예제 #1
0
 /// <summary>
 /// Initializes a new instance of <strong>X509CrlBuilder</strong> from existing CRL data.
 /// </summary>
 /// <param name="existingCrl">Existing CRL object.</param>
 /// <remarks>Only version, extensions and a list of revoked certificates are copied to the builder.</remarks>
 public X509CrlBuilder(X509CRL2 existingCrl)
 {
     Version = existingCrl.Version;
     _extensions.AddRange(
         existingCrl.Extensions
         .Cast <X509Extension>()
         // we do not add NextCrlPublish extension.
         .Where(x => x.Oid.Value != X509CertExtensions.X509NextCRLPublish));
     RevokedCertificates.AddRange(existingCrl.RevokedCertificates);
 }
예제 #2
0
파일: X509CRL2.cs 프로젝트: njmube/pkix.net 
 /// <summary>
 /// Resets the state of an X509CRL2.
 /// </summary>
 /// <remarks>This method can be used to reset the state of the CRL. It also frees any resources associated with the CRL.</remarks>
 public void Reset()
 {
     Dispose();
     Extensions = new X509ExtensionCollection();
     RevokedCertificates.Clear();
     Version            = 0;
     Type               = X509CrlType.BaseCrl;
     IssuerName         = null;
     ThisUpdate         = new DateTime();
     NextUpdate         = null;
     SignatureAlgorithm = null;
     RawData            = null;
 }
예제 #3
0
        List <Byte> buildTbs(Byte[] signatureAlgorithm, X509Certificate2 issuer)
        {
            if (String.IsNullOrEmpty(issuer.Issuer))
            {
                throw new ArgumentException("Subject name is empty.");
            }
            // coerce hashing algorithm
            if (HashingAlgorithm == null)
            {
                HashingAlgorithm = new Oid(AlgorithmOids.SHA256);
            }
            // coerce version
            if (_extensions.Count > 0)
            {
                Version = 2;
            }
            // coerce validity
            if (NextUpdate == null || NextUpdate.Value <= ThisUpdate)
            {
                NextUpdate = ThisUpdate.AddDays(7);
            }


            var rawBytes = new List <Byte>();

            // algorithm
            rawBytes.AddRange(signatureAlgorithm);
            // issuer
            rawBytes.AddRange(issuer.SubjectName.RawData);
            // thisUpdate
            rawBytes.AddRange(Asn1Utils.EncodeDateTime(ThisUpdate));
            // nextUpdate. Not null at this point, because we do not support CRL generation with infinity validity.
            rawBytes.AddRange(Asn1Utils.EncodeDateTime(NextUpdate.Value));
            // revokedCerts
            if (RevokedCertificates.Count > 0)
            {
                rawBytes.AddRange(RevokedCertificates.Encode());
                RevokedCertificates.Close();
            }
            // extensions
            if (Version == 2)
            {
                // insert version at the beginning.
                rawBytes.InsertRange(0, new Asn1Integer(Version - 1).RawData);
                generateExtensions(issuer);
                rawBytes.AddRange(Asn1Utils.Encode(Extensions.Encode(), 160));
            }
            // generate tbs
            return(new List <Byte>(Asn1Utils.Encode(rawBytes.ToArray(), 48)));
        }
예제 #4
0
파일: X509CRL2.cs 프로젝트: njmube/pkix.net 
 void getRevCerts(Asn1Reader asn)
 {
     RevokedCertificates.Decode(asn.GetTagRawData());
     RevokedCertificates.Close();
 }
예제 #5
0
 /// <summary>
 /// Initializes a new instance of <strong>X509CrlBuilder</strong> from existing CRL data.
 /// </summary>
 /// <param name="existingCrl">Existing CRL object.</param>
 /// <remarks>Only version, extensions and a list of revoked certificates are copied to the builder.</remarks>
 public X509CrlBuilder(X509CRL2 existingCrl)
 {
     Version = existingCrl.Version;
     _extensions.AddRange(existingCrl.Extensions.Cast <X509Extension>());
     RevokedCertificates.AddRange(existingCrl.RevokedCertificates);
 }