protected override void Decode()
{
ASN1 aSN = new ASN1(extnValue.Value);
if (aSN.Tag != 48)
{
throw new ArgumentException("Invalid PrivateKeyUsagePeriod extension");
}
for (int i = 0; i < aSN.Count; i++)
{
switch (aSN[i].Tag)
{
case 128:
notBefore = ASN1Convert.ToDateTime(aSN[i]);
break;
case 129:
notAfter = ASN1Convert.ToDateTime(aSN[i]);
break;
default:
throw new ArgumentException("Invalid PrivateKeyUsagePeriod extension");
}
}
}
protected override void Decode()
{
ASN1 asn = new ASN1(this.extnValue.Value);
if (asn.Tag != 48)
{
throw new ArgumentException("Invalid PrivateKeyUsagePeriod extension");
}
for (int i = 0; i < asn.Count; i++)
{
byte tag = asn[i].Tag;
if (tag != 128)
{
if (tag != 129)
{
throw new ArgumentException("Invalid PrivateKeyUsagePeriod extension");
}
this.notAfter = ASN1Convert.ToDateTime(asn[i]);
}
else
{
this.notBefore = ASN1Convert.ToDateTime(asn[i]);
}
}
}
protected override void Decode()
{
ASN1 sequence = new ASN1(extnValue.Value);
if (sequence.Tag != 0x30)
{
throw new ArgumentException("Invalid PrivateKeyUsagePeriod extension");
}
for (int i = 0; i < sequence.Count; i++)
{
switch (sequence [i].Tag)
{
case 0x80:
notBefore = ASN1Convert.ToDateTime(sequence [i]);
break;
case 0x81:
notAfter = ASN1Convert.ToDateTime(sequence [i]);
break;
default:
throw new ArgumentException("Invalid PrivateKeyUsagePeriod extension");
}
}
}
internal X509CrlEntry(ASN1 entry)
{
sn = entry[0].Value;
Array.Reverse(sn);
revocationDate = ASN1Convert.ToDateTime(entry[1]);
extensions = new X509ExtensionCollection(entry[2]);
}
protected override void Decode()
{
ASN1 asN1 = new ASN1(this.extnValue.Value);
if (asN1.Tag != (byte)48)
{
throw new ArgumentException("Invalid PrivateKeyUsagePeriod extension");
}
for (int index = 0; index < asN1.Count; ++index)
{
switch (asN1[index].Tag)
{
case 128:
this.notBefore = ASN1Convert.ToDateTime(asN1[index]);
break;
case 129:
this.notAfter = ASN1Convert.ToDateTime(asN1[index]);
break;
default:
throw new ArgumentException("Invalid PrivateKeyUsagePeriod extension");
}
}
}
protected override void Decode()
{
ASN1 asn = new ASN1(this.extnValue.Value);
if (asn.Tag != 48)
{
throw new ArgumentException("Invalid KeyAttributesExtension extension");
}
int num = 0;
if (num < asn.Count)
{
ASN1 asn2 = asn[num];
if (asn2.Tag == 4)
{
num++;
this.keyId = asn2.Value;
}
}
if (num < asn.Count)
{
ASN1 asn3 = asn[num];
if (asn3.Tag == 3)
{
num++;
int i = 1;
while (i < asn3.Value.Length)
{
this.kubits = (this.kubits << 8) + (int)asn3.Value[i++];
}
}
}
if (num < asn.Count)
{
ASN1 asn4 = asn[num];
if (asn4.Tag == 48)
{
int num2 = 0;
if (num2 < asn4.Count)
{
ASN1 asn5 = asn4[num2];
if (asn5.Tag == 129)
{
num2++;
this.notBefore = ASN1Convert.ToDateTime(asn5);
}
}
if (num2 < asn4.Count)
{
ASN1 asn6 = asn4[num2];
if (asn6.Tag == 130)
{
this.notAfter = ASN1Convert.ToDateTime(asn6);
}
}
}
}
}
public void ConvertDateTimeInvalidButExistingFormat()
{
string nosecs = "9912312359Z";
ASN1 dt = new ASN1(0x18, Encoding.ASCII.GetBytes(nosecs));
DateTime actual = ASN1Convert.ToDateTime(dt);
Assert.AreEqual(DateTimeKind.Utc, actual.Kind, "Kind");
Assert.AreEqual(nosecs, actual.ToUniversalTime().ToString("yyMMddHHmm") + "Z", "DateTime");
}
public void ConvertDateTimeAfter2050()
{
DateTime expected = DateTime.Now.AddYears(50);
ASN1 dt = ASN1Convert.FromDateTime(expected);
Assert.AreEqual(0x18, dt.Tag, "GENERALIZEDTIME");
DateTime actual = ASN1Convert.ToDateTime(dt);
Assert.AreEqual(DateTimeKind.Utc, actual.Kind, "Kind");
AssertDate(expected, actual.ToLocalTime(), "DateTime");
}
public void ConvertDateTimeAfter2000()
{
DateTime expected = DateTime.Now;
ASN1 dt = ASN1Convert.FromDateTime(expected);
Assert.AreEqual(0x17, dt.Tag, "UTCTIME");
DateTime actual = ASN1Convert.ToDateTime(dt);
Assert.AreEqual(DateTimeKind.Utc, actual.Kind, "Kind");
AssertDate(expected, actual.ToLocalTime(), "DateTime");
}
public void ConvertDateTimeBefore2000()
{
DateTime expected = DateTime.Now.AddYears(-50);
ASN1 dt = ASN1Convert.FromDateTime(expected);
Assert.AreEqual(0x17, dt.Tag, "UTCTIME");
DateTime actual = ASN1Convert.ToDateTime(dt);
#if NET_2_0
Assert.AreEqual(DateTimeKind.Utc, actual.Kind, "Kind");
#endif
AssertDate(expected, actual, "DateTime");
}
protected override void Decode()
{
ASN1 asN1_1 = new ASN1(this.extnValue.Value);
if (asN1_1.Tag != (byte)48)
{
throw new ArgumentException("Invalid KeyAttributesExtension extension");
}
int index1 = 0;
if (index1 < asN1_1.Count)
{
ASN1 asN1_2 = asN1_1[index1];
if (asN1_2.Tag == (byte)4)
{
++index1;
this.keyId = asN1_2.Value;
}
}
if (index1 < asN1_1.Count)
{
ASN1 asN1_2 = asN1_1[index1];
if (asN1_2.Tag == (byte)3)
{
++index1;
int num = 1;
while (num < asN1_2.Value.Length)
{
