public override void Decode(Asn1BerDecodeBuffer buffer, bool explicitTagging, int implicitLength) { var elemLength = explicitTagging ? MatchTag(buffer, Asn1Tag.Sequence) : implicitLength; Init(); var context = new Asn1BerDecodeContext(buffer, elemLength); var parsedLen = new IntHolder(); if (!context.MatchElemTag(0, 0x20, 0x10, parsedLen, false)) { throw ExceptionUtility.CryptographicException(Resources.Asn1MissingRequiredException, buffer.ByteCount); } Algorithm = new AlgorithmIdentifier(); Algorithm.Decode(buffer, true, parsedLen.Value); if (!context.MatchElemTag(0, 0, 3, parsedLen, false)) { throw ExceptionUtility.CryptographicException(Resources.Asn1MissingRequiredException, buffer.ByteCount); } SubjectPublicKey = new Asn1BitString(); SubjectPublicKey.Decode(buffer, true, parsedLen.Value); }
private byte[] getRandomNum(PKCS8.PrivateKeyInfo priKey) { foreach (ASN1 i in priKey.Attributes) { Asn1Reader reader = new Asn1Reader(i.GetBytes()); bool isRandomNumAttribute = false, inSET = false; do { if (reader.TagName == "OBJECT_IDENTIFIER") { if (((Asn1ObjectIdentifier)reader.GetTagObject()).Value.Value == "1.2.410.200004.10.1.1.3") { isRandomNumAttribute = true; } } else if (reader.TagName == "SET" && isRandomNumAttribute) { inSET = true; } else if (reader.TagName == "BIT_STRING" && inSET) { Asn1BitString asn1BitString = new Asn1BitString(reader); return(asn1BitString.Value); } } while (reader.MoveNext()); } throw new VIDOperationException("RandomNum in private key attributes is missing"); }
void decode(Byte[] rawData) { Asn1Reader asn = new Asn1Reader(rawData); asn.MoveNext(); if (asn.PayloadLength == 0) { return; } do { switch (asn.Tag) { case 0xA0: Asn1Reader distName = new Asn1Reader(asn.GetPayload()); do { switch (distName.Tag) { case 0xA0: // full name _fullNames.Decode(Asn1Utils.Encode(distName.GetPayload(), 48)); break; case 0xA1: // relative to issuer name Byte[] relativeName = Asn1Utils.Encode(distName.GetPayload(), 48); RelativeToIssuerName = new X500DistinguishedName(relativeName); break; default: throw new InvalidDataException("The data is invalid"); } } while (distName.MoveNextSibling()); break; case 0xA1: // reasons Asn1BitString bs = new Asn1BitString(asn.GetPayload()); if (bs.Value[0] == 0) { Reasons = X509RevocationReasonFlag.Unspecified; } else { Reasons = (X509RevocationReasonFlag)bs.Value[0]; } break; case 0xA2: // crl issuer _crlIssuers.Decode(Asn1Utils.Encode(asn.GetPayload(), 48)); break; default: throw new InvalidDataException("The data is invalid."); } } while (asn.MoveNextSibling()); _rawData.AddRange(rawData); }
/// <summary> /// Signs <see cref="ToBeSignedData"/> data by using client-provided message signer. /// </summary> /// <param name="signerInfo">Configured message signer object which is used to sign the data.</param> public void Sign(MessageSigner signerInfo) { var signature = signerInfo.SignData(ToBeSignedData).ToList(); if (signerInfo.SignerCertificate.PublicKey.Oid.Value == AlgorithmOids.RSA) { signature.Insert(0, 0); Signature = new Asn1BitString(Asn1Utils.Encode(signature.ToArray(), 3)); } else { // ECDSA, DSA signature consist of two parts, r and s. Int32 divider = signature.Count / 2; List <Byte> r = signature.Skip(0).Take(divider).ToList(); // check if most significant bit is set to 1. If set, prepend value with extra 0 byte. if (r[0] > 127) { r.Insert(0, 0); } List <Byte> s = signature.Skip(divider).Take(divider).ToList(); // check if most significant bit is set to 1. If set, prepend value with extra 0 byte. if (s[0] > 127) { s.Insert(0, 0); } var builder = new List <Byte>(); builder.AddRange(Asn1Utils.Encode(r.ToArray(), (Byte)Asn1Type.INTEGER)); builder.AddRange(Asn1Utils.Encode(s.ToArray(), (Byte)Asn1Type.INTEGER)); builder = new List <Byte>(Asn1Utils.Encode(builder.ToArray(), 48)); builder.Insert(0, 0); Signature = new Asn1BitString(Asn1Utils.Encode(builder.ToArray(), 3)); } SignatureAlgorithm = signerInfo.GetAlgorithmIdentifier(); BlobType = ContentBlobType.SignedBlob; }
