/// <summary>
/// Initializes a new instance of the <strong>X509CertificateTrustList</strong> class using the path to a CTL file.
/// </summary>
/// <param name="path">The path to a CTL file (*.stl).</param>
/// <exception cref="ArgumentNullException">
/// <strong>path</strong> parameter is null or empty.
/// </exception>
public X509CertificateTrustList(String path)
{
if (String.IsNullOrEmpty(path))
{
throw new ArgumentNullException(nameof(path));
}
decode(Crypt32Managed.CryptFileToBinary(path));
}
/// <param name="path">Specifies the path to a file that contains either binary or Base64-encoded PKCS#7 message.</param>
/// <exception cref="ArgumentException"><strong>path</strong> parameter is null or empty string.</exception>
/// <exception cref="ArgumentNullException">Specified file does not exist.</exception>
public PKCS7SignedMessage(String path)
{
if (String.IsNullOrEmpty(path))
{
throw new ArgumentNullException(nameof(path));
}
if (!File.Exists(path))
{
throw new ArgumentException("The system cannot find the file specified.");
}
m_initialize(Crypt32Managed.CryptFileToBinary(path));
}
void m_initialize(Asn1Reader response)
{
response.MoveNext();
CertId = new CertID(Asn1Utils.Encode(response.GetPayload(), 48));
response.MoveNextCurrentLevel();
switch (response.Tag)
{
case 128:
CertStatus = CertificateStatus.Good;
response.MoveNextCurrentLevel();
break;
case 161:
CertStatus = CertificateStatus.Revoked;
response.MoveNext();
DateTime revokedWhen = Asn1Utils.DecodeGeneralizedTime(response.GetTagRawData());
response.MoveNext();
Int16 reason = 0;
if (response.Tag == 160)
{
response.MoveNext();
reason = response.GetPayload()[0];
response.MoveNext();
}
RevocationInfo = new X509CRLEntry(CertId.SerialNumber, revokedWhen, reason);
break;
case 130:
CertStatus = CertificateStatus.Unknown;
response.MoveNextCurrentLevel();
break;
}
//response.MoveNextCurrentLevel();
ThisUpdate = Asn1Utils.DecodeGeneralizedTime(response.GetTagRawData());
while (response.MoveNextCurrentLevel())
{
switch (response.Tag)
{
case 160:
Asn1Reader asn = new Asn1Reader(response.GetPayload());
NextUpdate = Asn1Utils.DecodeGeneralizedTime(asn.GetTagRawData());
break;
case 161:
Extensions = Crypt32Managed.DecodeX509Extensions(response.GetPayload());
break;
}
}
}
/// <summary>
/// Encodes OCSPSingleRequest object to a ASN.1-encoded byte aray.
/// </summary>
/// <returns>ASN.1-encoded byte array.</returns>
public Byte[] Encode()
{
if (String.IsNullOrEmpty(CertId.SerialNumber))
{
throw new UninitializedObjectException();
}
List <Byte> rawData = new List <Byte>();
rawData.AddRange(CertId.Encode());
if (Extensions.Count > 0)
{
Byte[] contentspecific0 = Crypt32Managed.EncodeX509Extensions(Extensions);
rawData.AddRange(Asn1Utils.Encode(contentspecific0, 160));
}
return(Asn1Utils.Encode(rawData.ToArray(), 48)); // Request
}
List <Byte> buildTbsRequest(X500DistinguishedName requester)
{
List <Byte> tbsRequest = new List <Byte>();
if (requester != null)
{
X509AlternativeName requesterName = new X509AlternativeName(X509AlternativeNamesEnum.DirectoryName, requester);
tbsRequest.AddRange(Asn1Utils.Encode(requesterName.RawData, 0xa1));
}
tbsRequest.AddRange(RequestList.Encode());
if (Nonce)
{
_listExtensions.Add(new X509NonceExtension());
Byte[] extensionsbytes = Asn1Utils.Encode(Crypt32Managed.EncodeX509Extensions(Extensions), 162);
tbsRequest.AddRange(extensionsbytes);
NonceValue = _listExtensions[_listExtensions.Count - 1].Format(false).Trim();
}
return(Asn1Utils.Encode(tbsRequest.ToArray(), 48).ToList());
}
/// <summary>
/// Encodes revocation entry to a ASN.1-encoded byte array.
