private object[] GetData() { GXAsn1ObjectIdentifier alg; if (PublicKey.Scheme == Ecdsa.Enums.Ecc.P256) { alg = new GXAsn1ObjectIdentifier("1.2.840.10045.3.1.7"); } else { alg = new GXAsn1ObjectIdentifier("1.3.132.0.34"); } object subjectPKInfo = new GXAsn1BitString(PublicKey.RawValue, 0); object[] tmp = new object[] { new GXAsn1ObjectIdentifier("1.2.840.10045.2.1"), alg }; GXAsn1Context attributes = new GXAsn1Context(); foreach (KeyValuePair <PkcsObjectIdentifier, object[]> it in Attributes) { GXAsn1Sequence s = new GXAsn1Sequence(); s.Add(new GXAsn1ObjectIdentifier(PkcsObjectIdentifierConverter.GetString(it.Key))); //Convert object array to list. List <object> values = new List <object>(); foreach (object v in it.Value) { values.Add(v); } s.Add(new KeyValuePair <object, object>(values, null)); attributes.Add(s); } return(new object[] { (sbyte)Version, GXAsn1Converter.EncodeSubject(Subject), new object[] { tmp, subjectPKInfo }, attributes }); }
private void Init(byte[] data) { GXAsn1Sequence seq = (GXAsn1Sequence)GXAsn1Converter.FromByteArray(data); if (seq.Count < 3) { throw new System.ArgumentException("Wrong number of elements in sequence."); } if (!(seq[0] is sbyte)) { PkcsType type = GXAsn1Converter.GetCertificateType(data, seq); switch (type) { case PkcsType.Pkcs10: throw new GXDLMSCertificateException("Invalid Certificate. This is PKCS 10 certification requests, not PKCS 8."); case PkcsType.x509Certificate: throw new GXDLMSCertificateException("Invalid Certificate. This is PKCS x509 certificate, not PKCS 8."); } throw new GXDLMSCertificateException("Invalid Certificate Version."); } Version = (CertificateVersion)seq[0]; GXAsn1Sequence tmp = (GXAsn1Sequence)seq[1]; Algorithm = X9ObjectIdentifierConverter.FromString(tmp[0].ToString()); PrivateKey = GXPrivateKey.FromRawBytes((byte[])((GXAsn1Sequence)seq[2])[1]); if (PrivateKey == null) { throw new Exception("Invalid private key."); } PublicKey = GXPublicKey.FromRawBytes(((GXAsn1BitString)((List <object>)((GXAsn1Sequence)seq[2])[2])[0]).Value); GXEcdsa.Validate(PublicKey); }
/// <summary> /// Sign /// </summary> /// <param name="key">Private key. </param> /// <param name="HashAlgorithm">Used algorithm for signing. </param> void Sign(GXPrivateKey key, HashAlgorithm HashAlgorithm) { byte[] data = GXAsn1Converter.ToByteArray(Getdata()); GXEcdsa e = new GXEcdsa(key); SignatureAlgorithm = HashAlgorithm; Signature = e.Sign(data); }
/// <summary> /// Constructor for RSA Public Key (PKCS#1). This is read from PEM file. /// </summary> /// <param name="data">(PKCS#1) Public key. </param> /// public GXAsn1PublicKey(GXAsn1BitString data) { if (data == null) { throw new System.ArgumentException("key"); } GXAsn1Sequence seq = (GXAsn1Sequence)GXAsn1Converter.FromByteArray(data.Value); Init(GXAsn1Converter.ToByteArray(new object[] { seq[0], seq[1] })); }
