예제 #1
0
 Boolean Equals(X509CRL2 other)
 {
     return(Version == other.Version &&
            Type == other.Type &&
            IssuerName.Equals(other.IssuerName) &&
            ThisUpdate.Equals(other.ThisUpdate) &&
            CRLNumber.Equals(other.CRLNumber));
 }
예제 #2
0
 /// <inheritdoc />
 public override Int32 GetHashCode()
 {
     unchecked {
         Int32 hashCode = Version;
         hashCode = (hashCode * 397) ^ (Int32)Type;
         hashCode = (hashCode * 397) ^ IssuerName.GetHashCode();
         hashCode = (hashCode * 397) ^ ThisUpdate.GetHashCode();
         hashCode = (hashCode * 397) ^ CRLNumber.GetHashCode();
         return(hashCode);
     }
 }
예제 #3
0
        List <Byte> buildTbs(Byte[] signatureAlgorithm, X509Certificate2 issuer)
        {
            if (String.IsNullOrEmpty(issuer.Issuer))
            {
                throw new ArgumentException("Subject name is empty.");
            }
            // coerce hashing algorithm
            if (HashingAlgorithm == null)
            {
                HashingAlgorithm = new Oid(AlgorithmOids.SHA256);
            }
            // coerce version
            if (_extensions.Count > 0)
            {
                Version = 2;
            }
            // coerce validity
            if (NextUpdate == null || NextUpdate.Value <= ThisUpdate)
            {
                NextUpdate = ThisUpdate.AddDays(7);
            }


            var rawBytes = new List <Byte>();

            // algorithm
            rawBytes.AddRange(signatureAlgorithm);
            // issuer
            rawBytes.AddRange(issuer.SubjectName.RawData);
            // thisUpdate
            rawBytes.AddRange(Asn1Utils.EncodeDateTime(ThisUpdate));
            // nextUpdate. Not null at this point, because we do not support CRL generation with infinity validity.
            rawBytes.AddRange(Asn1Utils.EncodeDateTime(NextUpdate.Value));
            // revokedCerts
            if (RevokedCertificates.Count > 0)
            {
                rawBytes.AddRange(RevokedCertificates.Encode());
                RevokedCertificates.Close();
            }
            // extensions
            if (Version == 2)
            {
                // insert version at the beginning.
                rawBytes.InsertRange(0, new Asn1Integer(Version - 1).RawData);
                generateExtensions(issuer);
                rawBytes.AddRange(Asn1Utils.Encode(Extensions.Encode(), 160));
            }
            // generate tbs
            return(new List <Byte>(Asn1Utils.Encode(rawBytes.ToArray(), 48)));
        }
        /// <summary>
        /// Create a new CertificateRevocationListBuilder.
        /// </summary>
        /// <param name="issuer">Certificate authority used to issue the CRL.</param>
        /// <param name="crlNumber">Unique CRL number.</param>
        public CertificateRevocationListBuilder(X509Certificate2 issuer, ulong crlNumber)
            : base(issuer)
        {
            // Base class does the validation when issuer is not null.
            if (issuer == null)
            {
                throw new ArgumentNullException(nameof(issuer));
            }

            // Bouncy Castle cannot construct BigInteger from a number.
            CrlNumber = new BigInteger(crlNumber.ToString(CultureInfo.InvariantCulture));

            // Per RFC 5280 the date should be in UTC.
            ThisUpdate = DateTime.UtcNow;

            // Per DirectTrust Community X.509 Certificate Policy
            // a new CRL must be generated at least every 30 days.
            NextUpdate = ThisUpdate.AddDays(30);

            // List of revoked certificates.
            RevokedCertificates = new List <Tuple <BigInteger, DateTime> >();
        }
        Byte[] encodeCTL()
        {
            var builder = new Asn1Builder()
                          .AddDerData(new X509EnhancedKeyUsageExtension(SubjectUsages, false).RawData);
            var rawData = new List <Byte>(new X509EnhancedKeyUsageExtension(SubjectUsages, false).RawData);

            if (!String.IsNullOrEmpty(ListIdentifier))
            {
                builder.AddOctetString(Encoding.Unicode.GetBytes(ListIdentifier + "\0"));
            }
            if (SequenceNumber != null)
            {
                builder.AddInteger(SequenceNumber.Value);
            }
            builder.AddDerData(Asn1Utils.EncodeDateTime(ThisUpdate.ToUniversalTime()));
            if (NextUpdate != null)
            {
                builder.AddDerData(Asn1Utils.EncodeDateTime(NextUpdate.Value.ToUniversalTime()));
            }
            return(builder.AddDerData(new AlgorithmIdentifier(HashAlgorithm, new Byte[0]).RawData)
                   .AddDerData(Entries.Encode())
                   .GetRawData());
        }
예제 #6
0
 private void Update()
 {
     ThisUpdate.NPInvoke();
 }