internal static void AddAdditionalStoresFromCrlDistributionPoint(
     CrlDistPoint crldp,
     PkixParameters pkixParams)
 {
     if (crldp != null)
     {
         DistributionPoint[] dps = null;
         try
         {
             dps = crldp.GetDistributionPoints();
         }
         catch (Exception e)
         {
             throw new Exception(
                       "Distribution points could not be read.", e);
         }
         for (int i = 0; i < dps.Length; i++)
         {
             DistributionPointName dpn = dps[i].DistributionPointName;
             // look for URIs in fullName
             if (dpn != null)
             {
                 if (dpn.PointType == DistributionPointName.FullName)
                 {
                     GeneralName[] genNames = GeneralNames.GetInstance(
                         dpn.Name).GetNames();
                     // look for an URI
                     for (int j = 0; j < genNames.Length; j++)
                     {
                         if (genNames[j].TagNo == GeneralName.UniformResourceIdentifier)
                         {
                             string location = DerIA5String.GetInstance(
                                 genNames[j].Name).GetString();
                             PkixCertPathValidatorUtilities.AddAdditionalStoreFromLocation(
                                 location, pkixParams);
                         }
                     }
                 }
             }
         }
     }
 }
Example #2
0
        private TimeStampedData(Asn1Sequence seq)
        {
            this.version = DerInteger.GetInstance(seq[0]);

            int index = 1;

            if (seq[index] is DerIA5String)
            {
                this.dataUri = DerIA5String.GetInstance(seq[index++]);
            }
            if (seq[index] is MetaData || seq[index] is Asn1Sequence)
            {
                this.metaData = MetaData.GetInstance(seq[index++]);
            }
            if (seq[index] is Asn1OctetString)
            {
                this.content = Asn1OctetString.GetInstance(seq[index++]);
            }
            this.temporalEvidence = Evidence.GetInstance(seq[index]);
        }
        public static List <string> GetAuthorityInformationAccessOcspUrl(X509Certificate cert)
        {
            List <string> ocspUrls = new List <string>();

            try
            {
                Asn1Object obj = GetExtensionValue(cert, X509Extensions.AuthorityInfoAccess.Id);

                if (obj == null)
                {
                    return(null);
                }

                // For a strange reason I cannot acess the aia.AccessDescription[].
                // Hope it will be fixed in the next version (1.5).
                // AuthorityInformationAccess aia = AuthorityInformationAccess.GetInstance(obj);

                // Switched to manual parse
                Asn1Sequence s        = (Asn1Sequence)obj;
                IEnumerator  elements = s.GetEnumerator();

                while (elements.MoveNext())
                {
                    Asn1Sequence        element = (Asn1Sequence)elements.Current;
                    DerObjectIdentifier oid     = (DerObjectIdentifier)element[0];

                    if (oid.Id.Equals("1.3.6.1.5.5.7.48.1")) // Is Ocsp?
                    {
                        Asn1TaggedObject taggedObject = (Asn1TaggedObject)element[1];
                        GeneralName      gn           = (GeneralName)GeneralName.GetInstance(taggedObject);
                        ocspUrls.Add(((DerIA5String)DerIA5String.GetInstance(gn.Name)).GetString());
                    }
                }
            }
            catch (Exception e)
            {
                throw new Exception("Error parsing AIA.", e);
            }

            return(ocspUrls);
        }
Example #4
0
    private TimeStampedDataParser(Asn1SequenceParser parser)
    {
        this.parser = parser;
        version     = DerInteger.GetInstance(parser.ReadObject());
        Asn1Object asn1Object = parser.ReadObject().ToAsn1Object();

        if (asn1Object is DerIA5String)
        {
            dataUri    = DerIA5String.GetInstance(asn1Object);
            asn1Object = parser.ReadObject().ToAsn1Object();
        }
        if (asn1Object is Asn1SequenceParser)
        {
            metaData   = MetaData.GetInstance(asn1Object.ToAsn1Object());
            asn1Object = parser.ReadObject().ToAsn1Object();
        }
        if (asn1Object is Asn1OctetStringParser)
        {
            content = (Asn1OctetStringParser)asn1Object;
        }
    }
Example #5
0
        // Certificate Revocation Lists