this.kubits = (this.kubits << 8) + (int)asN1_2.Value[num++];
}
}
}
if (index1 >= asN1_1.Count)
{
return;
}
ASN1 asN1_3 = asN1_1[index1];
if (asN1_3.Tag != (byte)48)
{
return;
}
int index2 = 0;
if (index2 < asN1_3.Count)
{
ASN1 time = asN1_3[index2];
if (time.Tag == (byte)129)
{
++index2;
this.notBefore = ASN1Convert.ToDateTime(time);
}
}
if (index2 >= asN1_3.Count)
{
return;
}
ASN1 time1 = asN1_3[index2];
if (time1.Tag != (byte)130)
{
return;
}
this.notAfter = ASN1Convert.ToDateTime(time1);
}
private void Parse(byte[] data)
{
try
{
decoder = new ASN1(data);
if (decoder.Tag != 48)
{
throw new CryptographicException(encoding_error);
}
if (decoder[0].Tag != 48)
{
throw new CryptographicException(encoding_error);
}
ASN1 aSN = decoder[0];
int num = 0;
ASN1 aSN2 = decoder[0][num];
version = 1;
if (aSN2.Tag == 160 && aSN2.Count > 0)
{
version += aSN2[0].Value[0];
num++;
}
ASN1 aSN3 = decoder[0][num++];
if (aSN3.Tag != 2)
{
throw new CryptographicException(encoding_error);
}
serialnumber = aSN3.Value;
Array.Reverse(serialnumber, 0, serialnumber.Length);
num++;
issuer = aSN.Element(num++, 48);
m_issuername = X501.ToString(issuer);
ASN1 aSN4 = aSN.Element(num++, 48);
ASN1 time = aSN4[0];
m_from = ASN1Convert.ToDateTime(time);
ASN1 time2 = aSN4[1];
m_until = ASN1Convert.ToDateTime(time2);
subject = aSN.Element(num++, 48);
m_subject = X501.ToString(subject);
ASN1 aSN5 = aSN.Element(num++, 48);
ASN1 aSN6 = aSN5.Element(0, 48);
ASN1 asn = aSN6.Element(0, 6);
m_keyalgo = ASN1Convert.ToOid(asn);
ASN1 aSN7 = aSN6[1];
m_keyalgoparams = ((aSN6.Count <= 1) ? null : aSN7.GetBytes());
ASN1 aSN8 = aSN5.Element(1, 3);
int num7 = aSN8.Length - 1;
m_publickey = new byte[num7];
Buffer.BlockCopy(aSN8.Value, 1, m_publickey, 0, num7);
byte[] value = decoder[2].Value;
signature = new byte[value.Length - 1];
Buffer.BlockCopy(value, 1, signature, 0, signature.Length);
aSN6 = decoder[1];
asn = aSN6.Element(0, 6);
m_signaturealgo = ASN1Convert.ToOid(asn);
aSN7 = aSN6[1];
if (aSN7 != null)
{
m_signaturealgoparams = aSN7.GetBytes();
}
else
{
m_signaturealgoparams = null;
}
ASN1 aSN9 = aSN.Element(num, 129);
if (aSN9 != null)
{
num++;
issuerUniqueID = aSN9.Value;
}
ASN1 aSN10 = aSN.Element(num, 130);
if (aSN10 != null)
{
num++;
subjectUniqueID = aSN10.Value;
}
ASN1 aSN11 = aSN.Element(num, 163);
if (aSN11 != null && aSN11.Count == 1)
{
extensions = new X509ExtensionCollection(aSN11[0]);
}
else
{
extensions = new X509ExtensionCollection(null);
}
m_encodedcert = (byte[])data.Clone();
}
catch (Exception inner)
{
throw new CryptographicException(encoding_error, inner);
IL_035f :;
}
}
private bool VerifyCounterSignature(PKCS7.SignerInfo cs, byte[] signature)
{
// SEQUENCE {
// INTEGER 1
if (cs.Version != 1)
{
return(false);
}
// SEQUENCE {
// SEQUENCE {
string contentType = null;
ASN1 messageDigest = null;
for (int i = 0; i < cs.AuthenticatedAttributes.Count; i++)
{
// SEQUENCE {
// OBJECT IDENTIFIER
ASN1 attr = (ASN1)cs.AuthenticatedAttributes [i];
string oid = ASN1Convert.ToOid(attr[0]);
switch (oid)
{
case "1.2.840.113549.1.9.3":
// contentType
contentType = ASN1Convert.ToOid(attr[1][0]);
break;
case "1.2.840.113549.1.9.4":
// messageDigest
messageDigest = attr[1][0];
break;
case "1.2.840.113549.1.9.5":
// SEQUENCE {
// OBJECT IDENTIFIER
// signingTime (1 2 840 113549 1 9 5)
// SET {
// UTCTime '030124013651Z'
// }
// }
timestamp = ASN1Convert.ToDateTime(attr[1][0]);
break;
default:
break;
}
}
if (contentType != PKCS7.Oid.data)
{
return(false);
}
// verify message digest
if (messageDigest == null)
{
return(false);
}
// TODO: must be read from the ASN.1 structure
string hashName = null;
switch (messageDigest.Length)
{
case 16:
hashName = "MD5";
break;
case 20:
hashName = "SHA1";
break;
}
HashAlgorithm ha = HashAlgorithm.Create(hashName);
if (!messageDigest.CompareValue(ha.ComputeHash(signature)))
{
return(false);
}
// verify signature
byte[] counterSignature = cs.Signature;
string hashOID = CryptoConfig.MapNameToOID(hashName);
// change to SET OF (not [0]) as per PKCS #7 1.5
ASN1 aa = new ASN1(0x31);
foreach (ASN1 a in cs.AuthenticatedAttributes)
{
aa.Add(a);
}
byte[] p7hash = ha.ComputeHash(aa.GetBytes());
// we need to try all certificates
string issuer = cs.IssuerName;
byte[] serial = cs.SerialNumber;
foreach (X509Certificate x509 in coll)
{
if (CompareIssuerSerial(issuer, serial, x509))
{
// don't verify if key size don't match
if (x509.PublicKey.Length > (counterSignature.Length >> 3))
{
RSACryptoServiceProvider rsa = (RSACryptoServiceProvider)x509.RSA;
if (rsa.VerifyHash(p7hash, hashOID, counterSignature))
{
timestampChain.LoadCertificates(coll);
return(timestampChain.Build(x509));
}
}
}
}
// no certificate can verify this signature!
