/** Creates a new PopoSigningKeyInput with sender name as authInfo. */
public PopoSigningKeyInput(
GeneralName sender,
SubjectPublicKeyInfo spki)
{
this.sender = sender;
this.publicKey = spki;
}
public PkiHeaderBuilder(
int pvno,
GeneralName sender,
GeneralName recipient)
: this(new DerInteger(pvno), sender, recipient)
{
}
public SemanticsInformation(
DerObjectIdentifier semanticsIdentifier,
GeneralName[] generalNames)
{
this.semanticsIdentifier = semanticsIdentifier;
this.nameRegistrationAuthorities = generalNames;
}
private static Asn1Sequence FromCertificate(
X509Certificate certificate)
{
try
{
GeneralName genName = new GeneralName(
PrincipalUtilities.GetIssuerX509Principal(certificate));
if (certificate.Version == 3)
{
Asn1OctetString ext = certificate.GetExtensionValue(X509Extensions.SubjectKeyIdentifier);
if (ext != null)
{
Asn1OctetString str = (Asn1OctetString) X509ExtensionUtilities.FromExtensionValue(ext);
return (Asn1Sequence) new AuthorityKeyIdentifier(
str.GetOctets(), new GeneralNames(genName), certificate.SerialNumber).ToAsn1Object();
}
}
SubjectPublicKeyInfo info = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(
certificate.GetPublicKey());
return (Asn1Sequence) new AuthorityKeyIdentifier(
info, new GeneralNames(genName), certificate.SerialNumber).ToAsn1Object();
}
catch (Exception e)
{
throw new CertificateParsingException("Exception extracting certificate details", e);
}
}
/**
* create an AccessDescription with the oid and location provided.
*/
public AccessDescription(
DerObjectIdentifier oid,
GeneralName location)
{
accessMethod = oid;
accessLocation = location;
}
private AccessDescription(
Asn1Sequence seq)
{
if (seq.Count != 2)
throw new ArgumentException("wrong number of elements in sequence");
accessMethod = DerObjectIdentifier.GetInstance(seq[0]);
accessLocation = GeneralName.GetInstance(seq[1]);
}
private SinglePubInfo(Asn1Sequence seq)
{
pubMethod = DerInteger.GetInstance(seq[0]);
if (seq.Count == 2)
{
pubLocation = GeneralName.GetInstance(seq[1]);
}
}
private PkiHeaderBuilder(
DerInteger pvno,
GeneralName sender,
GeneralName recipient)
{
this.pvno = pvno;
this.sender = sender;
this.recipient = recipient;
}
public TbsRequest(
GeneralName requestorName,
Asn1Sequence requestList,
X509Extensions requestExtensions)
{
this.version = V1;
this.requestorName = requestorName;
this.requestList = requestList;
this.requestExtensions = requestExtensions;
}
/**
* Set the requestor name to the passed in X509Principal
*
* @param requestorName a X509Principal representing the requestor name.
*/
public void SetRequestorName(
X509Name requestorName)
{
try
{
this.requestorName = new GeneralName(GeneralName.DirectoryName, requestorName);
}
catch (Exception e)
{
throw new ArgumentException("cannot encode principal", e);
}
}
/**
* Constructor from Asn1TaggedObject.
*
* @param tagObj The tagged object.
* @throws ArgumentException if the encoding is wrong.
*/
private Target(
Asn1TaggedObject tagObj)
{
switch ((Choice) tagObj.TagNo)
{
case Choice.Name: // GeneralName is already a choice so explicit
targetName = GeneralName.GetInstance(tagObj, true);
break;
case Choice.Group:
targetGroup = GeneralName.GetInstance(tagObj, true);
break;
default:
throw new ArgumentException("unknown tag: " + tagObj.TagNo);
}
}
/**
* Constructor.
* @param roleAuthority the role authority of this RoleSyntax.
* @param roleName the role name of this RoleSyntax.