        /**
         * Gets the URL of the Certificate Revocation List for a Certificate
         * @param certificate   the Certificate
         * @return  the String where you can check if the certificate was revoked
         * @throws CertificateParsingException
         * @throws IOException
         */
        public static String GetCRLURL(X509Certificate certificate)
        {
            try {
                Asn1Object obj = GetExtensionValue(certificate, X509Extensions.CrlDistributionPoints.Id);
                if (obj == null)
                {
                    return(null);
                }
                CrlDistPoint        dist  = CrlDistPoint.GetInstance(obj);
                DistributionPoint[] dists = dist.GetDistributionPoints();
                foreach (DistributionPoint p in dists)
                {
                    DistributionPointName distributionPointName = p.DistributionPointName;
                    if (DistributionPointName.FullName != distributionPointName.PointType)
                    {
                        continue;
                    }
                    GeneralNames  generalNames = (GeneralNames)distributionPointName.Name;
                    GeneralName[] names        = generalNames.GetNames();
                    foreach (GeneralName name in names)
                    {
                        if (name.TagNo != GeneralName.UniformResourceIdentifier)
                        {
                            continue;
                        }
                        DerIA5String derStr = DerIA5String.GetInstance((Asn1TaggedObject)name.ToAsn1Object(), false);
                        //return derStr.GetString();
                        //jbonilla - El URL del CRL para el BCE está en la tercera posición y solo se puede acceder desde HTTP.
                        string urlCrl = derStr.GetString();
                        if (urlCrl.ToUpperInvariant().StartsWith("HTTP") && urlCrl.ToUpperInvariant().Contains("CRL"))
                        {
                            return(derStr.GetString());
                        }
                    }
                }
            } catch {
            }
            return(null);
        }
Example #6
0
        public override string ToString()
        {
            StringBuilder stringBuilder = new StringBuilder();

            stringBuilder.Append(this.tag);
            stringBuilder.Append(": ");
            switch (this.tag)
            {
            case 1:
            case 2:
            case 6:
                stringBuilder.Append(DerIA5String.GetInstance(this.obj).GetString());
                goto IL_8C;

            case 4:
                stringBuilder.Append(X509Name.GetInstance(this.obj).ToString());
                goto IL_8C;
            }
            stringBuilder.Append(this.obj.ToString());
IL_8C:
            return(stringBuilder.ToString());
        }
Example #7
0
        /// <summary>Gets the URL of the Certificate Revocation List for a Certificate</summary>
        /// <param name="certificate">the Certificate</param>
        /// <returns>the String where you can check if the certificate was revoked</returns>
        public static String GetCRLURL(X509Certificate certificate)
        {
            Asn1Object obj;

            try {
                obj = GetExtensionValue(certificate, X509Extensions.CrlDistributionPoints.Id);
            }
            catch (System.IO.IOException) {
                obj = (Asn1Object)null;
            }
            if (obj == null)
            {
                return(null);
            }
            CrlDistPoint dist = CrlDistPoint.GetInstance(obj);

            DistributionPoint[] dists = dist.GetDistributionPoints();
            foreach (DistributionPoint p in dists)
            {
                DistributionPointName distributionPointName = p.DistributionPointName;
                if (DistributionPointName.FullName != distributionPointName.PointType)
                {
                    continue;
                }
                GeneralNames  generalNames = (GeneralNames)distributionPointName.Name;
                GeneralName[] names        = generalNames.GetNames();
                foreach (GeneralName name in names)
                {
                    if (name.TagNo != GeneralName.UniformResourceIdentifier)
                    {
                        continue;
                    }
                    DerIA5String derStr = DerIA5String.GetInstance((Asn1TaggedObject)name.ToAsn1Object(), false);
                    return(derStr.GetString());
                }
            }
            return(null);
        }
Example #8
0
    public CrlID(Asn1Sequence seq)
    {
        foreach (Asn1TaggedObject item in seq)
        {
            switch (item.TagNo)
            {
            case 0:
                crlUrl = DerIA5String.GetInstance(item, isExplicit: true);
                break;

            case 1:
                crlNum = DerInteger.GetInstance(item, isExplicit: true);
                break;

            case 2:
                crlTime = DerGeneralizedTime.GetInstance(item, isExplicit: true);
                break;

            default:
                throw new ArgumentException("unknown tag number: " + item.TagNo);
            }
        }
    }
        /// <summary>
        /// Devuelve la URL del servidor OCSP que contenga el certificado
        /// </summary>
        /// <param name="cert"></param>
        /// <returns></returns>
        public string GetAuthorityInformationAccessOcspUrl(X509Certificate cert)
        {
            List <string> ocspUrls = new List <string>();

            try
            {
                Asn1Object obj = GetExtensionValue(cert, X509Extensions.AuthorityInfoAccess.Id);

                if (obj == null)
                {
                    return(null);
                }