return(false);
}
private bool VerifyCounterSignature(PKCS7.SignerInfo cs, byte[] signature)
{
if (cs.Version == 1)
{
string str = null;
ASN1 asn = null;
for (int i = 0; i < cs.AuthenticatedAttributes.Count; i++)
{
ASN1 asn2 = (ASN1)cs.AuthenticatedAttributes[i];
string key = ASN1Convert.ToOid(asn2[0]);
if (key != null)
{
if (__f__switch_map3 == null)
{
Dictionary <string, int> dictionary = new Dictionary <string, int>(3)
{
{
"1.2.840.113549.1.9.3",
0
},
{
"1.2.840.113549.1.9.4",
1
},
{
"1.2.840.113549.1.9.5",
2
}
};
__f__switch_map3 = dictionary;
}
if (__f__switch_map3.TryGetValue(key, out int num2))
{
switch (num2)
{
case 0:
str = ASN1Convert.ToOid(asn2[1][0]);
break;
case 1:
asn = asn2[1][0];
break;
case 2:
this.timestamp = ASN1Convert.ToDateTime(asn2[1][0]);
break;
}
}
}
}
if (str != "1.2.840.113549.1.7.1")
{
return(false);
}
if (asn == null)
{
return(false);
}
string hashName = null;
switch (asn.Length)
{
case 0x10:
hashName = "MD5";
break;
case 20:
hashName = "SHA1";
break;
}
HashAlgorithm hash = HashAlgorithm.Create(hashName);
if (asn.CompareValue(hash.ComputeHash(signature)))
{
byte[] buffer = cs.Signature;
ASN1 asn3 = new ASN1(0x31);
IEnumerator enumerator = cs.AuthenticatedAttributes.GetEnumerator();
try
{
while (enumerator.MoveNext())
{
ASN1 current = (ASN1)enumerator.Current;
asn3.Add(current);
}
}
finally
{
if (enumerator is IDisposable disposable)
{
disposable.Dispose();
}
}
byte[] hashValue = hash.ComputeHash(asn3.GetBytes());
string issuerName = cs.IssuerName;
byte[] serialNumber = cs.SerialNumber;
X509CertificateCollection.X509CertificateEnumerator enumerator2 = this.coll.GetEnumerator();
try
{
while (enumerator2.MoveNext())
{
X509Certificate current = enumerator2.Current;
if (this.CompareIssuerSerial(issuerName, serialNumber, current) &&
(current.PublicKey.Length > buffer.Length))
{
RSACryptoServiceProvider rSA = (RSACryptoServiceProvider)current.RSA;
RSAManaged rsa = new RSAManaged();
rsa.ImportParameters(rSA.ExportParameters(false));
if (PKCS1.Verify_v15(rsa, hash, hashValue, buffer, true))
{
this.timestampChain.LoadCertificates(this.coll);
return(this.timestampChain.Build(current));
}
}
}
}
finally
{
if (enumerator2 is IDisposable disposable2)
{
disposable2.Dispose();
}
}
}
}
return(false);
}
static int Main(string[] args)
{
if (args.Length == 0)
{
Console.WriteLine("DSIGInfo [-v] [-v] [-v] fontfile");
return(0);
}
OTFile f = new OTFile();
Table_DSIG tDSIG = null;
string filename = null;
verbose = 0;
for (int i = 0; i < args.Length; i++)
{
if ("-v" == args[i])
{
verbose++;
}
else
{
filename = args[i];
}
}
if (!f.open(filename))
{
Console.WriteLine("Error: Cannot open {0} as font file", filename);
return(0);
}
TTCHeader ttc = null;
if (f.IsCollection())
{
ttc = f.GetTTCHeader();
if (f.GetTableManager().GetUnaliasedTableName(ttc.DsigTag) == "DSIG")
{
MBOBuffer buf = f.ReadPaddedBuffer(ttc.DsigOffset, ttc.DsigLength);
tDSIG = (Table_DSIG)f.GetTableManager().CreateTableObject(ttc.DsigTag, buf);
}
for (uint i = 0; i < f.GetNumFonts(); i++)
{
OTFont fn = f.GetFont(i);
Table_DSIG memDSIG = (Table_DSIG)fn.GetTable("DSIG");
if (memDSIG != null)
{
Console.WriteLine("Warning: DSIG in member font");
break;
}
}
}
else
{
OTFont fn = f.GetFont(0);
tDSIG = (Table_DSIG)fn.GetTable("DSIG");
}
Console.WriteLine("{0} DSIG table: {1}", filename,
(tDSIG == null) ? "Absent" : "Present");
if (tDSIG == null)
{
return(0);
}
if (f.IsCollection() && ttc.version != 0x00020000)
{
Console.WriteLine("Warning: TTC has DSIG but header version is 0x{0}, != 0x00020000", ttc.version.ToString("X8"));
}
if (tDSIG.usNumSigs != 1)
{
Console.WriteLine("NumSigs = {0}", tDSIG.usNumSigs);
}
for (uint v = 0; v < tDSIG.usNumSigs; v++)
{
Table_DSIG.SignatureBlock sgb;
try {
sgb = tDSIG.GetSignatureBlock(v);
} catch (IndexOutOfRangeException)
{
Console.WriteLine("Error: Out of Range SignatureBlock {0}", v);
break;
}
SignedCms cms = new SignedCms();
try
{
cms.Decode(sgb.bSignature);
}
catch (Exception e)
{
if (e is NullReferenceException || /* Mono */
e is CryptographicException /* .Net2 */)
{
Console.WriteLine("Error: Malformed Signature");
break;
}
Console.WriteLine("Error: Malformed Signature (Unexpected Case 1)");
throw;
}
if (cms.SignerInfos.Count > 1)
{
Console.WriteLine("#SignerInfos: {0}", cms.SignerInfos.Count);
}
foreach (var si in cms.SignerInfos)
{
Console.WriteLine(si.Certificate);
if (Type.GetType("Mono.Runtime") == null)
{
foreach (var ua in si.UnsignedAttributes)
{
foreach (var asnd in ua.Values)
{
try
{
ASN1 vv = new ASN1(asnd.RawData);
ASN1 t = new ASN1(vv[3][1][1].Value);
Console.WriteLine("Decoded Signing Time: {0}", ASN1Convert.ToDateTime(t));
}
catch (Exception)
{ /* Nothing to do */ }
}
}
}
}
Console.WriteLine("#Certificates: {0}", cms.Certificates.Count);
#if HAVE_MONO_X509
certs = new Mono.Security.X509.X509CertificateCollection();
//Mono.Security.X509.X509Chain signerChain = new Mono.Security.X509.X509Chain ();
#endif
foreach (var x509 in cms.Certificates)
{
#if HAVE_MONO_X509
certs.Add(new Mono.Security.X509.X509Certificate(x509.RawData));
#endif
if (verbose > 0)
{
Console.WriteLine(x509);
}
else
{
Console.WriteLine(x509.Subject);
}
}
;
#if HAVE_MONO_X509
Mono.Security.X509.X509Certificate x = new Mono.Security.X509.X509Certificate(cms.SignerInfos[0].Certificate.RawData);
Mono.Security.X509.X509Certificate parent = x;
while (x != null) // Self-signed is fine - the font bundled CA is self-signed.
