X509Certificate2 build(X509Certificate2 signer) { MessageSigner signerInfo = signer == null ? new MessageSigner(PrivateKeyInfo, HashingAlgorithm) : new MessageSigner(signer, HashingAlgorithm); signerInfo.PaddingScheme = AlternateSignatureFormat ? SignaturePadding.PSS : SignaturePadding.PKCS1; // initialize from v3 version var rawData = new List <Byte>(_versionBytes); // serial number rawData.AddRange(Asn1Utils.Encode(serialNumber, (Byte)Asn1Type.INTEGER)); // algorithm identifier rawData.AddRange(signerInfo.GetAlgorithmIdentifier(AlternateSignatureFormat).RawData); // issuer rawData.AddRange(signer == null ? SubjectName.RawData : signer.SubjectName.RawData); // NotBefore and NotAfter List <Byte> date = Asn1Utils.EncodeDateTime(NotBefore).ToList(); date.AddRange(Asn1Utils.EncodeDateTime(NotAfter)); rawData.AddRange(Asn1Utils.Encode(date.ToArray(), 48)); // subject rawData.AddRange(SubjectName.RawData); rawData.AddRange(PrivateKeyInfo.GetPublicKey().Encode()); rawData.AddRange(Asn1Utils.Encode(finalExtensions.Encode(), 0xa3)); var blob = new SignedContentBlob(Asn1Utils.Encode(rawData.ToArray(), 48), ContentBlobType.ToBeSignedBlob); blob.Sign(signerInfo); return(new X509Certificate2(blob.Encode())); }
List <Byte> buildTbs(Byte[] signatureAlgorithm, X509Certificate2 issuer) { if (String.IsNullOrEmpty(issuer.Issuer)) { throw new ArgumentException("Subject name is empty."); } // coerce hashing algorithm if (HashingAlgorithm == null) { HashingAlgorithm = new Oid(AlgorithmOids.SHA256); } // coerce version if (_extensions.Count > 0) { Version = 2; } // coerce validity if (NextUpdate == null || NextUpdate.Value <= ThisUpdate) { NextUpdate = ThisUpdate.AddDays(7); } var rawBytes = new List <Byte>(); // algorithm rawBytes.AddRange(signatureAlgorithm); // issuer rawBytes.AddRange(issuer.SubjectName.RawData); // thisUpdate rawBytes.AddRange(Asn1Utils.EncodeDateTime(ThisUpdate)); // nextUpdate. Not null at this point, because we do not support CRL generation with infinity validity. rawBytes.AddRange(Asn1Utils.EncodeDateTime(NextUpdate.Value)); // revokedCerts if (RevokedCertificates.Count > 0) { rawBytes.AddRange(RevokedCertificates.Encode()); RevokedCertificates.Close(); } // extensions if (Version == 2) { // insert version at the beginning. rawBytes.InsertRange(0, new Asn1Integer(Version - 1).RawData); generateExtensions(issuer); rawBytes.AddRange(Asn1Utils.Encode(Extensions.Encode(), 160)); } // generate tbs return(new List <Byte>(Asn1Utils.Encode(rawBytes.ToArray(), 48))); }
/// <summary> /// Encodes revocation entry to a ASN.1-encoded byte array. /// </summary> /// <returns>ASN.1-encoded byte array</returns> public Byte[] Encode() { if (String.IsNullOrEmpty(SerialNumber)) { throw new UninitializedObjectException(); } List <Byte> rawData = new List <Byte>(AsnFormatter.StringToBinary(SerialNumber, EncodingType.HexAny)); rawData = new List <Byte>(Asn1Utils.Encode(rawData.ToArray(), (Byte)Asn1Type.INTEGER)); rawData.AddRange(Asn1Utils.EncodeDateTime(RevocationDate)); if (ReasonCode != 0) { Byte[] reasonEnum = new Byte[] { 10, 1, (Byte)ReasonCode }; X509ExtensionCollection exts = new X509ExtensionCollection(); X509Extension CRlReasonCode = new X509Extension("2.5.29.21", reasonEnum, false); exts.Add(CRlReasonCode); rawData.AddRange(Crypt32Managed.EncodeX509Extensions(exts)); } return(Asn1Utils.Encode(rawData.ToArray(), 48)); }
Byte[] encodeCTL() { var builder = new Asn1Builder() .AddDerData(new X509EnhancedKeyUsageExtension(SubjectUsages, false).RawData); var rawData = new List <Byte>(new X509EnhancedKeyUsageExtension(SubjectUsages, false).RawData); if (!String.IsNullOrEmpty(ListIdentifier)) { builder.AddOctetString(Encoding.Unicode.GetBytes(ListIdentifier + "\0")); } if (SequenceNumber != null) { builder.AddInteger(SequenceNumber.Value); } builder.AddDerData(Asn1Utils.EncodeDateTime(ThisUpdate.ToUniversalTime())); if (NextUpdate != null) { builder.AddDerData(Asn1Utils.EncodeDateTime(NextUpdate.Value.ToUniversalTime())); } return(builder.AddDerData(new AlgorithmIdentifier(HashAlgorithm, new Byte[0]).RawData) .AddDerData(Entries.Encode()) .GetRawData()); }
void initializeFromDateTime(DateTime publishTime) { NextCRLPublish = publishTime; RawData = Asn1Utils.EncodeDateTime(publishTime.ToUniversalTime()); }