static DataTypeDescriptor() { DnsName = new DnsNameDataType(); IpAddress = new IpAddress(); Bag = new Bag(); Time = new Time(); String = new StringDataType(); Rfc822Name = new Rfc822Name(); X500Name = new X500Name(); Double = new DoubleDataType(); YearMonthDuration = new YearMonthDuration(); DaytimeDuration = new DaytimeDuration(); DateTime = new DateTime(); Date = new DateDataType(); Integer = new IntegerDataType(); Boolean = new BooleanDataType(); HexBinary = new HexBinary(); Base64Binary = new Base64Binary(); AnyUri = new AnyUri(); Function = new FunctionDataType(); }
/// <summary> /// Construct a key trans recipient ID based on the issuer and serial number of the recipient's associated certificate. /// </summary> /// <param name="issuer">The issuer of the recipient's associated certificate.</param> /// <param name="serialNumber">The serial number of the recipient's associated certificate.</param> /// <param name="subjectKeyId">The subject key identifier to use to match the recipients associated certificate.</param> public KeyTransRecipientID(X500Name issuer, BigInteger serialNumber, byte[] subjectKeyId) : this(new X509CertificateSelector(issuer, serialNumber, subjectKeyId)) { }
/// <summary> /// Construct a key trans recipient ID based on the issuer and serial number of the recipient's associated certificate. /// </summary> /// <param name="issuer">The issuer of the recipient's associated certificate.</param> /// <param name="serialNumber">The serial number of the recipient's associated certificate.</param> public KeyTransRecipientID(X500Name issuer, BigInteger serialNumber) : this(issuer, serialNumber, null) { }
/// <summary> /// Set the issuer distinguished name - the issuer is the entity whose private key is used to sign the /// certificate. /// </summary> /// <param name="issuer">The issuer name.</param> public void SetIssuerDN( X500Name issuer) { tbsGen.SetIssuer(issuer); }
/// <summary> /// Set the DN of the entity that is represented by the generated certificate's public key. /// </summary> /// <param name="subject">The X.500 name of the generated certificate's subject.</param> public void SetSubjectDN( X500Name subject) { tbsGen.SetSubject(subject); }
public AttributeCertificateIssuer( X500Name principal) { // form = new V2Form(GeneralNames.GetInstance(new DerSequence(new GeneralName(principal)))); form = new V2Form(new GeneralNames(new GeneralName(principal))); }
/* * Create an instance by decoding the provided object. * This constructor assumes ASN.1 DER encoding (not Base64, * not PEM). * * On decoding error, an AsnException is thrown. */ public X509Cert(byte[] cert) { /* * Compute thumbprint. */ thumbprint = M.DoSHA1(cert).ToUpperInvariant(); /* * Outer layer decoding and extraction of the signature * hash algorithm. */ AsnElt ac = AsnElt.Decode(cert); ac.CheckTag(AsnElt.SEQUENCE); ac.CheckNumSub(3); hashAlgorithm = GetSignHashName( new AlgorithmIdentifier(ac.GetSub(1))); /* * TBS exploration. First field is optional; if present, * it contains the certificate version. */ AsnElt atbs = ac.GetSub(0); atbs.CheckNumSubMin(6); atbs.CheckNumSubMax(10); int off = 0; if (atbs.GetSub(0).TagValue == 0) { off++; } /* * Serial numer: nominally an INTEGER, we extract the * raw bytes, because some CA wrongly use unsigned * encoding. */ AsnElt aserial = atbs.GetSub(off); aserial.CheckTag(AsnElt.INTEGER); byte[] sv = aserial.CopyValue(); int svk = 0; while (svk < sv.Length && sv[svk] == 0) { svk++; } if (svk == sv.Length) { serialHex = "00"; } else { StringBuilder sb = new StringBuilder(); while (svk < sv.Length) { sb.AppendFormat("{0:X2}", sv[svk++]); } serialHex = sb.ToString(); } /* * Issuer and subject DN. */ issuerDN = new X500Name(atbs.GetSub(off + 2)); subjectDN = new X500Name(atbs.GetSub(off + 4)); /* * Validity dates. */ AsnElt adates = atbs.GetSub(off + 3); adates.CheckTag(AsnElt.SEQUENCE); adates.CheckNumSub(2); validFrom = adates.GetSub(0).GetTime(); validTo = adates.GetSub(1).GetTime(); /* * Public key. */ AsnElt aspki = atbs.GetSub(off + 5); aspki.CheckTag(AsnElt.SEQUENCE); aspki.CheckNumSub(2); AlgorithmIdentifier kt = new AlgorithmIdentifier(aspki.GetSub(0)); AsnElt aktp = kt.Parameters; AsnElt apkv = aspki.GetSub(1); apkv.CheckTag(AsnElt.BIT_STRING); byte[] kv = apkv.GetBitString(); curveOID = null; keyType = "UNKNOWN"; keySize = 0; switch (kt.OID) { /* * RSA public keys should use the 'rsaEncryption' OID, * but some are tagged with the OAEP or the PSS OID, * to somehow specify that the