public static ResponderID getInstance(
object obj)
{
if (obj == null || obj is ResponderID)
{
return((ResponderID)obj);
}
else if (obj is DEROctetString)
{
return(new ResponderID((DEROctetString)obj));
}
else if (obj is ASN1TaggedObject)
{
ASN1TaggedObject o = (ASN1TaggedObject)obj;
if ((int)o.getTagNo() == 1)
{
return(new ResponderID(X509Name.getInstance(o, true)));
}
else
{
return(new ResponderID(ASN1OctetString.getInstance(o, true)));
}
}
return(new ResponderID(X509Name.getInstance(obj)));
}
public Holder(
ASN1Sequence seq)
{
for (int i = 0; i != seq.size(); i++)
{
ASN1TaggedObject tObj = (ASN1TaggedObject)seq.getObjectAt(i);
switch (tObj.getTagNo())
{
case 0:
baseCertificateID = IssuerSerial.getInstance(tObj, false);
break;
case 1:
entityName = GeneralNames.getInstance(tObj, false);
break;
case 2:
objectDigestInfo = ObjectDigestInfo.getInstance(tObj, false);
break;
default:
throw new ArgumentException("unknown tag in Holder");
}
}
}
public ASN1Encodable getInfo()
{
if (info is ASN1TaggedObject)
{
ASN1TaggedObject o = (ASN1TaggedObject)info;
switch ((int)o.getTagNo())
{
case 1:
return(KeyAgreeRecipientInfo.getInstance(o, true));
case 2:
return(KEKRecipientInfo.getInstance(o, true));
case 3:
return(PasswordRecipientInfo.getInstance(o, true));
case 4:
return(OtherRecipientInfo.getInstance(o, true));
default:
throw new InvalidOperationException("unknown tag");
}
}
return(KeyTransRecipientInfo.getInstance(info));
}
public DERInteger getVersion()
{
if (info is ASN1TaggedObject)
{
ASN1TaggedObject o = (ASN1TaggedObject)info;
switch ((int)o.getTagNo())
{
case 1:
return(KeyAgreeRecipientInfo.getInstance(o, true).getVersion());
case 2:
return(KEKRecipientInfo.getInstance(o, true).getVersion());
case 3:
return(PasswordRecipientInfo.getInstance(o, true).getVersion());
case 4:
return(new DERInteger(0)); // no syntax version for OtherRecipientInfo
default:
throw new InvalidOperationException("unknown tag");
}
}
return(KeyTransRecipientInfo.getInstance(info).getVersion());
}
public OriginatorInfo(
ASN1Sequence seq)
{
switch (seq.size())
{
case 0: // empty
break;
case 1:
ASN1TaggedObject o = (ASN1TaggedObject)seq.getObjectAt(0);
switch ((int)o.getTagNo())
{
case 0:
certs = ASN1Set.getInstance(o, false);
break;
case 1:
crls = ASN1Set.getInstance(o, false);
break;
default:
throw new ArgumentException("Bad tag in OriginatorInfo: " + o.getTagNo());
}
break;
case 2:
certs = ASN1Set.getInstance((ASN1TaggedObject)seq.getObjectAt(0), false);
crls = ASN1Set.getInstance((ASN1TaggedObject)seq.getObjectAt(1), false);
break;
default:
throw new ArgumentException("OriginatorInfo too big");
}
}
public SingleResponse(
ASN1Sequence seq)
{
this.certID = CertID.getInstance(seq.getObjectAt(0));
this.certStatus = CertStatus.getInstance(seq.getObjectAt(1));
this.thisUpdate = (DERGeneralizedTime)seq.getObjectAt(2);
if (seq.size() > 4)
{
this.nextUpdate = DERGeneralizedTime.getInstance(
(ASN1TaggedObject)seq.getObjectAt(3), true);
this.singleExtensions = X509Extensions.getInstance(
(ASN1TaggedObject)seq.getObjectAt(4), true);
}
else if (seq.size() > 3)
{
ASN1TaggedObject o = (ASN1TaggedObject)seq.getObjectAt(3);
if (o.getTagNo() == 0)
{
this.nextUpdate = DERGeneralizedTime.getInstance(o, true);
}
else
{
this.singleExtensions = X509Extensions.getInstance(o, true);
}
}
}
public ResponseData(
ASN1Sequence seq)
{
int index = 0;
if (seq.getObjectAt(0) is ASN1TaggedObject)
{
ASN1TaggedObject o = (ASN1TaggedObject)seq.getObjectAt(0);
if (o.getTagNo() == 0)
{
this.version = DERInteger.getInstance(
