예제 #1
0
        /// <summary>
        /// Decodes a ASN.1-encoded byte array that contains revoked certificate information to a collection.
        /// </summary>
        /// <param name="asn">ASN.1 that points to the beginning of the CRL entry collection structure.</param>
        /// <exception cref="Asn1InvalidTagException">The encoded data is not valid.</exception>
        /// <exception cref="ArgumentNullException">The <strong>rawData</strong> parameter is null reference.</exception>
        /// <remarks>This method removes any existing entries in the collection before decoding.</remarks>
        public void Decode(Asn1Reader asn)
        {
            if (asn == null)
            {
                throw new ArgumentNullException(nameof(asn));
            }
            if (asn.Tag != 48)
            {
                throw new Asn1InvalidTagException(asn.Offset);
            }
            Int32 offset = asn.Offset;

            InternalList.Clear();
            InternalList.Capacity = asn.GetNestedNodeCount();
            if (!asn.MoveNext())
            {
                throw new Asn1InvalidTagException(asn.Offset);
            }

            do
            {
                InternalList.Add(new X509CRLEntry(asn));
            } while (asn.MoveNextSibling());

            asn.Seek(offset);
        }
예제 #2
0
 void readCrlReasonCode(Asn1Reader asn)
 {
     if (asn.Tag != 48)
     {
         return;
     }
     asn.MoveNext();
     do
     {
         Int32 offset = asn.Offset;
         asn.MoveNextAndExpectTags(Asn1Type.OBJECT_IDENTIFIER);
         var oid = new Asn1ObjectIdentifier(asn).Value;
         if (oid.Value == X509ExtensionOid.CRLReasonCode)
         {
             asn.MoveNext();
             if (asn.Tag == (Byte)Asn1Type.BOOLEAN)
             {
                 asn.MoveNext();
             }
             if (asn.Tag == (Byte)Asn1Type.OCTET_STRING)
             {
                 asn.MoveNext();
                 if (asn.PayloadLength > 0)
                 {
                     ReasonCode = asn[asn.PayloadStartOffset];
                     break;
                 }
             }
         }
         asn.Seek(offset);
     } while (asn.MoveNextSibling());
 }
예제 #3
0
        void decode(Asn1Reader asn)
        {
            if (asn.Tag != 48)
            {
                throw new Asn1InvalidTagException(asn.Offset);
            }
            RawData = asn.GetTagRawData();
            Int32 offset = asn.Offset;

            asn.MoveNext();
            SerialNumber = Asn1Utils.DecodeInteger(asn.GetTagRawData(), true);
            asn.MoveNextAndExpectTags(Asn1Type.UTCTime, Asn1Type.GeneralizedTime);
            switch (asn.Tag)
            {
            case (Byte)Asn1Type.UTCTime:
                RevocationDate = new Asn1UtcTime(asn.GetTagRawData()).Value;
                break;

            case (Byte)Asn1Type.GeneralizedTime:
                RevocationDate = Asn1Utils.DecodeGeneralizedTime(asn.GetTagRawData());
                break;
            }
            if (asn.MoveNextSibling())
            {
                // use high-performant extension decoder instead of generic one.
                // Since CRLs may store a hundreds of thousands entries, this is
                // pretty reasonable to save loops whenever possible.
                readCrlReasonCode(asn);
            }
            asn.Seek(offset);
        }
예제 #4
0
        void decode(Byte[] rawData)
        {
            Asn1Reader asn = new Asn1Reader(rawData);

            asn.MoveNext();
            if (asn.PayloadLength == 0)
            {
                return;
            }
            do
            {
                switch (asn.Tag)
                {
                case 0xA0:
                    Asn1Reader distName = new Asn1Reader(asn.GetPayload());
                    do
                    {
                        switch (distName.Tag)
                        {
                        case 0xA0:
                            // full name
                            _fullNames.Decode(Asn1Utils.Encode(distName.GetPayload(), 48));
                            break;

