void m_initialize(Oid oid, Int32 majorVersion, Int32 minorVersion) { Oid = _eoid; Asn1Utils.EncodeObjectIdentifier(oid); Wincrypt.CERT_TEMPLATE_EXT pvStructInfo = new Wincrypt.CERT_TEMPLATE_EXT { pszObjId = oid.Value, dwMajorVersion = (UInt32)majorVersion, dwMinorVersion = (UInt32)minorVersion, fMinorVersion = true }; UInt32 pcbEncoded = 0; if (Crypt32.CryptEncodeObject(1, "1.3.6.1.4.1.311.21.7", ref pvStructInfo, null, ref pcbEncoded)) { RawData = new Byte[pcbEncoded]; Crypt32.CryptEncodeObject(1, "1.3.6.1.4.1.311.21.7", ref pvStructInfo, RawData, ref pcbEncoded); TemplateOid = new Oid(pvStructInfo.pszObjId); MajorVersion = majorVersion; MinorVersion = minorVersion; } else { throw new Win32Exception(Marshal.GetLastWin32Error()); } }
/// <summary> /// Encodes current object to ASN.1-encoded byte array. /// </summary> /// <returns>ASN.1-encoded byte array.</returns> public Byte[] Encode() { List <Byte> list = new List <Byte>(Asn1Utils.Encode(RawData, 49)); list.InsertRange(0, Asn1Utils.EncodeObjectIdentifier(Oid)); return(Asn1Utils.Encode(list.ToArray(), 48)); }
/// <summary> /// Encodes current object to a ASN.1-encoded byte array. /// </summary> /// <returns>ASN.1-encoded byte array.</returns> /// <remarks> /// Explicit notice text is always encoded as a <strong>BMPString</strong>. /// <para>Notice reference is encoded in the following sequence: attempts to encode a string as a /// <strong>VisibleString</strong> and then as a <strong>BMPString</strong> if <strong>VisibleString</strong> fails.</para> /// </remarks> public Byte[] Encode() { switch (Type) { case X509PolicyQualifierType.CpsUrl: if (String.IsNullOrEmpty(PolicyUrl.AbsoluteUri)) { throw new UninitializedObjectException(); } List <Byte> rawData = new List <Byte>(); rawData.AddRange(Asn1Utils.EncodeObjectIdentifier(new Oid("1.3.6.1.5.5.7.2.1"))); rawData.AddRange(Asn1Utils.EncodeIA5String(PolicyUrl.AbsoluteUri)); return(Asn1Utils.Encode(rawData.ToArray(), 48)); case X509PolicyQualifierType.UserNotice: List <Byte> refpart = new List <Byte>(); if (!String.IsNullOrEmpty(NoticeReference)) { refpart.AddRange(EncodeString(NoticeReference)); refpart.AddRange(Asn1Utils.Encode(new Asn1Integer(NoticeNumber).RawData, 48)); refpart = new List <Byte>(Asn1Utils.Encode(refpart.ToArray(), 48)); } if (!String.IsNullOrEmpty(NoticeText)) { refpart.AddRange(Asn1Utils.EncodeBMPString(NoticeText)); } List <Byte> oid = new List <Byte>(); oid.AddRange(Asn1Utils.EncodeObjectIdentifier(new Oid("1.3.6.1.5.5.7.2.2"))); oid.AddRange(Asn1Utils.Encode(refpart.ToArray(), 48)); return(Asn1Utils.Encode(oid.ToArray(), 48)); default: throw new UninitializedObjectException(); } }
/// <summary> /// Initializes a new instance of the Oid2 class using the specified Oid friendly name or value, OID registration group and search conditions. /// </summary> /// <param name="oid">Specifies the object identifier friendly name or value to search.</param> /// <param name="group">Specifies the OID registration group to search.</param> /// <param name="searchInDirectory">Specifies whether to search for an object identifier in Active Directory. If the machine is not /// domain-joined, an OID is searched by using local registration information.</param> public Oid2(String oid, OidGroupEnum group, Boolean searchInDirectory) { var flatOid = new Oid(oid); try { // try to validate if input OID contains OID value instead of friendly name Asn1Utils.EncodeObjectIdentifier(flatOid); oid = flatOid.Value; _searchBy = "ByValue"; } catch { _searchBy = "ByName"; } if (Environment.OSVersion.Version.Major >= 6) { _cng = true; } if (searchInDirectory) { if (DsUtils.Ping()) { initializeDS(oid, group); } else { initializeLocal(oid, group); } } else { initializeLocal(oid, group); } }
