private OcspRequest(Asn1Sequence seq)
{
tbsRequest = TbsRequest.GetInstance(seq[0]);
if (seq.Count == 2)
{
optionalSignature = Signature.GetInstance((Asn1TaggedObject)seq[1], explicitly: true);
}
}
public OcspRequest(TbsRequest tbsRequest, Signature optionalSignature)
{
if (tbsRequest == null)
{
throw new ArgumentNullException("tbsRequest");
}
this.tbsRequest = tbsRequest;
this.optionalSignature = optionalSignature;
}
private OcspReq GenerateRequest(
DerObjectIdentifier signingAlgorithm,
AsymmetricKeyParameter privateKey,
X509Certificate[] chain,
SecureRandom random)
{
Asn1EncodableVector requests = new Asn1EncodableVector();
foreach (RequestObject reqObj in list)
{
try
{
requests.Add(reqObj.ToRequest());
}
catch (Exception e)
{
throw new OcspException("exception creating Request", e);
}
}
TbsRequest tbsReq = new TbsRequest(requestorName, new DerSequence(requests), requestExtensions);
ISigner sig = null;
Signature signature = null;
if (signingAlgorithm != null)
{
if (requestorName == null)
{
throw new OcspException("requestorName must be specified if request is signed.");
}
try
{
sig = SignerUtilities.GetSigner(signingAlgorithm.Id);
if (random != null)
{
sig.Init(true, new ParametersWithRandom(privateKey, random));
}
else
{
sig.Init(true, privateKey);
}
}
catch (Exception e)
{
throw new OcspException("exception creating signature: " + e, e);
}
DerBitString bitSig = null;
try
{
byte[] encoded = tbsReq.GetEncoded();
sig.BlockUpdate(encoded, 0, encoded.Length);
bitSig = new DerBitString(sig.GenerateSignature());
}
catch (Exception e)
{
throw new OcspException("exception processing TBSRequest: " + e, e);
}
AlgorithmIdentifier sigAlgId = new AlgorithmIdentifier(signingAlgorithm, DerNull.Instance);
if (chain != null && chain.Length > 0)
{
Asn1EncodableVector v = new Asn1EncodableVector();
try
{
for (int i = 0; i != chain.Length; i++)
{
v.Add(
X509CertificateStructure.GetInstance(
Asn1Object.FromByteArray(chain[i].GetEncoded())));
}
}
catch (IOException e)
{
throw new OcspException("error processing certs", e);
}
catch (CertificateEncodingException e)
{
throw new OcspException("error encoding certs", e);
}
signature = new Signature(sigAlgId, bitSig, new DerSequence(v));
}
else
{
signature = new Signature(sigAlgId, bitSig);
}
}
return(new OcspReq(new OcspRequest(tbsReq, signature)));
}
private OcspReq GenerateRequest(DerObjectIdentifier signingAlgorithm, AsymmetricKeyParameter privateKey, X509Certificate[] chain, SecureRandom random)
{
Asn1EncodableVector asn1EncodableVector = new Asn1EncodableVector(new Asn1Encodable[0]);
foreach (OcspReqGenerator.RequestObject requestObject in this.list)
{
try
{
asn1EncodableVector.Add(new Asn1Encodable[]
{
requestObject.ToRequest()
});
}
catch (Exception e)
{
throw new OcspException("exception creating Request", e);
}
}
TbsRequest tbsRequest = new TbsRequest(this.requestorName, new DerSequence(asn1EncodableVector), this.requestExtensions);
ISigner signer = null;
Signature optionalSignature = null;
if (signingAlgorithm != null)
{
if (this.requestorName == null)
{
throw new OcspException("requestorName must be specified if request is signed.");
}
try
{
signer = SignerUtilities.GetSigner(signingAlgorithm.Id);
if (random != null)
{
signer.Init(true, new ParametersWithRandom(privateKey, random));
}
else
{
signer.Init(true, privateKey);
}
}
catch (Exception ex)
{
