internal override void Encode( DerOutputStream derOut) { if (derOut is Asn1OutputStream || derOut is BerOutputStream) { derOut.WriteByte(Asn1Tags.Constructed | Asn1Tags.OctetString); derOut.WriteByte(0x80); // // write out the octet array // foreach (DerOctetString oct in this) { derOut.WriteObject(oct); } derOut.WriteByte(0x00); derOut.WriteByte(0x00); } else { base.Encode(derOut); } }
bool ValidateDEREncoding(Stream stream) { try { var asn1Stream = new Org.BouncyCastle.Asn1.Asn1InputStream(stream); var certificate = asn1Stream.ReadObject(); var derEncodedStream = new MemoryStream(); var encoder = new Org.BouncyCastle.Asn1.DerOutputStream(derEncodedStream); encoder.WriteObject(certificate); encoder.Flush(); if (stream.Length != derEncodedStream.Length) { return(false); } stream.Seek(0, SeekOrigin.Begin); derEncodedStream.Seek(0, SeekOrigin.Begin); for (int i = 0; i < stream.Length; i++) { if (stream.ReadByte() != derEncodedStream.ReadByte()) { return(false); } } } catch (Exception) { return(false); } return(true); }
/// <exception cref="System.IO.IOException"></exception> public virtual Stream OpenStream() { Stream output = new MemoryStream(); DerOutputStream derOuput = new DerOutputStream(output); derOuput.WriteObject(Asn1Object.FromByteArray(signedData.GetEncoded())); output.Seek(0, SeekOrigin.Begin); return output; }
internal BufferedBerOctetStream( BerOctetStringGenerator gen, byte[] buf) { _gen = gen; _buf = buf; _off = 0; _derOut = new DerOutputStream(_gen.Out); }
internal override void Encode( DerOutputStream derOut) { if (derOut is Asn1OutputStream || derOut is BerOutputStream) { derOut.WriteTag((byte)(Asn1Tags.Constructed | Asn1Tags.Tagged), tagNo); derOut.WriteByte(0x80); if (!IsEmpty()) { if (!explicitly) { IEnumerable eObj; if (obj is Asn1OctetString) { if (obj is BerOctetString) { eObj = (BerOctetString) obj; } else { Asn1OctetString octs = (Asn1OctetString)obj; eObj = new BerOctetString(octs.GetOctets()); } } else if (obj is Asn1Sequence) { eObj = (Asn1Sequence) obj; } else if (obj is Asn1Set) { eObj = (Asn1Set) obj; } else { throw Platform.CreateNotImplementedException(obj.GetType().Name); } foreach (Asn1Encodable o in eObj) { derOut.WriteObject(o); } } else { derOut.WriteObject(obj); } } derOut.WriteByte(0x00); derOut.WriteByte(0x00); } else { base.Encode(derOut); } }
internal override void Encode( DerOutputStream derOut) { if (parsed) { base.Encode(derOut); } else { derOut.WriteEncoded(Asn1Tags.Set | Asn1Tags.Constructed, encoded); } }
internal override void Encode( DerOutputStream derOut) { if (derOut is Asn1OutputStream || derOut is BerOutputStream) { derOut.WriteEncoded(Asn1Tags.BitString, (byte)mPadBits, mData); } else { base.Encode(derOut); } }
internal override void Encode( DerOutputStream derOut) { if (derOut is Asn1OutputStream || derOut is BerOutputStream) { derOut.WriteByte(Asn1Tags.Null); } else { base.Encode(derOut); } }
public byte[] GetEncoded( string encoding) { if (encoding.Equals(Der)) { MemoryStream bOut = new MemoryStream(); DerOutputStream dOut = new DerOutputStream(bOut); dOut.WriteObject(this); return bOut.ToArray(); } return GetEncoded(); }
internal override void Encode( DerOutputStream derOut) { lock (this) { if (encoded == null) { base.Encode(derOut); } else { derOut.WriteEncoded(Asn1Tags.Sequence | Asn1Tags.Constructed, encoded); } } }
/* * A note on the implementation: * <p> * As Der requires the constructed, definite-length model to * be used for structured types, this varies slightly from the * ASN.1 descriptions given. Rather than just outputing Set, * we also have to specify Constructed, and the objects length. */ internal override void Encode( DerOutputStream derOut) { MemoryStream bOut = new MemoryStream(); DerOutputStream dOut = new DerOutputStream(bOut); foreach (object obj in this) { dOut.WriteObject(obj); } dOut.Close(); byte[] bytes = bOut.ToArray(); derOut.WriteEncoded(Asn1Tags.Set | Asn1Tags.Constructed, bytes); }
