Ejemplo n.º 1
0
        private string GetSubjectKeyIdentifier(BCX509Certificate2 certificate)
        {
            //SubjectKeyIdentifier ski = (certificate.Extensions["2.5.29.14"] as SubjectKeyIdentifier);
            SubjectKeyIdentifier ski = SubjectKeyIdentifier.GetInstance(certificate.CertificateStructure.TbsCertificate.Extensions.GetExtension(X509Extensions.SubjectKeyIdentifier));

            return((ski == null) ? String.Empty : Hex.ToHexString(ski.GetKeyIdentifier()));
        }
Ejemplo n.º 2
0
        public override void PerformTest()
        {
            SubjectPublicKeyInfo pubInfo = SubjectPublicKeyInfo.GetInstance(
                Asn1Object.FromByteArray(pubKeyInfo));
            SubjectKeyIdentifier ski = SubjectKeyIdentifier.CreateSha1KeyIdentifier(pubInfo);

            if (!Arrays.AreEqual(shaID, ski.GetKeyIdentifier()))
            {
                Fail("SHA-1 ID does not match");
            }

            ski = SubjectKeyIdentifier.CreateTruncatedSha1KeyIdentifier(pubInfo);

            if (!Arrays.AreEqual(shaTruncID, ski.GetKeyIdentifier()))
            {
                Fail("truncated SHA-1 ID does not match");
            }
        }
Ejemplo n.º 3
0
        /// <summary>
        /// Determines whether [is the same] [the specified keyto test].
        /// </summary>
        /// <param name="KeytoTest">The keyto test.</param>
        /// <returns></returns>
        public bool IsTheSame(SubjectPublicKeyInfo KeytoTest)
        {
            SubjectKeyIdentifier key = SubjectKeyIdentifier.CreateSha1KeyIdentifier(KeytoTest);

            if (keyIdentifier.SequenceEqual(key.GetKeyIdentifier()))
            {
                return(true);
            }
            return(false);
        }
Ejemplo n.º 4
0
        /// <summary>
        /// Create SKID extension from an X509Extension
        /// </summary>
        /// <param name="Extension">X509 extension</param>
        /// <remarks>
        /// The work is done in the base class
        /// </remarks>
        public subjectKeyIdentifier(X509Extension Extension)
            : base(Extension.IsCritical)
        {
            base.oid         = X509Extensions.SubjectKeyIdentifier;
            base.name        = "SubjectKeyIdentifier";
            base.displayName = "Subject Key Identifier";

            SubjectKeyIdentifier skid = SubjectKeyIdentifier.GetInstance(Extension);

            keyIdentifier = skid.GetKeyIdentifier();
        }
Ejemplo n.º 5
0
        /// <inheritdoc />
        public override void InjectReferenceValue(X509Certificate2 value)
        {
            Certificate = value;

            Asn1Object exValue = GetExtensionValue(value);

            if (exValue == null)
            {
                if (IsRequired())
                {
                    throw new PolicyRequiredException("Extention " + ExtentionIdentifier.Display + " is marked as required by is not present.");
                }
                PolicyValue = new PolicyValue <string>(string.Empty);
                return;
            }

            SubjectKeyIdentifier keyId = SubjectKeyIdentifier.GetInstance(exValue);

            PolicyValue = new PolicyValue <string>(PolicyUtils.CreateByteStringRep(keyId.GetKeyIdentifier()));
        }
        private AsymmetricKeyParameter GetSenderPublicKey(AsymmetricKeyParameter receiverPrivateKey, OriginatorIdentifierOrKey originator)
        {
            OriginatorPublicKey originatorPublicKey = originator.OriginatorPublicKey;

            if (originatorPublicKey != null)
            {
                return(this.GetPublicKeyFromOriginatorPublicKey(receiverPrivateKey, originatorPublicKey));
            }
            OriginatorID originatorID = new OriginatorID();