{
parent = x; // last valid
x = FindCertificateParent(x);
if (x != null && x.Equals(parent))
{
break;
}
}
#endif
// Windows 10/.net 4.6.x throws here
ASN1 spc;
try
{
spc = new ASN1(cms.ContentInfo.Content);
}
catch (Exception e)
{
if (e is IndexOutOfRangeException)
{
Console.WriteLine("Error: Malformed Signature (Win10/.net 4.6.x)");
break;
}
Console.WriteLine("Error: Malformed Signature (Unexpected Case 2)");
throw;
}
ASN1 playload_oid = null;
ASN1 oid = null;
ASN1 digest = null;
ASN1 obsolete = null;
if (Type.GetType("Mono.Runtime") == null)
{
// DotNet is much saner!
playload_oid = spc[0][0];
obsolete = spc[0][1][0];
oid = spc[1][0][0];
digest = spc[1][1];
}
else
{
playload_oid = spc[0];
obsolete = spc[1][0];
oid = spc[2][0][0];
digest = spc[2][1];
}
string algo = ASN1Convert.ToOid(oid);
string algoname = (new Oid(algo)).FriendlyName;
Console.WriteLine("Digest Algorithm: {0}", algoname);
byte[] Value = digest.Value;
StringBuilder hexLine_sig = new StringBuilder();
for (int i = 0; i < Value.Length; i++)
{
hexLine_sig.AppendFormat("{0} ", Value [i].ToString("X2"));
}
hexLine_sig.AppendFormat(Environment.NewLine);
switch (algoname)
{
case "md5":
hash = HashAlgorithm.Create("MD5");
break;
case "sha1":
hash = HashAlgorithm.Create("SHA1");
break;
default:
throw new NotImplementedException("Unknown HashAlgorithm: " + algoname);
}
byte[] cdigest;
if (f.IsCollection())
{
cdigest = get_TTC_digest(f);
}
else
{
cdigest = get_TTF_digest(f);
}
StringBuilder hexLine = new StringBuilder();
for (int i = 0; i < cdigest.Length; i++)
{
hexLine.AppendFormat("{0} ", cdigest [i].ToString("X2"));
}
hexLine.AppendFormat(Environment.NewLine);
Console.WriteLine("{0} Signed Digest:\t{1}", algoname.ToUpper(), hexLine_sig);
Console.WriteLine("Calculated Digest:\t{0}", hexLine);
string root_thumb = "";
#if HAVE_MONO_X509
root_thumb =
(new System.Security.Cryptography.X509Certificates.X509Certificate2(parent.RawData)).Thumbprint;
Console.WriteLine("ChainEnd Name: {0}", parent.SubjectName);
Console.WriteLine("ChainEnd Self-Signed: {0}", parent.IsSelfSigned);
#endif
Console.WriteLine("ChainEnd: {0}", root_thumb);
bool trusted = false;
try
{
string root_id = trusted_roots[root_thumb];
Console.WriteLine("RootID: {0}", root_id);
trusted = true;
}
catch (KeyNotFoundException)
{}
Console.WriteLine("Trusted: {0}", trusted);
}
return(0);
}
private bool VerifyCounterSignature(PKCS7.SignerInfo cs, byte[] signature)
{
if (cs.Version != 1)
{
return(false);
}
string a = null;
ASN1 aSN = null;
for (int i = 0; i < cs.AuthenticatedAttributes.Count; i++)
{
ASN1 aSN2 = (ASN1)cs.AuthenticatedAttributes[i];
switch (ASN1Convert.ToOid(aSN2[0]))
{
case "1.2.840.113549.1.9.3":
a = ASN1Convert.ToOid(aSN2[1][0]);
break;
case "1.2.840.113549.1.9.4":
aSN = aSN2[1][0];
break;
case "1.2.840.113549.1.9.5":
timestamp = ASN1Convert.ToDateTime(aSN2[1][0]);
break;
}
}
if (a != "1.2.840.113549.1.7.1")
{
return(false);
}
if (aSN == null)
{
return(false);
}
string hashName = null;
switch (aSN.Length)
{
case 16:
hashName = "MD5";
break;
case 20:
hashName = "SHA1";
break;
}
HashAlgorithm hashAlgorithm = HashAlgorithm.Create(hashName);
if (!aSN.CompareValue(hashAlgorithm.ComputeHash(signature)))
{
return(false);
}
byte[] signature2 = cs.Signature;
ASN1 aSN3 = new ASN1(49);
foreach (ASN1 authenticatedAttribute in cs.AuthenticatedAttributes)
{
aSN3.Add(authenticatedAttribute);
}
byte[] hashValue = hashAlgorithm.ComputeHash(aSN3.GetBytes());
string issuerName = cs.IssuerName;
byte[] serialNumber = cs.SerialNumber;
foreach (X509Certificate item in coll)
{
if (CompareIssuerSerial(issuerName, serialNumber, item) && item.PublicKey.Length > signature2.Length)
{
RSACryptoServiceProvider rSACryptoServiceProvider = (RSACryptoServiceProvider)item.RSA;
RSAManaged rSAManaged = new RSAManaged();
rSAManaged.ImportParameters(rSACryptoServiceProvider.ExportParameters(includePrivateParameters: false));
if (PKCS1.Verify_v15(rSAManaged, hashAlgorithm, hashValue, signature2, tryNonStandardEncoding: true))
{
timestampChain.LoadCertificates(coll);
return(timestampChain.Build(item));
}
}
}
return(false);
}
public void ConvertToDate_Null()
{
ASN1Convert.ToDateTime(null);
}
private bool VerifyCounterSignature(PKCS7.SignerInfo cs, byte[] signature)
{
if (cs.Version != 1)
{
return(false);
}
string a = null;
ASN1 asn = null;
int i = 0;
while (i < cs.AuthenticatedAttributes.Count)
{
ASN1 asn2 = (ASN1)cs.AuthenticatedAttributes[i];
string text = ASN1Convert.ToOid(asn2[0]);
string text2 = text;
switch (text2)
{
case "1.2.840.113549.1.9.3":
a = ASN1Convert.ToOid(asn2[1][0]);
break;
case "1.2.840.113549.1.9.4":
asn = asn2[1][0];
break;
case "1.2.840.113549.1.9.5":
this.timestamp = ASN1Convert.ToDateTime(asn2[1][0]);
break;
}
IL_FC:
i++;
continue;
goto IL_FC;
}
if (a != "1.2.840.113549.1.7.1")
{
return(false);
}
if (asn == null)
{
return(false);
}
string hashName = null;
int length = asn.Length;
if (length != 16)
{
if (length == 20)
{
hashName = "SHA1";
}
}
else
{
hashName = "MD5";
}
HashAlgorithm hashAlgorithm = HashAlgorithm.Create(hashName);
if (!asn.CompareValue(hashAlgorithm.ComputeHash(signature)))
{
return(false);
}
byte[] signature2 = cs.Signature;
ASN1 asn3 = new ASN1(49);
foreach (object obj in cs.AuthenticatedAttributes)
{
ASN1 asn4 = (ASN1)obj;
asn3.Add(asn4);
}
byte[] hashValue = hashAlgorithm.ComputeHash(asn3.GetBytes());
