internal BufferedBerOctetStream(
BerOctetStringGenerator gen,
byte[] buf)
{
_gen = gen;
_buf = buf;
_off = 0;
_derOut = new DerOutputStream(_gen.Out);
}
internal override void Encode(
DerOutputStream derOut)
{
if (derOut is Asn1OutputStream || derOut is BerOutputStream)
{
derOut.WriteTag((byte)(Asn1Tags.Constructed | Asn1Tags.Tagged), tagNo);
derOut.WriteByte(0x80);
if (!IsEmpty())
{
if (!explicitly)
{
IEnumerable eObj;
if (obj is Asn1OctetString)
{
if (obj is BerOctetString)
{
eObj = (BerOctetString) obj;
}
else
{
Asn1OctetString octs = (Asn1OctetString)obj;
eObj = new BerOctetString(octs.GetOctets());
}
}
else if (obj is Asn1Sequence)
{
eObj = (Asn1Sequence) obj;
}
else if (obj is Asn1Set)
{
eObj = (Asn1Set) obj;
}
else
{
throw Platform.CreateNotImplementedException(obj.GetType().Name);
}
foreach (Asn1Encodable o in eObj)
{
derOut.WriteObject(o);
}
}
else
{
derOut.WriteObject(obj);
}
}
derOut.WriteByte(0x00);
derOut.WriteByte(0x00);
}
else
{
base.Encode(derOut);
}
}
internal override void Encode(
DerOutputStream derOut)
{
if (derOut is Asn1OutputStream || derOut is BerOutputStream)
{
derOut.WriteByte(Asn1Tags.Null);
}
else
{
base.Encode(derOut);
}
}
public byte[] GetEncoded(
string encoding)
{
if (encoding.Equals(Der))
{
MemoryStream bOut = new MemoryStream();
DerOutputStream dOut = new DerOutputStream(bOut);
dOut.WriteObject(this);
return bOut.ToArray();
}
return GetEncoded();
}
internal override void Encode(
DerOutputStream derOut)
{
lock (this)
{
if (parsed)
{
base.Encode(derOut);
}
else
{
derOut.WriteEncoded(Asn1Tags.Sequence | Asn1Tags.Constructed, encoded);
}
}
}
/*
* A note on the implementation:
* <p>
* As Der requires the constructed, definite-length model to
* be used for structured types, this varies slightly from the
* ASN.1 descriptions given. Rather than just outputing Sequence,
* we also have to specify Constructed, and the objects length.
*/
internal override void Encode(DerOutputStream derOut)
{
// TODO Intermediate buffer could be avoided if we could calculate expected length
using (var bOut = new MemoryStream())
{
using (var dOut = new DerOutputStream(bOut))
{
foreach (Asn1Encodable obj in this)
{
dOut.WriteObject(obj);
}
dOut.Dispose();
byte[] bytes = bOut.ToArray();
derOut.WriteEncoded(Asn1Tags.Sequence | Asn1Tags.Constructed, bytes);
}
}
}
internal override void Encode(
DerOutputStream derOut)
{
derOut.WriteEncoded(isConstructed ? Asn1Tags.Constructed : 0, tag, data);
}
internal override void Encode(
DerOutputStream derOut)
{
char[] c = str.ToCharArray();
byte[] b = new byte[c.Length * 2];
for (int i = 0; i != c.Length; i++)
{
b[2 * i] = (byte)(c[i] >> 8);
b[2 * i + 1] = (byte)c[i];
}
derOut.WriteEncoded(Asn1Tags.BmpString, b);
}
internal override void Encode(
DerOutputStream derOut)
{
derOut.WriteEncoded(Asn1Tags.GeneralString, GetOctets());
}
internal override void Encode(DerOutputStream derOut)
{
var tok = new OidTokenizer(_identifier);
using (var bOut = new MemoryStream())
{
using (var dOut = new DerOutputStream(bOut))
{
string token = tok.NextToken();
int first = int.Parse(token);
