internal byte[][] Encode() { return(DerEncoder.ConstructSegmentedSequence( HashAlgorithm.Encode(), DerEncoder.SegmentedEncodeOctetString(CertificateHash), IssuerSerial.Encode())); }
private static byte[][] ParseRdn( byte[][] encodedOid, char[] chars, int valueStart, int valueEnd, bool ia5String) { byte[][] encodedValue; int length = valueEnd - valueStart; if (ia5String) { // An email address with an invalid value will throw. encodedValue = DerEncoder.SegmentedEncodeIA5String(chars, valueStart, length); } else if (DerEncoder.IsValidPrintableString(chars, valueStart, length)) { encodedValue = DerEncoder.SegmentedEncodePrintableString(chars, valueStart, length); } else { encodedValue = DerEncoder.SegmentedEncodeUtf8String(chars, valueStart, length); } return(DerEncoder.ConstructSegmentedSet( DerEncoder.ConstructSegmentedSequence( encodedOid, encodedValue))); }
internal byte[][] Encode() { // Per RFC 5280 section 4.1.2.2 (https://tools.ietf.org/html/rfc5280#section-4.1.2.2) // serial number must be an unsigned integer. return(DerEncoder.ConstructSegmentedSequence( DerEncoder.ConstructSegmentedSequence(GeneralNames.First().Encode()), DerEncoder.SegmentedEncodeUnsignedInteger(SerialNumber))); }
public byte[] Encode() { var entries = new List <byte[][]>(Certificates.Count); foreach (var essCertIdV2 in Certificates) { entries.Add(essCertIdV2.Encode()); } return(DerEncoder.ConstructSequence(DerEncoder.ConstructSegmentedSequence(entries))); }
internal static byte[][] SegmentedEncodeSubjectPublicKeyInfo(this PublicKey publicKey) { if (publicKey == null) { throw new ArgumentNullException(nameof(publicKey)); } if (publicKey.Oid == null || string.IsNullOrEmpty(publicKey.Oid.Value) || publicKey.EncodedKeyValue == null) { throw new CryptographicException(SR.Cryptography_InvalidPublicKey_Object); } // SubjectPublicKeyInfo::= SEQUENCE { // algorithm AlgorithmIdentifier, // subjectPublicKey BIT STRING // } // // AlgorithmIdentifier::= SEQUENCE { // algorithm OBJECT IDENTIFIER, // parameters ANY DEFINED BY algorithm OPTIONAL // } byte[][] algorithmIdentifier; if (publicKey.EncodedParameters == null) { algorithmIdentifier = DerEncoder.ConstructSegmentedSequence( DerEncoder.SegmentedEncodeOid(publicKey.Oid)); } else { DerSequenceReader validator = DerSequenceReader.CreateForPayload(publicKey.EncodedParameters.RawData); validator.ValidateAndSkipDerValue(); if (validator.HasData) { throw new CryptographicException(SR.Cryptography_Der_Invalid_Encoding); } algorithmIdentifier = DerEncoder.ConstructSegmentedSequence( DerEncoder.SegmentedEncodeOid(publicKey.Oid), publicKey.EncodedParameters.RawData.WrapAsSegmentedForSequence()); } return(DerEncoder.ConstructSegmentedSequence( algorithmIdentifier, DerEncoder.SegmentedEncodeBitString( publicKey.EncodedKeyValue.RawData))); }
internal static byte[][] SegmentedEncodedX509Extension(this X509Extension extension) { if (extension.Critical) { return(DerEncoder.ConstructSegmentedSequence( DerEncoder.SegmentedEncodeOid(extension.Oid), DerEncoder.SegmentedEncodeBoolean(extension.Critical), DerEncoder.SegmentedEncodeOctetString(extension.RawData))); } return(DerEncoder.ConstructSegmentedSequence( DerEncoder.SegmentedEncodeOid(extension.Oid), DerEncoder.SegmentedEncodeOctetString(extension.RawData))); }
internal static byte[][] SegmentedEncodeAttributeSet(this IEnumerable <X501Attribute> attributes) { List <byte[][]> encodedAttributes = new List <byte[][]>(); foreach (X501Attribute attribute in attributes) { encodedAttributes.Add( DerEncoder.ConstructSegmentedSequence( DerEncoder.SegmentedEncodeOid(attribute.Oid), DerEncoder.ConstructSegmentedPresortedSet( attribute.RawData.WrapAsSegmentedForSequence()))); } return(DerEncoder.ConstructSegmentedSet(encodedAttributes.ToArray())); }
// ESSCertIDv2::= SEQUENCE { // hashAlgorithm AlgorithmIdentifier // DEFAULT {algorithm id-sha256 }, // certHash Hash, // issuerSerial IssuerSerial OPTIONAL // } private static byte[][] CreateESSCertIDv2Entry(X509Certificate2 cert, Common.HashAlgorithmName hashAlgorithm) { // Get hash Oid var hashAlgorithmOid = hashAlgorithm.ConvertToOidString(); var entry = GetESSCertIDv2Entry(cert, hashAlgorithm); return(DerEncoder.ConstructSegmentedSequence(new List <byte[][]>() { // AlgorithmIdentifier DerEncoder.SegmentedEncodeOid(hashAlgorithmOid), // Hash DerEncoder.SegmentedEncodeOctetString(entry.Value) })); }
public byte[] ComputeCapiSha1OfPublicKey(PublicKey key) { // The CapiSha1 value is the SHA-1 of the SubjectPublicKeyInfo field, inclusive // of the DER structural bytes. //SubjectPublicKeyInfo::= SEQUENCE { // algorithm AlgorithmIdentifier{ { SupportedAlgorithms} }, // subjectPublicKey BIT STRING, // ... } // //AlgorithmIdentifier{ ALGORITHM: SupportedAlgorithms} ::= SEQUENCE { // algorithm ALGORITHM.&id({ SupportedAlgorithms}), // parameters ALGORITHM.&Type({ SupportedAlgorithms} // { @algorithm}) OPTIONAL, // ... } // //ALGORITHM::= CLASS { // &Type OPTIONAL, // &id OBJECT IDENTIFIER UNIQUE } //WITH SYNTAX { // [&Type] //IDENTIFIED BY &id } // key.EncodedKeyValue corresponds to SubjectPublicKeyInfo.subjectPublicKey, except it // has had the BIT STRING envelope removed. // // key.EncodedParameters corresponds to AlgorithmIdentifier.Parameters precisely // (DER NULL for RSA, DER Constructed SEQUENCE for DSA) byte[] empty = Array.Empty <byte>(); byte[][] algorithmOid = DerEncoder.SegmentedEncodeOid(key.Oid); // Because ConstructSegmentedSequence doesn't look to see that it really is tag+length+value (but does check // that the array has length 3), just hide the joined TLV triplet in the last element. byte[][] segmentedParameters = { empty, empty, key.EncodedParameters.RawData }; byte[][] algorithmIdentifier = DerEncoder.ConstructSegmentedSequence(algorithmOid, segmentedParameters); byte[][] subjectPublicKey = DerEncoder.SegmentedEncodeBitString(key.EncodedKeyValue.RawData); using (SHA1 hash = SHA1.Create()) { return(hash.ComputeHash( DerEncoder.ConstructSequence( algorithmIdentifier, subjectPublicKey))); } }
internal byte[][] Encode() { return(DerEncoder.ConstructSegmentedSequence(DerEncoder.SegmentedEncodeOid(Algorithm))); }