/// <summary> /// Create CertificatePolicies extension from an X509Extension /// </summary> /// <param name="Extension">X509 extension</param> public certificatePolicies(X509Extension Extension) : base(Extension) { base.oid = X509Extensions.CertificatePolicies; base.name = "CertificatePolicies"; base.displayName = "Certificate Policies"; Crypto.X509.CertificatePolicies certPol = Crypto.X509.CertificatePolicies.GetInstance(Extension); PolicyInformation[] piList = certPol.GetPolicyInformation(); foreach (PolicyInformation pi in piList) { CertPolicy cp = new CertPolicy() { Oid = pi.PolicyIdentifier.ToString() }; Asn1Sequence quals = pi.PolicyQualifiers; if (quals != null) { foreach (DerSequence qual in quals) { PolicyQualifierInfo qi = PolicyQualifierInfo.GetInstance(qual); if (qi.GetPolicyQualifierId().Equals(PolicyQualifierID.IdQtCps)) { cp.Cps = qi.GetQualifier(); } if (qi.GetPolicyQualifierId().Equals(PolicyQualifierID.IdQtUnotice)) { cp.Unotice = qi.GetQualifier(); } } } policies.Add(cp); } }
private static PolicyInformation[] GetPolicyInformation(AdESPolicy policy) { if (policy == null) { throw new ArgumentException("La politica de firma no puede ser nula en este punto"); } /** * PolicyQualifierInfo ::= SEQUENCE { * policyQualifierId PolicyQualifierId, * qualifier ANY DEFINED BY policyQualifierId } */ PolicyQualifierID pqid = PolicyQualifierID.IdQtCps; DerIA5String uri = null; if (policy.GetPolicyQualifier() != null && !policy.GetPolicyQualifier().Equals("")) { uri = new DerIA5String(policy.GetPolicyQualifier().ToString()); } Asn1EncodableVector v = new Asn1EncodableVector(); PolicyQualifierInfo pqi = null; if (uri != null) { v.Add(pqid); v.Add(uri); /** * * ESTO TIENE ALTAS PROBABILIDADES DE FALLAR * */ pqi = PolicyQualifierInfo.GetInstance(new DerSequence(v)); } /** * PolicyInformation ::= SEQUENCE { * policyIdentifier CertPolicyId, * policyQualifiers SEQUENCE SIZE (1..MAX) OF * PolicyQualifierInfo OPTIONAL } */ if (policy.GetPolicyQualifier() == null || pqi == null) { return(new PolicyInformation[] { new PolicyInformation(new DerObjectIdentifier(policy.GetPolicyIdentifier().ToLower().Replace("urn:oid:", ""))) }); } return(new PolicyInformation[] { new PolicyInformation(new DerObjectIdentifier(policy.GetPolicyIdentifier().ToLower().Replace("urn:oid:", "")), new DerSequence(pqi)) }); }
public void Read_WithQualifier_ReturnsPolicyQualifierInfo() { var cpsUri = new DerIA5String("http://test.test"); var bcPolicyQualifierInfo = new BcPolicyQualifierInfo( new DerObjectIdentifier(Oids.IdQtCps), cpsUri); var bytes = bcPolicyQualifierInfo.GetDerEncoded(); var policyQualifierInfo = PolicyQualifierInfo.Read(bytes); Assert.Equal(Oids.IdQtCps, policyQualifierInfo.PolicyQualifierId.Value); Assert.Equal(cpsUri.GetDerEncoded(), policyQualifierInfo.Qualifier); }
public void Read_WithOnlyPolicyQualifierId_ReturnsPolicyQualifierInfo() { var policyQualifierId = "1.2.3"; var bcPolicyQualifierInfo = new BcPolicyQualifierInfo( new DerObjectIdentifier(policyQualifierId), DerNull.Instance); var bytes = bcPolicyQualifierInfo.GetDerEncoded(); var policyQualifierInfo = PolicyQualifierInfo.Read(bytes); Assert.Equal(policyQualifierId, policyQualifierInfo.PolicyQualifierId.Value); Assert.Equal(DerNull.Instance.GetDerEncoded(), policyQualifierInfo.Qualifier); }