token = tok.NextToken();
int second = int.Parse(token);
WriteField(bOut, first*40 + second);
while (tok.HasMoreTokens)
{
token = tok.NextToken();
if (token.Length < 18)
{
WriteField(bOut, Int64.Parse(token));
}
else
{
WriteField(bOut, new BigInteger(token));
}
}
dOut.Dispose();
derOut.WriteEncoded(Asn1Tags.ObjectIdentifier, bOut.ToArray());
}
}
}
internal override void Encode(
DerOutputStream derOut)
{
derOut.WriteEncoded(Asn1Tags.Null, zeroBytes);
}
internal override void Encode(
DerOutputStream derOut)
{
if (derOut is Asn1OutputStream || derOut is BerOutputStream)
{
derOut.WriteByte(Asn1Tags.Constructed | Asn1Tags.OctetString);
derOut.WriteByte(0x80);
//
// write out the octet array
//
foreach (DerOctetString oct in this)
{
derOut.WriteObject(oct);
}
derOut.WriteByte(0x00);
derOut.WriteByte(0x00);
}
else
{
base.Encode(derOut);
}
}
internal override void Encode(
DerOutputStream derOut)
{
// TODO Should we make sure the byte value is one of '0' or '0xff' here?
derOut.WriteEncoded(Asn1Tags.Boolean, new byte[]{ value });
}
internal override void Encode(
DerOutputStream derOut)
{
derOut.WriteEncoded(Asn1Tags.Integer, bytes);
}
internal override void Encode(
DerOutputStream derOut)
{
derOut.WriteEncoded(Asn1Tags.UtcTime, GetOctets());
}
internal override void Encode(
DerOutputStream derOut)
{
derOut.WriteEncoded(Asn1Tags.Utf8String, Encoding.UTF8.GetBytes(str));
}
internal abstract void Encode(DerOutputStream derOut);
internal override void Encode(DerOutputStream derOut)
{
MemoryStream ms = new MemoryStream();
WriteEncodable(ms, directReference);
WriteEncodable(ms, indirectReference);
WriteEncodable(ms, dataValueDescriptor);
WriteEncodable(ms, new DerTaggedObject(Asn1Tags.External, externalContent));
derOut.WriteEncoded(Asn1Tags.Constructed, Asn1Tags.External, ms.ToArray());
}
internal override void Encode(
DerOutputStream derOut)
{
byte[] bytes = new byte[GetBytes().Length + 1];
bytes[0] = (byte) PadBits;
Array.Copy(GetBytes(), 0, bytes, 1, bytes.Length - 1);
derOut.WriteEncoded(Asn1Tags.BitString, bytes);
}
internal override void Encode(
DerOutputStream derOut)
{
derOut.WriteEncoded(Asn1Tags.UniversalString, this.str);
}
public void Save(Stream stream, char[] password, SecureRandom random)
{
if (stream == null)
{
throw new ArgumentNullException("stream");
}
if (password == null)
{
throw new ArgumentNullException("password");
}
if (random == null)
{
throw new ArgumentNullException("random");
}
//
// handle the key
//
var keyS = new Asn1EncodableVector();
foreach (string name in _keys.Keys)
{
var kSalt = new byte[SaltSize];
random.NextBytes(kSalt);
var privKey = (AsymmetricKeyEntry) _keys[name];
EncryptedPrivateKeyInfo kInfo = EncryptedPrivateKeyInfoFactory.CreateEncryptedPrivateKeyInfo(_keyAlgorithm, password, kSalt, MinIterations, privKey.Key);
var kName = new Asn1EncodableVector();
foreach (string oid in privKey.BagAttributeKeys)
{
Asn1Encodable entry = privKey[oid];
// NB: Ignore any existing FriendlyName
if (oid.Equals(PkcsObjectIdentifiers.Pkcs9AtFriendlyName.Id))
{
continue;
}
