/// <summary> /// Lookup and parse CDP URL inside a certificate. /// </summary> /// <param name="cert"></param> /// <returns></returns> IList <string> ParseCDPUrls(System.Security.Cryptography.X509Certificates.X509Certificate2 cert) { var crls = new List <string>(); if (cert.Extensions != null && cert.Extensions.Count > 0) { foreach (var ext in cert.Extensions) { if (ext.Oid.Value == "2.5.29.31") { var o = Org.BouncyCastle.Asn1.Asn1Object.FromByteArray(ext.RawData); var cdpListObj = Org.BouncyCastle.Asn1.X509.CrlDistPoint.GetInstance(o); var cdpList = cdpListObj.GetDistributionPoints(); var generalNames = GeneralNames.GetInstance(cdpList[0].DistributionPointName.Name).GetNames(); for (int j = 0; j < generalNames.Length; j++) { if (generalNames[j].TagNo == GeneralName.UniformResourceIdentifier) { var url = ((DerIA5String)generalNames[j].Name).GetString(); crls.Add(url); } } break; } } } return(crls); }
protected virtual ICollection GetAlternativeNames( string oid) { Asn1OctetString altNames = GetExtensionValue(new DerObjectIdentifier(oid)); if (altNames == null) { return(null); } Asn1Object asn1Object = X509ExtensionUtilities.FromExtensionValue(altNames); GeneralNames gns = GeneralNames.GetInstance(asn1Object); IList result = Platform.CreateArrayList(); foreach (GeneralName gn in gns.GetNames()) { IList entry = Platform.CreateArrayList(); entry.Add(gn.TagNo); entry.Add(gn.Name.ToString()); result.Add(entry); } return(result); }
/// <inheritdoc /> public override void InjectReferenceValue(X509Certificate2 value) { Certificate = value; Asn1Object exValue = GetExtensionValue(value); if (exValue == null) { if (IsRequired()) { throw new PolicyRequiredException("Extention " + ExtentionIdentifier.Display + " is marked as required by is not present."); } else { var emptyList = new List <string>(); PolicyValue = PolicyValueFactory.GetInstance <IList <string> >(emptyList); return; } } var names = new List <string>(); var generalNames = GeneralNames.GetInstance(exValue); foreach (var name in generalNames.GetNames()) { var type = StandardExt.FromTag <Standard.GeneralNameType>(name.TagNo); names.Add(type.Name() + ":" + name.Name); } PolicyValue = PolicyValueFactory.GetInstance <IList <string> >(names); }
internal static void AddAdditionalStoresFromCrlDistributionPoint(CrlDistPoint crldp, PkixParameters pkixParams) { if (crldp != null) { DistributionPoint[] array = null; try { array = crldp.GetDistributionPoints(); } catch (Exception innerException) { throw new Exception("Distribution points could not be read.", innerException); } for (int i = 0; i < array.Length; i++) { DistributionPointName distributionPointName = array[i].DistributionPointName; if (distributionPointName != null && distributionPointName.PointType == 0) { GeneralName[] names = GeneralNames.GetInstance(distributionPointName.Name).GetNames(); for (int j = 0; j < names.Length; j++) { if (names[j].TagNo == 6) { string @string = DerIA5String.GetInstance(names[j].Name).GetString(); PkixCertPathValidatorUtilities.AddAdditionalStoreFromLocation(@string, pkixParams); } } } } } }
internal static void AddAdditionalStoresFromCrlDistributionPoint(CrlDistPoint crldp, PkixParameters pkixParams) { if (crldp == null) { return; } DistributionPoint[] array = null; try { array = crldp.GetDistributionPoints(); } catch (global::System.Exception ex) { throw new global::System.Exception("Distribution points could not be read.", ex); } for (int i = 0; i < array.Length; i++) { DistributionPointName distributionPointName = array[i].DistributionPointName; if (distributionPointName == null || distributionPointName.PointType != 0) { continue; } GeneralName[] names = GeneralNames.GetInstance(distributionPointName.Name).GetNames(); for (int j = 0; j < names.Length; j++) { if (names[j].TagNo == 6) { string @string = DerIA5String.GetInstance(names[j].Name).GetString(); AddAdditionalStoreFromLocation(@string, pkixParams); } } } }
