private V2Form(Asn1Sequence seq)
{
//IL_0024: Unknown result type (might be due to invalid IL or missing references)
//IL_00a5: Unknown result type (might be due to invalid IL or missing references)
if (seq.Count > 3)
{
throw new ArgumentException(string.Concat((object)"Bad sequence size: ", (object)seq.Count));
}
int num = 0;
if (!(seq[0] is Asn1TaggedObject))
{
num++;
issuerName = GeneralNames.GetInstance(seq[0]);
}
for (int i = num; i != seq.Count; i++)
{
Asn1TaggedObject instance = Asn1TaggedObject.GetInstance(seq[i]);
if (instance.TagNo == 0)
{
baseCertificateID = IssuerSerial.GetInstance(instance, explicitly: false);
continue;
}
if (instance.TagNo == 1)
{
objectDigestInfo = ObjectDigestInfo.GetInstance(instance, isExplicit: false);
continue;
}
throw new ArgumentException(string.Concat((object)"Bad tag number: ", (object)instance.TagNo));
}
}
private V2Form(Asn1Sequence seq)
{
if (seq.Count > 3)
{
throw new ArgumentException("Bad sequence size: " + seq.Count);
}
int num = 0;
if (!(seq[0] is Asn1TaggedObject))
{
num++;
this.issuerName = GeneralNames.GetInstance(seq[0]);
}
for (int num2 = num; num2 != seq.Count; num2++)
{
Asn1TaggedObject instance = Asn1TaggedObject.GetInstance(seq[num2]);
if (instance.TagNo == 0)
{
this.baseCertificateID = IssuerSerial.GetInstance(instance, false);
}
else
{
if (instance.TagNo != 1)
{
throw new ArgumentException("Bad tag number: " + instance.TagNo);
}
this.objectDigestInfo = ObjectDigestInfo.GetInstance(instance, false);
}
}
}
private EssCertIDv2(
Asn1Sequence seq)
{
if (seq.Count != 2 && seq.Count != 3)
throw new ArgumentException("Bad sequence size: " + seq.Count, "seq");
int count = 0;
if (seq[0] is Asn1OctetString)
{
// Default value
this.hashAlgorithm = DefaultAlgID;
}
else
{
this.hashAlgorithm = AlgorithmIdentifier.GetInstance(seq[count++].ToAsn1Object());
}
this.certHash = Asn1OctetString.GetInstance(seq[count++].ToAsn1Object()).GetOctets();
if (seq.Count > count)
{
this.issuerSerial = IssuerSerial.GetInstance(
Asn1Sequence.GetInstance(seq[count].ToAsn1Object()));
}
}
public override void PerformTest()
{
AlgorithmIdentifier algId = new AlgorithmIdentifier(new DerObjectIdentifier("1.2.2.3"));
byte[] digest = new byte[20];
OtherHash otherHash = new OtherHash(new OtherHashAlgAndValue(algId, digest));
IssuerSerial issuerSerial = new IssuerSerial(new GeneralNames(new GeneralName(new X509Name("CN=test"))), new DerInteger(1));
OtherCertID certID = new OtherCertID(otherHash);
checkConstruction(certID, algId, digest, null);
certID = new OtherCertID(otherHash, issuerSerial);
checkConstruction(certID, algId, digest, issuerSerial);
certID = OtherCertID.GetInstance(null);
if (certID != null)
{
Fail("null GetInstance() failed.");
}
try
{
OtherCertID.GetInstance(new Object());
Fail("GetInstance() failed to detect bad object.");
}
catch (ArgumentException)
{
// expected
}
}
private V2Form(
Asn1Sequence seq)
{
if (seq.Count > 3)
{
throw new ArgumentException("Bad sequence size: " + seq.Count);
}
int index = 0;
if (!(seq[0] is Asn1TaggedObject))
{
index++;
this.issuerName = GeneralNames.GetInstance(seq[0]);
}