string issuerName = cs.IssuerName;
byte[] serialNumber = cs.SerialNumber;
foreach (X509Certificate x509Certificate in this.coll)
{
if (this.CompareIssuerSerial(issuerName, serialNumber, x509Certificate) && x509Certificate.PublicKey.Length > signature2.Length)
{
RSACryptoServiceProvider rsacryptoServiceProvider = (RSACryptoServiceProvider)x509Certificate.RSA;
RSAManaged rsamanaged = new RSAManaged();
rsamanaged.ImportParameters(rsacryptoServiceProvider.ExportParameters(false));
if (PKCS1.Verify_v15(rsamanaged, hashAlgorithm, hashValue, signature2, true))
{
this.timestampChain.LoadCertificates(this.coll);
return(this.timestampChain.Build(x509Certificate));
}
}
}
return(false);
}
private void Parse(byte[] crl)
{
string e = "Input data cannot be coded as a valid CRL.";
try {
// CertificateList ::= SEQUENCE {
ASN1 encodedCRL = new ASN1(encoded);
if ((encodedCRL.Tag != 0x30) || (encodedCRL.Count != 3))
{
throw new CryptographicException(e);
}
// CertificateList / TBSCertList,
ASN1 toBeSigned = encodedCRL [0];
if ((toBeSigned.Tag != 0x30) || (toBeSigned.Count < 3))
{
throw new CryptographicException(e);
}
int n = 0;
// CertificateList / TBSCertList / Version OPTIONAL, -- if present, MUST be v2
if (toBeSigned [n].Tag == 0x02)
{
version = (byte)(toBeSigned [n++].Value [0] + 1);
}
else
{
version = 1; // DEFAULT
}
// CertificateList / TBSCertList / AlgorithmIdentifier,
signatureOID = ASN1Convert.ToOid(toBeSigned [n++][0]);
// CertificateList / TBSCertList / Name,
issuer = X501.ToString(toBeSigned [n++]);
// CertificateList / TBSCertList / Time,
thisUpdate = ASN1Convert.ToDateTime(toBeSigned [n++]);
// CertificateList / TBSCertList / Time OPTIONAL,
ASN1 next = toBeSigned [n++];
if ((next.Tag == 0x17) || (next.Tag == 0x18))
{
nextUpdate = ASN1Convert.ToDateTime(next);
next = toBeSigned [n++];
}
// CertificateList / TBSCertList / revokedCertificates SEQUENCE OF SEQUENCE {
entries = new ArrayList();
// this is OPTIONAL so it may not be present if no entries exists
if ((next != null) && (next.Tag == 0x30))
{
ASN1 revokedCertificates = next;
for (int i = 0; i < revokedCertificates.Count; i++)
{
entries.Add(new X509CrlEntry(revokedCertificates [i]));
}
}
else
{
n--;
}
// CertificateList / TBSCertList / crlExtensions [0] Extensions OPTIONAL }
ASN1 extns = toBeSigned [n];
if ((extns != null) && (extns.Tag == 0xA0) && (extns.Count == 1))
{
extensions = new X509ExtensionCollection(extns [0]);
}
else
{
extensions = new X509ExtensionCollection(null); // result in a read only object
}
// CertificateList / AlgorithmIdentifier
string signatureAlgorithm = ASN1Convert.ToOid(encodedCRL [1][0]);
if (signatureOID != signatureAlgorithm)
{
throw new CryptographicException(e + " [Non-matching signature algorithms in CRL]");
}
// CertificateList / BIT STRING
byte[] bitstring = encodedCRL [2].Value;
// first byte contains unused bits in first byte
signature = new byte [bitstring.Length - 1];
Buffer.BlockCopy(bitstring, 1, signature, 0, signature.Length);
}
catch {
throw new CryptographicException(e);
}
}
private bool VerifyCounterSignature (PKCS7.SignerInfo cs, byte[] signature)
{
// SEQUENCE {
// INTEGER 1
if (cs.Version != 1)
return false;
// SEQUENCE {
// SEQUENCE {
string contentType = null;
ASN1 messageDigest = null;
for (int i=0; i < cs.AuthenticatedAttributes.Count; i++)
{
// SEQUENCE {
// OBJECT IDENTIFIER
ASN1 attr = (ASN1) cs.AuthenticatedAttributes [i];
string oid = ASN1Convert.ToOid (attr[0]);
switch (oid)
{
case "1.2.840.113549.1.9.3":
// contentType
contentType = ASN1Convert.ToOid (attr[1][0]);
break;
case "1.2.840.113549.1.9.4":
// messageDigest
messageDigest = attr[1][0];
break;
case "1.2.840.113549.1.9.5":
// SEQUENCE {
// OBJECT IDENTIFIER
// signingTime (1 2 840 113549 1 9 5)
// SET {
// UTCTime '030124013651Z'
// }
// }
timestamp = ASN1Convert.ToDateTime (attr[1][0]);
break;
default:
break;
}
}
if (contentType != PKCS7.Oid.data)
return false;
// verify message digest
if (messageDigest == null)
return false;
// TODO: must be read from the ASN.1 structure
string hashName = null;
switch (messageDigest.Length)
{
case 16:
hashName = "MD5";
break;
case 20:
hashName = "SHA1";
break;
}
HashAlgorithm ha = HashAlgorithm.Create (hashName);
if (!messageDigest.CompareValue (ha.ComputeHash (signature)))
return false;
// verify signature
byte[] counterSignature = cs.Signature;
// change to SET OF (not [0]) as per PKCS #7 1.5
ASN1 aa = new ASN1 (0x31);
foreach (ASN1 a in cs.AuthenticatedAttributes)
aa.Add (a);
byte[] p7hash = ha.ComputeHash (aa.GetBytes ());
// we need to try all certificates
string issuer = cs.IssuerName;
byte[] serial = cs.SerialNumber;
foreach (X509Certificate x509 in coll)
{
if (CompareIssuerSerial (issuer, serial, x509))
{
if (x509.PublicKey.Length > counterSignature.Length)
{
RSACryptoServiceProvider rsa = (RSACryptoServiceProvider) x509.RSA;
// we need to HACK around bad (PKCS#1 1.5) signatures made by Verisign Timestamp Service
// and this means copying stuff into our own RSAManaged to get the required flexibility
RSAManaged rsam = new RSAManaged ();
rsam.ImportParameters (rsa.ExportParameters (false));
if (PKCS1.Verify_v15 (rsam, ha, p7hash, counterSignature, true))
{
timestampChain.LoadCertificates (coll);
return (timestampChain.Build (x509));
}
}
}
}
// no certificate can verify this signature!