throw new OcspException("exception creating signature: " + ex, ex);
}
DerBitString signatureValue = null;
try
{
byte[] encoded = tbsRequest.GetEncoded();
signer.BlockUpdate(encoded, 0, encoded.Length);
signatureValue = new DerBitString(signer.GenerateSignature());
}
catch (Exception ex2)
{
throw new OcspException("exception processing TBSRequest: " + ex2, ex2);
}
AlgorithmIdentifier signatureAlgorithm = new AlgorithmIdentifier(signingAlgorithm, DerNull.Instance);
if (chain != null && chain.Length > 0)
{
Asn1EncodableVector asn1EncodableVector2 = new Asn1EncodableVector(new Asn1Encodable[0]);
try
{
for (int num = 0; num != chain.Length; num++)
{
asn1EncodableVector2.Add(new Asn1Encodable[]
{
X509CertificateStructure.GetInstance(Asn1Object.FromByteArray(chain[num].GetEncoded()))
});
}
}
catch (IOException e2)
{
throw new OcspException("error processing certs", e2);
}
catch (CertificateEncodingException e3)
{
throw new OcspException("error encoding certs", e3);
}
optionalSignature = new Signature(signatureAlgorithm, signatureValue, new DerSequence(asn1EncodableVector2));
}
else
{
optionalSignature = new Signature(signatureAlgorithm, signatureValue);
}
}
return(new OcspReq(new OcspRequest(tbsRequest, optionalSignature)));
}
// todo: add unit test for OCSP (possible regressions with using RSA instead of RSACryptoServiceProvider)
public static OcspReq Generate(this OcspReqGenerator ocspRegGenerator,
RSA rsa,
X509Chain chain)
{
Asn1EncodableVector requests = new Asn1EncodableVector();
DerObjectIdentifier signingAlgorithm = PkcsObjectIdentifiers.Sha1WithRsaEncryption;
IList list = null;
Type OcspReqGeneratorInfo_Type = typeof(OcspReqGenerator);
FieldInfo ListInfo_m_parameters = OcspReqGeneratorInfo_Type.GetField("list", BindingFlags.NonPublic | BindingFlags.Instance);
list = (IList)ListInfo_m_parameters.GetValue(ocspRegGenerator);
Type RequestObjectType = OcspReqGeneratorInfo_Type.GetNestedType("RequestObject", BindingFlags.NonPublic | BindingFlags.Instance);
MethodInfo toRequestMethod = RequestObjectType.GetMethod("ToRequest");
foreach (object reqObj in list)
{
try
{
requests.Add((Request)toRequestMethod.Invoke(reqObj, null));
}
catch (Exception e)
{
throw new OcspException("exception creating Request", e);
}
}
GeneralName requestorName;
FieldInfo GeneralNameInfo_m_parameters = OcspReqGeneratorInfo_Type.GetField("requestorName", BindingFlags.NonPublic | BindingFlags.Instance);
requestorName = (GeneralName)GeneralNameInfo_m_parameters.GetValue(ocspRegGenerator);
X509Extensions requestExtensions = null;
FieldInfo requestExtensions_parameters = OcspReqGeneratorInfo_Type.GetField("requestExtensions", BindingFlags.NonPublic | BindingFlags.Instance);
requestExtensions = (X509Extensions)requestExtensions_parameters.GetValue(ocspRegGenerator);
TbsRequest tbsReq = new TbsRequest(requestorName, new DerSequence(requests), requestExtensions);
Org.BouncyCastle.Asn1.Ocsp.Signature signature = null;
if (signingAlgorithm != null)
{
if (requestorName == null)
{
throw new OcspException("requestorName must be specified if request is signed.");
}
DerBitString bitSig = null;
try
{
byte[] encoded = tbsReq.GetEncoded();
byte[] signedData = rsa.SignData(encoded, HashAlgorithmName.SHA1, RSASignaturePadding.Pkcs1);
bitSig = new DerBitString(signedData);
}
catch (Exception e)
{
throw new OcspException("exception processing TBSRequest: " + e, e);
}