internal static ISet GetQualifierSet(Asn1Sequence qualifiers) { ISet set = new HashSet(); if (qualifiers == null) { return(set); } foreach (Asn1Encodable asn1Encodable in qualifiers) { try { set.Add(PolicyQualifierInfo.GetInstance(asn1Encodable.ToAsn1Object())); } catch (IOException cause) { throw new PkixCertPathValidatorException("Policy qualifier info cannot be decoded.", cause); } } return(set); }
static DerSequence CreatePolicyInformationsSequence(string cps, string org, string oid, string desc) { Asn1EncodableVector av = new Asn1EncodableVector(); av.Add(new DerInteger(1)); DerSequence noticeNumbers = new DerSequence(av); Asn1EncodableVector qualifiers = new Asn1EncodableVector(); if (cps != null) { PolicyQualifierInfo cpsnotice = new PolicyQualifierInfo(cps); qualifiers.Add(cpsnotice); } if (org != null && desc != null) { UserNotice un = new UserNotice( new NoticeReference(DisplayText.ContentTypeIA5String, org, noticeNumbers), // OPTIONAL Orgname new DisplayText(DisplayText.ContentTypeVisibleString, desc ) ); PolicyQualifierInfo pqiUNOTICE = new PolicyQualifierInfo(PolicyQualifierID.IdQtUnotice, un); qualifiers.Add(pqiUNOTICE); } DerObjectIdentifier policy = null; policy = new DerObjectIdentifier(oid); PolicyInformation policyInformation = new PolicyInformation(policy, new DerSequence(qualifiers)); return(new DerSequence(policyInformation)); }
// // policy checking // internal static ISet GetQualifierSet(Asn1Sequence qualifiers) { ISet pq = new HashSet(); if (qualifiers == null) { return(pq); } foreach (Asn1Encodable ae in qualifiers) { try { // pq.Add(PolicyQualifierInfo.GetInstance(Asn1Object.FromByteArray(ae.GetEncoded()))); pq.Add(PolicyQualifierInfo.GetInstance(ae.ToAsn1Object())); } catch (IOException ex) { throw new PkixCertPathValidatorException("Policy qualifier info cannot be decoded.", ex); } } return(pq); }
internal static ISet GetQualifierSet(Asn1Sequence qualifiers) { //IL_0034: Expected O, but got Unknown ISet set = new HashSet(); if (qualifiers == null) { return(set); } global::System.Collections.IEnumerator enumerator = qualifiers.GetEnumerator(); try { while (enumerator.MoveNext()) { Asn1Encodable asn1Encodable = (Asn1Encodable)enumerator.get_Current(); try { set.Add(PolicyQualifierInfo.GetInstance(asn1Encodable.ToAsn1Object())); } catch (IOException val) { IOException cause = val; throw new PkixCertPathValidatorException("Policy qualifier info cannot be decoded.", (global::System.Exception)(object) cause); } } return(set); } finally { global::System.IDisposable disposable = enumerator as global::System.IDisposable; if (disposable != null) { disposable.Dispose(); } } }
static bool Gen(string summoner, string region, string password, string file) { try { //Later in your Code //Requested Certificate Name X509Name name = new X509Name("CN=" + summoner + " - " + region + ", OU=Ghostblade Replays, O=Arsslensoft"); //Key generation 2048bits RsaKeyPairGenerator rkpg = new RsaKeyPairGenerator(); rkpg.Init(new KeyGenerationParameters(new SecureRandom(), 2048)); AsymmetricCipherKeyPair ackp = rkpg.GenerateKeyPair(); X509Certificate2 caCert = new X509Certificate2(GBReplay.Properties.Resources.GBSGN, "KGPAQW7894Q129D7Q1456W9A47897a9s7r5d6"); //PKCS #10 Certificate Signing Request Pkcs10CertificationRequest