public static Certificate Parse(byte[] certBytes) { Certificate certificate = new Certificate(); try { X509Certificate2 x509 = new X509Certificate2(certBytes); certificate.EncodedValue = certBytes; certificate.IsLoaded = true; certificate.Version = x509.Version; certificate.BasicConstraints = retrieveBasicContraints(x509); certificate.KeyUsage = retrieveKeyUsage(x509); Validity validity = new Validity(); validity.NotBefore = new DateTimeOffset(x509.NotBefore).ToUnixTimeSeconds(); validity.NotAfter = new DateTimeOffset(x509.NotAfter).ToUnixTimeSeconds(); certificate.Validity = validity; X509CertificateParser x509CertificateParser = new X509CertificateParser(); X509Certificate bouncyCertificate = x509CertificateParser.ReadCertificate(certBytes); certificate.SerialNumber = new BigInteger(bouncyCertificate.SerialNumber.ToByteArray()); certificate.TbsCertificate = bouncyCertificate.GetTbsCertificate(); certificate.TBSSignatureAlgorithm = bouncyCertificate.CertificateStructure.TbsCertificate.Signature.GetEncoded(); certificate.SignatureAlgorithm = bouncyCertificate.CertificateStructure.SignatureAlgorithm.GetEncoded(); string publicKeyAlgNameStr = CipherUtilities.GetAlgorithmName(bouncyCertificate.CertificateStructure .SubjectPublicKeyInfo.AlgorithmID.Algorithm); if (publicKeyAlgNameStr == null) { publicKeyAlgNameStr = x509.PublicKey.Oid.FriendlyName; } certificate.PublicKeyAlgName = StringUtil.StringToByteArray(publicKeyAlgNameStr); certificate.Signature = bouncyCertificate.GetSignature(); certificate.SubjectPublicKeyInfo = bouncyCertificate.CertificateStructure.SubjectPublicKeyInfo.GetEncoded(); certificate.SubjectKeyIdentifier = retrieveSubjectKeyIdentifier(bouncyCertificate); certificate.AuthorityKeyIdentifier = retrieveAuthorityKeyIdentifier(bouncyCertificate); certificate.ExtendedKeyUsage = retrieveExtendedKeyUsageOIDs(bouncyCertificate); certificate.Issuer = RetrieveIssuerName(bouncyCertificate); certificate.Subject = RetrieveSubjectName(bouncyCertificate); certificate.DNsNames = retrieveDnsNames(bouncyCertificate); return(certificate); } catch (Exception e) { Console.WriteLine(e); return(certificate); } }
/// <summary>Return the subject of the given cert as an X509Principal.</summary> public static X509Name GetSubjectX509Principal( X509Certificate cert) { try { TbsCertificateStructure tbsCert = TbsCertificateStructure.GetInstance( Asn1Object.FromByteArray(cert.GetTbsCertificate())); return(tbsCert.Subject); } catch (Exception e) { throw new CertificateEncodingException("Could not extract subject", e); } }
/// <summary>Return the subject of the given cert as an X509Principal.</summary> public static X509Name GetSubjectX509Principal( X509Certificate cert) { try { TbsCertificateStructure tbsCert = TbsCertificateStructure.GetInstance( Asn1Object.FromByteArray(cert.GetTbsCertificate())); return tbsCert.Subject; } catch (Exception e) { throw new CertificateEncodingException("Could not extract subject", e); } }
public static bool IsSignedBy(this X509Certificate thisCertificate, X509Certificate signerCertificate) { X509Certificate2 c = new X509Certificate2(thisCertificate.GetTbsCertificate()); X509Certificate2 i = new X509Certificate2(signerCertificate.GetTbsCertificate()); X509Certificate2 c2 = new X509Certificate2(@"c:\temp\der.cer"); X509Certificate2 i2 = new X509Certificate2(@"c:\temp\cader.cer"); /*byte[] pvSubject = thisCertificate.GetTbsCertificate(); byte[] pvIssuer = signerCertificate.GetTbsCertificate(); */ System.Text.Encoding.ASCII.GetString(c.RawData); IntPtr pvSubject = c.Handle; IntPtr pvIssuer = i.Handle; int res = SspiProvider.CryptVerifyCertificateSignatureEx(IntPtr.Zero, X509_ASN_ENCODING, CRYPT_VERIFY_CERT_SIGN_SUBJECT_CERT, pvSubject, CRYPT_VERIFY_CERT_SIGN_ISSUER_CERT, pvIssuer, 0, IntPtr.Zero); Marshal.GetLastWin32Error(); CmsSigner signer = new CmsSigner(i); SignedCms signedMessage = new SignedCms(); // deserialize PKCS #7 byte array signedMessage.Decode(thisCertificate.GetTbsCertificate()); Log.Write("Veryfy old"); Log.Write("EndVeryfy old"); Log.Write("Get signer's public key"); var publicKey = signerCertificate.GetPublicKey(); Log.Write("Got signer's public key"); try { Log.Write("Veryfy signature"); //TODO: log errors thisCertificate.Verify(publicKey); Log.Write("Verified"); } catch (CertificateException) { return false; } catch (InvalidKeyException) { return false; } return true; }
private static void CheckCertificateValidity(X509Certificate cert) { cert.CheckValidity(); var caCert = (X509Certificate)RootCertificates.GetRootCertGOST(); var gst = new Gost3410DigestSigner(new ECGost3410Signer(), new Gost3411_2012_256Digest()); gst.Init(false, caCert.GetPublicKey()); var tbsCertificate = cert.GetTbsCertificate(); gst.BlockUpdate(tbsCertificate, 0, tbsCertificate.Length); var t = gst.VerifySignature(cert.GetSignature()); if (!t) { throw new CryptographicException("Cannot verify signature"); } }
/** * Get the subject fields from an X509 Certificate * @param cert an X509Certificate * @return an X509Name */ public static X509Name GetSubjectFields(X509Certificate cert) { return new X509Name((Asn1Sequence)GetSubject(cert.GetTbsCertificate())); }
private KeyTransRecipientInfo ComputeRecipientInfo(X509Certificate x509certificate, byte[] abyte0) { Asn1InputStream asn1inputstream = new Asn1InputStream(new MemoryStream(x509certificate.GetTbsCertificate())); TbsCertificateStructure tbscertificatestructure = TbsCertificateStructure.GetInstance(asn1inputstream.ReadObject()); AlgorithmIdentifier algorithmidentifier = tbscertificatestructure.SubjectPublicKeyInfo.AlgorithmID; Org.BouncyCastle.Asn1.Cms.IssuerAndSerialNumber issuerandserialnumber = new Org.BouncyCastle.Asn1.Cms.IssuerAndSerialNumber( tbscertificatestructure.Issuer, tbscertificatestructure.SerialNumber.Value); IBufferedCipher cipher = CipherUtilities.GetCipher(algorithmidentifier.ObjectID); cipher.Init(true, x509certificate.GetPublicKey()); byte[] outp = new byte[10000]; int len = cipher.DoFinal(abyte0, outp, 0); byte[] abyte1 = new byte[len]; System.Array.Copy(outp, 0, abyte1, 0, len); DerOctetString deroctetstring = new DerOctetString(abyte1); RecipientIdentifier recipId = new RecipientIdentifier(issuerandserialnumber); return new KeyTransRecipientInfo( recipId, algorithmidentifier, deroctetstring); }
internal static TbsCertificateStructure GetTbsCertificateStructure(X509Certificate cert) { return TbsCertificateStructure.GetInstance(Asn1Object.FromByteArray(cert.GetTbsCertificate())); }
internal RecipientInf( X509Certificate cert) { this.cert = cert; this.pubKey = cert.GetPublicKey(); try { TbsCertificateStructure tbs = TbsCertificateStructure.GetInstance( Asn1Object.FromByteArray(cert.GetTbsCertificate())); keyEncAlg = tbs.SubjectPublicKeyInfo.AlgorithmID; } // catch (IOException e) catch (Exception) { throw new ArgumentException("can't extract key algorithm from this cert"); } // catch (CertificateEncodingException) // { // throw new ArgumentException("can't extract tbs structure from this cert"); // } }
public static X509Name GetIssuerX509Principal(X509Certificate cert) { try { TbsCertificateStructure instance = TbsCertificateStructure.GetInstance(Asn1Object.FromByteArray(cert.GetTbsCertificate())); return(instance.Issuer); } catch (global::System.Exception e) { throw new CertificateEncodingException("Could not extract issuer", e); } }