AlgorithmIdentifier sigAlgId = new AlgorithmIdentifier(signingAlgorithm, DerNull.Instance);
if (chain != null && chain.ChainElements.Count > 0)
{
Asn1EncodableVector v = new Asn1EncodableVector();
try
{
for (int i = 0; i != chain.ChainElements.Count; i++)
{
v.Add(
X509CertificateStructure.GetInstance(
Asn1Object.FromByteArray(chain.ChainElements[i].Certificate.RawData)));
}
}
catch (Exception e)
{
throw new OcspException("error processing certs", e);
}
signature = new Org.BouncyCastle.Asn1.Ocsp.Signature(sigAlgId, bitSig, new DerSequence(v));
}
else
{
signature = new Org.BouncyCastle.Asn1.Ocsp.Signature(sigAlgId, bitSig);
}
}
return(new OcspReq(new OcspRequest(tbsReq, signature)));
}
private OcspReq GenerateRequest(DerObjectIdentifier signingAlgorithm, AsymmetricKeyParameter privateKey, X509Certificate[] chain, SecureRandom random)
{
//IL_018f: Expected O, but got Unknown
Asn1EncodableVector asn1EncodableVector = new Asn1EncodableVector();
global::System.Collections.IEnumerator enumerator = ((global::System.Collections.IEnumerable)list).GetEnumerator();
try
{
while (enumerator.MoveNext())
{
RequestObject requestObject = (RequestObject)enumerator.get_Current();
try
{
asn1EncodableVector.Add(requestObject.ToRequest());
}
catch (global::System.Exception e)
{
throw new OcspException("exception creating Request", e);
}
}
}
finally
{
global::System.IDisposable disposable = enumerator as global::System.IDisposable;
if (disposable != null)
{
disposable.Dispose();
}
}
TbsRequest tbsRequest = new TbsRequest(requestorName, new DerSequence(asn1EncodableVector), requestExtensions);
ISigner signer = null;
Signature optionalSignature = null;
if (signingAlgorithm != null)
{
if (requestorName == null)
{
throw new OcspException("requestorName must be specified if request is signed.");
}
try
{
signer = SignerUtilities.GetSigner(signingAlgorithm.Id);
if (random != null)
{
signer.Init(forSigning: true, new ParametersWithRandom(privateKey, random));
}
else
{
signer.Init(forSigning: true, privateKey);
}
}
catch (global::System.Exception ex)
{
throw new OcspException(string.Concat((object)"exception creating signature: ", (object)ex), ex);
}
DerBitString derBitString = null;
try
{
byte[] encoded = tbsRequest.GetEncoded();
signer.BlockUpdate(encoded, 0, encoded.Length);
derBitString = new DerBitString(signer.GenerateSignature());
}
catch (global::System.Exception ex2)
{
throw new OcspException(string.Concat((object)"exception processing TBSRequest: ", (object)ex2), ex2);
}
AlgorithmIdentifier signatureAlgorithm = new AlgorithmIdentifier(signingAlgorithm, DerNull.Instance);
if (chain != null && chain.Length > 0)
{
Asn1EncodableVector asn1EncodableVector2 = new Asn1EncodableVector();
try
{
for (int i = 0; i != chain.Length; i++)
{
asn1EncodableVector2.Add(X509CertificateStructure.GetInstance(Asn1Object.FromByteArray(chain[i].GetEncoded())));
}
}
catch (IOException val)
{
IOException e2 = val;
throw new OcspException("error processing certs", (global::System.Exception)(object) e2);
}
catch (CertificateEncodingException e3)
{
throw new OcspException("error encoding certs", e3);
}
optionalSignature = new Signature(signatureAlgorithm, derBitString, new DerSequence(asn1EncodableVector2));
}
else
{
optionalSignature = new Signature(signatureAlgorithm, derBitString);
}
}
return(new OcspReq(new OcspRequest(tbsRequest, optionalSignature)));
}