RSA key should be used * only with OAEP or PSS. */ case "1.2.840.113549.1.1.1": case "1.2.840.113549.1.1.7": case "1.2.840.113549.1.1.10": keyType = "RSA"; keySize = GetRSAPublicKeySize(kv); break; /* * All DSA public keys should use that OID. */ case "1.2.840.10040.4.1": keyType = "DSA"; keySize = GetDSAPublicKeySize(aktp); break; /* * Elliptic curve keys. * We only support "normal" elliptic curve keys, not * restricted keys. * We only supported named curves (RFC 5480 forbids * explicit curve parameters). */ case "1.2.840.10045.2.1": if (aktp == null) { break; } if (aktp.TagClass != AsnElt.UNIVERSAL || aktp.TagValue != AsnElt.OBJECT_IDENTIFIER) { break; } keyType = "EC"; curveOID = aktp.GetOID(); keySize = GetCurveSize(curveOID); break; /* TODO: GOST R 34.10-94 and GOST R 34.10-2001 */ } /* * If there are extensions, process them. * extract the dNSNames. */ serverNames = null; extensions = new SortedDictionary <string, Extension>( StringComparer.Ordinal); for (int i = off + 6; i < atbs.Sub.Length; i++) { AsnElt aexts = atbs.GetSub(i); if (aexts.TagClass != AsnElt.CONTEXT || aexts.TagValue != 3) { continue; } aexts.CheckNumSub(1); aexts = aexts.GetSub(0); aexts.CheckTag(AsnElt.SEQUENCE); foreach (AsnElt aext in aexts.Sub) { aext.CheckTag(AsnElt.SEQUENCE); aext.CheckNumSubMin(2); aext.CheckNumSubMax(3); AsnElt aoid = aext.GetSub(0); aoid.CheckTag(AsnElt.OBJECT_IDENTIFIER); string oid = aoid.GetOID(); AsnElt av; bool critical = false; if (aext.Sub.Length == 2) { av = aext.GetSub(1); } else { AsnElt acrit = aext.GetSub(1); acrit.CheckTag(AsnElt.BOOLEAN); critical = acrit.GetBoolean(); av = aext.GetSub(2); } av.CheckTag(AsnElt.OCTET_STRING); Extension ext = new Extension( oid, critical, av.CopyValue()); if (extensions.ContainsKey(oid)) { throw new AsnException( "duplicate extension " + oid); } extensions[oid] = ext; ProcessExtension(ext); } } /* * If there was no SAN, or no dNSName in the SAN, then * get the Common Name from the subjectDN. */ string cn = null; foreach (DNPart dnp in subjectDN.Parts) { if (dnp.FriendlyType == DNPart.COMMON_NAME) { if (cn != null) { throw new AsnException( "multiple CN in subject DN"); } cn = dnp.Value; } } if (serverNames == null) { if (cn == null) { serverNames = new string[0]; } else { serverNames = new string[] { cn }; } } }
/** * Construct a signer ID based on the issuer and serial number of the signer's associated * certificate. * * @param issuer the issuer of the signer's associated certificate. * @param serialNumber the serial number of the signer's associated certificate. */ public X509CertificateSelector(X500Name issuer, BigInteger serialNumber) : this(issuer, serialNumber, null) { }
public void SetIssuer( X500Name issuer) { this.issuer = issuer; }
public GeneralName( X500Name directoryName) { this.obj = directoryName; this.tag = 4; }
public CrlIdentifier( X500Name crlIssuer, DateTime crlIssuedTime) : this(crlIssuer, crlIssuedTime, null) { }
public AttributeCertificateHolder( X500Name principal) { holder = new Holder(GenerateGeneralNames(principal)); }
private GeneralNames GenerateGeneralNames( X500Name principal) { // return GeneralNames.GetInstance(new DerSequence(new GeneralName(principal))); return(new GeneralNames(new GeneralName(principal))); }
public ServiceLocator( X500Name issuer) : this(issuer, null) { }
public virtual CertTemplateBuilder SetIssuer(X500Name name) { issuer = name; return(this); }
public virtual CertTemplateBuilder SetSubject(X500Name name) { subject = name; return(this); }
public void SetSubject( X500Name subject) { this.subject = subject; }
/** * Construct a signer ID based on the issuer and serial number of the signer's associated * certificate. * * @param issuer the issuer of the signer's associated certificate. * @param serialNumber the serial number of the signer's associated certificate. * @param subjectKeyId the subject key identifier to use to match the signers associated certificate. */ public X509CertificateSelector(X500Name issuer, BigInteger serialNumber, byte[] subjectKeyId) { this.issuer = issuer; this.serialNumber = serialNumber; this.subjectKeyId = subjectKeyId; }
private IssuerAndSerialNumber( Asn1Sequence seq) { this.name = X500Name.GetInstance(seq[0]); this.serialNumber = (DerInteger)seq[1]; }
public IssuerAndSerialNumber(X509CertificateStructure x509CertificateStructure) { this.name = x509CertificateStructure.Issuer; this.serialNumber = x509CertificateStructure.SerialNumber; }
public abstract string ToString(X500Name name);