Наследование: Org.BouncyCastle.Asn1.Asn1Encodable, IAsn1Choice
Пример #1
0
		public ResponseData(
			ResponderID         responderID,
			DerGeneralizedTime  producedAt,
			Asn1Sequence        responses,
			X509Extensions      responseExtensions)
			: this(V1, responderID, producedAt, responses, responseExtensions)
		{
		}
Пример #2
0
		public OcspIdentifier(
			ResponderID	ocspResponderID,
			DateTime	producedAt)
		{
			if (ocspResponderID == null)
				throw new ArgumentNullException();

			this.ocspResponderID = ocspResponderID;
			this.producedAt = new DerGeneralizedTime(producedAt);
		}
Пример #3
0
		private OcspIdentifier(
			Asn1Sequence seq)
		{
			if (seq == null)
				throw new ArgumentNullException("seq");
			if (seq.Count != 2)
				throw new ArgumentException("Bad sequence size: " + seq.Count, "seq");

			this.ocspResponderID = ResponderID.GetInstance(seq[0].ToAsn1Object());
			this.producedAt = (DerGeneralizedTime) seq[1].ToAsn1Object();
		}
Пример #4
0
        public RespID(
			X509Name name)
        {
            try
            {
                this.id = new ResponderID(name);
            }
            catch (Exception e)
            {
                throw new ArgumentException("can't decode name.", e);
            }
        }
Пример #5
0
		public ResponseData(
			DerInteger          version,
			ResponderID         responderID,
			DerGeneralizedTime  producedAt,
			Asn1Sequence        responses,
			X509Extensions      responseExtensions)
		{
			this.version = version;
			this.responderID = responderID;
			this.producedAt = producedAt;
			this.responses = responses;
			this.responseExtensions = responseExtensions;
		}
Пример #6
0
 public ResponseData(
     DerInteger version,
     ResponderID responderID,
     DerGeneralizedTime producedAt,
     Asn1Sequence responses,
     X509Extensions responseExtensions)
 {
     this.version            = version;
     this.responderID        = responderID;
     this.producedAt         = producedAt;
     this.responses          = responses;
     this.responseExtensions = responseExtensions;
 }
Пример #7
0
		public RespID(
			AsymmetricKeyParameter publicKey)
		{
			try
			{
				SubjectPublicKeyInfo info = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(publicKey);

				byte[] keyHash = DigestUtilities.CalculateDigest("SHA1", info.PublicKeyData.GetBytes());

				this.id = new ResponderID(new DerOctetString(keyHash));
			}
			catch (Exception e)
			{
				throw new OcspException("problem creating ID: " + e, e);
			}
		}
Пример #8
0
        public RespID(
			AsymmetricKeyParameter publicKey)
        {
            try
            {
                IDigest digest = DigestUtilities.GetDigest("SHA1");

                SubjectPublicKeyInfo info = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(publicKey);

                byte[] encoded = info.PublicKeyData.GetBytes();
                digest.BlockUpdate(encoded, 0, encoded.Length);

                byte[] hash = DigestUtilities.DoFinal(digest);

                Asn1OctetString keyHash = new DerOctetString(hash);

                this.id = new ResponderID(keyHash);
            }
            catch (Exception e)
            {
                throw new OcspException("problem creating ID: " + e, e);
            }
        }
Пример #9
0
        private ResponseData(
            Asn1Sequence seq)
        {
            int index = 0;

            Asn1Encodable enc = seq[0];

            if (enc is Asn1TaggedObject)
            {
                Asn1TaggedObject o = (Asn1TaggedObject)enc;

                if (o.TagNo == 0)
                {
                    this.versionPresent = true;
                    this.version        = DerInteger.GetInstance(o, true);
                    index++;
                }
                else
                {
                    this.version = V1;
                }
            }
            else
            {
                this.version = V1;
            }

            this.responderID = ResponderID.GetInstance(seq[index++]);
            this.producedAt  = (DerGeneralizedTime)seq[index++];
            this.responses   = (Asn1Sequence)seq[index++];

            if (seq.Count > index)
            {
                this.responseExtensions = X509Extensions.GetInstance(
                    (Asn1TaggedObject)seq[index], true);
            }
        }
Пример #10
0
        private string GetResponderName(ResponderID responderId, ref bool byKey)
        {
            Org.BouncyCastle.Asn1.DerTaggedObject dt = (Org.BouncyCastle.Asn1.DerTaggedObject)responderId.ToAsn1Object();

            if (dt.TagNo == 1)
            {
                Org.BouncyCastle.Asn1.X509.X509Name name = Org.BouncyCastle.Asn1.X509.X509Name.GetInstance(dt.GetObject());
                byKey = false;

                return name.ToString();
            }
            else if (dt.TagNo == 2)
            {
                Asn1TaggedObject tagger = (Asn1TaggedObject)responderId.ToAsn1Object();
                Asn1OctetString pubInfo = (Asn1OctetString)tagger.GetObject();
                byKey = true;

                return Convert.ToBase64String(pubInfo.GetOctets());
            }
            else
            {
                return null;
            }
        }
Пример #11
0
		private ResponseData(
			Asn1Sequence seq)
		{
			int index = 0;

