internal static List <AttributeAsn> BuildAttributes(CryptographicAttributeObjectCollection attributes) { List <AttributeAsn> signedAttrs = new List <AttributeAsn>(); if (attributes == null || attributes.Count == 0) { return(signedAttrs); } foreach (CryptographicAttributeObject attributeObject in attributes) { AttributeAsn newAttr = new AttributeAsn { AttrType = attributeObject.Oid, AttrValues = new ReadOnlyMemory <byte> [attributeObject.Values.Count], }; for (int i = 0; i < attributeObject.Values.Count; i++) { newAttr.AttrValues[i] = attributeObject.Values[i].RawData; } signedAttrs.Add(newAttr); } return(signedAttrs); }
public static AttributeAsn[] NormalizeAttributeSet( AttributeAsn[] setItems, Action <byte[]> encodedValueProcessor = null) { byte[] normalizedValue; using (AsnWriter writer = new AsnWriter(AsnEncodingRules.DER)) { writer.PushSetOf(); foreach (AttributeAsn item in setItems) { item.Encode(writer); } writer.PopSetOf(); normalizedValue = writer.Encode(); if (encodedValueProcessor != null) { encodedValueProcessor(normalizedValue); } } AsnReader reader = new AsnReader(normalizedValue, AsnEncodingRules.DER); AsnReader setReader = reader.ReadSetOf(); AttributeAsn[] decodedSet = new AttributeAsn[setItems.Length]; int i = 0; while (setReader.HasData) { AttributeAsn.Decode(setReader, out AttributeAsn item); decodedSet[i] = item; i++; } return(decodedSet); }
internal static List <AttributeAsn> BuildAttributes(CryptographicAttributeObjectCollection attributes) { List <AttributeAsn> signedAttrs = new List <AttributeAsn>(); if (attributes == null || attributes.Count == 0) { return(signedAttrs); } foreach (CryptographicAttributeObject attributeObject in attributes) { using (var writer = new AsnWriter(AsnEncodingRules.DER)) { writer.PushSetOf(); foreach (AsnEncodedData objectValue in attributeObject.Values) { writer.WriteEncodedValue(objectValue.RawData); } writer.PopSetOf(); AttributeAsn newAttr = new AttributeAsn { AttrType = attributeObject.Oid, AttrValues = writer.Encode(), }; signedAttrs.Add(newAttr); } } return(signedAttrs); }
internal static void Decode(ref AsnValueReader reader, ReadOnlyMemory <byte> rebind, out SignedAttributesSet decoded) { decoded = default; Asn1Tag tag = reader.PeekTag(); AsnValueReader collectionReader; if (tag.HasSameClassAndValue(new Asn1Tag(TagClass.ContextSpecific, 0))) { // Decode SEQUENCE OF for SignedAttributes { collectionReader = reader.ReadSetOf(new Asn1Tag(TagClass.ContextSpecific, 0)); var tmpList = new List <AttributeAsn>(); AttributeAsn tmpItem; while (collectionReader.HasData) { AttributeAsn.Decode(ref collectionReader, rebind, out tmpItem); tmpList.Add(tmpItem); } decoded.SignedAttributes = tmpList.ToArray(); } } else { throw new CryptographicException(); } }
public static void Decode(ref AsnValueReader reader, Asn1Tag expectedTag, ReadOnlyMemory <byte> rebind, out EnvelopedDataAsn decoded) { decoded = default; AsnValueReader sequenceReader = reader.ReadSequence(expectedTag); AsnValueReader collectionReader; if (!sequenceReader.TryReadInt32(out decoded.Version)) { sequenceReader.ThrowIfNotEmpty(); } if (sequenceReader.HasData && sequenceReader.PeekTag().HasSameClassAndValue(new Asn1Tag(TagClass.ContextSpecific, 0))) { OriginatorInfoAsn tmpOriginatorInfo; OriginatorInfoAsn.Decode(ref sequenceReader, new Asn1Tag(TagClass.ContextSpecific, 0), rebind, out tmpOriginatorInfo); decoded.OriginatorInfo = tmpOriginatorInfo; } // Decode SEQUENCE OF for RecipientInfos { collectionReader = sequenceReader.ReadSetOf(); var tmpList = new List <RecipientInfoAsn>(); RecipientInfoAsn tmpItem; while (collectionReader.HasData) { RecipientInfoAsn.Decode(ref collectionReader, rebind, out