void encodeRegisteredId(Object value) { if (value == null) { rawData = new Byte[] { 136, 0 }; } else { Asn1Reader asn; switch (value) { case String sValue: Value = sValue; Oid oid = new Oid(sValue); asn = new Asn1Reader(Asn1Utils.EncodeObjectIdentifier(oid)); Value = oid.Value; break; case Oid oid1: asn = new Asn1Reader(Asn1Utils.EncodeObjectIdentifier(oid1)); Value = oid1.Value; break; case Oid2 oid2: asn = new Asn1Reader(Asn1Utils.EncodeObjectIdentifier(new Oid(oid2.Value))); Value = oid2.Value; break; default: throw new ArgumentException("The input data is not valid registered ID."); } rawData = Asn1Utils.Encode(asn.GetPayload(), 136); } }
void encodeRegisteredId(Object value) { if (value == null) { RawData = new Byte[] { 136, 0 }; } else { Asn1Reader asn; switch (value.GetType().FullName) { case "System.String": Value = (String)value; Oid oid = new Oid((String)value); asn = new Asn1Reader(Asn1Utils.EncodeObjectIdentifier(oid)); Value = oid.Value; break; case "System.Security.Oid": asn = new Asn1Reader(Asn1Utils.EncodeObjectIdentifier((Oid)value)); Value = ((Oid)value).Value; break; case "System.Security.Oid2": asn = new Asn1Reader(Asn1Utils.EncodeObjectIdentifier(new Oid(((Oid2)value).Value))); Value = ((Oid2)value).Value; break; default: throw new ArgumentException("The input data is not valid registered ID."); } RawData = Asn1Utils.Encode(asn.GetPayload(), 136); } }
/// <summary> /// Gets ASN.1-encoded byte array that represents OID mapping. /// </summary> /// <returns>ASN.1-encoded byte array.</returns> public Byte[] Encode() { List <Byte> entry = new List <Byte>(); entry.AddRange(Asn1Utils.EncodeObjectIdentifier(IssuerDomainOid)); entry.AddRange(Asn1Utils.EncodeObjectIdentifier(SubjectDomainOid)); return(Asn1Utils.Encode(entry.ToArray(), 48)); }
void m_encode(Oid oid, Byte[] parameters) { Parameters = parameters; AlgorithmId = oid; List <Byte> rawBytes = new List <Byte>(Asn1Utils.EncodeObjectIdentifier(oid)); rawBytes.AddRange(Parameters); RawData = Asn1Utils.Encode(rawBytes.ToArray(), 48); }
void m_initialize(IEnumerable <String> authorityIssuer, IEnumerable <String> ocsp, Boolean ocspFirst) { Oid = _oid; Critical = false; var aiaUrlStrings = new List <String>(); var ocspUrlStrings = new List <String>(); Byte[] aiaOidBytes = Asn1Utils.EncodeObjectIdentifier(new Oid("1.3.6.1.5.5.7.48.2")); Byte[] ocspOidBytes = Asn1Utils.EncodeObjectIdentifier(new Oid("1.3.6.1.5.5.7.48.1")); var aiaBytes = new List <Byte>(); var ocspBytes = new List <Byte>(); if (authorityIssuer != null) { foreach (Uri uri in authorityIssuer.Select(url => new Uri(url))) { aiaUrlStrings.Add(uri.AbsoluteUri); aiaBytes.AddRange(aiaOidBytes); aiaBytes.AddRange(Asn1Utils.Encode(Encoding.ASCII.GetBytes(uri.AbsoluteUri), 134)); aiaBytes = new List <Byte>(Asn1Utils.Encode(aiaBytes.ToArray(), 48)); } CertificationAuthorityIssuer = aiaUrlStrings.ToArray(); } else { CertificationAuthorityIssuer = Array.Empty <String>(); } if (ocsp != null) { foreach (Uri uri in ocsp.Select(url => new Uri(url))) { ocspUrlStrings.Add(uri.AbsoluteUri); ocspBytes.AddRange(ocspOidBytes); ocspBytes.AddRange(Asn1Utils.Encode(Encoding.ASCII.GetBytes(uri.AbsoluteUri), 134)); ocspBytes = new List <Byte>(Asn1Utils.Encode(ocspBytes.ToArray(), 48)); } OnlineCertificateStatusProtocol = ocspUrlStrings.ToArray(); } else { OnlineCertificateStatusProtocol = Array.Empty <String>(); } List <Byte> rawData; if (ocspFirst) { ocspBytes.AddRange(aiaBytes.ToArray()); rawData = ocspBytes; } else { aiaBytes.AddRange(ocspBytes.ToArray()); rawData = aiaBytes; } RawData = Asn1Utils.Encode(rawData.ToArray(), 48); }
void m_initialize(OidCollection applicationPolicies, Boolean critical) { Oid = _oid; Critical = critical; List<Byte> rawData = new List<Byte>(); foreach (Oid aoid in applicationPolicies.Cast<Oid>().Where(aoid => !String.IsNullOrEmpty(aoid.Value))) { _oids.Add(aoid); rawData.AddRange(Asn1Utils.Encode(Asn1Utils.EncodeObjectIdentifier(aoid), 48)); } RawData = Asn1Utils.Encode(rawData.ToArray(), 48); }