csr = new Pkcs10CertificationRequest("SHA256WITHRSA", name, ackp.Public, null, ackp.Private); AsymmetricKeyParameter publicKey = csr.GetPublicKey(); // Build a Version1 (No Extensions) Certificate DateTime startDate = DateTime.Now.Subtract(new TimeSpan(1, 0, 0)); DateTime expiryDate = startDate.AddYears(5); BigInteger serialNumber = new BigInteger(32, new Random()); X509V3CertificateGenerator certGen = new X509V3CertificateGenerator(); X509Name dnName = new X509Name(caCert.Subject); certGen.SetSerialNumber(serialNumber); certGen.SetIssuerDN(dnName); certGen.SetNotBefore(startDate); certGen.SetNotAfter(expiryDate); certGen.SetSubjectDN(name); certGen.SetSignatureAlgorithm("SHA256WITHRSA"); certGen.SetPublicKey(publicKey); UserNotice unotice = new UserNotice(null, "This certificate must be only used with Ghostblade replays files. This certificate is a property of Arsslensoft any usage of its content without prior request is prohibited."); PolicyQualifierInfo pqiunotice = new PolicyQualifierInfo(PolicyQualifierID.IdQtUnotice, unotice); PolicyInformation p = new PolicyInformation(new DerObjectIdentifier("1.3.6.1.4.1.44215.1.3"), new DerSequence(new PolicyQualifierInfo[1] { pqiunotice })); certGen.AddExtension(X509Extensions.BasicConstraints, true, new BasicConstraints(false)); certGen.AddExtension(X509Extensions.AuthorityKeyIdentifier, false, new AuthorityKeyIdentifierStructure(DotNetUtilities.FromX509Certificate(caCert).GetPublicKey())); certGen.AddExtension(X509Extensions.SubjectKeyIdentifier, false, new SubjectKeyIdentifierStructure(publicKey)); certGen.AddExtension(X509Extensions.KeyUsage, false, new KeyUsage(KeyUsage.DigitalSignature)); certGen.AddExtension(X509Extensions.ExtendedKeyUsage, false, new ExtendedKeyUsage(new KeyPurposeID[] { KeyPurposeID.IdKPCodeSigning })); certGen.AddExtension(X509Extensions.CertificatePolicies, false, new DerSequence(p)); Pkcs12Store pfx = new Pkcs12Store(new MemoryStream(GBReplay.Properties.Resources.GBSGN), "KGPAQW7894Q129D7Q1456W9A47897a9s7r5d6".ToCharArray()); string alias = null; foreach (string al in pfx.Aliases) { if (pfx.IsKeyEntry(al) && pfx.GetKey(al).Key.IsPrivate) { alias = al; break; } } //get our Private Key to Sign with // AsymmetricCipherKeyPair caPair = DotNetUtilities.GetKeyPair(caCert.PrivateKey); AsymmetricKeyParameter caPair = pfx.GetKey(alias).Key; Al.Security.X509.X509Certificate cert = certGen.Generate(caPair); Pkcs12Store pk = new Pkcs12StoreBuilder().Build(); // Add a Certificate entry X509CertificateEntry certEntry = new X509CertificateEntry(cert); pk.SetCertificateEntry(cert.SubjectDN.ToString(), certEntry); // use DN as the Alias. AsymmetricKeyEntry keyEntry = new AsymmetricKeyEntry(ackp.Private); pk.SetKeyEntry(cert.SubjectDN.ToString(), keyEntry, new X509CertificateEntry[] { certEntry }); // Note that we only have 1 cert in the 'chain' using (var filestream = new FileStream(file, FileMode.Create, FileAccess.ReadWrite)) pk.Save(filestream, password.ToCharArray(), new SecureRandom()); X509Certificate2 cer = new X509Certificate2(File.ReadAllBytes(file), password); cer.Verify(); } catch { return(false); } return(true); }
public void Read_WithInvalidAsn1_Throws() { Assert.Throws <CryptographicException>( () => PolicyQualifierInfo.Read(new byte[] { 0x30, 0x07 })); }