                // Switched to manual parse
                Asn1Sequence s        = (Asn1Sequence)obj;
                IEnumerator  elements = s.GetEnumerator();

                while (elements.MoveNext())
                {
                    Asn1Sequence        element = (Asn1Sequence)elements.Current;
                    DerObjectIdentifier oid     = (DerObjectIdentifier)element[0];

                    if (oid.Id.Equals("1.3.6.1.5.5.7.48.1")) // Is Ocsp?
                    {
                        Asn1TaggedObject taggedObject = (Asn1TaggedObject)element[1];
                        GeneralName      gn           = (GeneralName)GeneralName.GetInstance(taggedObject);
                        ocspUrls.Add(((DerIA5String)DerIA5String.GetInstance(gn.Name)).GetString());
                    }
                }
            }
            catch (Exception e)
            {
                return(null);
            }

            return(ocspUrls[0]);
        }
Example #10
0
        public CrlID(Asn1Sequence seq)
        {
            //IL_0078: Unknown result type (might be due to invalid IL or missing references)
            global::System.Collections.IEnumerator enumerator = seq.GetEnumerator();
            try
            {
                while (enumerator.MoveNext())
                {
                    Asn1TaggedObject asn1TaggedObject = (Asn1TaggedObject)enumerator.get_Current();
                    switch (asn1TaggedObject.TagNo)
                    {
                    case 0:
                        crlUrl = DerIA5String.GetInstance(asn1TaggedObject, isExplicit: true);
                        break;

                    case 1:
                        crlNum = DerInteger.GetInstance(asn1TaggedObject, isExplicit: true);
                        break;

                    case 2:
                        crlTime = DerGeneralizedTime.GetInstance(asn1TaggedObject, isExplicit: true);
                        break;

                    default:
                        throw new ArgumentException(string.Concat((object)"unknown tag number: ", (object)asn1TaggedObject.TagNo));
                    }
                }
            }
            finally
            {
                global::System.IDisposable disposable = enumerator as global::System.IDisposable;
                if (disposable != null)
                {
                    disposable.Dispose();
                }
            }
        }
Example #11
0
        public static List <string> GetAuthorityInformationAccessOcspUrl(X509Certificate in_Certificado)
        {
            List <string> ocspUrls = new List <string>();

            try
            {
                Asn1Object obj = ObtenerValorDeExtension(in_Certificado, X509Extensions.AuthorityInfoAccess.Id);

                if (obj == null)
                {
                    return(null);
                }


                Asn1Sequence s         = (Asn1Sequence)obj;
                IEnumerator  elementos = s.GetEnumerator();

                while (elementos.MoveNext())
                {
                    Asn1Sequence        elemento = (Asn1Sequence)elementos.Current;
                    DerObjectIdentifier oid      = (DerObjectIdentifier)elemento[0];

                    if (oid.Id.Equals("1.3.6.1.5.5.7.48.1")) // Ocsp?
                    {
                        Asn1TaggedObject objetoTagged = (Asn1TaggedObject)elemento[1];
                        GeneralName      gn           = (GeneralName)GeneralName.GetInstance(objetoTagged);
                        ocspUrls.Add(((DerIA5String)DerIA5String.GetInstance(gn.Name)).GetString());
                    }
                }
            }
            catch (Exception e)
            {
                throw new Exception("Error en AuthorityInformationAccess.", e);
            }

            return(ocspUrls);
        }
        //Get OCSP URLs from a certificate by checking the extensions, finding the OCSP extension and extracting its URLs.
        public static List <string> GetAuthorityInformationAccessOcspUrl(X509Certificate cert)
        {
            List <string> ocspUrls = new List <string>();

            try
            {
                Asn1Object obj = GetExtensionValue(cert, X509Extensions.AuthorityInfoAccess.Id);

                if (obj == null)
                {
                    return(null);
                }