*/
public RoleSyntax(
GeneralNames roleAuthority,
GeneralName roleName)
{
if (roleName == null
|| roleName.TagNo != GeneralName.UniformResourceIdentifier
|| ((IAsn1String) roleName.Name).GetString().Equals(""))
{
throw new ArgumentException("the role name MUST be non empty and MUST " +
"use the URI option of GeneralName");
}
this.roleAuthority = roleAuthority;
this.roleName = roleName;
}
/**
* Constructor.
* @param roleAuthority the role authority of this RoleSyntax.
* @param roleName the role name of this RoleSyntax.
*/
public RoleSyntax(
GeneralNames roleAuthority,
GeneralName roleName)
{
if (roleName == null ||
roleName.TagNo != GeneralName.UniformResourceIdentifier ||
((IAsn1String)roleName.Name).GetString().Equals(""))
{
throw new ArgumentException("the role name MUST be non empty and MUST " +
"use the URI option of GeneralName");
}
this.roleAuthority = roleAuthority;
this.roleName = roleName;
}
/**
* Constructor from a given details.
*
* According RFC 3280, the minimum and maximum fields are not used with any
* name forms, thus minimum MUST be zero, and maximum MUST be absent.
* <p>
* If minimum is <code>null</code>, zero is assumed, if
* maximum is <code>null</code>, maximum is absent.</p>
*
* @param baseName
* A restriction.
* @param minimum
* Minimum
*
* @param maximum
* Maximum
*/
public GeneralSubtree(
GeneralName baseName,
BigInteger minimum,
BigInteger maximum)
{
this.baseName = baseName;
if (minimum != null)
{
this.minimum = new DerInteger(minimum);
}
if (maximum != null)
{
this.maximum = new DerInteger(maximum);
}
}
private GeneralSubtree(
Asn1Sequence seq)
{
baseName = GeneralName.GetInstance(seq[0]);
switch (seq.Count)
{
case 1:
break;
case 2:
{
Asn1TaggedObject o = Asn1TaggedObject.GetInstance(seq[1]);
switch (o.TagNo)
{
case 0:
minimum = DerInteger.GetInstance(o, false);
break;
case 1:
maximum = DerInteger.GetInstance(o, false);
break;
default:
throw new ArgumentException("Bad tag number: " + o.TagNo);
}
break;
}
case 3:
{
{
Asn1TaggedObject oMin = Asn1TaggedObject.GetInstance(seq[1]);
if (oMin.TagNo != 0)
throw new ArgumentException("Bad tag number for 'minimum': " + oMin.TagNo);
minimum = DerInteger.GetInstance(oMin, false);
}
{
Asn1TaggedObject oMax = Asn1TaggedObject.GetInstance(seq[2]);
if (oMax.TagNo != 1)
throw new ArgumentException("Bad tag number for 'maximum': " + oMax.TagNo);
maximum = DerInteger.GetInstance(oMax, false);
}
break;
}
default:
throw new ArgumentException("Bad sequence size: " + seq.Count);
}
}
/**
* Constructor from Asn1TaggedObject.
*
* @param tagObj The tagged object.
* @throws ArgumentException if the encoding is wrong.
*/
private Target(
Asn1TaggedObject tagObj)
{
switch ((Choice)tagObj.TagNo)
{
case Choice.Name: // GeneralName is already a choice so explicit
targetName = GeneralName.GetInstance(tagObj, true);
break;
case Choice.Group:
targetGroup = GeneralName.GetInstance(tagObj, true);
break;
default:
throw new ArgumentException("unknown tag: " + tagObj.TagNo);
}
}
/**
* Constructor from Asn1Sequence.
* <p/>
* The sequence is of type ProcurationSyntax:
* <p/>
* <pre>
* Admissions ::= SEQUENCE
* {
* admissionAuthority [0] EXPLICIT GeneralName OPTIONAL
* namingAuthority [1] EXPLICIT NamingAuthority OPTIONAL
* professionInfos SEQUENCE OF ProfessionInfo
* }
* </pre>
*
* @param seq The ASN.1 sequence.
