public void AddCrlEntry(DerInteger userCertificate, Time revocationDate, int reason,
DerGeneralizedTime invalidityDate)
{
IList extOids = Platform.CreateArrayList();
IList extValues = Platform.CreateArrayList();
if (reason != 0)
{
CrlReason crlReason = new CrlReason(reason);
try
{
extOids.Add(X509Extensions.ReasonCode);
extValues.Add(new X509Extension(false, new DerOctetString(crlReason.GetEncoded())));
}
catch (IOException e)
{
throw new ArgumentException("error encoding reason: " + e);
}
}
if (invalidityDate != null)
{
try
{
extOids.Add(X509Extensions.InvalidityDate);
extValues.Add(new X509Extension(false, new DerOctetString(invalidityDate.GetEncoded())));
}
catch (IOException e)
{
throw new ArgumentException("error encoding invalidityDate: " + e);
}
}
if (extOids.Count != 0)
{
AddCrlEntry(userCertificate, revocationDate, new X509Extensions(extOids, extValues));
}
else
{
AddCrlEntry(userCertificate, revocationDate, null);
}
}
public void AddCrlEntry(DerInteger userCertificate, Time revocationDate, int reason, DerGeneralizedTime invalidityDate)
{
IList list = Platform.CreateArrayList();
IList list2 = Platform.CreateArrayList();
if (reason != 0)
{
CrlReason crlReason = new CrlReason(reason);
try
{
list.Add(X509Extensions.ReasonCode);
list2.Add(new X509Extension(false, new DerOctetString(crlReason.GetEncoded())));
}
catch (IOException arg)
{
throw new ArgumentException("error encoding reason: " + arg);
}
}
if (invalidityDate != null)
{
try
{
list.Add(X509Extensions.InvalidityDate);
list2.Add(new X509Extension(false, new DerOctetString(invalidityDate.GetEncoded())));
}
catch (IOException arg2)
{
throw new ArgumentException("error encoding invalidityDate: " + arg2);
}
}
if (list.Count != 0)
{
this.AddCrlEntry(userCertificate, revocationDate, new X509Extensions(list, list2));
return;
}
this.AddCrlEntry(userCertificate, revocationDate, null);
}
private void checkCrlCreation3()
{
IAsymmetricCipherKeyPairGenerator kpGen = GeneratorUtilities.GetKeyPairGenerator("RSA");
kpGen.Init(
new RsaKeyGenerationParameters(
BigInteger.ValueOf(0x10001), new SecureRandom(), 768, 25));
X509V2CrlGenerator crlGen = new X509V2CrlGenerator();
DateTime now = DateTime.UtcNow;
AsymmetricCipherKeyPair pair = kpGen.GenerateKeyPair();
crlGen.SetIssuerDN(new X509Name("CN=Test CA"));
crlGen.SetThisUpdate(now);
crlGen.SetNextUpdate(now.AddSeconds(100));
crlGen.SetSignatureAlgorithm("SHA256WithRSAEncryption");
IList extOids = new ArrayList();
IList extValues = new ArrayList();
CrlReason crlReason = new CrlReason(CrlReason.PrivilegeWithdrawn);
try
{
extOids.Add(X509Extensions.ReasonCode);
extValues.Add(new X509Extension(false, new DerOctetString(crlReason.GetEncoded())));
}
catch (IOException e)
{
throw new ArgumentException("error encoding reason: " + e);
}
X509Extensions entryExtensions = new X509Extensions(extOids, extValues);
crlGen.AddCrlEntry(BigInteger.One, now, entryExtensions);
crlGen.AddExtension(X509Extensions.AuthorityKeyIdentifier, false, new AuthorityKeyIdentifierStructure(pair.Public));
X509Crl crl = crlGen.Generate(pair.Private);
if (!crl.IssuerDN.Equivalent(new X509Name("CN=Test CA"), true))
{
Fail("failed CRL issuer test");
}
Asn1OctetString authExt = crl.GetExtensionValue(X509Extensions.AuthorityKeyIdentifier);
if (authExt == null)
{
