private bool MatchesDN( X509Name subject, GeneralNames targets) { GeneralName[] names = targets.GetNames(); for (int i = 0; i != names.Length; i++) { GeneralName gn = names[i]; if (gn.TagNo == GeneralName.DirectoryName) { try { if (X509Name.GetInstance(gn.Name).Equivalent(subject)) { return true; } } catch (Exception) { } } } return false; }
private V2Form( Asn1Sequence seq) { if (seq.Count > 3) { throw new ArgumentException("Bad sequence size: " + seq.Count); } int index = 0; if (!(seq[0] is Asn1TaggedObject)) { index++; this.issuerName = GeneralNames.GetInstance(seq[0]); } for (int i = index; i != seq.Count; i++) { Asn1TaggedObject o = Asn1TaggedObject.GetInstance(seq[i]); if (o.TagNo == 0) { baseCertificateID = IssuerSerial.GetInstance(o, false); } else if (o.TagNo == 1) { objectDigestInfo = ObjectDigestInfo.GetInstance(o, false); } else { throw new ArgumentException("Bad tag number: " + o.TagNo); } } }
public IssuerSerial( GeneralNames issuer, DerInteger serial) { this.issuer = issuer; this.serial = serial; }
public V2Form( GeneralNames issuerName, IssuerSerial baseCertificateID, ObjectDigestInfo objectDigestInfo) { this.issuerName = issuerName; this.baseCertificateID = baseCertificateID; this.objectDigestInfo = objectDigestInfo; }
public DistributionPoint( DistributionPointName distributionPointName, ReasonFlags reasons, GeneralNames crlIssuer) { this.distributionPoint = distributionPointName; this.reasons = reasons; this.cRLIssuer = crlIssuer; }
/** * */ public IetfAttrSyntax( Asn1Sequence seq) { int i = 0; if (seq[0] is Asn1TaggedObject) { policyAuthority = GeneralNames.GetInstance(((Asn1TaggedObject)seq[0]), false); i++; } else if (seq.Count == 2) { // VOMS fix policyAuthority = GeneralNames.GetInstance(seq[0]); i++; } if (!(seq[i] is Asn1Sequence)) { throw new ArgumentException("Non-IetfAttrSyntax encoding"); } seq = (Asn1Sequence) seq[i]; foreach (Asn1Object obj in seq) { int type; if (obj is DerObjectIdentifier) { type = ValueOid; } else if (obj is DerUtf8String) { type = ValueUtf8; } else if (obj is DerOctetString) { type = ValueOctets; } else { throw new ArgumentException("Bad value type encoding IetfAttrSyntax"); } if (valueChoice < 0) { valueChoice = type; } if (type != valueChoice) { throw new ArgumentException("Mix of value types in IetfAttrSyntax"); } values.Add(obj); } }
/** * Constructor. * @param roleAuthority the role authority of this RoleSyntax. * @param roleName the role name of this RoleSyntax. */ public RoleSyntax( GeneralNames roleAuthority, GeneralName roleName) { if (roleName == null || roleName.TagNo != GeneralName.UniformResourceIdentifier || ((IAsn1String) roleName.Name).GetString().Equals("")) { throw new ArgumentException("the role name MUST be non empty and MUST " + "use the URI option of GeneralName"); } this.roleAuthority = roleAuthority; this.roleName = roleName; }
/** * create an AuthorityKeyIdentifier with the GeneralNames tag and * the serial number provided as well. */ public AuthorityKeyIdentifier( SubjectPublicKeyInfo spki, GeneralNames name, BigInteger serialNumber) { IDigest digest = new Sha1Digest(); byte[] resBuf = new byte[digest.GetDigestSize()]; byte[] bytes = spki.PublicKeyData.GetBytes(); digest.BlockUpdate(bytes, 0, bytes.Length); digest.DoFinal(resBuf, 0); this.keyidentifier = new DerOctetString(resBuf); this.certissuer = name; this.certserno = new DerInteger(serialNumber); }
private IssuerSerial( Asn1Sequence seq) { if (seq.Count != 2 && seq.Count != 3) { throw new ArgumentException("Bad sequence size: " + seq.Count); } issuer = GeneralNames.GetInstance(seq[0]); serial = DerInteger.GetInstance(seq[1]); if (seq.Count == 3) { issuerUid = DerBitString.GetInstance(seq[2]); } }