*/
private Admissions(
Asn1Sequence seq)
{
if (seq.Count > 3)
throw new ArgumentException("Bad sequence size: " + seq.Count);
IEnumerator e = seq.GetEnumerator();
e.MoveNext();
Asn1Encodable o = (Asn1Encodable) e.Current;
if (o is Asn1TaggedObject)
{
switch (((Asn1TaggedObject)o).TagNo)
{
case 0:
admissionAuthority = GeneralName.GetInstance((Asn1TaggedObject)o, true);
break;
case 1:
namingAuthority = NamingAuthority.GetInstance((Asn1TaggedObject)o, true);
break;
default:
throw new ArgumentException("Bad tag number: " + ((Asn1TaggedObject)o).TagNo);
}
e.MoveNext();
o = (Asn1Encodable) e.Current;
}
if (o is Asn1TaggedObject)
{
switch (((Asn1TaggedObject)o).TagNo)
{
case 1:
namingAuthority = NamingAuthority.GetInstance((Asn1TaggedObject)o, true);
break;
default:
throw new ArgumentException("Bad tag number: " + ((Asn1TaggedObject)o).TagNo);
}
e.MoveNext();
o = (Asn1Encodable) e.Current;
}
professionInfos = Asn1Sequence.GetInstance(o);
if (e.MoveNext())
{
throw new ArgumentException("Bad object encountered: " + e.Current.GetType().Name);
}
}
private PkiHeader(Asn1Sequence seq)
{
pvno = DerInteger.GetInstance(seq[0]);
sender = GeneralName.GetInstance(seq[1]);
recipient = GeneralName.GetInstance(seq[2]);
for (int pos = 3; pos < seq.Count; ++pos)
{
Asn1TaggedObject tObj = (Asn1TaggedObject)seq[pos];
switch (tObj.TagNo)
{
case 0:
messageTime = DerGeneralizedTime.GetInstance(tObj, true);
break;
case 1:
protectionAlg = AlgorithmIdentifier.GetInstance(tObj, true);
break;
case 2:
senderKID = Asn1OctetString.GetInstance(tObj, true);
break;
case 3:
recipKID = Asn1OctetString.GetInstance(tObj, true);
break;
case 4:
transactionID = Asn1OctetString.GetInstance(tObj, true);
break;
case 5:
senderNonce = Asn1OctetString.GetInstance(tObj, true);
break;
case 6:
recipNonce = Asn1OctetString.GetInstance(tObj, true);
break;
case 7:
freeText = PkiFreeText.GetInstance(tObj, true);
break;
case 8:
generalInfo = Asn1Sequence.GetInstance(tObj, true);
break;
default:
throw new ArgumentException("unknown tag number: " + tObj.TagNo, "seq");
}
}
}
private PopoSigningKeyInput(Asn1Sequence seq)
{
Asn1Encodable authInfo = (Asn1Encodable)seq[0];
if (authInfo is Asn1TaggedObject)
{
Asn1TaggedObject tagObj = (Asn1TaggedObject)authInfo;
if (tagObj.TagNo != 0)
{
throw new ArgumentException("Unknown authInfo tag: " + tagObj.TagNo, "seq");
}
sender = GeneralName.GetInstance(tagObj.GetObject());
}
else
{
publicKeyMac = PKMacValue.GetInstance(authInfo);
}
publicKey = SubjectPublicKeyInfo.GetInstance(seq[1]);
}
private TbsRequest(
Asn1Sequence seq)
{
int index = 0;
Asn1Encodable enc = seq[0];
if (enc is Asn1TaggedObject)
{
Asn1TaggedObject o = (Asn1TaggedObject) enc;
if (o.TagNo == 0)
{
versionSet = true;
version = DerInteger.GetInstance(o, true);
index++;
}
else
{
version = V1;
}
}
else
{
version = V1;
}
if (seq[index] is Asn1TaggedObject)
{
requestorName = GeneralName.GetInstance((Asn1TaggedObject) seq[index++], true);
}
requestList = (Asn1Sequence) seq[index++];
if (seq.Count == (index + 1))
{
requestExtensions = X509Extensions.GetInstance((Asn1TaggedObject) seq[index], true);
}
}
public GeneralSubtree(
GeneralName baseName)
: this(baseName, null, null)
{
}
/// <summary>Construct a GeneralNames object containing one GeneralName.</summary>
/// <param name="name">The name to be contained.</param>
public GeneralNames(