private void Init(byte[] data) { GXAsn1Sequence seq = (GXAsn1Sequence)GXAsn1Converter.FromByteArray(data); if (seq.Count < 3) { throw new System.ArgumentException("Wrong number of elements in sequence."); } ///////////////////////////// // CertificationRequestInfo ::= SEQUENCE { // version INTEGER { v1(0) } (v1,...), // subject Name, // subjectPKInfo SubjectPublicKeyInfo{{ PKInfoAlgorithms }}, // attributes [0] Attributes{{ CRIAttributes }} // } GXAsn1Sequence reqInfo = (GXAsn1Sequence)seq[0]; Version = (CertificateVersion)(sbyte)reqInfo[0]; Subject = GXAsn1Converter.GetSubject((GXAsn1Sequence)reqInfo[1]); // subject Public key info. GXAsn1Sequence subjectPKInfo = (GXAsn1Sequence)reqInfo[2]; if (reqInfo.Count > 3) { Attributes = reqInfo[3]; } GXAsn1Sequence tmp = (GXAsn1Sequence)subjectPKInfo[0]; Algorithm = PkcsObjectIdentifierConverter.FromString(tmp[0].ToString()); if ((PkcsObjectIdentifier)Algorithm == PkcsObjectIdentifier.None) { Algorithm = X9ObjectIdentifierConverter.FromString(tmp[0].ToString()); } byte[] encodedKey = GXAsn1Converter.ToByteArray(subjectPKInfo); PublicKey = GXPublicKey.FromRawBytes(encodedKey); ///////////////////////////// // signatureAlgorithm GXAsn1Sequence sign = (GXAsn1Sequence)seq[1]; SignatureAlgorithm = HashAlgorithmConverter.FromString(sign[0].ToString()); if (sign.Count != 1) { SignatureParameters = sign[1]; } ///////////////////////////// // signature Signature = ((GXAsn1BitString)seq[2]).Value; GXEcdsa e = new GXEcdsa(PublicKey); if (!e.Verify(GXAsn1Converter.ToByteArray(reqInfo), data)) { throw new ArgumentException("Invalid Signature."); } }
/// <summary> /// Sign /// </summary> /// <param name="key">Private key. </param> /// <param name="HashAlgorithm">Used algorithm for signing. </param> void Sign(GXPrivateKey key, HashAlgorithm HashAlgorithm) { byte[] data = GXAsn1Converter.ToByteArray(GetData()); GXEcdsa e = new GXEcdsa(key); SignatureAlgorithm = HashAlgorithm; GXByteBuffer bb = new GXByteBuffer(); bb.Set(e.Sign(data)); int size = SignatureAlgorithm == HashAlgorithm.Sha256WithEcdsa ? 32 : 48; object[] tmp = new object[] { new GXAsn1Integer(bb.SubArray(0, size)), new GXAsn1Integer(bb.SubArray(size, size)) }; Signature = GXAsn1Converter.ToByteArray(tmp); }
private object[] Getdata() { object subjectPKInfo = GXAsn1Converter.FromByteArray(PublicKey.RawValue); object[] list; if (Attributes != null) { list = new object[] { (byte)Version, GXAsn1Converter.EncodeSubject(Subject), subjectPKInfo, Attributes }; } else { list = new object[] { (byte)Version, GXAsn1Converter.EncodeSubject(Subject), subjectPKInfo, new GXAsn1Context() }; } return(list); }
/// <summary> /// Get certificate type from byte array. /// </summary> /// <param name="data"></param> /// <returns></returns> internal static PkcsType GetCertificateType(byte[] data, GXAsn1Sequence seq) { if (seq == null) { seq = (GXAsn1Sequence)GXAsn1Converter.FromByteArray(data); } if (seq[0] is GXAsn1Sequence) { try { new GXx509Certificate(data); return(PkcsType.x509Certificate); } catch (Exception) { //It's ok if this fails. } } if (seq[0] is GXAsn1Sequence) { try { new GXPkcs10(data); return(PkcsType.Pkcs10); } catch (Exception) { //It's ok if this fails. } } if (seq[0] is sbyte) { try { new GXPkcs8(data); return(PkcsType.Pkcs8); } catch (Exception) { //It's ok if this fails. } } return(PkcsType.None); }
private void Init(byte[] data) { GXAsn1Sequence seq = (GXAsn1Sequence)GXAsn1Converter.FromByteArray(data); if (seq.Count < 3) { throw new System.ArgumentException("Wrong number of elements in sequence."); } Version = (CertificateVersion)seq[0]; GXAsn1Sequence tmp = (GXAsn1Sequence)seq[1]; Algorithm = X9ObjectIdentifierConverter.FromString(tmp[0].ToString()); PrivateKey = GXPrivateKey.FromRawBytes((byte[])((GXAsn1Sequence)seq[2])[1]); if (PrivateKey == null) { throw new Exception("Invalid private key."); } PublicKey = GXPublicKey.FromRawBytes(((GXAsn1BitString)((List <object>)((GXAsn1Sequence)seq[2])[2])[0]).Value); GXEcdsa.Validate(PublicKey); }