return false;
}
private void Parse(byte[] data)
{
try
{
this.decoder = new ASN1(data);
if (this.decoder.Tag != 48)
{
throw new CryptographicException(X509Certificate.encoding_error);
}
if (this.decoder[0].Tag != 48)
{
throw new CryptographicException(X509Certificate.encoding_error);
}
ASN1 asn = this.decoder[0];
int num = 0;
ASN1 asn2 = this.decoder[0][num];
this.version = 1;
if (asn2.Tag == 160 && asn2.Count > 0)
{
this.version += (int)asn2[0].Value[0];
num++;
}
ASN1 asn3 = this.decoder[0][num++];
if (asn3.Tag != 2)
{
throw new CryptographicException(X509Certificate.encoding_error);
}
this.serialnumber = asn3.Value;
Array.Reverse(this.serialnumber, 0, this.serialnumber.Length);
num++;
this.issuer = asn.Element(num++, 48);
this.m_issuername = X501.ToString(this.issuer);
ASN1 asn4 = asn.Element(num++, 48);
ASN1 time = asn4[0];
this.m_from = ASN1Convert.ToDateTime(time);
ASN1 time2 = asn4[1];
this.m_until = ASN1Convert.ToDateTime(time2);
this.subject = asn.Element(num++, 48);
this.m_subject = X501.ToString(this.subject);
ASN1 asn5 = asn.Element(num++, 48);
ASN1 asn6 = asn5.Element(0, 48);
ASN1 asn7 = asn6.Element(0, 6);
this.m_keyalgo = ASN1Convert.ToOid(asn7);
ASN1 asn8 = asn6[1];
this.m_keyalgoparams = ((asn6.Count <= 1) ? null : asn8.GetBytes());
ASN1 asn9 = asn5.Element(1, 3);
int num2 = asn9.Length - 1;
this.m_publickey = new byte[num2];
Buffer.BlockCopy(asn9.Value, 1, this.m_publickey, 0, num2);
byte[] value = this.decoder[2].Value;
this.signature = new byte[value.Length - 1];
Buffer.BlockCopy(value, 1, this.signature, 0, this.signature.Length);
asn6 = this.decoder[1];
asn7 = asn6.Element(0, 6);
this.m_signaturealgo = ASN1Convert.ToOid(asn7);
asn8 = asn6[1];
if (asn8 != null)
{
this.m_signaturealgoparams = asn8.GetBytes();
}
else
{
this.m_signaturealgoparams = null;
}
ASN1 asn10 = asn.Element(num, 129);
if (asn10 != null)
{
num++;
this.issuerUniqueID = asn10.Value;
}
ASN1 asn11 = asn.Element(num, 130);
if (asn11 != null)
{
num++;
this.subjectUniqueID = asn11.Value;
}
ASN1 asn12 = asn.Element(num, 163);
if (asn12 != null && asn12.Count == 1)
{
this.extensions = new X509ExtensionCollection(asn12[0]);
}
else
{
this.extensions = new X509ExtensionCollection(null);
}
this.m_encodedcert = (byte[])data.Clone();
}
catch (Exception inner)
{
throw new CryptographicException(X509Certificate.encoding_error, inner);
}
}
private void Parse(byte[] crl)
{
string message = "Input data cannot be coded as a valid CRL.";
try
{
ASN1 asn = new ASN1(this.encoded);
if ((asn.Tag != 0x30) || (asn.Count != 3))
{
throw new CryptographicException(message);
}
ASN1 asn2 = asn[0];
if ((asn2.Tag != 0x30) || (asn2.Count < 3))
{
throw new CryptographicException(message);
}
int num = 0;
if (asn2[num].Tag == 2)
{
this.version = (byte)(asn2[num++].Value[0] + 1);
}
else
{
this.version = 1;
}
this.signatureOID = ASN1Convert.ToOid(asn2[num++][0]);
this.issuer = X501.ToString(asn2[num++]);
this.thisUpdate = ASN1Convert.ToDateTime(asn2[num++]);
ASN1 time = asn2[num++];
if ((time.Tag == 0x17) || (time.Tag == 0x18))
{
this.nextUpdate = ASN1Convert.ToDateTime(time);
time = asn2[num++];
}
this.entries = new ArrayList();
if ((time != null) && (time.Tag == 0x30))
{
ASN1 asn4 = time;
for (int i = 0; i < asn4.Count; i++)
{
this.entries.Add(new X509CrlEntry(asn4[i]));
}
}
else
{
num--;
}
ASN1 asn5 = asn2[num];
if (((asn5 != null) && (asn5.Tag == 160)) && (asn5.Count == 1))
{
this.extensions = new X509ExtensionCollection(asn5[0]);
}
else
{
this.extensions = new X509ExtensionCollection(null);
}
string str2 = ASN1Convert.ToOid(asn[1][0]);
if (this.signatureOID != str2)
{
throw new CryptographicException(message + " [Non-matching signature algorithms in CRL]");
}
byte[] src = asn[2].Value;
this.signature = new byte[src.Length - 1];
Buffer.BlockCopy(src, 1, this.signature, 0, this.signature.Length);
}
catch
{
throw new CryptographicException(message);
}
}
// that's were the real job is!