/// </summary>
/// <returns>ASN.1-encoded byte array</returns>
public Byte[] Encode()
{
if (String.IsNullOrEmpty(SerialNumber))
{
throw new UninitializedObjectException();
}
List <Byte> rawData = new List <Byte>(AsnFormatter.StringToBinary(SerialNumber, EncodingType.HexAny));
rawData = new List <Byte>(Asn1Utils.Encode(rawData.ToArray(), (Byte)Asn1Type.INTEGER));
rawData.AddRange(Asn1Utils.EncodeDateTime(RevocationDate));
if (ReasonCode != 0)
{
Byte[] reasonEnum = new Byte[] { 10, 1, (Byte)ReasonCode };
X509ExtensionCollection exts = new X509ExtensionCollection();
X509Extension CRlReasonCode = new X509Extension("2.5.29.21", reasonEnum, false);
exts.Add(CRlReasonCode);
rawData.AddRange(Crypt32Managed.EncodeX509Extensions(exts));
}
return(Asn1Utils.Encode(rawData.ToArray(), 48));
}
void m_initialize(Byte[] rawData)
{
Asn1Reader asn = new Asn1Reader(rawData);
if (asn.Tag != 48)
{
throw new InvalidDataException();
}
asn.MoveNext();
if (asn.Tag != (Byte)Asn1Type.INTEGER)
{
throw new InvalidDataException();
}
SerialNumber = Asn1Utils.DecodeInteger(asn.GetTagRawData(), true);
asn.MoveNext();
if (asn.Tag != (Byte)Asn1Type.UTCTime && asn.Tag != (Byte)Asn1Type.Generalizedtime)
{
throw new InvalidDataException();
}
if (asn.Tag == (Byte)Asn1Type.UTCTime)
{
RevocationDate = Asn1Utils.DecodeUTCTime(asn.GetTagRawData());
}
if (asn.Tag == (Byte)Asn1Type.Generalizedtime)
{
RevocationDate = Asn1Utils.DecodeGeneralizedTime(asn.GetTagRawData());
}
if (asn.MoveNext())
{
foreach (X509Extension item in Crypt32Managed.DecodeX509Extensions(asn.GetTagRawData()).Cast <X509Extension>().Where(item => item.Oid.Value == "2.5.29.21"))
{
ReasonCode = item.RawData[2];
}
}
RawData = rawData;
}
public void Import(String path)
{
Reset();
m_import(Crypt32Managed.CryptFileToBinary(path));
}
/// <summary>
/// Initializes a new instance of the <see cref="X509CRL2"/> class using the path to a CRL file.
/// </summary>
/// <param name="path">The path to a CRL file.</param>
public X509CRL2(String path)
{
m_import(Crypt32Managed.CryptFileToBinary(path));
}
/// <summary>
/// Initializes a new instance of the <see cref="X509CTL"/> class using the path to a CTL file.
/// </summary>
/// <param name="path">The path to a CRL file.</param>
public X509CTL(String path)
{
m_import(Crypt32Managed.CryptFileToBinary(path));
_isGeneric = true;
}
void getBinaryData(String path)
{
RawData = Crypt32Managed.CryptFileToBinary(path);
}
/// <summary>
/// Gets the certificate request format in the specified file. This method allows to determine whether the
/// certificate request is encoded in a PKCS#10 (native) or PKCS#7 (enveloped) format.