/** * Constructor for a holder for an v1 attribute certificate. * * @param tagObj The ASN.1 tagged holder object. */ public Holder( Asn1TaggedObject tagObj) { switch (tagObj.TagNo) { case 0: baseCertificateID = IssuerSerial.GetInstance(tagObj, false); break; case 1: entityName = GeneralNames.GetInstance(tagObj, false); break; default: throw new ArgumentException("unknown tag in Holder"); } this.version = 0; }
protected internal AuthorityKeyIdentifier( Asn1Sequence seq) { foreach (Asn1TaggedObject o in seq) { switch (o.TagNo) { case 0: this.keyidentifier = Asn1OctetString.GetInstance(o, false); break; case 1: this.certissuer = GeneralNames.GetInstance(o, false); break; case 2: this.certserno = DerInteger.GetInstance(o, false); break; default: throw new ArgumentException("illegal tag"); } } }
private DistributionPoint( Asn1Sequence seq) { for (int i = 0; i != seq.Count; i++) { Asn1TaggedObject t = Asn1TaggedObject.GetInstance(seq[i]); switch (t.TagNo) { case 0: distributionPoint = DistributionPointName.GetInstance(t, true); break; case 1: reasons = new ReasonFlags(DerBitString.GetInstance(t, false)); break; case 2: cRLIssuer = GeneralNames.GetInstance(t, false); break; } } }
/// <summary> /// Don't use this one if you are trying to be RFC 3281 compliant. /// Use it for v1 attribute certificates only. /// </summary> /// <param name="names">Our GeneralNames structure</param> public AttCertIssuer( GeneralNames names) { obj = names; choiceObj = obj.ToAsn1Object(); }
/** * create an AuthorityKeyIdentifier with a precomupted key identifier * and the GeneralNames tag and the serial number provided as well. */ public AuthorityKeyIdentifier( byte[] keyIdentifier, GeneralNames name, BigInteger serialNumber) { this.keyidentifier = new DerOctetString(keyIdentifier); this.certissuer = GeneralNames.GetInstance(name.ToAsn1Object()); this.certserno = new DerInteger(serialNumber); }
/** * create an AuthorityKeyIdentifier with a precomputed key identifier */ public AuthorityKeyIdentifier( byte[] keyIdentifier) { this.keyidentifier = new DerOctetString(keyIdentifier); this.certissuer = null; this.certserno = null; }
public DistributionPointName( GeneralNames name) : this(FullName, name) { }
public V2Form(GeneralNames issuerName) : this(issuerName, null, null) { }
private X509Name[] GetPrincipals( GeneralNames names) { object[] p = this.GetNames(names.GetNames()); int count = 0; for (int i = 0; i != p.Length; i++) { if (p[i] is X509Name) { ++count; } } X509Name[] result = new X509Name[count]; int pos = 0; for (int i = 0; i != p.Length; i++) { if (p[i] is X509Name) { result[pos++] = (X509Name)p[i]; } } return result; }
public V2Form(GeneralNames issuerName, ObjectDigestInfo objectDigestInfo) : this(issuerName, null, objectDigestInfo) { }
public V2Form(GeneralNames issuerName, IssuerSerial baseCertificateID) : this(issuerName, baseCertificateID, null) { }
public static Asn1EncodableVector GenerateSignerInfo(X509Certificate2 cert, String digestAlgorithmName, byte[] datos, AdESPolicy policy, bool signingCertificateV2, byte[] messageDigest, DateTime signDate, bool padesMode, String contentType, String contentDescription) { // ALGORITMO DE HUELLA DIGITAL AlgorithmIdentifier digestAlgorithmOID = SigUtils.MakeAlgId(AOAlgorithmID.GetOID(digestAlgorithmName)); // // ATRIBUTOS // authenticatedAttributes Asn1EncodableVector contexExpecific = InitContexExpecific( digestAlgorithmName, datos, Org.BouncyCastle.Asn1.Pkcs.PkcsObjectIdentifiers.Data.Id, messageDigest, signDate, padesMode ); // Serial Number // comentar lo de abajo para version del rfc 3852 if (signingCertificateV2) { // INICIO SINGING CERTIFICATE-V2 /** IssuerSerial ::= SEQUENCE { issuer GeneralNames, serialNumber * CertificateSerialNumber */ TbsCertificateStructure tbs = TbsCertificateStructure.GetInstance( Asn1Object.FromByteArray( new Org.BouncyCastle.X509.X509Certificate( X509CertificateStructure.GetInstance( Asn1Object.FromByteArray( cert.GetRawCertData()))).GetTbsCertificate())); GeneralNames gns = new GeneralNames(new GeneralName(tbs.Issuer)); IssuerSerial isuerSerial = new IssuerSerial(gns, tbs.SerialNumber); /** ESSCertIDv2 ::= SEQUENCE { hashAlgorithm AlgorithmIdentifier * DEFAULT {algorithm id-sha256}, certHash Hash, issuerSerial * IssuerSerial OPTIONAL } * Hash ::= OCTET STRING */ byte[] certHash = Digester.Digest(cert.GetRawCertData(), digestAlgorithmName); EssCertIDv2[] essCertIDv2 = { new EssCertIDv2(digestAlgorithmOID, certHash, isuerSerial) }; /** PolicyInformation ::= SEQUENCE { policyIdentifier CertPolicyId, * policyQualifiers SEQUENCE SIZE (1..MAX) OF PolicyQualifierInfo * OPTIONAL } * CertPolicyId ::= OBJECT IDENTIFIER * PolicyQualifierInfo ::= SEQUENCE { policyQualifierId * PolicyQualifierId, qualifier ANY DEFINED BY policyQualifierId } */ SigningCertificateV2 scv2; if (policy.GetPolicyIdentifier() != null) { /** SigningCertificateV2 ::= SEQUENCE { certs SEQUENCE OF * ESSCertIDv2, policies SEQUENCE OF PolicyInformation OPTIONAL * } */ scv2 = new SigningCertificateV2(essCertIDv2, GetPolicyInformation(policy)); // con politica } else { scv2 = new SigningCertificateV2(essCertIDv2); // Sin politica } // Secuencia con singningCertificate contexExpecific.Add(new Org.BouncyCastle.Asn1.Cms.Attribute(Org.BouncyCastle.Asn1.Pkcs.PkcsObjectIdentifiers.IdAASigningCertificateV2, new DerSet(scv2))); // FIN SINGING CERTIFICATE-V2 } else { // INICIO SINGNING CERTIFICATE /** IssuerSerial ::= SEQUENCE { issuer GeneralNames, serialNumber * CertificateSerialNumber } */ TbsCertificateStructure tbs = TbsCertificateStructure.GetInstance( Asn1Object.FromByteArray( new Org.BouncyCastle.X509.X509Certificate( X509CertificateStructure.GetInstance( Asn1Object.FromByteArray( cert.GetRawCertData()))).GetTbsCertificate())); GeneralName gn = new GeneralName(tbs.Issuer); GeneralNames gns = new GeneralNames(gn); IssuerSerial isuerSerial = new IssuerSerial(gns, tbs.SerialNumber); /** ESSCertID ::= SEQUENCE { certHash Hash, issuerSerial IssuerSerial * OPTIONAL } * Hash ::= OCTET STRING -- SHA1 hash of entire certificate */ byte[] certHash = Digester.Digest(cert.GetRawCertData(), digestAlgorithmName); EssCertID essCertID = new EssCertID(certHash, isuerSerial); /** PolicyInformation ::= SEQUENCE { policyIdentifier CertPolicyId, * policyQualifiers SEQUENCE SIZE (1..MAX) OF PolicyQualifierInfo * OPTIONAL } * CertPolicyId ::= OBJECT IDENTIFIER * PolicyQualifierInfo ::= SEQUENCE { policyQualifierId * PolicyQualifierId, qualifier ANY DEFINED BY policyQualifierId } */ SigningCertificate scv; if (policy.GetPolicyIdentifier() != null) { /** SigningCertificateV2 ::= SEQUENCE { certs SEQUENCE OF * ESSCertIDv2, policies SEQUENCE OF PolicyInformation OPTIONAL * } */ /* * HAY QUE HACER UN SEQUENCE, YA QUE EL CONSTRUCTOR DE BOUNCY * CASTLE NO TIENE DICHO CONSTRUCTOR. */ Asn1EncodableVector v = new Asn1EncodableVector(); v.Add(new DerSequence(essCertID)); v.Add(new DerSequence(GetPolicyInformation(policy))); scv = SigningCertificate.GetInstance(new DerSequence(v)); // con politica } else { scv = new SigningCertificate(essCertID); // Sin politica } /** id-aa-signingCertificate OBJECT IDENTIFIER ::= { iso(1) * member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs9(9) smime(16) * id-aa(2) 12 } */ // Secuencia con singningCertificate contexExpecific.Add(new Org.BouncyCastle.Asn1.Cms.Attribute(Org.BouncyCastle.Asn1.Pkcs.PkcsObjectIdentifiers.IdAASigningCertificate, new