Fail("failed to find CRL extension");
}
AuthorityKeyIdentifier authId = new AuthorityKeyIdentifierStructure(authExt);
X509CrlEntry entry = crl.GetRevokedCertificate(BigInteger.One);
if (entry == null)
{
Fail("failed to find CRL entry");
}
if (!entry.SerialNumber.Equals(BigInteger.One))
{
Fail("CRL cert serial number does not match");
}
if (!entry.HasExtensions)
{
Fail("CRL entry extension not found");
}
Asn1OctetString ext = entry.GetExtensionValue(X509Extensions.ReasonCode);
if (ext != null)
{
DerEnumerated reasonCode = (DerEnumerated)X509ExtensionUtilities.FromExtensionValue(ext);
if (reasonCode.Value.IntValue != CrlReason.PrivilegeWithdrawn)
{
Fail("CRL entry reasonCode wrong");
}
}
else
{
Fail("CRL entry reasonCode not found");
}
//
// check loading of existing CRL
//
crlGen = new X509V2CrlGenerator();
now = DateTime.UtcNow;
crlGen.SetIssuerDN(new X509Name("CN=Test CA"));
crlGen.SetThisUpdate(now);
crlGen.SetNextUpdate(now.AddSeconds(100));
crlGen.SetSignatureAlgorithm("SHA256WithRSAEncryption");
crlGen.AddCrl(crl);
crlGen.AddCrlEntry(BigInteger.Two, now, entryExtensions);
crlGen.AddExtension(X509Extensions.AuthorityKeyIdentifier, false, new AuthorityKeyIdentifierStructure(pair.Public));
X509Crl newCrl = crlGen.Generate(pair.Private);
int count = 0;
bool oneFound = false;
bool twoFound = false;
foreach (X509CrlEntry crlEnt in newCrl.GetRevokedCertificates())
{
if (crlEnt.SerialNumber.IntValue == 1)
{
oneFound = true;
}
else if (crlEnt.SerialNumber.IntValue == 2)
{
twoFound = true;
}
count++;
}
if (count != 2)
{
Fail("wrong number of CRLs found");
}
if (!oneFound || !twoFound)
{
Fail("wrong CRLs found in copied list");
}
//
// check factory read back
//
X509Crl readCrl = new X509CrlParser().ReadCrl(newCrl.GetEncoded());
if (readCrl == null)
{
Fail("crl not returned!");
}
// ICollection col = cFact.generateCRLs(new ByteArrayInputStream(newCrl.getEncoded()));
ICollection col = new X509CrlParser().ReadCrls(newCrl.GetEncoded());
if (col.Count != 1)
{
Fail("wrong number of CRLs found in collection");
}
}
private void checkCrlCreation2()
{
IAsymmetricCipherKeyPairGenerator kpGen = GeneratorUtilities.GetKeyPairGenerator("RSA");
kpGen.Init(
new RsaKeyGenerationParameters(
BigInteger.ValueOf(0x10001), new SecureRandom(), 768, 25));
X509V2CrlGenerator crlGen = new X509V2CrlGenerator();
DateTime now = DateTime.UtcNow;
AsymmetricCipherKeyPair pair = kpGen.GenerateKeyPair();
crlGen.SetIssuerDN(new X509Name("CN=Test CA"));
crlGen.SetThisUpdate(now);
crlGen.SetNextUpdate(now.AddSeconds(100));
crlGen.SetSignatureAlgorithm("SHA256WithRSAEncryption");
IList extOids = new ArrayList();
IList extValues = new ArrayList();
CrlReason crlReason = new CrlReason(CrlReason.PrivilegeWithdrawn);
try
{
extOids.Add(X509Extensions.ReasonCode);
extValues.Add(new X509Extension(false, new DerOctetString(crlReason.GetEncoded())));
}
catch (IOException e)
{
throw new ArgumentException("error encoding reason: " + e);
}
X509Extensions entryExtensions = new X509Extensions(extOids, extValues);
crlGen.AddCrlEntry(BigInteger.One, now, entryExtensions);
crlGen.AddExtension(X509Extensions.AuthorityKeyIdentifier, false, new AuthorityKeyIdentifierStructure(pair.Public));
X509Crl crl = crlGen.Generate(pair.Private);
if (!crl.IssuerDN.Equivalent(new X509Name("CN=Test CA"), true))