for (int i = index; i != seq.Count; i++)
{
Asn1TaggedObject o = Asn1TaggedObject.GetInstance(seq[i]);
if (o.TagNo == 0)
{
baseCertificateID = IssuerSerial.GetInstance(o, false);
}
else if (o.TagNo == 1)
{
objectDigestInfo = ObjectDigestInfo.GetInstance(o, false);
}
else
{
throw new ArgumentException("Bad tag number: " + o.TagNo);
}
}
}
private Holder(
Asn1Sequence seq)
{
if (seq.Count > 3)
{
throw new ArgumentException("Bad sequence size: " + seq.Count);
}
for (int i = 0; i != seq.Count; i++)
{
Asn1TaggedObject tObj = Asn1TaggedObject.GetInstance(seq[i]);
switch (tObj.TagNo)
{
case 0:
baseCertificateID = IssuerSerial.GetInstance(tObj, false);
break;
case 1:
entityName = GeneralNames.GetInstance(tObj, false);
break;
case 2:
objectDigestInfo = ObjectDigestInfo.GetInstance(tObj, false);
break;
default:
throw new ArgumentException("unknown tag in Holder");
}
}
}
private Holder(Asn1Sequence seq)
{
if (seq.Count > 3)
{
throw new ArgumentException("Bad sequence size: " + seq.Count);
}
for (int num = 0; num != seq.Count; num++)
{
Asn1TaggedObject instance = Asn1TaggedObject.GetInstance(seq[num]);
switch (instance.TagNo)
{
case 0:
this.baseCertificateID = IssuerSerial.GetInstance(instance, false);
break;
case 1:
this.entityName = GeneralNames.GetInstance(instance, false);
break;
case 2:
this.objectDigestInfo = ObjectDigestInfo.GetInstance(instance, false);
break;
default:
throw new ArgumentException("unknown tag in Holder");
}
}
this.version = 1;
}
private V2Form(
Asn1Sequence seq)
{
if (seq.Count > 3)
{
throw new ArgumentException("Bad sequence size: " + seq.Count);
}
int index = 0;
if (!(seq[0] is Asn1TaggedObject))
{
index++;
this.issuerName = GeneralNames.GetInstance(seq[0]);
}
for (int i = index; i != seq.Count; i++)
{
Asn1TaggedObject o = Asn1TaggedObject.GetInstance(seq[i]);
if (o.TagNo == 0)
{
baseCertificateID = IssuerSerial.GetInstance(o, false);
}
else if (o.TagNo == 1)
{
objectDigestInfo = ObjectDigestInfo.GetInstance(o, false);
}
else
{
throw new ArgumentException("Bad tag number: " + o.TagNo);
}
}
}
public EssCertID(
byte[] hash,
IssuerSerial issuerSerial)
{
this.certHash = new DerOctetString(hash);
this.issuerSerial = issuerSerial;
}
private Holder(Asn1Sequence seq)
{
//IL_0024: Unknown result type (might be due to invalid IL or missing references)
//IL_0088: Unknown result type (might be due to invalid IL or missing references)
if (seq.Count > 3)
{
throw new ArgumentException(string.Concat((object)"Bad sequence size: ", (object)seq.Count));
}
for (int i = 0; i != seq.Count; i++)
{
Asn1TaggedObject instance = Asn1TaggedObject.GetInstance(seq[i]);
switch (instance.TagNo)
{
case 0:
baseCertificateID = IssuerSerial.GetInstance(instance, explicitly: false);
break;
case 1:
entityName = GeneralNames.GetInstance(instance, explicitly: false);
break;
case 2:
objectDigestInfo = ObjectDigestInfo.GetInstance(instance, isExplicit: false);
break;
default:
throw new ArgumentException("unknown tag in Holder");
}
}
version = 1;
}
/**
* Constructs a holder from a IssuerSerial.
* @param baseCertificateID The IssuerSerial.
* @param version The version of the attribute certificate.