public RsaPublicKey(Asn1BitString valueNode) { var value = Asn1Node.ReadNode(valueNode.Data); Modulus = GetRsaData((Asn1Integer)value.Nodes[0]); Exponent = GetRsaData((Asn1Integer)value.Nodes[1]); }
public static byte[] FromRSA(RSA rsa) { var prms = rsa.ExportParameters(false); var modulus = new Asn1Integer((new byte[] { 0x00 }.Concat(prms.Modulus)).ToArray()); var exponent = new Asn1Integer(prms.Exponent); var oidheader = new Asn1Sequence(); oidheader.Nodes.Add(new Asn1ObjectIdentifier("1.2.840.113549.1.1.1")); oidheader.Nodes.Add(new Asn1Null()); var rsaSequence = new Asn1Sequence(); rsaSequence.Nodes.Add(modulus); rsaSequence.Nodes.Add(exponent); var bitString = new Asn1BitString(rsaSequence.GetBytes()); var result = new Asn1Sequence(); result.Nodes.Add(oidheader); result.Nodes.Add(bitString); return(result.GetBytes()); }
public X509Certificate SignWith(X509PrivateKey authorityPrivateKey) { var tbsData = Tbs.ToAsn1().GetBytes(); var data = authorityPrivateKey.SignData(tbsData); SignatureValue = new Asn1BitString(data); SignatureAlgorithm = Tbs.SignatureAlgorithm; return(this); }
/// <summary> /// This constructor sets all elements to references to the /// given objects /// </summary> public SubjectPublicKeyInfo( AlgorithmIdentifier algorithm_, Asn1BitString subjectPublicKey_ ) : base() { algorithm = algorithm_; subjectPublicKey = subjectPublicKey_; }
public RsaPrivateKey(Asn1BitString valueNode) { var value = Asn1Node.ReadNode(valueNode.Data); Modulus = GetRsaData((Asn1Integer)value.Nodes[1]); Exponent = GetRsaData((Asn1Integer)value.Nodes[2]); D = GetRsaData((Asn1Integer)value.Nodes[3]); P = GetRsaData((Asn1Integer)value.Nodes[4]); Q = GetRsaData((Asn1Integer)value.Nodes[5]); DP = GetRsaData((Asn1Integer)value.Nodes[6]); DQ = GetRsaData((Asn1Integer)value.Nodes[7]); InverseQ = GetRsaData((Asn1Integer)value.Nodes[8]); }
public void WriteBitString(string correctResultHex, string valueToTest, int unusedBits) { var encoded = Helpers.GetExampleBytes(correctResultHex); var encodedValueToTest = Helpers.GetExampleBytes(valueToTest); using (var ms = new MemoryStream()) { var asn1Obj = new Asn1BitString(encodedValueToTest, unusedBits); new DerWriter(ms).Write(asn1Obj); var res = Enumerable.SequenceEqual(encoded, ms.ToArray()); Assert.True(res); } }
void m_decode(Byte[] rawData) { Asn1Reader asn = new Asn1Reader(rawData); if (asn.Tag != 48) { throw new Asn1InvalidTagException(asn.Offset); } asn.MoveNextAndExpectTags(0x30); ToBeSignedData = asn.GetTagRawData(); asn.MoveNextCurrentLevelAndExpectTags(0x30); SignatureAlgorithm = new AlgorithmIdentifier(asn.GetTagRawData()); asn.MoveNextCurrentLevelAndExpectTags((Byte)Asn1Type.BIT_STRING); Signature = new Asn1BitString(asn); }
void decode() { var asn = new Asn1Reader(RawData); if (asn.PayloadLength == 0) { return; } asn.MoveNext(); do { switch (asn.Tag) { case 0xa0: DistributionPoint = new X509DistributionPoint(Asn1Utils.Encode(asn.GetTagRawData(), 48)); break; case 0xa1: OnlyUserCerts = Asn1Utils.DecodeBoolean(asn.GetPayload()); break; case 0xa2: OnlyCaCerts = Asn1Utils.DecodeBoolean(asn.GetPayload()); break; case 0xa3: var val = new Asn1BitString(asn.GetPayload()); if (val.Value.Length > 1) { Reasons = (X509RevocationReasonFlag)BitConverter.ToUInt16(val.Value, 0); } else if (val.Value.Length == 1) { Reasons = (X509RevocationReasonFlag)val.Value[0]; } break; case 0xa4: IndirectCRL = Asn1Utils.DecodeBoolean(asn.GetPayload()); break; case 0xa5: OnlyAttributeCerts = Asn1Utils.DecodeBoolean(asn.GetPayload()); break; } } while (asn.MoveNextSibling()); }