{
Fail("failed CRL issuer test");
}
Asn1OctetString authExt = crl.GetExtensionValue(X509Extensions.AuthorityKeyIdentifier);
if (authExt == null)
{
Fail("failed to find CRL extension");
}
AuthorityKeyIdentifier authId = new AuthorityKeyIdentifierStructure(authExt);
X509CrlEntry entry = crl.GetRevokedCertificate(BigInteger.One);
if (entry == null)
{
Fail("failed to find CRL entry");
}
if (!entry.SerialNumber.Equals(BigInteger.One))
{
Fail("CRL cert serial number does not match");
}
if (!entry.HasExtensions)
{
Fail("CRL entry extension not found");
}
Asn1OctetString ext = entry.GetExtensionValue(X509Extensions.ReasonCode);
if (ext != null)
{
DerEnumerated reasonCode = (DerEnumerated)X509ExtensionUtilities.FromExtensionValue(ext);
if (reasonCode.Value.IntValue != CrlReason.PrivilegeWithdrawn)
{
Fail("CRL entry reasonCode wrong");
}
}
else
{
Fail("CRL entry reasonCode not found");
}
}
public void AddCrlEntry(DerInteger userCertificate, Time revocationDate, int reason,
DerGeneralizedTime invalidityDate)
{
IList extOids = Platform.CreateArrayList();
IList extValues = Platform.CreateArrayList();
if (reason != 0)
{
CrlReason crlReason = new CrlReason(reason);
try
{
extOids.Add(X509Extensions.ReasonCode);
extValues.Add(new X509Extension(false, new DerOctetString(crlReason.GetEncoded())));
}
catch (IOException e)
{
throw new ArgumentException("error encoding reason: " + e);
}
}
if (invalidityDate != null)
{
try
{
extOids.Add(X509Extensions.InvalidityDate);
extValues.Add(new X509Extension(false, new DerOctetString(invalidityDate.GetEncoded())));
}
catch (IOException e)
{
throw new ArgumentException("error encoding invalidityDate: " + e);
}
}
if (extOids.Count != 0)
{
AddCrlEntry(userCertificate, revocationDate, new X509Extensions(extOids, extValues));
}
else
{
AddCrlEntry(userCertificate, revocationDate, null);
}
}
public void AddCrlEntry(DerInteger userCertificate, Time revocationDate, int reason, DerGeneralizedTime invalidityDate)
{
//IL_003d: Expected O, but got Unknown
//IL_0048: Unknown result type (might be due to invalid IL or missing references)
//IL_007b: Expected O, but got Unknown
//IL_0087: Unknown result type (might be due to invalid IL or missing references)
global::System.Collections.IList list = Platform.CreateArrayList();
global::System.Collections.IList list2 = Platform.CreateArrayList();
if (reason != 0)
{
CrlReason crlReason = new CrlReason(reason);
try
{
list.Add((object)X509Extensions.ReasonCode);
list2.Add((object)new X509Extension(critical: false, new DerOctetString(crlReason.GetEncoded())));
}
catch (IOException val)
{
IOException val2 = val;
throw new ArgumentException(string.Concat((object)"error encoding reason: ", (object)val2));
}
}
if (invalidityDate != null)
{
try
{
list.Add((object)X509Extensions.InvalidityDate);
list2.Add((object)new X509Extension(critical: false, new DerOctetString(invalidityDate.GetEncoded())));
}
catch (IOException val3)
{
IOException val4 = val3;
throw new ArgumentException(string.Concat((object)"error encoding invalidityDate: ", (object)val4));
}
}
if (((global::System.Collections.ICollection)list).get_Count() != 0)
{
AddCrlEntry(userCertificate, revocationDate, new X509Extensions(list, list2));
}
else
{
AddCrlEntry(userCertificate, revocationDate, null);
}
}