private void Init(byte[] data) { GXAsn1Sequence seq = (GXAsn1Sequence)GXAsn1Converter.FromByteArray(data); if (seq.Count < 3) { throw new System.ArgumentException("Wrong number of elements in sequence."); } Version = (CertificateVersion)seq[0]; GXAsn1Sequence tmp = (GXAsn1Sequence)seq[1]; Algorithm = X9ObjectIdentifierConverter.FromString(tmp[0].ToString()); if ((X9ObjectIdentifier)Algorithm == X9ObjectIdentifier.None) { Algorithm = PkcsObjectIdentifierConverter.FromString(tmp[0].ToString()); } PrivateKey = GXPrivateKey.FromRawBytes((byte[])((GXAsn1Sequence)seq[2])[1]); if (PrivateKey == null) { throw new Exception("Invalid private key."); } PublicKey = PrivateKey.GetPublicKey(); }
/// <summary> /// Test is x509 file certified by the certifier. /// </summary> /// <param name="certifier">Public key of the certifier.</param> /// <returns>True, if certifier has certified the certificate.</returns> public bool IsCertified(GXPublicKey certifier) { if (certifier == null) { throw new ArgumentNullException(nameof(certifier)); } //Get raw data GXByteBuffer tmp2 = new GXByteBuffer(); tmp2.Set(Encoded); GXAsn1Converter.GetNext(tmp2); tmp2.Size = tmp2.Position; tmp2.Position = 1; GXCommon.GetObjectCount(tmp2); GXEcdsa e = new GXEcdsa(certifier); GXAsn1Sequence tmp3 = (GXAsn1Sequence)GXAsn1Converter.FromByteArray(Signature); GXByteBuffer bb = new GXByteBuffer(); int size = SignatureAlgorithm == HashAlgorithm.Sha256WithEcdsa ? 32 : 48; //Some implementations might add extra byte. It must removed. bb.Set(((GXAsn1Integer)tmp3[0]).Value, ((GXAsn1Integer)tmp3[0]).Value.Length == size ? 0 : 1, size); bb.Set(((GXAsn1Integer)tmp3[1]).Value, ((GXAsn1Integer)tmp3[1]).Value.Length == size ? 0 : 1, size); return(e.Verify(bb.Array(), tmp2.SubArray(tmp2.Position, tmp2.Available))); }
private object[] GetDataList() { if (string.IsNullOrEmpty(Issuer)) { throw new ArgumentNullException("Issuer is empty."); } if (string.IsNullOrEmpty(Subject)) { throw new ArgumentNullException("Subject is empty."); } GXAsn1ObjectIdentifier a = new GXAsn1ObjectIdentifier(HashAlgorithmConverter.GetString(SignatureAlgorithm)); GXAsn1Sequence seq; GXAsn1Context p = new GXAsn1Context(); p.Add((sbyte)Version); GXAsn1Sequence s = new GXAsn1Sequence(); GXAsn1Sequence s1; if (SubjectKeyIdentifier != null) { s1 = new GXAsn1Sequence(); s1.Add(new GXAsn1ObjectIdentifier(X509CertificateTypeConverter.GetString(Enums.X509CertificateType.SubjectKeyIdentifier))); GXByteBuffer bb = new GXByteBuffer(); bb.SetUInt8(BerType.OctetString); GXCommon.SetObjectCount(SubjectKeyIdentifier.Length, bb); bb.Set(SubjectKeyIdentifier); s1.Add(bb.Array()); s.Add(s1); } if (AuthorityKeyIdentifier != null || AuthorityCertIssuer != null || AuthorityCertificationSerialNumber != null) { s1 = new GXAsn1Sequence(); s1.Add(new GXAsn1ObjectIdentifier(X509CertificateTypeConverter.GetString(Enums.X509CertificateType.AuthorityKeyIdentifier))); s.Add(s1); GXAsn1Context s2 = new GXAsn1Context() { Index = 3 }; GXAsn1Sequence c1 = new