private void Parse(byte[] data)
{
try {
decoder = new ASN1(data);
// Certificate
if (decoder.Tag != 0x30)
{
throw new CryptographicException(encoding_error);
}
// Certificate / TBSCertificate
if (decoder [0].Tag != 0x30)
{
throw new CryptographicException(encoding_error);
}
ASN1 tbsCertificate = decoder [0];
int tbs = 0;
// Certificate / TBSCertificate / Version
ASN1 v = decoder [0][tbs];
version = 1; // DEFAULT v1
if ((v.Tag == 0xA0) && (v.Count > 0))
{
// version (optional) is present only in v2+ certs
version += v [0].Value [0]; // zero based
tbs++;
}
// Certificate / TBSCertificate / CertificateSerialNumber
ASN1 sn = decoder [0][tbs++];
if (sn.Tag != 0x02)
{
throw new CryptographicException(encoding_error);
}
serialnumber = sn.Value;
Array.Reverse(serialnumber, 0, serialnumber.Length);
// Certificate / TBSCertificate / AlgorithmIdentifier
tbs++;
// ASN1 signatureAlgo = tbsCertificate.Element (tbs++, 0x30);
issuer = tbsCertificate.Element(tbs++, 0x30);
m_issuername = X501.ToString(issuer);
ASN1 validity = tbsCertificate.Element(tbs++, 0x30);
ASN1 notBefore = validity [0];
m_from = ASN1Convert.ToDateTime(notBefore);
ASN1 notAfter = validity [1];
m_until = ASN1Convert.ToDateTime(notAfter);
subject = tbsCertificate.Element(tbs++, 0x30);
m_subject = X501.ToString(subject);
ASN1 subjectPublicKeyInfo = tbsCertificate.Element(tbs++, 0x30);
ASN1 algorithm = subjectPublicKeyInfo.Element(0, 0x30);
ASN1 algo = algorithm.Element(0, 0x06);
m_keyalgo = ASN1Convert.ToOid(algo);
// parameters ANY DEFINED BY algorithm OPTIONAL
// so we dont ask for a specific (Element) type and return DER
ASN1 parameters = algorithm [1];
m_keyalgoparams = ((algorithm.Count > 1) ? parameters.GetBytes() : null);
ASN1 subjectPublicKey = subjectPublicKeyInfo.Element(1, 0x03);
// we must drop th first byte (which is the number of unused bits
// in the BITSTRING)
int n = subjectPublicKey.Length - 1;
m_publickey = new byte [n];
Buffer.BlockCopy(subjectPublicKey.Value, 1, m_publickey, 0, n);
// signature processing
byte[] bitstring = decoder [2].Value;
// first byte contains unused bits in first byte
signature = new byte [bitstring.Length - 1];
Buffer.BlockCopy(bitstring, 1, signature, 0, signature.Length);
algorithm = decoder [1];
algo = algorithm.Element(0, 0x06);
m_signaturealgo = ASN1Convert.ToOid(algo);
parameters = algorithm [1];
if (parameters != null)
{
m_signaturealgoparams = parameters.GetBytes();
}
else
{
m_signaturealgoparams = null;
}
// Certificate / TBSCertificate / issuerUniqueID
ASN1 issuerUID = tbsCertificate.Element(tbs, 0x81);
if (issuerUID != null)
{
tbs++;
issuerUniqueID = issuerUID.Value;
}
// Certificate / TBSCertificate / subjectUniqueID
ASN1 subjectUID = tbsCertificate.Element(tbs, 0x82);
if (subjectUID != null)
{
tbs++;
subjectUniqueID = subjectUID.Value;
}
// Certificate / TBSCertificate / Extensions
ASN1 extns = tbsCertificate.Element(tbs, 0xA3);
if ((extns != null) && (extns.Count == 1))
{
extensions = new X509ExtensionCollection(extns [0]);
}
else
{
extensions = new X509ExtensionCollection(null);
}
// keep a copy of the original data
m_encodedcert = (byte[])data.Clone();
}
catch (Exception ex) {
throw new CryptographicException(encoding_error, ex);
}
}
private void Parse(byte[] data)
{
try
{
this.decoder = new ASN1(data);
if (this.decoder.Tag != 0x30)
{
throw new CryptographicException(encoding_error);
}
if (this.decoder[0].Tag != 0x30)
{
throw new CryptographicException(encoding_error);
}
ASN1 asn = this.decoder[0];
int index = 0;
ASN1 asn2 = this.decoder[0][index];
this.version = 1;
if ((asn2.Tag == 160) && (asn2.Count > 0))
{
this.version += asn2[0].Value[0];
index++;
}
ASN1 asn3 = this.decoder[0][index++];
if (asn3.Tag != 2)
{
throw new CryptographicException(encoding_error);
}
this.serialnumber = asn3.Value;
Array.Reverse(this.serialnumber, 0, this.serialnumber.Length);
index++;
this.issuer = asn.Element(index++, 0x30);
this.m_issuername = X501.ToString(this.issuer);
ASN1 asn4 = asn.Element(index++, 0x30);
ASN1 time = asn4[0];
this.m_from = ASN1Convert.ToDateTime(time);
ASN1 asn6 = asn4[1];
this.m_until = ASN1Convert.ToDateTime(asn6);
this.subject = asn.Element(index++, 0x30);
this.m_subject = X501.ToString(this.subject);
ASN1 asn7 = asn.Element(index++, 0x30);
ASN1 asn8 = asn7.Element(0, 0x30);
ASN1 asn9 = asn8.Element(0, 6);
this.m_keyalgo = ASN1Convert.ToOid(asn9);
ASN1 asn10 = asn8[1];
this.m_keyalgoparams = (asn8.Count <= 1) ? null : asn10.GetBytes();
ASN1 asn11 = asn7.Element(1, 3);
int count = asn11.Length - 1;
this.m_publickey = new byte[count];
Buffer.BlockCopy(asn11.Value, 1, this.m_publickey, 0, count);
byte[] src = this.decoder[2].Value;
this.signature = new byte[src.Length - 1];
Buffer.BlockCopy(src, 1, this.signature, 0, this.signature.Length);
asn8 = this.decoder[1];
asn9 = asn8.Element(0, 6);
this.m_signaturealgo = ASN1Convert.ToOid(asn9);
asn10 = asn8[1];
if (asn10 != null)
{
this.m_signaturealgoparams = asn10.GetBytes();
}
else
{
this.m_signaturealgoparams = null;
}
ASN1 asn12 = asn.Element(index, 0x81);
if (asn12 != null)
{
index++;