GeneralName name)
{
names = new GeneralName[] { name };
}
public void SetRequestorName(
GeneralName requestorName)
{
this.requestorName = requestorName;
}
private TstInfo(
Asn1Sequence seq)
{
IEnumerator e = seq.GetEnumerator();
// version
e.MoveNext();
version = DerInteger.GetInstance(e.Current);
// tsaPolicy
e.MoveNext();
tsaPolicyId = DerObjectIdentifier.GetInstance(e.Current);
// messageImprint
e.MoveNext();
messageImprint = MessageImprint.GetInstance(e.Current);
// serialNumber
e.MoveNext();
serialNumber = DerInteger.GetInstance(e.Current);
// genTime
e.MoveNext();
genTime = DerGeneralizedTime.GetInstance(e.Current);
// default for ordering
ordering = DerBoolean.False;
while (e.MoveNext())
{
Asn1Object o = (Asn1Object) e.Current;
if (o is Asn1TaggedObject)
{
DerTaggedObject tagged = (DerTaggedObject) o;
switch (tagged.TagNo)
{
case 0:
tsa = GeneralName.GetInstance(tagged, true);
break;
case 1:
extensions = X509Extensions.GetInstance(tagged, false);
break;
default:
throw new ArgumentException("Unknown tag value " + tagged.TagNo);
}
}
if (o is DerSequence)
{
accuracy = Accuracy.GetInstance(o);
}
if (o is DerBoolean)
{
ordering = DerBoolean.GetInstance(o);
}
if (o is DerInteger)
{
nonce = DerInteger.GetInstance(o);
}
}
}
/**
* Check if the given GeneralName is contained in the excluded ISet.
*
* @param name The GeneralName.
* @throws PkixNameConstraintValidatorException
* If the <code>name</code> is
* excluded.
*/
public void checkExcluded(GeneralName name)
// throws PkixNameConstraintValidatorException
{
switch (name.TagNo)
{
case 1:
CheckExcludedEmail(excludedSubtreesEmail, ExtractNameAsString(name));
break;
case 2:
checkExcludedDNS(excludedSubtreesDNS, DerIA5String.GetInstance(
name.Name).GetString());
break;
case 4:
CheckExcludedDN(Asn1Sequence.GetInstance(name.Name.ToAsn1Object()));
break;
case 6:
checkExcludedURI(excludedSubtreesURI, DerIA5String.GetInstance(
name.Name).GetString());
break;
case 7:
byte[] ip = Asn1OctetString.GetInstance(name.Name).GetOctets();
checkExcludedIP(excludedSubtreesIP, ip);
break;
}
}
/**
* Constructor from given details.
*
* @param admissionAuthority The admission authority.
* @param contentsOfAdmissions The admissions.
*/
public AdmissionSyntax(GeneralName admissionAuthority, Asn1Sequence contentsOfAdmissions)
{
_admissionAuthority = admissionAuthority;
_contentsOfAdmissions = contentsOfAdmissions;
}
/**
* If the complete CRL includes an issuing distribution point (IDP) CRL
* extension check the following:
* <p>
* (i) If the distribution point name is present in the IDP CRL extension
* and the distribution field is present in the DP, then verify that one of
* the names in the IDP matches one of the names in the DP. If the
* distribution point name is present in the IDP CRL extension and the
* distribution field is omitted from the DP, then verify that one of the
* names in the IDP matches one of the names in the cRLIssuer field of the
* DP.
* </p>
* <p>
* (ii) If the onlyContainsUserCerts boolean is asserted in the IDP CRL
* extension, verify that the certificate does not include the basic
* constraints extension with the cA boolean asserted.
* </p>
* <p>
* (iii) If the onlyContainsCACerts boolean is asserted in the IDP CRL
* extension, verify that the certificate includes the basic constraints
* extension with the cA boolean asserted.