*/
public Holder(
IssuerSerial baseCertificateID,
int version)
{
this.baseCertificateID = baseCertificateID;
this.version = version;
}
public OtherCertID(
AlgorithmIdentifier algId,
byte[] digest,
IssuerSerial issuerSerial)
{
this.otherCertHash = new DigestInfo(algId, digest);
this.issuerSerial = issuerSerial;
}
public V2Form(
GeneralNames issuerName,
IssuerSerial baseCertificateID,
ObjectDigestInfo objectDigestInfo)
{
this.issuerName = issuerName;
this.baseCertificateID = baseCertificateID;
this.objectDigestInfo = objectDigestInfo;
}
public V2Form(
GeneralNames issuerName,
IssuerSerial baseCertificateID,
ObjectDigestInfo objectDigestInfo)
{
this.issuerName = issuerName;
this.baseCertificateID = baseCertificateID;
this.objectDigestInfo = objectDigestInfo;
}
public OtherCertID(
OtherHash otherCertHash,
IssuerSerial issuerSerial)
{
if (otherCertHash == null)
throw new ArgumentNullException("otherCertHash");
this.otherCertHash = otherCertHash;
this.issuerSerial = issuerSerial;
}
private void checkValues(
OtherCertID certID,
AlgorithmIdentifier algId,
byte[] digest,
IssuerSerial issuerSerial)
{
checkMandatoryField("hashAlgorithm", algId, certID.OtherCertHash.HashAlgorithm);
checkMandatoryField("hashValue", digest, certID.OtherCertHash.GetHashValue());
checkOptionalField("issuerSerial", issuerSerial, certID.IssuerSerial);
}
/**
* Constructor from a given details.
* <p/>
* <p/>
* Either <code>generalName</code> or <code>certRef</code> MUST be
* <code>null</code>.
*
* @param country The country code whose laws apply.
* @param typeOfSubstitution The type of procuration.
* @param thirdPerson The GeneralName of the person who is represented.
* @param certRef Reference to certificate of the person who is represented.
*/
public Procuration(
string country,
DirectoryString typeOfSubstitution,
GeneralName thirdPerson,
IssuerSerial certRef)
{
this.country = new DerPrintableString(country, true);
this.typeOfSubstitution = typeOfSubstitution;
this.thirdPerson = thirdPerson;
this.certRef = certRef;
}
private OtherCertID(
Asn1Sequence seq)
{
if (seq == null)
throw new ArgumentNullException("seq");
if (seq.Count < 1 || seq.Count > 2)
throw new ArgumentException("Bad sequence size: " + seq.Count, "seq");
this.otherCertHash = OtherHash.GetInstance(seq[0].ToAsn1Object());
if (seq.Count > 1)
{
this.issuerSerial = IssuerSerial.GetInstance(seq[1].ToAsn1Object());
}
}
/**
* constructor
*/
public EssCertID(
Asn1Sequence seq)
{
if (seq.Count < 1 || seq.Count > 2)
{
throw new ArgumentException("Bad sequence size: " + seq.Count);
}
this.certHash = Asn1OctetString.GetInstance(seq[0]);
if (seq.Count > 1)
{
issuerSerial = IssuerSerial.GetInstance(seq[1]);
}
}
public Holder(Asn1TaggedObject tagObj)
{
switch (tagObj.TagNo)
{
case 0:
this.baseCertificateID = IssuerSerial.GetInstance(tagObj, false);
break;
case 1:
this.entityName = GeneralNames.GetInstance(tagObj, false);
break;
default:
throw new ArgumentException("unknown tag in Holder");
}
this.version = 0;
}
/**
* Constructor for a holder for an v1 attribute certificate.
*
* @param tagObj The ASN.1 tagged holder object.