// specific name types encoders void encodeOtherName(Object value, Oid oid) { Byte[] rawBytes; if (value as String != null) { rawBytes = Encoding.UTF8.GetBytes((String)value); } else if (value as Byte[] != null) { rawBytes = (Byte[])value; } else { rawBytes = new Byte[0]; } Asn1Type tag; switch (oid.Value) { // UPN case "1.3.6.1.4.1.311.20.2.3": tag = Asn1Type.UTF8String; Type = X509AlternativeNamesEnum.UserPrincipalName; break; // Guid case "1.3.6.1.4.1.311.25.1": tag = Asn1Type.OCTET_STRING; Type = X509AlternativeNamesEnum.Guid; break; // Other name; default: Value = String.Empty; foreach (Byte B in rawBytes) { Value += $"{B:x2}" + " "; } Value = Value.Trim(); tag = Asn1Type.OCTET_STRING; Type = X509AlternativeNamesEnum.OtherName; break; } if (String.IsNullOrEmpty(Value)) { Value = Encoding.UTF8.GetString(rawBytes); } OID = oid; RawData = Asn1Utils.Encode(rawBytes, (Byte)tag); RawData = Asn1Utils.Encode(RawData, 160); List <Byte> tempBytes = new List <Byte>(Asn1Utils.EncodeObjectIdentifier(oid)); tempBytes.AddRange(RawData); RawData = Asn1Utils.Encode(tempBytes.ToArray(), 160); }
/// <summary> /// Removes certificate extension object identifier (OID) value from a specified extension group. /// </summary> /// <param name="extensionType">Specifies the extension type. Possible values are: <strong>EnabledExtensionList</strong>, <strong>OfflineExtensionList</strong> /// and <strong>DisabledExtensionList</strong>. /// <para>If extension is removed, <see cref="IsModified"/> property is set to <strong>True</strong>.</para></param> /// <param name="oid">Certificate extension object identifier.</param> /// <exception cref="ArgumentNullException">The <strong>extensionType</strong> parameter is <strong>Null</strong>.</exception> /// <exception cref="ArgumentException">The <strong>extensionType</strong> parameter value is incorrect, or <strong>oid</strong> parameter is invalid /// object identifier.</exception> public void Remove(String extensionType, Oid oid) { if (String.IsNullOrEmpty(Name)) { throw new UninitializedObjectException(); } try { Asn1Utils.EncodeObjectIdentifier(oid); } catch { throw new ArgumentException("Specified object identifier is not valid or is not resolvable"); } if (String.IsNullOrEmpty(extensionType)) { throw new ArgumentNullException(nameof(extensionType)); } List <Oid> existing; switch (extensionType.ToLower()) { case "enabledextensionlist": existing = new List <Oid>(EnabledExtensionList); if (GenericArray.OidContains(EnabledExtensionList, oid)) { GenericArray.RemoveOid(existing, oid); IsModified = true; } EnabledExtensionList = existing.ToArray(); break; case "offlineextensionlist": existing = new List <Oid>(OfflineExtensionList); if (GenericArray.OidContains(EnabledExtensionList, oid)) { GenericArray.RemoveOid(existing, oid); IsModified = true; } OfflineExtensionList = existing.ToArray(); break; case "disabledextensionlist": existing = new List <Oid>(DisabledExtensionList); if (GenericArray.OidContains(DisabledExtensionList, oid)) { GenericArray.RemoveOid(existing, oid); IsModified = true; } DisabledExtensionList = existing.ToArray(); break; default: throw new ArgumentException( "Invalid extension type is specified. Allowed types are: EnabledExtensionList, OfflineExtensionList and DisabledExtensionList."); } }
public static Byte[] ExportBinaryData(this X509Extension extension) { if (String.IsNullOrEmpty(extension.Oid.Value)) { return(null); } List <Byte> rawData = new List <Byte>(Asn1Utils.EncodeObjectIdentifier(extension.Oid)); if (extension.Critical) { rawData.AddRange(Asn1Utils.EncodeBoolean(true)); } rawData.AddRange(Asn1Utils.Encode(extension.RawData, (Byte)Asn1Type.OCTET_STRING)); return(Asn1Utils.Encode(rawData.ToArray(), 48)); }
