Exemplo n.º 1
0
        protected override ASN1 ToBeSigned(string oid)
        {
            // TBSCertificate
            ASN1 tbsCert = new ASN1(0x30);

            if (version > 1)
            {
                // TBSCertificate / [0] Version DEFAULT v1,
                byte[] ver = { (byte)(version - 1) };
                ASN1   v   = tbsCert.Add(new ASN1(0xA0));
                v.Add(new ASN1(0x02, ver));
            }

            // TBSCertificate / CertificateSerialNumber,
            tbsCert.Add(new ASN1(0x02, sn));

            // TBSCertificate / AlgorithmIdentifier,
            tbsCert.Add(PKCS7.AlgorithmIdentifier(oid));

            // TBSCertificate / Name
            tbsCert.Add(X501.FromString(issuer));

            // TBSCertificate / Validity
            ASN1 validity = tbsCert.Add(new ASN1(0x30));

            // TBSCertificate / Validity / Time
            validity.Add(ASN1Convert.FromDateTime(notBefore));
            // TBSCertificate / Validity / Time
            validity.Add(ASN1Convert.FromDateTime(notAfter));

            // TBSCertificate / Name
            tbsCert.Add(X501.FromString(subject));

            // TBSCertificate / SubjectPublicKeyInfo
            tbsCert.Add(SubjectPublicKeyInfo());

            if (version > 1)
            {
                // TBSCertificate / [1]  IMPLICIT UniqueIdentifier OPTIONAL
                if (issuerUniqueID != null)
                {
                    tbsCert.Add(new ASN1(0xA1, UniqueIdentifier(issuerUniqueID)));
                }

                // TBSCertificate / [2]  IMPLICIT UniqueIdentifier OPTIONAL
                if (subjectUniqueID != null)
                {
                    tbsCert.Add(new ASN1(0xA1, UniqueIdentifier(subjectUniqueID)));
                }

                // TBSCertificate / [3]  Extensions OPTIONAL
                if ((version > 2) && (extensions.Count > 0))
                {
                    tbsCert.Add(new ASN1(0xA3, extensions.GetBytes()));
                }
            }

            return(tbsCert);
        }
Exemplo n.º 2
0
            public RecipientInfo(ASN1 data)
            {
                if (data.Tag != 0x30)
                {
                    throw new ArgumentException("Invalid RecipientInfo");
                }

                ASN1 version = data [0];

                if (version.Tag != 0x02)
                {
                    throw new ArgumentException("missing Version");
                }
                _version = version.Value [0];

                // issuerAndSerialNumber IssuerAndSerialNumber
                ASN1 subjectIdentifierType = data [1];

                if ((subjectIdentifierType.Tag == 0x80) && (_version == 3))
                {
                    _ski = subjectIdentifierType.Value;
                }
                else
                {
                    _issuer = X501.ToString(subjectIdentifierType [0]);
                    _serial = subjectIdentifierType [1].Value;
                }

                ASN1 keyEncryptionAlgorithm = data [2];

                _oid = ASN1Convert.ToOid(keyEncryptionAlgorithm [0]);

                ASN1 encryptedKey = data [3];

                _key = encryptedKey.Value;
            }
Exemplo n.º 3
0
            // TODO: INCOMPLETE
            public SignerInfo(ASN1 asn1) : this()
            {
                if ((asn1[0].Tag != 0x30) || (asn1[0].Count < 5))
                {
                    throw new ArgumentException("Invalid SignedData");
                }

                // version Version
                if (asn1[0][0].Tag != 0x02)
                {
                    throw new ArgumentException("Invalid version");
                }
                version = asn1[0][0].Value[0];

                // issuerAndSerialNumber IssuerAndSerialNumber
                ASN1 subjectIdentifierType = asn1 [0][1];

                if ((subjectIdentifierType.Tag == 0x80) && (version == 3))
                {
                    ski = subjectIdentifierType.Value;
                }
                else
                {
                    issuer = X501.ToString(subjectIdentifierType [0]);
                    serial = subjectIdentifierType [1].Value;
                }

                // digestAlgorithm DigestAlgorithmIdentifier
                ASN1 digestAlgorithm = asn1 [0][2];

                hashAlgorithm = ASN1Convert.ToOid(digestAlgorithm [0]);

                // authenticatedAttributes [0] IMPLICIT Attributes OPTIONAL
                int  n = 3;
                ASN1 authAttributes = asn1 [0][n];

                if (authAttributes.Tag == 0xA0)
                {
                    n++;
                    for (int i = 0; i < authAttributes.Count; i++)
                    {
                        authenticatedAttributes.Add(authAttributes [i]);
                    }
                }

                // digestEncryptionAlgorithm DigestEncryptionAlgorithmIdentifier
                n++;
                // ASN1 digestEncryptionAlgorithm = asn1 [0][n++];
                // string digestEncryptionAlgorithmOid = ASN1Convert.ToOid (digestEncryptionAlgorithm [0]);

