Boolean Equals(X509CRL2 other) { return(Version == other.Version && Type == other.Type && IssuerName.Equals(other.IssuerName) && ThisUpdate.Equals(other.ThisUpdate) && CRLNumber.Equals(other.CRLNumber)); }
/// <inheritdoc /> public override Int32 GetHashCode() { unchecked { Int32 hashCode = Version; hashCode = (hashCode * 397) ^ (Int32)Type; hashCode = (hashCode * 397) ^ IssuerName.GetHashCode(); hashCode = (hashCode * 397) ^ ThisUpdate.GetHashCode(); hashCode = (hashCode * 397) ^ CRLNumber.GetHashCode(); return(hashCode); } }
List <Byte> buildTbs(Byte[] signatureAlgorithm, X509Certificate2 issuer) { if (String.IsNullOrEmpty(issuer.Issuer)) { throw new ArgumentException("Subject name is empty."); } // coerce hashing algorithm if (HashingAlgorithm == null) { HashingAlgorithm = new Oid(AlgorithmOids.SHA256); } // coerce version if (_extensions.Count > 0) { Version = 2; } // coerce validity if (NextUpdate == null || NextUpdate.Value <= ThisUpdate) { NextUpdate = ThisUpdate.AddDays(7); } var rawBytes = new List <Byte>(); // algorithm rawBytes.AddRange(signatureAlgorithm); // issuer rawBytes.AddRange(issuer.SubjectName.RawData); // thisUpdate rawBytes.AddRange(Asn1Utils.EncodeDateTime(ThisUpdate)); // nextUpdate. Not null at this point, because we do not support CRL generation with infinity validity. rawBytes.AddRange(Asn1Utils.EncodeDateTime(NextUpdate.Value)); // revokedCerts if (RevokedCertificates.Count > 0) { rawBytes.AddRange(RevokedCertificates.Encode()); RevokedCertificates.Close(); } // extensions if (Version == 2) { // insert version at the beginning. rawBytes.InsertRange(0, new Asn1Integer(Version - 1).RawData); generateExtensions(issuer); rawBytes.AddRange(Asn1Utils.Encode(Extensions.Encode(), 160)); } // generate tbs return(new List <Byte>(Asn1Utils.Encode(rawBytes.ToArray(), 48))); }
/// <summary> /// Create a new CertificateRevocationListBuilder. /// </summary> /// <param name="issuer">Certificate authority used to issue the CRL.</param> /// <param name="crlNumber">Unique CRL number.</param> public CertificateRevocationListBuilder(X509Certificate2 issuer, ulong crlNumber) : base(issuer) { // Base class does the validation when issuer is not null. if (issuer == null) { throw new ArgumentNullException(nameof(issuer)); } // Bouncy Castle cannot construct BigInteger from a number. CrlNumber = new BigInteger(crlNumber.ToString(CultureInfo.InvariantCulture)); // Per RFC 5280 the date should be in UTC. ThisUpdate = DateTime.UtcNow; // Per DirectTrust Community X.509 Certificate Policy // a new CRL must be generated at least every 30 days. NextUpdate = ThisUpdate.AddDays(30); // List of revoked certificates. RevokedCertificates = new List <Tuple <BigInteger, DateTime> >(); }
Byte[] encodeCTL() { var builder = new Asn1Builder() .AddDerData(new X509EnhancedKeyUsageExtension(SubjectUsages, false).RawData); var rawData = new List <Byte>(new X509EnhancedKeyUsageExtension(SubjectUsages, false).RawData); if (!String.IsNullOrEmpty(ListIdentifier)) { builder.AddOctetString(Encoding.Unicode.GetBytes(ListIdentifier + "\0")); } if (SequenceNumber != null) { builder.AddInteger(SequenceNumber.Value); } builder.AddDerData(Asn1Utils.EncodeDateTime(ThisUpdate.ToUniversalTime())); if (NextUpdate != null) { builder.AddDerData(Asn1Utils.EncodeDateTime(NextUpdate.Value.ToUniversalTime())); } return(builder.AddDerData(new AlgorithmIdentifier(HashAlgorithm, new Byte[0]).RawData) .AddDerData(Entries.Encode()) .GetRawData()); }
private void Update() { ThisUpdate.NPInvoke(); }