private X500Name loadCertificateIssuer() { if (!isIndirect) { return(null); } byte[] ext = GetExtensionValue(X509Extensions.CertificateIssuer); if (ext == null) { return(previousCertificateIssuer); } try { GeneralName[] names = GeneralNames.GetInstance(ext).GetNames(); for (int i = 0; i < names.Length; i++) { if (names[i].TagNo == GeneralName.DirectoryName) { return(X500Name.GetInstance(names[i].Name)); } } } catch (Exception) { } return(null); }
public X509Name GetCertificateIssuer() { if (!isIndirect) { return(null); } Asn1OctetString ext = GetExtensionValue(X509Extensions.CertificateIssuer); if (ext == null) { return(previousCertificateIssuer); } try { GeneralName[] names = GeneralNames.GetInstance( X509ExtensionUtilities.FromExtensionValue(ext)).GetNames(); for (int i = 0; i < names.Length; i++) { if (names[i].TagNo == GeneralName.DirectoryName) { return(X509Name.GetInstance(names[i].Name)); } } } catch (Exception) { } return(null); }
private X509Name loadCertificateIssuer() { if (!isIndirect) { return(null); } Asn1OctetString extensionValue = GetExtensionValue(X509Extensions.CertificateIssuer); if (extensionValue == null) { return(previousCertificateIssuer); } try { GeneralName[] names = GeneralNames.GetInstance(X509ExtensionUtilities.FromExtensionValue(extensionValue)).GetNames(); for (int i = 0; i < names.Length; i++) { if (names[i].TagNo == 4) { return(X509Name.GetInstance(names[i].Name)); } } } catch (global::System.Exception) { } return(null); }
private Holder(Asn1Sequence seq) { if (seq.Count > 3) { throw new ArgumentException("Bad sequence size: " + seq.Count); } for (int i = 0; i != seq.Count; i++) { Asn1TaggedObject instance = Asn1TaggedObject.GetInstance(seq[i]); switch (instance.TagNo) { case 0: baseCertificateID = IssuerSerial.GetInstance(instance, explicitly: false); break; case 1: entityName = GeneralNames.GetInstance(instance, explicitly: false); break; case 2: objectDigestInfo = ObjectDigestInfo.GetInstance(instance, isExplicit: false); break; default: throw new ArgumentException("unknown tag in Holder"); } } version = 1; }
/// <summary> /// Gets the CRL URLs from the CRL Distribution Points extension /// </summary> /// <param name="certificate"><seealso cref="Org.BouncyCastle.X509.X509Certificate"/></param> /// <returns>CRL URLs from the CRL Distribution Points extension</returns> public static List <Uri> GetCrlDistributionPoints(this Org.BouncyCastle.X509.X509Certificate certificate) { List <Uri> crlUrls = new List <Uri>(); if (certificate == null) { return(crlUrls); } var cdpExtention = certificate.GetExtensionValue(X509Extensions.CrlDistributionPoints); if (cdpExtention == null) { return(crlUrls); } byte[] crldpExt = cdpExtention.GetDerEncoded(); if (crldpExt == null) { return(crlUrls); } Asn1InputStream oAsnInStream = new Asn1InputStream(crldpExt); var derObjCrlDP = oAsnInStream.ReadObject(); DerOctetString dosCrlDP = (DerOctetString)derObjCrlDP; byte[] crldpExtOctets = dosCrlDP.GetOctets(); Asn1InputStream oAsnInStream2 = new Asn1InputStream(crldpExtOctets); var derObj2 = oAsnInStream2.ReadObject(); CrlDistPoint distPoint = CrlDistPoint.GetInstance(derObj2); foreach (DistributionPoint dp in distPoint.GetDistributionPoints()) { DistributionPointName dpn = dp.DistributionPointName; // Look for URIs in fullName if (dpn != null) { if (dpn.GetType() == typeof(Org.BouncyCastle.Asn1.X509.DistributionPointName)) { GeneralName[] genNames = GeneralNames.GetInstance(dpn.Name).GetNames(); // Look for an URI for (int j = 0; j < genNames.Length; j++) { if (genNames[j].TagNo == GeneralName.UniformResourceIdentifier) { Uri uri; String url = DerIA5String.GetInstance(genNames[j].Name).GetString(); if (Uri.TryCreate(url, UriKind.Absolute, out uri)) { crlUrls.Add(uri); } } } } } } return(crlUrls); }