*/
public Holder(
Asn1TaggedObject tagObj)
{
switch (tagObj.TagNo)
{
case 0:
baseCertificateID = IssuerSerial.GetInstance(tagObj, false);
break;
case 1:
entityName = GeneralNames.GetInstance(tagObj, false);
break;
default:
throw new ArgumentException("unknown tag in Holder");
}
this.version = 0;
}
public Holder(Asn1TaggedObject tagObj)
{
//IL_0040: Unknown result type (might be due to invalid IL or missing references)
switch (tagObj.TagNo)
{
case 0:
baseCertificateID = IssuerSerial.GetInstance(tagObj, explicitly: false);
break;
case 1:
entityName = GeneralNames.GetInstance(tagObj, explicitly: false);
break;
default:
throw new ArgumentException("unknown tag in Holder");
}
version = 0;
}
public void Read_WithDefaultAlgorithmIdentifier_ReturnsEssCertIdV2()
{
var directoryName = new X509Name("CN=test");
var generalNames = new GeneralNames(
new BcGeneralName(BcGeneralName.DirectoryName, directoryName));
var bcIssuerSerial = new BcIssuerSerial(generalNames, new DerInteger(BigInteger.One));
var hash = CryptoHashUtility.ComputeHash(HashAlgorithmName.SHA256, Encoding.UTF8.GetBytes("peach"));
var bcEssCertId = new BcEssCertIdV2(hash, bcIssuerSerial);
var bytes = bcEssCertId.GetDerEncoded();
var essCertIdV2 = EssCertIdV2.Read(bytes);
Assert.Equal(Oids.Sha256, essCertIdV2.HashAlgorithm.Algorithm.Value);
Assert.Equal(1, essCertIdV2.IssuerSerial.GeneralNames.Count);
Assert.Equal(directoryName.ToString(), essCertIdV2.IssuerSerial.GeneralNames[0].DirectoryName.Name);
SigningTestUtility.VerifyByteArrays(hash, essCertIdV2.CertificateHash);
SigningTestUtility.VerifyByteArrays(bcIssuerSerial.Serial.Value.ToByteArray(), essCertIdV2.IssuerSerial.SerialNumber);
}
public EssCertIDv2(
AlgorithmIdentifier algId,
byte[] certHash,
IssuerSerial issuerSerial)
{
if (algId == null)
{
// Default value
this.hashAlgorithm = DefaultAlgID;
}
else
{
this.hashAlgorithm = algId;
}
this.certHash = certHash;
this.issuerSerial = issuerSerial;
}
public void Read_WithValidInput_ReturnsEssCertId()
{
using (var certificate = _fixture.GetDefaultCertificate())
{
var bcCertificate = DotNetUtilities.FromX509Certificate(certificate);
var bcGeneralNames = new GeneralNames(
new BcGeneralName(BcGeneralName.DirectoryName, bcCertificate.IssuerDN));
var bcIssuerSerial = new BcIssuerSerial(bcGeneralNames, new DerInteger(bcCertificate.SerialNumber));
var hash = SigningTestUtility.GetHash(certificate, Common.HashAlgorithmName.SHA256);
var bcEssCertId = new BcEssCertId(hash, bcIssuerSerial);
var bytes = bcEssCertId.GetDerEncoded();
var essCertId = EssCertId.Read(bytes);
Assert.Equal(1, essCertId.IssuerSerial.GeneralNames.Count);
Assert.Equal(certificate.IssuerName.Name, essCertId.IssuerSerial.GeneralNames[0].DirectoryName.Name);
SigningTestUtility.VerifyByteArrays(hash, essCertId.CertificateHash);
SigningTestUtility.VerifyByteArrays(bcIssuerSerial.Serial.Value.ToByteArray(), essCertId.IssuerSerial.SerialNumber);
}
}
private void checkConstruction(
OtherCertID certID,
AlgorithmIdentifier algId,
byte[] digest,
IssuerSerial issuerSerial)
{
checkValues(certID, algId, digest, issuerSerial);
certID = OtherCertID.GetInstance(certID);
checkValues(certID, algId, digest, issuerSerial);
Asn1InputStream aIn = new Asn1InputStream(certID.ToAsn1Object().GetEncoded());
Asn1Sequence seq = (Asn1Sequence) aIn.ReadObject();
certID = OtherCertID.GetInstance(seq);
checkValues(certID, algId, digest, issuerSerial);
}
public override void PerformTest()
{
string country = "AU";
DirectoryString typeOfSubstitution = new DirectoryString("substitution");
GeneralName thirdPerson = new GeneralName(new X509Name("CN=thirdPerson"));
IssuerSerial certRef = new IssuerSerial(new GeneralNames(new GeneralName(new X509Name("CN=test"))), new DerInteger(1));
ProcurationSyntax procuration = new ProcurationSyntax(country, typeOfSubstitution, thirdPerson);
checkConstruction(procuration, country, typeOfSubstitution, thirdPerson, null);
procuration = new ProcurationSyntax(country, typeOfSubstitution, certRef);
checkConstruction(procuration, country, typeOfSubstitution, null, certRef);
procuration = new ProcurationSyntax(null, typeOfSubstitution, certRef);
checkConstruction(procuration, null, typeOfSubstitution, null, certRef);