                Asn1Sequence s        = (Asn1Sequence)obj;
                IEnumerator  elements = s.GetEnumerator();

                while (elements.MoveNext())
                {
                    Asn1Sequence        element = (Asn1Sequence)elements.Current;
                    DerObjectIdentifier oid     = (DerObjectIdentifier)element[0];

                    if (oid.Id.Equals(OCSP_OID)) // Is OID == OCSP?
                    {
                        Asn1TaggedObject taggedObject = (Asn1TaggedObject)element[1];
                        GeneralName      gn           = (GeneralName)GeneralName.GetInstance(taggedObject);
                        ocspUrls.Add(((DerIA5String)DerIA5String.GetInstance(gn.Name)).GetString());
                    }
                }
            }
            catch (Exception e)
            {
                throw new OCSPExpection("Error parsing AIA.", e);
            }

            return(ocspUrls);
        }
        private TimeStampedDataParser(Asn1SequenceParser parser)
        {
            this.parser = parser;

            Asn1Object obj = parser.ReadObject().ToAsn1Object();

            if (obj is DerIA5String)
            {
                this.dataUri = DerIA5String.GetInstance(obj);
                obj          = parser.ReadObject().ToAsn1Object();
            }

            if (//obj is MetaData ||
                obj is Asn1SequenceParser)
            {
                this.metaData = MetaData.GetInstance(obj.ToAsn1Object());
                obj           = parser.ReadObject().ToAsn1Object();
            }

            if (obj is Asn1OctetStringParser)
            {
                this.content = (Asn1OctetStringParser)obj;
            }
        }
Example #14
0
        public override string ToString()
        {
            StringBuilder builder = new StringBuilder();

            builder.Append(this.tag);
            builder.Append(": ");
            switch (this.tag)
            {
            case 1:
            case 2:
            case 6:
                builder.Append(DerIA5String.GetInstance(this.obj).GetString());
                break;

            case 4:
                builder.Append(X509Name.GetInstance(this.obj).ToString());
                break;

            default:
                builder.Append(this.obj.ToString());
                break;
            }
            return(builder.ToString());
        }
Example #15
0
        /**
         * Constructor from Asn1Sequence.
         * <p/>
         * <p/>
         * <pre>
         *             NamingAuthority ::= SEQUENCE
         *             {
         *               namingAuthorityID OBJECT IDENTIFIER OPTIONAL,
         *               namingAuthorityUrl IA5String OPTIONAL,
         *               namingAuthorityText DirectoryString(SIZE(1..128)) OPTIONAL
         *             }
         * </pre>
         *
         * @param seq The ASN.1 sequence.
         */
        private NamingAuthority(
            Asn1Sequence seq)
        {
            if (seq.Count > 3)
            {
                throw new ArgumentException("Bad sequence size: " + seq.Count);
            }

            IEnumerator e = seq.GetEnumerator();

            if (e.MoveNext())
            {
                Asn1Encodable o = (Asn1Encodable)e.Current;
                if (o is DerObjectIdentifier)
                {
                    namingAuthorityID = (DerObjectIdentifier)o;
                }
                else if (o is DerIA5String)
                {
                    namingAuthorityUrl = DerIA5String.GetInstance(o).GetString();
                }
                else if (o is IAsn1String)
                {
                    namingAuthorityText = DirectoryString.GetInstance(o);
                }
                else
                {
                    throw new ArgumentException("Bad object encountered: " + Platform.GetTypeName(o));
                }
            }

            if (e.MoveNext())
            {
                Asn1Encodable o = (Asn1Encodable)e.Current;
                if (o is DerIA5String)
                {
                    namingAuthorityUrl = DerIA5String.GetInstance(o).GetString();
                }
                else if (o is IAsn1String)
                {
                    namingAuthorityText = DirectoryString.GetInstance(o);
                }
                else
                {
                    throw new ArgumentException("Bad object encountered: " + Platform.GetTypeName(o));
                }
            }