(ASN1TaggedObject)seq.getObjectAt(0), true);
index++;
}
else
{
this.version = null;
}
}
else
{
this.version = null;
}
this.responderID = ResponderID.getInstance(seq.getObjectAt(index++));
this.producedAt = (DERGeneralizedTime)seq.getObjectAt(index++);
this.responses = (ASN1Sequence)seq.getObjectAt(index++);
if (seq.size() > index)
{
this.responseExtensions = X509Extensions.getInstance(
(ASN1TaggedObject)seq.getObjectAt(index), true);
}
}
public CrlID(
ASN1Sequence seq)
{
IEnumerator e = seq.getObjects();
while (e.MoveNext())
{
ASN1TaggedObject o = (ASN1TaggedObject)e.Current;
switch ((int)o.getTagNo())
{
case 0:
crlUrl = DERIA5String.getInstance(o, true);
break;
case 1:
crlNum = DERInteger.getInstance(o, true);
break;
case 2:
crlTime = DERGeneralizedTime.getInstance(o, true);
break;
default:
throw new ArgumentException(
"unknown tag number: " + o.getTagNo());
}
}
}
/**
* return an OriginatorIdentifierOrKey object from a tagged object.
*
* @param o the tagged object holding the object we want.
* @param explicit true if the object is meant to be explicitly
* tagged false otherwise.
* @exception IllegalArgumentException if the object held by the
* tagged object cannot be converted.
*/
public static OriginatorIdentifierOrKey getInstance(
ASN1TaggedObject o,
bool explicitly)
{
if (!explicitly)
{
throw new ArgumentException(
"Can't implicitly tag OriginatorIdentifierOrKey");
}
return(getInstance(o.getObject()));
}
public DistributionPointName(
ASN1TaggedObject obj)
{
this.type = obj.getTagNo();
if (type == FULL_NAME)
{
this.name = GeneralNames.getInstance(obj, false);
}
else
{
this.name = ASN1Set.getInstance(obj, false);
}
}
public SignedData(
ASN1Sequence seq)
{
IEnumerator e = seq.getObjects();
e.MoveNext();
version = (DERInteger)e.Current;
e.MoveNext();
digestAlgorithms = ((ASN1Set)e.Current);
e.MoveNext();
contentInfo = ContentInfo.getInstance(e.Current);
while (e.MoveNext())
{
ASN1Object o = (ASN1Object)e.Current;
//
// an interesting feature of SignedData is that there appear
// to be varying implementations...
// for the moment we ignore anything which doesn't fit.
//
if (o is ASN1TaggedObject)
{
ASN1TaggedObject tagged = (ASN1TaggedObject)o;
switch ((int)tagged.getTagNo())
{
case 0:
certBer = tagged is BERTaggedObject;
certificates = ASN1Set.getInstance(tagged, false);
break;
case 1:
crlsBer = tagged is BERTaggedObject;
crls = ASN1Set.getInstance(tagged, false);
break;
default:
throw new ArgumentException("unknown tag value " + tagged.getTagNo());
}
}
else
{
signerInfos = (ASN1Set)o;
}
}
}
public static GeneralName getInstance(
object obj)
{
if (obj == null || obj is GeneralName)
{
return((GeneralName)obj);
}
if (obj is ASN1TaggedObject)
{
ASN1TaggedObject tagObj = (ASN1TaggedObject)obj;
int tag = (int)tagObj.getTagNo();
switch (tag)
{
case 0:
return(new GeneralName(tagObj.getObject(), tag));
case 1:
return(new GeneralName(DERIA5String.getInstance(tagObj, false), tag));
case 2:
return(new GeneralName(DERIA5String.getInstance(tagObj, false), tag));
case 3:
throw new ArgumentException("unknown tag: " + tag);
case 4:
return(new GeneralName(tagObj.getObject(), tag));
case 5:
return(new GeneralName(tagObj.getObject(), tag));
case 6:
return(new GeneralName(DERIA5String.getInstance(tagObj, false), tag));
case 7:
return(new GeneralName(ASN1OctetString.getInstance(tagObj, false), tag));
case 8:
return(new GeneralName(DERObjectIdentifier.getInstance(tagObj, false), tag));
}
}
throw new ArgumentException("unknown object in getInstance");
}
public CertStatus(
