/* * Create an instance over the provided ASN.1 element. If * 'checkTag' is true, then the outer tag will be checked to * match the universal tag for SEQUENCE. Set 'checkTag' to * false if the tag was already checked, or if it has been * overwritten with an implicit tag. */ internal AlgorithmIdentifier(AsnElt ai, bool checkTag) { if (checkTag) { ai.CheckTag(AsnElt.SEQUENCE); } ai.CheckNumSubMin(1); ai.CheckNumSubMax(2); AsnElt ao = ai.GetSub(0); ao.CheckTag(AsnElt.OBJECT_IDENTIFIER); oid = ao.GetOID(); if (ai.Sub.Length >= 2) { parameters = ai.GetSub(1); } else { parameters = null; } }
static string GetSignHashName(AlgorithmIdentifier ai) { switch (ai.OID) { /* * RSA PKCS#1 v1.5. */ case "1.2.840.113549.1.1.2": return("MD2"); case "1.2.840.113549.1.1.4": return("MD5"); case "1.2.840.113549.1.1.5": return("SHA-1"); case "1.2.840.113549.1.1.14": return("SHA-224"); case "1.2.840.113549.1.1.11": return("SHA-256"); case "1.2.840.113549.1.1.12": return("SHA-384"); case "1.2.840.113549.1.1.13": return("SHA-512"); /* * RSA PSS. * Parameters are: * RSASSA-PSS-params ::= SEQUENCE { * hashAlgorithm [0] HashAlgorithm DEFAULT sha1, * maskGenAlgorithm [1] MaskGenAlgorithm DEFAULT mgf1SHA1, * saltLength [2] INTEGER DEFAULT 20, * trailerField [3] TrailerField DEFAULT tfb * } * We are only interested in the first field, which is * an AlgorithmIdentifier structure. */ case "1.2.840.113549.1.1.10": AsnElt apss = ai.Parameters; if (apss == null) { return("SHA-1"); } apss.CheckNumSubMax(4); if (apss.Sub.Length == 0) { return("SHA-1"); } AsnElt apss0 = apss.GetSub(0); if (apss0.TagClass != AsnElt.CONTEXT || apss0.TagValue != 0) { return("SHA-1"); } apss0.CheckNumSub(1); AlgorithmIdentifier ahi = new AlgorithmIdentifier(apss0.GetSub(0)); return(GetHashName(ahi.OID)); /* * DSA (RFC 3279 and 5758). */ case "1.2.840.10040.4.1": AsnElt adsa = ai.Parameters; if (ai == null) { throw new AsnException( "Missing hash function for DSA"); } AlgorithmIdentifier ahd = new AlgorithmIdentifier(adsa); return(GetHashName(ahd.OID)); case "1.2.840.10040.4.3": return("SHA-1"); case "2.16.840.1.101.3.4.3.1": return("SHA-224"); case "2.16.840.1.101.3.4.3.2": return("SHA-256"); /* * ECDSA (ANSI X9.62:2005). */ case "1.2.840.10045.4.1": return("SHA-1"); case "1.2.840.10045.4.3": AsnElt aec = ai.Parameters; if (ai == null) { throw new AsnException( "Missing hash function for ECDSA"); } AlgorithmIdentifier ahe = new AlgorithmIdentifier(aec); return(GetHashName(ahe.OID)); case "1.2.840.10045.4.3.1": return("SHA-224"); case "1.2.840.10045.4.3.2": return("SHA-256"); case "1.2.840.10045.4.3.3": return("SHA-384"); case "1.2.840.10045.4.3.4": return("SHA-512"); /* TODO: GOST R 34.10-94 and GOST R 34.10-2001 */ default: return("UNKNOWN"); } }
/* * Create an instance by decoding the provided object. * This constructor assumes ASN.1 DER encoding (not Base64, * not PEM). * * On decoding error, an AsnException is thrown. */ public X509Cert(byte[] cert) { /* * Compute thumbprint. */ thumbprint = M.DoSHA1(cert).ToUpperInvariant(); /* * Outer layer decoding and extraction of the signature * hash algorithm. */ AsnElt ac = AsnElt.Decode(cert); ac.CheckTag(AsnElt.SEQUENCE); ac.CheckNumSub(3); hashAlgorithm = GetSignHashName( new AlgorithmIdentifier(ac.GetSub(1))); /* * TBS exploration. First field is optional; if present, * it contains the certificate version. */ AsnElt atbs = ac.GetSub(0); atbs.CheckNumSubMin(6); atbs.CheckNumSubMax(10); int off = 0; if (atbs.GetSub(0).TagValue == 0) { off++; } /* * Serial numer: nominally an INTEGER, we extract the * raw bytes, because some CA wrongly use unsigned * encoding. */ AsnElt aserial = atbs.GetSub(off); aserial.CheckTag(AsnElt.INTEGER); byte[] sv = aserial.CopyValue(); int svk = 0; while (svk < sv.Length && sv[svk] == 0) { svk++; } if (svk == sv.Length) { serialHex = "00"; } else { StringBuilder sb = new StringBuilder(); while (svk < sv.Length) { sb.AppendFormat("{0:X2}", sv[svk++]); } serialHex = sb.ToString(); } /* * Issuer and subject DN. */ issuerDN = new X500Name(atbs.GetSub(off + 2)); subjectDN = new X500Name(atbs.GetSub(off + 4)); /* * Validity dates. */ AsnElt adates = atbs.GetSub(off + 3); adates.CheckTag(AsnElt.SEQUENCE); adates.CheckNumSub(2); validFrom = adates.GetSub(0).GetTime(); validTo = adates.GetSub(1).GetTime(); /* * Public key. */ AsnElt aspki = atbs.GetSub(off + 5); aspki.CheckTag(AsnElt.SEQUENCE); aspki.CheckNumSub(2); AlgorithmIdentifier kt = new AlgorithmIdentifier(aspki.GetSub(0)); AsnElt aktp = kt.Parameters; AsnElt apkv = aspki.GetSub(1); apkv.CheckTag(AsnElt.BIT_STRING); byte[] kv = apkv.GetBitString(); curveOID = null; keyType = "UNKNOWN"; keySize = 0; switch (kt.OID) { /* * RSA public keys should use the 'rsaEncryption' OID, * but some are tagged with the OAEP or the PSS OID, * to somehow specify that the RSA key should be used * only with OAEP or PSS. */ case "1.2.840.113549.1.1.1": case "1.2.840.113549.1.1.7": case "1.2.840.113549.1.1.10": keyType = "RSA"; keySize = GetRSAPublicKeySize(kv); break; /* * All DSA public keys should use that OID. */ case "1.2.840.10040.4.1": keyType = "DSA"; keySize = GetDSAPublicKeySize(aktp); break; /* * Elliptic curve keys. * We only support "normal" elliptic curve keys, not * restricted keys. * We only supported named curves (RFC 5480 forbids * explicit curve parameters). */ case "1.2.840.10045.2.1": if (aktp == null) { break; } if (aktp.TagClass != AsnElt.UNIVERSAL || aktp.TagValue != AsnElt.OBJECT_IDENTIFIER) { break; } keyType = "EC"; curveOID = aktp.GetOID(); keySize = GetCurveSize(curveOID); break; /* TODO: GOST R 34.10-94 and GOST R 34.10-2001 */ } /* * If there are extensions, process them. * extract the dNSNames. */ serverNames = null; extensions = new SortedDictionary <string, Extension>( StringComparer.Ordinal); for (int i = off + 6; i < atbs.Sub.Length; i++) { AsnElt aexts = atbs.GetSub(i); if (aexts.TagClass != AsnElt.CONTEXT || aexts.TagValue != 3) { continue; } aexts.CheckNumSub(1); aexts = aexts.GetSub(0); aexts.CheckTag(AsnElt.SEQUENCE); foreach (AsnElt aext in aexts.Sub) { aext.CheckTag(AsnElt.SEQUENCE); aext.CheckNumSubMin(2); aext.CheckNumSubMax(3); AsnElt aoid = aext.GetSub(0); aoid.CheckTag(AsnElt.OBJECT_IDENTIFIER); string oid = aoid.GetOID(); AsnElt av; bool critical = false; if (aext.Sub.Length == 2) { av = aext.GetSub(1); } else { AsnElt acrit = aext.GetSub(1); acrit.CheckTag(AsnElt.BOOLEAN); critical = acrit.GetBoolean(); av = aext.GetSub(2); } av.CheckTag(AsnElt.OCTET_STRING); Extension ext = new Extension( oid, critical, av.CopyValue()); if (extensions.ContainsKey(oid)) { throw new AsnException( "duplicate extension " + oid); } extensions[oid] = ext; ProcessExtension(ext); } } /* * If there was no SAN, or no dNSName in the SAN, then * get the Common Name from the subjectDN. */ string cn = null; foreach (DNPart dnp in subjectDN.Parts) { if (dnp.FriendlyType == DNPart.COMMON_NAME) { if (cn != null) { throw new AsnException( "multiple CN in subject DN"); } cn = dnp.Value; } } if (serverNames == null) { if (cn == null) { serverNames = new string[0]; } else { serverNames = new string[] { cn }; } } }