/// <summary> /// Create SubjectAltName extension from an X509Extension /// </summary> /// <param name="Extension">X509 extension</param> /// <remarks> /// Sub classses must provide an implementation to decode their values /// </remarks> public subjectAltName(X509Extension Extension) : base(Extension.IsCritical) { base.oid = X509Extensions.SubjectAlternativeName; base.name = "SubjectAlternativeName"; base.displayName = "Subject Alternative Name"; decode(GeneralNames.GetInstance((Asn1Sequence)Extension.GetParsedValue())); }
public bool TryGetCachedCertificate(List <string> hosts, out CachedCertificateResult value) { value = null; if (_cache.CachedCerts.TryGetValue(hosts[0], out var cache) == false) { return(false); } var cert = new X509Certificate2(cache.Cert, (string)null, X509KeyStorageFlags.MachineKeySet); var sanNames = cert.Extensions["2.5.29.17"]; if (sanNames == null) { return(false); } var generalNames = GeneralNames.GetInstance(Asn1Object.FromByteArray(sanNames.RawData)); var certHosts = generalNames.GetNames(); foreach (var host in _hosts) { var found = false; foreach (var certHost in certHosts) { if (host.Equals(certHost.Name.ToString(), StringComparison.OrdinalIgnoreCase)) { found = true; break; } } if (found == false) { return(false); } } // if it is about to expire, we need to refresh if ((cert.NotAfter - DateTime.UtcNow).TotalDays <= 30) { return(false); } var rsa = new RSACryptoServiceProvider(4096); rsa.ImportCspBlob(cache.Private); value = new CachedCertificateResult { Certificate = cache.Cert, PrivateKey = rsa }; return(true); }
public override string ToString() { StringBuilder builder = new StringBuilder(); string newLine = Platform.NewLine; builder.Append(" userCertificate: ").Append(this.SerialNumber).Append(newLine); builder.Append(" revocationDate: ").Append(this.RevocationDate).Append(newLine); builder.Append(" certificateIssuer: ").Append(this.GetCertificateIssuer()).Append(newLine); X509Extensions extensions = this.c.Extensions; if (extensions != null) { IEnumerator enumerator = extensions.ExtensionOids.GetEnumerator(); if (enumerator.MoveNext()) { builder.Append(" crlEntryExtensions:").Append(newLine); do { DerObjectIdentifier current = (DerObjectIdentifier)enumerator.Current; X509Extension extension = extensions.GetExtension(current); if (extension.Value != null) { Asn1Object obj2 = Asn1Object.FromByteArray(extension.Value.GetOctets()); builder.Append(" critical(").Append(extension.IsCritical).Append(") "); try { if (current.Equals(X509Extensions.ReasonCode)) { builder.Append(new CrlReason(DerEnumerated.GetInstance(obj2))); } else if (current.Equals(X509Extensions.CertificateIssuer)) { builder.Append("Certificate issuer: ").Append(GeneralNames.GetInstance((Asn1Sequence)obj2)); } else { builder.Append(current.Id); builder.Append(" value = ").Append(Asn1Dump.DumpAsString((Asn1Encodable)obj2)); } builder.Append(newLine); } catch (Exception) { builder.Append(current.Id); builder.Append(" value = ").Append("*****").Append(newLine); } } else { builder.Append(newLine); } }while (enumerator.MoveNext()); } } return(builder.ToString()); }