            if (e.MoveNext())
            {
                Asn1Encodable o = (Asn1Encodable)e.Current;
                if (o is IAsn1String)
                {
                    namingAuthorityText = DirectoryString.GetInstance(o);
                }
                else
                {
                    throw new ArgumentException("Bad object encountered: " + Platform.GetTypeName(o));
                }
            }
        }
Example #16
0
        /// <summary>
        /// Extract AIA URL. It can be AIA OCSP or AIA Issuer
        /// </summary>
        /// <param name="taggedObject"></param>
        /// <returns></returns>
        string ExtractAIAUrl(Asn1TaggedObject taggedObject)
        {
            var gn = (GeneralName)GeneralName.GetInstance(taggedObject);

            return(((DerIA5String)DerIA5String.GetInstance(gn.Name)).GetString());
        }
Example #17
0
        /// <summary>Gives back the CRL URI meta-data found within the given X509 certificate.
        ///     </summary>
        /// <remarks>Gives back the CRL URI meta-data found within the given X509 certificate.
        ///     </remarks>
        /// <param name="certificate">the X509 certificate.</param>
        /// <returns>the CRL URI, or <code>null</code> if the extension is not present.</returns>
        /// <exception cref="System.UriFormatException">System.UriFormatException</exception>
        public virtual string GetCrlUri(X509Certificate certificate)
        {
            //byte[] crlDistributionPointsValue = certificate.GetExtensionValue(X509Extensions.
            //    CrlDistributionPoints);
            Asn1OctetString crlDistributionPointsValue = certificate.GetExtensionValue(X509Extensions.
                                                                                       CrlDistributionPoints);

            if (null == crlDistributionPointsValue)
            {
                return(null);
            }
            Asn1Sequence seq;

            try
            {
                DerOctetString oct;
                //oct = (DEROctetString)(new ASN1InputStream(new ByteArrayInputStream(crlDistributionPointsValue
                //    )).ReadObject());
                oct = (DerOctetString)crlDistributionPointsValue;
                seq = (Asn1Sequence) new Asn1InputStream(oct.GetOctets()).ReadObject();
            }
            catch (IOException e)
            {
                throw new RuntimeException("IO error: " + e.Message, e);
            }
            CrlDistPoint distPoint = CrlDistPoint.GetInstance(seq);

            DistributionPoint[] distributionPoints = distPoint.GetDistributionPoints();
            foreach (DistributionPoint distributionPoint in distributionPoints)
            {
                DistributionPointName distributionPointName = distributionPoint.DistributionPointName;
                if (DistributionPointName.FullName != distributionPointName.PointType)
                {
                    continue;
                }
                GeneralNames  generalNames = (GeneralNames)distributionPointName.Name;
                GeneralName[] names        = generalNames.GetNames();
                foreach (GeneralName name in names)
                {
                    if (name.TagNo != GeneralName.UniformResourceIdentifier)
                    {
                        LOG.Info("not a uniform resource identifier");
                        continue;
                    }
                    string str = null;
                    if (name.ToAsn1Object() is DerTaggedObject)
                    {
                        DerTaggedObject taggedObject = (DerTaggedObject)name.ToAsn1Object();
                        DerIA5String    derStr       = DerIA5String.GetInstance(taggedObject.GetObject());
                        str = derStr.GetString();
                    }
                    else
                    {
                        DerIA5String derStr = DerIA5String.GetInstance(name.ToAsn1Object());
                        str = derStr.GetString();
                    }
                    if (str != null && (str.StartsWith("http://") || str.StartsWith("https://")) &&
                        str.ToUpperInvariant().Contains("CRL"))    //jbonilla - El URL del CRL para el BCE está en la tercera posición y solo se puede acceder desde HTTP.
                    {
                        return(str);
                    }
                    else
                    {
                        LOG.Info("Supports only http:// and https:// protocol for CRL");
                    }
                }
            }

            //jbonilla
            #region BCE
            if (certificate.SubjectDN.ToString()
                .Contains("AC BANCO CENTRAL DEL ECUADOR"))
            {
                return(this.IntermediateAcUrl);
            }
            #endregion

            return(null);
        }
 public PublicKeyAndChallenge(Asn1Sequence seq)
 {
     pkacSeq   = seq;
     spki      = SubjectPublicKeyInfo.GetInstance(seq[0]);
     challenge = DerIA5String.GetInstance(seq[1]);
 }
Example #19
0
 private string ExtractNameAsString(GeneralName name)
 {
     return(DerIA5String.GetInstance(name.Name).GetString());
 }