                        case 0xA1:
                            // relative to issuer name
                            Byte[] relativeName = Asn1Utils.Encode(distName.GetPayload(), 48);
                            RelativeToIssuerName = new X500DistinguishedName(relativeName);
                            break;

                        default:
                            throw new InvalidDataException("The data is invalid");
                        }
                    } while (distName.MoveNextSibling());
                    break;

                case 0xA1:
                    // reasons
                    Asn1BitString bs = new Asn1BitString(asn.GetPayload());
                    if (bs.Value[0] == 0)
                    {
                        Reasons = X509RevocationReasonFlag.Unspecified;
                    }
                    else
                    {
                        Reasons = (X509RevocationReasonFlag)bs.Value[0];
                    }
                    break;

                case 0xA2:
                    // crl issuer
                    _crlIssuers.Decode(Asn1Utils.Encode(asn.GetPayload(), 48));
                    break;

                default:
                    throw new InvalidDataException("The data is invalid.");
                }
            } while (asn.MoveNextSibling());
            _rawData.AddRange(rawData);
        }
        static X509AlternativeNameCollection decodeNamesFromAsn(Byte[] rawData)
        {
            var altNames = new X509AlternativeNameCollection();
            var asn      = new Asn1Reader(rawData);

            asn.MoveNext();
            do
            {
                altNames.Add(new X509AlternativeName(asn.GetPayload()));
            } while (asn.MoveNextSibling());
            altNames.Close();
            return(altNames);
        }
예제 #6
0
        void decode()
        {
            var asn = new Asn1Reader(RawData);

            if (asn.PayloadLength == 0)
            {
                return;
            }

            asn.MoveNext();
            do
            {
                switch (asn.Tag)
                {
                case 0xa0:
                    DistributionPoint = new X509DistributionPoint(Asn1Utils.Encode(asn.GetTagRawData(), 48));
                    break;

                case 0xa1:
                    OnlyUserCerts = Asn1Utils.DecodeBoolean(asn.GetPayload());
                    break;

                case 0xa2:
                    OnlyCaCerts = Asn1Utils.DecodeBoolean(asn.GetPayload());
                    break;

                case 0xa3:
                    var val = new Asn1BitString(asn.GetPayload());
                    if (val.Value.Length > 1)
                    {
                        Reasons = (X509RevocationReasonFlag)BitConverter.ToUInt16(val.Value, 0);
                    }
                    else if (val.Value.Length == 1)
                    {
                        Reasons = (X509RevocationReasonFlag)val.Value[0];
                    }
                    break;

                case 0xa4:
                    IndirectCRL = Asn1Utils.DecodeBoolean(asn.GetPayload());
                    break;

                case 0xa5:
                    OnlyAttributeCerts = Asn1Utils.DecodeBoolean(asn.GetPayload());
                    break;
                }
            } while (asn.MoveNextSibling());
        }
        void m_decode(Byte[] rawData)
        {
            var asn = new Asn1Reader(rawData);

            asn.MoveNext();
            do
            {
                if (asn.PayloadLength > 0)
                {
                    switch (asn.Tag)
                    {
                    case 0xa0: _permittedSubtree.AddRange(decodeNamesFromAsn(asn.GetTagRawData())); break;

                    case 0xa1: _excludedSubtree.AddRange(decodeNamesFromAsn(asn.GetTagRawData())); break;
                    }
                }
            } while (asn.MoveNextSibling());
        }
        /// <summary>
        /// Decodes ASN.1-encoded byte array that represents a collection of <see cref="X509Extension"/> objects.
        /// </summary>
        /// <param name="extensions">Destination collection where decoded extensions will be added.</param>
        /// <param name="asn">ASN.1 reader which points to the beginning of the extenstion collection structure.</param>
        /// <exception cref="Asn1InvalidTagException">Decoder encountered an unexpected ASN.1 type identifier.</exception>
        /// <exception cref="ArgumentNullException">
        /// <strong>extensions</strong> and/or <strong>asn</strong> parameter is null.
        /// </exception>
        /// <remarks> If current collection contains items, decoded items will be appended to existing items.</remarks>
        public static void Decode(this X509ExtensionCollection extensions, Asn1Reader asn)
        {
            if (extensions == null)
            {
                throw new ArgumentNullException(nameof(extensions));
            }
            if (asn == null)
            {
                throw new ArgumentNullException(nameof(asn));
            }
            Int32 offset = asn.Offset;