            Org.BouncyCastle.Asn1.Cms.IssuerAndSerialNumber issuerAndSerialNumber = originator.IssuerAndSerialNumber;
            if (issuerAndSerialNumber != null)
            {
                originatorID.Issuer       = issuerAndSerialNumber.Name;
                originatorID.SerialNumber = issuerAndSerialNumber.SerialNumber.Value;
            }
            else
            {
                SubjectKeyIdentifier subjectKeyIdentifier = originator.SubjectKeyIdentifier;
                originatorID.SubjectKeyIdentifier = subjectKeyIdentifier.GetKeyIdentifier();
            }
            return(this.GetPublicKeyFromOriginatorID(originatorID));
        }
        private CertificateUrlTemplateBindModel BuildUrlTemplateBindModel(
            string name,
            string subject,
            string issuer,
            SubjectKeyIdentifier keyId,
            AuthorityKeyIdentifier issuerId,
            BigInteger serialNumber,
            DateTime notBefore,
            DateTime notAfter)
        {
            string idSubject = Hex.ToHexString(new BigInteger(keyId.GetKeyIdentifier()).ToByteArray());
            string idIssuer  = Hex.ToHexString(new BigInteger(issuerId.GetKeyIdentifier()).ToByteArray());

            return(new CertificateUrlTemplateBindModel(
                       name,
                       subject,
                       issuer,
                       idSubject,
                       idIssuer,
                       serialNumber.ToString(),
                       notBefore,
                       notAfter));
        }
        public BCX509CertificateCollection Find(BCX509FindType findType, object findValue, bool validOnly)
        {
            if (findValue == null)
            {
                throw new ArgumentNullException("findValue");
            }

            string str = String.Empty;
            DerObjectIdentifier oid = null;
            string   oidStr         = String.Empty;
            KeyUsage ku             = new KeyUsage(0);
            DateTime dt             = DateTime.MinValue;

            switch (findType)
            {
            case BCX509FindType.FindByThumbprint:
            case BCX509FindType.FindBySubjectName:
            case BCX509FindType.FindBySubjectDistinguishedName:
            case BCX509FindType.FindByIssuerName:
            case BCX509FindType.FindByIssuerDistinguishedName:
            case BCX509FindType.FindBySerialNumber:
            case BCX509FindType.FindByTemplateName:
            case BCX509FindType.FindBySubjectKeyIdentifier:
                try
                {
                    str = (string)findValue;
                }
                catch (Exception e)
                {
                    string msg = String.Format("Invalid find value type '{0}', expected '{1}'.", findValue.GetType(), "string");
                    throw new CryptographicException(msg, e);
                }
                break;

            case BCX509FindType.FindByApplicationPolicy:
            case BCX509FindType.FindByCertificatePolicy:
            case BCX509FindType.FindByExtension:
                try
                {
                    oidStr = (string)findValue;
                }
                catch (Exception e)
                {
                    string msg = String.Format("Invalid find value type '{0}', expected '{1}'.", findValue.GetType(), "X509KeyUsageFlags");
                    throw new CryptographicException(msg, e);
                }
                // OID validation
                try
                {
                    oid = new DerObjectIdentifier(oidStr);
                }
                catch (FormatException)
                {
                    string msg = String.Format("Invalid OID value '{0}'.", oidStr);
                    throw new ArgumentException("findValue", msg);
                }
                break;

            case BCX509FindType.FindByKeyUsage:
                try
                {
                    ku = new KeyUsage((int)findValue);
                }
                catch (Exception e)
                {
                    string msg = String.Format("Invalid find value type '{0}', expected '{1}'.", findValue.GetType(), "X509KeyUsageFlags");
                    throw new CryptographicException(msg, e);
                }
                break;

            case BCX509FindType.FindByTimeValid:
            case BCX509FindType.FindByTimeNotYetValid:
            case BCX509FindType.FindByTimeExpired:
                try
                {
                    dt = (DateTime)findValue;
                }
                catch (Exception e)
                {
                    string msg = String.Format("Invalid find value type '{0}', expected '{1}'.", findValue.GetType(), "X509DateTime");
                    throw new CryptographicException(msg, e);
                }
                break;

            default:
            {
                string msg = String.Format("Invalid find type '{0}'.", findType);
                throw new CryptographicException(msg);
            }
            }