ASN1TaggedObject choice)
{
this.tagNo = choice.getTagNo();
switch ((int)choice.getTagNo())
{
case 0:
value = new DERNull();
break;
case 1:
value = RevokedInfo.getInstance(choice, false);
break;
case 2:
value = new DERNull();
break;
}
}
public NameConstraints(
ASN1Sequence seq)
{
IEnumerator e = seq.getObjects();
while (e.MoveNext())
{
ASN1TaggedObject o = (ASN1TaggedObject)e.Current;
switch ((int)o.getTagNo())
{
case 0:
permitted = ASN1Sequence.getInstance(o, false);
break;
case 1:
excluded = ASN1Sequence.getInstance(o, false);
break;
}
}
}
public DistributionPoint(
ASN1Sequence seq)
{
for (int i = 0; i != seq.size(); i++)
{
ASN1TaggedObject t = (ASN1TaggedObject)seq.getObjectAt(i);
switch ((int)t.getTagNo())
{
case 0:
distributionPoint = DistributionPointName.getInstance(t, true);
break;
case 1:
reasons = new ReasonFlags(DERBitString.getInstance(t, false));
break;
case 2:
cRLIssuer = GeneralNames.getInstance(t, false);
break;
}
}
}
/**
* Constructor from ASN1Sequence
*/
public IssuingDistributionPoint(
ASN1Sequence seq)
{
this.seq = seq;
for (int i = 0; i != seq.size(); i++)
{
ASN1TaggedObject o = (ASN1TaggedObject)seq.getObjectAt(i);
switch ((int)o.getTagNo())
{
case 0:
break;
case 1:
_onlyContainsUserCerts = DERBoolean.getInstance(o, false).isTrue();
break;
case 2:
_onlyContainsCACerts = DERBoolean.getInstance(o, false).isTrue();
break;
case 3:
break;
case 4:
_indirectCRL = DERBoolean.getInstance(o, false).isTrue();
break;
case 5:
_onlyContainsAttributeCerts = DERBoolean.getInstance(o, false).isTrue();
break;
default:
throw new ArgumentException("unknown tag in IssuingDistributionPoint");
}
}
}
public V2Form(
ASN1Sequence seq)
{
int index = 0;
if (!(seq.getObjectAt(0) is ASN1TaggedObject))
{
index++;
this.issuerName = GeneralNames.getInstance(seq.getObjectAt(0));
}
for (int i = index; i != seq.size(); i++)
{
ASN1TaggedObject o = (ASN1TaggedObject)seq.getObjectAt(i);
if (o.getTagNo() == 0)
{
baseCertificateID = IssuerSerial.getInstance(o, false);
}
else if (o.getTagNo() == 1)
{
objectDigestInfo = ObjectDigestInfo.getInstance(o, false);
}
}
}
public GeneralSubtree(
ASN1Sequence seq)
{
_base = GeneralName.getInstance(seq.getObjectAt(0));
switch (seq.size())
{
case 1:
break;
case 2:
ASN1TaggedObject o = (ASN1TaggedObject)seq.getObjectAt(1);
switch ((int)o.getTagNo())
{
case 0:
minimum = DERInteger.getInstance(o, false);
break;
case 1:
maximum = DERInteger.getInstance(o, false);
break;
default:
throw new ArgumentException("Bad tag number: " + o.getTagNo());
}
break;
case 3:
minimum = DERInteger.getInstance((ASN1TaggedObject)seq.getObjectAt(1), false);
maximum = DERInteger.getInstance((ASN1TaggedObject)seq.getObjectAt(2), false);
break;
default:
throw new ArgumentException("Bad sequence size: " + seq.size());
}
}
public TBSRequest(
ASN1Sequence seq)
{
int index = 0;
if (seq.getObjectAt(0) is ASN1TaggedObject)
{
ASN1TaggedObject o = (ASN1TaggedObject)seq.getObjectAt(0);
if (o.getTagNo() == 0)
{
version = DERInteger.getInstance((ASN1TaggedObject)seq.getObjectAt(0), true);
index++;
}
else
{
version = new DERInteger(0);
}
}
else
{
version = new DERInteger(0);
}
if (seq.getObjectAt(index) is ASN1TaggedObject)
{
requestorName = GeneralName.getInstance((ASN1TaggedObject)seq.getObjectAt(index++), true);
}
requestList = (ASN1Sequence)seq.getObjectAt(index++);
if (seq.size() == (index + 1))
{
requestExtensions = X509Extensions.getInstance((ASN1TaggedObject)seq.getObjectAt(index), true);
}
}
/**
* return a KEKRecipientInfo object from a tagged object.