/// </summary>
/// <param name="path">Specifies the path to a file.</param>
/// <returns>The type of the certificate request in the file.</returns>
public static X509CertificateRequestType GetRequestFormat(String path)
{
return(getRequestFormat(Crypt32Managed.CryptFileToBinary(path)));
}
/// <summary>
/// Initializes a new instance of the <see cref="X509CRL2"/> class using the path to a CRL file.
/// </summary>
/// <param name="path">The path to a CRL file.</param>
public X509CRL2(String path)
{
_rawData = Crypt32Managed.CryptFileToBinary(path);
m_decode();
}
void getExtensions(Byte[] bytes)
{
exts = Crypt32Managed.DecodeX509Extensions(bytes);
}
void decodeTbsResponse(Asn1Reader tbsResponseData)
{
tbsResponseData.MoveNext();
if (tbsResponseData.Tag == 160)
{
//Asn1Reader aversion = new Asn1Reader(tbsResponseData.RawData, tbsResponseData.PayloadStartOffset);
Asn1Reader aversion = new Asn1Reader(tbsResponseData);
aversion.MoveNext();
Version = aversion.GetPayload()[0] + 1;
tbsResponseData.MoveNextCurrentLevel();
}
else
{
Version = 1;
}
//responderID
switch (tbsResponseData.Tag)
{
case 161:
ResponderNameId = new X500DistinguishedName(tbsResponseData.GetPayload());
tbsResponseData.MoveNextCurrentLevel();
break;
case 162:
tbsResponseData.MoveNext();
StringBuilder SB = new StringBuilder();
foreach (Byte element in tbsResponseData.GetPayload())
{
SB.Append(element.ToString("X2"));
}
ResponderKeyId = SB.ToString();
tbsResponseData.MoveNext();
break;
default:
throw new Exception("Invalid tag at responderID. Expected 161 (byName) or 162 (byKey).");
}
//tbsResponseData.MoveNextCurrentLevel();
ProducedAt = Asn1Utils.DecodeGeneralizedTime(tbsResponseData.GetTagRawData());
if (DateTime.Now < ProducedAt.AddMinutes(-10))
{
ResponseErrorInformation += (Int32)OCSPResponseComplianceError.ResponseNotTimeValid;
}
//responses
tbsResponseData.MoveNext();
//single response
Asn1Reader responses = new Asn1Reader(tbsResponseData.GetTagRawData());
responses.MoveNext();
Int32 Offset;
Responses = new OCSPSingleResponseCollection();
do
{
Asn1Reader response = new Asn1Reader(responses);
Offset = response.NextCurrentLevelOffset;
Responses.Add(new OCSPSingleResponse(response));
if (Request != null)
{
foreach (OCSPSingleResponse item in Responses)
{
Boolean certidmatch = false;
foreach (OCSPSingleRequest reqitem in Request.RequestList.Cast <OCSPSingleRequest>().Where(reqitem => reqitem.CertId.Equals(item.CertId)))
{
certidmatch = true;
}
if (!certidmatch)
{
ResponseErrorInformation += (Int32)OCSPResponseComplianceError.CertIdMismatch;
}
}
}
} while (Offset != 0);
if (tbsResponseData.NextCurrentLevelOffset != 0)
{
tbsResponseData.MoveNextCurrentLevel();
if (tbsResponseData.Tag == 161)
{
X509ExtensionCollection exts = Crypt32Managed.DecodeX509Extensions(tbsResponseData.GetPayload());
foreach (X509Extension item in exts)
{
_listExtensions.Add(CryptographyUtils.ConvertExtension(item));
if (_listExtensions[_listExtensions.Count - 1].Oid.Value == "1.3.6.1.5.5.7.48.1.2")
{
NonceReceived = true;
NonceValue = _listExtensions[_listExtensions.Count - 1].Format(false);
}
}
}
else
{
throw new Exception("Unexpected tag at responseExtensions. Expected 161.");
}
}
}