GXAsn1Sequence(); if (AuthorityKeyIdentifier != null) { GXAsn1Context c4 = new GXAsn1Context() { Constructed = false, Index = 0 }; c4.Add(AuthorityKeyIdentifier); c1.Add(c4); s1.Add(GXAsn1Converter.ToByteArray(c1)); } if (AuthorityCertIssuer != null) { GXAsn1Context c2 = new GXAsn1Context(); c2.Index = 1; c1.Add(c2); GXAsn1Context c3 = new GXAsn1Context() { Index = 4 }; c2.Add(c3); c3.Add(GXAsn1Converter.EncodeSubject(AuthorityCertIssuer)); s2.Add(c1); } if (AuthorityCertificationSerialNumber != null) { GXAsn1Context c4 = new GXAsn1Context() { Constructed = false, Index = 2 }; c4.Add(AuthorityCertificationSerialNumber); c1.Add(c4); s1.Add(GXAsn1Converter.ToByteArray(c1)); } } // BasicConstraints s1 = new GXAsn1Sequence(); s1.Add(new GXAsn1ObjectIdentifier(X509CertificateTypeConverter.GetString(Enums.X509CertificateType.BasicConstraints))); seq = new GXAsn1Sequence(); if (BasicConstraints) { //BasicConstraints is critical if it exists. s1.Add(BasicConstraints); } else if (KeyUsage == KeyUsage.None) { throw new Exception("Key usage not present."); } s1.Add(GXAsn1Converter.ToByteArray(seq)); s.Add(s1); s1 = new GXAsn1Sequence(); s1.Add(new GXAsn1ObjectIdentifier(X509CertificateTypeConverter.GetString(Enums.X509CertificateType.KeyUsage))); byte value = 0; int min = 255; byte keyUsage = GXCommon.SwapBits((byte)KeyUsage); foreach (KeyUsage it in Enum.GetValues(typeof(KeyUsage))) { if ((((byte)it) & keyUsage) != 0) { byte val = (byte)it; value |= val; if (val < min) { min = val; } } } int ignore = 0; while ((min >>= 1) != 0) { ++ignore; } byte[] tmp = GXAsn1Converter.ToByteArray(new GXAsn1BitString(new byte[] { (byte)(ignore % 8), value })); s1.Add(tmp); s.Add(s1); GXAsn1Sequence valid = new GXAsn1Sequence(); valid.Add(ValidFrom); valid.Add(ValidTo); GXAsn1ObjectIdentifier alg; if (PublicKey.Scheme == Ecdsa.Enums.Ecc.P256) { alg = new GXAsn1ObjectIdentifier("1.2.840.10045.3.1.7"); } else { alg = new GXAsn1ObjectIdentifier("1.3.132.0.34"); } object[] list; object[] tmp3 = new object[] { new GXAsn1ObjectIdentifier("1.2.840.10045.2.1"), alg }; GXAsn1Context tmp4 = new GXAsn1Context(); tmp4.Index = 3; tmp4.Add(s); object[] tmp2 = new object[] { tmp3, new GXAsn1BitString(PublicKey.RawValue, 0) }; object[] p2; if (SignatureParameters == null) { p2 = new object[] { a }; } else { p2 = new object[] { a, SignatureParameters }; } list = new object[] { p, new GXAsn1Integer(SerialNumber.ToByteArray()), p2, GXAsn1Converter.EncodeSubject(Issuer), valid, GXAsn1Converter.EncodeSubject(Subject), tmp2, tmp4 }; return(list); }
/// <summary> /// Find public key certificate by system title. /// </summary> /// <param name="systemTitle">System title.</param> /// <returns>Found certificate or null if certificate is not found.</returns> public GXx509Certificate FindBySystemTitle(byte[] systemTitle) { return(FindByCommonName(GXAsn1Converter.SystemTitleToSubject(systemTitle))); }