* </p>
* <p>
* (iv) Verify that the onlyContainsAttributeCerts boolean is not asserted.
* </p>
*
* @param dp The distribution point.
* @param cert The certificate.
* @param crl The CRL.
* @throws AnnotatedException if one of the conditions is not met or an error occurs.
*/
internal static void ProcessCrlB2(
DistributionPoint dp,
object cert,
X509Crl crl)
{
IssuingDistributionPoint idp = null;
try
{
idp = IssuingDistributionPoint.GetInstance(PkixCertPathValidatorUtilities.GetExtensionValue(crl, X509Extensions.IssuingDistributionPoint));
}
catch (Exception e)
{
throw new Exception("0 Issuing distribution point extension could not be decoded.", e);
}
// (b) (2) (i)
// distribution point name is present
if (idp != null)
{
if (idp.DistributionPoint != null)
{
// make list of names
DistributionPointName dpName = IssuingDistributionPoint.GetInstance(idp).DistributionPoint;
IList names = Platform.CreateArrayList();
if (dpName.PointType == DistributionPointName.FullName)
{
GeneralName[] genNames = GeneralNames.GetInstance(dpName.Name).GetNames();
for (int j = 0; j < genNames.Length; j++)
{
names.Add(genNames[j]);
}
}
if (dpName.PointType == DistributionPointName.NameRelativeToCrlIssuer)
{
Asn1EncodableVector vec = new Asn1EncodableVector();
try
{
IEnumerator e = Asn1Sequence.GetInstance(
Asn1Sequence.FromByteArray(crl.IssuerDN.GetEncoded())).GetEnumerator();
while (e.MoveNext())
{
vec.Add((Asn1Encodable)e.Current);
}
}
catch (IOException e)
{
throw new Exception("Could not read CRL issuer.", e);
}
vec.Add(dpName.Name);
names.Add(new GeneralName(X509Name.GetInstance(new DerSequence(vec))));
}
bool matches = false;
// verify that one of the names in the IDP matches one
// of the names in the DP.
if (dp.DistributionPointName != null)
{
dpName = dp.DistributionPointName;
GeneralName[] genNames = null;
if (dpName.PointType == DistributionPointName.FullName)
{
genNames = GeneralNames.GetInstance(dpName.Name).GetNames();
}
if (dpName.PointType == DistributionPointName.NameRelativeToCrlIssuer)
{
if (dp.CrlIssuer != null)
{
genNames = dp.CrlIssuer.GetNames();
}
else
{
genNames = new GeneralName[1];
try
{
genNames[0] = new GeneralName(
PkixCertPathValidatorUtilities.GetIssuerPrincipal(cert));
}
catch (IOException e)
{
throw new Exception("Could not read certificate issuer.", e);
}
}
for (int j = 0; j < genNames.Length; j++)
{
IEnumerator e = Asn1Sequence.GetInstance(genNames[j].Name.ToAsn1Object()).GetEnumerator();
Asn1EncodableVector vec = new Asn1EncodableVector();
while (e.MoveNext())
{
vec.Add((Asn1Encodable)e.Current);
}
vec.Add(dpName.Name);
genNames[j] = new GeneralName(X509Name.GetInstance(new DerSequence(vec)));
}
}
if (genNames != null)
{
for (int j = 0; j < genNames.Length; j++)
{
if (names.Contains(genNames[j]))
{
matches = true;
break;
}
}
}
if (!matches)
{
throw new Exception(
"No match for certificate CRL issuing distribution point name to cRLIssuer CRL distribution point.");
}
}
// verify that one of the names in
// the IDP matches one of the names in the cRLIssuer field of
// the DP
else
{
if (dp.CrlIssuer == null)
{
throw new Exception("Either the cRLIssuer or the distributionPoint field must "
+ "be contained in DistributionPoint.");
}
GeneralName[] genNames = dp.CrlIssuer.GetNames();
for (int j = 0; j < genNames.Length; j++)
{
if (names.Contains(genNames[j]))
{
matches = true;
break;
}
}
if (!matches)
{
throw new Exception(
"No match for certificate CRL issuing distribution point name to cRLIssuer CRL distribution point.");
}
}
}
BasicConstraints bc = null;