/// <summary> /// Hashes current blob in <see cref="ToBeSignedData"/> member, constructs algorithm identifier /// (usually, with "NoSign" suffix) and attaches hash value in the signature section. /// </summary> /// <param name="hashAlgorithm">Hash algorithm to use for hashing.</param> /// <exception cref="ArgumentException"> /// Hash algorithm is not valid or cannot be mapped to respective signature algorithm. /// </exception> /// <exception cref="ArgumentNullException"> /// <strong>hashAlgorithm</strong> parameter is null. /// </exception> public void Hash(Oid2 hashAlgorithm) { if (hashAlgorithm == null) { throw new ArgumentNullException(nameof(hashAlgorithm)); } Oid2 transofrmedOid = Oid2.MapHashToSignatureOid(hashAlgorithm); using (var hasher = HashAlgorithm.Create(hashAlgorithm.FriendlyName)) { if (hasher == null) { throw new ArgumentException("Specified hash algorithm is not valid hashing algorithm"); } List <Byte> signature = hasher.ComputeHash(ToBeSignedData).ToList(); signature.Insert(0, 0); Signature = new Asn1BitString(Asn1Utils.Encode(signature.ToArray(), (Byte)Asn1Type.BIT_STRING)); } SignatureAlgorithm = new AlgorithmIdentifier(transofrmedOid.ToOid(), Asn1Utils.EncodeNull()); BlobType = ContentBlobType.SignedBlob; }
public override void Decode (Asn1BerDecodeBuffer buffer, bool explicitTagging, int implicitLength) { int llen = (explicitTagging) ? MatchTag(buffer, Asn1Tag.Sequence) : implicitLength; Init(); // decode SEQUENCE Asn1BerDecodeContext context = new Asn1BerDecodeContext(buffer, llen); IntHolder elemLen = new IntHolder(); // decode algorithm if (context.MatchElemTag(Asn1Tag.Universal, Asn1Tag.CONS, 16, elemLen, false)) { algorithm = new AlgorithmIdentifier(); algorithm.Decode(buffer, true, elemLen.Value); } else { throw new Exception("Asn1MissingRequiredException (buffer)"); } // decode subjectPublicKey if (context.MatchElemTag(Asn1Tag.Universal, Asn1Tag.PRIM, 3, elemLen, false)) { subjectPublicKey = new Asn1BitString(); subjectPublicKey.Decode(buffer, true, elemLen.Value); } else { throw new Exception("Asn1MissingRequiredException (buffer)"); } }
void m_decode(Byte[] rawData) { Asn1Reader asn = new Asn1Reader(rawData); if (asn.Tag != 48) { throw new ArgumentException("The data is invalid"); } if (!asn.MoveNext()) { throw new ArgumentException("The data is invalid"); } ToBeSignedData = asn.GetTagRawData(); if (!asn.MoveNextCurrentLevel()) { throw new ArgumentException("The data is invalid"); } SignatureAlgorithm = new AlgorithmIdentifier(asn.GetTagRawData()); if (!asn.MoveNextCurrentLevel()) { throw new ArgumentException("The data is invalid"); } Signature = new Asn1BitString(asn); }
private void Init() { Algorithm = null; SubjectPublicKey = null; }
void m_decode(Byte[] rawData) { Asn1Reader asn = new Asn1Reader(rawData); asn.MoveNext(); if (asn.PayloadLength == 0) { return; } do { Byte[] altNames; switch (asn.Tag) { case 0xA0: Asn1Reader distName = new Asn1Reader(asn.GetPayload()); do { switch (distName.Tag) { case 0xA0: // full name altNames = Asn1Utils.Encode(distName.GetPayload(), 48); FullName = new X509AlternativeNameCollection(); FullName.Decode(altNames); break; case 0xA1: // relative to issuer name Byte[] relativeName = Asn1Utils.Encode(distName.GetPayload(), 48); RelativeToIssuerName = new X500DistinguishedName(relativeName); break; default: throw new InvalidDataException("The data is invalid"); } } while (distName.MoveNextCurrentLevel()); break; case 0xA1: // reasons Asn1BitString bs = new Asn1BitString(asn.GetPayload()); if (bs.Value[0] == 0) { Reasons = X509RevocationReasons.Unspecified; break; } Byte mask = 1; do { if ((bs.Value[0] & mask) > 0) { switch (mask) { case 1: Reasons += (Int32)X509RevocationReasons.AACompromise; break; case 2: Reasons += (Int32)X509RevocationReasons.PrivilegeWithdrawn; break; case 4: Reasons += (Int32)X509RevocationReasons.CertificateHold; break; case 