            CultureInfo cinv = CultureInfo.InvariantCulture;
            BCX509CertificateCollection results = new BCX509CertificateCollection();

            foreach (BCX509Certificate2 x in InnerList)
            {
                bool value_match = false;

                switch (findType)
                {
                case BCX509FindType.FindByThumbprint:
                    // works with Thumbprint, GetCertHashString in both normal (upper) and lower case
                    value_match = ((String.Compare(str, Hex.ToHexString(x.GetSignature()), true, cinv) == 0) || (String.Compare(str, DotNetUtilities.ToX509Certificate(x).GetCertHashString(), true, cinv) == 0));
                    break;

                case BCX509FindType.FindBySubjectName:
                {
                    string[] names = x.SubjectDN.ToString().Split(new [] { ',' }, StringSplitOptions.RemoveEmptyEntries);
                    foreach (string name in names)
                    {
                        int pos = name.IndexOf('=');
                        value_match = (name.IndexOf(str, pos, StringComparison.InvariantCultureIgnoreCase) >= 0);
                        if (value_match)
                        {
                            break;
                        }
                    }
                    break;
                }

                case BCX509FindType.FindBySubjectDistinguishedName:
                    value_match = (String.Compare(str, x.SubjectDN.ToString(), true, cinv) == 0);
                    break;

                case BCX509FindType.FindByIssuerName:
                {
                    //string iname = x.GetNameInfo (X509NameType.SimpleName, true);
                    //value_match = (iname.IndexOf (str, StringComparison.InvariantCultureIgnoreCase) >= 0);
                    string[] names = x.IssuerDN.ToString().Split(new [] { ',' }, StringSplitOptions.RemoveEmptyEntries);
                    foreach (string name in names)
                    {
                        int pos = name.IndexOf('=');
                        value_match = (name.IndexOf(str, pos, StringComparison.InvariantCultureIgnoreCase) >= 0);
                        if (value_match)
                        {
                            break;
                        }
                    }
                }
                break;

                case BCX509FindType.FindByIssuerDistinguishedName:
                    value_match = (String.Compare(str, x.IssuerDN.ToString(), true, cinv) == 0);
                    break;

                case BCX509FindType.FindBySerialNumber:
                    value_match = (String.Compare(str, x.SerialNumber.ToString(), true, cinv) == 0);
                    break;

                case BCX509FindType.FindByTemplateName:
                    // TODO - find a valid test case
                    break;

                case BCX509FindType.FindBySubjectKeyIdentifier:
                    SubjectKeyIdentifier ski = SubjectKeyIdentifier.GetInstance(x.CertificateStructure.TbsCertificate.Extensions.GetExtension(X509Extensions.SubjectKeyIdentifier));
                    if (ski != null)
                    {
                        value_match = (String.Compare(str, Hex.ToHexString(ski.GetKeyIdentifier()), true, cinv) == 0);
                    }
                    break;

                case BCX509FindType.FindByApplicationPolicy:
                    // note: include when no extensions are present (even if v3)
                    value_match = (x.GetCriticalExtensionOids().Count == 0 && x.GetNonCriticalExtensionOids().Count == 0);
                    // TODO - find test case with extension
                    break;

                case BCX509FindType.FindByCertificatePolicy:
                    // TODO - find test case with extension
                    break;

                case BCX509FindType.FindByExtension:
                    value_match = (x.GetExtensionValue(oid) != null);
                    break;

                case BCX509FindType.FindByKeyUsage:
                    KeyUsage kue = KeyUsage.GetInstance(x.CertificateStructure.TbsCertificate.Extensions.GetExtension(X509Extensions.KeyUsage));
                    if (kue == null)
                    {
                        // key doesn't have any hard coded limitations
                        // note: MS doesn't check for ExtendedKeyUsage
                        value_match = true;
                    }
                    else
                    {
                        value_match = ((kue.IntValue & ku.IntValue) == ku.IntValue);
                    }
                    break;

                case BCX509FindType.FindByTimeValid:
                    value_match = ((dt >= x.NotBefore) && (dt <= x.NotAfter));
                    break;

                case BCX509FindType.FindByTimeNotYetValid:
                    value_match = (dt < x.NotBefore);
                    break;

                case BCX509FindType.FindByTimeExpired:
                    value_match = (dt > x.NotAfter);
                    break;
                }

                if (!value_match)
                {
                    continue;
                }

                if (validOnly)
                {
                    try
                    {
                        x.Verify(x.GetPublicKey());
                        results.Add(x);
                    }
                    catch
                    {
                    }
                }
                else
                {
                    results.Add(x);
                }
            }
            return(results);
        }