public static List <string> DecodeCsrSubjects(byte[] csrBytes) { // based on https://stackoverflow.com/a/45424266 by https://stackoverflow.com/users/814735/cyril-durand var pem = new PemObject("CSR", csrBytes); var request = new Pkcs10CertificationRequest(pem.Content); var requestInfo = request.GetCertificationRequestInfo(); // an Attribute is a collection of Sequence which contains a collection of Asn1Object // let's find the sequence that contains a DerObjectIdentifier with Id of "1.2.840.113549.1.9.14" var extensionSequence = requestInfo.Attributes.OfType <DerSequence>() .FirstOrDefault(o => o.OfType <DerObjectIdentifier>() .Any(oo => oo.Id == PkcsObjectIdentifiers.Pkcs9AtExtensionRequest.Id)); // pkcs-9/extensionRequest, "1.2.840.113549.1.9.14" // let's get the set of value for this sequence var extensionSet = extensionSequence?.OfType <DerSet>().First(); var str = extensionSet != null? GetAsn1ObjectRecursive <DerOctetString>(extensionSet.OfType <DerSequence>().First(), X509Extensions.SubjectAlternativeName.Id) : null; if (str != null) { //subject alternative names var names = GeneralNames.GetInstance(Asn1Object.FromByteArray(str.GetOctets())); return(names .GetNames() .Select(n => n.Name.ToString()) .ToList()); } else { var oids = requestInfo.Subject.GetOidList(); string subjectName = ""; foreach (DerObjectIdentifier o in oids) { if (o.Id == X509ObjectIdentifiers.CommonName.Id) { subjectName = requestInfo.Subject.GetValueList()[oids.IndexOf(o)].ToString(); break; } } // we just have a single subject return(new List <string> { subjectName }); } }
private AuthorityKeyIdentifier CreateAuthorityKeyId( SubjectPublicKeyInfo info, X509Name name, int sNumber) { GeneralName genName = new GeneralName(name); return(new AuthorityKeyIdentifier( info, GeneralNames.GetInstance(new DerSequence(genName)), BigInteger.ValueOf(sNumber))); }
public DistributionPointName(Asn1TaggedObject obj) { type = obj.TagNo; if (type == 0) { name = GeneralNames.GetInstance(obj, explicitly: false); } else { name = Asn1Set.GetInstance(obj, explicitly: false); } }
private IssuerSerial(Asn1Sequence seq) { if (seq.Count != 2 && seq.Count != 3) { throw new ArgumentException("Bad sequence size: " + seq.Count); } issuer = GeneralNames.GetInstance(seq[0]); serial = DerInteger.GetInstance(seq[1]); if (seq.Count == 3) { issuerUid = DerBitString.GetInstance(seq[2]); } }
public IetfAttrSyntax(Asn1Sequence seq) { int num = 0; if (seq[0] is Asn1TaggedObject) { policyAuthority = GeneralNames.GetInstance((Asn1TaggedObject)seq[0], explicitly: false); num++; } else if (seq.Count == 2) { policyAuthority = GeneralNames.GetInstance(seq[0]); num++; } if (!(seq[num] is Asn1Sequence)) { throw new ArgumentException("Non-IetfAttrSyntax encoding"); } seq = (Asn1Sequence)seq[num]; foreach (Asn1Object item in seq) { int num2; if (item is DerObjectIdentifier) { num2 = 2; } else if (item is DerUtf8String) { num2 = 3; } else { if (!(item is DerOctetString)) { throw new ArgumentException("Bad value type encoding IetfAttrSyntax"); } num2 = 1; } if (valueChoice < 0) { valueChoice = num2; } if (num2 != valueChoice) { throw new ArgumentException("Mix of value types in IetfAttrSyntax"); } values.Add(item); } }
private static List <String> GetCrlDistribtionPoints(CrlDistPoint crldp) { List <String> certDpUrlLst = new List <string>(); DistributionPoint[] dpLst = crldp.GetDistributionPoints(); foreach (DistributionPoint p in dpLst) { GeneralName[] names = GeneralNames.GetInstance(p.DistributionPointName.Name).GetNames(); foreach (GeneralName n in names) { certDpUrlLst.Add(GeneralName.GetInstance(n).Name.ToString()); } } return(certDpUrlLst); }