private object[] GetData() { GXAsn1ObjectIdentifier a = new GXAsn1ObjectIdentifier(HashAlgorithmConverter.GetString(SignatureAlgorithm)); GXAsn1Context p = new GXAsn1Context(); p.Add((sbyte)Version); object subjectPKInfo = GXAsn1Converter.FromByteArray(PublicKey.RawValue); GXAsn1Sequence s = new GXAsn1Sequence(); GXAsn1Sequence s1; if (SubjectKeyIdentifier != null) { s1 = new GXAsn1Sequence(); s1.Add(new GXAsn1ObjectIdentifier(X509CertificateTypeConverter.GetString(Enums.X509CertificateType.SubjectKeyIdentifier))); GXByteBuffer bb = new GXByteBuffer(); bb.SetUInt8(BerType.OctetString); GXCommon.SetObjectCount(SubjectKeyIdentifier.Length, bb); bb.Set(SubjectKeyIdentifier); s1.Add(bb.Array()); s.Add(s1); } if (AuthorityKeyIdentifier != null) { s1 = new GXAsn1Sequence(); s1.Add(new GXAsn1ObjectIdentifier(X509CertificateTypeConverter.GetString(Enums.X509CertificateType.AuthorityKeyIdentifier))); GXAsn1Sequence seq = new GXAsn1Sequence(); seq.Add(AuthorityKeyIdentifier); s1.Add(GXAsn1Converter.ToByteArray(seq)); s.Add(s1); } if (BasicConstraints) { s1 = new GXAsn1Sequence(); s1.Add(new GXAsn1ObjectIdentifier(X509CertificateTypeConverter.GetString(Enums.X509CertificateType.BasicConstraints))); GXAsn1Sequence seq = new GXAsn1Sequence(); seq.Add(BasicConstraints); s1.Add(GXAsn1Converter.ToByteArray(seq)); s.Add(s1); } if (KeyUsage == KeyUsage.None) { throw new Exception("Key usage not present."); } s1 = new GXAsn1Sequence(); s1.Add(new GXAsn1ObjectIdentifier(X509CertificateTypeConverter.GetString(Enums.X509CertificateType.KeyUsage))); byte value = 0; int min = 255; foreach (KeyUsage it in Enum.GetValues(typeof(KeyUsage))) { if ((it & KeyUsage) != 0) { byte val = (byte)it; value |= val; if (val < min) { min = val; } } } int offset = 7; while ((min >>= 2) != 0) { ++offset; } byte[] tmp = GXAsn1Converter.ToByteArray(new GXAsn1BitString(new byte[] { 0, value })); s1.Add(tmp); s.Add(s1); GXAsn1Sequence valid = new GXAsn1Sequence(); valid.Add(ValidFrom); valid.Add(ValidTo); object[] list; if (s.Count == 0) { list = new object[] { p, SerialNumber, new object[] { a, SignatureParameters }, GXAsn1Converter.EncodeSubject(Issuer), valid, GXAsn1Converter.EncodeSubject(Subject), subjectPKInfo }; } else { GXAsn1Context tmp2 = new GXAsn1Context(); tmp2.Index = 3; tmp2.Add(s); list = new object[] { p, SerialNumber, new object[] { a, SignatureParameters }, GXAsn1Converter.EncodeSubject(Issuer), valid, GXAsn1Converter.EncodeSubject(Subject), subjectPKInfo, tmp2 }; } return(list); }
private void Init(byte[] data) { Attributes = new List <KeyValuePair <PkcsObjectIdentifier, object[]> >(); GXAsn1Sequence seq = (GXAsn1Sequence)GXAsn1Converter.FromByteArray(data); if (seq.Count < 3) { throw new System.ArgumentException("Wrong number of elements in sequence."); } ///////////////////////////// // CertificationRequestInfo ::= SEQUENCE { // version INTEGER { v1(0) } (v1,...), // subject Name, // subjectPKInfo SubjectPublicKeyInfo{{ PKInfoAlgorithms }}, // attributes [0] Attributes{{ CRIAttributes }} // } GXAsn1Sequence reqInfo = (GXAsn1Sequence)seq[0]; Version = (CertificateVersion)(sbyte)reqInfo[0]; Subject = GXAsn1Converter.GetSubject((GXAsn1Sequence)reqInfo[1]); // subject Public key info. GXAsn1Sequence subjectPKInfo = (GXAsn1Sequence)reqInfo[2]; if (reqInfo.Count > 3) { //PkcsObjectIdentifier foreach (GXAsn1Sequence it in (GXAsn1Context)reqInfo[3]) { List <object> values = new List <object>(); foreach (object v in (List <object>)((KeyValuePair <object, object>)it[1]).Key) { values.Add(v); } Attributes.Add(new KeyValuePair <PkcsObjectIdentifier, object[]>(PkcsObjectIdentifierConverter.FromString(it[0].ToString()), values.ToArray())); } } GXAsn1Sequence