			Asn1Encodable enc = seq[0];
			if (enc is Asn1TaggedObject)
			{
				Asn1TaggedObject o = (Asn1TaggedObject)enc;

				if (o.TagNo == 0)
				{
					this.versionPresent = true;
					this.version = DerInteger.GetInstance(o, true);
					index++;
				}
				else
				{
					this.version = V1;
				}
			}
			else
			{
				this.version = V1;
			}

			this.responderID = ResponderID.GetInstance(seq[index++]);
			this.producedAt = (DerGeneralizedTime)seq[index++];
			this.responses = (Asn1Sequence)seq[index++];

			if (seq.Count > index)
			{
				this.responseExtensions = X509Extensions.GetInstance(
					(Asn1TaggedObject)seq[index], true);
			}
		}
Пример #12
0
 public static ResponderID GetInstance(Asn1TaggedObject obj, bool isExplicit)
 {
     return(ResponderID.GetInstance(obj.GetObject()));
 }
Пример #13
0
		public RespID(
			X509Name name)
		{
	        this.id = new ResponderID(name);
		}
Пример #14
0
		public RespID(
			ResponderID id)
		{
			this.id = id;
		}
Пример #15
0
        private X509Certificate2[] ValidateCertificateByOCSP(UnsignedProperties unsignedProperties, X509Certificate2 client, X509Certificate2 issuer)
        {
            bool          byKey       = false;
            List <string> ocspServers = new List <string>();

            Org.BouncyCastle.X509.X509Certificate clientCert = CertUtil.ConvertToX509Certificate(client);
            Org.BouncyCastle.X509.X509Certificate issuerCert = CertUtil.ConvertToX509Certificate(issuer);

            OcspClient ocsp        = new OcspClient();
            string     certOcspUrl = ocsp.GetAuthorityInformationAccessOcspUrl(issuerCert);

            if (!string.IsNullOrEmpty(certOcspUrl))
            {
                ocspServers.Add(certOcspUrl);
            }

            foreach (var ocspUrl in _firma.OCSPServers)
            {
                ocspServers.Add(ocspUrl);
            }

            foreach (var ocspUrl in ocspServers)
            {
                byte[] resp = ocsp.QueryBinary(clientCert, issuerCert, ocspUrl);

                FirmaXadesNet.Clients.CertificateStatus status = ocsp.ProcessOcspResponse(clientCert, issuerCert, resp);

                if (status == FirmaXadesNet.Clients.CertificateStatus.Revoked)
                {
                    throw new Exception("Certificado revocado");
                }
                else if (status == FirmaXadesNet.Clients.CertificateStatus.Good)
                {
                    Org.BouncyCastle.Ocsp.OcspResp r = new OcspResp(resp);
                    byte[]        rEncoded           = r.GetEncoded();
                    BasicOcspResp or = (BasicOcspResp)r.GetResponseObject();

                    string guidOcsp = Guid.NewGuid().ToString();

                    OCSPRef ocspRef = new OCSPRef();
                    ocspRef.OCSPIdentifier.UriAttribute = "#OcspValue" + guidOcsp;
                    DigestUtil.SetCertDigest(rEncoded, _firma.RefsDigestMethod, ocspRef.CertDigest);

                    Org.BouncyCastle.Asn1.Ocsp.ResponderID rpId = or.ResponderId.ToAsn1Object();
                    string name = GetResponderName(rpId, ref byKey);

                    if (!byKey)
                    {
                        ocspRef.OCSPIdentifier.ResponderID = RevertIssuerName(name);
                    }
                    else
                    {
                        ocspRef.OCSPIdentifier.ResponderID = name;
                        ocspRef.OCSPIdentifier.ByKey       = true;
                    }

                    ocspRef.OCSPIdentifier.ProducedAt = or.ProducedAt.ToLocalTime();
                    unsignedProperties.UnsignedSignatureProperties.CompleteRevocationRefs.OCSPRefs.OCSPRefCollection.Add(ocspRef);

                    OCSPValue ocspValue = new OCSPValue();
                    ocspValue.PkiData = rEncoded;
                    ocspValue.Id      = "OcspValue" + guidOcsp;
                    unsignedProperties.UnsignedSignatureProperties.RevocationValues.OCSPValues.OCSPValueCollection.Add(ocspValue);

                    return((from cert in or.GetCerts()
                            select new X509Certificate2(cert.GetEncoded())).ToArray());
                }
            }

            throw new Exception("El certificado no ha podido ser validado");
        }
Пример #16
0
 public ResponseData(ResponderID responderID, DerGeneralizedTime producedAt, Asn1Sequence responses, X509Extensions responseExtensions)
     : this(V1, responderID, producedAt, responses, responseExtensions)
 {
 }