public Holder(Asn1TaggedObject tagObj) { switch (tagObj.TagNo) { case 0: baseCertificateID = IssuerSerial.GetInstance(tagObj, explicitly: false); break; case 1: entityName = GeneralNames.GetInstance(tagObj, explicitly: false); break; default: throw new ArgumentException("unknown tag in Holder"); } version = 0; }
static Asn1Encodable ExtractGeneralName(CrlDistPoint distributionPointsExtension, int tagNumber) { foreach (var distributionPoint in distributionPointsExtension.GetDistributionPoints()) { DistributionPointName dpn = distributionPoint.DistributionPointName; if (dpn.PointType == DistributionPointName.FullName) { foreach (var generalName in GeneralNames.GetInstance(dpn.Name).GetNames()) { if (generalName.TagNo == tagNumber) { return generalName.Name; } } } } return null; }
internal static void AddAdditionalStoresFromCrlDistributionPoint( CrlDistPoint crldp, PkixParameters pkixParams) { if (crldp != null) { DistributionPoint[] dps = null; try { dps = crldp.GetDistributionPoints(); } catch (Exception e) { throw new Exception( "Distribution points could not be read.", e); } for (int i = 0; i < dps.Length; i++) { DistributionPointName dpn = dps[i].DistributionPointName; // look for URIs in fullName if (dpn != null) { if (dpn.PointType == DistributionPointName.FullName) { GeneralName[] genNames = GeneralNames.GetInstance( dpn.Name).GetNames(); // look for an URI for (int j = 0; j < genNames.Length; j++) { if (genNames[j].TagNo == GeneralName.UniformResourceIdentifier) { string location = DerIA5String.GetInstance( genNames[j].Name).GetString(); PkixCertPathValidatorUtilities.AddAdditionalStoreFromLocation( location, pkixParams); } } } } } } }
protected virtual ICollection GetAlternativeNames(string oid) { Asn1OctetString extensionValue = this.GetExtensionValue(new DerObjectIdentifier(oid)); if (extensionValue == null) { return(null); } GeneralNames instance = GeneralNames.GetInstance(X509ExtensionUtilities.FromExtensionValue(extensionValue)); IList list = Platform.CreateArrayList(); foreach (GeneralName name in instance.GetNames()) { IList list2 = Platform.CreateArrayList(); list2.Add(name.TagNo); list2.Add(name.Name.ToString()); list.Add(list2); } return(list); }
private List <string> GetCrlDistPoints(BcX509Certificate x509Certificate) { Asn1OctetString crldpAsn1OctetString = x509Certificate.GetExtensionValue(X509Extensions.CrlDistributionPoints); if (crldpAsn1OctetString == null) { return(new List <string>()); } Asn1InputStream crldpAsn1InputStream = new Asn1InputStream(crldpAsn1OctetString.GetOctets()); Asn1Object crldpAsn1Object = crldpAsn1InputStream.ReadObject(); return(CrlDistPoint.GetInstance(crldpAsn1Object).GetDistributionPoints() .Select(_ => _.DistributionPointName) .Where(_ => _.PointType == DistributionPointName.FullName) .SelectMany(_ => GeneralNames.GetInstance(_.Name).GetNames()) .Where(_ => _.TagNo == GeneralName.UniformResourceIdentifier) .Select(_ => _.Name.ToString()) .ToList()); }
/// <inheritdoc /> public override void InjectReferenceValue(X509Certificate2 value) { Certificate = value; Asn1Object exValue = GetExtensionValue(value); if (exValue == null) { if (IsRequired()) { throw new PolicyRequiredException("Extention " + ExtentionIdentifier.Display + " is marked as required by is not present."); } var emptyList = new List <string>(); PolicyValue = new PolicyValue <IList <string> >(emptyList); return; } CrlDistPoint distPoints = CrlDistPoint.GetInstance(exValue); IList <String> retVal = new List <String>(); foreach (var distPoint in distPoints.GetDistributionPoints()) { if (distPoint.DistributionPointName != null && distPoint.DistributionPointName.PointType == DistributionPointName.FullName) { GeneralNames names = GeneralNames.GetInstance(distPoint.DistributionPointName.Name); foreach (var generalName in names.GetNames()) { retVal.Add(generalName.Name.ToString()); } } } if (!retVal.Any() && IsRequired()) { throw new PolicyRequiredException("Extention " + ExtentionIdentifier.Display + " is marked as required by is not present."); } PolicyValue = new PolicyValue <IList <string> >(retVal); }