tmpItem); tmpList.Add(tmpItem); } decoded.RecipientInfos = tmpList.ToArray(); } EncryptedContentInfoAsn.Decode(ref sequenceReader, rebind, out decoded.EncryptedContentInfo); if (sequenceReader.HasData && sequenceReader.PeekTag().HasSameClassAndValue(new Asn1Tag(TagClass.ContextSpecific, 1))) { // Decode SEQUENCE OF for UnprotectedAttributes { collectionReader = sequenceReader.ReadSetOf(new Asn1Tag(TagClass.ContextSpecific, 1)); var tmpList = new List <AttributeAsn>(); AttributeAsn tmpItem; while (collectionReader.HasData) { AttributeAsn.Decode(ref collectionReader, rebind, out tmpItem); tmpList.Add(tmpItem); } decoded.UnprotectedAttributes = tmpList.ToArray(); } } sequenceReader.ThrowIfNotEmpty(); }
internal static void Decode(ref AsnValueReader reader, Asn1Tag expectedTag, ReadOnlyMemory <byte> rebind, out SignerInfoAsn decoded) { decoded = default; AsnValueReader sequenceReader = reader.ReadSequence(expectedTag); AsnValueReader collectionReader; ReadOnlySpan <byte> rebindSpan = rebind.Span; int offset; ReadOnlySpan <byte> tmpSpan; if (!sequenceReader.TryReadInt32(out decoded.Version)) { sequenceReader.ThrowIfNotEmpty(); } SignerIdentifierAsn.Decode(ref sequenceReader, rebind, out decoded.Sid); AlgorithmIdentifierAsn.Decode(ref sequenceReader, rebind, out decoded.DigestAlgorithm); if (sequenceReader.HasData && sequenceReader.PeekTag().HasSameClassAndValue(new Asn1Tag(TagClass.ContextSpecific, 0))) { tmpSpan = sequenceReader.ReadEncodedValue(); decoded.SignedAttributes = rebindSpan.Overlaps(tmpSpan, out offset) ? rebind.Slice(offset, tmpSpan.Length) : tmpSpan.ToArray(); decoded.SignedAttributesSet = SignedAttributesSet.Decode(decoded.SignedAttributes.Value, AsnEncodingRules.BER); } AlgorithmIdentifierAsn.Decode(ref sequenceReader, rebind, out decoded.SignatureAlgorithm); if (sequenceReader.TryReadPrimitiveOctetStringBytes(out tmpSpan)) { decoded.SignatureValue = rebindSpan.Overlaps(tmpSpan, out offset) ? rebind.Slice(offset, tmpSpan.Length) : tmpSpan.ToArray(); } else { decoded.SignatureValue = sequenceReader.ReadOctetString(); } if (sequenceReader.HasData && sequenceReader.PeekTag().HasSameClassAndValue(new Asn1Tag(TagClass.ContextSpecific, 1))) { // Decode SEQUENCE OF for UnsignedAttributes { collectionReader = sequenceReader.ReadSetOf(new Asn1Tag(TagClass.ContextSpecific, 1)); var tmpList = new List <AttributeAsn>(); AttributeAsn tmpItem; while (collectionReader.HasData) { AttributeAsn.Decode(ref collectionReader, rebind, out tmpItem); tmpList.Add(tmpItem); } decoded.UnsignedAttributes = tmpList.ToArray(); } } sequenceReader.ThrowIfNotEmpty(); }
internal byte[] ToPkcs10Request(X509SignatureGenerator signatureGenerator, HashAlgorithmName hashAlgorithm) { // State validation should be runtime checks if/when this becomes public API Debug.Assert(signatureGenerator != null); Debug.Assert(Subject != null); Debug.Assert(PublicKey != null); byte[] signatureAlgorithm = signatureGenerator.GetSignatureAlgorithmIdentifier(hashAlgorithm); AlgorithmIdentifierAsn signatureAlgorithmAsn; // Deserialization also does validation of the value (except for Parameters, which have to be validated separately). signatureAlgorithmAsn = AlgorithmIdentifierAsn.Decode(signatureAlgorithm, AsnEncodingRules.DER); if (signatureAlgorithmAsn.Parameters.HasValue) { Helpers.ValidateDer(signatureAlgorithmAsn.Parameters.Value.Span); } SubjectPublicKeyInfoAsn spki = default; spki.Algorithm = new AlgorithmIdentifierAsn { Algorithm = PublicKey.Oid !.Value !, Parameters = PublicKey.EncodedParameters.RawData }; spki.SubjectPublicKey = PublicKey.EncodedKeyValue.RawData; var attributes = new AttributeAsn[Attributes.Count]; for (int i = 0; i < attributes.Length; i++) { attributes[i] = new AttributeAsn(Attributes[i]); } CertificationRequestInfoAsn requestInfo = new CertificationRequestInfoAsn { Version = 0, Subject = this.Subject.RawData, SubjectPublicKeyInfo = spki, Attributes = attributes }; AsnWriter writer = new AsnWriter(AsnEncodingRules.DER); requestInfo.Encode(writer); byte[] encodedRequestInfo = writer.Encode(); writer.Reset(); CertificationRequestAsn certificationRequest = new CertificationRequestAsn { CertificationRequestInfo = requestInfo, SignatureAlgorithm = signatureAlgorithmAsn, SignatureValue = signatureGenerator.SignData(encodedRequestInfo, hashAlgorithm), }; certificationRequest.Encode(writer); return(writer.Encode()); } }
private void BuildBags( ICertificatePalCore certPal, ReadOnlySpan <char> passwordSpan, AsnWriter tmpWriter, CertBagAsn[] certBags, AttributeAsn[] certAttrs, SafeBagAsn[] keyBags, ref int certIdx, ref int keyIdx) { tmpWriter.WriteOctetString(certPal.RawData); certBags[certIdx] = new CertBagAsn { CertId = Oids.Pkcs12X509CertBagType, CertValue = tmpWriter.Encode(), }; tmpWriter.Reset(); if (certPal.HasPrivateKey) { byte[] attrBytes = new byte[6]; attrBytes[0] = (byte)UniversalTagNumber.OctetString; attrBytes[1] = sizeof(int); MemoryMarshal.Write(attrBytes.AsSpan(2), ref keyIdx); AttributeAsn attribute = new AttributeAsn { AttrType = Oids.LocalKeyId, AttrValues = new ReadOnlyMemory <byte>[] { attrBytes, } }; keyBags[keyIdx] = new SafeBagAsn { BagId = Oids.Pkcs12ShroudedKeyBag, BagValue = ExportPkcs8(certPal, passwordSpan), BagAttributes = new[] { attribute } }; // Reuse the attribute between the cert and the key. certAttrs[certIdx] = attribute; keyIdx++; } certIdx++; }
public static AttributeAsn[] NormalizeAttributeSet( AttributeAsn[] setItems, Action <byte[]>?encodedValueProcessor = null) { byte[] normalizedValue; AsnWriter writer = new AsnWriter(AsnEncodingRules.DER); writer.PushSetOf(); foreach (AttributeAsn item in setItems) { item.Encode(writer); } writer.PopSetOf(); normalizedValue = writer.Encode(); if (encodedValueProcessor != null) { encodedValueProcessor(normalizedValue); } try { AsnValueReader reader = new AsnValueReader(normalizedValue, AsnEncodingRules.DER); AsnValueReader setReader = reader.ReadSetOf(); AttributeAsn[] decodedSet = new AttributeAsn[setItems.Length]; int i = 0; while (setReader.HasData) { AttributeAsn.Decode(ref setReader, normalizedValue, out AttributeAsn item); decodedSet[i] = item; i++; } return(decodedSet); } catch (AsnContentException e) { throw new CryptographicException(SR.Cryptography_Der_Invalid_Encoding, e); } }
public void ComputeCounterSignature(CmsSigner signer) { if (_parentSignerInfo != null) { throw new CryptographicException(SR.Cryptography_Cms_NoCounterCounterSigner); } if (signer == null) { throw new ArgumentNullException(nameof(signer)); } signer.CheckCertificateValue(); int myIdx = _document.SignerInfos.FindIndexForSigner(this); if (myIdx < 0) { throw new CryptographicException(SR.Cryptography_Cms_SignerNotFound); } // Make sure that we're using the most up-to-date version of this that we can. SignerInfo effectiveThis = _document.SignerInfos[myIdx]; X509Certificate2Collection chain; SignerInfoAsn newSignerInfo = signer.Sign(effectiveThis._signature, null, false, out chain); AttributeAsn newUnsignedAttr; using (AsnWriter writer = new AsnWriter(AsnEncodingRules.DER)) { writer.PushSetOf(); AsnSerializer.Serialize(newSignerInfo, writer); writer.PopSetOf(); newUnsignedAttr = new AttributeAsn { AttrType = new Oid(Oids.CounterSigner, Oids.CounterSigner), AttrValues = writer.Encode(), }; } ref SignedDataAsn signedData = ref _document.GetRawData();