DerSet(scv))); } // INICIO SIGPOLICYID ATTRIBUTE if (policy.GetPolicyIdentifier() != null) { /** * SigPolicyId ::= OBJECT IDENTIFIER Politica de firma. */ DerObjectIdentifier doiSigPolicyId = new DerObjectIdentifier(policy.GetPolicyIdentifier().ToLower().Replace("urn:oid:", "")); /** * OtherHashAlgAndValue ::= SEQUENCE { * hashAlgorithm AlgorithmIdentifier, * hashValue OCTET STRING } * */ // Algoritmo para el hash AlgorithmIdentifier hashid; // si tenemos algoritmo de calculo de hash, lo ponemos if (policy.GetPolicyIdentifierHashAlgorithm() != null) { hashid = SigUtils.MakeAlgId( AOAlgorithmID.GetOID( AOSignConstants.GetDigestAlgorithmName( policy.GetPolicyIdentifierHashAlgorithm()))); } // si no tenemos, ponemos el algoritmo de firma. else { hashid = digestAlgorithmOID; } // hash del documento, descifrado en b64 byte[] hashed; if (policy.GetPolicyIdentifierHash() != null) { hashed = System.Convert.FromBase64String(policy.GetPolicyIdentifierHash()); } else { hashed = new byte[] { 0 }; } DigestInfo otherHashAlgAndValue = new DigestInfo(hashid, hashed); /** * SigPolicyQualifierInfo ::= SEQUENCE { * SigPolicyQualifierId SigPolicyQualifierId, * SigQualifier ANY DEFINED BY policyQualifierId } */ AOSigPolicyQualifierInfo spqInfo = null; if (policy.GetPolicyQualifier() != null) { spqInfo = new AOSigPolicyQualifierInfo(policy.GetPolicyQualifier().ToString()); } /** * SignaturePolicyId ::= SEQUENCE { * sigPolicyId SigPolicyId, * sigPolicyHash SigPolicyHash, * sigPolicyQualifiers SEQUENCE SIZE (1..MAX) OF * AOSigPolicyQualifierInfo OPTIONAL} * */ Asn1EncodableVector v = new Asn1EncodableVector(); // sigPolicyId v.Add(doiSigPolicyId); // sigPolicyHash v.Add(otherHashAlgAndValue.ToAsn1Object()); // como sequence // sigPolicyQualifiers if (spqInfo != null) { v.Add(spqInfo.toASN1Primitive()); } DerSequence ds = new DerSequence(v); // Secuencia con singningCertificate contexExpecific.Add(new Org.BouncyCastle.Asn1.Cms.Attribute(Org.BouncyCastle.Asn1.Pkcs.PkcsObjectIdentifiers.IdAAEtsSigPolicyID, new DerSet(ds.ToAsn1Object()))); // FIN SIGPOLICYID ATTRIBUTE } /** * Secuencia con el tipo de contenido firmado. No se agrega en firmas PAdES. * * ContentHints ::= SEQUENCE { * contentDescription UTF8String (SIZE (1..MAX)) OPTIONAL, * contentType ContentType } */ if (contentType != null && !padesMode) { ContentHints contentHints; if (contentDescription != null) { contentHints = new ContentHints(new DerObjectIdentifier(contentType), new DerUtf8String(contentDescription)); } else { contentHints = new ContentHints(new DerObjectIdentifier(contentType)); } contexExpecific.Add(new Org.BouncyCastle.Asn1.Cms.Attribute( Org.BouncyCastle.Asn1.Pkcs.PkcsObjectIdentifiers.IdAAContentHint, new DerSet(contentHints.ToAsn1Object()))); } return contexExpecific; }
public V2Form( GeneralNames issuerName) { this.issuerName = issuerName; }
/** * create an AuthorityKeyIdentifier with the GeneralNames tag and * the serial number provided. */ public AuthorityKeyIdentifier( GeneralNames name, IBigInteger serialNumber) { this.keyidentifier = null; this.certissuer = GeneralNames.GetInstance(name.ToAsn1Object()); this.certserno = new DerInteger(serialNumber); }