                // encryptedDigest EncryptedDigest
                ASN1 encryptedDigest = asn1 [0][n++];

                if (encryptedDigest.Tag == 0x04)
                {
                    signature = encryptedDigest.Value;
                }

                // unauthenticatedAttributes [1] IMPLICIT Attributes OPTIONAL
                ASN1 unauthAttributes = asn1 [0][n];

                if ((unauthAttributes != null) && (unauthAttributes.Tag == 0xA1))
                {
                    for (int i = 0; i < unauthAttributes.Count; i++)
                    {
                        unauthenticatedAttributes.Add(unauthAttributes [i]);
                    }
                }
            }
Exemplo n.º 4
0
        // that's were the real job is!
        private void Parse(byte[] data)
        {
            try {
                decoder = new ASN1(data);
                // Certificate
                if (decoder.Tag != 0x30)
                {
                    throw new CryptographicException(encoding_error);
                }
                // Certificate / TBSCertificate
                if (decoder [0].Tag != 0x30)
                {
                    throw new CryptographicException(encoding_error);
                }

                ASN1 tbsCertificate = decoder [0];

                int tbs = 0;
                // Certificate / TBSCertificate / Version
                ASN1 v = decoder [0][tbs];
                version = 1;                                    // DEFAULT v1
                if ((v.Tag == 0xA0) && (v.Count > 0))
                {
                    // version (optional) is present only in v2+ certs
                    version += v [0].Value [0];                         // zero based
                    tbs++;
                }

                // Certificate / TBSCertificate / CertificateSerialNumber
                ASN1 sn = decoder [0][tbs++];
                if (sn.Tag != 0x02)
                {
                    throw new CryptographicException(encoding_error);
                }
                serialnumber = sn.Value;
                Array.Reverse(serialnumber, 0, serialnumber.Length);

                // Certificate / TBSCertificate / AlgorithmIdentifier
                tbs++;
                // ASN1 signatureAlgo = tbsCertificate.Element (tbs++, 0x30);

                issuer       = tbsCertificate.Element(tbs++, 0x30);
                m_issuername = X501.ToString(issuer);

                ASN1 validity  = tbsCertificate.Element(tbs++, 0x30);
                ASN1 notBefore = validity [0];
                m_from = ASN1Convert.ToDateTime(notBefore);
                ASN1 notAfter = validity [1];
                m_until = ASN1Convert.ToDateTime(notAfter);

                subject   = tbsCertificate.Element(tbs++, 0x30);
                m_subject = X501.ToString(subject);

                ASN1 subjectPublicKeyInfo = tbsCertificate.Element(tbs++, 0x30);

                ASN1 algorithm = subjectPublicKeyInfo.Element(0, 0x30);
                ASN1 algo      = algorithm.Element(0, 0x06);
                m_keyalgo = ASN1Convert.ToOid(algo);
                // parameters ANY DEFINED BY algorithm OPTIONAL
                // so we dont ask for a specific (Element) type and return DER
                ASN1 parameters = algorithm [1];
                m_keyalgoparams = ((algorithm.Count > 1) ? parameters.GetBytes() : null);

                ASN1 subjectPublicKey = subjectPublicKeyInfo.Element(1, 0x03);
                // we must drop th first byte (which is the number of unused bits
                // in the BITSTRING)
                int n = subjectPublicKey.Length - 1;
                m_publickey = new byte [n];
                Buffer.BlockCopy(subjectPublicKey.Value, 1, m_publickey, 0, n);

                // signature processing
                byte[] bitstring = decoder [2].Value;
                // first byte contains unused bits in first byte
                signature = new byte [bitstring.Length - 1];
                Buffer.BlockCopy(bitstring, 1, signature, 0, signature.Length);

                algorithm       = decoder [1];
                algo            = algorithm.Element(0, 0x06);
                m_signaturealgo = ASN1Convert.ToOid(algo);
                parameters      = algorithm [1];
                if (parameters != null)
                {
                    m_signaturealgoparams = parameters.GetBytes();
                }
                else
                {
                    m_signaturealgoparams = null;
                }

                // Certificate / TBSCertificate / issuerUniqueID
                ASN1 issuerUID = tbsCertificate.Element(tbs, 0x81);
                if (issuerUID != null)
                {
                    tbs++;
                    issuerUniqueID = issuerUID.Value;
                }

                // Certificate / TBSCertificate / subjectUniqueID
                ASN1 subjectUID = tbsCertificate.Element(tbs, 0x82);
                if (subjectUID != null)
                {
                    tbs++;
                    subjectUniqueID = subjectUID.Value;
                }

                // Certificate / TBSCertificate / Extensions
                ASN1 extns = tbsCertificate.Element(tbs, 0xA3);
                if ((extns != null) && (extns.Count == 1))
                {
                    extensions = new X509ExtensionCollection(extns [0]);
                }
                else
                {
                    extensions = new X509ExtensionCollection(null);
                }

                // keep a copy of the original data
                m_encodedcert = (byte[])data.Clone();
            }
            catch (Exception ex) {
                throw new CryptographicException(encoding_error, ex);
            }
        }