this.issuerUniqueID = asn12.Value;
}
ASN1 asn13 = asn.Element(index, 130);
if (asn13 != null)
{
index++;
this.subjectUniqueID = asn13.Value;
}
ASN1 asn14 = asn.Element(index, 0xa3);
if ((asn14 != null) && (asn14.Count == 1))
{
this.extensions = new X509ExtensionCollection(asn14[0]);
}
else
{
this.extensions = new X509ExtensionCollection(null);
}
this.m_encodedcert = (byte[])data.Clone();
}
catch (Exception exception)
{
throw new CryptographicException(encoding_error, exception);
}
}
private void Parse(byte[] crl)
{
string text = "Input data cannot be coded as a valid CRL.";
try
{
ASN1 aSN = new ASN1(encoded);
if (aSN.Tag != 48 || aSN.Count != 3)
{
throw new CryptographicException(text);
}
ASN1 aSN2 = aSN[0];
if (aSN2.Tag != 48 || aSN2.Count < 3)
{
throw new CryptographicException(text);
}
int num = 0;
if (aSN2[num].Tag == 2)
{
version = (byte)(aSN2[num++].Value[0] + 1);
}
else
{
version = 1;
}
signatureOID = ASN1Convert.ToOid(aSN2[num++][0]);
issuer = X501.ToString(aSN2[num++]);
thisUpdate = ASN1Convert.ToDateTime(aSN2[num++]);
ASN1 aSN3 = aSN2[num++];
if (aSN3.Tag == 23 || aSN3.Tag == 24)
{
nextUpdate = ASN1Convert.ToDateTime(aSN3);
aSN3 = aSN2[num++];
}
entries = new ArrayList();
if (aSN3 != null && aSN3.Tag == 48)
{
ASN1 aSN4 = aSN3;
for (int i = 0; i < aSN4.Count; i++)
{
entries.Add(new X509CrlEntry(aSN4[i]));
}
}
else
{
num--;
}
ASN1 aSN5 = aSN2[num];
if (aSN5 != null && aSN5.Tag == 160 && aSN5.Count == 1)
{
extensions = new X509ExtensionCollection(aSN5[0]);
}
else
{
extensions = new X509ExtensionCollection(null);
}
string b = ASN1Convert.ToOid(aSN[1][0]);
if (signatureOID != b)
{
throw new CryptographicException(text + " [Non-matching signature algorithms in CRL]");
}
byte[] value = aSN[2].Value;
signature = new byte[value.Length - 1];
Buffer.BlockCopy(value, 1, signature, 0, signature.Length);
}
catch
{
throw new CryptographicException(text);
IL_024f :;
}
}
private void Parse(byte[] crl)
{
string text = "Input data cannot be coded as a valid CRL.";
try
{
ASN1 asn = new ASN1(this.encoded);
if (asn.Tag != 48 || asn.Count != 3)
{
throw new CryptographicException(text);
}
ASN1 asn2 = asn[0];
if (asn2.Tag != 48 || asn2.Count < 3)
{
throw new CryptographicException(text);
}
int num = 0;
if (asn2[num].Tag == 2)
{
this.version = asn2[num++].Value[0] + 1;
}
else
{
this.version = 1;
}
this.signatureOID = ASN1Convert.ToOid(asn2[num++][0]);
this.issuer = X501.ToString(asn2[num++]);
this.thisUpdate = ASN1Convert.ToDateTime(asn2[num++]);
ASN1 asn3 = asn2[num++];
if (asn3.Tag == 23 || asn3.Tag == 24)
{
this.nextUpdate = ASN1Convert.ToDateTime(asn3);
asn3 = asn2[num++];
}
this.entries = new ArrayList();
if (asn3 != null && asn3.Tag == 48)
{
ASN1 asn4 = asn3;
for (int i = 0; i < asn4.Count; i++)
{
this.entries.Add(new X509Crl.X509CrlEntry(asn4[i]));
}
}
else
{
num--;
}
ASN1 asn5 = asn2[num];
if (asn5 != null && asn5.Tag == 160 && asn5.Count == 1)
{
this.extensions = new X509ExtensionCollection(asn5[0]);
}
else
{
this.extensions = new X509ExtensionCollection(null);
}
string b = ASN1Convert.ToOid(asn[1][0]);
if (this.signatureOID != b)
{
throw new CryptographicException(text + " [Non-matching signature algorithms in CRL]");
}
byte[] value = asn[2].Value;
this.signature = new byte[value.Length - 1];
Buffer.BlockCopy(value, 1, this.signature, 0, this.signature.Length);
}
catch
{
throw new CryptographicException(text);
}
}
protected override void Decode()
{
ASN1 seq = new ASN1(extnValue.Value);
if (seq.Tag != 0x30)
{
throw new ArgumentException("Invalid KeyAttributesExtension extension");
}
int n = 0;
// check for KeyIdentifier
if (n < seq.Count)
{
ASN1 item = seq [n];
if (item.Tag == 0x04)
{
n++;
keyId = item.Value;
}
}
// check for KeyUsage
if (n < seq.Count)
{
ASN1 item = seq [n];
if (item.Tag == 0x03)
{
n++;
int i = 1; // byte zero has the number of unused bits (ASN1's BITSTRING)
while (i < item.Value.Length)
{
kubits = (kubits << 8) + item.Value [i++];
}
}
}
// check for PrivateKeyValidity
if (n < seq.Count)
{
ASN1 item = seq [n];
if (item.Tag == 0x30)
{
int i = 0;
if (i < item.Count)
{
ASN1 dt = item [i];
if (dt.Tag == 0x81)
{
i++;
notBefore = ASN1Convert.ToDateTime(dt);
}
}
if (i < item.Count)
{
ASN1 dt = item [i];
if (dt.Tag == 0x82)
{
notAfter = ASN1Convert.ToDateTime(dt);
}
}
}
}
}
protected override void Decode()
{
ASN1 aSN = new ASN1(extnValue.Value);
if (aSN.Tag != 48)
{
throw new ArgumentException("Invalid KeyAttributesExtension extension");
}
int num = 0;
if (num < aSN.Count)
{
ASN1 aSN2 = aSN[num];
if (aSN2.Tag == 4)
{
num++;
keyId = aSN2.Value;
}
}
if (num < aSN.Count)
{
ASN1 aSN3 = aSN[num];
if (aSN3.Tag == 3)
{
num++;
int num2 = 1;
while (num2 < aSN3.Value.Length)
{
kubits = (kubits << 8) + aSN3.Value[num2++];
}
}
}
if (num >= aSN.Count)
{
return;
}
ASN1 aSN4 = aSN[num];
if (aSN4.Tag != 48)
{
return;
}
int num4 = 0;
if (num4 < aSN4.Count)
{
ASN1 aSN5 = aSN4[num4];
if (aSN5.Tag == 129)
{
num4++;
notBefore = ASN1Convert.ToDateTime(aSN5);
}
}
if (num4 < aSN4.Count)
{
ASN1 aSN6 = aSN4[num4];
if (aSN6.Tag == 130)
{
notAfter = ASN1Convert.ToDateTime(aSN6);
}
}
}