8: Reasons += (Int32)X509RevocationReasons.CeaseOfOperation; break; case 16: Reasons += (Int32)X509RevocationReasons.Superseded; break; case 32: Reasons += (Int32)X509RevocationReasons.ChangeOfAffiliation; break; case 64: Reasons += (Int32)X509RevocationReasons.CACompromise; break; case 128: Reasons += (Int32)X509RevocationReasons.KeyCompromise; break; } } mask <<= 1; } while (mask != 128); break; case 0xA2: // crl issuer altNames = Asn1Utils.Encode(asn.GetPayload(), 48); CRLIssuer = new X509AlternativeNameCollection(); CRLIssuer.Decode(altNames); break; default: throw new InvalidDataException("The data is invalid."); } } while (asn.MoveNextCurrentLevel()); RawData = rawData; }
public void Init() { algorithm = null; subjectPublicKey = null; }
private static T MakeInstanceOfAsn1Object <T>(long nodeStartOffset, Asn1Class asn1Class, bool constructed, int tag, SubStream content) where T : Asn1ObjectBase { T foundObject; Asn1ObjectBase shouldBeType = null; if (asn1Class == Asn1Class.ContextSpecific) { shouldBeType = new Asn1ContextSpecific(constructed, tag, content); } else { switch ((Asn1Type)tag) { case Asn1Type.Eoc: shouldBeType = new Asn1Eoc(); break; case Asn1Type.Boolean: shouldBeType = new Asn1Boolean(content, constructed); break; case Asn1Type.Integer: shouldBeType = new Asn1Integer(content, constructed); break; case Asn1Type.BitString: shouldBeType = new Asn1BitString(content, constructed); break; case Asn1Type.OctetString: shouldBeType = new Asn1OctetString(content, constructed); break; case Asn1Type.Null: shouldBeType = new Asn1Null(constructed); break; case Asn1Type.ObjectIdentifier: shouldBeType = new Asn1ObjectIdentifier(content, constructed); break; case Asn1Type.Real: shouldBeType = new Asn1Real(content, constructed); break; case Asn1Type.Enumerated: shouldBeType = new Asn1Enumerated(content, constructed); break; case Asn1Type.Utf8String: shouldBeType = new Asn1Utf8String(content, constructed); break; case Asn1Type.RelativeOid: shouldBeType = new Asn1RelativeOid(content, constructed); break; case Asn1Type.Sequence: shouldBeType = new Asn1Sequence(asn1Class, content, constructed); break; case Asn1Type.Set: shouldBeType = new Asn1Set(asn1Class, content, constructed); break; case Asn1Type.NumericString: shouldBeType = new Asn1NumericString(content, constructed); break; case Asn1Type.PrintableString: shouldBeType = new Asn1PrintableString(content, constructed); break; case Asn1Type.T61String: shouldBeType = new Asn1T61String(content, constructed); break; case Asn1Type.Ia5String: shouldBeType = new Asn1Ia5String(content, constructed); break; case Asn1Type.UtcTime: shouldBeType = new Asn1UtcTime(content, constructed); break; case Asn1Type.GeneralizedTime: shouldBeType = new Asn1GeneralizedTime(content, constructed); break; case Asn1Type.GraphicString: shouldBeType = new Asn1GraphicString(content, constructed); break; case Asn1Type.GeneralString: shouldBeType = new Asn1GeneralString(content, constructed); break; case Asn1Type.UniversalString: shouldBeType = new Asn1UniversalString(content, constructed); break; case Asn1Type.BmpString: shouldBeType = new Asn1BmpString(content, constructed); break; case Asn1Type.ObjectDescriptor: case Asn1Type.External: case Asn1Type.EmbeddedPdv: case Asn1Type.VideotexString: case Asn1Type.VisibleString: case Asn1Type.CharacterString: case Asn1Type.LongForm: default: throw new NotSupportedException($"ASN.1 tag {tag} is unsupported."); } } foundObject = shouldBeType as T; // sanity check if (foundObject == null) { throw new FormatException(FormattableString.Invariant($"ASN.1 node at offset {nodeStartOffset} is of type {shouldBeType.GetType()} but expected type was {typeof(T)}")); } return(foundObject); }
public static string GetHexString(this Asn1BitString val) { return(val.Data.GetHexString()); }