/* * A note on the implementation: * <p> * As Der requires the constructed, definite-length model to * be used for structured types, this varies slightly from the * ASN.1 descriptions given. Rather than just outputing Sequence, * we also have to specify Constructed, and the objects length. */ internal override void Encode( DerOutputStream derOut) { // TODO Intermediate buffer could be avoided if we could calculate expected length MemoryStream bOut = new MemoryStream(); DerOutputStream dOut = new DerOutputStream(bOut); foreach (Asn1Encodable obj in this) { dOut.WriteObject(obj); } dOut.Dispose(); byte[] bytes = bOut.ToArray(); derOut.WriteEncoded(Asn1Tags.Sequence | Asn1Tags.Constructed, bytes); }
internal override void Encode( DerOutputStream derOut) { if (derOut is Asn1OutputStream || derOut is BerOutputStream) { derOut.WriteByte(Asn1Tags.Constructed | Asn1Tags.OctetString); derOut.WriteByte(0x80); // // write out the octet array // if (octs != null) { for (int i = 0; i != octs.Count; i++) { derOut.WriteObject(octs[i]); } } else { for (int i = 0; i < str.Length; i += MaxLength) { int end = System.Math.Min(str.Length, i + MaxLength); byte[] nStr = new byte[end - i]; Array.Copy(str, i, nStr, 0, nStr.Length); derOut.WriteObject(new DerOctetString(nStr)); } } derOut.WriteByte(0x00); derOut.WriteByte(0x00); } else { base.Encode(derOut); } }
public void Save( Stream stream, char[] password, SecureRandom random) { if (stream == null) throw new ArgumentNullException("stream"); if (random == null) throw new ArgumentNullException("random"); // // handle the keys // Asn1EncodableVector keyBags = new Asn1EncodableVector(); foreach (string name in keys.Keys) { byte[] kSalt = new byte[SaltSize]; random.NextBytes(kSalt); AsymmetricKeyEntry privKey = (AsymmetricKeyEntry)keys[name]; DerObjectIdentifier bagOid; Asn1Encodable bagData; if (password == null) { bagOid = PkcsObjectIdentifiers.KeyBag; bagData = PrivateKeyInfoFactory.CreatePrivateKeyInfo(privKey.Key); } else { bagOid = PkcsObjectIdentifiers.Pkcs8ShroudedKeyBag; bagData = EncryptedPrivateKeyInfoFactory.CreateEncryptedPrivateKeyInfo( keyAlgorithm, password, kSalt, MinIterations, privKey.Key); } Asn1EncodableVector kName = new Asn1EncodableVector(); foreach (string oid in privKey.BagAttributeKeys) { Asn1Encodable entry = privKey[oid]; // NB: Ignore any existing FriendlyName if (oid.Equals(PkcsObjectIdentifiers.Pkcs9AtFriendlyName.Id)) continue; kName.Add( new DerSequence( new DerObjectIdentifier(oid), new DerSet(entry))); } // // make sure we are using the local alias on store // // NB: We always set the FriendlyName based on 'name' //if (privKey[PkcsObjectIdentifiers.Pkcs9AtFriendlyName] == null) { kName.Add( new DerSequence( PkcsObjectIdentifiers.Pkcs9AtFriendlyName, new DerSet(new DerBmpString(name)))); } // // make sure we have a local key-id // if (privKey[PkcsObjectIdentifiers.Pkcs9AtLocalKeyID] == null) { X509CertificateEntry ct = GetCertificate(name); AsymmetricKeyParameter pubKey = ct.Certificate.GetPublicKey(); SubjectKeyIdentifier subjectKeyID = CreateSubjectKeyID(pubKey); kName.Add( new DerSequence( PkcsObjectIdentifiers.Pkcs9AtLocalKeyID, new DerSet(subjectKeyID))); } keyBags.Add(new SafeBag(bagOid, bagData.ToAsn1Object(), new DerSet(kName))); } byte[] keyBagsEncoding = new DerSequence(keyBags).GetDerEncoded(); ContentInfo keysInfo = new ContentInfo(PkcsObjectIdentifiers.Data, new BerOctetString(keyBagsEncoding)); // // certificate processing // byte[] cSalt = new byte[SaltSize]; random.NextBytes(cSalt); Asn1EncodableVector certBags = new Asn1EncodableVector(); Pkcs12PbeParams cParams = new Pkcs12PbeParams(cSalt, MinIterations); AlgorithmIdentifier cAlgId = new AlgorithmIdentifier(certAlgorithm, cParams.ToAsn1Object()); ISet doneCerts = new HashSet(); foreach (string name in keys.Keys) { X509CertificateEntry certEntry = GetCertificate(name); CertBag cBag = new CertBag( PkcsObjectIdentifiers.X509Certificate, new DerOctetString(certEntry.Certificate.GetEncoded())); Asn1EncodableVector fName = new Asn1EncodableVector(); foreach (string oid in certEntry.BagAttributeKeys) { Asn1Encodable entry = certEntry[oid]; // NB: Ignore any existing FriendlyName if (oid.Equals(PkcsObjectIdentifiers.Pkcs9AtFriendlyName.Id)) continue; fName.Add( new DerSequence( new DerObjectIdentifier(oid), new DerSet(entry))); } // // make sure we are using the local alias on store // // NB: We always set the FriendlyName based on 'name' //if (certEntry[PkcsObjectIdentifiers.Pkcs9AtFriendlyName] == null) { fName.Add( new DerSequence( PkcsObjectIdentifiers.Pkcs9AtFriendlyName, new DerSet(new DerBmpString(name)))); } // // make sure we have a local key-id // if (certEntry[PkcsObjectIdentifiers.Pkcs9AtLocalKeyID] == null) { AsymmetricKeyParameter pubKey = certEntry.Certificate.GetPublicKey(); SubjectKeyIdentifier subjectKeyID = CreateSubjectKeyID(pubKey); fName.Add( new DerSequence( PkcsObjectIdentifiers.Pkcs9AtLocalKeyID, new DerSet(subjectKeyID))); } certBags.Add(new SafeBag(PkcsObjectIdentifiers.CertBag, cBag.ToAsn1Object(), new DerSet(fName))); doneCerts.Add(certEntry.Certificate); } foreach (string certId in certs.Keys) { X509CertificateEntry cert = (X509CertificateEntry)certs[certId]; if (keys[certId] != null) continue; CertBag cBag = new CertBag( PkcsObjectIdentifiers.X509Certificate, new DerOctetString(cert.Certificate.GetEncoded())); Asn1EncodableVector fName = new Asn1EncodableVector(); foreach (string oid in cert.BagAttributeKeys) { // a certificate not immediately linked to a key doesn't require // a localKeyID and will confuse some PKCS12 implementations. // // If we find one, we'll prune it out. if (oid.Equals(PkcsObjectIdentifiers.Pkcs9AtLocalKeyID.Id)) continue; Asn1Encodable entry = cert[oid]; // NB: Ignore any existing FriendlyName if (oid.Equals(PkcsObjectIdentifiers.Pkcs9AtFriendlyName.Id)) continue; fName.Add( new DerSequence( new DerObjectIdentifier(oid), new DerSet(entry))); } // // make sure we are using the local alias on store // // NB: We always set the FriendlyName based on 'certId' //if (cert[PkcsObjectIdentifiers.Pkcs9AtFriendlyName] == null) { fName.Add( new DerSequence( PkcsObjectIdentifiers.Pkcs9AtFriendlyName, new DerSet(new DerBmpString(certId)))); } certBags.Add(new SafeBag(PkcsObjectIdentifiers.CertBag, cBag.ToAsn1Object(), new DerSet(fName))); doneCerts.Add(cert.Certificate); } foreach (CertId certId in chainCerts.Keys) { X509CertificateEntry cert = (X509CertificateEntry)chainCerts[certId]; if (doneCerts.Contains(cert.Certificate)) continue; CertBag cBag = new CertBag( PkcsObjectIdentifiers.X509Certificate, new DerOctetString(cert.Certificate.GetEncoded())); Asn1EncodableVector fName = new Asn1EncodableVector(); foreach (string oid in cert.BagAttributeKeys) { // a certificate not immediately linked to a key doesn't require // a localKeyID and will confuse some PKCS12 implementations. // // If we find one, we'll prune it out. if (oid.Equals(PkcsObjectIdentifiers.Pkcs9AtLocalKeyID.Id)) continue; fName.Add( new DerSequence( new DerObjectIdentifier(oid), new DerSet(cert[oid]))); } certBags.Add(new SafeBag(PkcsObjectIdentifiers.CertBag, cBag.ToAsn1Object(), new DerSet(fName))); } byte[] certBagsEncoding = new DerSequence(certBags).GetDerEncoded(); ContentInfo certsInfo; if (password == null) { certsInfo = new ContentInfo(PkcsObjectIdentifiers.Data, new BerOctetString(certBagsEncoding)); } else { byte[] certBytes = CryptPbeData(true, cAlgId, password, false, certBagsEncoding); EncryptedData cInfo = new EncryptedData(PkcsObjectIdentifiers.Data, cAlgId, new BerOctetString(certBytes)); certsInfo = new ContentInfo(PkcsObjectIdentifiers.EncryptedData, cInfo.ToAsn1Object()); } ContentInfo[] info = new ContentInfo[]{ keysInfo, certsInfo }; byte[] data = new AuthenticatedSafe(info).GetEncoded( useDerEncoding ? Asn1Encodable.Der : Asn1Encodable.Ber); ContentInfo mainInfo = new ContentInfo(PkcsObjectIdentifiers.Data, new BerOctetString(data)); // // create the mac // MacData macData = null; if (password != null) { byte[] mSalt = new byte[20]; random.NextBytes(mSalt); byte[] mac = CalculatePbeMac(OiwObjectIdentifiers.IdSha1, mSalt, MinIterations, password, false, data); AlgorithmIdentifier algId = new AlgorithmIdentifier( OiwObjectIdentifiers.IdSha1, DerNull.Instance); DigestInfo dInfo = new DigestInfo(algId, mac); macData = new MacData(dInfo, mSalt, MinIterations); } // // output the Pfx // Pfx pfx = new Pfx(mainInfo, macData); DerOutputStream derOut; if (useDerEncoding) { derOut = new DerOutputStream(stream); } else { derOut = new BerOutputStream(stream); } derOut.WriteObject(pfx); }
internal override void Encode( DerOutputStream derOut) { byte[] bytes = new byte[GetBytes().Length + 1]; bytes[0] = (byte) PadBits; Array.Copy(GetBytes(), 0, bytes, 1, bytes.Length - 1); derOut.WriteEncoded(Asn1Tags.BitString, bytes); }
// : base("X.509") /** * Creates a CertPath of the specified type. * This constructor is protected because most users should use * a CertificateFactory to create CertPaths. * * @param type the standard name of the type of Certificatesin this path **/ public PkixCertPath( Stream inStream, String encoding) { try { if (encoding.ToUpper().Equals("PkiPath".ToUpper())) { Asn1InputStream derInStream = new Asn1InputStream(inStream); Asn1Object derObject = derInStream.ReadObject(); if (!(derObject is Asn1Sequence)) { throw new CertificateException( "input stream does not contain a ASN1 SEQUENCE while reading PkiPath encoded data to load CertPath"); } IEnumerator e = ((Asn1Sequence)derObject).GetEnumerator(); Stream certInStream; MemoryStream outStream; DerOutputStream derOutStream; certificates = new ArrayList(); while (e.MoveNext()) { outStream = new MemoryStream(); derOutStream = new DerOutputStream(outStream); derOutStream.WriteObject((Asn1Encodable)e.Current); derOutStream.Close(); certInStream = new MemoryStream(outStream.ToArray(), false); certificates.Insert(0, new X509CertificateParser().ReadCertificate(certInStream)); } } else if (encoding.ToUpper().Equals("PKCS7") || encoding.ToUpper().Equals("PEM")) { inStream = new BufferedStream(inStream); certificates = new ArrayList(); X509CertificateParser certParser = new X509CertificateParser(); X509Certificate cert = null; while ((cert = certParser.ReadCertificate(inStream)) != null) { certificates.Add(cert); } } else { throw new CertificateException("unsupported encoding: " + encoding); } } catch (IOException ex) { throw new CertificateException( "IOException throw while decoding CertPath:\n" + ex.ToString()); } this.certificates = SortCerts(certificates); }
internal override void Encode( DerOutputStream derOut) { derOut.WriteEncoded(Asn1Tags.Enumerated, bytes); }
internal override void Encode( DerOutputStream derOut) { derOut.WriteEncoded(Asn1Tags.T61String, GetOctets()); }
internal override void Encode( DerOutputStream derOut) { derOut.WriteEncoded(Asn1Tags.Application | tag, octets); }
internal override void Encode(DerOutputStream derOut) { derOut.WriteEncoded(Asn1Tags.VideotexString, mString); }
internal override void Encode( DerOutputStream derOut) { derOut.WriteEncoded(Asn1Tags.UtcTime, this.GetOctets()); }
internal override void Encode( DerOutputStream derOut) { derOut.WriteEncoded(Asn1Tags.Utf8String, Encoding.UTF8.GetBytes(str)); }
internal override void Encode( DerOutputStream derOut) { derOut.WriteEncoded(Asn1Tags.Integer, bytes); }
internal abstract void Encode(DerOutputStream derOut);
internal override void Encode(DerOutputStream derOut) { derOut.WriteEncoded(0x13, this.GetOctets()); }
internal override void Encode( DerOutputStream derOut) { derOut.WriteEncoded(Asn1Tags.UniversalString, this.str); }