*
* @param obj the tagged object holding the object we want.
* @param explicit true if the object is meant to be explicitly
* tagged false otherwise.
* @exception IllegalArgumentException if the object held by the
* tagged object cannot be converted.
*/
public static KEKRecipientInfo getInstance(
ASN1TaggedObject obj,
bool explicitly)
{
return(getInstance(ASN1Sequence.getInstance(obj, explicitly)));
}
public static AlgorithmIdentifier getInstance(
ASN1TaggedObject obj,
bool explicitly)
{
return(getInstance(ASN1Sequence.getInstance(obj, explicitly)));
}
public static ResponseBytes getInstance(
ASN1TaggedObject obj,
bool explicitly)
{
return(getInstance(ASN1Sequence.getInstance(obj, explicitly)));
}
public static BasicOCSPResponse getInstance(
ASN1TaggedObject obj,
bool explicitly)
{
return(getInstance(ASN1Sequence.getInstance(obj, explicitly)));
}
/**
* return an OriginatorPublicKey object from a tagged object.
*
* @param obj the tagged object holding the object we want.
* @param explicit true if the object is meant to be explicitly
* tagged false otherwise.
* @exception IllegalArgumentException if the object held by the
* tagged object cannot be converted.
*/
public static OriginatorPublicKey getInstance(
ASN1TaggedObject obj,
bool explicitly)
{
return(getInstance(ASN1Sequence.getInstance(obj, explicitly)));
}
/**
* Verifies a signature using the sub-filter adbe.pkcs7.detached or
* adbe.pkcs7.sha1.
* @param contentsKey the /Contents key
* @param provider the provider or <code>null</code> for the default provider
* @throws SecurityException on error
* @throws CRLException on error
* @throws InvalidKeyException on error
* @throws CertificateException on error
* @throws NoSuchProviderException on error
* @throws NoSuchAlgorithmException on error
*/
public PdfPKCS7(byte[] contentsKey)
{
ASN1InputStream din = new ASN1InputStream(new MemoryStream(contentsKey));
//
// Basic checks to make sure it's a PKCS#7 SignedData Object
//
ASN1Object pkcs;
try {
pkcs = din.readObject();
}
catch {
throw new ArgumentException("can't decode PKCS7SignedData object");
}
if (!(pkcs is ASN1Sequence))
{
throw new ArgumentException("Not a valid PKCS#7 object - not a sequence");
}
ASN1Sequence signedData = (ASN1Sequence)pkcs;
DERObjectIdentifier objId = (DERObjectIdentifier)signedData.getObjectAt(0);
if (!objId.getId().Equals(ID_PKCS7_SIGNED_DATA))
{
throw new ArgumentException("Not a valid PKCS#7 object - not signed data");
}
ASN1Sequence content = (ASN1Sequence)((DERTaggedObject)signedData.getObjectAt(1)).getObject();
// the positions that we care are:
// 0 - version
// 1 - digestAlgorithms
// 2 - possible ID_PKCS7_DATA
// (the certificates and crls are taken out by other means)
// last - signerInfos
// the version
version = ((DERInteger)content.getObjectAt(0)).getValue().intValue();
// the digestAlgorithms
digestalgos = new Hashtable();
IEnumerator e = ((ASN1Set)content.getObjectAt(1)).getObjects();
while (e.MoveNext())
{
ASN1Sequence s = (ASN1Sequence)e.Current;
DERObjectIdentifier o = (DERObjectIdentifier)s.getObjectAt(0);
digestalgos[o.getId()] = null;
}
// the certificates and crls
X509CertificateParser cf = new X509CertificateParser(contentsKey);
certs = new ArrayList();
while (true)
{
X509Certificate cc = cf.ReadCertificate();
if (cc == null)
{
break;
}
certs.Add(cc);
}
crls = new ArrayList();
// the possible ID_PKCS7_DATA
ASN1Sequence rsaData = (ASN1Sequence)content.getObjectAt(2);
if (rsaData.size() > 1)
{
DEROctetString rsaDataContent = (DEROctetString)((DERTaggedObject)rsaData.getObjectAt(1)).getObject();
RSAdata = rsaDataContent.getOctets();
}