procuration = new ProcurationSyntax(country, null, certRef);
checkConstruction(procuration, country, null, null, certRef);
procuration = ProcurationSyntax.GetInstance(null);
if (procuration != null)
{
Fail("null GetInstance() failed.");
}
try
{
ProcurationSyntax.GetInstance(new Object());
Fail("GetInstance() failed to detect bad object.");
}
catch (ArgumentException)
{
// expected
}
}
private void checkConstruction(
ProcurationSyntax procuration,
string country,
DirectoryString typeOfSubstitution,
GeneralName thirdPerson,
IssuerSerial certRef)
{
checkValues(procuration, country, typeOfSubstitution, thirdPerson, certRef);
procuration = ProcurationSyntax.GetInstance(procuration);
checkValues(procuration, country, typeOfSubstitution, thirdPerson, certRef);
Asn1InputStream aIn = new Asn1InputStream(procuration.ToAsn1Object().GetEncoded());
Asn1Sequence seq = (Asn1Sequence) aIn.ReadObject();
procuration = ProcurationSyntax.GetInstance(seq);
checkValues(procuration, country, typeOfSubstitution, thirdPerson, certRef);
}
/**
* constructor
*/
public OtherCertID(
Asn1Sequence seq)
{
if (seq.Count < 1 || seq.Count > 2)
{
throw new ArgumentException("Bad sequence size: " + seq.Count);
}
if (seq[0].ToAsn1Object() is Asn1OctetString)
{
otherCertHash = Asn1OctetString.GetInstance(seq[0]);
}
else
{
otherCertHash = DigestInfo.GetInstance(seq[0]);
}
if (seq.Count > 1)
{
issuerSerial = IssuerSerial.GetInstance(Asn1Sequence.GetInstance(seq[1]));
}
}
public Holder(
IssuerSerial baseCertificateID)
: this(baseCertificateID, 1)
{
}
public V2Form(GeneralNames issuerName, IssuerSerial baseCertificateID)
: this(issuerName, baseCertificateID, null)
{
}
public Holder(IssuerSerial baseCertificateID) : this(baseCertificateID, 1)
{
}
public Holder(
IssuerSerial baseCertificateID)
{
this.baseCertificateID = baseCertificateID;
}
/**
* Constructor from a given details.
* <p/>
* <p/>
* Either <code>generalName</code> or <code>certRef</code> MUST be
* <code>null</code>.
*
* @param country The country code whose laws apply.
* @param typeOfSubstitution The type of procuration.
* @param certRef Reference to certificate of the person who is represented.
*/
public ProcurationSyntax(
string country,
DirectoryString typeOfSubstitution,
IssuerSerial certRef)
{
this.country = country;
this.typeOfSubstitution = typeOfSubstitution;
this.thirdPerson = null;
this.certRef = certRef;
}
/**
* Constructor from Asn1Sequence.
* <p/>
* The sequence is of type ProcurationSyntax:
* <p/>
* <pre>
* ProcurationSyntax ::= SEQUENCE {
* country [1] EXPLICIT PrintableString(SIZE(2)) OPTIONAL,
* typeOfSubstitution [2] EXPLICIT DirectoryString (SIZE(1..128)) OPTIONAL,
* signingFor [3] EXPLICIT SigningFor
* }
* <p/>
* SigningFor ::= CHOICE
* {
* thirdPerson GeneralName,
* certRef IssuerSerial
* }
* </pre>
*
* @param seq The ASN.1 sequence.
*/
private Procuration(
Asn1Sequence seq)
{
if (seq.Count < 1 || seq.Count > 3)
throw new ArgumentException("Bad sequence size: " + seq.Count);
IEnumerator e = seq.GetEnumerator();
while (e.MoveNext())
{
Asn1TaggedObject o = Asn1TaggedObject.GetInstance(e.Current);
switch (o.TagNo)
{
case 1:
country = DerPrintableString.GetInstance(o, true);
break;
case 2:
typeOfSubstitution = DirectoryString.GetInstance(o, true);
break;
case 3:
Asn1Object signingFor = o.GetObject();
if (signingFor is Asn1TaggedObject)
{
thirdPerson = GeneralName.GetInstance(signingFor);
}
else
{
certRef = IssuerSerial.GetInstance(signingFor);
}
break;
default:
throw new ArgumentException("Bad tag number: " + o.TagNo);
}
}
}
private void checkValues(
ProcurationSyntax procuration,
string country,
DirectoryString typeOfSubstitution,
GeneralName thirdPerson,
IssuerSerial certRef)
{
checkOptionalField("country", country, procuration.Country);
checkOptionalField("typeOfSubstitution", typeOfSubstitution, procuration.TypeOfSubstitution);
checkOptionalField("thirdPerson", thirdPerson, procuration.ThirdPerson);
checkOptionalField("certRef", certRef, procuration.CertRef);
}
public static IssuerSerial GetInstance(Asn1TaggedObject obj, bool explicitly)
{
return(IssuerSerial.GetInstance(Asn1Sequence.GetInstance(obj, explicitly)));
}
/**
* Constructor from a given details.