tmp = (GXAsn1Sequence)subjectPKInfo[0]; Algorithm = X9ObjectIdentifierConverter.FromString(tmp[0].ToString()); if (Algorithm != X9ObjectIdentifier.IdECPublicKey) { object algorithm = Algorithm; if (Algorithm == X9ObjectIdentifier.None) { algorithm = PkcsObjectIdentifierConverter.FromString(tmp[0].ToString()); if ((PkcsObjectIdentifier)algorithm == PkcsObjectIdentifier.None) { algorithm = tmp[0].ToString(); } } throw new Exception("Invalid PKCS #10 certificate algorithm. " + algorithm); } PublicKey = GXPublicKey.FromRawBytes(((GXAsn1BitString)subjectPKInfo[1]).Value); GXEcdsa.Validate(PublicKey); ///////////////////////////// // signatureAlgorithm GXAsn1Sequence sign = (GXAsn1Sequence)seq[1]; SignatureAlgorithm = HashAlgorithmConverter.FromString(sign[0].ToString()); if (SignatureAlgorithm != HashAlgorithm.Sha256WithEcdsa && SignatureAlgorithm != HashAlgorithm.Sha384WithEcdsa) { throw new GXDLMSCertificateException("Invalid signature algorithm. " + sign[0].ToString()); } if (sign.Count != 1) { SignatureParameters = sign[1]; } ///////////////////////////// // signature Signature = ((GXAsn1BitString)seq[2]).Value; GXEcdsa e = new GXEcdsa(PublicKey); GXAsn1Sequence tmp2 = (GXAsn1Sequence)GXAsn1Converter.FromByteArray(Signature); GXByteBuffer bb = new GXByteBuffer(); int size = SignatureAlgorithm == HashAlgorithm.Sha256WithEcdsa ? 32 : 48; //Some implementations might add extra byte. It must removed. bb.Set(((GXAsn1Integer)tmp2[0]).Value, ((GXAsn1Integer)tmp2[0]).Value.Length == size ? 0 : 1, size); bb.Set(((GXAsn1Integer)tmp2[1]).Value, ((GXAsn1Integer)tmp2[1]).Value.Length == size ? 0 : 1, size); if (!e.Verify(bb.Array(), GXAsn1Converter.ToByteArray(reqInfo))) { throw new ArgumentException("Invalid Signature."); } }
// https://tools.ietf.org/html/rfc5280#section-4.1 private void Init(byte[] data) { rawData = data; GXAsn1Sequence seq = (GXAsn1Sequence)GXAsn1Converter.FromByteArray(data); if (seq.Count != 3) { throw new GXDLMSCertificateException("Invalid Certificate Version. Wrong number of elements in sequence."); } if (!(seq[0] is GXAsn1Sequence)) { PkcsType type = GXAsn1Converter.GetCertificateType(data, seq); switch (type) { case PkcsType.Pkcs8: throw new GXDLMSCertificateException("Invalid Certificate. This is PKCS 8 private key, not x509 certificate."); case PkcsType.Pkcs10: throw new GXDLMSCertificateException("Invalid Certificate. This is PKCS 10 certification requests, not x509 certificate."); } throw new GXDLMSCertificateException("Invalid Certificate Version."); } GXAsn1Sequence reqInfo = (GXAsn1Sequence)seq[0]; if ((reqInfo[0] is GXAsn1Integer)) { throw new GXDLMSCertificateException("Invalid Certificate. DLMS certificate version number must be 3."); } Version = (CertificateVersion)((GXAsn1Context)reqInfo[0])[0]; if (reqInfo[1] is sbyte) { SerialNumber = Convert.ToUInt64(reqInfo[1]); } else { SerialNumber = new BigInteger(((GXAsn1Integer)reqInfo[1]).Value); } string tmp = ((GXAsn1Sequence)reqInfo[2])[0].ToString(); // Signature Algorithm SignatureAlgorithm = HashAlgorithmConverter.FromString(tmp); if (SignatureAlgorithm != HashAlgorithm.Sha256WithEcdsa) { throw new Exception("DLMS certificate must be signed with ecdsa-with-SHA256."); } // Optional. if (((GXAsn1Sequence)reqInfo[2]).Count > 