/// <summary> /// /// </summary> /// <remarks>Based on <see cref="http://www.fkollmann.de/v2/post/Creating-certificates-using-BouncyCastle.aspx"/></remarks> /// <param name="subjectName"></param> /// <returns></returns> public static void z_dep_GenerateCertificate(string subjectName, long serialNumber, DateTime expireOn, System.Security.Cryptography.X509Certificates.X509Certificate2 issuingCertificate, out string thumbprint, out string pemPrivateKey, out string pemPublicCert, out byte[] publicCert, out byte[] pkcs12Data, out string password) { AsymmetricKeyParameter caPrivateKey; var caCert = ReadCertificateFromX509Certificate2(issuingCertificate, out caPrivateKey); //var caAuth = new AuthorityKeyIdentifierStructure(caCert); //var authKeyId = new AuthorityKeyIdentifier(caAuth.GetKeyIdentifier()); // --------------------------- // Generating Random Numbers var randomGenerator = new CryptoApiRandomGenerator(); var random = new SecureRandom(randomGenerator); var gen = new X509V3CertificateGenerator(); // var certName = new X509Name("CN=" + subjectName); var list = new Dictionary<string, string>(); AddItems(list, "CN", subjectName); AddItems(list, "O", "CompliaShield"); AddItems(list, "OU", "CompliaShield"); //var simpleCertName = GetItemString(list); //var certNameLight = new X509Name(simpleCertName); list.Add("L", "Boulder"); list.Add("ST", "Colorado"); list.Add("C", "US"); var subjectFull = GetItemString(list); var certName = new X509Name(subjectFull); BigInteger serialNo; if (serialNumber == 0) { serialNo = BigInteger.ProbablePrime(120, random); } else { serialNo = BigInteger.ValueOf(serialNumber); } gen.SetSerialNumber(serialNo); gen.SetSubjectDN(certName); gen.SetIssuerDN(caCert.IssuerDN); var issuerPublicKeyInfo = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(caCert.GetPublicKey()); var issuerGeneralNames = new GeneralNames(new GeneralName(caCert.IssuerDN)); var issuerSerialNumber = caCert.SerialNumber; var authorityKeyIdentifier = new AuthorityKeyIdentifier(issuerPublicKeyInfo, issuerGeneralNames, issuerSerialNumber); gen.AddExtension(X509Extensions.AuthorityKeyIdentifier.Id, true, authorityKeyIdentifier); // gen.SetIssuerUniqueID(caCert.IssuerUniqueID.GetBytes()) gen.SetNotAfter(expireOn); gen.SetNotBefore(DateTime.Now.AddHours(-2)); gen.SetSignatureAlgorithm("SHA256WithRSA"); //("MD5WithRSA"); var kpgen = new RsaKeyPairGenerator(); kpgen.Init(new KeyGenerationParameters(random, 2048)); // new SecureRandom(new CryptoApiRandomGenerator()), 2048)); var subjectKeyPair = kpgen.GenerateKeyPair(); gen.SetPublicKey(subjectKeyPair.Public); gen.AddExtension( X509Extensions.ExtendedKeyUsage.Id, false, new ExtendedKeyUsage(new KeyPurposeID[] { KeyPurposeID.IdKPClientAuth, KeyPurposeID.IdKPServerAuth, KeyPurposeID.IdKPCodeSigning })); //1.3.6.1.5.5.7.3.1 = server authentication //1.3.6.1.5.5.7.3.2 = client authentication //1.3.6.1.5.5.7.3.3 = code signing var certificate = gen.Generate(caPrivateKey); PrivateKeyInfo info = PrivateKeyInfoFactory.CreatePrivateKeyInfo(subjectKeyPair.Private); // merge into X509Certificate2 var x509 = new System.Security.Cryptography.X509Certificates.X509Certificate2(certificate.GetEncoded()); var seq = (Asn1Sequence)Asn1Object.FromByteArray(info.PrivateKey.GetDerEncoded()); if (seq.Count != 9) { throw new PemException("Malformed sequence in RSA private key."); } var rsa = new RsaPrivateKeyStructure(seq); RsaPrivateCrtKeyParameters rsaparams = new RsaPrivateCrtKeyParameters( rsa.Modulus, rsa.PublicExponent, rsa.PrivateExponent, rsa.Prime1, rsa.Prime2, rsa.Exponent1, rsa.Exponent2, rsa.Coefficient); //------------- //RsaPrivateCrtKeyParameters rsaparams = (RsaPrivateCrtKeyParameters)subjectKeyPair.Private; RSAParameters rsaParameters = DotNetUtilities.ToRSAParameters(rsaparams); CspParameters cspParameters = new CspParameters(); cspParameters.KeyContainerName = Guid.NewGuid().ToString(); // "MyKeyContainer"; RSACryptoServiceProvider rsaKey = new RSACryptoServiceProvider(2048, cspParameters); rsaKey.ImportParameters(rsaParameters); // ------------ x509.PrivateKey = rsaKey; // DotNetUtilities.ToRSA(rsaparams); // Generating Random Numbers var chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789-()#$%^&@+=!