kName.Add(new DerSequence(new DerObjectIdentifier(oid), new DerSet(entry)));
}
//
// make sure we are using the local alias on store
//
// NB: We always set the FriendlyName based on 'name'
//if (privKey[PkcsObjectIdentifiers.Pkcs9AtFriendlyName] == null)
{
kName.Add(new DerSequence(PkcsObjectIdentifiers.Pkcs9AtFriendlyName, new DerSet(new DerBmpString(name))));
}
//
// make sure we have a local key-id
//
if (privKey[PkcsObjectIdentifiers.Pkcs9AtLocalKeyID] == null)
{
X509CertificateEntry ct = GetCertificate(name);
AsymmetricKeyParameter pubKey = ct.Certificate.GetPublicKey();
SubjectKeyIdentifier subjectKeyID = CreateSubjectKeyID(pubKey);
kName.Add(new DerSequence(PkcsObjectIdentifiers.Pkcs9AtLocalKeyID, new DerSet(subjectKeyID)));
}
var kBag = new SafeBag(PkcsObjectIdentifiers.Pkcs8ShroudedKeyBag, kInfo.ToAsn1Object(), new DerSet(kName));
keyS.Add(kBag);
}
byte[] derEncodedBytes = new DerSequence(keyS).GetDerEncoded();
var keyString = new BerOctetString(derEncodedBytes);
//
// certificate processing
//
var cSalt = new byte[SaltSize];
random.NextBytes(cSalt);
var certSeq = new Asn1EncodableVector();
var cParams = new Pkcs12PbeParams(cSalt, MinIterations);
var cAlgId = new AlgorithmIdentifier(_certAlgorithm, cParams.ToAsn1Object());
ISet doneCerts = new HashSet();
foreach (string name in _keys.Keys)
{
X509CertificateEntry certEntry = GetCertificate(name);
var cBag = new CertBag(PkcsObjectIdentifiers.X509Certificate, new DerOctetString(certEntry.Certificate.GetEncoded()));
var fName = new Asn1EncodableVector();
foreach (string oid in certEntry.BagAttributeKeys)
{
Asn1Encodable entry = certEntry[oid];
// NB: Ignore any existing FriendlyName
if (oid.Equals(PkcsObjectIdentifiers.Pkcs9AtFriendlyName.Id))
{
continue;
}
fName.Add(new DerSequence(new DerObjectIdentifier(oid), new DerSet(entry)));
}
//
// make sure we are using the local alias on store
//
// NB: We always set the FriendlyName based on 'name'
//if (certEntry[PkcsObjectIdentifiers.Pkcs9AtFriendlyName] == null)
{
fName.Add(new DerSequence(PkcsObjectIdentifiers.Pkcs9AtFriendlyName, new DerSet(new DerBmpString(name))));
}
//
// make sure we have a local key-id
//
if (certEntry[PkcsObjectIdentifiers.Pkcs9AtLocalKeyID] == null)
{
AsymmetricKeyParameter pubKey = certEntry.Certificate.GetPublicKey();
SubjectKeyIdentifier subjectKeyID = CreateSubjectKeyID(pubKey);
fName.Add(new DerSequence(PkcsObjectIdentifiers.Pkcs9AtLocalKeyID, new DerSet(subjectKeyID)));
}
var sBag = new SafeBag(PkcsObjectIdentifiers.CertBag, cBag.ToAsn1Object(), new DerSet(fName));
certSeq.Add(sBag);
doneCerts.Add(certEntry.Certificate);
}
foreach (string certId in _certs.Keys)
{
var cert = (X509CertificateEntry) _certs[certId];
if (_keys[certId] != null)
{
continue;
}
var cBag = new CertBag(PkcsObjectIdentifiers.X509Certificate, new DerOctetString(cert.Certificate.GetEncoded()));
var fName = new Asn1EncodableVector();
foreach (string oid in cert.BagAttributeKeys)
{
// a certificate not immediately linked to a key doesn't require
// a localKeyID and will confuse some PKCS12 implementations.