// the signerInfos
int next = 3;
while (content.getObjectAt(next) is DERTaggedObject)
{
++next;
}
ASN1Set signerInfos = (ASN1Set)content.getObjectAt(next);
if (signerInfos.size() != 1)
{
throw new ArgumentException("This PKCS#7 object has multiple SignerInfos - only one is supported at this time");
}
ASN1Sequence signerInfo = (ASN1Sequence)signerInfos.getObjectAt(0);
// the positions that we care are
// 0 - version
// 1 - the signing certificate serial number
// 2 - the digest algorithm
// 3 or 4 - digestEncryptionAlgorithm
// 4 or 5 - encryptedDigest
signerversion = ((DERInteger)signerInfo.getObjectAt(0)).getValue().intValue();
// Get the signing certificate
ASN1Sequence issuerAndSerialNumber = (ASN1Sequence)signerInfo.getObjectAt(1);
BigInteger serialNumber = ((DERInteger)issuerAndSerialNumber.getObjectAt(1)).getValue();
foreach (X509Certificate cert in certs)
{
if (serialNumber.Equals(cert.getSerialNumber()))
{
signCert = cert;
break;
}
}
if (signCert == null)
{
throw new ArgumentException("Can't find signing certificate with serial " + serialNumber.ToString(16));
}
digestAlgorithm = ((DERObjectIdentifier)((ASN1Sequence)signerInfo.getObjectAt(2)).getObjectAt(0)).getId();
next = 3;
if (signerInfo.getObjectAt(next) is ASN1TaggedObject)
{
ASN1TaggedObject tagsig = (ASN1TaggedObject)signerInfo.getObjectAt(next);
ASN1Sequence sseq = (ASN1Sequence)tagsig.getObject();
MemoryStream bOut = new MemoryStream();
ASN1OutputStream dout = new ASN1OutputStream(bOut);
try {
ASN1EncodableVector attribute = new ASN1EncodableVector();
for (int k = 0; k < sseq.size(); ++k)
{
attribute.add(sseq.getObjectAt(k));
}
dout.writeObject(new DERSet(attribute));
dout.Close();
}
catch (IOException) {}
sigAttr = bOut.ToArray();
for (int k = 0; k < sseq.size(); ++k)
{
ASN1Sequence seq2 = (ASN1Sequence)sseq.getObjectAt(k);
if (((DERObjectIdentifier)seq2.getObjectAt(0)).getId().Equals(ID_MESSAGE_DIGEST))
{
ASN1Set sset = (ASN1Set)seq2.getObjectAt(1);
digestAttr = ((DEROctetString)sset.getObjectAt(0)).getOctets();
break;
}
}
if (digestAttr == null)
{
throw new ArgumentException("Authenticated attribute is missing the digest.");
}
++next;
}
digestEncryptionAlgorithm = ((DERObjectIdentifier)((ASN1Sequence)signerInfo.getObjectAt(next++)).getObjectAt(0)).getId();
digest = ((DEROctetString)signerInfo.getObjectAt(next)).getOctets();
if (RSAdata != null || digestAttr != null)
{
messageDigest = GetHashClass();
}
sig = SignerUtil.getSigner(GetDigestAlgorithm());
sig.init(false, signCert.getPublicKey());
}
public static DistributionPoint getInstance(
ASN1TaggedObject obj,
bool explicitly)
{
return(getInstance(ASN1Sequence.getInstance(obj, explicitly)));
}
public static X509Extensions getInstance(
ASN1TaggedObject obj,
bool explicitly)
{
return(getInstance(ASN1Sequence.getInstance(obj, explicitly)));
}
public static AttributeCertificateInfo getInstance(
ASN1TaggedObject obj,
bool isExplicit)
{
return(getInstance(ASN1Sequence.getInstance(obj, isExplicit)));
}
/**
* return a RecipientKeyIdentifier object from a tagged object.
*
* @param _ato the tagged object holding the object we want.
* @param _explicit true if the object is meant to be explicitly
* tagged false otherwise.
* @exception IllegalArgumentException if the object held by the
* tagged object cannot be converted.
*/
public static RecipientKeyIdentifier getInstance(ASN1TaggedObject _ato, bool _explicit)
{
return(getInstance(ASN1Sequence.getInstance(_ato, _explicit)));
}
public static X509CertificateStructure getInstance(
ASN1TaggedObject obj,
bool explicitly)
{
return(getInstance(ASN1Sequence.getInstance(obj, explicitly)));
}