1) { SignatureParameters = ((GXAsn1Sequence)reqInfo[2])[1]; } // Issuer Issuer = GXAsn1Converter.GetSubject((GXAsn1Sequence)reqInfo[3]); bool basicConstraintsExists = false; // Validity ValidFrom = (DateTime)((GXAsn1Sequence)reqInfo[4])[0]; ValidTo = (DateTime)((GXAsn1Sequence)reqInfo[4])[1]; Subject = GXAsn1Converter.GetSubject((GXAsn1Sequence)reqInfo[5]); string CN = X509NameConverter.GetString(X509Name.CN); // Subject public key Info GXAsn1Sequence subjectPKInfo = (GXAsn1Sequence)reqInfo[6]; PublicKey = GXPublicKey.FromRawBytes(((GXAsn1BitString)subjectPKInfo[1]).Value); GXEcdsa.Validate(PublicKey); // Get Standard Extensions. if (reqInfo.Count > 7) { foreach (GXAsn1Sequence s in (GXAsn1Sequence)((GXAsn1Context)reqInfo[7])[0]) { GXAsn1ObjectIdentifier id = (GXAsn1ObjectIdentifier)s[0]; object value = s[1]; X509CertificateType t = X509CertificateTypeConverter.FromString(id.ToString()); switch (t) { case X509CertificateType.SubjectKeyIdentifier: SubjectKeyIdentifier = (byte[])value; break; case X509CertificateType.AuthorityKeyIdentifier: foreach (GXAsn1Context it in (GXAsn1Sequence)value) { switch (it.Index) { case 0: //Authority Key Identifier. AuthorityKeyIdentifier = (byte[])it[0]; break; case 1: { StringBuilder sb = new StringBuilder(); //authorityCertIssuer foreach (KeyValuePair <object, object> it2 in ((GXAsn1Sequence)((GXAsn1Context)it[0])[0])) { if (sb.Length != 0) { sb.Append(", "); } sb.Append(X509NameConverter.FromString(Convert.ToString(it2.Key))); sb.Append("="); sb.Append(Convert.ToString(it2.Value)); } AuthorityCertIssuer = sb.ToString(); } break; case 2: //Authority cert serial number . AuthorityCertificationSerialNumber = (byte[])it[0]; break; default: throw new ArgumentOutOfRangeException("Invalid context." + it.Index); } } break; case X509CertificateType.KeyUsage: if (value is GXAsn1BitString) { // critical is optional. BOOLEAN DEFAULT FALSE, KeyUsage = (KeyUsage)((GXAsn1BitString)value).ToInteger(); } else if (value is bool?) { value = s[2]; KeyUsage = (KeyUsage)((GXAsn1BitString)value).ToInteger(); } else { throw new ArgumentException("Invalid key usage."); } break; case X509CertificateType.BasicConstraints: basicConstraintsExists = true; if (value is GXAsn1Sequence) { if (((GXAsn1Sequence)value).Count != 0) { BasicConstraints = (bool)((GXAsn1Sequence)value)[0]; } } else if (value is bool?) { BasicConstraints = (bool)value; } else { throw new ArgumentException("Invalid key usage."); } break; default: System.Diagnostics.Debug.WriteLine("Unknown extensions: " + t.ToString()); break; } } } if (!basicConstraintsExists) { // Verify that subject Common Name includes system title. bool commonNameFound = false; foreach (KeyValuePair <object, object> it in (GXAsn1Sequence)reqInfo[5]) { if (CN == it.Key.ToString()) { if (Convert.ToString(it.Value).Length != 16) { throw new GXDLMSCertificateException("System title is not included in Common Name."); } commonNameFound = true; break; } } if (!commonNameFound) { throw new GXDLMSCertificateException("Common name doesn't exist."); } } if (KeyUsage == KeyUsage.None) { throw new Exception("Key usage not present. It's mandotory."); } if ((KeyUsage & (KeyUsage.KeyCertSign | KeyUsage.CrlSign)) != 0 && !basicConstraintsExists) { throw new Exception("Basic Constraints value not present. It's mandotory."); } PublicKeyAlgorithm = HashAlgorithmConverter.FromString(((GXAsn1Sequence)seq[1])[0].ToString()); if (PublicKeyAlgorithm != HashAlgorithm.Sha256WithEcdsa) { throw new Exception("DLMS certificate must be signed with ecdsa-with-SHA256."); } // Optional. if (((GXAsn1Sequence)seq[1]).Count > 1) { PublicKeyParameters = ((GXAsn1Sequence)seq[1])[1]; } ///////////////////////////// //Get signature. Signature = ((GXAsn1BitString)seq[2]).Value; }