{}[]*.,"; var rnd = new Random(); password = new string( Enumerable.Repeat(chars, 32) .Select(s => s[rnd.Next(s.Length)]) .ToArray()); thumbprint = x509.Thumbprint.ToLower(); publicCert = x509.Export(System.Security.Cryptography.X509Certificates.X509ContentType.Cert); var privateKeyPem = new StringBuilder(); var privateKeyPemWriter = new PemWriter(new StringWriter(privateKeyPem)); privateKeyPemWriter.WriteObject(certificate); privateKeyPemWriter.WriteObject(subjectKeyPair.Private); privateKeyPemWriter.Writer.Flush(); pemPrivateKey = privateKeyPem.ToString(); var publicKeyPem = new StringBuilder(); var utf8WithoutBom = new System.Text.UTF8Encoding(false); var publicKeyPemWriter = new PemWriter(new StringWriterWithEncoding(publicKeyPem, utf8WithoutBom)); publicKeyPemWriter.WriteObject(certificate); publicKeyPemWriter.Writer.Flush(); pemPublicCert = publicKeyPem.ToString(); pemPublicCert = pemPublicCert.Replace(Environment.NewLine, "\n"); //only use newline and not returns pkcs12Data = x509.Export(System.Security.Cryptography.X509Certificates.X509ContentType.Pfx, password); }
/** * Constructs a holder with an entityName for v2 attribute certificates or * with a subjectName for v1 attribute certificates. * * @param entityName The entity or subject name. */ public Holder( GeneralNames entityName) : this(entityName, 1) { }
private X509Name[] GetPrincipals( GeneralNames names) { object[] p = this.GetNames(names.GetNames()); ArrayList l = new ArrayList(p.Length); for (int i = 0; i != p.Length; i++) { if (p[i] is X509Name) { l.Add(p[i]); } } return (X509Name[]) l.ToArray(typeof(X509Name)); }
/** * Constructor that builds an instance of <code>RoleSyntax</code> by * extracting the encoded elements from the <code>Asn1Sequence</code> * object supplied. * @param seq an instance of <code>Asn1Sequence</code> that holds * the encoded elements used to build this <code>RoleSyntax</code>. */ private RoleSyntax( Asn1Sequence seq) { if (seq.Count < 1 || seq.Count > 2) { throw new ArgumentException("Bad sequence size: " + seq.Count); } for (int i = 0; i != seq.Count; i++) { Asn1TaggedObject taggedObject = Asn1TaggedObject.GetInstance(seq[i]); switch (taggedObject.TagNo) { case 0: roleAuthority = GeneralNames.GetInstance(taggedObject, false); break; case 1: roleName = GeneralName.GetInstance(taggedObject, true); break; default: throw new ArgumentException("Unknown tag in RoleSyntax"); } } }
/** * Constructs a holder with an entityName for v2 attribute certificates or * with a subjectName for v1 attribute certificates. * * @param entityName The entity or subject name. * @param version The version of the attribute certificate. */ public Holder( GeneralNames entityName, int version) { this.entityName = entityName; this.version = version; }
/** * Constructor for a holder for an v2 attribute certificate. * * * @param seq The ASN.1 sequence. */ private Holder( Asn1Sequence seq) { if (seq.Count > 3) throw new ArgumentException("Bad sequence size: " + seq.Count); for (int i = 0; i != seq.Count; i++) { Asn1TaggedObject tObj = Asn1TaggedObject.GetInstance(seq[i]); switch (tObj.TagNo) { case 0: baseCertificateID = IssuerSerial.GetInstance(tObj, false); break; case 1: entityName = GeneralNames.GetInstance(tObj, false); break; case 2: objectDigestInfo = ObjectDigestInfo.GetInstance(tObj, false); break; default: throw new ArgumentException("unknown tag in Holder"); } } this.version = 1; }
public DistributionPoint(DistributionPointName distributionPointName, ReasonFlags reasons, GeneralNames crlIssuer) { distributionPoint = distributionPointName; this.reasons = reasons; cRLIssuer = crlIssuer; }