try
{
bc = BasicConstraints.GetInstance(PkixCertPathValidatorUtilities.GetExtensionValue(
(IX509Extension)cert, X509Extensions.BasicConstraints));
}
catch (Exception e)
{
throw new Exception("Basic constraints extension could not be decoded.", e);
}
//if (cert is X509Certificate)
{
// (b) (2) (ii)
if (idp.OnlyContainsUserCerts && ((bc != null) && bc.IsCA()))
{
throw new Exception("CA Cert CRL only contains user certificates.");
}
// (b) (2) (iii)
if (idp.OnlyContainsCACerts && (bc == null || !bc.IsCA()))
{
throw new Exception("End CRL only contains CA certificates.");
}
}
// (b) (2) (iv)
if (idp.OnlyContainsAttributeCerts)
{
throw new Exception("onlyContainsAttributeCerts boolean is asserted.");
}
}
}
internal static void ProcessCertBC(
PkixCertPath certPath,
int index,
PkixNameConstraintValidator nameConstraintValidator)
//throws CertPathValidatorException
{
IList certs = certPath.Certificates;
X509Certificate cert = (X509Certificate)certs[index];
int n = certs.Count;
// i as defined in the algorithm description
int i = n - index;
//
// (b), (c) permitted and excluded subtree checking.
//
if (!(PkixCertPathValidatorUtilities.IsSelfIssued(cert) && (i < n)))
{
X509Name principal = cert.SubjectDN;
Asn1InputStream aIn = new Asn1InputStream(principal.GetEncoded());
Asn1Sequence dns;
try
{
dns = DerSequence.GetInstance(aIn.ReadObject());
}
catch (Exception e)
{
throw new PkixCertPathValidatorException(
"Exception extracting subject name when checking subtrees.", e, certPath, index);
}
try
{
nameConstraintValidator.CheckPermittedDN(dns);
nameConstraintValidator.CheckExcludedDN(dns);
}
catch (PkixNameConstraintValidatorException e)
{
throw new PkixCertPathValidatorException(
"Subtree check for certificate subject failed.", e, certPath, index);
}
GeneralNames altName = null;
try
{
altName = GeneralNames.GetInstance(
PkixCertPathValidatorUtilities.GetExtensionValue(cert, X509Extensions.SubjectAlternativeName));
}
catch (Exception e)
{
throw new PkixCertPathValidatorException(
"Subject alternative name extension could not be decoded.", e, certPath, index);
}
IList emails = X509Name.GetInstance(dns).GetValueList(X509Name.EmailAddress);
foreach (string email in emails)
{
GeneralName emailAsGeneralName = new GeneralName(GeneralName.Rfc822Name, email);
try
{
nameConstraintValidator.checkPermitted(emailAsGeneralName);
nameConstraintValidator.checkExcluded(emailAsGeneralName);
}
catch (PkixNameConstraintValidatorException ex)
{
throw new PkixCertPathValidatorException(
"Subtree check for certificate subject alternative email failed.", ex, certPath, index);
}
}
if (altName != null)
{
GeneralName[] genNames = null;
try
{
genNames = altName.GetNames();
}
catch (Exception e)
{
throw new PkixCertPathValidatorException(
"Subject alternative name contents could not be decoded.", e, certPath, index);
}
foreach (GeneralName genName in genNames)
{
try
{
nameConstraintValidator.checkPermitted(genName);
nameConstraintValidator.checkExcluded(genName);
}
catch (PkixNameConstraintValidatorException e)
{
throw new PkixCertPathValidatorException(
"Subtree check for certificate subject alternative name failed.", e, certPath, index);
}
}
}
}
}
public AuthorityInformationAccess(
DerObjectIdentifier oid,
GeneralName location)
{
this.descriptions = new AccessDescription[] { new AccessDescription(oid, location) };
}
/**
* Constructor from given details.
* <p>
* Exactly one of the parameters must be not <code>null</code>.</p>
*
* @param type the choice type to apply to the name.