/// <summary> /// Registers object identifier in the OID database, either, local or in Active Directory. /// </summary> /// <param name="value">An object identifier value to register.</param> /// <param name="friendlyName">A friendly name associated with the object identifier.</param> /// <param name="group">Specifies the OID group where specified object identifier should be registered.</param> /// <param name="writeInDirectory">Specifies, whether object is registered locally or in Active Directory.</param> /// <param name="localeId"> /// Specifies the locale ID. This parameter can be used to provide localized friendly name. This parameter can /// be used only when <strong>writeInDirectory</strong> is set to <strong>True</strong> in other cases it is /// silently ignored. /// </param> /// <param name="cpsUrl"> /// Specifies the URL to a <i>certificate practice statement</i> (<strong>CPS</strong>) location. /// </param> /// <exception cref="ArgumentNullException"> /// <strong>value</strong> and/or <strong>friendlyName</strong> is null or empty. /// </exception> /// <exception cref="ArgumentException"> /// Specified OID group is not supported. See <strong>Remarks</strong> section for more details. /// </exception> /// <exception cref="InvalidDataException"><strong>value</strong> parameter is not object idnetifier value.</exception> /// <exception cref="NotSupportedException"> /// A caller chose OID registration in Active Directory, however, the current computer is not a member of any /// Active Directory domain. /// </exception> /// <exception cref="InvalidOperationException"> /// An object identifier is already registered. /// </exception> /// <remarks> /// <para> /// <strong>Permissions:</strong> for this method to succeed, the caller must be a member of the local /// administrators group (if <strong>writeInDirectory</strong> is set to <strong>False</strong>) or /// be a member of <strong>Enterprise Admins</strong> group or has delegated write permissions on the /// <strong>OID</strong> container in Active Directory. OID container location is /// <i>CN=OID, CN=Public Key Services, CN=Services,CN=Configuration, {Configuration naming context}</i>. /// </para> /// <para> /// A newly registered OID is not resolvable by an application immediately. You may need to restart an application /// to allow new OID lookup. /// </para> /// <para> /// When <strong>writeInDirectory</strong> is set to <strong>True</strong>, <strong>group</strong> parameter /// is limited only to one of the following value: <strong>ApplicationPolicy</strong>,<strong>IssuancePolicy</strong> /// and <strong>CertificateTemplate</strong>. Other OID groups are not allowed to be stored in Active Directory. /// </para> /// </remarks> /// <returns>Registered object identifier.</returns> public static Oid2 Register(String value, String friendlyName, OidGroupEnum group, Boolean writeInDirectory, CultureInfo localeId, String cpsUrl = null) { if (String.IsNullOrEmpty(value)) { throw new ArgumentNullException(nameof(value)); } if (String.IsNullOrEmpty(friendlyName)) { throw new ArgumentNullException(nameof(friendlyName)); } try { Asn1Utils.EncodeObjectIdentifier(new Oid(value)); } catch { throw new InvalidDataException("The value is not valid OID string."); } String cn = null; if (writeInDirectory) { if (!DsUtils.Ping()) { throw new NotSupportedException("Workgroup environment is not supported."); } if (!String.IsNullOrEmpty(new Oid2(value, group, true).DistinguishedName)) { throw new InvalidOperationException("The object already exist."); } List <Int32> exclude = new List <Int32>(new[] { 0, 1, 2, 3, 4, 5, 6, 9, 10 }); if (exclude.Contains((Int32)group)) { throw new ArgumentException("The OID group is not valid."); } registerDS(new Oid(value, friendlyName), group, localeId, cpsUrl); cn = "CN=" + computeOidHash(value) + ",CN=OID," + DsUtils.ConfigContext; } else { registerLocal(new Oid(value, friendlyName), group); } return(new Oid2 { FriendlyName = friendlyName, Value = value, OidGroup = group, DistinguishedName = cn }); }