* <p/>
* <p/>
* Either <code>generalName</code> or <code>certRef</code> MUST be
* <code>null</code>.
*
* @param country The country code whose laws apply.
* @param typeOfSubstitution The type of procuration.
* @param thirdPerson The GeneralName of the person who is represented.
*/
public ProcurationSyntax(
string country,
DirectoryString typeOfSubstitution,
GeneralName thirdPerson)
{
this.country = country;
this.typeOfSubstitution = typeOfSubstitution;
this.thirdPerson = thirdPerson;
this.certRef = null;
}
public V2Form(GeneralNames issuerName, IssuerSerial baseCertificateID)
: this(issuerName, baseCertificateID, null)
{
}
/**
* Constructs a holder from a IssuerSerial.
* @param baseCertificateID The IssuerSerial.
* @param version The version of the attribute certificate.
*/
public Holder(
IssuerSerial baseCertificateID,
int version)
{
this.baseCertificateID = baseCertificateID;
this.version = version;
}
public static Asn1EncodableVector GenerateSignerInfo(X509Certificate2 cert,
String digestAlgorithmName,
byte[] datos,
AdESPolicy policy,
bool signingCertificateV2,
byte[] messageDigest,
DateTime signDate,
bool padesMode,
String contentType,
String contentDescription)
{
// ALGORITMO DE HUELLA DIGITAL
AlgorithmIdentifier digestAlgorithmOID = SigUtils.MakeAlgId(AOAlgorithmID.GetOID(digestAlgorithmName));
// // ATRIBUTOS
// authenticatedAttributes
Asn1EncodableVector contexExpecific = InitContexExpecific(
digestAlgorithmName,
datos,
Org.BouncyCastle.Asn1.Pkcs.PkcsObjectIdentifiers.Data.Id,
messageDigest,
signDate,
padesMode
);
// Serial Number
// comentar lo de abajo para version del rfc 3852
if (signingCertificateV2)
{
// INICIO SINGING CERTIFICATE-V2
/** IssuerSerial ::= SEQUENCE { issuer GeneralNames, serialNumber
* CertificateSerialNumber */
TbsCertificateStructure tbs = TbsCertificateStructure.GetInstance(
Asn1Object.FromByteArray(
new Org.BouncyCastle.X509.X509Certificate(
X509CertificateStructure.GetInstance(
Asn1Object.FromByteArray(
cert.GetRawCertData()))).GetTbsCertificate()));
GeneralNames gns = new GeneralNames(new GeneralName(tbs.Issuer));
IssuerSerial isuerSerial = new IssuerSerial(gns, tbs.SerialNumber);
/** ESSCertIDv2 ::= SEQUENCE { hashAlgorithm AlgorithmIdentifier
* DEFAULT {algorithm id-sha256}, certHash Hash, issuerSerial
* IssuerSerial OPTIONAL }
* Hash ::= OCTET STRING */
byte[] certHash = Digester.Digest(cert.GetRawCertData(), digestAlgorithmName);
EssCertIDv2[] essCertIDv2 = { new EssCertIDv2(digestAlgorithmOID, certHash, isuerSerial) };
/** PolicyInformation ::= SEQUENCE { policyIdentifier CertPolicyId,
* policyQualifiers SEQUENCE SIZE (1..MAX) OF PolicyQualifierInfo
* OPTIONAL }
* CertPolicyId ::= OBJECT IDENTIFIER
* PolicyQualifierInfo ::= SEQUENCE { policyQualifierId
* PolicyQualifierId, qualifier ANY DEFINED BY policyQualifierId } */