//
// If we find one, we'll prune it out.
if (oid.Equals(PkcsObjectIdentifiers.Pkcs9AtLocalKeyID.Id))
{
continue;
}
Asn1Encodable entry = cert[oid];
// NB: Ignore any existing FriendlyName
if (oid.Equals(PkcsObjectIdentifiers.Pkcs9AtFriendlyName.Id))
{
continue;
}
fName.Add(new DerSequence(new DerObjectIdentifier(oid), new DerSet(entry)));
}
//
// make sure we are using the local alias on store
//
// NB: We always set the FriendlyName based on 'certId'
//if (cert[PkcsObjectIdentifiers.Pkcs9AtFriendlyName] == null)
{
fName.Add(new DerSequence(PkcsObjectIdentifiers.Pkcs9AtFriendlyName, new DerSet(new DerBmpString(certId))));
}
var sBag = new SafeBag(PkcsObjectIdentifiers.CertBag, cBag.ToAsn1Object(), new DerSet(fName));
certSeq.Add(sBag);
doneCerts.Add(cert.Certificate);
}
foreach (CertId certId in _chainCerts.Keys)
{
var cert = (X509CertificateEntry) _chainCerts[certId];
if (doneCerts.Contains(cert.Certificate))
{
continue;
}
var cBag = new CertBag(PkcsObjectIdentifiers.X509Certificate, new DerOctetString(cert.Certificate.GetEncoded()));
var fName = new Asn1EncodableVector();
foreach (string oid in cert.BagAttributeKeys)
{
// a certificate not immediately linked to a key doesn't require
// a localKeyID and will confuse some PKCS12 implementations.
//
// If we find one, we'll prune it out.
if (oid.Equals(PkcsObjectIdentifiers.Pkcs9AtLocalKeyID.Id))
{
continue;
}
fName.Add(new DerSequence(new DerObjectIdentifier(oid), new DerSet(cert[oid])));
}
var sBag = new SafeBag(PkcsObjectIdentifiers.CertBag, cBag.ToAsn1Object(), new DerSet(fName));
certSeq.Add(sBag);
}
derEncodedBytes = new DerSequence(certSeq).GetDerEncoded();
byte[] certBytes = CryptPbeData(true, cAlgId, password, false, derEncodedBytes);
var cInfo = new EncryptedData(PkcsObjectIdentifiers.Data, cAlgId, new BerOctetString(certBytes));
ContentInfo[] info = {new ContentInfo(PkcsObjectIdentifiers.Data, keyString), new ContentInfo(PkcsObjectIdentifiers.EncryptedData, cInfo.ToAsn1Object())};
byte[] data = new AuthenticatedSafe(info).GetEncoded(_useDerEncoding ? Asn1Encodable.Der : Asn1Encodable.Ber);
var mainInfo = new ContentInfo(PkcsObjectIdentifiers.Data, new BerOctetString(data));
//
// create the mac
//
var mSalt = new byte[20];
random.NextBytes(mSalt);
byte[] mac = CalculatePbeMac(OiwObjectIdentifiers.IdSha1, mSalt, MinIterations, password, false, data);
var algId = new AlgorithmIdentifier(OiwObjectIdentifiers.IdSha1, DerNull.Instance);
var dInfo = new DigestInfo(algId, mac);
var mData = new MacData(dInfo, mSalt, MinIterations);
//
// output the Pfx
//
var pfx = new Pfx(mainInfo, mData);
DerOutputStream derOut;
if (_useDerEncoding)
{
derOut = new DerOutputStream(stream);
}
else
{
derOut = new BerOutputStream(stream);
}
derOut.WriteObject(pfx);
}
internal override void Encode(
DerOutputStream derOut)
{
derOut.WriteEncoded(Asn1Tags.Enumerated, bytes);
}
internal override void Encode(
DerOutputStream derOut)
{
derOut.WriteEncoded(Asn1Tags.UtcTime, GetOctets());
}
internal override void Encode(
DerOutputStream derOut)
{
int classBits = Asn1Tags.Application;
if (isConstructed)
{
classBits |= Asn1Tags.Constructed;
}
derOut.WriteEncoded(classBits, tag, octets);
}