/// <summary> /// Get data as byte array. /// </summary> /// <returns></returns> public byte[] GetData() { return(GXAsn1Converter.ToByteArray(GetDataList())); }
// https://tools.ietf.org/html/rfc5280#section-4.1 private void Init(byte[] data) { GXAsn1Sequence seq = (GXAsn1Sequence)GXAsn1Converter.FromByteArray(data); if (seq.Count != 3) { throw new ArgumentException("Wrong number of elements in sequence."); } GXAsn1Sequence reqInfo = (GXAsn1Sequence)seq[0]; Version = (CertificateVersion)((GXAsn1Context)reqInfo[0])[0]; if (reqInfo[1] is sbyte) { SerialNumber = new GXAsn1Integer(Convert.ToUInt64(reqInfo[1])); } else { SerialNumber = (GXAsn1Integer)reqInfo[1]; } string tmp = ((GXAsn1Sequence)reqInfo[2])[0].ToString(); // Signature Algorithm SignatureAlgorithm = HashAlgorithmConverter.FromString(tmp); if (SignatureAlgorithm != HashAlgorithm.Sha256withecdsa) { throw new Exception("DLMS certificate must be signed with ecdsa-with-SHA256."); } // Optional. if (((GXAsn1Sequence)reqInfo[2]).Count > 1) { SignatureParameters = ((GXAsn1Sequence)reqInfo[2])[1]; } // Issuer Issuer = GXAsn1Converter.GetSubject((GXAsn1Sequence)reqInfo[3]); // Validity ValidFrom = (DateTime)((GXAsn1Sequence)reqInfo[4])[0]; ValidTo = (DateTime)((GXAsn1Sequence)reqInfo[4])[1]; Subject = GXAsn1Converter.GetSubject((GXAsn1Sequence)reqInfo[5]); // Subject public key Info GXAsn1Sequence subjectPKInfo = (GXAsn1Sequence)reqInfo[6]; PublicKey = GXPublicKey.FromRawBytes(((GXAsn1BitString)subjectPKInfo[1]).Value); // Get Standard Extensions. if (reqInfo.Count > 7) { foreach (GXAsn1Sequence s in (GXAsn1Sequence)((GXAsn1Context)reqInfo[7])[0]) { GXAsn1ObjectIdentifier id = (GXAsn1ObjectIdentifier)s[0]; object value = s[1]; Enums.X509CertificateType t = Enums.X509CertificateTypeConverter.FromString(id.ToString()); switch (t) { case Enums.X509CertificateType.SubjectKeyIdentifier: SubjectKeyIdentifier = (byte[])value; break; case Enums.X509CertificateType.AuthorityKeyIdentifier: AuthorityKeyIdentifier = (byte[])((GXAsn1Sequence)value)[0]; break; case Enums.X509CertificateType.KeyUsage: if (value is GXAsn1BitString) { // critical is optional. BOOLEAN DEFAULT FALSE, KeyUsage = (KeyUsage)((GXAsn1BitString)value).Value[0]; } else if (value is bool?) { value = s[2]; KeyUsage = (KeyUsage)((GXAsn1BitString)value).Value[0]; } else { throw new ArgumentException("Invalid key usage."); } break; default: System.Diagnostics.Debug.WriteLine("Unknown extensions: " + t.ToString()); break; } } } if (KeyUsage == KeyUsage.None) { throw new Exception("Key usage not present."); } PublicKeySignature = HashAlgorithmConverter.FromString(((GXAsn1Sequence)seq[1])[0].ToString()); // Optional. if (((GXAsn1Sequence)seq[1]).Count > 1) { SignatureParameters = ((GXAsn1Sequence)seq[1])[1]; } // signature Signature = ((GXAsn1BitString)seq[2]).Value; }