ID: " + e, e);
}
}
private string GetResponderName(ResponderID responderId, ref bool byKey)
{
DerTaggedObject dt = (DerTaggedObject)responderId.ToAsn1Object();
if (dt.TagNo == 1)
{
byKey = false;
return(new X500DistinguishedName(dt.GetObject().GetEncoded()).Name);
}
else if (dt.TagNo == 2)
{
Asn1TaggedObject tagger = (Asn1TaggedObject)responderId.ToAsn1Object();
Asn1OctetString pubInfo = (Asn1OctetString)tagger.GetObject();
byKey = true;
return(Convert.ToBase64String(pubInfo.GetOctets()));
}
else
{
return(null);
}
}
public static OcspStatusRequest Parse(Stream input)
{
IList responderIDList = Platform.CreateArrayList();
int length = TlsUtilities.ReadUint16(input);
if (length > 0)
{
MemoryStream stream = new MemoryStream(TlsUtilities.ReadFully(length, input), false);
do
{
ResponderID instance = ResponderID.GetInstance(TlsUtilities.ReadDerObject(TlsUtilities.ReadOpaque16(stream)));
responderIDList.Add(instance);
}while (stream.Position < stream.Length);
}
X509Extensions requestExtensions = null;
int num2 = TlsUtilities.ReadUint16(input);
if (num2 > 0)
{
requestExtensions = X509Extensions.GetInstance(TlsUtilities.ReadDerObject(TlsUtilities.ReadFully(num2, input)));
}
return(new OcspStatusRequest(responderIDList, requestExtensions));
}
private string GetResponderName(ResponderID responderId, ref bool byKey)
{
Org.BouncyCastle.Asn1.DerTaggedObject dt = (Org.BouncyCastle.Asn1.DerTaggedObject)responderId.ToAsn1Object();
if (dt.TagNo == 1)
{
Org.BouncyCastle.Asn1.X509.X509Name name = Org.BouncyCastle.Asn1.X509.X509Name.GetInstance(dt.GetObject());
byKey = false;
return(name.ToString());
}
else if (dt.TagNo == 2)
{
Asn1TaggedObject tagger = (Asn1TaggedObject)responderId.ToAsn1Object();
Asn1OctetString pubInfo = (Asn1OctetString)tagger.GetObject();
byKey = true;
return(Convert.ToBase64String(pubInfo.GetOctets()));
}
else
{
return(null);
}
}
private X509Certificate2[] ValidateCertificateByOCSP(UnsignedProperties unsignedProperties, X509Certificate2 client, X509Certificate2 issuer,
IEnumerable <OcspServer> ocspServers, FirmaXadesNet.Crypto.DigestMethod digestMethod, bool addCertificateOcspUrl)
{
bool byKey = false;
List <OcspServer> finalOcspServers = new List <OcspServer>();
Org.BouncyCastle.X509.X509Certificate clientCert = client.ToBouncyX509Certificate();
Org.BouncyCastle.X509.X509Certificate issuerCert = issuer.ToBouncyX509Certificate();
OcspClient ocsp = new OcspClient();
if (addCertificateOcspUrl)
{
string certOcspUrl = ocsp.GetAuthorityInformationAccessOcspUrl(issuerCert);
if (!string.IsNullOrEmpty(certOcspUrl))
{
finalOcspServers.Add(new OcspServer(certOcspUrl));
}
}
foreach (var ocspServer in ocspServers)
{
finalOcspServers.Add(ocspServer);
}
foreach (var ocspServer in finalOcspServers)
{
byte[] resp = ocsp.QueryBinary(clientCert, issuerCert, ocspServer.Url, ocspServer.RequestorName,
ocspServer.SignCertificate);
FirmaXadesNet.Clients.CertificateStatus status = ocsp.ProcessOcspResponse(resp);
if (status == FirmaXadesNet.Clients.CertificateStatus.Revoked)
{
throw new Exception("Certificado revocado");
}
else if (status == FirmaXadesNet.Clients.CertificateStatus.Good)
{
Org.BouncyCastle.Ocsp.OcspResp r = new OcspResp(resp);
byte[] rEncoded = r.GetEncoded();
BasicOcspResp or = (BasicOcspResp)r.GetResponseObject();
string guidOcsp = Guid.NewGuid().ToString();
OCSPRef ocspRef = new OCSPRef();
ocspRef.OCSPIdentifier.UriAttribute = "#OcspValue" + guidOcsp;
DigestUtil.SetCertDigest(rEncoded, digestMethod, ocspRef.CertDigest);
ResponderID rpId = or.ResponderId.ToAsn1Object();
ocspRef.OCSPIdentifier.ResponderID = GetResponderName(rpId, ref byKey);
ocspRef.OCSPIdentifier.ByKey = byKey;
ocspRef.OCSPIdentifier.ProducedAt = or.ProducedAt.ToLocalTime();
unsignedProperties.UnsignedSignatureProperties.CompleteRevocationRefs.OCSPRefs.OCSPRefCollection.Add(ocspRef);
OCSPValue ocspValue = new OCSPValue();
ocspValue.PkiData = rEncoded;
ocspValue.Id = "OcspValue" + guidOcsp;
unsignedProperties.UnsignedSignatureProperties.RevocationValues.OCSPValues.OCSPValueCollection.Add(ocspValue);
return((from cert in or.GetCerts()
select new X509Certificate2(cert.GetEncoded())).ToArray());
}
}
throw new Exception("El certificado no ha podido ser validado");
}
public RespID(
X509Name name)
{
this.id = new ResponderID(name);
}
public RespID(
ResponderID id)
{
this.id = id;
}