            if (!asn.MoveNext() || asn.PayloadLength == 0)
            {
                return;
            }

            do
            {
                extensions.Add(X509ExtensionExtensions.Decode(asn));
            } while (asn.MoveNextSibling());
            asn.Seek(offset);
        }
예제 #9
0
        void m_decode()
        {
            try {
                Type = X509CrlType.BaseCrl;
                var signedInfo = new SignedContentBlob(_rawData, ContentBlobType.SignedBlob);
                // signature and alg
                signature          = signedInfo.Signature.Value;
                sigUnused          = signedInfo.Signature.UnusedBits;
                SignatureAlgorithm = signedInfo.SignatureAlgorithm.AlgorithmId;
                // tbs
                var asn = new Asn1Reader(signedInfo.ToBeSignedData);
                if (!asn.MoveNext())
                {
                    throw new Asn1InvalidTagException();
                }
                // version
                if (asn.Tag == (Byte)Asn1Type.INTEGER)
                {
                    Version = (Int32)Asn1Utils.DecodeInteger(asn.GetTagRawData()) + 1;
                    asn.MoveNextSibling();
                }
                else
                {
                    Version = 1;
                }
                // hash algorithm
                var h = new AlgorithmIdentifier(asn.GetTagRawData());
                if (h.AlgorithmId.Value != SignatureAlgorithm.Value)
                {
                    throw new CryptographicException("Algorithm mismatch.");
                }
                if (!asn.MoveNextSibling())
                {
                    throw new Asn1InvalidTagException();
                }
                // issuer
                IssuerName = new X500DistinguishedName(asn.GetTagRawData());
                // NextUpdate, RevokedCerts and Extensions are optional. Ref: RFC5280, p.118
                if (!asn.MoveNextSibling())
                {
                    throw new Asn1InvalidTagException();
                }
                switch (asn.Tag)
                {
                case (Byte)Asn1Type.UTCTime:
                    ThisUpdate = new Asn1UtcTime(asn.GetTagRawData()).Value;
                    break;

                case (Byte)Asn1Type.GeneralizedTime:
                    ThisUpdate = Asn1Utils.DecodeGeneralizedTime(asn.GetTagRawData());
                    break;

                default:
                    throw new Asn1InvalidTagException();
                }
                if (!asn.MoveNextSibling())
                {
                    return;
                }
                switch (asn.Tag)
                {
                case (Byte)Asn1Type.UTCTime:
                case (Byte)Asn1Type.GeneralizedTime:
                    switch (asn.Tag)
                    {
                    case (Byte)Asn1Type.UTCTime:
                        NextUpdate = new Asn1UtcTime(asn.GetTagRawData()).Value;
                        break;

                    case (Byte)Asn1Type.GeneralizedTime:
                        NextUpdate = Asn1Utils.DecodeGeneralizedTime(asn.GetTagRawData());
                        break;

                    default:
                        throw new Asn1InvalidTagException();
                    }
                    if (!asn.MoveNextSibling())
                    {
                        return;
                    }
                    if (asn.Tag == 48)
                    {
                        _revokedCerts.Decode(asn);
                        if (!asn.MoveNextSibling())
                        {
                            return;
                        }
                        readExtensions(asn);
                    }
                    else
                    {
                        readExtensions(asn);
                    }
                    break;

                case 48:
                    if (asn.Tag == 48)
                    {
                        _revokedCerts.Decode(asn);
                        if (!asn.MoveNextSibling())
                        {
                            return;
                        }
                        readExtensions(asn);
                    }
                    else
                    {
                        readExtensions(asn);
                    }
                    break;

                default:
                    readExtensions(asn);
                    break;
                }
                calculateThumbprint();
            } catch (Exception e) {
                throw new CryptographicException("Cannot find the requested object.", e);
            }
        }