/// <summary> /// Gets all registrations for the specified OID value. /// </summary> /// <param name="value">OID value to search. If the OID name is passed, it is converted to a best OID value /// match and performs OID search by it's value.</param> /// <param name="searchInDirectory"> /// Specifies whether to search for an object identifier in Active Directory. If the machine is not /// domain-joined, an OID is searched by using local registration information. /// </param> /// <exception cref="ArgumentException"> /// The <strong>value</strong> parameter contains unresolvable object identifier friendly name. /// </exception> /// <returns>An array of OID registrations.</returns> /// <remarks> /// If registration information is found in Active Directory, <strong>DistinguishedName</strong> parameter contains /// directory path to a OID registration entry. /// </remarks> public static Oid2[] GetAllOids(String value, Boolean searchInDirectory) { String oidvalue; try { Asn1Utils.EncodeObjectIdentifier(new Oid(value)); oidvalue = value; } catch { var oid = new Oid(value); if (String.IsNullOrEmpty(oid.Value)) { throw new ArgumentException("Specified OID value is not recognized.", nameof(value)); } oidvalue = oid.Value; } return(new[] { 1, 2, 3, 4, 5, 6, 7, 8, 9, 10 }.Select(group => new Oid2(oidvalue, (OidGroupEnum)group, searchInDirectory)).Where(obj => !String.IsNullOrEmpty(obj.Value)).ToArray()); }
void encode(Oid oid, Byte[] parameters) { // if empty array received, then parameters is set to ASN.1 NULL type => 5, 0 param = parameters != null && parameters.Length == 0 ? new Byte[] { 5, 0 } : parameters; algId = oid; var rawBytes = new List <Byte>(Asn1Utils.EncodeObjectIdentifier(oid)); if (param != null) { rawBytes.AddRange(param); } _rawData.AddRange(Asn1Utils.Encode(rawBytes.ToArray(), 48)); }
public static Byte[] EncodeX509Extension(X509Extension extension) { if (extension == null) { throw new ArgumentNullException(nameof(extension)); } if (String.IsNullOrEmpty(extension.Oid.Value)) { throw new UninitializedObjectException(); } List <Byte> rawData = new List <Byte>(Asn1Utils.EncodeObjectIdentifier(extension.Oid)); if (extension.Critical) { rawData.AddRange(Asn1Utils.EncodeBoolean(true)); } rawData.AddRange(Asn1Utils.Encode(extension.RawData, (Byte)Asn1Type.OCTET_STRING)); return(Asn1Utils.Encode(rawData.ToArray(), 48)); }
/// <summary> /// Encodes current object to a DER-encoded byte array. Returned array is used to construct initial OCSP Request structure. /// </summary> /// <returns>Returns a DER-encoded byte array.</returns> /// <value>System.Byte[]</value> public Byte[] Encode() { if (!String.IsNullOrEmpty(SerialNumber)) { if (issuerPublicKey != null) { initializeFromCertAndIssuer(); } // algorithm identifier var rawData = new List <Byte>(Asn1Utils.EncodeObjectIdentifier(hashAlgorithm)); rawData.AddRange(Asn1Utils.EncodeNull()); rawData = new List <Byte>(Asn1Utils.Encode(rawData.ToArray(), 48)); // IssuerNameId rawData.AddRange(Asn1Utils.Encode(AsnFormatter.StringToBinary(IssuerNameId, EncodingType.HexRaw), 4)); // IssuerKeyId rawData.AddRange(Asn1Utils.Encode(AsnFormatter.StringToBinary(IssuerKeyId, EncodingType.HexRaw), 4)); // SerialNumber rawData.AddRange(Asn1Utils.Encode(serialNumber, 2)); IsReadOnly = true; return(Asn1Utils.Encode(rawData.ToArray(), 48)); } throw new UninitializedObjectException(); }
void m_initialize(String policyOid, X509PolicyQualifierCollection qualifiers = null) { rawData.AddRange(Asn1Utils.EncodeObjectIdentifier(new Oid(policyOid))); PolicyOid = new Oid(policyOid); PolicyQualifiers = qualifiers ?? new X509PolicyQualifierCollection(); }