SigningCertificateV2 scv2;
if (policy.GetPolicyIdentifier() != null)
{
/** SigningCertificateV2 ::= SEQUENCE { certs SEQUENCE OF
* ESSCertIDv2, policies SEQUENCE OF PolicyInformation OPTIONAL
* } */
scv2 = new SigningCertificateV2(essCertIDv2, GetPolicyInformation(policy)); // con politica
}
else
{
scv2 = new SigningCertificateV2(essCertIDv2); // Sin politica
}
// Secuencia con singningCertificate
contexExpecific.Add(new Org.BouncyCastle.Asn1.Cms.Attribute(Org.BouncyCastle.Asn1.Pkcs.PkcsObjectIdentifiers.IdAASigningCertificateV2, new DerSet(scv2)));
// FIN SINGING CERTIFICATE-V2
}
else
{
// INICIO SINGNING CERTIFICATE
/** IssuerSerial ::= SEQUENCE { issuer GeneralNames, serialNumber
* CertificateSerialNumber } */
TbsCertificateStructure tbs = TbsCertificateStructure.GetInstance(
Asn1Object.FromByteArray(
new Org.BouncyCastle.X509.X509Certificate(
X509CertificateStructure.GetInstance(
Asn1Object.FromByteArray(
cert.GetRawCertData()))).GetTbsCertificate()));
GeneralName gn = new GeneralName(tbs.Issuer);
GeneralNames gns = new GeneralNames(gn);
IssuerSerial isuerSerial = new IssuerSerial(gns, tbs.SerialNumber);
/** ESSCertID ::= SEQUENCE { certHash Hash, issuerSerial IssuerSerial
* OPTIONAL }
* Hash ::= OCTET STRING -- SHA1 hash of entire certificate */
byte[] certHash = Digester.Digest(cert.GetRawCertData(), digestAlgorithmName);
EssCertID essCertID = new EssCertID(certHash, isuerSerial);
/** PolicyInformation ::= SEQUENCE { policyIdentifier CertPolicyId,
* policyQualifiers SEQUENCE SIZE (1..MAX) OF PolicyQualifierInfo
* OPTIONAL }
* CertPolicyId ::= OBJECT IDENTIFIER
* PolicyQualifierInfo ::= SEQUENCE { policyQualifierId
* PolicyQualifierId, qualifier ANY DEFINED BY policyQualifierId } */
SigningCertificate scv;
if (policy.GetPolicyIdentifier() != null)
{
/** SigningCertificateV2 ::= SEQUENCE { certs SEQUENCE OF
* ESSCertIDv2, policies SEQUENCE OF PolicyInformation OPTIONAL
* } */
/*
* HAY QUE HACER UN SEQUENCE, YA QUE EL CONSTRUCTOR DE BOUNCY
* CASTLE NO TIENE DICHO CONSTRUCTOR.
*/
Asn1EncodableVector v = new Asn1EncodableVector();
v.Add(new DerSequence(essCertID));
v.Add(new DerSequence(GetPolicyInformation(policy)));
scv = SigningCertificate.GetInstance(new DerSequence(v)); // con politica
}
else
{
scv = new SigningCertificate(essCertID); // Sin politica
}
/** id-aa-signingCertificate OBJECT IDENTIFIER ::= { iso(1)
* member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs9(9) smime(16)
* id-aa(2) 12 } */
// Secuencia con singningCertificate
contexExpecific.Add(new Org.BouncyCastle.Asn1.Cms.Attribute(Org.BouncyCastle.Asn1.Pkcs.PkcsObjectIdentifiers.IdAASigningCertificate, new DerSet(scv)));
}
// INICIO SIGPOLICYID ATTRIBUTE
if (policy.GetPolicyIdentifier() != null)
{
/**
* SigPolicyId ::= OBJECT IDENTIFIER Politica de firma.