protected virtual global::System.Collections.ICollection GetAlternativeNames(string oid) { Asn1OctetString extensionValue = GetExtensionValue(new DerObjectIdentifier(oid)); if (extensionValue == null) { return(null); } Asn1Object obj = X509ExtensionUtilities.FromExtensionValue(extensionValue); GeneralNames instance = GeneralNames.GetInstance(obj); global::System.Collections.IList list = Platform.CreateArrayList(); GeneralName[] names = instance.GetNames(); foreach (GeneralName generalName in names) { global::System.Collections.IList list2 = Platform.CreateArrayList(); list2.Add((object)generalName.TagNo); list2.Add((object)((object)generalName.Name).ToString()); list.Add((object)list2); } return((global::System.Collections.ICollection)list); }
private V2Form(Asn1Sequence seq) { if (seq.Count > 3) { throw new ArgumentException("Bad sequence size: " + seq.Count); } int num = 0; if (!(seq[0] is Asn1TaggedObject)) { num++; issuerName = GeneralNames.GetInstance(seq[0]); } int num2 = num; Asn1TaggedObject instance; while (true) { if (num2 == seq.Count) { return; } instance = Asn1TaggedObject.GetInstance(seq[num2]); if (instance.TagNo == 0) { baseCertificateID = IssuerSerial.GetInstance(instance, explicitly: false); } else { if (instance.TagNo != 1) { break; } objectDigestInfo = ObjectDigestInfo.GetInstance(instance, isExplicit: false); } num2++; } throw new ArgumentException("Bad tag number: " + instance.TagNo); }
protected virtual ICollection GetAlternativeNames(string oid) { Asn1OctetString extensionValue = this.GetExtensionValue(new DerObjectIdentifier(oid)); if (extensionValue == null) { return(null); } Asn1Object obj = X509ExtensionUtilities.FromExtensionValue(extensionValue); GeneralNames instance = GeneralNames.GetInstance(obj); IList list = Platform.CreateArrayList(); GeneralName[] names = instance.GetNames(); for (int i = 0; i < names.Length; i++) { GeneralName generalName = names[i]; IList list2 = Platform.CreateArrayList(); list2.Add(generalName.TagNo); list2.Add(generalName.Name.ToString()); list.Add(list2); } return(list); }
public static AttCertIssuer GetInstance(object obj) { if (obj is AttCertIssuer) { return((AttCertIssuer)obj); } if (obj is V2Form) { return(new AttCertIssuer(V2Form.GetInstance(obj))); } if (obj is GeneralNames) { return(new AttCertIssuer((GeneralNames)obj)); } if (obj is Asn1TaggedObject) { return(new AttCertIssuer(V2Form.GetInstance((Asn1TaggedObject)obj, explicitly: false))); } if (obj is Asn1Sequence) { return(new AttCertIssuer(GeneralNames.GetInstance(obj))); } throw new ArgumentException("unknown object in factory: " + Platform.GetTypeName(obj), "obj"); }
private LinkedCertificate(Asn1Sequence seq) { this.mDigest = DigestInfo.GetInstance(seq[0]); this.mCertLocation = GeneralName.GetInstance(seq[1]); for (int i = 2; i < seq.Count; ++i) { Asn1TaggedObject tagged = Asn1TaggedObject.GetInstance(seq[i]); switch (tagged.TagNo) { case 0: this.mCertIssuer = X509Name.GetInstance(tagged, false); break; case 1: this.mCACerts = GeneralNames.GetInstance(tagged, false); break; default: throw new ArgumentException("unknown tag in tagged field"); } } }