internal override void Encode( DerOutputStream derOut) { // TODO Should we make sure the byte value is one of '0' or '0xff' here? derOut.WriteEncoded(Asn1Tags.Boolean, new byte[]{ value }); }
internal override void Encode( DerOutputStream derOut) { derOut.WriteEncoded(Asn1Tags.IA5String, GetOctets()); }
internal override void Encode( DerOutputStream derOut) { int classBits = Asn1Tags.Application; if (isConstructed) { classBits |= Asn1Tags.Constructed; } derOut.WriteEncoded(classBits, tag, octets); }
internal override void Encode(DerOutputStream derOut) { derOut.WriteEncoded(2, bytes); }
internal override void Encode(DerOutputStream derOut) { derOut.WriteEncoded(6, this.GetBody()); }
internal override void Encode( DerOutputStream derOut) { derOut.WriteEncoded(Asn1Tags.GeneralizedTime, GetOctets()); }
internal override void Encode( DerOutputStream derOut) { derOut.WriteEncoded(isConstructed ? Asn1Tags.Constructed : 0, tag, data); }
internal override void Encode( DerOutputStream derOut) { derOut.WriteEncoded(Asn1Tags.Null, zeroBytes); }
internal override void Encode( DerOutputStream derOut) { derOut.WriteEncoded(Asn1Tags.ObjectIdentifier, GetBody()); }
internal static void Encode(DerOutputStream derOut, byte[] bytes, int offset, int length) { derOut.WriteEncoded(4, bytes, offset, length); }
internal override void Encode( DerOutputStream derOut) { // TODO Should we make sure the byte value is one of '0' or '0xff' here? derOut.WriteEncoded(Asn1Tags.Boolean, new byte[] { value }); }
internal override void Encode(DerOutputStream derOut) { derOut.WriteEncoded(28, str); }
virtual public byte[] GetEncodedRecipient(int index) { //Certificate certificate = recipient.GetX509(); PdfPublicKeyRecipient recipient = recipients[index]; byte[] cms = recipient.Cms; if (cms != null) return cms; X509Certificate certificate = recipient.Certificate; int permission = recipient.Permission;//PdfWriter.AllowCopy | PdfWriter.AllowPrinting | PdfWriter.AllowScreenReaders | PdfWriter.AllowAssembly; int revision = 3; permission |= (int)(revision==3 ? (uint)0xfffff0c0 : (uint)0xffffffc0); permission &= unchecked((int)0xfffffffc); permission += 1; byte[] pkcs7input = new byte[24]; byte one = (byte)(permission); byte two = (byte)(permission >> 8); byte three = (byte)(permission >> 16); byte four = (byte)(permission >> 24); System.Array.Copy(seed, 0, pkcs7input, 0, 20); // put this seed in the pkcs7 input pkcs7input[20] = four; pkcs7input[21] = three; pkcs7input[22] = two; pkcs7input[23] = one; Asn1Object obj = CreateDERForRecipient(pkcs7input, certificate); MemoryStream baos = new MemoryStream(); DerOutputStream k = new DerOutputStream(baos); k.WriteObject(obj); cms = baos.ToArray(); recipient.Cms = cms; return cms; }
internal override void Encode( DerOutputStream derOut) { throw new IOException("Eeek!"); }
/* * A note on the implementation: * <p> * As Der requires the constructed, definite-length model to * be used for structured types, this varies slightly from the * ASN.1 descriptions given. Rather than just outputing Set, * we also have to specify Constructed, and the objects length. */ internal override void Encode(DerOutputStream derOut) { // TODO Intermediate buffer could be avoided if we could calculate expected length using (var bOut = new MemoryStream()) { using (var dOut = new DerOutputStream(bOut)) { foreach (Asn1Encodable obj in this) { dOut.WriteObject(obj); } } var bytes = bOut.ToArray(); derOut.WriteEncoded(Asn1Tags.Set | Asn1Tags.Constructed, bytes); } }
internal override void Encode( DerOutputStream derOut) { char[] c = str.ToCharArray(); byte[] b = new byte[c.Length * 2]; for (int i = 0; i != c.Length; i++) { b[2 * i] = (byte)(c[i] >> 8); b[2 * i + 1] = (byte)c[i]; } derOut.WriteEncoded(Asn1Tags.BmpString, b); }
internal override void Encode( DerOutputStream derOut) { derOut.WriteEncoded(Asn1Tags.VisibleString, this.GetOctets()); }
internal override void Encode(DerOutputStream derOut) { derOut.WriteEncoded(5, this.zeroBytes); }