*/
DerObjectIdentifier doiSigPolicyId = new DerObjectIdentifier(policy.GetPolicyIdentifier().ToLower().Replace("urn:oid:", ""));
/**
* OtherHashAlgAndValue ::= SEQUENCE {
* hashAlgorithm AlgorithmIdentifier,
* hashValue OCTET STRING }
*
*/
// Algoritmo para el hash
AlgorithmIdentifier hashid;
// si tenemos algoritmo de calculo de hash, lo ponemos
if (policy.GetPolicyIdentifierHashAlgorithm() != null)
{
hashid = SigUtils.MakeAlgId(
AOAlgorithmID.GetOID(
AOSignConstants.GetDigestAlgorithmName(
policy.GetPolicyIdentifierHashAlgorithm())));
}
// si no tenemos, ponemos el algoritmo de firma.
else
{
hashid = digestAlgorithmOID;
}
// hash del documento, descifrado en b64
byte[] hashed;
if (policy.GetPolicyIdentifierHash() != null)
{
hashed = System.Convert.FromBase64String(policy.GetPolicyIdentifierHash());
}
else
{
hashed = new byte[] { 0 };
}
DigestInfo otherHashAlgAndValue = new DigestInfo(hashid, hashed);
/**
* SigPolicyQualifierInfo ::= SEQUENCE {
* SigPolicyQualifierId SigPolicyQualifierId,
* SigQualifier ANY DEFINED BY policyQualifierId }
*/
AOSigPolicyQualifierInfo spqInfo = null;
if (policy.GetPolicyQualifier() != null)
{
spqInfo = new AOSigPolicyQualifierInfo(policy.GetPolicyQualifier().ToString());
}
/**
* SignaturePolicyId ::= SEQUENCE {
* sigPolicyId SigPolicyId,
* sigPolicyHash SigPolicyHash,
* sigPolicyQualifiers SEQUENCE SIZE (1..MAX) OF
* AOSigPolicyQualifierInfo OPTIONAL}
*
*/
Asn1EncodableVector v = new Asn1EncodableVector();
// sigPolicyId
v.Add(doiSigPolicyId);
// sigPolicyHash
v.Add(otherHashAlgAndValue.ToAsn1Object()); // como sequence
// sigPolicyQualifiers
if (spqInfo != null)
{
v.Add(spqInfo.toASN1Primitive());
}
DerSequence ds = new DerSequence(v);
// Secuencia con singningCertificate
contexExpecific.Add(new Org.BouncyCastle.Asn1.Cms.Attribute(Org.BouncyCastle.Asn1.Pkcs.PkcsObjectIdentifiers.IdAAEtsSigPolicyID, new DerSet(ds.ToAsn1Object())));
// FIN SIGPOLICYID ATTRIBUTE
}
/**
* Secuencia con el tipo de contenido firmado. No se agrega en firmas PAdES.
*
* ContentHints ::= SEQUENCE {
* contentDescription UTF8String (SIZE (1..MAX)) OPTIONAL,
* contentType ContentType }
*/
if (contentType != null && !padesMode)
{
ContentHints contentHints;
if (contentDescription != null)
{
contentHints = new ContentHints(new DerObjectIdentifier(contentType),
new DerUtf8String(contentDescription));
}
else
{
contentHints = new ContentHints(new DerObjectIdentifier(contentType));
}
contexExpecific.Add(new Org.BouncyCastle.Asn1.Cms.Attribute(
Org.BouncyCastle.Asn1.Pkcs.PkcsObjectIdentifiers.IdAAContentHint,
new DerSet(contentHints.ToAsn1Object())));
}
return contexExpecific;
}
/**
* Constructor for a holder for an v2 attribute certificate. *
*
* @param seq The ASN.1 sequence.
*/
private Holder(
Asn1Sequence seq)
{
if (seq.Count > 3)
throw new ArgumentException("Bad sequence size: " + seq.Count);
for (int i = 0; i != seq.Count; i++)
{
Asn1TaggedObject tObj = Asn1TaggedObject.GetInstance(seq[i]);
switch (tObj.TagNo)
{
case 0:
baseCertificateID = IssuerSerial.GetInstance(tObj, false);
break;
case 1:
entityName = GeneralNames.GetInstance(tObj, false);
break;
case 2:
objectDigestInfo = ObjectDigestInfo.GetInstance(tObj, false);
break;
default:
throw new ArgumentException("unknown tag in Holder");
}
}
this.version = 1;
}
public EssCertIDv2(
byte[] certHash,
IssuerSerial issuerSerial)
: this(null, certHash, issuerSerial)
{
}