* @param name the general name.
* @throws ArgumentException if type is invalid.
*/
public Target(
Choice type,
GeneralName name)
: this(new DerTaggedObject((int)type, name))
{
}
public SemanticsInformation(
GeneralName[] generalNames)
{
this.nameRegistrationAuthorities = generalNames;
}
/**
* Constructor. Invoking this constructor is the same as invoking
* <code>new RoleSyntax(null, roleName)</code>.
* @param roleName the role name of this RoleSyntax.
*/
public RoleSyntax(
GeneralName roleName)
: this(null, roleName)
{
}
/**
* Constructor from Asn1Sequence.
* <p/>
* The sequence is of type ProcurationSyntax:
* <p/>
* <pre>
* AdmissionSyntax ::= SEQUENCE
* {
* admissionAuthority GeneralName OPTIONAL,
* contentsOfAdmissions SEQUENCE OF Admissions
* }
* <p/>
* Admissions ::= SEQUENCE
* {
* admissionAuthority [0] EXPLICIT GeneralName OPTIONAL
* namingAuthority [1] EXPLICIT NamingAuthority OPTIONAL
* professionInfos SEQUENCE OF ProfessionInfo
* }
* <p/>
* NamingAuthority ::= SEQUENCE
* {
* namingAuthorityId OBJECT IDENTIFIER OPTIONAL,
* namingAuthorityUrl IA5String OPTIONAL,
* namingAuthorityText DirectoryString(SIZE(1..128)) OPTIONAL
* }
* <p/>
* ProfessionInfo ::= SEQUENCE
* {
* namingAuthority [0] EXPLICIT NamingAuthority OPTIONAL,
* professionItems SEQUENCE OF DirectoryString (SIZE(1..128)),
* professionOIDs SEQUENCE OF OBJECT IDENTIFIER OPTIONAL,
* registrationNumber PrintableString(SIZE(1..128)) OPTIONAL,
* addProfessionInfo OCTET STRING OPTIONAL
* }
* </pre>
*
* @param seq The ASN.1 sequence.
*/
private AdmissionSyntax(Asn1Sequence seq)
{
switch (seq.Count)
{
case 1:
_contentsOfAdmissions = Asn1Sequence.GetInstance(seq[0]);
break;
case 2:
_admissionAuthority = GeneralName.GetInstance(seq[0]);
_contentsOfAdmissions = Asn1Sequence.GetInstance(seq[1]);
break;
default:
throw new ArgumentException("Bad sequence size: " + seq.Count);
}
}
private CertId(Asn1Sequence seq)
{
issuer = GeneralName.GetInstance(seq[0]);
serialNumber = DerInteger.GetInstance(seq[1]);
}
public void SetTsa(
GeneralName tsa)
{
this.tsa = tsa;
}
private object[] GetNames(
GeneralName[] names)
{
int count = 0;
for (int i = 0; i != names.Length; i++)
{
if (names[i].TagNo == GeneralName.DirectoryName)
{
++count;
}
}
object[] result = new object[count];
int pos = 0;
for (int i = 0; i != names.Length; i++)
{
if (names[i].TagNo == GeneralName.DirectoryName)
{
result[pos++] = X509Name.GetInstance(names[i].Name);
}
}
return result;
}
private String ExtractNameAsString(GeneralName name)
{
return DerIA5String.GetInstance(name.Name).GetString();
}
public TstInfo(
DerObjectIdentifier tsaPolicyId,
MessageImprint messageImprint,
DerInteger serialNumber,
DerGeneralizedTime genTime,
Accuracy accuracy,
DerBoolean ordering,
DerInteger nonce,
GeneralName tsa,
X509Extensions extensions)
{
this.version = new DerInteger(1);
this.tsaPolicyId = tsaPolicyId;
this.messageImprint = messageImprint;
this.serialNumber = serialNumber;
this.genTime = genTime;
this.accuracy = accuracy;
this.ordering = ordering;
this.nonce = nonce;
this.tsa = tsa;
this.extensions = extensions;
}
